Integrate blocklist into daemon lifecycle and initialize blocklist service in NewDaemon
This commit is contained in:
@@ -5,6 +5,7 @@ import (
|
||||
"fmt"
|
||||
|
||||
"git.kor-elf.net/kor-elf-shield/kor-elf-shield/internal/daemon"
|
||||
"git.kor-elf.net/kor-elf-shield/kor-elf-shield/internal/daemon/blocklist"
|
||||
"git.kor-elf.net/kor-elf-shield/kor-elf-shield/internal/daemon/db"
|
||||
"git.kor-elf.net/kor-elf-shield/kor-elf-shield/internal/daemon/db/repository"
|
||||
"git.kor-elf.net/kor-elf-shield/kor-elf-shield/internal/daemon/docker_monitor"
|
||||
@@ -75,7 +76,9 @@ func runDaemon(ctx context.Context, _ *cli.Command) error {
|
||||
return err
|
||||
}
|
||||
|
||||
d, err := daemon.NewDaemon(config, logger, notificationsService, dockerService)
|
||||
blocklistService := newBlocklistService(ctx, repositories.Blocklist(), logger)
|
||||
|
||||
d, err := daemon.NewDaemon(config, logger, notificationsService, dockerService, blocklistService)
|
||||
if err != nil {
|
||||
logger.Fatal(err.Error())
|
||||
|
||||
@@ -123,3 +126,27 @@ func newDockerService(ctx context.Context, logger log.Logger) (dockerService doc
|
||||
|
||||
return dockerService, dockerSupport, nil
|
||||
}
|
||||
|
||||
func newBlocklistService(ctx context.Context, blocklistRepository repository.BlocklistRepository, logger log.Logger) blocklist.Blocklist {
|
||||
config, isEnabled, err := setting.Config.OtherSettingsPath.ToBlocklistConfig(logger)
|
||||
if err != nil {
|
||||
logger.Error(fmt.Sprintf("Failed to create blocklist service: %s", err))
|
||||
return blocklist.NewFalseBlocklist()
|
||||
}
|
||||
if !isEnabled {
|
||||
return blocklist.NewFalseBlocklist()
|
||||
}
|
||||
|
||||
blocklistConfig := blocklist.Config{
|
||||
BlocklistRepository: blocklistRepository,
|
||||
Sources: config,
|
||||
}
|
||||
|
||||
blocklistService, err := blocklist.New(blocklistConfig, ctx, logger)
|
||||
if err != nil {
|
||||
logger.Error(err.Error())
|
||||
return blocklist.NewFalseBlocklist()
|
||||
}
|
||||
|
||||
return blocklistService
|
||||
}
|
||||
|
||||
@@ -10,6 +10,7 @@ import (
|
||||
"time"
|
||||
|
||||
"git.kor-elf.net/kor-elf-shield/kor-elf-shield/internal/daemon/analyzer"
|
||||
"git.kor-elf.net/kor-elf-shield/kor-elf-shield/internal/daemon/blocklist"
|
||||
"git.kor-elf.net/kor-elf-shield/kor-elf-shield/internal/daemon/docker_monitor"
|
||||
"git.kor-elf.net/kor-elf-shield/kor-elf-shield/internal/daemon/firewall"
|
||||
"git.kor-elf.net/kor-elf-shield/kor-elf-shield/internal/daemon/firewall/blocking"
|
||||
@@ -35,6 +36,7 @@ type daemon struct {
|
||||
notifications notifications.Notifications
|
||||
analyzer analyzer.Analyzer
|
||||
docker docker_monitor.Docker
|
||||
blocklist blocklist.Blocklist
|
||||
|
||||
stopCh chan struct{}
|
||||
}
|
||||
@@ -83,6 +85,11 @@ func (d *daemon) Run(ctx context.Context, isTesting bool, testingInterval uint16
|
||||
}()
|
||||
}
|
||||
|
||||
d.blocklist.Run()
|
||||
defer func() {
|
||||
_ = d.blocklist.Close()
|
||||
}()
|
||||
|
||||
go d.socket.Run(ctx, d.socketCommand)
|
||||
d.runWorker(ctx, isTesting, testingInterval)
|
||||
|
||||
|
||||
@@ -5,6 +5,7 @@ import (
|
||||
|
||||
"git.kor-elf.net/kor-elf-shield/kor-elf-shield/internal/daemon/analyzer"
|
||||
"git.kor-elf.net/kor-elf-shield/kor-elf-shield/internal/daemon/analyzer/log/analysis/brute_force_protection_group"
|
||||
"git.kor-elf.net/kor-elf-shield/kor-elf-shield/internal/daemon/blocklist"
|
||||
"git.kor-elf.net/kor-elf-shield/kor-elf-shield/internal/daemon/docker_monitor"
|
||||
firewall2 "git.kor-elf.net/kor-elf-shield/kor-elf-shield/internal/daemon/firewall"
|
||||
"git.kor-elf.net/kor-elf-shield/kor-elf-shield/internal/daemon/firewall/blocking"
|
||||
@@ -14,7 +15,13 @@ import (
|
||||
"git.kor-elf.net/kor-elf-shield/kor-elf-shield/internal/log"
|
||||
)
|
||||
|
||||
func NewDaemon(opts DaemonOptions, logger log.Logger, notifications notifications.Notifications, docker docker_monitor.Docker) (Daemon, error) {
|
||||
func NewDaemon(
|
||||
opts DaemonOptions,
|
||||
logger log.Logger,
|
||||
notifications notifications.Notifications,
|
||||
docker docker_monitor.Docker,
|
||||
blocklist blocklist.Blocklist,
|
||||
) (Daemon, error) {
|
||||
if logger == nil {
|
||||
return nil, errors.New("logger is nil")
|
||||
}
|
||||
@@ -30,7 +37,14 @@ func NewDaemon(opts DaemonOptions, logger log.Logger, notifications notification
|
||||
}
|
||||
|
||||
blockingService := blocking.New(opts.Repositories.Blocking(), logger)
|
||||
firewall, err := firewall2.New(opts.PathNftables, blockingService, logger, opts.ConfigFirewall, docker)
|
||||
firewall, err := firewall2.New(
|
||||
opts.PathNftables,
|
||||
blockingService,
|
||||
logger,
|
||||
opts.ConfigFirewall,
|
||||
docker,
|
||||
blocklist,
|
||||
)
|
||||
|
||||
blockService := brute_force_protection_group.NewBlockService(firewall.BlockIP, firewall.BlockIPWithPorts)
|
||||
analyzerService := analyzer.New(opts.ConfigAnalyzer, blockService, opts.Repositories, logger, notifications)
|
||||
@@ -43,5 +57,6 @@ func NewDaemon(opts DaemonOptions, logger log.Logger, notifications notification
|
||||
notifications: notifications,
|
||||
analyzer: analyzerService,
|
||||
docker: docker,
|
||||
blocklist: blocklist,
|
||||
}, nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user