Merge pull request #27 from LePresidente/main

Add ability to enabled/disable bouncer from config.
2022-03-08 12:58:04 +01:00 · 2022-03-08 12:58:04 +01:00 · e0d9cb1c10
commit e0d9cb1c10
parent 445164e43b a7d712f65d
3 changed files with 19 additions and 1 deletions
--- a/config_example.conf
+++ b/config_example.conf
@ -1,3 +1,4 @@
+ENABLED=true
 API_URL=${CROWDSEC_LAPI_URL}
 API_KEY=${API_KEY}
 CACHE_EXPIRATION=1
--- a/lib/crowdsec.lua
+++ b/lib/crowdsec.lua
@ -32,6 +32,9 @@ function csmod.init(configFile, userAgent)
  runtime.cache = ngx.shared.crowdsec_cache
  runtime.fallback = runtime.conf["FALLBACK_REMEDIATION"]

+  if runtime.conf["ENABLED"] == "false" then
+    return "Disabled", nil
+  end

  if runtime.conf["REDIRECT_LOCATION"] == "/" then
    ngx.log(ngx.ERR, "redirect location is set to '/' this will lead into infinite redirection")
@ -384,6 +387,11 @@ function csmod.allowIp(ip)
 end

 function csmod.Allow(ip)
+  
+  if runtime.conf["ENABLED"] == "false" then
+    return "Disabled", nil
+  end
+
  if utils.table_len(runtime.conf["EXCLUDE_LOCATION"]) > 0 then
    for k, v in pairs(runtime.conf["EXCLUDE_LOCATION"]) do
      if ngx.var.uri == v then
--- a/lib/plugins/crowdsec/config.lua
+++ b/lib/plugins/crowdsec/config.lua
@ -35,10 +35,12 @@ function config.loadConfig(file)
        return nil, "File ".. file .." doesn't exist"
    end
    local conf = {}
-    local valid_params = {'API_URL', 'API_KEY', 'BOUNCING_ON_TYPE', 'MODE', 'SECRET_KEY', 'SITE_KEY', 'BAN_TEMPLATE_PATH' ,'CAPTCHA_TEMPLATE_PATH', 'REDIRECT_LOCATION', 'RET_CODE', 'EXCLUDE_LOCATION', 'FALLBACK_REMEDIATION'}
+    local valid_params = {'ENABLED','API_URL', 'API_KEY', 'BOUNCING_ON_TYPE', 'MODE', 'SECRET_KEY', 'SITE_KEY', 'BAN_TEMPLATE_PATH' ,'CAPTCHA_TEMPLATE_PATH', 'REDIRECT_LOCATION', 'RET_CODE', 'EXCLUDE_LOCATION', 'FALLBACK_REMEDIATION'}
    local valid_int_params = {'CACHE_EXPIRATION', 'CACHE_SIZE', 'REQUEST_TIMEOUT', 'UPDATE_FREQUENCY', 'CAPTCHA_EXPIRATION'}
    local valid_bouncing_on_type_values = {'ban', 'captcha', 'all'}
+    local valid_truefalse_values = {'false', 'true'}
    local default_values = {
+        ['ENABLED'] = "true",
        ['REQUEST_TIMEOUT'] = 0.2,
        ['BOUNCING_ON_TYPE'] = "ban",
        ['MODE'] = "stream",
@ -57,6 +59,13 @@ function config.loadConfig(file)
            local s = split(line, "=")
            for k, v in pairs(s) do
                if has_value(valid_params, v) then
+                    if v == "ENABLED" then
+                        local value = s[2]
+                        if not has_value(valid_truefalse_values, s[2]) then
+                            ngx.log(ngx.ERR, "unsupported value '" .. s[2] .. "' for variable '" .. v .. "'. Using default value 'true' instead")
+                            break
+                        end
+                    end
                    if v == "BOUNCING_ON_TYPE" then
                        local value = s[2]
                        if not has_value(valid_bouncing_on_type_values, s[2]) then