blob: 24426cb943a000d8a4e77f208e163d96d7bd3f90 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
post_install() {
API_KEY=`cscli bouncers add crowdsec-firewall-bouncer -o raw`
export API_KEY
TMP=$(mktemp)
install -m600 /etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml "$TMP"
envsubst '$API_KEY' < "$TMP" > /etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml
echo "Bouncer registered to the CrowdSec Local API."
IFS=: read HOST PORT <<< `cscli config show --key "Config.API.Server.ListenURI"`
export CROWDSEC_LAPI_URL="http://${HOST:-'127.0.0.1'}:${PORT:-'8080'}"
sed -Ei "s|^(api_url\s*:).*|\1 $CROWDSEC_LAPI_URL|" /etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml
systemctl daemon-reload
systemctl enable --now crowdsec-firewall-bouncer
}
post_remove() {
if ! cscli bouncers remove crowdsec-firewall-bouncer --error; then
echo -e "\nDon't forget to uninstall the crowdsec-firewall-bouncer plugin!"
cscli bouncers list
fi
systemctl daemon-reload
if systemctl is-enabled -q crowdsec-firewall-bouncer; then
systemctl disable --now crowdsec-firewall-bouncer
fi
}
|