|
#!/bin/sh
|
|
API_KEY=""
|
|
CONFIG=/etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml
|
|
## Gen&ConfigApiKey
|
|
if grep -q "${API_KEY}" "$CONFIG"; then
|
|
echo API key already registered...
|
|
else
|
|
SUFFIX=`tr -dc A-Za-z0-9 </dev/urandom | head -c 8`
|
|
API_KEY=`/usr/bin/cscli bouncers add cs-firewall-bouncer-${SUFFIX} -o raw`
|
|
sed -i "s,^\(\s*api_key\s*:\s*\).*\$,\1$API_KEY," $CONFIG
|
|
fi
|
|
|
|
# unfortunately, UCI doesn't provide a nice way to add an anonymous section only if it doesn't already exist
|
|
if ! uci show firewall | grep -q firewall.cs; then
|
|
name="$(uci add firewall include)"
|
|
uci set "firewall.${name}.path=/etc/firewall.cs"
|
|
uci set "firewall.${name}.enabled=1"
|
|
uci set "firewall.${name}.reload=1"
|
|
echo -e "Adding the following UCI config:\n $(uci changes)"
|
|
uci commit
|
|
fi
|
|
|
|
exit 0
|