2026-05-17 04:54:34 +00:00
|
|
|
package main
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"context"
|
2026-05-17 08:28:16 +00:00
|
|
|
"errors"
|
|
|
|
|
"flag"
|
|
|
|
|
"fmt"
|
2026-05-17 04:54:34 +00:00
|
|
|
"log"
|
|
|
|
|
"net/http"
|
|
|
|
|
"os"
|
|
|
|
|
"time"
|
|
|
|
|
|
|
|
|
|
"crowdsec-dashy/internal/config"
|
|
|
|
|
"crowdsec-dashy/internal/crowdsec"
|
|
|
|
|
"crowdsec-dashy/internal/router"
|
2026-05-17 08:28:16 +00:00
|
|
|
webfiles "crowdsec-dashy/web"
|
2026-05-17 04:54:34 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func main() {
|
2026-05-17 08:28:16 +00:00
|
|
|
// ----------------------------------------------------------------
|
|
|
|
|
// CLI flags
|
|
|
|
|
// ----------------------------------------------------------------
|
|
|
|
|
pwhash := flag.String("pwhash", "", "hash a password for use as ui_password in app_config.conf")
|
|
|
|
|
flag.Parse()
|
|
|
|
|
|
|
|
|
|
if *pwhash != "" {
|
|
|
|
|
hash, err := config.HashPassword(*pwhash)
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Fatalf("hash password: %v", err)
|
|
|
|
|
}
|
|
|
|
|
fmt.Println(hash)
|
|
|
|
|
os.Exit(0)
|
|
|
|
|
}
|
|
|
|
|
|
2026-05-17 04:54:34 +00:00
|
|
|
// ----------------------------------------------------------------
|
|
|
|
|
// Configuration
|
|
|
|
|
// ----------------------------------------------------------------
|
|
|
|
|
cfg, err := config.Load()
|
|
|
|
|
if err != nil {
|
2026-05-17 08:28:16 +00:00
|
|
|
var firstRun *config.FirstRunError
|
|
|
|
|
if errors.As(err, &firstRun) {
|
|
|
|
|
log.Println(firstRun.Error())
|
|
|
|
|
os.Exit(0)
|
|
|
|
|
}
|
2026-05-17 04:54:34 +00:00
|
|
|
log.Fatalf("configuration error: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// ----------------------------------------------------------------
|
|
|
|
|
// CrowdSec LAPI — authenticate at startup
|
|
|
|
|
// ----------------------------------------------------------------
|
|
|
|
|
lapi := crowdsec.NewLAPIClient(cfg.CrowdSecAPIURL, cfg.CrowdSecAPILogin, cfg.CrowdSecAPIPassword)
|
|
|
|
|
|
|
|
|
|
log.Printf("connecting to CrowdSec LAPI at %s ...", cfg.CrowdSecAPIURL)
|
|
|
|
|
ctx, cancel := context.WithTimeout(context.Background(), 15*time.Second)
|
|
|
|
|
if err := lapi.Login(ctx); err != nil {
|
|
|
|
|
cancel()
|
|
|
|
|
log.Fatalf("failed to authenticate with CrowdSec LAPI: %v\n"+
|
2026-05-17 08:28:16 +00:00
|
|
|
"Check crowdsec_api_login / crowdsec_api_password in %s\n"+
|
|
|
|
|
"Register the machine first: cscli machines add %s -a",
|
|
|
|
|
err, config.ConfigFile(), cfg.CrowdSecAPILogin)
|
2026-05-17 04:54:34 +00:00
|
|
|
}
|
|
|
|
|
cancel()
|
|
|
|
|
log.Println("authenticated with CrowdSec LAPI")
|
|
|
|
|
|
|
|
|
|
// CLI availability
|
|
|
|
|
if cfg.CscliAvailable() {
|
|
|
|
|
log.Printf("cscli available at %s", cfg.CscliPath)
|
|
|
|
|
} else {
|
|
|
|
|
log.Printf("[WARN] cscli not found at %s — bouncer/machine/hub/metrics features disabled", cfg.CscliPath)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// ----------------------------------------------------------------
|
|
|
|
|
// Build router
|
|
|
|
|
// ----------------------------------------------------------------
|
2026-05-17 08:28:16 +00:00
|
|
|
handler, err := router.New(cfg, lapi, webfiles.FS)
|
2026-05-17 04:54:34 +00:00
|
|
|
if err != nil {
|
|
|
|
|
log.Fatalf("failed to initialise router: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// ----------------------------------------------------------------
|
|
|
|
|
// HTTP server
|
|
|
|
|
// ----------------------------------------------------------------
|
|
|
|
|
srv := &http.Server{
|
|
|
|
|
Addr: cfg.Port,
|
|
|
|
|
Handler: handler,
|
|
|
|
|
ReadTimeout: 10 * time.Second,
|
|
|
|
|
WriteTimeout: 60 * time.Second, // longer for hub operations
|
|
|
|
|
IdleTimeout: 120 * time.Second,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
log.Printf("CrowdSec UI listening on %s", srv.Addr)
|
|
|
|
|
log.Printf("UI credentials: %s / [redacted]", cfg.UIUsername)
|
|
|
|
|
if err := srv.ListenAndServe(); err != nil {
|
|
|
|
|
log.Fatalf("server error: %v", err)
|
|
|
|
|
}
|
|
|
|
|
}
|
