crowdsec/debian/postinst

#!/bin/sh

COLLECTIONS=false
set -e

# Source debconf library.
. /usr/share/debconf/confmodule

if [ "$1" = configure ]; then
    if [ ! -d /var/lib/crowdsec/data ]; then
        mkdir -p /var/lib/crowdsec/data
    fi

    if [ -d /var/lib/crowdsec/backup ]; then
        cscli config restore /var/lib/crowdsec/backup/backup.config
        rm -rf /var/lib/crowdsec/backup
        /usr/bin/cscli hub update
        /usr/bin/cscli hub upgrade
        systemctl start crowdsec
    fi

    if ! find /etc/crowdsec/acquis.d -maxdepth 1 -type f -name '*' 2>/dev/null | grep -q '.'; then
        echo Creating /etc/crowdsec/acquis.d
        mkdir -p /etc/crowdsec/acquis.d
        cscli setup detect >/etc/crowdsec/.setup.yaml
        cscli setup install-hub /etc/crowdsec/.setup.yaml
        cscli setup datasources /etc/crowdsec/.setup.yaml --to-dir /etc/crowdsec/acquis.d
    fi

    if [ -f /etc/crowdsec/local_api_credentials.yaml ] ; then
        chmod 600 /etc/crowdsec/local_api_credentials.yaml
    fi

    if [ -f /etc/crowdsec/online_api_credentials.yaml ]; then
        chmod 600 /etc/crowdsec/online_api_credentials.yaml
    fi

    if [ ! -f /etc/crowdsec/local_api_credentials.yaml ] || [ ! -f /etc/crowdsec/online_api_credentials.yaml ]; then
        if [ ! -f /etc/crowdsec/local_api_credentials.yaml ] ; then
            install -m 600 /dev/null  /etc/crowdsec/local_api_credentials.yaml
        fi
        if [ ! -f /etc/crowdsec/online_api_credentials.yaml ] ; then
            install -m 600 /dev/null  /etc/crowdsec/online_api_credentials.yaml
        fi

        db_input medium crowdsec/lapi || true
        db_go || true

        db_get crowdsec/lapi
        LAPI=$RET

        if  [ "$LAPI" = true ]; then
            db_input medium crowdsec/capi || true
            db_go || true

            db_get crowdsec/capi
            CAPI=$RET

            cscli machines add -a

            if [ "$CAPI" = true ]; then
                cscli capi register
            fi

        else
            db_input medium crowdsec/lapi_host || true
            db_go || true

            db_get crowdsec/lapi_host
            LAPI_HOST=$RET
            sed -i "s/127.0.0.1:8080/$LAPI_HOST/g" /etc/crowdsec/config.yaml
        fi
    fi

    echo Updating hub
    /usr/bin/cscli hub update
    if [ "$COLLECTIONS" = true ]; then
        set +e
        CSCLI_BIN_INSTALLED="/usr/bin/cscli" SILENT=true install_collection
        set -e
    fi


    if [[ -f /var/lib/crowdsec/data/crowdsec.db.backup ]]; then
        cp /var/lib/crowdsec/data/crowdsec.db.backup /var/lib/crowdsec/data/crowdsec.db
        rm -f /var/lib/crowdsec/data/crowdsec.db.backup
    fi

    systemctl --quiet is-enabled crowdsec || systemctl unmask crowdsec && systemctl enable crowdsec

    API=$(cscli config show --key "Config.API.Server")
    if [ "$API" = "<nil>" ] ; then
        LAPI=false
    else
        PORT=$(cscli config show --key "Config.API.Server.ListenURI"|cut -d ":" -f2)
    fi
    if [ "$LAPI" = false ] || [ -z "$(ss -nlt "sport = ${PORT}" | grep -v ^State)" ]  ; then
        systemctl start crowdsec
    else
        echo "Not attempting to start crowdsec, port ${PORT} is already used or lapi was disabled"
        echo "This port is configured through /etc/crowdsec/config.yaml and /etc/crowdsec/local_api_credentials.yaml"
    fi
fi

echo "You can always run the configuration again interactively by using '/usr/share/crowdsec/wizard.sh -c"
cscli setup 2022-06-21 12:53:51 +00:00			`#!/bin/sh`
import debian & rpm sources (#898) 2021-08-18 11:57:06 +00:00
			`COLLECTIONS=false`
			`set -e`

			`# Source debconf library.`
			`. /usr/share/debconf/confmodule`

			`if [ "$1" = configure ]; then`
cscli setup 2022-06-21 12:53:51 +00:00			`if [ ! -d /var/lib/crowdsec/data ]; then`
import debian & rpm sources (#898) 2021-08-18 11:57:06 +00:00			`mkdir -p /var/lib/crowdsec/data`
			`fi`

cscli setup 2022-06-21 12:53:51 +00:00			`if [ -d /var/lib/crowdsec/backup ]; then`
import debian & rpm sources (#898) 2021-08-18 11:57:06 +00:00			`cscli config restore /var/lib/crowdsec/backup/backup.config`
			`rm -rf /var/lib/crowdsec/backup`
			`/usr/bin/cscli hub update`
			`/usr/bin/cscli hub upgrade`
			`systemctl start crowdsec`
			`fi`
string comparison fix (#1220) 2022-02-01 08:55:28 +00:00
cscli setup 2022-06-21 12:53:51 +00:00			`if ! find /etc/crowdsec/acquis.d -maxdepth 1 -type f -name '*' 2>/dev/null \| grep -q '.'; then`
			`echo Creating /etc/crowdsec/acquis.d`
			`mkdir -p /etc/crowdsec/acquis.d`
			`cscli setup detect >/etc/crowdsec/.setup.yaml`
			`cscli setup install-hub /etc/crowdsec/.setup.yaml`
			`cscli setup datasources /etc/crowdsec/.setup.yaml --to-dir /etc/crowdsec/acquis.d`
import debian & rpm sources (#898) 2021-08-18 11:57:06 +00:00			`fi`
fix perms in package installation (#1012) * fix perms Co-authored-by: sabban <15465465+sabban@users.noreply.github.com> 2021-10-22 08:14:15 +00:00
cscli setup 2022-06-21 12:53:51 +00:00			`if [ -f /etc/crowdsec/local_api_credentials.yaml ] ; then`
fix perms in package installation (#1012) * fix perms Co-authored-by: sabban <15465465+sabban@users.noreply.github.com> 2021-10-22 08:14:15 +00:00			`chmod 600 /etc/crowdsec/local_api_credentials.yaml`
			`fi`

cscli setup 2022-06-21 12:53:51 +00:00			`if [ -f /etc/crowdsec/online_api_credentials.yaml ]; then`
fix perms in package installation (#1012) * fix perms Co-authored-by: sabban <15465465+sabban@users.noreply.github.com> 2021-10-22 08:14:15 +00:00			`chmod 600 /etc/crowdsec/online_api_credentials.yaml`
			`fi`
string comparison fix (#1220) 2022-02-01 08:55:28 +00:00
cscli setup 2022-06-21 12:53:51 +00:00			`if [ ! -f /etc/crowdsec/local_api_credentials.yaml ] \|\| [ ! -f /etc/crowdsec/online_api_credentials.yaml ]; then`
			`if [ ! -f /etc/crowdsec/local_api_credentials.yaml ] ; then`
fix perms in package installation (#1012) * fix perms Co-authored-by: sabban <15465465+sabban@users.noreply.github.com> 2021-10-22 08:14:15 +00:00			`install -m 600 /dev/null /etc/crowdsec/local_api_credentials.yaml`
			`fi`
cscli setup 2022-06-21 12:53:51 +00:00			`if [ ! -f /etc/crowdsec/online_api_credentials.yaml ] ; then`
fix perms in package installation (#1012) * fix perms Co-authored-by: sabban <15465465+sabban@users.noreply.github.com> 2021-10-22 08:14:15 +00:00			`install -m 600 /dev/null /etc/crowdsec/online_api_credentials.yaml`
			`fi`

import debian & rpm sources (#898) 2021-08-18 11:57:06 +00:00			`db_input medium crowdsec/lapi \|\| true`
			`db_go \|\| true`
string comparison fix (#1220) 2022-02-01 08:55:28 +00:00
import debian & rpm sources (#898) 2021-08-18 11:57:06 +00:00			`db_get crowdsec/lapi`
			`LAPI=$RET`

			`if [ "$LAPI" = true ]; then`
			`db_input medium crowdsec/capi \|\| true`
			`db_go \|\| true`
string comparison fix (#1220) 2022-02-01 08:55:28 +00:00
import debian & rpm sources (#898) 2021-08-18 11:57:06 +00:00			`db_get crowdsec/capi`
			`CAPI=$RET`
string comparison fix (#1220) 2022-02-01 08:55:28 +00:00
import debian & rpm sources (#898) 2021-08-18 11:57:06 +00:00			`cscli machines add -a`
string comparison fix (#1220) 2022-02-01 08:55:28 +00:00
import debian & rpm sources (#898) 2021-08-18 11:57:06 +00:00			`if [ "$CAPI" = true ]; then`
			`cscli capi register`
			`fi`
string comparison fix (#1220) 2022-02-01 08:55:28 +00:00
import debian & rpm sources (#898) 2021-08-18 11:57:06 +00:00			`else`
			`db_input medium crowdsec/lapi_host \|\| true`
			`db_go \|\| true`
string comparison fix (#1220) 2022-02-01 08:55:28 +00:00
import debian & rpm sources (#898) 2021-08-18 11:57:06 +00:00			`db_get crowdsec/lapi_host`
			`LAPI_HOST=$RET`
			`sed -i "s/127.0.0.1:8080/$LAPI_HOST/g" /etc/crowdsec/config.yaml`
			`fi`
			`fi`
string comparison fix (#1220) 2022-02-01 08:55:28 +00:00
import debian & rpm sources (#898) 2021-08-18 11:57:06 +00:00			`echo Updating hub`
			`/usr/bin/cscli hub update`
string comparison fix (#1220) 2022-02-01 08:55:28 +00:00			`if [ "$COLLECTIONS" = true ]; then`
import debian & rpm sources (#898) 2021-08-18 11:57:06 +00:00			`set +e`
			`CSCLI_BIN_INSTALLED="/usr/bin/cscli" SILENT=true install_collection`
			`set -e`
string comparison fix (#1220) 2022-02-01 08:55:28 +00:00			`fi`

Hub auto update cronjob (#1817) Add hub cron installation to install scripts Plus remove on uninstall 2022-10-17 15:04:01 +00:00
import debian & rpm sources (#898) 2021-08-18 11:57:06 +00:00			`if [[ -f /var/lib/crowdsec/data/crowdsec.db.backup ]]; then`
			`cp /var/lib/crowdsec/data/crowdsec.db.backup /var/lib/crowdsec/data/crowdsec.db`
			`rm -f /var/lib/crowdsec/data/crowdsec.db.backup`
			`fi`

			`systemctl --quiet is-enabled crowdsec \|\| systemctl unmask crowdsec && systemctl enable crowdsec`

Fix 1314 (#1320) * fix https://github.com/crowdsecurity/crowdsec/issues/1314 * fix postinst logic * fix in rpm as well Co-authored-by: sabban <15465465+sabban@users.noreply.github.com> 2022-03-10 12:57:04 +00:00			`API=$(cscli config show --key "Config.API.Server")`
			`if [ "$API" = "<nil>" ] ; then`
			`LAPI=false`
			`else`
			`PORT=$(cscli config show --key "Config.API.Server.ListenURI"\|cut -d ":" -f2)`
			`fi`
			`if [ "$LAPI" = false ] \|\| [ -z "$(ss -nlt "sport = ${PORT}" \| grep -v ^State)" ] ; then`
import debian & rpm sources (#898) 2021-08-18 11:57:06 +00:00			`systemctl start crowdsec`
			`else`
fix upgrade when somthing is already listening on 8080 (#1258) * this should fix issue #1245 * change cmdline for getting port Co-authored-by: sabban <15465465+sabban@users.noreply.github.com> 2022-02-15 10:20:52 +00:00			`echo "Not attempting to start crowdsec, port ${PORT} is already used or lapi was disabled"`
import debian & rpm sources (#898) 2021-08-18 11:57:06 +00:00			`echo "This port is configured through /etc/crowdsec/config.yaml and /etc/crowdsec/local_api_credentials.yaml"`
			`fi`
			`fi`

typos of various nature (#1072) 2021-12-06 16:29:23 +00:00			`echo "You can always run the configuration again interactively by using '/usr/share/crowdsec/wizard.sh -c"`