Merge pull request crowdsecurity#13 from sbs2001/debian

Add debian packaging for the bouncer

Author: AlteredCoder

.github/workflows/build-binary-package.yml

@@ -22,6 +22,6 @@ jobs:
     - name: Upload to release
       uses: JasonEtco/upload-to-release@master
       with:
-        args: cs-custom-bouncer.tgz application/x-gzip
+        args: crowdsec-custom-bouncer.tgz application/x-gzip
       env:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Makefile

@@ -8,20 +8,20 @@ GOGET=$(GOCMD) get
 
 PREFIX?="/"
 PID_DIR = $(PREFIX)"/var/run/"
-BINARY_NAME=cs-custom-bouncer
+BINARY_NAME=crowdsec-custom-bouncer
 
 
 #Current versioning information from env
 BUILD_VERSION?="$(shell git describe --tags `git rev-list --tags --max-count=1`)"
 BUILD_GOVERSION="$(shell go version | cut -d " " -f3 | sed -r 's/[go]+//g')"
 BUILD_TIMESTAMP=$(shell date +%F"_"%T)
 BUILD_TAG="$(shell git rev-parse HEAD)"
-export LD_OPTS=-ldflags "-s -w -X github.com/crowdsecurity/cs-custom-bouncer/pkg/version.Version=$(BUILD_VERSION) \
--X github.com/crowdsecurity/cs-custom-bouncer/pkg/version.BuildDate=$(BUILD_TIMESTAMP) \
--X github.com/crowdsecurity/cs-custom-bouncer/pkg/version.Tag=$(BUILD_TAG) \
--X github.com/crowdsecurity/cs-custom-bouncer/pkg/version.GoVersion=$(BUILD_GOVERSION)"
+export LD_OPTS=-ldflags "-s -w -X github.com/crowdsecurity/crowdsec-custom-bouncer/pkg/version.Version=$(BUILD_VERSION) \
+-X github.com/crowdsecurity/crowdsec-custom-bouncer/pkg/version.BuildDate=$(BUILD_TIMESTAMP) \
+-X github.com/crowdsecurity/crowdsec-custom-bouncer/pkg/version.Tag=$(BUILD_TAG) \
+-X github.com/crowdsecurity/crowdsec-custom-bouncer/pkg/version.GoVersion=$(BUILD_GOVERSION)"
 
-RELDIR = "cs-custom-bouncer-${BUILD_VERSION}"
+RELDIR = "crowdsec-custom-bouncer-${BUILD_VERSION}"
 
 
 all: clean test build
@@ -38,7 +38,7 @@ test:
 clean:
 	@rm -f $(BINARY_NAME)
 	@rm -rf ${RELDIR}
-	@rm -f cs-custom-bouncer.tgz || ""
+	@rm -f crowdsec-custom-bouncer.tgz || ""
 
 
 .PHONY: release
@@ -55,5 +55,5 @@ release: build
 	@chmod +x $(RELDIR)/install.sh
 	@chmod +x $(RELDIR)/uninstall.sh
 	@chmod +x $(RELDIR)/upgrade.sh
-	@tar cvzf cs-custom-bouncer.tgz $(RELDIR)
+	@tar cvzf crowdsec-custom-bouncer.tgz $(RELDIR)
 

README.md

@@ -1,5 +1,5 @@
 <p align="center">
-<img src="https://github.com/crowdsecurity/cs-custom-bouncer/raw/main/docs/assets/crowdsec_custom_logo.png" alt="CrowdSec" title="CrowdSec" width="280" height="300" />
+<img src="https://github.com/crowdsecurity/crowdsec-custom-bouncer/raw/main/docs/assets/crowdsec_custom_logo.png" alt="CrowdSec" title="CrowdSec" width="280" height="300" />
 </p>
 <p align="center">
 <img src="https://img.shields.io/badge/build-pass-green">
@@ -12,19 +12,19 @@
 </p>
 
 
-# cs-custom-bouncer
+# crowdsec-custom-bouncer
 Crowdsec bouncer written in golang for custom scripts.
 
-cs-custom-bouncer will periodically fetch new and expired/removed decisions from CrowdSec Local API and will pass them as arguments to a custom user script.
+crowdsec-custom-bouncer will periodically fetch new and expired/removed decisions from CrowdSec Local API and will pass them as arguments to a custom user script.
 
 ## Installation
 
 ### With installer
 
-First, download the latest [`cs-custom-bouncer` release](https://github.com/crowdsecurity/cs-custom-bouncer/releases).
+First, download the latest [`crowdsec-custom-bouncer` release](https://github.com/crowdsecurity/crowdsec-custom-bouncer/releases).
 
 ```sh
-$ tar xzvf cs-custom-bouncer.tgz
+$ tar xzvf crowdsec-custom-bouncer.tgz
 $ sudo ./install.sh
 ```
 
@@ -33,28 +33,28 @@ $ sudo ./install.sh
 Run the following commands:
 
 ```bash
-git clone https://github.com/crowdsecurity/cs-custom-bouncer.git
-cd cs-custom-bouncer/
+git clone https://github.com/crowdsecurity/crowdsec-custom-bouncer.git
+cd crowdsec-custom-bouncer/
 make release
-tar xzvf cs-custom-bouncer.tgz
-cd cs-custom-bouncer-v*/
+tar xzvf crowdsec-custom-bouncer.tgz
+cd crowdsec-custom-bouncer-v*/
 sudo ./install.sh
 ```
 
 ### Start
 
 If your bouncer runs on the same machine as your crowdsec local API, you can start the service directly since the `install.sh` took care of the configuration.
 ```sh
-sudo systemctl start cs-custom-bouncer
+sudo systemctl start crowdsec-custom-bouncer
 ```
 
 ## Upgrade
 
-If you already have `cs-custom-bouncer` installed, please download the [latest release](https://github.com/crowdsecurity/cs-custom-bouncer/releases) and run the following commands to upgrade it:
+If you already have `crowdsec-custom-bouncer` installed, please download the [latest release](https://github.com/crowdsecurity/crowdsec-custom-bouncer/releases) and run the following commands to upgrade it:
 
 ```bash
-tar xzvf cs-custom-bouncer.tgz
-cd cs-custom-bouncer-v*/
+tar xzvf crowdsec-custom-bouncer.tgz
+cd crowdsec-custom-bouncer-v*/
 sudo ./upgrade.sh
 ```
 
@@ -83,11 +83,11 @@ custom_binary.sh del 1.2.3.4/32 3600 "test blacklist"
 
 ## Configuration
 
-Before starting the `cs-custom-bouncer` service, please edit the configuration to add your API url and key.
-The default configuration file is located under : `/etc/crowdsec/cs-custom-bouncer/`
+Before starting the `crowdsec-custom-bouncer` service, please edit the configuration to add your API url and key.
+The default configuration file is located under : `/etc/crowdsec/crowdsec-custom-bouncer/`
 
 ```sh
-$ vim /etc/crowdsec/custom-bouncer/cs-custom-bouncer.yaml
+$ vim /etc/crowdsec/custom-bouncer/crowdsec-custom-bouncer.yaml
 ```
 
 ```yaml
@@ -105,5 +105,5 @@ api_key: <API_KEY>  # Add your API key generated with `cscli bouncers add --name
 You can then start the service:
 
 ```sh
-sudo systemctl start cs-custom-bouncer
+sudo systemctl start crowdsec-custom-bouncer
 ```

config.go

@@ -59,7 +59,7 @@ func NewConfig(configPath string) (*bouncerConfig, error) {
 			config.LogDir = "/var/log/"
 		}
 		LogOutput = &lumberjack.Logger{
-			Filename:   config.LogDir + "/cs-custom-bouncer.log",
+			Filename:   config.LogDir + "/crowdsec-custom-bouncer.log",
 			MaxSize:    500, //megabytes
 			MaxBackups: 3,
 			MaxAge:     28,   //days

config/cs-custom-bouncer.service config/crowdsec-custom-bouncer.service

@@ -5,7 +5,7 @@ After=syslog.target network.target remote-fs.target nss-lookup.target crowdsec.s
 
 [Service]
 Type=notify
-ExecStart=${BIN} -c ${CFG}/cs-custom-bouncer.yaml
+ExecStart=${BIN} -c ${CFG}/crowdsec-custom-bouncer.yaml
 ExecStartPost=/bin/sleep 0.1
 
 [Install]

config/cs-custom-bouncer.yaml config/crowdsec-custom-bouncer.yaml

@@ -0,0 +1,5 @@
+crowdsec-custom-bouncer (1.0.0) UNRELEASED; urgency=medium
+
+  * Initial debian packaging
+  
+-- Shivam Sandbhor <[email protected]>  Mon Jun 28 10:52:32 2021 +0530

debian/changelog

@@ -0,0 +1 @@
+11

debian/compat

@@ -0,0 +1,11 @@
+Source: crowdsec-custom-bouncer
+Maintainer: Crowdsec Team <[email protected]>
+Build-Depends: debhelper, bash
+
+Package: crowdsec-custom-bouncer
+Provides: crowdsec-custom-bouncer
+Description: Custom bouncer for Crowdsec
+Architecture: any
+
+
+

debian/control

@@ -0,0 +1,33 @@
+
+systemctl daemon-reload
+
+
+START=0
+
+dpkg -l crowdsec | grep -q ^ii >/dev/null
+
+if [ "$?" -eq "0" ] ; then
+    START=1
+    echo "cscli/crowdsec is present, generating API key"
+    unique=`date +%s`
+    API_KEY=`cscli -oraw bouncers add CustomBouncer-${unique}`
+    if [ $? -eq 1 ] ; then
+        echo "failed to create API token, service won't be started."
+        START=0
+        API_KEY="<API_KEY>"
+    else
+        echo "API Key : ${API_KEY}"
+    fi
+fi
+
+
+TMP=`mktemp -p /tmp/`
+cp /etc/crowdsec/crowdsec-custom-bouncer/crowdsec-custom-bouncer.yaml ${TMP}
+API_KEY=${API_KEY} envsubst < ${TMP} > /etc/crowdsec/crowdsec-custom-bouncer/crowdsec-custom-bouncer.yaml
+rm ${TMP}
+
+if [ ${START} -eq 0 ] ; then
+    echo "no api key was generated"
+fi
+
+echo "please enter the binary path in '/etc/crowdsec/crowdsec-custom-bouncer/crowdsec-custom-bouncer.yaml' and start the bouncer via 'sudo systemctl start crowdsec-custom-bouncer' "

debian/postinst

@@ -0,0 +1,2 @@
+systemctl stop crowdsec-custom-bouncer || echo "cannot stop service"
+systemctl disable crowdsec-custom-bouncer || echo "cannot disable service"

debian/prerm

@@ -0,0 +1,23 @@
+#!/usr/bin/make -f
+
+export DEB_VERSION=$(shell dpkg-parsechangelog | egrep '^Version:' | cut -f 2 -d ' ')
+export BUILD_VERSION=v${DEB_VERSION}-debian-pragmatic
+export GO111MODULE=on
+
+
+%:
+	dh $@
+
+override_dh_systemd_start:
+	echo "Not running dh_systemd_start"
+override_dh_auto_clean:
+override_dh_auto_test:
+override_dh_auto_build:
+override_dh_auto_install:
+	make
+	mkdir -p debian/crowdsec-custom-bouncer/usr/sbin
+	cp crowdsec-custom-bouncer  debian/crowdsec-custom-bouncer/usr/sbin
+	mkdir -p debian/crowdsec-custom-bouncer/etc/systemd/system/
+	mkdir -p debian/crowdsec-custom-bouncer/etc/crowdsec/crowdsec-custom-bouncer/
+	BIN=/sbin/crowdsec-custom-bouncer CFG=/etc/crowdsec/crowdsec-custom-bouncer envsubst < config/crowdsec-custom-bouncer.service >  debian/crowdsec-custom-bouncer/etc/systemd/system/crowdsec-custom-bouncer.service
+	cp config/crowdsec-custom-bouncer.yaml debian/crowdsec-custom-bouncer/etc/crowdsec/crowdsec-custom-bouncer/

debian/rules

@@ -1,4 +1,4 @@
-module github.com/crowdsecurity/cs-custom-bouncer
+module github.com/crowdsecurity/crowdsec-custom-bouncer
 
 go 1.14
 

go.mod

@@ -11,13 +11,13 @@ import (
 	"github.com/coreos/go-systemd/daemon"
 	log "github.com/sirupsen/logrus"
 
-	"github.com/crowdsecurity/cs-custom-bouncer/pkg/version"
+	"github.com/crowdsecurity/crowdsec-custom-bouncer/pkg/version"
 	csbouncer "github.com/crowdsecurity/go-cs-bouncer"
 	"gopkg.in/tomb.v2"
 )
 
 const (
-	name = "cs-custom-bouncer"
+	name = "crowdsec-custom-bouncer"
 )
 
 var t tomb.Tomb
@@ -56,8 +56,8 @@ func HandleSignals(custom *customBouncer) {
 
 func main() {
 	var err error
-	log.Infof("cs-custom-bouncer %s", version.VersionStr())
-	configPath := flag.String("c", "", "path to cs-custom-bouncer.yaml")
+	log.Infof("crowdsec-custom-bouncer %s", version.VersionStr())
+	configPath := flag.String("c", "", "path to crowdsec-custom-bouncer.yaml")
 	verbose := flag.Bool("v", false, "set verbose mode")
 
 	flag.Parse()

main.go

@@ -1,9 +1,9 @@
 #!/usr/bin/env bash
-BIN_PATH_INSTALLED="/usr/local/bin/cs-custom-bouncer"
-BIN_PATH="./cs-custom-bouncer"
-CONFIG_DIR="/etc/crowdsec/cs-custom-bouncer/"
+BIN_PATH_INSTALLED="/usr/local/bin/crowdsec-custom-bouncer"
+BIN_PATH="./crowdsec-custom-bouncer"
+CONFIG_DIR="/etc/crowdsec/crowdsec-custom-bouncer/"
 PID_DIR="/var/run/crowdsec/"
-SYSTEMD_PATH_FILE="/etc/systemd/system/cs-custom-bouncer.service"
+SYSTEMD_PATH_FILE="/etc/systemd/system/crowdsec-custom-bouncer.service"
 API_KEY=""
 BINARY_PATH=""
 
@@ -12,7 +12,7 @@ gen_apikey() {
     if [[ $? == 0 ]]; then 
         echo "cscli found, generating bouncer api key."
         SUFFIX=`tr -dc A-Za-z0-9 </dev/urandom | head -c 8`
-        API_KEY=`cscli bouncers add cs-custom-bouncer-${SUFFIX} -o raw`
+        API_KEY=`cscli bouncers add crowdsec-custom-bouncer-${SUFFIX} -o raw`
         READY="yes"
     else 
         echo "cscli not found, you will need to generate api key."
@@ -31,36 +31,36 @@ gen_binary_path() {
 install_custom_bouncer() {
 	install -v -m 755 -D "${BIN_PATH}" "${BIN_PATH_INSTALLED}"
 	mkdir -p "${CONFIG_DIR}"
-	cp "./config/cs-custom-bouncer.yaml" "${CONFIG_DIR}cs-custom-bouncer.yaml"
-	CFG=${CONFIG_DIR} PID=${PID_DIR} BIN=${BIN_PATH_INSTALLED} envsubst < ./config/cs-custom-bouncer.service > "${SYSTEMD_PATH_FILE}"
+	cp "./config/crowdsec-custom-bouncer.yaml" "${CONFIG_DIR}crowdsec-custom-bouncer.yaml"
+	CFG=${CONFIG_DIR} PID=${PID_DIR} BIN=${BIN_PATH_INSTALLED} envsubst < ./config/crowdsec-custom-bouncer.service > "${SYSTEMD_PATH_FILE}"
 	systemctl daemon-reload
 }
 
 gen_config_file() {
-    API_KEY=${API_KEY} BINARY_PATH=${BINARY_PATH} envsubst < ./config/cs-custom-bouncer.yaml > "${CONFIG_DIR}cs-custom-bouncer.yaml"
+    API_KEY=${API_KEY} BINARY_PATH=${BINARY_PATH} envsubst < ./config/crowdsec-custom-bouncer.yaml > "${CONFIG_DIR}crowdsec-custom-bouncer.yaml"
 }
 
 
 if ! [ $(id -u) = 0 ]; then
     echo "Please run the install script as root or with sudo"
     exit 1
 fi
-echo "Installing cs-custom-bouncer"
+echo "Installing crowdsec-custom-bouncer"
 install_custom_bouncer
 gen_apikey
 gen_binary_path
 gen_config_file
-systemctl enable cs-custom-bouncer.service
+systemctl enable crowdsec-custom-bouncer.service
 if ! [ -f "$BINARY_PATH" ]; then
-    echo "$BINARY_PATH doesn't exist, can't start cs-custom-bouncer service."
-    echo "Please edit ${CONFIG_DIR}cs-custom-bouncer.yaml with a real binary path and run 'sudo systemctl start cs-custom-bouncer'."
+    echo "$BINARY_PATH doesn't exist, can't start crowdsec-custom-bouncer service."
+    echo "Please edit ${CONFIG_DIR}crowdsec-custom-bouncer.yaml with a real binary path and run 'sudo systemctl start crowdsec-custom-bouncer'."
     exit 1
 fi
 
 if [ "$READY" = "yes" ]; then
-    systemctl start cs-custom-bouncer.service
+    systemctl start crowdsec-custom-bouncer.service
 else
-    echo "service not started. You need to get an API key and configure it in ${CONFIG_DIR}cs-custom-bouncer.yaml and then run systemctl start cs-custom-bouncer.service"
+    echo "service not started. You need to get an API key and configure it in ${CONFIG_DIR}crowdsec-custom-bouncer.yaml and then run systemctl start crowdsec-custom-bouncer.service"
 fi
 
-echo "cs-custom-bouncer service has been installed!"
+echo "crowdsec-custom-bouncer service has been installed!"

scripts/install.sh

@@ -1,12 +1,12 @@
 #!/usr/bin/env bash
 
-SYSTEMD_PATH_FILE="/etc/systemd/system/cs-custom-bouncer.service"
-LOG_FILE="/var/log/cs-custom-bouncer.log"
-CONFIG_DIR="/etc/crowdsec/cs-custom-bouncer/"
-BIN_PATH_INSTALLED="/usr/local/bin/cs-custom-bouncer"
+SYSTEMD_PATH_FILE="/etc/systemd/system/crowdsec-custom-bouncer.service"
+LOG_FILE="/var/log/crowdsec-custom-bouncer.log"
+CONFIG_DIR="/etc/crowdsec/crowdsec-custom-bouncer/"
+BIN_PATH_INSTALLED="/usr/local/bin/crowdsec-custom-bouncer"
 
 uninstall() {
-	systemctl stop cs-custom-bouncer
+	systemctl stop crowdsec-custom-bouncer
 	rm -rf "${CONFIG_DIR}"
 	rm -f "${SYSTEMD_PATH_FILE}"
 	rm -f "${BIN_PATH_INSTALLED}"
@@ -15,4 +15,4 @@ uninstall() {
 
 uninstall
 
-echo "cs-custom-bouncer uninstall successfully"
+echo "crowdsec-custom-bouncer uninstall successfully"

scripts/uninstall.sh

@@ -1,10 +1,10 @@
 #!/usr/bin/env bash
-BIN_PATH_INSTALLED="/usr/local/bin/cs-custom-bouncer"
-BIN_PATH="./cs-custom-bouncer"
+BIN_PATH_INSTALLED="/usr/local/bin/crowdsec-custom-bouncer"
+BIN_PATH="./crowdsec-custom-bouncer"
 
 
 upgrade_bin() {
-    rm "${BIN_PATH_INSTALLED}" || (echo "cs-custom-bouncer is not installed, exiting." && exit 1)
+    rm "${BIN_PATH_INSTALLED}" || (echo "crowdsec-custom-bouncer is not installed, exiting." && exit 1)
     install -v -m 755 -D "${BIN_PATH}" "${BIN_PATH_INSTALLED}"
 }
 
@@ -14,7 +14,7 @@ if ! [ $(id -u) = 0 ]; then
     exit 1
 fi
 
-systemctl stop cs-custom-bouncer
+systemctl stop crowdsec-custom-bouncer
 upgrade_bin
-systemctl start cs-custom-bouncer
-echo "cs-custom-bouncer upgraded successfully."
+systemctl start crowdsec-custom-bouncer
+echo "crowdsec-custom-bouncer upgraded successfully."