From c56e64bce2a82b28cdd9efc299ef8d14e1e7b6a6 Mon Sep 17 00:00:00 2001 From: LePresidente Date: Thu, 29 Feb 2024 18:10:02 +0200 Subject: [PATCH] added support to use environment variables instead of set file in data drive. --- .../s6-rc.d/cs-crowdsec-bouncer/script.sh | 50 +++++++++++++------ 1 file changed, 34 insertions(+), 16 deletions(-) diff --git a/docker/rootfs/etc/s6-overlay/s6-rc.d/cs-crowdsec-bouncer/script.sh b/docker/rootfs/etc/s6-overlay/s6-rc.d/cs-crowdsec-bouncer/script.sh index e31ea21e..2f610613 100755 --- a/docker/rootfs/etc/s6-overlay/s6-rc.d/cs-crowdsec-bouncer/script.sh +++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/cs-crowdsec-bouncer/script.sh @@ -2,25 +2,43 @@ set -e # Exit immediately if a command exits with a non-zero status. -mkdir -p /data/crowdsec/templates -echo "Deploy Crowdsec Openresty Bouncer.." -sed -i 's|/defaults/crowdsec|/data/crowdsec|' /etc/nginx/conf.d/crowdsec_openresty.conf +function set_properties() { + sed -i "s/^$1=.*/$1=$2/" "${3}" +} -if [ -f /data/crowdsec/crowdsec-openresty-bouncer.conf ]; then - echo "Patch crowdsec-openresty-bouncer.conf .." - sed "s/=.*//g" /data/crowdsec/crowdsec-openresty-bouncer.conf > /tmp/crowdsec.conf.raw - sed "s/=.*//g" /defaults/crowdsec/crowdsec-openresty-bouncer.conf > /tmp/crowdsec-openresty-bouncer.conf.raw - if grep -vf /tmp/crowdsec.conf.raw /tmp/crowdsec-openresty-bouncer.conf.raw ; then - grep -vf /tmp/crowdsec.conf.raw /tmp/crowdsec-openresty-bouncer.conf.raw > /tmp/config.newvals - cp /data/crowdsec/crowdsec-openresty-bouncer.conf /data/crowdsec/crowdsec-openresty-bouncer.conf.bak - grep -f /tmp/config.newvals /defaults/crowdsec/crowdsec-openresty-bouncer.conf >> /data/crowdsec/crowdsec-openresty-bouncer.conf - fi +echo "Deploy Crowdsec Openresty Bouncer.." +if [ -n "${CROWDSEC_OPENRESTY_BOUNCER}" ]; then + while IFS= read -r line + do + if ! [[ "$line" != "^#" ]] || [[ "$line" != "^\n" ]]; then + name=$(echo "$line" | cut -d "=" -f1) + value=$(echo "$line" | cut -d "=" -f2) + if grep -q "${name}" /defaults/crowdsec/crowdsec-openresty-bouncer.conf ; then + set_properties "${name}" "${value}" "/defaults/crowdsec/crowdsec-openresty-bouncer.conf" + fi + fi + done <<< "${CROWDSEC_OPENRESTY_BOUNCER}" else - echo "Deploy new crowdsec-openresty-bouncer.conf .." - cp /defaults/crowdsec/crowdsec-openresty-bouncer.conf /data/crowdsec/crowdsec-openresty-bouncer.conf + mkdir -p /data/crowdsec/templates + sed -i 's|/defaults/crowdsec|/data/crowdsec|' /etc/nginx/conf.d/crowdsec_openresty.conf + + if [ -f /data/crowdsec/crowdsec-openresty-bouncer.conf ]; then + echo "Patch crowdsec-openresty-bouncer.conf .." + sed "s/=.*//g" /data/crowdsec/crowdsec-openresty-bouncer.conf > /tmp/crowdsec.conf.raw + sed "s/=.*//g" /defaults/crowdsec/crowdsec-openresty-bouncer.conf > /tmp/crowdsec-openresty-bouncer.conf.raw + if grep -vf /tmp/crowdsec.conf.raw /tmp/crowdsec-openresty-bouncer.conf.raw ; then + grep -vf /tmp/crowdsec.conf.raw /tmp/crowdsec-openresty-bouncer.conf.raw > /tmp/config.newvals + cp /data/crowdsec/crowdsec-openresty-bouncer.conf /data/crowdsec/crowdsec-openresty-bouncer.conf.bak + grep -f /tmp/config.newvals /defaults/crowdsec/crowdsec-openresty-bouncer.conf >> /data/crowdsec/crowdsec-openresty-bouncer.conf + fi + else + echo "Deploy new crowdsec-openresty-bouncer.conf .." + cp /defaults/crowdsec/crowdsec-openresty-bouncer.conf /data/crowdsec/crowdsec-openresty-bouncer.conf + fi + #Make sure the config location is where we get the config from instead of /default/ + sed -i 's|/defaults/crowdsec|/data/crowdsec|' /data/crowdsec/crowdsec-openresty-bouncer.conf fi -#Make sure the config location is where we get the config from instead of /default/ -sed -i 's|/defaults/crowdsec|/data/crowdsec|' /data/crowdsec/crowdsec-openresty-bouncer.conf + echo "Deploy Crowdsec Templates .." #Make sure we only copy files that don't exist in /data/crowdsec. cd /defaults/crowdsec/templates/