diff --git a/install/config.go b/install/config.go index b666b53..f87bb1a 100644 --- a/install/config.go +++ b/install/config.go @@ -5,6 +5,7 @@ import ( "fmt" "os" "os/exec" + "strings" "gopkg.in/yaml.v3" ) @@ -313,3 +314,22 @@ func MarshalYAMLWithIndent(data interface{}, indent int) ([]byte, error) { defer encoder.Close() return buffer.Bytes(), nil } + +func replaceInFile(filepath, oldStr, newStr string) error { + // Read the file content + content, err := os.ReadFile(filepath) + if err != nil { + return fmt.Errorf("error reading file: %v", err) + } + + // Replace the string + newContent := strings.Replace(string(content), oldStr, newStr, -1) + + // Write the modified content back to the file + err = os.WriteFile(filepath, []byte(newContent), 0644) + if err != nil { + return fmt.Errorf("error writing file: %v", err) + } + + return nil +} diff --git a/install/config/crowdsec/config.yaml b/install/config/crowdsec/config.yaml deleted file mode 100644 index 0acf463..0000000 --- a/install/config/crowdsec/config.yaml +++ /dev/null @@ -1,12 +0,0 @@ -api: - client: - insecure_skip_verify: false - credentials_path: /etc/crowdsec/local_api_credentials.yaml - server: - log_level: info - listen_uri: 0.0.0.0:9090 - profiles_path: /etc/crowdsec/profiles.yaml - trusted_ips: - - 0.0.0.0/0 - - 127.0.0.1 - - ::1 \ No newline at end of file diff --git a/install/config/crowdsec/dynamic_config.yml b/install/config/crowdsec/dynamic_config.yml index d255697..a3d32db 100644 --- a/install/config/crowdsec/dynamic_config.yml +++ b/install/config/crowdsec/dynamic_config.yml @@ -42,8 +42,8 @@ http: crowdsecAppsecHost: crowdsec:7422 # CrowdSec IP address which you noted down later crowdsecAppsecFailureBlock: true # Block on failure crowdsecAppsecUnreachableBlock: true # Block on unreachable - crowdsecLapiKey: "{{.TraefikBouncerKey}}" # CrowdSec API key which you noted down later - crowdsecLapiHost: crowdsec:9090 # CrowdSec + crowdsecLapiKey: "PUT_YOUR_BOUNCER_KEY_HERE_OR_IT_WILL_NOT_WORK" # CrowdSec API key which you noted down later + crowdsecLapiHost: crowdsec:8080 # CrowdSec crowdsecLapiScheme: http # CrowdSec API scheme forwardedHeadersTrustedIPs: # Forwarded headers trusted IPs - "0.0.0.0/0" # All IP addresses are trusted for forwarded headers (CHANGE MADE HERE) diff --git a/install/config/crowdsec/local_api_credentials.yaml b/install/config/crowdsec/local_api_credentials.yaml deleted file mode 100644 index 8776e4f..0000000 --- a/install/config/crowdsec/local_api_credentials.yaml +++ /dev/null @@ -1,2 +0,0 @@ -url: http://0.0.0.0:9090 -login: localhost \ No newline at end of file diff --git a/install/crowdsec.go b/install/crowdsec.go index 5b777e8..6d25a63 100644 --- a/install/crowdsec.go +++ b/install/crowdsec.go @@ -10,6 +10,11 @@ import ( ) func installCrowdsec(config Config) error { + + if err := stopContainers(); err != nil { + return fmt.Errorf("failed to stop containers: %v", err) + } + // Run installation steps if err := backupConfig(); err != nil { return fmt.Errorf("backup failed: %v", err) @@ -20,6 +25,10 @@ func installCrowdsec(config Config) error { os.Exit(1) } + os.MkdirAll("config/crowdsec/db", 0755) + os.MkdirAll("config/crowdsec_logs/syslog", 0755) + os.MkdirAll("config/traefik/logs", 0755) + if err := copyDockerService("config/crowdsec/docker-compose.yml", "docker-compose.yml", "crowdsec"); err != nil { fmt.Printf("Error copying docker service: %v\n", err) os.Exit(1) @@ -54,16 +63,22 @@ func installCrowdsec(config Config) error { return fmt.Errorf("bouncer key retrieval failed: %v", err) } + // if err := startContainers(); err != nil { + // return fmt.Errorf("failed to start containers: %v", err) + // } + return nil } func retrieveBouncerKey(config Config) error { + + fmt.Println("Retrieving bouncer key. Please be patient...") + // Start crowdsec container cmd := exec.Command("docker", "compose", "up", "-d", "crowdsec") if err := cmd.Run(); err != nil { return fmt.Errorf("failed to start crowdsec: %v", err) } - defer exec.Command("docker", "compose", "down").Run() // verify that the container is running if not keep waiting for 10 more seconds then return an error count := 0 @@ -95,10 +110,19 @@ func retrieveBouncerKey(config Config) error { for _, line := range lines { if strings.Contains(line, "key:") { config.TraefikBouncerKey = strings.TrimSpace(strings.Split(line, ":")[1]) + fmt.Println("Bouncer key:", config.TraefikBouncerKey) break } } + // Stop crowdsec container + cmd = exec.Command("docker", "compose", "down") + if err := cmd.Run(); err != nil { + return fmt.Errorf("failed to stop crowdsec: %v", err) + } + + fmt.Println("Bouncer key retrieved successfully.") + return nil } diff --git a/install/main.go b/install/main.go index e5ad98b..bca1910 100644 --- a/install/main.go +++ b/install/main.go @@ -179,11 +179,6 @@ func readInt(reader *bufio.Reader, prompt string, defaultValue int) int { return value } -func isDockerFilePresent() bool { - _, err := os.Stat("docker-compose.yml") - return !os.IsNotExist(err) -} - func collectUserInput(reader *bufio.Reader) Config { config := Config{} @@ -521,6 +516,80 @@ func pullAndStartContainers() error { return nil } +// bring containers down +func stopContainers() error { + fmt.Println("Stopping containers...") + + // Check which docker compose command is available + var useNewStyle bool + checkCmd := exec.Command("docker", "compose", "version") + if err := checkCmd.Run(); err == nil { + useNewStyle = true + } else { + // Check if docker-compose (old style) is available + checkCmd = exec.Command("docker-compose", "version") + if err := checkCmd.Run(); err != nil { + return fmt.Errorf("neither 'docker compose' nor 'docker-compose' command is available: %v", err) + } + } + + // Helper function to execute docker compose commands + executeCommand := func(args ...string) error { + var cmd *exec.Cmd + if useNewStyle { + cmd = exec.Command("docker", append([]string{"compose"}, args...)...) + } else { + cmd = exec.Command("docker-compose", args...) + } + cmd.Stdout = os.Stdout + cmd.Stderr = os.Stderr + return cmd.Run() + } + + if err := executeCommand("-f", "docker-compose.yml", "down"); err != nil { + return fmt.Errorf("failed to stop containers: %v", err) + } + + return nil +} + +// just start containers +func startContainers() error { + fmt.Println("Starting containers...") + + // Check which docker compose command is available + var useNewStyle bool + checkCmd := exec.Command("docker", "compose", "version") + if err := checkCmd.Run(); err == nil { + useNewStyle = true + } else { + // Check if docker-compose (old style) is available + checkCmd = exec.Command("docker-compose", "version") + if err := checkCmd.Run(); err != nil { + return fmt.Errorf("neither 'docker compose' nor 'docker-compose' command is available: %v", err) + } + } + + // Helper function to execute docker compose commands + executeCommand := func(args ...string) error { + var cmd *exec.Cmd + if useNewStyle { + cmd = exec.Command("docker", append([]string{"compose"}, args...)...) + } else { + cmd = exec.Command("docker-compose", args...) + } + cmd.Stdout = os.Stdout + cmd.Stderr = os.Stderr + return cmd.Run() + } + + if err := executeCommand("-f", "docker-compose.yml", "up", "-d"); err != nil { + return fmt.Errorf("failed to start containers: %v", err) + } + + return nil +} + func copyFile(src, dst string) error { source, err := os.Open(src) if err != nil {