crowdsec/docker/docker_start.sh

#!/bin/sh

# Check if the container has already been started (ignore if agent is disabled)
if [ "$DISABLE_AGENT" == "" ] ; then
    echo "Check if the container has already been started (ignore if agent is disabled)"
    cscli machines list | grep localhost
    if [ "$?" == 1 ]; then
        cscli machines add localhost --auto
    fi
    if [ "$AGENT_USERNAME" != "" ] && [ "$AGENT_PASSWORD" != "" ] && [ "$LOCAL_API_URL" != "" ] ; then
        echo "set up lapi credentials for agent"
        CONFIG_PATH=$(yq eval '.api.client.credentials_path' /etc/crowdsec/config.yaml)
        echo "url: $LOCAL_API_URL" > $CONFIG_PATH
        echo "login: $AGENT_USERNAME" >> $CONFIG_PATH
        echo "password: $AGENT_PASSWORD" >> $CONFIG_PATH
    fi
fi

# Check if lapi need to register automatically an agent
echo Check if lapi need to register automatically an agent
if [ "$DISABLE_LOCAL_API" == "" ] && [ "$AGENT_USERNAME" != "" ] && [ "$AGENT_PASSWORD" != "" ] ; then
    cscli machines add $AGENT_USERNAME --password $AGENT_PASSWORD
    echo "Agent registered to lapi"
fi

# registration to online API for signal push
if [ "$DISABLE_ONLINE_API" == "" ] && [ "$CONFIG_FILE" == "" ] ; then
    CONFIG_EXIST=$(yq eval '.api.server.online_client | has("credentials_path")' /etc/crowdsec/config.yaml)
    if [ "$CONFIG_EXIST" != "true" ]; then
        yq eval '.api.server.online_client = {"credentials_path": "/etc/crowdsec/online_api_credentials.yaml"}' /etc/crowdsec/config.yaml > /etc/crowdsec/config2.yaml
        mv /etc/crowdsec/config2.yaml /etc/crowdsec/config.yaml
        cscli capi register > /etc/crowdsec/online_api_credentials.yaml
        echo "registration to online API done"
    fi
fi

# crowdsec sqlite database permissions
if [ "$GID" != "" ]; then
    IS_SQLITE=$(yq eval '.db_config.type == "sqlite"' /etc/crowdsec/config.yaml)
    DB_PATH=$(yq eval '.db_config.db_path' /etc/crowdsec/config.yaml)
    if [ "$IS_SQLITE" == "true" ]; then
        chown :$GID $DB_PATH
        echo "sqlite database permissions updated"
    fi
fi

## Install collections, parsers & scenarios
cscli hub update
cscli collections upgrade crowdsecurity/linux || true
cscli parsers upgrade crowdsecurity/whitelists || true
cscli parsers install crowdsecurity/docker-logs || true
if [ "$COLLECTIONS" != "" ]; then
    cscli collections install $COLLECTIONS
fi
if [ "$PARSERS" != "" ]; then
    cscli parsers install $PARSERS
fi
if [ "$SCENARIOS" != "" ]; then
    cscli scenarios install $SCENARIOS
fi
if [ "$POSTOVERFLOWS" != "" ]; then
    cscli postoverflows install $POSTOVERFLOWS
fi

ARGS=""
if [ "$CONFIG_FILE" != "" ]; then
    ARGS="-c $CONFIG_FILE"
fi
if [ "$DSN" != "" ]; then
    ARGS="$ARGS -dsn ${DSN}"
fi

if [ "$TYPE" != "" ]; then
    ARGS="$ARGS -type $TYPE"
fi
if [ "$TEST_MODE" == "true" ] || [ "$TEST_MODE" == "TRUE" ]; then
    ARGS="$ARGS -t"
fi
if [ "$DISABLE_AGENT" == "true" ] || [ "$DISABLE_AGENT" == "TRUE" ]; then
    ARGS="$ARGS -no-cs"
fi
if [ "$DISABLE_LOCAL_API" == "true" ] || [ "$DISABLE_LOCAL_API" == "TRUE" ]; then
    ARGS="$ARGS -no-api"
fi
if [ "$LEVEL_TRACE" == "true" ] || [ "$LEVEL_TRACE" == "TRUE" ]; then
    ARGS="$ARGS -trace"
fi
if [ "$LEVEL_DEBUG" == "true" ] || [ "$LEVEL_DEBUG" == "TRUE"  ]; then
    ARGS="$ARGS -debug"
fi
if [ "$LEVEL_INFO" == "true" ] || [ "$LEVEL_INFO" == "TRUE" ]; then
    ARGS="$ARGS -info"
fi

exec crowdsec $ARGS
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`#!/bin/sh`

update docker image documentation + docker start script (#965) * update docker image documentation + docker start script 2021-09-10 12:59:22 +00:00			`# Check if the container has already been started (ignore if agent is disabled)`
			`if [ "$DISABLE_AGENT" == "" ] ; then`
			`echo "Check if the container has already been started (ignore if agent is disabled)"`
			`cscli machines list \| grep localhost`
fix docker image + install whitelists on build (#968) * fix docker image + install whitelists on build 2021-09-13 08:48:48 +00:00			`if [ "$?" == 1 ]; then`
			`cscli machines add localhost --auto`
update docker image documentation + docker start script (#965) * update docker image documentation + docker start script 2021-09-10 12:59:22 +00:00			`fi`
			`if [ "$AGENT_USERNAME" != "" ] && [ "$AGENT_PASSWORD" != "" ] && [ "$LOCAL_API_URL" != "" ] ; then`
			`echo "set up lapi credentials for agent"`
			`CONFIG_PATH=$(yq eval '.api.client.credentials_path' /etc/crowdsec/config.yaml)`
			`echo "url: $LOCAL_API_URL" > $CONFIG_PATH`
			`echo "login: $AGENT_USERNAME" >> $CONFIG_PATH`
			`echo "password: $AGENT_PASSWORD" >> $CONFIG_PATH`
			`fi`
			`fi`

			`# Check if lapi need to register automatically an agent`
			`echo Check if lapi need to register automatically an agent`
			`if [ "$DISABLE_LOCAL_API" == "" ] && [ "$AGENT_USERNAME" != "" ] && [ "$AGENT_PASSWORD" != "" ] ; then`
			`cscli machines add $AGENT_USERNAME --password $AGENT_PASSWORD`
update docker entrypoint script (#982) 2021-09-21 08:54:05 +00:00			`echo "Agent registered to lapi"`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`fi`

update docker image + documentation (#602) Co-authored-by: erenJag <erenJag> 2021-02-10 08:29:29 +00:00			`# registration to online API for signal push`
			`if [ "$DISABLE_ONLINE_API" == "" ] && [ "$CONFIG_FILE" == "" ] ; then`
			`CONFIG_EXIST=$(yq eval '.api.server.online_client \| has("credentials_path")' /etc/crowdsec/config.yaml)`
			`if [ "$CONFIG_EXIST" != "true" ]; then`
			`yq eval '.api.server.online_client = {"credentials_path": "/etc/crowdsec/online_api_credentials.yaml"}' /etc/crowdsec/config.yaml > /etc/crowdsec/config2.yaml`
			`mv /etc/crowdsec/config2.yaml /etc/crowdsec/config.yaml`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`cscli capi register > /etc/crowdsec/online_api_credentials.yaml`
update docker entrypoint script (#982) 2021-09-21 08:54:05 +00:00			`echo "registration to online API done"`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`fi`
			`fi`

fix the perms of SQLite DB for metabase (#647) 2021-02-25 10:29:39 +00:00			`# crowdsec sqlite database permissions`
			`if [ "$GID" != "" ]; then`
			`IS_SQLITE=$(yq eval '.db_config.type == "sqlite"' /etc/crowdsec/config.yaml)`
			`DB_PATH=$(yq eval '.db_config.db_path' /etc/crowdsec/config.yaml)`
			`if [ "$IS_SQLITE" == "true" ]; then`
			`chown :$GID $DB_PATH`
update docker entrypoint script (#982) 2021-09-21 08:54:05 +00:00			`echo "sqlite database permissions updated"`
fix the perms of SQLite DB for metabase (#647) 2021-02-25 10:29:39 +00:00			`fi`
			`fi`

local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`## Install collections, parsers & scenarios`
			`cscli hub update`
update docker image documentation + docker start script (#965) * update docker image documentation + docker start script 2021-09-10 12:59:22 +00:00			`cscli collections upgrade crowdsecurity/linux \|\| true`
fix docker image + install whitelists on build (#968) * fix docker image + install whitelists on build 2021-09-13 08:48:48 +00:00			`cscli parsers upgrade crowdsecurity/whitelists \|\| true`
update docker entrypoint script (#982) 2021-09-21 08:54:05 +00:00			`cscli parsers install crowdsecurity/docker-logs \|\| true`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`if [ "$COLLECTIONS" != "" ]; then`
			`cscli collections install $COLLECTIONS`
			`fi`
			`if [ "$PARSERS" != "" ]; then`
			`cscli parsers install $PARSERS`
			`fi`
			`if [ "$SCENARIOS" != "" ]; then`
			`cscli scenarios install $SCENARIOS`
			`fi`
			`if [ "$POSTOVERFLOWS" != "" ]; then`
			`cscli postoverflows install $POSTOVERFLOWS`
			`fi`

			`ARGS=""`
			`if [ "$CONFIG_FILE" != "" ]; then`
			`ARGS="-c $CONFIG_FILE"`
			`fi`
update docker file to reflect change on acquisitions (#834) * update docker file to reflect change on acquisitions * generic --dsn approach Co-authored-by: he2ss <he2ss> 2021-06-29 16:03:45 +00:00			`if [ "$DSN" != "" ]; then`
			`ARGS="$ARGS -dsn ${DSN}"`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`fi`
update docker file to reflect change on acquisitions (#834) * update docker file to reflect change on acquisitions * generic --dsn approach Co-authored-by: he2ss <he2ss> 2021-06-29 16:03:45 +00:00
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`if [ "$TYPE" != "" ]; then`
			`ARGS="$ARGS -type $TYPE"`
			`fi`
			`if [ "$TEST_MODE" == "true" ] \|\| [ "$TEST_MODE" == "TRUE" ]; then`
			`ARGS="$ARGS -t"`
			`fi`
			`if [ "$DISABLE_AGENT" == "true" ] \|\| [ "$DISABLE_AGENT" == "TRUE" ]; then`
			`ARGS="$ARGS -no-cs"`
			`fi`
update docker image documentation + docker start script (#965) * update docker image documentation + docker start script 2021-09-10 12:59:22 +00:00			`if [ "$DISABLE_LOCAL_API" == "true" ] \|\| [ "$DISABLE_LOCAL_API" == "TRUE" ]; then`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`ARGS="$ARGS -no-api"`
			`fi`
			`if [ "$LEVEL_TRACE" == "true" ] \|\| [ "$LEVEL_TRACE" == "TRUE" ]; then`
			`ARGS="$ARGS -trace"`
			`fi`
			`if [ "$LEVEL_DEBUG" == "true" ] \|\| [ "$LEVEL_DEBUG" == "TRUE" ]; then`
			`ARGS="$ARGS -debug"`
			`fi`
			`if [ "$LEVEL_INFO" == "true" ] \|\| [ "$LEVEL_INFO" == "TRUE" ]; then`
			`ARGS="$ARGS -info"`
			`fi`

update docker image documentation + docker start script (#965) * update docker image documentation + docker start script 2021-09-10 12:59:22 +00:00			`exec crowdsec $ARGS`