1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
package main
import (
"fmt"
"io"
"os"
"time"
log "github.com/sirupsen/logrus"
"gopkg.in/natefinch/lumberjack.v2"
"gopkg.in/yaml.v2"
"github.com/crowdsecurity/crowdsec/pkg/types"
"github.com/crowdsecurity/crowdsec/pkg/yamlpatch"
)
type PrometheusConfig struct {
Enabled bool `yaml:"enabled"`
ListenAddress string `yaml:"listen_addr"`
ListenPort string `yaml:"listen_port"`
}
type bouncerConfig struct {
BinPath string `yaml:"bin_path"` // path to binary
PidDir string `yaml:"piddir"`
UpdateFrequency string `yaml:"update_frequency"`
IncludeScenariosContaining []string `yaml:"include_scenarios_containing"`
ExcludeScenariosContaining []string `yaml:"exclude_scenarios_containing"`
OnlyIncludeDecisionsFrom []string `yaml:"only_include_decisions_from"`
Daemon bool `yaml:"daemonize"`
LogMode string `yaml:"log_mode"`
LogDir string `yaml:"log_dir"`
LogLevel log.Level `yaml:"log_level"`
LogMaxSize int `yaml:"log_max_size,omitempty"`
LogMaxFiles int `yaml:"log_max_files,omitempty"`
LogMaxAge int `yaml:"log_max_age,omitempty"`
CompressLogs *bool `yaml:"compress_logs,omitempty"`
APIUrl string `yaml:"api_url"`
APIKey string `yaml:"api_key"`
CacheRetentionDuration time.Duration `yaml:"cache_retention_duration"`
FeedViaStdin bool `yaml:"feed_via_stdin"`
TotalRetries int `yaml:"total_retries"`
PrometheusConfig PrometheusConfig `yaml:"prometheus"`
}
// mergedConfig() returns the byte content of the patched configuration file (with .yaml.local).
func mergedConfig(configPath string) ([]byte, error) {
patcher := yamlpatch.NewPatcher(configPath, ".local")
data, err := patcher.MergedPatchContent()
if err != nil {
return nil, err
}
return data, nil
}
func newConfig(reader io.Reader) (*bouncerConfig, error) {
var LogOutput *lumberjack.Logger //io.Writer
config := &bouncerConfig{}
fcontent, err := io.ReadAll(reader)
if err != nil {
return &bouncerConfig{}, err
}
err = yaml.Unmarshal(fcontent, &config)
if err != nil {
return &bouncerConfig{}, fmt.Errorf("failed to unmarshal: %w", err)
}
if config.BinPath == "" {
return &bouncerConfig{}, fmt.Errorf("bin_path is not set")
}
if config.LogMode == "" {
return &bouncerConfig{}, fmt.Errorf("log_mode is not net")
}
_, err = os.Stat(config.BinPath)
if os.IsNotExist(err) {
return config, fmt.Errorf("binary '%s' doesn't exist", config.BinPath)
}
/*Configure logging*/
if err := types.SetDefaultLoggerConfig(config.LogMode, config.LogDir, config.LogLevel, config.LogMaxSize, config.LogMaxFiles, config.LogMaxAge, config.CompressLogs, false); err != nil {
log.Fatal(err.Error())
}
if config.LogMode == "file" {
if config.LogDir == "" {
config.LogDir = "/var/log/"
}
_maxsize := 500
if config.LogMaxSize != 0 {
_maxsize = config.LogMaxSize
}
_maxfiles := 3
if config.LogMaxFiles != 0 {
_maxfiles = config.LogMaxFiles
}
_maxage := 30
if config.LogMaxAge != 0 {
_maxage = config.LogMaxAge
}
_compress := true
if config.CompressLogs != nil {
_compress = *config.CompressLogs
}
LogOutput = &lumberjack.Logger{
Filename: config.LogDir + "/crowdsec-custom-bouncer.log",
MaxSize: _maxsize, //megabytes
MaxBackups: _maxfiles,
MaxAge: _maxage, //days
Compress: _compress, //disabled by default
}
log.SetOutput(LogOutput)
log.SetFormatter(&log.TextFormatter{TimestampFormat: "02-01-2006 15:04:05", FullTimestamp: true})
} else if config.LogMode != "stdout" {
return &bouncerConfig{}, fmt.Errorf("log mode '%s' unknown, expecting 'file' or 'stdout'", config.LogMode)
}
if config.CacheRetentionDuration == 0 {
log.Infof("cache_retention_duration defaults to 10 seconds")
config.CacheRetentionDuration = time.Duration(10 * time.Second)
}
return config, nil
}
|
