crowdsec/pkg/csconfig/crowdsec_service.go
mmetc 4acb4f8df3
cwhub: context type (#2631)
* add hub type "context"
* cscli lapi: log.Fatal -> fmt.Errorf; lint
* tests for context.yaml
* load console context from hub
* original & compiled context
* deprecate "cscli lapi context delete"
$ cscli lapi context delete
Command "delete" is deprecated, please manually edit the context file.
* cscli completion: add appsec-rules, appsec-configs, explain, hubtest
2023-12-07 16:20:13 +01:00

163 lines
4.9 KiB
Go

package csconfig
import (
"fmt"
"os"
"path/filepath"
log "github.com/sirupsen/logrus"
"gopkg.in/yaml.v2"
"github.com/crowdsecurity/go-cs-lib/ptr"
)
// CrowdsecServiceCfg contains the location of parsers/scenarios/... and acquisition files
type CrowdsecServiceCfg struct {
Enable *bool `yaml:"enable"`
AcquisitionFilePath string `yaml:"acquisition_path,omitempty"`
AcquisitionDirPath string `yaml:"acquisition_dir,omitempty"`
ConsoleContextPath string `yaml:"console_context_path"`
ConsoleContextValueLength int `yaml:"console_context_value_length"`
AcquisitionFiles []string `yaml:"-"`
ParserRoutinesCount int `yaml:"parser_routines"`
BucketsRoutinesCount int `yaml:"buckets_routines"`
OutputRoutinesCount int `yaml:"output_routines"`
SimulationConfig *SimulationConfig `yaml:"-"`
BucketStateFile string `yaml:"state_input_file,omitempty"` // if we need to unserialize buckets at start
BucketStateDumpDir string `yaml:"state_output_dir,omitempty"` // if we need to unserialize buckets on shutdown
BucketsGCEnabled bool `yaml:"-"` // we need to garbage collect buckets when in forensic mode
SimulationFilePath string `yaml:"-"`
ContextToSend map[string][]string `yaml:"-"`
}
func (c *Config) LoadCrowdsec() error {
var err error
if c.Crowdsec == nil {
log.Warning("crowdsec agent is disabled")
c.DisableAgent = true
return nil
}
if c.Crowdsec.Enable == nil {
// if the option is not present, it is enabled by default
c.Crowdsec.Enable = ptr.Of(true)
}
if !*c.Crowdsec.Enable {
log.Warning("crowdsec agent is disabled")
c.DisableAgent = true
return nil
}
if c.Crowdsec.AcquisitionFiles == nil {
c.Crowdsec.AcquisitionFiles = []string{}
}
if c.Crowdsec.AcquisitionFilePath != "" {
log.Debugf("non-empty acquisition_path %s", c.Crowdsec.AcquisitionFilePath)
if _, err = os.Stat(c.Crowdsec.AcquisitionFilePath); err != nil {
return fmt.Errorf("while checking acquisition_path: %w", err)
}
c.Crowdsec.AcquisitionFiles = append(c.Crowdsec.AcquisitionFiles, c.Crowdsec.AcquisitionFilePath)
}
if c.Crowdsec.AcquisitionDirPath != "" {
c.Crowdsec.AcquisitionDirPath, err = filepath.Abs(c.Crowdsec.AcquisitionDirPath)
if err != nil {
return fmt.Errorf("can't get absolute path of '%s': %w", c.Crowdsec.AcquisitionDirPath, err)
}
var files []string
files, err = filepath.Glob(c.Crowdsec.AcquisitionDirPath + "/*.yaml")
if err != nil {
return fmt.Errorf("while globbing acquis_dir: %w", err)
}
c.Crowdsec.AcquisitionFiles = append(c.Crowdsec.AcquisitionFiles, files...)
files, err = filepath.Glob(c.Crowdsec.AcquisitionDirPath + "/*.yml")
if err != nil {
return fmt.Errorf("while globbing acquis_dir: %w", err)
}
c.Crowdsec.AcquisitionFiles = append(c.Crowdsec.AcquisitionFiles, files...)
}
if c.Crowdsec.AcquisitionDirPath == "" && c.Crowdsec.AcquisitionFilePath == "" {
log.Warning("no acquisition_path or acquisition_dir specified")
}
if len(c.Crowdsec.AcquisitionFiles) == 0 {
log.Warning("no acquisition file found")
}
if err = c.LoadSimulation(); err != nil {
return fmt.Errorf("load error (simulation): %w", err)
}
if c.Crowdsec.ParserRoutinesCount <= 0 {
c.Crowdsec.ParserRoutinesCount = 1
}
if c.Crowdsec.BucketsRoutinesCount <= 0 {
c.Crowdsec.BucketsRoutinesCount = 1
}
if c.Crowdsec.OutputRoutinesCount <= 0 {
c.Crowdsec.OutputRoutinesCount = 1
}
crowdsecCleanup := []*string{
&c.Crowdsec.AcquisitionFilePath,
&c.Crowdsec.ConsoleContextPath,
}
for _, k := range crowdsecCleanup {
if *k == "" {
continue
}
*k, err = filepath.Abs(*k)
if err != nil {
return fmt.Errorf("failed to get absolute path of '%s': %w", *k, err)
}
}
// Convert relative paths to absolute paths
for i, file := range c.Crowdsec.AcquisitionFiles {
f, err := filepath.Abs(file)
if err != nil {
return fmt.Errorf("failed to get absolute path of '%s': %w", file, err)
}
c.Crowdsec.AcquisitionFiles[i] = f
}
if err = c.LoadAPIClient(); err != nil {
return fmt.Errorf("loading api client: %s", err)
}
return nil
}
func (c *CrowdsecServiceCfg) DumpContextConfigFile() error {
var out []byte
var err error
// XXX: MakeDirs
if out, err = yaml.Marshal(c.ContextToSend); err != nil {
return fmt.Errorf("while marshaling ConsoleConfig (for %s): %w", c.ConsoleContextPath, err)
}
if err = os.MkdirAll(filepath.Dir(c.ConsoleContextPath), 0700); err != nil {
return fmt.Errorf("while creating directories for %s: %w", c.ConsoleContextPath, err)
}
if err := os.WriteFile(c.ConsoleContextPath, out, 0600); err != nil {
return fmt.Errorf("while dumping console config to %s: %w", c.ConsoleContextPath, err)
}
log.Infof("%s file saved", c.ConsoleContextPath)
return nil
}