crowdsecurity/crowdsec: bump version 1.0.4; fix acquire logs from RAM disk (#3386)

security/crowdsec/Makefile

@@ -1,5 +1,5 @@
 PLUGIN_NAME=		crowdsec
-PLUGIN_VERSION=		1.0.3
+PLUGIN_VERSION=		1.0.4
 PLUGIN_DEPENDS=		crowdsec
 PLUGIN_COMMENT=		Lightweight and collaborative security engine
 PLUGIN_MAINTAINER=	marco@crowdsec.net

security/crowdsec/pkg-descr

@@ -8,6 +8,11 @@ WWW: https://crowdsec.net/
 Plugin Changelog
 ================
 
+1.0.4
+
+* Add force_inotify option to aquire logs when /var/log is in RAM, otherwise
+  a restart of the service is required after a reboot.
+
 1.0.3
 
 * acquire filter logs for the firewallservices/pf collection (port scans).

security/crowdsec/src/etc/crowdsec/acquis.d/opnsense.yaml

@@ -9,12 +9,20 @@
 filenames:
   # DO NOT EDIT - to add new datasources (log locations),
   # create new files in /usr/local/etc/crowdsec/acquis.d/
-  #
+
   # collection: crowdsecurity/sshd
   - /var/log/audit/latest.log
   # collection: crowdsecurity/opnsense-gui (web admin)
   - /var/log/lighttpd/latest.log
   # collection: firewallservices/pf
   - /var/log/filter/latest.log
+
+# When OPNsense is configured with /var/log in a RAM disk,
+# the log directories are created after crowdsec is run.
+# We force crowdsec to watch over directory creation as well
+# as file creation. FreeBSD has kqueue instead of inotify
+# but the option works with both.
+force_inotify: true
+
 labels:
   type: syslog

security/crowdsec/src/opnsense/mvc/app/models/OPNsense/CrowdSec/General.xml

@@ -1,7 +1,7 @@
 <model>
   <mount>//OPNsense/crowdsec/general</mount>
   <description>CrowdSec general configuration</description>
-  <version>1.0.3</version>
+  <version>1.0.4</version>
   <items>
 
     <agent_enabled type="BooleanField">