Merge branch 'NginxProxyManager:develop' into develop-crowdsec

docker/rootfs/etc/s6-overlay/s6-rc.d/cs-crowdsec-bouncer/script.sh

@@ -0,0 +1,54 @@
+#!/command/with-contenv bash
+
+set -e # Exit immediately if a command exits with a non-zero status.
+
+function set_properties() {
+  sed -i "s,^$1=.*,$1=$2,g" "${3}"
+}
+
+echo "Deploy Crowdsec Openresty Bouncer.." 
+if [ -n "${CROWDSEC_OPENRESTY_BOUNCER}" ]; then
+   while IFS= read -r line
+   do 
+      if ! [[ "$line" != "^#" ]] || [[ "$line" != "^\n" ]]; then
+        name=$(echo "$line" | cut -d "=" -f1)
+        value=$(echo "$line" | cut -d "=" -f2)
+        if grep -q "${name}" /defaults/crowdsec/crowdsec-openresty-bouncer.conf ; then
+          set_properties "${name}" "${value}" "/defaults/crowdsec/crowdsec-openresty-bouncer.conf"
+        fi
+      fi
+   done <<< "${CROWDSEC_OPENRESTY_BOUNCER}"
+else
+	mkdir -p /data/crowdsec/templates
+	sed -i 's|/defaults/crowdsec|/data/crowdsec|' /etc/nginx/conf.d/crowdsec_openresty.conf
+
+	if [ -f /data/crowdsec/crowdsec-openresty-bouncer.conf ]; then
+		echo "Patch crowdsec-openresty-bouncer.conf .." 
+		sed "s/=.*//g" /data/crowdsec/crowdsec-openresty-bouncer.conf > /tmp/crowdsec.conf.raw
+		sed "s/=.*//g" /defaults/crowdsec/crowdsec-openresty-bouncer.conf > /tmp/crowdsec-openresty-bouncer.conf.raw
+		if grep -vf /tmp/crowdsec.conf.raw /tmp/crowdsec-openresty-bouncer.conf.raw ; then
+			grep -vf /tmp/crowdsec.conf.raw /tmp/crowdsec-openresty-bouncer.conf.raw > /tmp/config.newvals
+			cp /data/crowdsec/crowdsec-openresty-bouncer.conf /data/crowdsec/crowdsec-openresty-bouncer.conf.bak
+			grep -f /tmp/config.newvals /defaults/crowdsec/crowdsec-openresty-bouncer.conf >> /data/crowdsec/crowdsec-openresty-bouncer.conf
+		fi
+	else
+		echo "Deploy new crowdsec-openresty-bouncer.conf .." 
+		cp /defaults/crowdsec/crowdsec-openresty-bouncer.conf /data/crowdsec/crowdsec-openresty-bouncer.conf    
+	fi
+	#Make sure the config location is where we get the config from instead of /default/
+	sed -i 's|/defaults/crowdsec|/data/crowdsec|' /data/crowdsec/crowdsec-openresty-bouncer.conf
+fi
+
+
+#Make sure we only copy files that don't exist in /data/crowdsec.
+if [ -d "/data/crowdsec/templates" ]; then
+    echo "Deploy Crowdsec Templates .."
+    cd /defaults/crowdsec/templates/
+    for file in *.html
+    do
+        if [ ! -e "/data/crowdsec/templates/${file}" ]
+        then
+            cp -r "/defaults/crowdsec/templates/${file}" "/data/crowdsec/templates/"
+        fi
+    done
+fi

docker/rootfs/etc/s6-overlay/s6-rc.d/cs-crowdsec-bouncer/type

@@ -0,0 +1 @@
+oneshot

docker/rootfs/etc/s6-overlay/s6-rc.d/cs-crowdsec-bouncer/up

@@ -0,0 +1,2 @@
+# shellcheck shell=bash
+/etc/s6-overlay/s6-rc.d/cs-crowdsec-bouncer/script.sh

global/certbot-dns-plugins.json

@@ -7,7 +7,7 @@
 		"credentials": "dns_acmedns_api_url = http://acmedns-server/\ndns_acmedns_registration_file = /data/acme-registration.json",
 		"full_plugin_name": "dns-acmedns"
 	},
-	"active24": {
+	"active24":{
 		"name": "Active24",
 		"package_name": "certbot-dns-active24",
 		"version": "~=1.5.1",
@@ -18,7 +18,7 @@
 	"aliyun": {
 		"name": "Aliyun",
 		"package_name": "certbot-dns-aliyun",
-		"version": "~=2.0.0",
+		"version": "~=0.38.1",
 		"dependencies": "",
 		"credentials": "dns_aliyun_access_key = 12345678\ndns_aliyun_access_key_secret = 1234567890abcdef1234567890abcdef",
 		"full_plugin_name": "dns-aliyun"
@@ -31,14 +31,6 @@
 		"credentials": "# This plugin supported API authentication using either Service Principals or utilizing a Managed Identity assigned to the virtual machine.\n# Regardless which authentication method used, the identity will need the “DNS Zone Contributor” role assigned to it.\n# As multiple Azure DNS Zones in multiple resource groups can exist, the config file needs a mapping of zone to resource group ID. Multiple zones -> ID mappings can be listed by using the key dns_azure_zoneX where X is a unique number. At least 1 zone mapping is required.\n\n# Using a service principal (option 1)\ndns_azure_sp_client_id = 912ce44a-0156-4669-ae22-c16a17d34ca5\ndns_azure_sp_client_secret = E-xqXU83Y-jzTI6xe9fs2YC~mck3ZzUih9\ndns_azure_tenant_id = ed1090f3-ab18-4b12-816c-599af8a88cf7\n\n# Using used assigned MSI (option 2)\n# dns_azure_msi_client_id = 912ce44a-0156-4669-ae22-c16a17d34ca5\n\n# Using system assigned MSI (option 3)\n# dns_azure_msi_system_assigned = true\n\n# Zones (at least one always required)\ndns_azure_zone1 = example.com:/subscriptions/c135abce-d87d-48df-936c-15596c6968a5/resourceGroups/dns1\ndns_azure_zone2 = example.org:/subscriptions/99800903-fb14-4992-9aff-12eaf2744622/resourceGroups/dns2",
 		"full_plugin_name": "dns-azure"
 	},
-	"beget": {
-		"name":"Beget",
-		"package_name": "certbot-beget-plugin",
-		"version": "~=1.0.0.dev9",
-		"dependencies": "",
-		"credentials": "# Beget API credentials used by Certbot\nbeget_plugin_username = username\nbeget_plugin_password = password",
-		"full_plugin_name": "beget-plugin"
-	},
 	"bunny": {
 		"name": "bunny.net",
 		"package_name": "certbot-dns-bunny",
@@ -418,7 +410,7 @@
 	"porkbun": {
 		"name": "Porkbun",
 		"package_name": "certbot-dns-porkbun",
-		"version": "~=0.9",
+		"version": "~=0.2",
 		"dependencies": "",
 		"credentials": "dns_porkbun_key=your-porkbun-api-key\ndns_porkbun_secret=your-porkbun-api-secret",
 		"full_plugin_name": "dns-porkbun"
@@ -511,7 +503,7 @@
 		"credentials": "dns_websupport_identifier = <api_key>\ndns_websupport_secret_key = <secret>",
 		"full_plugin_name": "dns-websupport"
 	},
-	"wedos": {
+	"wedos":{
 		"name": "Wedos",
 		"package_name": "certbot-dns-wedos",
 		"version": "~=2.2",
@@ -527,4 +519,4 @@
 		"credentials": "edgedns_client_secret = as3d1asd5d1a32sdfsdfs2d1asd5=\nedgedns_host = sdflskjdf-dfsdfsdf-sdfsdfsdf.luna.akamaiapis.net\nedgedns_access_token = kjdsi3-34rfsdfsdf-234234fsdfsdf\nedgedns_client_token = dkfjdf-342fsdfsd-23fsdfsdfsdf",
 		"full_plugin_name": "edgedns"
 	}
-}
+}