github.com/crowdsecurity/crowdsec@v1.6.1/debian/postinst (about) 1 #!/bin/bash 2 3 COLLECTIONS=false 4 set -e 5 6 # Source debconf library. 7 . /usr/share/debconf/confmodule 8 9 if [ "$1" = configure ]; then 10 if [[ ! -d /var/lib/crowdsec/data ]]; then 11 mkdir -p /var/lib/crowdsec/data 12 fi 13 14 if [[ -d /var/lib/crowdsec/backup ]]; then 15 cscli config restore /var/lib/crowdsec/backup/backup.config 16 rm -rf /var/lib/crowdsec/backup 17 /usr/bin/cscli hub update 18 /usr/bin/cscli hub upgrade 19 systemctl start crowdsec 20 fi 21 22 . /usr/share/crowdsec/wizard.sh -n 23 if ! [[ -f /etc/crowdsec/acquis.yaml ]]; then 24 echo Creating /etc/crowdsec/acquis.yaml 25 set +e 26 SILENT=true detect_services 27 SILENT=true TMP_ACQUIS_FILE_SKIP=skip genacquisition 28 set -e 29 COLLECTIONS=true 30 fi 31 32 if [[ -f /etc/crowdsec/local_api_credentials.yaml ]] ; then 33 chmod 600 /etc/crowdsec/local_api_credentials.yaml 34 fi 35 36 if [[ -f /etc/crowdsec/online_api_credentials.yaml ]]; then 37 chmod 600 /etc/crowdsec/online_api_credentials.yaml 38 fi 39 40 if [[ ! -f /etc/crowdsec/local_api_credentials.yaml ]] || [[ ! -f /etc/crowdsec/online_api_credentials.yaml ]]; then 41 if [[ ! -f /etc/crowdsec/local_api_credentials.yaml ]] ; then 42 install -m 600 /dev/null /etc/crowdsec/local_api_credentials.yaml 43 fi 44 if [[ ! -f /etc/crowdsec/online_api_credentials.yaml ]] ; then 45 install -m 600 /dev/null /etc/crowdsec/online_api_credentials.yaml 46 fi 47 48 db_input medium crowdsec/lapi || true 49 db_go || true 50 51 db_get crowdsec/lapi 52 LAPI=$RET 53 54 if [ "$LAPI" = true ]; then 55 db_input medium crowdsec/capi || true 56 db_go || true 57 58 db_get crowdsec/capi 59 CAPI=$RET 60 61 [ -s /etc/crowdsec/local_api_credentials.yaml ] || cscli machines add -a --force --error 62 63 if [ "$CAPI" = true ]; then 64 cscli capi register --error 65 fi 66 67 else 68 db_input medium crowdsec/lapi_host || true 69 db_go || true 70 71 db_get crowdsec/lapi_host 72 LAPI_HOST=$RET 73 sed -i "s/127.0.0.1:8080/$LAPI_HOST/g" /etc/crowdsec/config.yaml 74 fi 75 fi 76 77 echo Updating hub 78 /usr/bin/cscli hub update 79 if [ "$COLLECTIONS" = true ]; then 80 set +e 81 CSCLI_BIN_INSTALLED="/usr/bin/cscli" SILENT=true install_collection 82 set -e 83 fi 84 85 86 if [[ -f /var/lib/crowdsec/data/crowdsec.db.backup ]]; then 87 cp /var/lib/crowdsec/data/crowdsec.db.backup /var/lib/crowdsec/data/crowdsec.db 88 rm -f /var/lib/crowdsec/data/crowdsec.db.backup 89 fi 90 91 systemctl --quiet is-enabled crowdsec || systemctl unmask crowdsec && systemctl enable crowdsec 92 93 API=$(cscli config show --key "Config.API.Server") 94 if [ "$API" = "nil" ] ; then 95 LAPI=false 96 else 97 PORT=$(cscli config show --key "Config.API.Server.ListenURI"|cut -d ":" -f2) 98 fi 99 if [ "$LAPI" = false ] || [ -z "$(ss -nlt "sport = ${PORT}" | grep -v ^State)" ] ; then 100 systemctl start crowdsec 101 else 102 echo "Not attempting to start crowdsec, port ${PORT} is already used or lapi was disabled" 103 echo "This port is configured through /etc/crowdsec/config.yaml and /etc/crowdsec/local_api_credentials.yaml" 104 fi 105 106 echo "Get started with CrowdSec:" 107 echo " * Detailed guides are available in our documentation: https://docs.crowdsec.net" 108 echo " * Configuration items created by the community can be found at the Hub: https://hub.crowdsec.net" 109 echo " * Gain insights into your use of CrowdSec with the help of the console https://app.crowdsec.net" 110 111 112 fi 113 114 echo "You can always run the configuration again interactively by using '/usr/share/crowdsec/wizard.sh -c'"