From d4c0e482d3e233bea9de23b17b1060e80bf84c7b Mon Sep 17 00:00:00 2001
From: shamoon <4887959+shamoon@users.noreply.github.com>
Date: Thu, 28 Mar 2024 15:39:40 -0500
Subject: [PATCH] Feature: crowdsec widget (#3197)
---
docs/widgets/services/crowdsec.md | 19 +++++++
mkdocs.yml | 1 +
public/locales/en/common.json | 4 ++
src/widgets/components.js | 1 +
src/widgets/crowdsec/component.jsx | 34 +++++++++++
src/widgets/crowdsec/proxy.js | 90 ++++++++++++++++++++++++++++++
src/widgets/crowdsec/widget.js | 18 ++++++
src/widgets/widgets.js | 2 +
8 files changed, 169 insertions(+)
create mode 100644 docs/widgets/services/crowdsec.md
create mode 100644 src/widgets/crowdsec/component.jsx
create mode 100644 src/widgets/crowdsec/proxy.js
create mode 100644 src/widgets/crowdsec/widget.js
diff --git a/docs/widgets/services/crowdsec.md b/docs/widgets/services/crowdsec.md
new file mode 100644
index 000000000..608367dfd
--- /dev/null
+++ b/docs/widgets/services/crowdsec.md
@@ -0,0 +1,19 @@
+---
+title: Crowdsec
+description: Crowdsec Widget Configuration
+---
+
+Learn more about [Crowdsec](https://crowdsec.net).
+
+See the [crowdsec docs](https://docs.crowdsec.net/docs/local_api/intro/#machines) for information about registering a machine,
+in most instances you can use the default credentials (`/etc/crowdsec/local_api_credentials.yaml`).
+
+Allowed fields: ["alerts", "bans"]
+
+```yaml
+widget:
+ type: crowdsec
+ url: http://crowdsechostorip:port
+ username: localhost # machine_id in crowdsec
+ passowrd: password
+```
diff --git a/mkdocs.yml b/mkdocs.yml
index a0994fadd..e58cb1e4e 100644
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -44,6 +44,7 @@ nav:
- widgets/services/channelsdvrserver.md
- widgets/services/cloudflared.md
- widgets/services/coin-market-cap.md
+ - widgets/services/crowdsec.md
- widgets/services/customapi.md
- widgets/services/deluge.md
- widgets/services/diskstation.md
diff --git a/public/locales/en/common.json b/public/locales/en/common.json
index c7339c0b3..98daae9e5 100644
--- a/public/locales/en/common.json
+++ b/public/locales/en/common.json
@@ -872,5 +872,9 @@
"labels": "Labels",
"users": "Users",
"totalValue": "Total Value"
+ },
+ "crowdsec": {
+ "alerts": "Alerts",
+ "bans": "Bans"
}
}
diff --git a/src/widgets/components.js b/src/widgets/components.js
index f3d567bb7..8c85bd770 100644
--- a/src/widgets/components.js
+++ b/src/widgets/components.js
@@ -15,6 +15,7 @@ const components = {
channelsdvrserver: dynamic(() => import("./channelsdvrserver/component")),
cloudflared: dynamic(() => import("./cloudflared/component")),
coinmarketcap: dynamic(() => import("./coinmarketcap/component")),
+ crowdsec: dynamic(() => import("./crowdsec/component")),
iframe: dynamic(() => import("./iframe/component")),
customapi: dynamic(() => import("./customapi/component")),
deluge: dynamic(() => import("./deluge/component")),
diff --git a/src/widgets/crowdsec/component.jsx b/src/widgets/crowdsec/component.jsx
new file mode 100644
index 000000000..9565ee73f
--- /dev/null
+++ b/src/widgets/crowdsec/component.jsx
@@ -0,0 +1,34 @@
+import { useTranslation } from "next-i18next";
+
+import Container from "components/services/widget/container";
+import Block from "components/services/widget/block";
+import useWidgetAPI from "utils/proxy/use-widget-api";
+
+export default function Component({ service }) {
+ const { t } = useTranslation();
+
+ const { widget } = service;
+
+ const { data: alerts, error: alertsError } = useWidgetAPI(widget, "alerts");
+ const { data: bans, error: bansError } = useWidgetAPI(widget, "bans");
+
+ if (alertsError || bansError) {
+ return ;
+ }
+
+ if (!alerts || !bans) {
+ return (
+
+
+
+
+ );
+ }
+
+ return (
+
+
+
+
+ );
+}
diff --git a/src/widgets/crowdsec/proxy.js b/src/widgets/crowdsec/proxy.js
new file mode 100644
index 000000000..a367e7165
--- /dev/null
+++ b/src/widgets/crowdsec/proxy.js
@@ -0,0 +1,90 @@
+import cache from "memory-cache";
+
+import { httpProxy } from "utils/proxy/http";
+import { formatApiCall } from "utils/proxy/api-helpers";
+import getServiceWidget from "utils/config/service-helpers";
+import createLogger from "utils/logger";
+import widgets from "widgets/widgets";
+
+const proxyName = "crowdsecProxyHandler";
+const logger = createLogger(proxyName);
+const sessionTokenCacheKey = `${proxyName}__sessionToken`;
+
+async function login(widget, service) {
+ const url = formatApiCall(widgets[widget.type].loginURL, widget);
+ const [status, , data] = await httpProxy(url, {
+ method: "POST",
+ headers: {
+ "Content-Type": "application/json",
+ "User-Agent": "Mozilla/5.0", // Crowdsec requires a user-agent
+ },
+ body: JSON.stringify({
+ machine_id: widget.username,
+ password: widget.password,
+ scenarios: [],
+ }),
+ });
+
+ const dataParsed = JSON.parse(data);
+
+ if (!(status === 200) || !dataParsed.token) {
+ logger.error("Failed to login to Crowdsec API, status: %d", status);
+ cache.del(`${sessionTokenCacheKey}.${service}`);
+ }
+ cache.put(`${sessionTokenCacheKey}.${service}`, dataParsed.token, new Date(dataParsed.expire) - new Date());
+}
+
+export default async function crowdsecProxyHandler(req, res) {
+ const { group, service, endpoint } = req.query;
+
+ if (!group || !service) {
+ logger.error("Invalid or missing service '%s' or group '%s'", service, group);
+ return res.status(400).json({ error: "Invalid proxy service type" });
+ }
+
+ const widget = await getServiceWidget(group, service);
+ if (!widget || !widgets[widget.type].api) {
+ logger.error("Invalid or missing widget for service '%s' in group '%s'", service, group);
+ return res.status(400).json({ error: "Invalid widget configuration" });
+ }
+
+ if (!cache.get(`${sessionTokenCacheKey}.${service}`)) {
+ await login(widget, service);
+ }
+
+ const token = cache.get(`${sessionTokenCacheKey}.${service}`);
+ if (!token) {
+ return res.status(500).json({ error: "Failed to authenticate with Crowdsec" });
+ }
+
+ const url = new URL(formatApiCall(widgets[widget.type].api, { endpoint, ...widget }));
+
+ try {
+ const params = {
+ method: "GET",
+ headers: {
+ "User-Agent": "Mozilla/5.0", // Crowdsec requires a user-agent
+ "Content-Type": "application/json",
+ Authorization: `Bearer ${token}`,
+ },
+ };
+
+ logger.debug("Calling Crowdsec API endpoint: %s", endpoint);
+
+ if (endpoint.indexOf("decisions") === 0) {
+ delete params.headers.Authorization;
+ }
+
+ const [status, , data] = await httpProxy(url, params);
+
+ if (status !== 200) {
+ logger.error("Error calling Crowdsec API: %d. Data: %s", status, data);
+ return res.status(status).json({ error: "Crowdsec API Error", data });
+ }
+
+ return res.status(status).send(data);
+ } catch (error) {
+ logger.error("Exception calling Crowdsec API: %s", error.message);
+ return res.status(500).json({ error: "Crowdsec API Error", message: error.message });
+ }
+}
diff --git a/src/widgets/crowdsec/widget.js b/src/widgets/crowdsec/widget.js
new file mode 100644
index 000000000..d29fa1f16
--- /dev/null
+++ b/src/widgets/crowdsec/widget.js
@@ -0,0 +1,18 @@
+import crowdsecProxyHandler from "./proxy";
+
+const widget = {
+ api: "{url}/v1/{endpoint}",
+ loginURL: "{url}/v1/watchers/login",
+ proxyHandler: crowdsecProxyHandler,
+
+ mappings: {
+ alerts: {
+ endpoint: "alerts",
+ },
+ bans: {
+ endpoint: "alerts?decision_type=ban&origin=crowdsec&has_active_decision=1",
+ },
+ },
+};
+
+export default widget;
diff --git a/src/widgets/widgets.js b/src/widgets/widgets.js
index a9cae230f..6e02d9329 100644
--- a/src/widgets/widgets.js
+++ b/src/widgets/widgets.js
@@ -12,6 +12,7 @@ import changedetectionio from "./changedetectionio/widget";
import channelsdvrserver from "./channelsdvrserver/widget";
import cloudflared from "./cloudflared/widget";
import coinmarketcap from "./coinmarketcap/widget";
+import crowdsec from "./crowdsec/widget";
import customapi from "./customapi/widget";
import deluge from "./deluge/widget";
import diskstation from "./diskstation/widget";
@@ -125,6 +126,7 @@ const widgets = {
channelsdvrserver,
cloudflared,
coinmarketcap,
+ crowdsec,
customapi,
deluge,
diskstation,