mirror of
https://github.com/TrezOne/docker-mods-uptime-kuma-timeout-fix.git
synced 2026-07-19 18:03:01 -04:00
108 lines
5.2 KiB
Plaintext
Executable File
108 lines
5.2 KiB
Plaintext
Executable File
#!/usr/bin/with-contenv bash
|
|
# shellcheck shell=bash
|
|
|
|
CONFIG_PATH="/config/crowdsec/"
|
|
LIB_PATH="/usr/local/lua/crowdsec/"
|
|
DATA_PATH="/var/lib/crowdsec/lua/"
|
|
|
|
echo "**** Configuring CrowdSec nginx Bouncer ****"
|
|
|
|
# If API keys are missing, disable mod and exit
|
|
if [[ -z $CROWDSEC_API_KEY ]] || [[ -z $CROWDSEC_LAPI_URL ]]; then
|
|
echo "**** Missing API key or CrowdSec LAPI URL, cannot configure bouncer ****"
|
|
exit 1
|
|
fi
|
|
|
|
echo "\
|
|
gettext \
|
|
lua5.1 \
|
|
lua5.1-cjson \
|
|
lua-resty-http \
|
|
lua-resty-string \
|
|
lua-sec \
|
|
nginx-mod-http-lua" >> /mod-repo-packages-to-install.list
|
|
|
|
# Extract nginx bouncer
|
|
mkdir -p /tmp/crowdsec
|
|
|
|
tar xf \
|
|
/crowdsec-nginx-bouncer.tgz -C \
|
|
/tmp/crowdsec --strip-components=1
|
|
|
|
mkdir -p "${CONFIG_PATH}"
|
|
if [[ ! -f "${CONFIG_PATH}crowdsec-nginx-bouncer.conf" ]]; then \
|
|
cp /tmp/crowdsec/lua-mod/config_example.conf "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"
|
|
fi
|
|
|
|
# Inject API keys into config file
|
|
sed -i -r "s|API_KEY=.*$|API_KEY=${CROWDSEC_API_KEY}|" "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"
|
|
sed -i -r "s|API_URL=.*$|API_URL=${CROWDSEC_LAPI_URL}|" "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"
|
|
|
|
# Sed in ReCaptcha settings
|
|
sed -i -r "s|SECRET_KEY=.*$|SECRET_KEY=${CROWDSEC_SECRET_KEY}|" "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"
|
|
sed -i -r "s|SITE_KEY=.*$|SITE_KEY=${CROWDSEC_SITE_KEY}|" "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"
|
|
sed -i -r "s|CAPTCHA_PROVIDER=.*$|CAPTCHA_PROVIDER=${CROWDSEC_CAPTCHA_PROVIDER}|" "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"
|
|
|
|
# Sed in CROWDSEC_MODE and UPDATE_FREQUENCY, if defined in the env, defaults to live and 10s
|
|
sed -i -r "s|MODE=.*$|MODE=${CROWDSEC_MODE:-live}|" "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"
|
|
sed -i -r "s|UPDATE_FREQUENCY=.*$|UPDATE_FREQUENCY=${CROWDSEC_UPDATE_FREQUENCY:-10}|" "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"
|
|
|
|
if grep -q "^APPSEC_URL=" "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"; then
|
|
sed -i -r "s|APPSEC_URL=.*$|APPSEC_URL=${CROWDSEC_APPSEC_URL}|" "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"
|
|
else
|
|
echo "APPSEC_URL=${CROWDSEC_APPSEC_URL}" >> "${CONFIG_PATH}crowdsec-nginx-bouncer.conf"
|
|
fi
|
|
|
|
# Change config path
|
|
sed -i "s|/etc/crowdsec/bouncers/|${CONFIG_PATH}|" /tmp/crowdsec/nginx/crowdsec_nginx.conf
|
|
|
|
# Copy files
|
|
mkdir -p ${DATA_PATH}/templates/
|
|
cp -r /tmp/crowdsec/lua-mod/templates/* ${DATA_PATH}/templates/
|
|
|
|
mkdir -p ${LIB_PATH}plugins/crowdsec
|
|
cp -r /tmp/crowdsec/lua-mod/lib/* ${LIB_PATH}
|
|
|
|
cp /tmp/crowdsec/nginx/crowdsec_nginx.conf /etc/nginx/http.d
|
|
|
|
# Sed in crowdsec include
|
|
if ! grep -q '[^#]include /etc/nginx/http.d/\*.conf;' '/config/nginx/nginx.conf' && ! grep -q '[^#]include /etc/nginx/conf.d/\*.conf;' '/config/nginx/nginx.conf'; then
|
|
if grep -q '#include /etc/nginx/http.d/\*.conf;' '/config/nginx/nginx.conf'; then
|
|
# Enable http.d include
|
|
sed -i 's|#include /etc/nginx/http.d/\*.conf;|include /etc/nginx/http.d/\*.conf;|' /config/nginx/nginx.conf
|
|
else
|
|
# Warn about missing http.d include
|
|
echo "
|
|
┌──────────────────────────────────────────────────────────────────┐
|
|
│ Warning: Your nginx.conf is missing required settings │
|
|
│ Please add: │
|
|
│ include /etc/nginx/http.d/*.conf; │
|
|
│ to the http{} block and restart the container. │
|
|
│ │
|
|
│ The CrowdSec bouncer will not function until this is done. │
|
|
└──────────────────────────────────────────────────────────────────┘
|
|
"
|
|
fi
|
|
fi
|
|
|
|
# Clean up
|
|
rm -rf \
|
|
/tmp/crowdsec \
|
|
/crowdsec-nginx-bouncer.tgz
|
|
|
|
if [[ -n ${CROWDSEC_VERSION} ]]; then
|
|
echo "
|
|
┌─────────────────────────────────────────────────────────────────────────┐
|
|
│ !! ATTENTION !! │
|
|
│ │
|
|
│ This mod will ignore the │
|
|
│ CROWDSEC_VERSION environment variable │
|
|
│ │
|
|
│ Versioning is now handled by mod tags │
|
|
│ See https://hub.docker.com/r/linuxserver/mods/tags?name=swag-crowdsec-v │
|
|
│ For a list of all available tags │
|
|
└─────────────────────────────────────────────────────────────────────────┘"
|
|
fi
|
|
|
|
echo "**** Successfully configured CrowdSec nginx Bouncer ${CROWDSEC_VERSION} ****"
|