diff options
| author | smac89 | 2023-10-10 01:10:48 -0600 |
|---|---|---|
| committer | smac89 | 2023-10-10 01:10:48 -0600 |
| commit | 01b618c4f1d92f52b0d3ea8ba4d6adc7112273af (patch) | |
| tree | 38b98d9ba12d4c8bf521684948a49eb906b99736 | |
| download | aur-01b618c4f1d92f52b0d3ea8ba4d6adc7112273af.tar.gz | |
create version 1.0.5
| -rw-r--r-- | .SRCINFO | 26 | ||||
| -rw-r--r-- | PKGBUILD | 52 | ||||
| -rw-r--r-- | cs-nginx-bouncer-nginx-module.conf | 2 | ||||
| -rw-r--r-- | cs-nginx-bouncer.install | 52 |
4 files changed, 132 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..a172bc1068a4 --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,26 @@ +pkgbase = crowdsec-nginx-bouncer + pkgdesc = CrowdSec bouncer for Nginx + pkgver = 1.0.5 + pkgrel = 1 + url = https://doc.crowdsec.net/docs/bouncers/nginx + install = cs-nginx-bouncer.install + arch = any + license = MIT + makedepends = gettext + depends = crowdsec + depends = nginx-mainline-mod-lua + depends = luajit-openresty + depends = lua51 + depends = luarocks + backup = etc/nginx/lua/templates/crowdsec/ban.html + backup = etc/nginx/lua/templates/crowdsec/captcha.html + backup = etc/nginx/conf.d/crowdsec_nginx.conf + backup = etc/crowdsec/bouncers/crowdsec-nginx-bouncer.conf + source = crowdsec-nginx-bouncer-1.0.5.tar.gz::https://github.com/crowdsecurity/cs-nginx-bouncer/releases/download/v1.0.5/crowdsec-nginx-bouncer.tgz + source = cs-nginx-bouncer-nginx-module.conf + source = cs-nginx-bouncer.install + sha256sums = 2bb65903558598fc72c20de512267cbf0759d79f0e038c5a3b8ecf2626470d3f + sha256sums = 48b8356f3652ae766496a28714a661c30c9616c12b9cb39ff75dfa78f4677f99 + sha256sums = 6f11751ebbbedcf88ba9a08697b2d33f457caa4c57bf46722a67d2018b568607 + +pkgname = crowdsec-nginx-bouncer diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..ade85e2d2f6f --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,52 @@ +# Maintainer: FirstAirBender <noblechuk5 at web dot de> +pkgname=crowdsec-nginx-bouncer +pkgver=1.0.5 +pkgrel=1 +pkgdesc="CrowdSec bouncer for Nginx" +arch=('any') +url="https://doc.crowdsec.net/docs/bouncers/nginx" +_giturl="https://github.com/crowdsecurity/cs-nginx-bouncer" +license=('MIT') +depends=( + 'crowdsec' + 'nginx-mainline-mod-lua' + 'luajit-openresty' + 'lua51' + 'luarocks' +) +makedepends=( + 'gettext' +) +backup=( + etc/nginx/lua/templates/crowdsec/{ban,captcha}.html + etc/nginx/conf.d/crowdsec_nginx.conf + etc/crowdsec/bouncers/crowdsec-nginx-bouncer.conf +) +install=cs-nginx-bouncer.install +source=( + "$pkgname-$pkgver.tar.gz::${_giturl}/releases/download/v${pkgver}/${pkgname}.tgz" + "cs-nginx-bouncer-nginx-module.conf" + "cs-nginx-bouncer.install" +) +sha256sums=('2bb65903558598fc72c20de512267cbf0759d79f0e038c5a3b8ecf2626470d3f' + '48b8356f3652ae766496a28714a661c30c9616c12b9cb39ff75dfa78f4677f99' + '6f11751ebbbedcf88ba9a08697b2d33f457caa4c57bf46722a67d2018b568607') + +prepare() { + cd "$pkgname-v$pkgver" + sed -i s:var/lib/crowdsec/lua/templates:etc/nginx/lua/templates/crowdsec: lua-mod/config_example.conf + # $prefix see https://openresty-reference.readthedocs.io/en/latest/Directives/#lua_package_path + sed -i s:/usr/local/lua/crowdsec/:'$prefix/lua/plugins/crowdsec/': nginx/crowdsec_nginx.conf +} + +package() { + cd "$pkgname-v$pkgver" + install -dm755 $pkgdir/etc/nginx/lua/plugins/crowdsec/ + install -dm755 $pkgdir/etc/nginx/lua/templates/crowdsec/ + + install -Dm644 {nginx,$pkgdir/etc/nginx/conf.d}/crowdsec_nginx.conf + install -Dm644 $srcdir/cs-nginx-bouncer-nginx-module.conf -t $pkgdir/etc/nginx/modules + cp -R lua-mod/lib/* $pkgdir/etc/nginx/lua/plugins/crowdsec/ + cp -R lua-mod/templates/* $pkgdir/etc/nginx/lua/templates/crowdsec/ + install -Dm600 lua-mod/config_example.conf $pkgdir/etc/crowdsec/bouncers/crowdsec-nginx-bouncer.conf +} diff --git a/cs-nginx-bouncer-nginx-module.conf b/cs-nginx-bouncer-nginx-module.conf new file mode 100644 index 000000000000..fe8d2907c594 --- /dev/null +++ b/cs-nginx-bouncer-nginx-module.conf @@ -0,0 +1,2 @@ +load_module /usr/lib/nginx/modules/ndk_http_module.so; +load_module /usr/lib/nginx/modules/ngx_http_lua_module.so; diff --git a/cs-nginx-bouncer.install b/cs-nginx-bouncer.install new file mode 100644 index 000000000000..ee86f04705e6 --- /dev/null +++ b/cs-nginx-bouncer.install @@ -0,0 +1,52 @@ +NGINX_LUA_MODULE_PATCH="$(cat <<-EOF + ########################################################### + # @@@@@@@@@@@@@@ Added by cs-nginx-bouncer @@@@@@@@@@@@@@ # + load_module /usr/lib/nginx/modules/ndk_http_module.so; + load_module /usr/lib/nginx/modules/ngx_http_lua_module.so; + ########################################################### +EOF +)" + +pre_install() { + mkdir -p /etc/nginx/modules +} + +post_install() { + API_KEY=`cscli bouncers add crowdsec-nginx-bouncer -o raw` + export API_KEY + IFS=: read HOST PORT <<< `sudo cscli config show --key "Config.API.Server.ListenURI"` + echo "Bouncer registered to the CrowdSec Local API." + + CROWDSEC_LAPI_URL="http://${HOST:-'127.0.0.1'}:${PORT:-'8080'}" + export CROWDSEC_LAPI_URL + + TMP=$(mktemp -p /tmp/) + install -m600 /etc/crowdsec/bouncers/crowdsec-nginx-bouncer.conf "$TMP" + envsubst < "$TMP" | tee /etc/crowdsec/bouncers/crowdsec-nginx-bouncer.conf >/dev/null + + echo installing lua-resty-http and lua-cjson using luarocks + luarocks install lua-resty-http + luarocks install lua-cjson +} + +post_upgrade() { + if (( $(vercmp "$2" "1.0.5-6") < 0 )); then + TMP="$(mktemp)" + grep -Ev "^${NGINX_LUA_MODULE_PATCH}" /etc/nginx/nginx.conf > "$TMP" + mv "$TMP" /etc/nginx/nginx.conf + + echo -e "\n**NEW: Please add the following line to your nginx conf file:" + echo -e "==> include /etc/nginx/modules/*.conf; <==\n" + fi +} + +post_remove() { + echo 'removing lua-resty-http and lua-cjson' using luarocks + luarocks remove lua-resty-http + luarocks remove lua-cjson + + if ! cscli bouncers remove crowdsec-nginx-bouncer --error; then + echo -e "\nDon't forget to uninstall the plugin!" + cscli bouncers list + fi +} |