From 654bc2ce393b54997deb9babc9ccbc4752ec048c Mon Sep 17 00:00:00 2001
From: blotus <sebastien@crowdsec.net>
Date: Thu, 22 Feb 2024 15:03:56 +0100
Subject: [PATCH] allow to only set APPSEC_URL (#65)

---
 lib/crowdsec.lua                | 21 +++++++++++++++++++++
 lib/plugins/crowdsec/config.lua |  1 +
 2 files changed, 22 insertions(+)

diff --git a/lib/crowdsec.lua b/lib/crowdsec.lua
index 30808ea..f3f678f 100644
--- a/lib/crowdsec.lua
+++ b/lib/crowdsec.lua
@@ -118,6 +118,14 @@ function csmod.init(configFile, userAgent)
     end
   end
 
+  if runtime.conf["API_URL"] == "" and  runtime.conf["APPSEC_URL"] == "" then
+    ngx.log(ngx.ERR, "Neither API_URL or APPSEC_URL are defined, remediation component will not do anything")
+  end
+
+  if runtime.conf["API_URL"] == "" and  runtime.conf["APPSEC_URL"] ~= "" then
+    ngx.log(ngx.ERR, "Only APPSEC_URL is defined, local API decisions will be ignored")
+  end
+
 
 
   return true, nil
@@ -228,6 +236,9 @@ local function stream_query(premature)
   -- As this function is running inside coroutine (with ngx.timer.at),
   -- we need to raise error instead of returning them
 
+  if runtime.conf["API_URL"] == "" then
+    return
+  end
 
   ngx.log(ngx.DEBUG, "running timers: " .. tostring(ngx.timer.running_count()) .. " | pending timers: " .. tostring(ngx.timer.pending_count()))
 
@@ -360,6 +371,9 @@ local function stream_query(premature)
 end
 
 local function live_query(ip)
+  if runtime.conf["API_URL"] == "" then
+    return true, nil, nil
+  end
   local link = runtime.conf["API_URL"] .. "/v1/decisions?ip=" .. ip
   local res, err = get_remediation_http_request(link)
   if not res then
@@ -439,6 +453,9 @@ end
 
 function csmod.SetupStream()
   -- if it stream mode and startup start timer
+  if runtime.conf["API_URL"] == "" then
+    return
+  end
   ngx.log(ngx.DEBUG, "timer started: " .. tostring(runtime.timer_started) .. " in worker " .. tostring(ngx.worker.id()))
   if runtime.timer_started == false and runtime.conf["MODE"] == "stream" then
     local ok, err
@@ -456,6 +473,10 @@ function csmod.allowIp(ip)
     return true, nil, "Configuration is bad, cannot run properly"
   end
 
+  if runtime.conf["API_URL"] == "" then
+    return true, nil, nil
+  end
+
   csmod.SetupStream()
 
   local key = item_to_string(ip, "ip")
diff --git a/lib/plugins/crowdsec/config.lua b/lib/plugins/crowdsec/config.lua
index d030e9e..11cb32f 100644
--- a/lib/plugins/crowdsec/config.lua
+++ b/lib/plugins/crowdsec/config.lua
@@ -45,6 +45,7 @@ function config.loadConfig(file)
     local valid_truefalse_values = {'false', 'true'}
     local default_values = {
         ['ENABLED'] = "true",
+        ['API_URL'] = "",
         ['REQUEST_TIMEOUT'] = 500,
         ['STREAM_REQUEST_TIMEOUT'] = 15000,
         ['BOUNCING_ON_TYPE'] = "ban",