crowdsec v1 integrated
This commit is contained in:
parent
09a984c86b
commit
825e6a747e
14
compile.sh
14
compile.sh
|
@ -118,26 +118,20 @@ cd /tmp
|
|||
git_secure_clone https://github.com/diegonehab/luasocket.git 5b18e475f38fcf28429b1cc4b17baee3b9793a62
|
||||
cd luasocket
|
||||
make -j $NTASK
|
||||
mkdir /usr/local/lib/lua/socket
|
||||
cp src/*.lua /usr/local/lib/lua/socket
|
||||
cp src/*.so /usr/local/lib/lua/5.1/
|
||||
mv /usr/local/lib/lua/5.1/socket*.so /usr/local/lib/5.1/socket.so
|
||||
mv /usr/local/lib/lua/5.1/mime*.so /usr/local/lib/5.1/mime.so
|
||||
make CDIR_linux=lib/lua/5.1 LDIR_linux=lib/lua install
|
||||
cd /tmp
|
||||
git_secure_clone https://github.com/brunoos/luasec.git c6704919bdc85f3324340bdb35c2795a02f7d625
|
||||
cd luasec
|
||||
make linux -j $NTASK
|
||||
cp src/ssl.so /usr/local/lib/lua/5.1
|
||||
mkdir /usr/local/lib/lua/ssl
|
||||
cp src/*.lua /usr/local/lib/lua
|
||||
make LUACPATH=/usr/local/lib/lua/5.1 LUAPATH=/usr/local/lib/lua install
|
||||
cd /tmp
|
||||
git_secure_clone https://github.com/crowdsecurity/lua-cs-bouncer.git 71c4247d6b66234e3f3426b2ea721ad50c741579
|
||||
cd lua-cs-bouncer
|
||||
mkdir /usr/local/lib/lua/crowdsec
|
||||
cp lib/*.lua /usr/local/lib/lua/crowdsec
|
||||
cp template.conf /usr/local/lib/lua/crowdsec/crowdsec.conf
|
||||
sed -i 's/^API_URL=.*/API_URL=%CROWDSEC_HOST%/:' /usr/local/lib/lua/crowdsec/crowdsec.conf
|
||||
sed -i 's/^API_KEY=.*/API_KEY=%CROWDSEC_KEY%/:' /usr/local/lib/lua/crowdsec/crowdsec.conf
|
||||
sed -i 's/^API_URL=.*/API_URL=%CROWDSEC_HOST%/' /usr/local/lib/lua/crowdsec/crowdsec.conf
|
||||
sed -i 's/^API_KEY=.*/API_KEY=%CROWDSEC_KEY%/' /usr/local/lib/lua/crowdsec/crowdsec.conf
|
||||
sed -i 's/require "lrucache"/require "resty.lrucache"/' /usr/local/lib/lua/crowdsec/CrowdSec.lua
|
||||
sed -i 's/require "config"/require "crowdsec.config"/' /usr/local/lib/lua/crowdsec/CrowdSec.lua
|
||||
cd /tmp
|
||||
|
|
|
@ -291,8 +291,8 @@ fi
|
|||
# CrowdSec setup
|
||||
if [ "$(has_value USE_CROWDSEC yes)" != "" ] ; then
|
||||
replace_in_file "/etc/nginx/nginx.conf" "%USE_CROWDSEC%" "include /etc/nginx/crowdsec.conf;"
|
||||
replace_in_file "/usr/local/lib/lua/crowdsec/crowdsec.conf" "%CROWDSEC_HOST" "$CROWDSEC_HOST"
|
||||
replace_in_file "/usr/local/lib/lua/crowdsec/crowdsec.conf" "%CROWDSEC_KEY" "$CROWDSEC_KEY"
|
||||
replace_in_file "/usr/local/lib/lua/crowdsec/crowdsec.conf" "%CROWDSEC_HOST%" "$CROWDSEC_HOST"
|
||||
replace_in_file "/usr/local/lib/lua/crowdsec/crowdsec.conf" "%CROWDSEC_KEY%" "$CROWDSEC_KEY"
|
||||
else
|
||||
replace_in_file "/etc/nginx/nginx.conf" "%USE_CROWDSEC%" ""
|
||||
fi
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
#!/bin/sh
|
||||
|
||||
docker-compose exec mycrowdsec cscli bouncers add MyBouncer
|
|
@ -22,7 +22,7 @@ services:
|
|||
- USE_GZIP=yes
|
||||
- USE_BROTLI=yes
|
||||
- USE_CROWDSEC=yes
|
||||
- CROWDSEC_HOST=mycrowdsec
|
||||
- CROWDSEC_HOST=http://mycrowdsec:8080
|
||||
- CROWDSEC_KEY= # you need to generate it (see bouncer_key.sh)
|
||||
- app1.website.com_REMOTE_PHP=myapp1
|
||||
- app1.website.com_REMOTE_PHP_PATH=/app
|
||||
|
|
Loading…
Reference in New Issue