diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index cf30b3840..000000000 --- a/Dockerfile +++ /dev/null @@ -1,73 +0,0 @@ -############################ -# STEP 1 build executable binary -############################ - -FROM golang:alpine AS builder - -RUN apk update && apk add make gettext gcc g++ - - -WORKDIR $GOPATH/src/JohnDoeCrowdSec/granola - -# COPY the source -COPY ./ . - -RUN make build - -RUN make install - -RUN cp ./docker/docker.yaml /etc/crowdsec/docker.yaml -RUN cp ./docker/acquis.yaml /etc/crowdsec/crowdsec/ - -############################ -# STEP 2 -############################ - -FROM alpine:latest - -COPY --from=builder /usr/local/bin/crowdsec /usr/local/bin/crowdsec -COPY --from=builder /usr/local/bin/cscli /usr/local/bin/cscli - - -COPY --from=builder /etc/crowdsec /etc/crowdsec -COPY --from=builder /var/run/crowdsec /var/run/crowdsec - -RUN apk add --update bash rsyslog && rm -rf /var/cache/apk/* - -########################### -##### Prepare rsyslog ##### -########################### - -RUN mkdir -p /etc/rsyslog.d/ -RUN mkdir -p /var/spool/rsyslog/ -RUN mkdir -p /var/log/rsyslog -RUN touch /var/log/syslog - -EXPOSE 514 514 - -COPY ./docker/rsyslog.conf /etc/rsyslog.conf - -########################################### -###### Configure crowdsec ########### -########################################### - -RUN cscli config token "6ba94afde0fbf41310f7191934bc1d920245c9f1" -RUN cscli config installdir "/etc/crowdsec/crowdsec/" -RUN cscli config dbpath "/var/run/crowdsec/crowdsec.db" - -RUN cscli update - -RUN cscli install collection crowdsec/base-http-scenarios -RUN cscli install collection crowdsec/linux -RUN cscli install collection crowdsec/nginx -RUN cscli install collection crowdsec/sshd - -###################################### -## Wrapper to launch multi services ## -###################################### - -COPY ./docker/wrapper.sh . -RUN chmod +x ./wrapper.sh - -ENTRYPOINT ["./wrapper.sh"] - diff --git a/cmd/crowdsec-cli/config.go b/cmd/crowdsec-cli/config.go index f5ce82c5f..8dec02147 100644 --- a/cmd/crowdsec-cli/config.go +++ b/cmd/crowdsec-cli/config.go @@ -29,11 +29,11 @@ type cliConfig struct { func interactiveCfg() error { var err error reader := bufio.NewReader(os.Stdin) - fmt.Print("crowdsec installation directory (default: /etc/crowdsec/crowdsec/): ") + fmt.Print("crowdsec installation directory (default: /etc/crowdsec/config/): ") config.InstallFolder, err = reader.ReadString('\n') config.InstallFolder = strings.Replace(config.InstallFolder, "\n", "", -1) //CRLF to LF (windows) if config.InstallFolder == "" { - config.InstallFolder = "/etc/crowdsec/crowdsec/" + config.InstallFolder = "/etc/crowdsec/config/" } if err != nil { log.Fatalf("failed to read input : %v", err.Error()) @@ -131,7 +131,7 @@ If no commands are specified, config is in interactive mode.`, var cmdConfigInstalldir = &cobra.Command{ Use: "installdir [value]", Short: `Configure installation directory`, - Long: `Configure the installation directory of crowdsec, such as /etc/crowdsec/crowdsec/`, + Long: `Configure the installation directory of crowdsec, such as /etc/crowdsec/config/`, Args: cobra.ExactArgs(1), Run: func(cmd *cobra.Command, args []string) { config.InstallFolder = args[0] diff --git a/cmd/crowdsec-cli/doc/cwcli_config_installdir.md b/cmd/crowdsec-cli/doc/cwcli_config_installdir.md index a29112a52..ba6266e8f 100644 --- a/cmd/crowdsec-cli/doc/cwcli_config_installdir.md +++ b/cmd/crowdsec-cli/doc/cwcli_config_installdir.md @@ -4,7 +4,7 @@ Configure installation directory ### Synopsis -Configure the installation directory of crowdsec, such as /etc/crowdsec/crowdsec/ +Configure the installation directory of crowdsec, such as /etc/crowdsec/config/ ``` cscli config installdir [value] [flags] diff --git a/cmd/crowdsec/Makefile b/cmd/crowdsec/Makefile index 4fe8797b5..db92a2f99 100644 --- a/cmd/crowdsec/Makefile +++ b/cmd/crowdsec/Makefile @@ -7,7 +7,7 @@ GOGET=$(GOCMD) get CROWDSEC_BIN=crowdsec PREFIX?="/" -CFG_PREFIX = $(PREFIX)"/etc/crowdsec/crowdsec/" +CFG_PREFIX = $(PREFIX)"/etc/crowdsec/config/" BIN_PREFIX = $(PREFIX)"/usr/local/bin/" DATA_PREFIX = $(PREFIX)"/var/run/crowdsec/" PID_DIR = $(PREFIX)"/var/run/" diff --git a/docker/README.md b/docker/README.md deleted file mode 100644 index a7382d33c..000000000 --- a/docker/README.md +++ /dev/null @@ -1,32 +0,0 @@ -# Crowdwatch with docker - - -## Getting Started - -Go in the main folder of crowdsec (if you are in the folder `docker/` please `cd ..`) - - -- Build the docker image - -``` -docker build -t crowdsec . -``` - - -- Run the docker - - -``` -docker run -d -p 514:514 --name crowdsec -v /var/run/crowdsec/crowdsec.db:/var/run/crowdsec/crowdsec.db crowdsec -``` - -:warning: Be sure that your ban plugin will get decision from the db located in `/var/run/crowdsec/crowdsec.db` on your host. - - - - -## TODO: - - - Be sure that bans are applied on the host - - Check that the sqlite db is created by crowdsec in the docker and read by the ban plugin on the host - - Forward traffic to the docker syslog (127.0.0.1:514) and check that logs are correctly parsed diff --git a/docker/acquis.yaml b/docker/acquis.yaml deleted file mode 100644 index a1892ba64..000000000 --- a/docker/acquis.yaml +++ /dev/null @@ -1,4 +0,0 @@ -filenames: - - /var/log/syslog -labels: - type: syslog \ No newline at end of file diff --git a/docker/docker.yaml b/docker/docker.yaml deleted file mode 100644 index 542c25306..000000000 --- a/docker/docker.yaml +++ /dev/null @@ -1,15 +0,0 @@ -working_dir: /tmp/ -data_dir: /var/run/crowdsec/ -config_dir: /etc/crowdsec -pid_dir: /var/run/ -log_dir: /var/log/ -log_mode: stdout -log_level: debug -profiling: false -sqlite_path: /var/run/crowdsec/crowdsec.db -apimode: false -daemon: false -prometheus: true -#for prometheus agent / golang debugging -http_listen: 127.0.0.1:6060 - diff --git a/docker/rsyslog.conf b/docker/rsyslog.conf deleted file mode 100644 index f031ba715..000000000 --- a/docker/rsyslog.conf +++ /dev/null @@ -1,44 +0,0 @@ -################# -#### MODULES #### -################# -# Uncomment out the following lines and comment out everything else to get debugging for variables -# *.* /var/log/debugfmt;RSYSLOG_DebugFormat - -module(load="imudp") -module(load="imtcp") - -########################### -#### GLOBAL DIRECTIVES #### -########################### - -# -# Use traditional timestamp format. -# To enable high precision timestamps, comment out the following line. -# -$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat - -# -# Where to place spool and state files -# -$WorkDirectory /var/spool/rsyslog - -# -# Include all config files in /etc/rsyslog.d/ -# -$IncludeConfig /etc/rsyslog.d/*.conf -global(net.enableDNS="off") - -########################### -# Input Parameters -########################### - -input(type="imtcp" port="514") -input(type="imudp" port="514") - -########################### -#### Central log stuff #### -########################### - -$template RemoteLogs, "/var/log/syslog" -*.* ?RemoteLogs -& ~ \ No newline at end of file diff --git a/docker/wrapper.sh b/docker/wrapper.sh deleted file mode 100644 index 40efc9c5c..000000000 --- a/docker/wrapper.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/sh - -CROWDSEC="crowdsec" -SYSLOG_NG="rsyslogd" - - -# Start the second process -rsyslogd -n -f /etc/rsyslog.conf & -status=$? -if [ $status -ne 0 ]; then - echo "Failed to start ${SYSLOG_NG}: $status" - exit $status -fi - - -# Start the first process -/usr/local/bin/crowdsec -c /etc/crowdsec/docker.yaml & -status=$? -if [ $status -ne 0 ]; then - echo "Failed to start ${CROWDSEC}: $status" - exit $status -fi - - -# Naive check runs checks once a minute to see if either of the processes exited. -# This illustrates part of the heavy lifting you need to do if you want to run -# more than one service in a container. The container exits with an error -# if it detects that either of the processes has exited. -# Otherwise it loops forever, waking up every 60 seconds - -while sleep 60; do - ps aux |grep ${CROWDSEC} |grep -q -v grep - PROCESS_1_STATUS=$? - ps aux |grep ${SYSLOG_NG} |grep -q -v grep - PROCESS_2_STATUS=0 - # If the greps above find anything, they exit with 0 status - # If they are not both 0, then something is wrong - if [ $PROCESS_1_STATUS -ne 0 -o $PROCESS_2_STATUS -ne 0 ]; then - echo "One of the processes has already exited." - exit 1 - fi -done \ No newline at end of file diff --git a/pkg/leakybucket/tests/simple-leaky-uniq-w-buckets_state/in-buckets_state.json b/pkg/leakybucket/tests/simple-leaky-uniq-w-buckets_state/in-buckets_state.json index 88b0b645d..dee5f242d 100644 --- a/pkg/leakybucket/tests/simple-leaky-uniq-w-buckets_state/in-buckets_state.json +++ b/pkg/leakybucket/tests/simple-leaky-uniq-w-buckets_state/in-buckets_state.json @@ -105,7 +105,7 @@ "Profiling": false, "OverflowFilter": "", "BucketName": "lingering-river", - "Filename": "/home/bui/github/crowdsec/crowdsec/pkg/leakybucket/tests/simple-leaky-uniq-w-buckets_state/bucket.yaml" + "Filename": "/home/bui/github/crowdsec/config/pkg/leakybucket/tests/simple-leaky-uniq-w-buckets_state/bucket.yaml" }, "Duration": 40000000000, "Profiling": false diff --git a/wizard.sh b/wizard.sh index 67195f73d..74ecd3d86 100755 --- a/wizard.sh +++ b/wizard.sh @@ -19,7 +19,7 @@ CROWDSEC_PLUGIN_DIR="${CROWDSEC_LIB_DIR}/plugins" CROWDSEC_PLUGIN_BACKEND_DIR="${CROWDSEC_PLUGIN_DIR}/backend" CROWDSEC_DB_PATH="${CROWDSEC_DATA_DIR}/crowdsec.db" CROWDSEC_CONFIG_PATH="/etc/crowdsec" -CROWDSEC_CONFIG_PATH="${CROWDSEC_CONFIG_PATH}/crowdsec" +CROWDSEC_CONFIG_PATH="${CROWDSEC_CONFIG_PATH}/config" CROWDSEC_LOG_FILE="/var/log/crowdsec.log" CROWDSEC_BACKEND_FOLDER="/etc/crowdsec/plugins/backend" @@ -462,7 +462,7 @@ main() { # api register - ${CSCLI_BIN_INSTALLED} api register >> /etc/crowdsec/crowdsec/api.yaml || ${CSCLI_BIN_INSTALLED} api reset >> /etc/crowdsec/crowdsec/api.yaml || log_err "unable to register, skipping crowdsec api registration" + ${CSCLI_BIN_INSTALLED} api register >> /etc/crowdsec/config/api.yaml || ${CSCLI_BIN_INSTALLED} api reset >> /etc/crowdsec/config/api.yaml || log_err "unable to register, skipping crowdsec api registration" log_info "Crowdsec api registered"