Karl/homepage
1
0
Fork 0
mirror of https://github.com/karl0ss/homepage.git synced 2025-04-29 12:03:41 +01:00
Code Issues Packages Projects Releases Wiki Activity

Feature: crowdsec widget (#3197)

Browse Source
This commit is contained in:
shamoon 2024-03-28 15:39:40 -05:00 committed by GitHub
parent def9b27006
commit d4c0e482d3
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
8 changed files with 169 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
docs/widgets/services/crowdsec.md Normal file
View File

@ -0,0 +1,19 @@
---
title: Crowdsec
description: Crowdsec Widget Configuration
---
Learn more about [Crowdsec](https://crowdsec.net).
See the [crowdsec docs](https://docs.crowdsec.net/docs/local_api/intro/#machines) for information about registering a machine,
in most instances you can use the default credentials (`/etc/crowdsec/local_api_credentials.yaml`).
Allowed fields: ["alerts", "bans"]
```yaml
widget:
type: crowdsec
url: http://crowdsechostorip:port
username: localhost # machine_id in crowdsec
passowrd: password
```

1
mkdocs.yml
View File

@ -44,6 +44,7 @@ nav:
- widgets/services/channelsdvrserver.md - widgets/services/channelsdvrserver.md
- widgets/services/cloudflared.md - widgets/services/cloudflared.md
- widgets/services/coin-market-cap.md - widgets/services/coin-market-cap.md
- widgets/services/crowdsec.md
- widgets/services/customapi.md - widgets/services/customapi.md
- widgets/services/deluge.md - widgets/services/deluge.md
- widgets/services/diskstation.md - widgets/services/diskstation.md

4
public/locales/en/common.json
View File

@ -872,5 +872,9 @@
"labels": "Labels", "labels": "Labels",
"users": "Users", "users": "Users",
"totalValue": "Total Value" "totalValue": "Total Value"
},
"crowdsec": {
"alerts": "Alerts",
"bans": "Bans"
} }
} }

1
src/widgets/components.js
View File

@ -15,6 +15,7 @@ const components = {
channelsdvrserver: dynamic(() => import("./channelsdvrserver/component")), channelsdvrserver: dynamic(() => import("./channelsdvrserver/component")),
cloudflared: dynamic(() => import("./cloudflared/component")), cloudflared: dynamic(() => import("./cloudflared/component")),
coinmarketcap: dynamic(() => import("./coinmarketcap/component")), coinmarketcap: dynamic(() => import("./coinmarketcap/component")),
crowdsec: dynamic(() => import("./crowdsec/component")),
iframe: dynamic(() => import("./iframe/component")), iframe: dynamic(() => import("./iframe/component")),
customapi: dynamic(() => import("./customapi/component")), customapi: dynamic(() => import("./customapi/component")),
deluge: dynamic(() => import("./deluge/component")), deluge: dynamic(() => import("./deluge/component")),

34
src/widgets/crowdsec/component.jsx Normal file
View File

@ -0,0 +1,34 @@
import { useTranslation } from "next-i18next";
import Container from "components/services/widget/container";
import Block from "components/services/widget/block";
import useWidgetAPI from "utils/proxy/use-widget-api";
export default function Component({ service }) {
const { t } = useTranslation();
const { widget } = service;
const { data: alerts, error: alertsError } = useWidgetAPI(widget, "alerts");
const { data: bans, error: bansError } = useWidgetAPI(widget, "bans");
if (alertsError || bansError) {
return <Container service={service} error={alertsError ?? bansError} />;
}
if (!alerts || !bans) {
return (
<Container service={service}>
<Block label="crowdsec.alerts" />
<Block label="crowdsec.bans" />
</Container>
);
}
return (
<Container service={service}>
<Block label="crowdsec.alerts" value={t("common.number", { value: alerts.length })} />
<Block label="crowdsec.bans" value={t("common.number", { value: bans.length })} />
</Container>
);
}

90
src/widgets/crowdsec/proxy.js Normal file
View File

@ -0,0 +1,90 @@
import cache from "memory-cache";
import { httpProxy } from "utils/proxy/http";
import { formatApiCall } from "utils/proxy/api-helpers";
import getServiceWidget from "utils/config/service-helpers";
import createLogger from "utils/logger";
import widgets from "widgets/widgets";
const proxyName = "crowdsecProxyHandler";
const logger = createLogger(proxyName);
const sessionTokenCacheKey = `${proxyName}__sessionToken`;
async function login(widget, service) {
const url = formatApiCall(widgets[widget.type].loginURL, widget);
const [status, , data] = await httpProxy(url, {
method: "POST",
headers: {
"Content-Type": "application/json",
"User-Agent": "Mozilla/5.0", // Crowdsec requires a user-agent
},
body: JSON.stringify({
machine_id: widget.username,
password: widget.password,
scenarios: [],
}),
});
const dataParsed = JSON.parse(data);
if (!(status === 200) || !dataParsed.token) {
logger.error("Failed to login to Crowdsec API, status: %d", status);
cache.del(`${sessionTokenCacheKey}.${service}`);
}
cache.put(`${sessionTokenCacheKey}.${service}`, dataParsed.token, new Date(dataParsed.expire) - new Date());
}
export default async function crowdsecProxyHandler(req, res) {
const { group, service, endpoint } = req.query;
if (!group || !service) {
logger.error("Invalid or missing service '%s' or group '%s'", service, group);
return res.status(400).json({ error: "Invalid proxy service type" });
}
const widget = await getServiceWidget(group, service);
if (!widget || !widgets[widget.type].api) {
logger.error("Invalid or missing widget for service '%s' in group '%s'", service, group);
return res.status(400).json({ error: "Invalid widget configuration" });
}
if (!cache.get(`${sessionTokenCacheKey}.${service}`)) {
await login(widget, service);
}
const token = cache.get(`${sessionTokenCacheKey}.${service}`);
if (!token) {
return res.status(500).json({ error: "Failed to authenticate with Crowdsec" });
}
const url = new URL(formatApiCall(widgets[widget.type].api, { endpoint, ...widget }));
try {
const params = {
method: "GET",
headers: {
"User-Agent": "Mozilla/5.0", // Crowdsec requires a user-agent
"Content-Type": "application/json",
Authorization: `Bearer ${token}`,
},
};
logger.debug("Calling Crowdsec API endpoint: %s", endpoint);
if (endpoint.indexOf("decisions") === 0) {
delete params.headers.Authorization;
}
const [status, , data] = await httpProxy(url, params);
if (status !== 200) {
logger.error("Error calling Crowdsec API: %d. Data: %s", status, data);
return res.status(status).json({ error: "Crowdsec API Error", data });
}
return res.status(status).send(data);
} catch (error) {
logger.error("Exception calling Crowdsec API: %s", error.message);
return res.status(500).json({ error: "Crowdsec API Error", message: error.message });
}
}

18
src/widgets/crowdsec/widget.js Normal file
View File

@ -0,0 +1,18 @@
import crowdsecProxyHandler from "./proxy";
const widget = {
api: "{url}/v1/{endpoint}",
loginURL: "{url}/v1/watchers/login",
proxyHandler: crowdsecProxyHandler,
mappings: {
alerts: {
endpoint: "alerts",
},
bans: {
endpoint: "alerts?decision_type=ban&origin=crowdsec&has_active_decision=1",
},
},
};
export default widget;

2
src/widgets/widgets.js
View File

@ -12,6 +12,7 @@ import changedetectionio from "./changedetectionio/widget";
import channelsdvrserver from "./channelsdvrserver/widget"; import channelsdvrserver from "./channelsdvrserver/widget";
import cloudflared from "./cloudflared/widget"; import cloudflared from "./cloudflared/widget";
import coinmarketcap from "./coinmarketcap/widget"; import coinmarketcap from "./coinmarketcap/widget";
import crowdsec from "./crowdsec/widget";
import customapi from "./customapi/widget"; import customapi from "./customapi/widget";
import deluge from "./deluge/widget"; import deluge from "./deluge/widget";
import diskstation from "./diskstation/widget"; import diskstation from "./diskstation/widget";
@ -125,6 +126,7 @@ const widgets = {
channelsdvrserver, channelsdvrserver,
cloudflared, cloudflared,
coinmarketcap, coinmarketcap,
crowdsec,
customapi, customapi,
deluge, deluge,
diskstation, diskstation,