From e5487aacdbbcae28d63674059e4ebb48a79d4d95 Mon Sep 17 00:00:00 2001 From: "Thibault \"bui\" Koechlin" Date: Tue, 1 Dec 2020 15:08:36 +0100 Subject: [PATCH] Doc fix install (#494) --- config/acquis.yaml | 1 - .../v1.X/docs/getting_started/installation.md | 33 ++++++------ docs/v1.X/docs/migration.md | 50 +++++++++++++------ 3 files changed, 49 insertions(+), 35 deletions(-) diff --git a/config/acquis.yaml b/config/acquis.yaml index e3e0399b0..cc3631f3e 100644 --- a/config/acquis.yaml +++ b/config/acquis.yaml @@ -14,4 +14,3 @@ labels: filename: /var/log/apache2/*.log labels: type: apache2 ---- \ No newline at end of file diff --git a/docs/v1.X/docs/getting_started/installation.md b/docs/v1.X/docs/getting_started/installation.md index 87665a732..6fc818452 100644 --- a/docs/v1.X/docs/getting_started/installation.md +++ b/docs/v1.X/docs/getting_started/installation.md @@ -41,26 +41,24 @@ You are then ready to [take a tour](/Crowdsec/v1/getting_started/crowdsec-tour/) sudo {{v1X.wizard.bin}} --bininstall ``` -This will deploy a valid/empty {{v1X.crowdsec.name}} configuration files and binaries. -Beware, in this state, {{v1X.crowdsec.name}} won't monitor/detect anything unless configured. +This will only deploy the binaries, and some extra installation steps need to be completed for the software to be functional : -``` -cscli install collection crowdsecurity/linux -``` + - `sudo cscli hub update` : update the hub index + - `sudo cscli machines add -a` : register crowdsec to the local API + - `sudo cscli capi register` : register to the central API + - `sudo cscli collections install crowdsecurity/linux` : install essential configs (syslog parser, geoip enrichment, date parsers) + - configure your sources in your {{v1X.ref.acquis}} : `/etc/crowdsec/acquis.yaml` +You can now start & enable the crowdsec service : -Installing at least the `crowdsecurity/linux` collection will provide you : - - - syslog parser - - geoip enrichment - - date parsers - - -You will need as well to configure your {{v1X.ref.acquis}} file to feed {{v1X.crowdsec.name}} some logs. - + - `sudo systemctl start crowdsec` + - `sudo systemctl enable crowdsec` +## Using the unattended wizard +If your setup is standard and you've walked through the default installation without issues, you can win some time in case you need to perform a new install : `sudo ./wizard.sh --unattended` +This mode will emulate the interactive mode of the wizard where you answer **yes** to everything and stick with the default options. ## From source @@ -75,12 +73,9 @@ Go in {{v1X.crowdsec.name}} folder and build the binaries : ```bash cd crowdsec -``` -```bash -make build +make release ``` - -{{v1X.crowdsec.name}} bin will be located in `./cmd/crowdsec/crowdsec` and {{v1X.cli.name}} bin in `cmd/crowdsec-cli/{{v1X.cli.bin}}` +This will create you a directory (`crowdsec-vXXX/`) and an archive (`crowdsec-release.tgz`) that are release built from your local code source. Now, you can install either with [interactive wizard](#using-the-interactive-wizard) or the [unattended mode](#using-unattended-mode). \ No newline at end of file diff --git a/docs/v1.X/docs/migration.md b/docs/v1.X/docs/migration.md index 42669cc1f..30b723569 100644 --- a/docs/v1.X/docs/migration.md +++ b/docs/v1.X/docs/migration.md @@ -14,7 +14,7 @@ To upgrade {{v1X.crowdsec.name}} from v0.X to v1, we'll follow those steps #### Backup up configuration -``` +```bash sudo cscli backup save /tmp/crowdsec_backup sudo cp -R /etc/crowdsec/config/patterns /tmp/crowdsec_backup ``` @@ -23,7 +23,7 @@ sudo cp -R /etc/crowdsec/config/patterns /tmp/crowdsec_backup Download latest V1 {{v1X.crowdsec.name}} version [here]({{v1X.crowdsec.download_url}}) -``` +```bash tar xvzf crowdsec-release.tgz cd crowdsec-v1*/ sudo ./wizard.sh --uninstall @@ -37,32 +37,52 @@ sudo ./wizard.sh --bininstall !!! warning Before restoring old backup, if you have `local` or `tainted` postoverflows, be aware that they are no longer compatible. You should update the syntax (the community and us are available to help you doing this part). -``` +```bash sudo cscli hub update sudo cscli config restore --old-backup /tmp/crowdsec_backup/ sudo cp -R /tmp/crowdsec_backup/patterns /etc/crowdsec/ ``` +### Register crowdsec to local & central API + +```bash +$ sudo cscli machines add -a +INFO[0000] Machine '...' created successfully +INFO[0000] API credentials dumped to '/etc/crowdsec/local_api_credentials.yaml' +``` + +Before starting the services, let's check that we're properly registered : + +```bash +$ sudo cscli capi status +INFO[0000] Loaded credentials from /etc/crowdsec/online_api_credentials.yaml +INFO[0000] Trying to authenticate with username ... on https://api.crowdsec.net/ +INFO[0000] You can successfully interact with Central API (CAPI) +``` + #### Start & health check Finally, you will be able to start {{v1X.crowdsec.name}} service. Before that, just check if {{v1X.lapi.name}} and {{v1X.api.name}} are correctly configured. -``` -ubuntu@ip-:~$ sudo cscli lapi status +```bash +$ sudo systemctl enable crowdsec +$ sudo systemctl start crowdsec +$ sudo cscli lapi status INFO[0000] Loaded credentials from /etc/crowdsec/local_api_credentials.yaml -INFO[0000] Trying to authenticate with username 941c3fxxxxxxxxxxxxxxxxxxxxxx on http://localhost:8080/ -INFO[0000] You can successfully interact with Local API (LAPI) - -ubuntu@ip-:~$ sudo cscli capi status +INFO[0000] Trying to authenticate with username ... on http://localhost:8080/ +INFO[0000] You can successfully interact with Local API (LAPI) +$ sudo cscli capi status INFO[0000] Loaded credentials from /etc/crowdsec/online_api_credentials.yaml -INFO[0000] Trying to authenticate with username 941c3fxxxxxxxxxxxxxxxxxxxxxxx on https://api.crowdsec.net/ -INFO[0000] You can successfully interact with Central API (CAPI) - -ubuntu@ip-:~$ sudo systemctl start crowdsec.service -ubuntu@ip-:~$ sudo systemctl status crowdsec.service +INFO[0000] Trying to authenticate with username ... on https://api.crowdsec.net/ +INFO[0000] You can successfully interact with Central API (CAPI) ``` -You can even check logs (located by default here: `/var/log/crowdsec.log` & `/var/log/crowdsec_api.log`). +!!! warning + If you're facing issues with `cscli lapi status`, just re-run `cscli machines add -a`. + If you're facing issues with `cscli capi status`, just re-run `cscli capi register` + + +You can check logs (located by default here: `/var/log/crowdsec.log` & `/var/log/crowdsec_api.log`). You can now navigate documentation to learn new {{v1X.cli.name}} commands to interact with crowdsec.