Added crowdsec to Nginx-Proxy-Manager

docker/rootfs/etc/s6-overlay/s6-rc.d/cs-crowdsec-bouncer/script.sh

@@ -0,0 +1,33 @@
+#!/command/with-contenv bash
+
+set -e # Exit immediately if a command exits with a non-zero status.
+
+mkdir -p /data/crowdsec/templates
+echo "Deploy Crowdsec Openresty Bouncer.." 
+sed -i 's|/defaults/crowdsec|/data/crowdsec|' /etc/nginx/conf.d/crowdsec_openresty.conf
+
+if [ -f /data/crowdsec/crowdsec-openresty-bouncer.conf ]; then
+    echo "Patch crowdsec-openresty-bouncer.conf .." 
+    sed "s/=.*//g" /data/crowdsec/crowdsec-openresty-bouncer.conf > /tmp/crowdsec.conf.raw
+    sed "s/=.*//g" /defaults/crowdsec/crowdsec-openresty-bouncer.conf > /tmp/crowdsec-openresty-bouncer.conf.raw
+    if grep -vf /tmp/crowdsec.conf.raw /tmp/crowdsec-openresty-bouncer.conf.raw ; then
+        grep -vf /tmp/crowdsec.conf.raw /tmp/crowdsec-openresty-bouncer.conf.raw > /tmp/config.newvals
+        cp /data/crowdsec/crowdsec-openresty-bouncer.conf /data/crowdsec/crowdsec-openresty-bouncer.conf.bak
+        grep -f /tmp/config.newvals /defaults/crowdsec/crowdsec-openresty-bouncer.conf >> /data/crowdsec/crowdsec-openresty-bouncer.conf
+    fi
+else
+    echo "Deploy new crowdsec-openresty-bouncer.conf .." 
+    cp /defaults/crowdsec/crowdsec-openresty-bouncer.conf /data/crowdsec/crowdsec-openresty-bouncer.conf    
+fi
+#Make sure the config location is where we get the config from instead of /default/
+sed -i 's|/defaults/crowdsec|/data/crowdsec|' /data/crowdsec/crowdsec-openresty-bouncer.conf
+echo "Deploy Crowdsec Templates .."
+#Make sure we only copy files that don't exist in /data/crowdsec.
+cd /defaults/crowdsec/templates/
+for file in *.html
+do
+  if [ ! -e "/data/crowdsec/templates/${file}" ]
+  then
+    cp -r "/defaults/crowdsec/templates/${file}" "/data/crowdsec/templates/"
+  fi
+done

docker/rootfs/etc/s6-overlay/s6-rc.d/cs-crowdsec-bouncer/type

@@ -0,0 +1 @@
+oneshot

docker/rootfs/etc/s6-overlay/s6-rc.d/cs-crowdsec-bouncer/up

@@ -0,0 +1,2 @@
+# shellcheck shell=bash
+/etc/s6-overlay/s6-rc.d/cs-crowdsec-bouncer/script.sh

docker/rootfs/etc/services.d/nginx/run

@@ -0,0 +1,49 @@
+#!/usr/bin/with-contenv bash
+
+# Create required folders
+mkdir -p /tmp/nginx/body \
+	/run/nginx \
+	/var/log/nginx \
+	/data/nginx \
+	/data/custom_ssl \
+	/data/logs \
+	/data/access \
+	/data/nginx/default_host \
+	/data/nginx/default_www \
+	/data/nginx/proxy_host \
+	/data/nginx/redirection_host \
+	/data/nginx/stream \
+	/data/nginx/dead_host \
+	/data/nginx/temp \
+	/var/lib/nginx/cache/public \
+	/var/lib/nginx/cache/private \
+	/var/cache/nginx/proxy_temp
+
+touch /var/log/nginx/error.log && chmod 777 /var/log/nginx/error.log && chmod -R 777 /var/cache/nginx
+chown root /tmp/nginx
+
+# Dynamically generate resolvers file, if resolver is IPv6, enclose in `[]`
+# thanks @tfmm
+echo resolver "$(awk 'BEGIN{ORS=" "} $1=="nameserver" { sub(/%.*$/,"",$2); print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf) ipv6=off valid=10s;" > /etc/nginx/conf.d/include/resolvers.conf
+
+# Generate dummy self-signed certificate.
+if [ ! -f /data/nginx/dummycert.pem ] || [ ! -f /data/nginx/dummykey.pem ]
+then
+	echo "Generating dummy SSL certificate..."
+	openssl req \
+		-new \
+		-newkey rsa:2048 \
+		-days 3650 \
+		-nodes \
+		-x509 \
+		-subj '/O=localhost/OU=localhost/CN=localhost' \
+		-keyout /data/nginx/dummykey.pem \
+		-out /data/nginx/dummycert.pem
+	echo "Complete"
+fi
+
+# Handle IPV6 settings
+/bin/handle-ipv6-setting /etc/nginx/conf.d
+/bin/handle-ipv6-setting /data/nginx
+
+exec nginx