- Merge debian-stable and debian-testing instructions

2018-07-05 08:36:13 +02:00 · 2018-07-05 08:36:13 +02:00 · 03891e349f
parent f13b15b1d4
commit 03891e349f
2 changed files with 48 additions and 15 deletions
--- a/INSTALL/INSTALL.debian9.txt
+++ b/INSTALL/INSTALL.debian9.txt
@ -64,6 +64,14 @@ installation, just alter the salt,

 # Install a minimal Debian 9 "stretch" server system with the software:
 - OpenSSH server
+- Web server, apache FTW!
+- This guide assumes a user name of 'misp'
+
+# install sudo and etckeeper
+su -
+apt install etckeeper
+apt install sudo
+adduser -aG sudo misp

 # Make sure your system is up2date:
 sudo apt-get update
@ -128,11 +136,6 @@ sudo chown www-data:www-data /var/www/MISP
 cd /var/www/MISP
 sudo -u www-data git clone https://github.com/MISP/MISP.git /var/www/MISP

-sudo -u www-data git submodule init
-sudo -u www-data git submodule update
-# Make git ignore filesystem permission differences for submodules
-sudo -u www-data git submodule foreach git config core.filemode false
-
 # Make git ignore filesystem permission differences
 sudo -u www-data git config core.filemode false

@ -160,6 +163,10 @@ sudo python3 setup.py install
 -----------
 # CakePHP is included as a submodule of MISP, execute the following commands to let git fetch it:
 cd /var/www/MISP
+sudo -u www-data git submodule init
+sudo -u www-data git submodule update
+# Make git ignore filesystem permission differences for submodules
+sudo -u www-data git submodule foreach git config core.filemode false

 # Once done, install CakeResque along with its dependencies if you intend to use the built in background jobs:
 cd /var/www/MISP/app
@ -192,11 +199,13 @@ sudo chmod -R g+ws /var/www/MISP/app/files/scripts/tmp
 # Enter the mysql shell
 sudo mysql -u root -p

+```
 MariaDB [(none)]> create database misp;
 MariaDB [(none)]> grant usage on *.* to misp@localhost identified by 'XXXXdbpasswordhereXXXXX';
 MariaDB [(none)]> grant all privileges on misp.* to misp@localhost;
 MariaDB [(none)]> flush privileges;
 MariaDB [(none)]> exit
+```

 # Import the empty MISP database from MYSQL.sql
 sudo -u www-data sh -c "mysql -u misp -p misp < /var/www/MISP/INSTALL/MYSQL.sql"
@ -223,6 +232,7 @@ sudo openssl req -newkey rsa:4096 -days 365 -nodes -x509 \

 ============================================= Begin sample working SSL config for MISP
 <VirtualHost <IP, FQDN, or *>:80>
+        ServerAdmin admin@<your.FQDN.here>
        ServerName <your.FQDN.here>

        Redirect permanent / https://<your.FQDN.here>
@ -315,8 +325,9 @@ sudo -u www-data vim /var/www/MISP/app/Config/database.php
 # delete the user from mysql and log in again using the default admin credentials (admin@admin.test / admin)
 # e.g. https://pythontips.com/2013/07/28/generating-a-random-string/

-# Change base url in config.php
-sudo -u www-data vim /var/www/MISP/app/Config/config.php
+# Change base url
+sudo /var/www/MISP/app/Console/cake Baseurl ""
+
 # example: 'baseurl' => 'https://<your.FQDN.here>',
 # alternatively, you can leave this field empty if you would like to use relative pathing in MISP
 # 'baseurl' => '',
@ -348,6 +359,21 @@ sudo -u www-data bash /var/www/MISP/app/Console/worker/start.sh

 # Don't forget to change the email, password and authentication key after installation.

+# Set MISP Live
+sudo /var/www/MISP/app/Console/cake Live 1
+
+AUTH_KEY=$(mysql -u misp -pPassword1234 misp -e "SELECT authkey FROM users;" | tail -1)
+
+# Update the galaxies…
+curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/galaxies/update
+
+# Updating the taxonomies…
+curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/taxonomies/update
+
+# Updating the warning lists…
+curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/warninglists/update
+# Updating the notice lists…
+
 # Start the workers

 /var/www/MISP/app/Console/worker/start.sh
--- a/INSTALL/INSTALL.debian_testing.txt
+++ b/INSTALL/INSTALL.debian_testing.txt
@ -23,11 +23,11 @@ adduser -aG sudo misp

 # Make sure your system is up2date:
 sudo apt-get update
-sudo apt-get upgrade
+sudo apt-get -y dist-upgrade


 # install postfix, there will be some questions.
-sudo apt-get install postfix
+sudo apt-get install -y postfix
 # Postfix Configuration: Satellite system
 # change the relay server later with:
 sudo postconf -e 'relayhost = example.com'
@ -73,17 +73,12 @@ sudo mkdir /var/www/MISP
 sudo chown www-data:www-data /var/www/MISP
 cd /var/www/MISP
 sudo -u www-data git clone https://github.com/MISP/MISP.git /var/www/MISP
-##sudo -u www-data git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
-# if the last shortcut doesn't work, specify the latest version manually
-# example: git checkout tags/v2.4.XY
-# the message regarding a "detached HEAD state" is expected behaviour
-# (you only have to create a new branch, if you want to change stuff and do a pull request for example)

 # Make git ignore filesystem permission differences
 sudo -u www-data git config core.filemode false

 # install Mitre's STIX and its dependencies by running the following commands:
-sudo apt-get install python3-dev python3-pip python-pip libxml2-dev libxslt1-dev zlib1g-dev python-setuptools
+sudo apt-get install -y python3-dev python3-pip libxml2-dev libxslt1-dev zlib1g-dev python-setuptools
 cd /var/www/MISP/app/files/scripts
 sudo -u www-data git clone https://github.com/CybOXProject/python-cybox.git
 sudo -u www-data git clone https://github.com/STIXProject/python-stix.git
@ -98,6 +93,10 @@ sudo -u www-data git clone https://github.com/CybOXProject/mixbox.git
 cd /var/www/MISP/app/files/scripts/mixbox
 sudo python3 setup.py install

+# install PyMISP
+cd /var/www/MISP/PyMISP
+sudo python3 setup.py install
+
 4/ CakePHP
 -----------
 # CakePHP is included as a submodule of MISP, execute the following commands to let git fetch it:
@ -109,6 +108,8 @@ sudo -u www-data git submodule foreach git config core.filemode false

 # Once done, install CakeResque along with its dependencies if you intend to use the built in background jobs:
 cd /var/www/MISP/app
+# Make composer cache happy
+sudo mkdir /var/www/.composer ; sudo chown www-data:www-data /var/www/.composer
 sudo -u www-data php composer.phar require kamisama/cake-resque:4.1.2
 sudo -u www-data php composer.phar config vendor-dir Vendor
 sudo -u www-data php composer.phar install
@ -213,6 +214,12 @@ sudo a2ensite misp-ssl
 # memory_limit = 512M
 # upload_max_filesize = 50M
 # post_max_size = 50M
+for key in upload_max_filesize post_max_size max_execution_time max_input_time
+memory_limit
+do
+    sudo sed -i "s/^\($key\).*/\1 = $(eval echo \${$key})/" $PHP_INI
+done
+

 # Restart apache
 sudo systemctl restart apache2