Update to handle f2b_diable with s6rc init. Include #565.

root/etc/cont-init.d/98-crowdsec

@@ -1,4 +1,5 @@
 #!/usr/bin/with-contenv bash
+# shellcheck shell=bash
 
 CONFIG_PATH="/config/crowdsec/"
 LIB_PATH="/usr/local/lua/crowdsec/"
@@ -21,7 +22,7 @@ apk add -U --upgrade --no-cache \
     nginx-mod-http-lua
 
 # Download nginx bouncer
-if [ -z ${CROWDSEC_VERSION+x} ]; then \
+if [[ -z ${CROWDSEC_VERSION+x} ]]; then \
     CROWDSEC_VERSION=$(curl -sX GET "https://api.github.com/repos/crowdsecurity/cs-nginx-bouncer/releases/latest" | awk '/tag_name/{print $4;exit}' FS='[""]');
 fi
 
@@ -36,7 +37,7 @@ tar xf \
     /tmp/crowdsec --strip-components=1
 
 mkdir -p "${CONFIG_PATH}"
-if [ ! -f "${CONFIG_PATH}crowdsec-nginx-bouncer.conf" ]; then \
+if [[ ! -f "${CONFIG_PATH}crowdsec-nginx-bouncer.conf" ]]; then \
     cp /tmp/crowdsec/lua-mod/config_example.conf "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"
 fi
 
@@ -48,6 +49,10 @@ sed -i -r "s|API_URL=.*$|API_URL=${CROWDSEC_LAPI_URL}|" "${CONFIG_PATH}crowdsec-
 sed -i -r "s|SECRET_KEY=.*$|SECRET_KEY=${CROWDSEC_SECRET_KEY}|" "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"
 sed -i -r "s|SITE_KEY=.*$|SITE_KEY=${CROWDSEC_SITE_KEY}|" "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"
 
+# Sed in CROWDSEC_MODE and UPDATE_FREQUENCY, if defined in the env, defaults to live and 10s
+sed -i -r "s|MODE=.*$|MODE=${CROWDSEC_MODE:-live}|" "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"
+sed -i -r "s|UPDATE_FREQUENCY=.*$|UPDATE_FREQUENCY=${CROWDSEC_UPDATE_FREQUENCY:-10}|" "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"
+
 # Change config path
 sed -i "s|/etc/crowdsec/bouncers/|${CONFIG_PATH}|" /tmp/crowdsec/nginx/crowdsec_nginx.conf
 

root/etc/s6-overlay/s6-rc.d/init-mod-swag-crowdsec-f2b/run

@@ -0,0 +1,8 @@
+#!/usr/bin/with-contenv bash
+# shellcheck shell=bash
+
+# Disable f2b if requested
+if [[ ${CROWDSEC_F2B_DISABLE,,} == "true" ]]; then
+    echo "**** Disabling fail2ban Service ****"
+    s6-svc -d /run/service/svc-fail2ban
+fi

root/etc/s6-overlay/s6-rc.d/init-mod-swag-crowdsec-f2b/type

@@ -0,0 +1 @@
+oneshot

root/etc/s6-overlay/s6-rc.d/init-mod-swag-crowdsec-f2b/up

@@ -0,0 +1 @@
+/etc/s6-overlay/s6-rc.d/init-mod-swag-crowdsec-f2b/run

root/etc/s6-overlay/s6-rc.d/init-mod-swag-crowdsec/run

@@ -1,4 +1,5 @@
 #!/usr/bin/with-contenv bash
+# shellcheck shell=bash
 
 CONFIG_PATH="/config/crowdsec/"
 LIB_PATH="/usr/local/lua/crowdsec/"
@@ -21,7 +22,7 @@ echo "\
     nginx-mod-http-lua" >> /mod-repo-packages-to-install.list
 
 # Download nginx bouncer
-if [ -z ${CROWDSEC_VERSION+x} ]; then \
+if [[ -z ${CROWDSEC_VERSION+x} ]]; then \
     CROWDSEC_VERSION=$(curl -sX GET "https://api.github.com/repos/crowdsecurity/cs-nginx-bouncer/releases/latest" | awk '/tag_name/{print $4;exit}' FS='[""]');
 fi
 
@@ -36,7 +37,7 @@ tar xf \
     /tmp/crowdsec --strip-components=1
 
 mkdir -p "${CONFIG_PATH}"
-if [ ! -f "${CONFIG_PATH}crowdsec-nginx-bouncer.conf" ]; then \
+if [[ ! -f "${CONFIG_PATH}crowdsec-nginx-bouncer.conf" ]]; then \
     cp /tmp/crowdsec/lua-mod/config_example.conf "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"
 fi
 
@@ -48,6 +49,10 @@ sed -i -r "s|API_URL=.*$|API_URL=${CROWDSEC_LAPI_URL}|" "${CONFIG_PATH}crowdsec-
 sed -i -r "s|SECRET_KEY=.*$|SECRET_KEY=${CROWDSEC_SECRET_KEY}|" "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"
 sed -i -r "s|SITE_KEY=.*$|SITE_KEY=${CROWDSEC_SITE_KEY}|" "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"
 
+# Sed in CROWDSEC_MODE and UPDATE_FREQUENCY, if defined in the env, defaults to live and 10s
+sed -i -r "s|MODE=.*$|MODE=${CROWDSEC_MODE:-live}|" "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"
+sed -i -r "s|UPDATE_FREQUENCY=.*$|UPDATE_FREQUENCY=${CROWDSEC_UPDATE_FREQUENCY:-10}|" "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"
+
 # Change config path
 sed -i "s|/etc/crowdsec/bouncers/|${CONFIG_PATH}|" /tmp/crowdsec/nginx/crowdsec_nginx.conf
 
@@ -84,10 +89,4 @@ rm -rf \
     /tmp/crowdsec \
     /tmp/crowdsec.tar.gz
 
-# Disable f2b if requested
-if [[ $CROWDSEC_F2B_DISABLE == "true" ]]; then
-    echo "**** Disabling fail2ban Service ****"
-    touch /etc/services.d/fail2ban/down
-fi
-
 echo "**** Successfully configured CrowdSec nginx Bouncer ${CROWDSEC_VERSION} ****"