Merge pull request #62 from openappsec/open_appsec_add_agent_cache_for_rate_limit

Open appsec add agent cache for rate limit

nodes/agent_cache/package/CMakeLists.txt

@@ -1,41 +1,35 @@
 execute_process (
-	COMMAND bash -c "find / -name \"redis.conf\""
-	OUTPUT_VARIABLE redis_conf_path
-    OUTPUT_STRIP_TRAILING_WHITESPACE
-)
-
-execute_process (
-	COMMAND bash -c "which redis-server"
+	COMMAND sh -c "which redis-server"
 	OUTPUT_VARIABLE redis_server_path
     OUTPUT_STRIP_TRAILING_WHITESPACE
 )
 
 if (IS_SYMLINK ${redis_server_path})
     execute_process (
-        COMMAND bash -c "readlink -f ${redis_server_path}"
+        COMMAND sh -c "readlink -f ${redis_server_path}"
         OUTPUT_VARIABLE redis_server_path
         OUTPUT_STRIP_TRAILING_WHITESPACE
     )
 endif()
 
 execute_process (
-	COMMAND bash -c "which redis-cli"
+	COMMAND sh -c "which redis-cli"
 	OUTPUT_VARIABLE redis_cli_path
     OUTPUT_STRIP_TRAILING_WHITESPACE
 )
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libatomic.so*\" | awk '{printf \$0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libatomic.so*\" | awk '{printf \$0\";\"}'"
 	OUTPUT_VARIABLE atomic
 )
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libjemalloc*\" | awk '{printf \$0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libjemalloc*\" | awk '{printf \$0\";\"}'"
 	OUTPUT_VARIABLE jemalloc
 )
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"liblua*\" | awk '{printf \$0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"liblua*\" | awk '{printf \$0\";\"}'"
 	OUTPUT_VARIABLE lua
 )
 
@@ -44,6 +38,7 @@ install(FILES ${jemalloc} DESTINATION agent_cache/lib)
 install(FILES ${lua} DESTINATION agent_cache/lib)
 install(FILES install-cp-nano-agent-cache.sh  DESTINATION agent_cache/ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
 install(FILES cp-nano-agent-cache.cfg DESTINATION agent_cache/ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
+install(FILES cache.conf DESTINATION agent_cache/ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
 install(FILES ${redis_conf_path}  DESTINATION agent_cache/)
 install(FILES ${redis_server_path}  DESTINATION agent_cache/bin/ RENAME redis-server PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
 install(FILES ${redis_cli_path}  DESTINATION agent_cache/bin PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)

nodes/agent_cache/package/cache.conf

@@ -0,0 +1,6 @@
+bind 127.0.0.1
+port 6379
+appendonly no
+save ""
+maxmemory 500mb
+maxmemory-policy allkeys-lru

nodes/agent_cache/package/install-cp-nano-agent-cache.sh

@@ -52,13 +52,14 @@ run_installation()
     cp_exec "cp -rf lib/* ${USR_LIB_PATH}/cpnano"
     cp_exec "cp -rf bin/redis-server ${CACHE_SERVICE_PATH}/"
     cp_exec "cp -rf bin/redis-cli ${CACHE_SERVICE_PATH}/"
-    cp_exec "cp -f redis.conf ${CONF_PATH}/redis.conf"
     cp_exec "cp -f cp-nano-agent-cache.cfg ${CACHE_SERVICE_PATH}/cp-nano-agent-cache.cfg"
+    cp_exec "cp -f cache.conf ${CONF_PATH}/redis.conf"
     cp_exec "mv ${CACHE_SERVICE_PATH}/redis-server ${CACHE_SERVICE_PATH}/cp-nano-agent-cache"
     cp_exec "mv ${CACHE_SERVICE_PATH}/redis-cli ${CACHE_SERVICE_PATH}/cp-nano-cache-cli"
     cp_exec "chmod +x ${CACHE_SERVICE_PATH}/cp-nano-agent-cache"
     cp_exec "chmod +x ${CACHE_SERVICE_PATH}/cp-nano-cache-cli"
     cp_exec "chmod 600 ${CACHE_SERVICE_PATH}/cp-nano-agent-cache.cfg"
+    cp_exec "chmod 600 ${CONF_PATH}/redis.conf"
 
     cp_exec "${WATCHDOG_PATH} --register ${CACHE_SERVICE_PATH}/cp-nano-agent-cache"
     cp_print "Installation completed successfully." $FORCE_STDOUT

nodes/http_transaction_handler/CMakeLists.txt

@@ -45,25 +45,25 @@ install(TARGETS cp-nano-http-transaction-handler DESTINATION bin)
 install(TARGETS cp-nano-http-transaction-handler DESTINATION http_transaction_handler_service/bin)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libpcre2-8.so*\" | awk '{printf \$0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libpcre2-8.so*\" | awk '{printf \$0\";\"}'"
 	OUTPUT_VARIABLE pcre2-8
 )
 install(FILES ${pcre2-8} DESTINATION http_transaction_handler_service/lib)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libpcre2-posix.so*\" | awk '{printf \$0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libpcre2-posix.so*\" | awk '{printf \$0\";\"}'"
 	OUTPUT_VARIABLE pcre2-posix
 )
 install(FILES ${pcre2-posix} DESTINATION http_transaction_handler_service/lib)
 
 execute_process (
-        COMMAND bash -c "find /usr/lib -name \"libhiredis.so*\" | awk '{printf $0\";\"}'"
+        COMMAND sh -c "find /usr/lib -name \"libhiredis.so*\" | awk '{printf $0\";\"}'"
         OUTPUT_VARIABLE hiredis
 )
 install(FILES ${hiredis} DESTINATION http_transaction_handler_service/lib)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libxml2.so*\" | awk '{printf \$0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libxml2.so*\" | awk '{printf \$0\";\"}'"
 	OUTPUT_VARIABLE xml2
 )
 install(FILES ${xml2} DESTINATION http_transaction_handler_service/lib)

nodes/orchestration/CMakeLists.txt

@@ -43,94 +43,94 @@ install(FILES package/certificate/public-keys/i2.pem DESTINATION orchestration/c
 install(FILES package/certificate/public-keys/stg-i2.pem DESTINATION orchestration/certificate/ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libboost_regex.so*\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libboost_regex.so*\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE boost_regex
 )
 install(FILES ${boost_regex} DESTINATION orchestration/lib/boost)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libboost_atomic.so*\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libboost_atomic.so*\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE boost_atomic
 )
 install(FILES ${boost_atomic} DESTINATION orchestration/lib/boost)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libboost_chrono.so*\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libboost_chrono.so*\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE boost_chrono
 )
 install(FILES ${boost_chrono} DESTINATION orchestration/lib/boost)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libboost_context.so*\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libboost_context.so*\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE boost_context
 )
 install(FILES ${boost_context} DESTINATION orchestration/lib/boost)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libboost_filesystem.so*\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libboost_filesystem.so*\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE boost_filesystem
 )
 install(FILES ${boost_filesystem} DESTINATION orchestration/lib/boost)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libboost_iostreams.so*\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libboost_iostreams.so*\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE boost_iostreams
 )
 install(FILES ${boost_iostreams} DESTINATION orchestration/lib/boost)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libboost_system.so*\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libboost_system.so*\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE boost_system
 )
 install(FILES ${boost_system} DESTINATION orchestration/lib/boost)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libboost_system.so*\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libboost_system.so*\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE boost_system
 )
 install(FILES ${boost_system} DESTINATION orchestration/lib/boost)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libboost_thread.so*\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libboost_thread.so*\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE boost_thread
 )
 install(FILES ${boost_thread} DESTINATION orchestration/lib/boost)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libcrypto.so\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libcrypto.so\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE crypto
 )
 install(FILES ${crypto} DESTINATION orchestration/lib)
 execute_process (
-        COMMAND bash -c "find /lib -name \"libcrypto.so*\" | awk '{printf $0\";\"}'"
+        COMMAND sh -c "find /lib -name \"libcrypto.so*\" | awk '{printf $0\";\"}'"
         OUTPUT_VARIABLE crypto2
 )
 install(FILES ${crypto2} DESTINATION orchestration/lib)
 
 execute_process (
-	 COMMAND bash -c "find /usr/lib -name \"libssl.so\" | awk '{printf $1\";\"}'"
+	 COMMAND sh -c "find /usr/lib -name \"libssl.so\" | awk '{printf $1\";\"}'"
 	 OUTPUT_VARIABLE ssl
 )
 install(FILES ${ssl} DESTINATION orchestration/lib)
 execute_process (
-         COMMAND bash -c "find /lib -name \"libssl.so*\" | awk '{printf $1\";\"}'"
+         COMMAND sh -c "find /lib -name \"libssl.so*\" | awk '{printf $1\";\"}'"
          OUTPUT_VARIABLE ssl2
 )
 install(FILES ${ssl2} DESTINATION orchestration/lib)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libcurl.so*\" | awk '{printf $1\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libcurl.so*\" | awk '{printf $1\";\"}'"
 	OUTPUT_VARIABLE curl
 )
 install(FILES ${curl} DESTINATION orchestration/lib)
 execute_process (
-        COMMAND bash -c "find /lib -name \"libcurl.so*\" | awk '{printf $1\";\"}'"
+        COMMAND sh -c "find /lib -name \"libcurl.so*\" | awk '{printf $1\";\"}'"
         OUTPUT_VARIABLE curl2
 )
 install(FILES ${curl2} DESTINATION orchestration/lib)
 
 execute_process (
-	COMMAND bash -c "find /usr/lib -name \"libz.so*\" | awk '{printf $0\";\"}'"
+	COMMAND sh -c "find /usr/lib -name \"libz.so*\" | awk '{printf $0\";\"}'"
 	OUTPUT_VARIABLE z
 )
 install(FILES ${z} DESTINATION orchestration/lib)