Merge pull request #122 from julienloizelet/feat/prune-cache-script

feat(*): Use remediation-engine 3.0.0 and add prune cache script

Author: julienloizelet

CHANGELOG.md

@@ -3,14 +3,26 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/) and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## Public API
+## SemVer public API
 
-The purpose of this section is to declare the public API of this library as required by  [item 1 of semantic versioning specification](https://semver.org/spec/v2.0.0.html#spec-item-1).
+The [public API](https://semver.org/spec/v2.0.0.html#spec-item-1) of this library consists of all public or protected methods, properties and constants belonging to the `src` folder.
 
-The public API of this library consists of all public or protected methods, properties and constants belonging to the `src` folder.
+---
+
+
+## [1.2.0](https://github.com/crowdsecurity/php-cs-bouncer/releases/tag/v1.2.0) - 2023-03-09
+[_Compare with previous release_](https://github.com/crowdsecurity/php-cs-bouncer/compare/v1.1.1...v1.2.0)
+
+
+### Changed
+- Use `crowdsec/remediation` `^3.0.0` instead of `^2.0.0`
+
+### Added
+- Add a script to prune cache with a cron job (Standalone bouncer)
 
 ---
 
+
 ## [1.1.1](https://github.com/crowdsecurity/php-cs-bouncer/releases/tag/v1.1.1) - 2023-02-16
 [_Compare with previous release_](https://github.com/crowdsecurity/php-cs-bouncer/compare/v1.1.0...v1.1.1)
 

composer.json

@@ -40,8 +40,7 @@
     ],
     "require": {
         "php": ">=7.2.5",
-        "crowdsec/remediation-engine": "^2.0.0",
-        "crowdsec/common": "^1.2.0",
+        "crowdsec/remediation-engine": "^3.0.0",
         "symfony/config": "^4.4.27 || ^5.2 || ^6.0",
         "twig/twig": "^3.4.2",
         "gregwar/captcha": "^1.1",

docs/DEVELOPER.md

@@ -223,7 +223,8 @@ and `GeoLite2-Country.mmdb`. You can download these databases by creating a MaxM
 Then, you can run:
 
 ```bash
-ddev exec BOUNCER_KEY=your-bouncer-key AGENT_TLS_PATH=/var/www/html/cfssl LAPI_URL=https://crowdsec:8080  /usr/bin/php ./my-own-modules/crowdsec-php-lib/vendor/bin/phpunit --testdox --colors --exclude-group ignore ./my-own-modules/crowdsec-php-lib/tests/Integration/GeolocationTest.php
+ddev exec BOUNCER_KEY=your-bouncer-key AGENT_TLS_PATH=/var/www/html/cfssl LAPI_URL=https://crowdsec:8080  
+MEMCACHED_DSN=memcached://memcached:11211 REDIS_DSN=redis://redis:6379 /usr/bin/php ./my-own-modules/crowdsec-php-lib/vendor/bin/phpunit --testdox --colors --exclude-group ignore ./my-own-modules/crowdsec-php-lib/tests/Integration/GeolocationTest.php
 ```
 
 **N.B.**: If you want to test with `curl` instead of `file_get_contents` calls to LAPI, you have to add `USE_CURL=1` in 

docs/USER_GUIDE.md

@@ -192,6 +192,23 @@ and add the following line
 
 In this example, cache is refreshed every minute, but you can modify the cron expression depending on your needs.
 
+### Cache pruning cron task
+
+To use the PHP file system as cache, you should prune the cache with a cron job:
+
+```shell
+sudo -u www-data crontab -e
+```
+
+and add the following line
+
+```shell
+0 0 * * * /usr/bin/php /absolute/path/to/scripts/auto-prepend/prune-cache.php
+```
+
+In this example, cache is pruned at midnight every day, but you can modify the cron expression depending on your needs.
+
+
 ## Create your own bouncer
 
 ### Implementation

scripts/auto-prepend/prune-cache.php

@@ -0,0 +1,15 @@
+<?php
+/**
+ * This script is aimed to be called by a cron job.
+ *
+ * @see docs/USER_GUIDE.md
+ *
+ * @var $crowdSecStandaloneBouncerConfig
+ */
+require_once __DIR__ . '/../../vendor/autoload.php';
+require_once __DIR__ . '/settings.php';
+
+use CrowdSecBouncer\StandaloneBouncer;
+
+$bouncer = new StandaloneBouncer($crowdSecStandaloneBouncerConfig);
+$bouncer->pruneCache();

scripts/auto-prepend/refresh-cache.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * This script is aimed to be called by an auto-prepend directive.
+ * This script is aimed to be called by a cron job.
  *
  * @see docs/USER_GUIDE.md
  *

src/AbstractBouncer.php

@@ -284,29 +284,18 @@ public function shouldBounceCurrentIp(): bool
      * @return void
      * @throws BouncerException
      * @throws InvalidArgumentException
-     * @todo custom error handler should be in RemediationEngine (v3.0.0)
      */
     public function testCacheConnection(): void
     {
         try {
             $cache = $this->getRemediationEngine()->getCacheStorage();
-            if ($cache instanceof Memcached) {
-                set_error_handler(function ($errno, $errstr) {
-                    $message = "Memcached error. (Error level: $errno) Original error was: $errstr";
-                    throw new CacheStorageException($message);
-                });
-            }
             $cache->getItem(AbstractCache::CONFIG);
         } catch (\Exception $e) {
             throw new BouncerException(
                 'Error while testing cache connection: ' . $e->getMessage(),
                 (int)$e->getCode(),
                 $e
             );
-        } finally {
-            if (isset($cache) && $cache instanceof Memcached) {
-                restore_error_handler();
-            }
         }
     }
 
@@ -690,7 +679,7 @@ private function handleCaptchaResolutionForm(string $ip): void
                     ['has_to_be_resolved' => false],
                     $ip,
                     $duration,
-                    Constants::CACHE_TAG_CAPTCHA
+                    [Constants::CACHE_TAG_CAPTCHA]
                 );
                 $unsetVariables = [
                     'phrase_to_guess',
@@ -703,7 +692,7 @@ private function handleCaptchaResolutionForm(string $ip): void
                     $unsetVariables,
                     $ip,
                     $duration,
-                    Constants::CACHE_TAG_CAPTCHA
+                    [Constants::CACHE_TAG_CAPTCHA]
                 );
                 $redirect = $cachedCaptchaVariables['resolution_redirect'] ?? '/';
                 $this->redirectResponse($redirect);
@@ -714,7 +703,7 @@ private function handleCaptchaResolutionForm(string $ip): void
                     ['resolution_failed' => true],
                     $ip,
                     $duration,
-                    Constants::CACHE_TAG_CAPTCHA
+                    [Constants::CACHE_TAG_CAPTCHA]
                 );
             }
         }
@@ -796,7 +785,7 @@ private function initCaptchaResolution(string $ip): void
             $captchaVariables,
             $ip,
             $duration,
-            Constants::CACHE_TAG_CAPTCHA
+            [Constants::CACHE_TAG_CAPTCHA]
         );
     }
 
@@ -822,7 +811,7 @@ private function refreshCaptcha(string $ip): bool
                 $captchaVariables,
                 $ip,
                 $duration,
-                Constants::CACHE_TAG_CAPTCHA
+                [Constants::CACHE_TAG_CAPTCHA]
             );
 
             return true;

src/Constants.php

@@ -39,7 +39,7 @@ class Constants extends RemConstants
     /** @var string Path for html templates folder (e.g. ban and captcha wall) */
     public const TEMPLATES_DIR = __DIR__ . "/templates";
     /** @var string The last version of this library */
-    public const VERSION = 'v1.1.1';
+    public const VERSION = 'v1.2.0';
     /** @var string The "disabled" x-forwarded-for setting */
     public const X_FORWARDED_DISABLED = 'no_forward';
 }