allow Makefile to override /etc/crowdsec and /var/lib/crowdsec/data (#1221)
This commit is contained in:
mmetc
GitHub
parent
9c9639d19b
commit
35eea39db7
4
Makefile
4
Makefile
|
|
@ -50,7 +50,9 @@ export LD_OPTS=-ldflags "-s -w -X github.com/crowdsecurity/crowdsec/pkg/cwversio
|
|||
-X github.com/crowdsecurity/crowdsec/pkg/cwversion.BuildDate=$(BUILD_TIMESTAMP) \
|
||||
-X github.com/crowdsecurity/crowdsec/pkg/cwversion.Codename=$(BUILD_CODENAME) \
|
||||
-X github.com/crowdsecurity/crowdsec/pkg/cwversion.Tag=$(BUILD_TAG) \
|
||||
-X github.com/crowdsecurity/crowdsec/pkg/cwversion.GoVersion=$(BUILD_GOVERSION)"
|
||||
-X github.com/crowdsecurity/crowdsec/pkg/cwversion.GoVersion=$(BUILD_GOVERSION) \
|
||||
-X github.com/crowdsecurity/crowdsec/pkg/csconfig.defaultConfigDir=/etc/crowdsec \
|
||||
-X github.com/crowdsecurity/crowdsec/pkg/csconfig.defaultDataDir=/var/lib/crowdsec/data"
|
||||
|
||||
export LD_OPTS_STATIC=-ldflags "-s -w -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Version=$(BUILD_VERSION) \
|
||||
-X github.com/crowdsecurity/crowdsec/pkg/cwversion.BuildDate=$(BUILD_TIMESTAMP) \
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@ func backupConfigToDirectory(dirPath string) error {
|
|||
}
|
||||
|
||||
if csConfig.ConfigPaths.SimulationFilePath != "" {
|
||||
backupSimulation := fmt.Sprintf("%s/simulation.yaml", dirPath)
|
||||
backupSimulation := filepath.Join(dirPath, "simulation.yaml")
|
||||
if err = types.CopyFile(csConfig.ConfigPaths.SimulationFilePath, backupSimulation); err != nil {
|
||||
return fmt.Errorf("failed copy %s to %s : %s", csConfig.ConfigPaths.SimulationFilePath, backupSimulation, err)
|
||||
}
|
||||
|
|
@ -63,13 +63,13 @@ func backupConfigToDirectory(dirPath string) error {
|
|||
- backup the other files of acquisition directory
|
||||
*/
|
||||
if csConfig.Crowdsec != nil && csConfig.Crowdsec.AcquisitionFilePath != "" {
|
||||
backupAcquisition := fmt.Sprintf("%s/acquis.yaml", dirPath)
|
||||
backupAcquisition := filepath.Join(dirPath, "acquis.yaml")
|
||||
if err = types.CopyFile(csConfig.Crowdsec.AcquisitionFilePath, backupAcquisition); err != nil {
|
||||
return fmt.Errorf("failed copy %s to %s : %s", csConfig.Crowdsec.AcquisitionFilePath, backupAcquisition, err)
|
||||
}
|
||||
}
|
||||
|
||||
acquisBackupDir := dirPath + "/acquis/"
|
||||
acquisBackupDir := filepath.Join(dirPath, "acquis")
|
||||
if err = os.Mkdir(acquisBackupDir, 0700); err != nil {
|
||||
return fmt.Errorf("error while creating %s : %s", acquisBackupDir, err)
|
||||
}
|
||||
|
|
@ -80,7 +80,7 @@ func backupConfigToDirectory(dirPath string) error {
|
|||
if csConfig.Crowdsec.AcquisitionFilePath == acquisFile {
|
||||
continue
|
||||
}
|
||||
targetFname, err := filepath.Abs(acquisBackupDir + filepath.Base(acquisFile))
|
||||
targetFname, err := filepath.Abs(filepath.Join(acquisBackupDir, filepath.Base(acquisFile)))
|
||||
if err != nil {
|
||||
return errors.Wrapf(err, "while saving %s to %s", acquisFile, acquisBackupDir)
|
||||
}
|
||||
|
|
@ -233,7 +233,7 @@ func restoreConfigFromDirectory(dirPath string) error {
|
|||
}
|
||||
|
||||
//if there is files in the acquis backup dir, restore them
|
||||
acquisBackupDir := dirPath + "/acquis/*.yaml"
|
||||
acquisBackupDir := filepath.Join(dirPath, "acquis", "*.yaml")
|
||||
if acquisFiles, err := filepath.Glob(acquisBackupDir); err == nil {
|
||||
for _, acquisFile := range acquisFiles {
|
||||
targetFname, err := filepath.Abs(csConfig.Crowdsec.AcquisitionDirPath + "/" + filepath.Base(acquisFile))
|
||||
|
|
@ -255,7 +255,7 @@ func restoreConfigFromDirectory(dirPath string) error {
|
|||
log.Infof("skip this one")
|
||||
continue
|
||||
}
|
||||
targetFname, err := filepath.Abs(acquisBackupDir + filepath.Base(acquisFile))
|
||||
targetFname, err := filepath.Abs(filepath.Join(acquisBackupDir, filepath.Base(acquisFile)))
|
||||
if err != nil {
|
||||
return errors.Wrapf(err, "while saving %s to %s", acquisFile, acquisBackupDir)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -268,7 +268,8 @@ cscli machines add MyTestMachine --password MyPassword
|
|||
},
|
||||
}
|
||||
cmdMachinesAdd.Flags().StringVarP(&machinePassword, "password", "p", "", "machine password to login to the API")
|
||||
cmdMachinesAdd.Flags().StringVarP(&outputFile, "file", "f", "", "output file destination (defaults to /etc/crowdsec/local_api_credentials.yaml)")
|
||||
cmdMachinesAdd.Flags().StringVarP(&outputFile, "file", "f", "",
|
||||
"output file destination (defaults to "+csconfig.DefaultConfigPath("local_api_credentials.yaml"))
|
||||
cmdMachinesAdd.Flags().StringVarP(&apiURL, "url", "u", "", "URL of the local API")
|
||||
cmdMachinesAdd.Flags().BoolVarP(&interactive, "interactive", "i", false, "interfactive mode to enter the password")
|
||||
cmdMachinesAdd.Flags().BoolVarP(&autoAdd, "auto", "a", false, "automatically generate password (and username if not provided)")
|
||||
|
|
|
|||
|
|
@ -139,7 +139,7 @@ It is meant to allow you to manage bans, parsers/scenarios/etc, api and generall
|
|||
}
|
||||
rootCmd.AddCommand(cmdVersion)
|
||||
|
||||
rootCmd.PersistentFlags().StringVarP(&ConfigFilePath, "config", "c", "/etc/crowdsec/config.yaml", "path to crowdsec config file")
|
||||
rootCmd.PersistentFlags().StringVarP(&ConfigFilePath, "config", "c", csconfig.DefaultConfigPath("config.yaml"), "path to crowdsec config file")
|
||||
rootCmd.PersistentFlags().StringVarP(&OutputFormat, "output", "o", "", "Output format : human, json, raw.")
|
||||
rootCmd.PersistentFlags().BoolVar(&dbg_lvl, "debug", false, "Set logging to debug.")
|
||||
rootCmd.PersistentFlags().BoolVar(&nfo_lvl, "info", false, "Set logging to info.")
|
||||
|
|
|
|||
|
|
@ -186,7 +186,7 @@ func (l labelsMap) Set(label string) error {
|
|||
|
||||
func (f *Flags) Parse() {
|
||||
|
||||
flag.StringVar(&f.ConfigFile, "c", "/etc/crowdsec/config.yaml", "configuration file")
|
||||
flag.StringVar(&f.ConfigFile, "c", csconfig.DefaultConfigPath("config.yaml"), "configuration file")
|
||||
flag.BoolVar(&f.TraceLevel, "trace", false, "VERY verbose")
|
||||
flag.BoolVar(&f.DebugLevel, "debug", false, "print debug-level on stdout")
|
||||
flag.BoolVar(&f.InfoLevel, "info", false, "print info-level on stdout")
|
||||
|
|
|
|||
|
|
@ -123,7 +123,7 @@ func (c *Config) LoadAPIServer() error {
|
|||
return errors.Wrap(err, "while loading profiles for LAPI")
|
||||
}
|
||||
if c.API.Server.ConsoleConfigPath == "" {
|
||||
c.API.Server.ConsoleConfigPath = DefaultConsoleConfgFilePath
|
||||
c.API.Server.ConsoleConfigPath = DefaultConsoleConfigFilePath
|
||||
}
|
||||
if err := c.API.Server.LoadConsoleConfig(); err != nil {
|
||||
return errors.Wrap(err, "while loading console options")
|
||||
|
|
|
|||
|
|
@ -207,7 +207,7 @@ func TestLoadAPIServer(t *testing.T) {
|
|||
DbPath: "./tests/test.db",
|
||||
Type: "sqlite",
|
||||
},
|
||||
ConsoleConfigPath: "/etc/crowdsec/console.yaml",
|
||||
ConsoleConfigPath: DefaultConfigPath("console.yaml"),
|
||||
ConsoleConfig: &ConsoleConfig{
|
||||
ShareManualDecisions: types.BoolPtr(false),
|
||||
ShareTaintedScenarios: types.BoolPtr(true),
|
||||
|
|
|
|||
|
|
@ -4,13 +4,20 @@ import (
|
|||
"fmt"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"path/filepath"
|
||||
|
||||
"github.com/pkg/errors"
|
||||
log "github.com/sirupsen/logrus"
|
||||
"gopkg.in/yaml.v2"
|
||||
)
|
||||
|
||||
/*top-level config : defaults,overriden by cfg file,overriden by cli*/
|
||||
// defaultConfigDir is the base path to all configuration files, to be overridden in the Makefile */
|
||||
var defaultConfigDir = "/etc/crowdsec"
|
||||
|
||||
// defaultDataDir is the base path to all data files, to be overridden in the Makefile */
|
||||
var defaultDataDir = "/var/lib/crowdsec/data/"
|
||||
|
||||
// Config contains top-level defaults -> overridden by configuration file -> overridden by CLI flags
|
||||
type Config struct {
|
||||
//just a path to ourself :p
|
||||
FilePath *string `yaml:"-"`
|
||||
|
|
@ -71,14 +78,14 @@ func NewDefaultConfig() *Config {
|
|||
Level: "full",
|
||||
}
|
||||
configPaths := ConfigurationPaths{
|
||||
ConfigDir: "/etc/crowdsec/",
|
||||
DataDir: "/var/lib/crowdsec/data/",
|
||||
SimulationFilePath: "/etc/crowdsec/config/simulation.yaml",
|
||||
HubDir: "/etc/crowdsec/hub",
|
||||
HubIndexFile: "/etc/crowdsec/hub/.index.json",
|
||||
ConfigDir: DefaultConfigPath("."),
|
||||
DataDir: DefaultDataPath("."),
|
||||
SimulationFilePath: DefaultConfigPath("simulation.yaml"),
|
||||
HubDir: DefaultConfigPath("hub"),
|
||||
HubIndexFile: DefaultConfigPath("hub", ".index.json"),
|
||||
}
|
||||
crowdsecCfg := CrowdsecServiceCfg{
|
||||
AcquisitionFilePath: "/etc/crowdsec/config/acquis.yaml",
|
||||
AcquisitionFilePath: DefaultConfigPath("acquis.yaml"),
|
||||
ParserRoutinesCount: 1,
|
||||
}
|
||||
|
||||
|
|
@ -88,20 +95,20 @@ func NewDefaultConfig() *Config {
|
|||
|
||||
apiCfg := APICfg{
|
||||
Client: &LocalApiClientCfg{
|
||||
CredentialsFilePath: "/etc/crowdsec/config/lapi-secrets.yaml",
|
||||
CredentialsFilePath: DefaultConfigPath("lapi-secrets.yaml"),
|
||||
},
|
||||
Server: &LocalApiServerCfg{
|
||||
ListenURI: "127.0.0.1:8080",
|
||||
UseForwardedForHeaders: false,
|
||||
OnlineClient: &OnlineApiClientCfg{
|
||||
CredentialsFilePath: "/etc/crowdsec/config/online-api-secrets.yaml",
|
||||
CredentialsFilePath: DefaultConfigPath("config", "online-api-secrets.yaml"),
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
dbConfig := DatabaseCfg{
|
||||
Type: "sqlite",
|
||||
DbPath: "/var/lib/crowdsec/data/crowdsec.db",
|
||||
DbPath: DefaultDataPath("crowdsec.db"),
|
||||
}
|
||||
|
||||
globalCfg := Config{
|
||||
|
|
@ -116,3 +123,17 @@ func NewDefaultConfig() *Config {
|
|||
|
||||
return &globalCfg
|
||||
}
|
||||
|
||||
// DefaultConfigPath returns the default path for a configuration resource
|
||||
// "elem" parameters are path components relative to the default cfg directory.
|
||||
func DefaultConfigPath(elem ...string) string {
|
||||
elem = append([]string{defaultConfigDir}, elem...)
|
||||
return filepath.Join(elem...)
|
||||
}
|
||||
|
||||
// DefaultDataPath returns the the default path for a data resource.
|
||||
// "elem" parameters are path components relative to the default data directory.
|
||||
func DefaultDataPath(elem ...string) string {
|
||||
elem = append([]string{defaultDataDir}, elem...)
|
||||
return filepath.Join(elem...)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -17,10 +17,10 @@ const (
|
|||
SEND_MANUAL_SCENARIOS = "manual"
|
||||
)
|
||||
|
||||
var DefaultConsoleConfgFilePath = "/etc/crowdsec/console.yaml"
|
||||
|
||||
var CONSOLE_CONFIGS = []string{SEND_CUSTOM_SCENARIOS, SEND_MANUAL_SCENARIOS, SEND_TAINTED_SCENARIOS}
|
||||
|
||||
var DefaultConsoleConfigFilePath = DefaultConfigPath("console.yaml")
|
||||
|
||||
type ConsoleConfig struct {
|
||||
ShareManualDecisions *bool `yaml:"share_manual_decisions"`
|
||||
ShareTaintedScenarios *bool `yaml:"share_tainted"`
|
||||
|
|
@ -71,8 +71,9 @@ func (c *LocalApiServerCfg) DumpConsoleConfig() error {
|
|||
return errors.Wrapf(err, "while marshaling ConsoleConfig (for %s)", c.ConsoleConfigPath)
|
||||
}
|
||||
if c.ConsoleConfigPath == "" {
|
||||
log.Debugf("Empty console_path, defaulting to %s", DefaultConsoleConfgFilePath)
|
||||
c.ConsoleConfigPath = DefaultConsoleConfgFilePath
|
||||
c.ConsoleConfigPath = DefaultConsoleConfigFilePath
|
||||
log.Debugf("Empty console_path, defaulting to %s", c.ConsoleConfigPath)
|
||||
|
||||
}
|
||||
|
||||
if err := os.WriteFile(c.ConsoleConfigPath, out, 0600); err != nil {
|
||||
|
|
|
|||
|
|
@ -77,10 +77,10 @@ const (
|
|||
ScenarioResultFileName = "bucket-dump.yaml"
|
||||
|
||||
BucketPourResultFileName = "bucketpour-dump.yaml"
|
||||
|
||||
crowdsecPatternsFolder = "/etc/crowdsec/patterns/"
|
||||
)
|
||||
|
||||
var crowdsecPatternsFolder = csconfig.DefaultConfigPath("patterns")
|
||||
|
||||
func NewTest(name string, hubTest *HubTest) (*HubTestItem, error) {
|
||||
testPath := filepath.Join(hubTest.HubTestPath, name)
|
||||
runtimeFolder := filepath.Join(testPath, "runtime")
|
||||
|
|
|
|||
Loading…
Reference in a new issue