#!/bin/bash COLLECTIONS=false set -e # Source debconf library. . /usr/share/debconf/confmodule if [ "$1" = configure ]; then if [[ ! -d /var/lib/crowdsec/data ]]; then mkdir -p /var/lib/crowdsec/data fi . /usr/share/crowdsec/wizard.sh -n if ! [[ -f /etc/crowdsec/acquis.yaml ]]; then echo Creating /etc/crowdsec/acquis.yaml set +e SILENT=true detect_services SILENT=true TMP_ACQUIS_FILE_SKIP=skip genacquisition set -e COLLECTIONS=true fi if [[ -f /etc/crowdsec/local_api_credentials.yaml ]] ; then chmod 600 /etc/crowdsec/local_api_credentials.yaml fi if [[ -f /etc/crowdsec/online_api_credentials.yaml ]]; then chmod 600 /etc/crowdsec/online_api_credentials.yaml fi if [[ ! -f /etc/crowdsec/local_api_credentials.yaml ]] || [[ ! -f /etc/crowdsec/online_api_credentials.yaml ]]; then if [[ ! -f /etc/crowdsec/local_api_credentials.yaml ]] ; then install -m 600 /dev/null /etc/crowdsec/local_api_credentials.yaml fi if [[ ! -f /etc/crowdsec/online_api_credentials.yaml ]] ; then install -m 600 /dev/null /etc/crowdsec/online_api_credentials.yaml fi db_input medium crowdsec/lapi || true db_go || true db_get crowdsec/lapi LAPI=$RET if [ "$LAPI" = true ]; then db_input medium crowdsec/capi || true db_go || true db_get crowdsec/capi CAPI=$RET [ -s /etc/crowdsec/local_api_credentials.yaml ] || cscli machines add -a --force --error if [ "$CAPI" = true ]; then cscli capi register --error fi else db_input medium crowdsec/lapi_host || true db_go || true db_get crowdsec/lapi_host LAPI_HOST=$RET sed -i "s/127.0.0.1:8080/$LAPI_HOST/g" /etc/crowdsec/config.yaml fi fi echo Updating hub /usr/bin/cscli hub update /usr/bin/cscli hub upgrade if [ "$COLLECTIONS" = true ]; then set +e CSCLI_BIN_INSTALLED="/usr/bin/cscli" SILENT=true install_collection set -e fi systemctl --quiet is-enabled crowdsec || systemctl unmask crowdsec && systemctl enable crowdsec API=$(cscli config show --key "Config.API.Server") if [ "$API" = "nil" ] ; then LAPI=false else PORT=$(cscli config show --key "Config.API.Server.ListenURI"|cut -d ":" -f2) fi if [ "$LAPI" = false ] || [ -z "$(ss -nlt "sport = ${PORT}" | grep -v ^State)" ] ; then systemctl start crowdsec else echo "Not attempting to start crowdsec, port ${PORT} is already used or lapi was disabled" echo "This port is configured through /etc/crowdsec/config.yaml and /etc/crowdsec/local_api_credentials.yaml" fi GREEN='\033[0;32m' BOLD='\033[1m' RESET='\033[0m' echo -e "${BOLD}Get started with CrowdSec:${RESET}" echo -e " * Go further by following our ${BOLD}post installation steps${RESET} : ${GREEN}${BOLD}https://docs.crowdsec.net/u/getting_started/next_steps${RESET}" echo -e "====================================================================================================================" echo -e " * Install a ${BOLD}remediation component${RESET} to block attackers: ${GREEN}${BOLD}https://docs.crowdsec.net/u/bouncers/intro${RESET}" echo -e "====================================================================================================================" echo -e " * Find more ${BOLD}collections${RESET}, ${BOLD}parsers${RESET} and ${BOLD}scenarios${RESET} created by the community with the Hub: ${GREEN}${BOLD}https://hub.crowdsec.net${RESET}" echo -e "====================================================================================================================" echo -e " * Subscribe to ${BOLD}additional blocklists${RESET}, ${BOLD}visualize${RESET} your alerts and more with the console: ${GREEN}${BOLD}https://app.crowdsec.net${RESET}" fi echo "You can always run the configuration again interactively by using '/usr/share/crowdsec/wizard.sh -c'"