agala/server-initializer
1
0
Fork 0
mirror of https://github.com/elAgala/server-initializer.git synced 2026-02-14 05:06:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: make install_caddy autogenerate necessary keys

Browse Source
This commit is contained in:
elAgala
2025-07-09 02:05:16 -03:00
parent 130575ffd3
commit 32ed5d4629
2 changed files with 58 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
templates/caddy/full/.env
View File

@@ -1 +1,2 @@
CROWDSEC_API_KEY=${CROWDSEC_API_KEY} CROWDSEC_API_KEY=${CROWDSEC_API_KEY}
PROMETHEUS_PASSWORD=${PROMETHEUS_PASSWORD}

60
web/install_caddy.sh
View File

@@ -13,16 +13,70 @@ function install_caddy() {
mkdir -p "$caddy_dir/crowdsec" mkdir -p "$caddy_dir/crowdsec"
mkdir -p "$caddy_dir/caddy" mkdir -p "$caddy_dir/caddy"
mkdir -p "$caddy_dir/caddy/coraza" mkdir -p "$caddy_dir/caddy/coraza"
mkdir -p "$caddy_dir/caddy/sites-enabled"
chown -R "$username:$username" "$caddy_dir" chown -R "$username:$username" "$caddy_dir"
# Download configuration files
wget "$REPO_URL/$TEMPLATE_PATH/docker-compose.yml" -O "$caddy_dir/docker-compose.yml" wget "$REPO_URL/$TEMPLATE_PATH/docker-compose.yml" -O "$caddy_dir/docker-compose.yml"
wget "$REPO_URL/$TEMPLATE_PATH/.env" -O "$caddy_dir/.env"
wget "$REPO_URL/$TEMPLATE_PATH/Makefile" -O "$caddy_dir/Makefile" wget "$REPO_URL/$TEMPLATE_PATH/Makefile" -O "$caddy_dir/Makefile"
wget "$REPO_URL/$TEMPLATE_PATH/caddy/Caddyfile" -O "$caddy_dir/caddy/Caddyfile" wget "$REPO_URL/$TEMPLATE_PATH/caddy/Caddyfile" -O "$caddy_dir/caddy/Caddyfile"
wget "$REPO_URL/$TEMPLATE_PATH/caddy/coraza/coraza.conf" -O "$caddy_dir/caddy/coraza/coraza.conf" wget "$REPO_URL/$TEMPLATE_PATH/caddy/coraza/coraza.conf" -O "$caddy_dir/caddy/coraza/coraza.conf"
wget "$REPO_URL/$TEMPLATE_PATH/crowdsec/acquis.yaml" -O "$caddy_dir/crowdsec/acquis.yaml" wget "$REPO_URL/$TEMPLATE_PATH/crowdsec/acquis.yaml" -O "$caddy_dir/crowdsec/acquis.yaml"
wget "$REPO_URL/$TEMPLATE_PATH/caddy/sites-enabled/prometheus.Caddyfile" -O "$caddy_dir/caddy/sites-enabled/prometheus.Caddyfile"
wget "$REPO_URL/$TEMPLATE_PATH/caddy/sites-enabled/examples.Caddyfile" -O "$caddy_dir/caddy/sites-enabled/examples.Caddyfile"
echo "[ WEB ]: Caddy setup succesfully. You can find the Caddyfile under /home/$username/web_server/caddy" echo "[ WEB ]: Starting containers to generate keys..."
echo "[ WEB ]: Do not forget to update the .env file located under $caddy_dir" cd "$caddy_dir"
# Generate random Prometheus password
echo "[ WEB ]: Generating Prometheus password..."
PROMETHEUS_PASSWORD=$(openssl rand -base64 32)
# Create .env file with placeholder
cat > "$caddy_dir/.env" <<EOF
CROWDSEC_API_KEY=PLACEHOLDER_WILL_BE_REPLACED
PROMETHEUS_PASSWORD=$PROMETHEUS_PASSWORD
EOF
# Start containers
sudo docker compose up -d
# Wait for CrowdSec to be ready with health check
echo "[ WEB ]: Waiting for CrowdSec to be ready..."
for i in {1..30}; do
if sudo docker exec crowdsec cscli version >/dev/null 2>&1; then
echo "[ WEB ]: CrowdSec is ready!"
break
fi
echo "[ WEB ]: Waiting for CrowdSec... ($i/30)"
sleep 2
done
# Check if CrowdSec is ready
if ! sudo docker exec crowdsec cscli version >/dev/null 2>&1; then
echo "[ WEB ]: ERROR: CrowdSec failed to start properly. Check logs with: docker compose logs crowdsec"
return 1
fi
# Generate CrowdSec API key
echo "[ WEB ]: Generating CrowdSec API key..."
CROWDSEC_API_KEY=$(sudo docker exec crowdsec cscli bouncers add caddy-bouncer -o raw)
# Update .env file with real API key
cat > "$caddy_dir/.env" <<EOF
CROWDSEC_API_KEY=$CROWDSEC_API_KEY
PROMETHEUS_PASSWORD=$PROMETHEUS_PASSWORD
EOF
# Restart containers with new API key
echo "[ WEB ]: Restarting containers with generated keys..."
sudo docker compose down
sudo docker compose up -d
echo "[ WEB ]: Caddy setup completed successfully!"
echo "[ WEB ]: Configuration location: $caddy_dir"
echo "[ WEB ]: CrowdSec API key: $CROWDSEC_API_KEY"
echo "[ WEB ]: Prometheus password: $PROMETHEUS_PASSWORD"
echo "[ WEB ]: Add your site configurations to: $caddy_dir/caddy/sites-enabled/"
} }