sts · August 17, 2022 14:35 · Aug 17, 2022 · Aug 16, 2022 · Aug 16, 2022 · Aug 16, 2022
diff --git a/coraza-ruleloader b/coraza-ruleloader
@@ -6,7 +6,7 @@
 #
 # Usage:
 #  coraza-ruleloader 4.0.0-rc1
-#  coraza-ruleloader 4.0.0-rc1 ./coraza
+#  coraza-ruleloader 4.0.0-rc1 /etc/coraza
 #
 # Uses the following directory structure:
 #
@@ -23,8 +23,8 @@
 
 set -eo pipefail
 
-TARGET_BASE="${2:-/etc/coraza}"
 CORERULESET_VERSION=${1:-4.0.0-rc1}
+TARGET_BASE="${2:-coraza}"
 TARGET_DIR="${TARGET_BASE}/corerulesets/${CORERULESET_VERSION}"
 
 trap cleanup HUP INT QUIT TERM

diff --git a/coraza-ruleloader b/coraza-ruleloader
@@ -1,4 +1,5 @@
 #!/bin/bash
+# Copyright 2022, Stefan Schlesinger
 #
 # Coraza Core Ruleset Downloader 
 #    - download, manage and activate local copies of CRS versions
@@ -9,12 +10,16 @@
 #
 # Uses the following directory structure:
 #
-# /etc/coraza/corerulesets/4.0.0-rc1
-# /etc/coraza/corerulesets/3.3.2
-# /etc/coraza/rules -> coraza/corerulesets/4.0.0-rc1
-# /etc/coraza/crs-setup.conf -> coraza/corerulesets/4.0.0-rc1
+#  /etc/coraza/corerulesets/4.0.0-rc1
+#  /etc/coraza/corerulesets/4.0.0-rc1/crs-setup.conf
+#  /etc/coraza/corerulesets/4.0.0-rc1/rules
+#  /etc/coraza/corerulesets/4.0.0-rc1/plugins
+#  /etc/coraza/corerulesets/3.3.2
+#  /etc/coraza/corerulesets/3.3.2/crs-setup.conf
+#  /etc/coraza/corerulesets/3.3.2/rules
+#  /etc/coraza/rules -> coraza/corerulesets/4.0.0-rc1/rules
+#  /etc/coraza/crs-setup.conf -> coraza/corerulesets/4.0.0-rc1/crs-setup.conf
 #
-# Copyright 2022, Stefan Schlesinger
 
 set -eo pipefail
 

diff --git a/coraza-ruleloader b/coraza-ruleloader
@@ -7,6 +7,13 @@
 #  coraza-ruleloader 4.0.0-rc1
 #  coraza-ruleloader 4.0.0-rc1 ./coraza
 #
+# Uses the following directory structure:
+#
+# /etc/coraza/corerulesets/4.0.0-rc1
+# /etc/coraza/corerulesets/3.3.2
+# /etc/coraza/rules -> coraza/corerulesets/4.0.0-rc1
+# /etc/coraza/crs-setup.conf -> coraza/corerulesets/4.0.0-rc1
+#
 # Copyright 2022, Stefan Schlesinger
 
 set -eo pipefail

diff --git a/coraza-ruleloader b/coraza-ruleloader
@@ -0,0 +1,64 @@
+#!/bin/bash
+#
+# Coraza Core Ruleset Downloader 
+#    - download, manage and activate local copies of CRS versions
+#
+# Usage:
+#  coraza-ruleloader 4.0.0-rc1
+#  coraza-ruleloader 4.0.0-rc1 ./coraza
+#
+# Copyright 2022, Stefan Schlesinger
+
+set -eo pipefail
+
+TARGET_BASE="${2:-/etc/coraza}"
+CORERULESET_VERSION=${1:-4.0.0-rc1}
+TARGET_DIR="${TARGET_BASE}/corerulesets/${CORERULESET_VERSION}"
+
+trap cleanup HUP INT QUIT TERM
+
+crs_download() {
+  SCRATCH=$(mktemp -d)
+
+  if ! curl -sL https://github.com/coreruleset/coreruleset/archive/refs/tags/v${CORERULESET_VERSION}.tar.gz \
+    | tar -xz --strip-components 1 -C "${SCRATCH}" 2>/dev/null ; then
+
+    echo ERROR: Unable to download https://github.com/coreruleset/coreruleset/archive/refs/tags/v${CORERULESET_VERSION}.tar.gz
+    exit 1
+  fi
+}
+
+crs_install() {
+  mkdir -p $TARGET_DIR
+
+  mv $SCRATCH/crs-setup.conf.example $TARGET_DIR/crs-setup.conf
+  mv $SCRATCH/rules $TARGET_DIR
+  [[ -d $SCRATCH/plugins ]] && mv $SCRATCH/plugins $TARGET_DIR
+
+  echo Loaded ruleset to $TARGET_DIR 1>&2
+}
+
+crs_activate() {
+  cd $TARGET_BASE
+  ln -sf "corerulesets/${CORERULESET_VERSION}/rules"
+  ln -sf "corerulesets/${CORERULESET_VERSION}/crs-setup.conf"
+
+  if [[ -d corerulesets/${CORERULESET_VERSION}/plugins ]] ; then
+    ln -sf "corerulesets/${CORERULESET_VERSION}/plugins"
+  else
+    rm -f plugins
+  fi
+
+  echo SUCCESS: Activated corerulesets/${CORERULESET_VERSION}
+}
+
+cleanup() {
+  [[ -d $SCRATCH ]] && rm -rf $SCRATCH
+}
+
+[[ -n `which curl &> /dev/null` ]] && echo "ERROR: Please install the curl command" && exit 1
+
+if [[ ! -d $TARGET_DIR ]] ; then
+   echo Ruleset not found, attemting download from Github. 1>&2
+   crs_download && crs_install
+fi
No results found