Merge pull request #7 from LePresidente/master

Added  both lua-resty-http lua plugin and Crowdsec-Openresty-Bouncer

Author: jc21

.jenkins/Jenkinsfile

@@ -16,6 +16,7 @@ pipeline {
 		BRANCH_LOWER = "${BRANCH_NAME.toLowerCase().replaceAll('/', '-')}"
 		// Software versions; OpenResty does not support Lua >= 5.2
 		OPENRESTY_VERSION = '1.19.9.1'
+		CROWDSEC_OPENRESTY_BOUNCER_VERSION = '0.1.7'
 		LUA_VERSION       = '5.1.5'
 		LUAROCKS_VERSION  = '3.3.1'
 	}

README.md

@@ -22,6 +22,7 @@ The following images are built:
 **latest**
 - OpenResty
 - Lua
+- [Crowdsec Openresty Bouncer](https://github.com/crowdsecurity/cs-openresty-bouncer)
 
 **certbot**
 - Certbot

docker/Dockerfile

@@ -57,6 +57,8 @@ RUN apt-get update \
 	tzdata \
 	unzip \
 	zlib1g \
+	gettext \
+	wget \
 	&& apt-get clean \
 	&& rm -rf /var/lib/apt/lists/* \
 	&& rm -rf /var/cache/* /var/log/* /tmp/* /var/lib/dpkg/status-old
@@ -72,16 +74,22 @@ COPY ./scripts/install-lua /tmp/install-lua
 COPY --from=nginxbuilder /tmp/openresty /tmp/openresty
 COPY ./scripts/install-openresty /tmp/install-openresty
 
+# Copy crowdsec openresty bouncer install script
+COPY ./scripts/install-crowdsec_openresty_bouncer /tmp/install-crowdsec_openresty_bouncer
+
 ARG OPENRESTY_VERSION
+ARG CROWDSEC_OPENRESTY_BOUNCER_VERSION
 ENV SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt \
-	OPENRESTY_VERSION=${OPENRESTY_VERSION}
+	OPENRESTY_VERSION=${OPENRESTY_VERSION} \
+	CROWDSEC_OPENRESTY_BOUNCER_VERSION=${CROWDSEC_OPENRESTY_BOUNCER_VERSION}
 
 # Install openresty, lua, then clean up file system
 RUN apt-get update \
 	&& apt-get install -y gcc make socat git \
 	&& /tmp/install-lua \
 	&& /tmp/install-openresty \
-	&& apt-get remove -y make gcc git \
+	&& /tmp/install-crowdsec_openresty_bouncer \
+	&& apt-get remove -y make gcc git wget gettext \
 	&& apt-get autoremove -y \
 	&& apt-get clean \
 	&& rm -rf /var/lib/apt/lists/* \

local-build.sh

@@ -9,6 +9,7 @@ RESET='\E[0m'
 DOCKER_IMAGE=nginxproxymanager/nginx-full
 
 export OPENRESTY_VERSION=1.19.9.1
+export CROWDSEC_OPENRESTY_BOUNCER_VERSION=0.1.7
 export LUA_VERSION=5.1.5
 export LUAROCKS_VERSION=3.3.1
 
@@ -18,6 +19,7 @@ echo -e "${BLUE}❯ ${CYAN}Building ${YELLOW}latest ${CYAN}...${RESET}"
 docker build \
 	--pull \
 	--build-arg OPENRESTY_VERSION \
+	--build-arg CROWDSEC_OPENRESTY_BOUNCER_VERSION \
 	--build-arg LUA_VERSION \
 	--build-arg LUAROCKS_VERSION \
 	-t ${DOCKER_IMAGE}:latest \

scripts/buildx

@@ -25,6 +25,7 @@ docker buildx build \
 	--build-arg OPENRESTY_VERSION \
 	--build-arg LUA_VERSION \
 	--build-arg LUAROCKS_VERSION \
+	--build-arg CROWDSEC_OPENRESTY_BOUNCER_VERSION \
 	$@ \
 	.
 

scripts/install-crowdsec_openresty_bouncer

@@ -0,0 +1,28 @@
+#!/bin/bash -e
+
+BLUE='\E[1;34m'
+CYAN='\E[1;36m'
+YELLOW='\E[1;33m'
+GREEN='\E[1;32m'
+RED='\E[1;31m'
+RESET='\E[0m'
+
+echo -e "${BLUE}❯ ${CYAN}Installing Crowdsec OpenResty Bouncer ${YELLOW}${CROWDSEC_OPENRESTY_BOUNCER_VERSION:-}...${RESET}"
+
+if [ "${CROWDSEC_OPENRESTY_BOUNCER_VERSION:-}" = "" ]; then
+	echo -e "${RED}❯ ERROR: CROWDSEC_OPENRESTY_BOUNCER_VERSION environment variable is not set!${RESET}"
+	exit 1
+fi
+
+cd /tmp
+wget "https://github.com/crowdsecurity/cs-openresty-bouncer/releases/download/v${CROWDSEC_OPENRESTY_BOUNCER_VERSION}/crowdsec-openresty-bouncer.tgz"
+mkdir -p /tmp/crowdsec
+tar xzf crowdsec-openresty-bouncer.tgz --strip 1 -C /tmp/crowdsec
+rm -rf /tmp/crowdsec-openresty-bouncer.tgz
+cd /tmp/crowdsec
+
+bash ./install.sh --NGINX_CONF_DIR=/etc/nginx/conf.d --LIB_PATH=/etc/nginx/lualib --CONFIG_PATH=/defaults/crowdsec --DATA_PATH=/defaults/crowdsec --docker
+sed -i 's|ENABLED=.*|ENABLED=false|' /defaults/crowdsec/crowdsec-openresty-bouncer.conf
+rm -rf /tmp/crowdsec
+
+echo -e "${BLUE}❯ ${GREEN}OpenResty plugins install completed${RESET}"

scripts/install-openresty

@@ -19,5 +19,6 @@ echo -e "${BLUE}❯ ${CYAN}Installing OpenResty plugins...${RESET}"
 cd /
 luarocks install lua-cjson
 luarocks install lua-resty-openidc
+luarocks install lua-resty-http
 
 echo -e "${BLUE}❯ ${GREEN}OpenResty plugins install completed${RESET}"