0ct0pu5
/
crowdsec


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609
							package main

import (
	"fmt"

	"github.com/fatih/color"
	log "github.com/sirupsen/logrus"
	"github.com/spf13/cobra"

	"github.com/crowdsecurity/go-cs-lib/coalesce"

	"github.com/crowdsecurity/crowdsec/cmd/crowdsec-cli/require"
	"github.com/crowdsecurity/crowdsec/pkg/cwhub"
)

type cmdHelp struct {
	// Example is required, the others have a default value
	// generated from the item type
	use     string
	short   string
	long    string
	example string
}

type hubItemType struct {
	name        string // plural, as used in the hub index
	singular    string
	oneOrMore   string // parenthetical pluralizaion: "parser(s)"
	help        cmdHelp
	installHelp cmdHelp
	removeHelp  cmdHelp
	upgradeHelp cmdHelp
	inspectHelp cmdHelp
	listHelp    cmdHelp
}

var hubItemTypes = map[string]hubItemType{
	"parsers": {
		name:      cwhub.PARSERS,
		singular:  "parser",
		oneOrMore: "parser(s)",
		help: cmdHelp{
			example: `cscli parsers list -a
cscli parsers install crowdsecurity/caddy-logs crowdsecurity/sshd-logs
cscli parsers inspect crowdsecurity/caddy-logs crowdsecurity/sshd-logs
cscli parsers upgrade crowdsecurity/caddy-logs crowdsecurity/sshd-logs
cscli parsers remove crowdsecurity/caddy-logs crowdsecurity/sshd-logs
`,
		},
		installHelp: cmdHelp{
			example: `cscli parsers install crowdsecurity/caddy-logs crowdsecurity/sshd-logs`,
		},
		removeHelp: cmdHelp{
			example: `cscli parsers remove crowdsecurity/caddy-logs crowdsecurity/sshd-logs`,
		},
		upgradeHelp: cmdHelp{
			example: `cscli parsers upgrade crowdsecurity/caddy-logs crowdsecurity/sshd-logs`,
		},
		inspectHelp: cmdHelp{
			example: `cscli parsers inspect crowdsecurity/httpd-logs crowdsecurity/sshd-logs`,
		},
		listHelp: cmdHelp{
			example: `cscli parsers list
cscli parsers list -a
cscli parsers list crowdsecurity/caddy-logs crowdsecurity/sshd-logs

List only enabled parsers unless "-a" or names are specified.`,
		},
	},
	"postoverflows": {
		name:      cwhub.POSTOVERFLOWS,
		singular:  "postoverflow",
		oneOrMore: "postoverflow(s)",
		help: cmdHelp{
			example: `cscli postoverflows list -a
cscli postoverflows install crowdsecurity/cdn-whitelist crowdsecurity/rdns
cscli postoverflows inspect crowdsecurity/cdn-whitelist crowdsecurity/rdns
cscli postoverflows upgrade crowdsecurity/cdn-whitelist crowdsecurity/rdns
cscli postoverflows remove crowdsecurity/cdn-whitelist crowdsecurity/rdns
`,
		},
		installHelp: cmdHelp{
			example: `cscli postoverflows install crowdsecurity/cdn-whitelist crowdsecurity/rdns`,
		},
		removeHelp: cmdHelp{
			example: `cscli postoverflows remove crowdsecurity/cdn-whitelist crowdsecurity/rdns`,
		},
		upgradeHelp: cmdHelp{
			example: `cscli postoverflows upgrade crowdsecurity/cdn-whitelist crowdsecurity/rdns`,
		},
		inspectHelp: cmdHelp{
			example: `cscli postoverflows inspect crowdsecurity/cdn-whitelist crowdsecurity/rdns`,
		},
		listHelp: cmdHelp{
			example: `cscli postoverflows list
cscli postoverflows list -a
cscli postoverflows list crowdsecurity/cdn-whitelist crowdsecurity/rdns

List only enabled postoverflows unless "-a" or names are specified.`,
		},
	},
	"scenarios": {
		name:      cwhub.SCENARIOS,
		singular:  "scenario",
		oneOrMore: "scenario(s)",
		help: cmdHelp{
			example: `cscli scenarios list -a
cscli scenarios install crowdsecurity/ssh-bf crowdsecurity/http-probing
cscli scenarios inspect crowdsecurity/ssh-bf crowdsecurity/http-probing
cscli scenarios upgrade crowdsecurity/ssh-bf crowdsecurity/http-probing
cscli scenarios remove crowdsecurity/ssh-bf crowdsecurity/http-probing
`,
		},
		installHelp: cmdHelp{
			example: `cscli scenarios install crowdsecurity/ssh-bf crowdsecurity/http-probing`,
		},
		removeHelp: cmdHelp{
			example: `cscli scenarios remove crowdsecurity/ssh-bf crowdsecurity/http-probing`,
		},
		upgradeHelp: cmdHelp{
			example: `cscli scenarios upgrade crowdsecurity/ssh-bf crowdsecurity/http-probing`,
		},
		inspectHelp: cmdHelp{
			example: `cscli scenarios inspect crowdsecurity/ssh-bf crowdsecurity/http-probing`,
		},
		listHelp: cmdHelp{
			example: `cscli scenarios list
cscli scenarios list -a
cscli scenarios list crowdsecurity/ssh-bf crowdsecurity/http-probing

List only enabled scenarios unless "-a" or names are specified.`,
		},
	},
	"collections": {
		name:      cwhub.COLLECTIONS,
		singular:  "collection",
		oneOrMore: "collection(s)",
		help: cmdHelp{
			example: `cscli collections list -a
cscli collections install crowdsecurity/http-cve crowdsecurity/iptables
cscli collections inspect crowdsecurity/http-cve crowdsecurity/iptables
cscli collections upgrade crowdsecurity/http-cve crowdsecurity/iptables
cscli collections remove crowdsecurity/http-cve crowdsecurity/iptables
`,
		},
		installHelp: cmdHelp{
			example: `cscli collections install crowdsecurity/http-cve crowdsecurity/iptables`,
		},
		removeHelp: cmdHelp{
			example: `cscli collections remove crowdsecurity/http-cve crowdsecurity/iptables`,
		},
		upgradeHelp: cmdHelp{
			example: `cscli collections upgrade crowdsecurity/http-cve crowdsecurity/iptables`,
		},
		inspectHelp: cmdHelp{
			example: `cscli collections inspect crowdsecurity/http-cve crowdsecurity/iptables`,
		},
		listHelp: cmdHelp{
			example: `cscli collections list
cscli collections list -a
cscli collections list crowdsecurity/http-cve crowdsecurity/iptables

List only enabled collections unless "-a" or names are specified.`,
		},
	},
}

func NewItemsCmd(typeName string) *cobra.Command {
	it := hubItemTypes[typeName]

	cmd := &cobra.Command{
		Use:               coalesce.String(it.help.use, fmt.Sprintf("%s <action> [item]...", it.name)),
		Short:             coalesce.String(it.help.short, fmt.Sprintf("Manage hub %s", it.name)),
		Long:              it.help.long,
		Example:           it.help.example,
		Args:              cobra.MinimumNArgs(1),
		Aliases:           []string{it.singular},
		DisableAutoGenTag: true,
	}

	cmd.AddCommand(NewItemsInstallCmd(typeName))
	cmd.AddCommand(NewItemsRemoveCmd(typeName))
	cmd.AddCommand(NewItemsUpgradeCmd(typeName))
	cmd.AddCommand(NewItemsInspectCmd(typeName))
	cmd.AddCommand(NewItemsListCmd(typeName))

	return cmd
}

func itemsInstallRunner(it hubItemType) func(cmd *cobra.Command, args []string) error {
	run := func(cmd *cobra.Command, args []string) error {
		flags := cmd.Flags()

		downloadOnly, err := flags.GetBool("download-only")
		if err != nil {
			return err
		}

		force, err := flags.GetBool("force")
		if err != nil {
			return err
		}

		ignoreError, err := flags.GetBool("ignore")
		if err != nil {
			return err
		}

		hub, err := require.Hub(csConfig, require.RemoteHub(csConfig))
		if err != nil {
			return err
		}

		for _, name := range args {
			item := hub.GetItem(it.name, name)
			if item == nil {
				msg := suggestNearestMessage(hub, it.name, name)
				if !ignoreError {
					return fmt.Errorf(msg)
				}

				log.Errorf(msg)

				continue
			}

			if err := item.Install(force, downloadOnly); err != nil {
				if !ignoreError {
					return fmt.Errorf("error while installing '%s': %w", item.Name, err)
				}
				log.Errorf("Error while installing '%s': %s", item.Name, err)
			}
		}

		log.Infof(ReloadMessage())
		return nil
	}

	return run
}

func NewItemsInstallCmd(typeName string) *cobra.Command {
	it := hubItemTypes[typeName]

	cmd := &cobra.Command{
		Use:               coalesce.String(it.installHelp.use, "install [item]..."),
		Short:             coalesce.String(it.installHelp.short, fmt.Sprintf("Install given %s", it.oneOrMore)),
		Long:              coalesce.String(it.installHelp.long, fmt.Sprintf("Fetch and install one or more %s from the hub", it.name)),
		Example:           it.installHelp.example,
		Args:              cobra.MinimumNArgs(1),
		DisableAutoGenTag: true,
		ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
			return compAllItems(typeName, args, toComplete)
		},
		RunE: itemsInstallRunner(it),
	}

	flags := cmd.Flags()
	flags.BoolP("download-only", "d", false, "Only download packages, don't enable")
	flags.Bool("force", false, "Force install: overwrite tainted and outdated files")
	flags.Bool("ignore", false, fmt.Sprintf("Ignore errors when installing multiple %s", it.name))

	return cmd
}

// return the names of the installed parents of an item, used to check if we can remove it
func istalledParentNames(item *cwhub.Item) []string {
	ret := make([]string, 0)

	for _, parent := range item.Ancestors() {
		if parent.State.Installed {
			ret = append(ret, parent.Name)
		}
	}

	return ret
}

func itemsRemoveRunner(it hubItemType) func(cmd *cobra.Command, args []string) error {
	run := func(cmd *cobra.Command, args []string) error {
		flags := cmd.Flags()

		purge, err := flags.GetBool("purge")
		if err != nil {
			return err
		}

		force, err := flags.GetBool("force")
		if err != nil {
			return err
		}

		all, err := flags.GetBool("all")
		if err != nil {
			return err
		}

		hub, err := require.Hub(csConfig, nil)
		if err != nil {
			return err
		}

		if all {
			getter := hub.GetInstalledItems
			if purge {
				getter = hub.GetAllItems
			}

			items, err := getter(it.name)
			if err != nil {
				return err
			}

			removed := 0

			for _, item := range items {
				didRemove, err := item.Remove(purge, force)
				if err != nil {
					return err
				}
				if didRemove {
					log.Infof("Removed %s", item.Name)
					removed++
				}
			}

			log.Infof("Removed %d %s", removed, it.name)
			if removed > 0 {
				log.Infof(ReloadMessage())
			}

			return nil
		}

		if len(args) == 0 {
			return fmt.Errorf("specify at least one %s to remove or '--all'", it.singular)
		}

		removed := 0

		for _, itemName := range args {
			item := hub.GetItem(it.name, itemName)
			if item == nil {
				return fmt.Errorf("can't find '%s' in %s", itemName, it.name)
			}

			parents := istalledParentNames(item)

			if !force && len(parents) > 0 {
				log.Warningf("%s belongs to collections: %s", item.Name, parents)
				log.Warningf("Run 'sudo cscli %s remove %s --force' if you want to force remove this %s", item.Type, item.Name, it.singular)
				continue
			}

			didRemove, err := item.Remove(purge, force)
			if err != nil {
				return err
			}

			if didRemove {
				log.Infof("Removed %s", item.Name)
				removed++
			}
		}

		log.Infof("Removed %d %s", removed, it.name)
		if removed > 0 {
			log.Infof(ReloadMessage())
		}

		return nil
	}
	return run
}

func NewItemsRemoveCmd(typeName string) *cobra.Command {
	it := hubItemTypes[typeName]

	cmd := &cobra.Command{
		Use:               coalesce.String(it.removeHelp.use, "remove [item]..."),
		Short:             coalesce.String(it.removeHelp.short, fmt.Sprintf("Remove given %s", it.oneOrMore)),
		Long:              coalesce.String(it.removeHelp.long, fmt.Sprintf("Remove one or more %s", it.name)),
		Example:           it.removeHelp.example,
		Aliases:           []string{"delete"},
		DisableAutoGenTag: true,
		ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
			return compInstalledItems(it.name, args, toComplete)
		},
		RunE: itemsRemoveRunner(it),
	}

	flags := cmd.Flags()
	flags.Bool("purge", false, "Delete source file too")
	flags.Bool("force", false, "Force remove: remove tainted and outdated files")
	flags.Bool("all", false, fmt.Sprintf("Remove all the %s", it.name))

	return cmd
}

func itemsUpgradeRunner(it hubItemType) func(cmd *cobra.Command, args []string) error {
	run := func(cmd *cobra.Command, args []string) error {
		flags := cmd.Flags()

		force, err := flags.GetBool("force")
		if err != nil {
			return err
		}

		all, err := flags.GetBool("all")
		if err != nil {
			return err
		}

		hub, err := require.Hub(csConfig, require.RemoteHub(csConfig))
		if err != nil {
			return err
		}

		if all {
			items, err := hub.GetInstalledItems(it.name)
			if err != nil {
				return err
			}

			updated := 0

			for _, item := range items {
				didUpdate, err := item.Upgrade(force)
				if err != nil {
					return err
				}
				if didUpdate {
					updated++
				}
			}

			log.Infof("Updated %d %s", updated, it.name)

			if updated > 0 {
				log.Infof(ReloadMessage())
			}

			return nil
		}

		if len(args) == 0 {
			return fmt.Errorf("specify at least one %s to upgrade or '--all'", it.singular)
		}

		updated := 0

		for _, itemName := range args {
			item := hub.GetItem(it.name, itemName)
			if item == nil {
				return fmt.Errorf("can't find '%s' in %s", itemName, it.name)
			}

			didUpdate, err := item.Upgrade(force)
			if err != nil {
				return err
			}

			if didUpdate {
				log.Infof("Updated %s", item.Name)
				updated++
			}
		}
		if updated > 0 {
			log.Infof(ReloadMessage())
		}

		return nil
	}

	return run
}

func NewItemsUpgradeCmd(typeName string) *cobra.Command {
	it := hubItemTypes[typeName]

	cmd := &cobra.Command{
		Use:               coalesce.String(it.upgradeHelp.use, "upgrade [item]..."),
		Short:             coalesce.String(it.upgradeHelp.short, fmt.Sprintf("Upgrade given %s", it.oneOrMore)),
		Long:              coalesce.String(it.upgradeHelp.long, fmt.Sprintf("Fetch and upgrade one or more %s from the hub", it.name)),
		Example:           it.upgradeHelp.example,
		DisableAutoGenTag: true,
		ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
			return compInstalledItems(it.name, args, toComplete)
		},
		RunE: itemsUpgradeRunner(it),
	}

	flags := cmd.Flags()
	flags.BoolP("all", "a", false, fmt.Sprintf("Upgrade all the %s", it.name))
	flags.Bool("force", false, "Force upgrade: overwrite tainted and outdated files")

	return cmd
}

func itemsInspectRunner(it hubItemType) func(cmd *cobra.Command, args []string) error {
	run := func(cmd *cobra.Command, args []string) error {
		flags := cmd.Flags()

		url, err := flags.GetString("url")
		if err != nil {
			return err
		}

		if url != "" {
			csConfig.Cscli.PrometheusUrl = url
		}

		noMetrics, err := flags.GetBool("no-metrics")
		if err != nil {
			return err
		}

		hub, err := require.Hub(csConfig, nil)
		if err != nil {
			return err
		}

		for _, name := range args {
			item := hub.GetItem(it.name, name)
			if item == nil {
				return fmt.Errorf("can't find '%s' in %s", name, it.name)
			}
			if err = InspectItem(item, !noMetrics); err != nil {
				return err
			}
		}

		return nil
	}

	return run
}

func NewItemsInspectCmd(typeName string) *cobra.Command {
	it := hubItemTypes[typeName]

	cmd := &cobra.Command{
		Use:               coalesce.String(it.inspectHelp.use, "inspect [item]..."),
		Short:             coalesce.String(it.inspectHelp.short, fmt.Sprintf("Inspect given %s", it.oneOrMore)),
		Long:              coalesce.String(it.inspectHelp.long, fmt.Sprintf("Inspect the state of one or more %s", it.name)),
		Example:           it.inspectHelp.example,
		Args:              cobra.MinimumNArgs(1),
		DisableAutoGenTag: true,
		ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
			return compInstalledItems(it.name, args, toComplete)
		},
		RunE: itemsInspectRunner(it),
	}

	flags := cmd.Flags()
	flags.StringP("url", "u", "", "Prometheus url")
	flags.Bool("no-metrics", false, "Don't show metrics (when cscli.output=human)")

	return cmd
}

func itemsListRunner(it hubItemType) func(cmd *cobra.Command, args []string) error {
	run := func(cmd *cobra.Command, args []string) error {
		flags := cmd.Flags()

		all, err := flags.GetBool("all")
		if err != nil {
			return err
		}

		hub, err := require.Hub(csConfig, nil)
		if err != nil {
			return err
		}

		items := make(map[string][]*cwhub.Item)

		items[it.name], err = selectItems(hub, it.name, args, !all)
		if err != nil {
			return err
		}

		if err = listItems(color.Output, []string{it.name}, items, false); err != nil {
			return err
		}

		return nil
	}

	return run
}

func NewItemsListCmd(typeName string) *cobra.Command {
	it := hubItemTypes[typeName]

	cmd := &cobra.Command{
		Use:               coalesce.String(it.listHelp.use, "list [item... | -a]"),
		Short:             coalesce.String(it.listHelp.short, fmt.Sprintf("List %s", it.oneOrMore)),
		Long:              coalesce.String(it.listHelp.long, fmt.Sprintf("List of installed/available/specified %s", it.name)),
		Example:           it.listHelp.example,
		DisableAutoGenTag: true,
		RunE:              itemsListRunner(it),
	}

	flags := cmd.Flags()
	flags.BoolP("all", "a", false, "List disabled items as well")

	return cmd
}