Each app now carries everything under containers/<app>/: Tools-tab actions in tools/ (declaration <app>.tools.json + function <app>_<tool_id>.sh) and logic helpers in scripts/ (e.g. <app>_auth.sh). The container scan live-sources every .sh under the app (maxdepth 3, prunes only resources/) and webui_tools.sh auto-merges the .tools.json, so an app is a true drop-in — no central edit, no array regen. - Empty the central webui_tools.sh heredoc; all 34 tools across 11 apps now come from per-app declarations (verified byte-identical to the old output). - Retire the orphaned mattermost tool scripts to scripts/unused (there is no containers/mattermost; its install fn already lived in unused). - Update the dispatch comment/error path, the auth-adapter doc, and DEVELOPMENT.md to the new convention. - Regenerate static arrays (files_app.sh no longer lists app/containers/*). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
20 lines
725 B
Bash
20 lines
725 B
Bash
#!/bin/bash
|
|
|
|
appCrowdSecFixPriority() {
|
|
local cfg="/etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml"
|
|
if [[ ! -f "$cfg" ]]; then
|
|
isNotice "Bouncer config not found at $cfg — is CrowdSec installed?"
|
|
return 1
|
|
fi
|
|
|
|
# The bouncer yaml is root-owned under /etc/crowdsec; the backup + nftables
|
|
# ipv4/ipv6 priority rewrite (to -100) runs in the root-owned appcfg helper.
|
|
runAppCfg crowdsec-priority
|
|
checkSuccess "Patched nftables priority to -100 in $cfg"
|
|
|
|
runSystem systemctl restart crowdsec-firewall-bouncer
|
|
checkSuccess "Restarted crowdsec-firewall-bouncer"
|
|
|
|
isSuccessful "Priority updated. Run 'crowdsec_verify_firewall' to confirm CrowdSec now runs before UFW."
|
|
}
|