1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
#!/usr/bin/env bash
set -eu
script_name=$0
DB_BACKEND=$(echo "${script_name}" | cut -d- -f2)
export DB_BACKEND
die() {
echo >&2 "$@"
exit 1
}
MYSQL_HOST=${MYSQL_HOST:-127.0.0.1}
MYSQL_PORT=${MYSQL_PORT:-3306}
MYSQL_PASSWORD=${MYSQL_PASSWORD:-password}
MYSQL_USER=${MYSQL_USER:-root}
about() {
die "usage: ${script_name} [ config_yaml | setup | dump <backup_file> | restore <backup_file> ]"
}
check_requirements() {
if ! command -v mysql >/dev/null; then
die "missing required program 'mysql' as a mysql client (package mariadb-client-core-10.6 on debian like system)"
fi
}
silence_password_warning() {
( ( ( "$@" >&9 ) 2>&1 \
| grep -F -v "[Warning] Using a password on the command line interface can be insecure." ) >&2 ) 9>&1 || [[ $? == 1 ]]
}
exec_sql() {
cmd="${1?Missing required sql command}"
silence_password_warning \
mysql \
"--host=${MYSQL_HOST}" \
"--user=${MYSQL_USER}" \
"--port=${MYSQL_PORT}" \
"--password=${MYSQL_PASSWORD}" <<< "${cmd}"
}
setup() {
exec_sql "DROP DATABASE IF EXISTS crowdsec_test;"
exec_sql "CREATE DATABASE crowdsec_test;"
exec_sql "DROP USER IF EXISTS crowdsec_test;"
exec_sql "CREATE USER 'crowdsec_test' IDENTIFIED BY 'crowdsec_test';"
exec_sql "GRANT ALL PRIVILEGES ON crowdsec_test.* TO 'crowdsec_test';"
}
dump() {
backup_file="${1?Missing file to backup database to}"
args=(mysqldump)
if mysqldump --column-statistics 2>&1 | grep -q -v 'unknown option'; then
args+=("--column-statistics=0")
fi
args+=("--host=${MYSQL_HOST}" "--port=${MYSQL_PORT}" "--user=${MYSQL_USER}" "--password=${MYSQL_PASSWORD}" --databases crowdsec_test)
silence_password_warning "${args[@]}" > "${backup_file}"
}
restore() {
backup_file="${1?missing file to restore database from}"
[[ -f "${backup_file}" ]] || die "Backup file ${backup_file} doesn't exist"
silence_password_warning \
mysql \
"--host=${MYSQL_HOST}" \
"--user=${MYSQL_USER}" \
"--port=${MYSQL_PORT}" \
"--password=${MYSQL_PASSWORD}" < "${backup_file}"
exec_sql "DROP USER IF EXISTS 'crowdsec_test';"
exec_sql "CREATE USER 'crowdsec_test' IDENTIFIED BY 'crowdsec_test';"
exec_sql "GRANT ALL PRIVILEGES ON crowdsec_test.* TO 'crowdsec_test';"
}
config_yaml() {
MYSQL_PORT=${MYSQL_PORT} MYSQL_HOST=${MYSQL_HOST} yq e '
.db_config.type=strenv(DB_BACKEND)|
.db_config.user="crowdsec_test" |
.db_config.password="crowdsec_test" |
.db_config.db_name="crowdsec_test" |
.db_config.host=strenv(MYSQL_HOST) |
.db_config.port=env(MYSQL_PORT) |
del(.db_config.db_path)
' -i "${CONFIG_YAML}"
}
[[ $# -lt 1 ]] && about
check_requirements
case "$1" in
setup)
setup
;;
config-yaml)
config_yaml
;;
dump)
shift
dump "$@"
;;
restore)
shift
restore "$@"
;;
exec_sql)
shift
#
# This command is meant to run a query against the the crowdsec database.
# The exec_sql() function is more generic and is also used for database setup and backups.
#
# For this reason, we select the database here.
#
exec_sql "use crowdsec_test; $@"
;;
*)
about
;;
esac;
|
