chg: [doc] More fixes to installer builder

INSTALL/INSTALL.debian.sh

@@ -39,16 +39,16 @@
 # $ done
 #
 # Temporary copy/paste holder
-# $ perl -pe 's/## 0_global-vars.sh ##/`cat 0_global-vars.sh`/ge' -i INSTALL.debian.sh
-# $ perl -pe 's/## 0_sudoKeeper.sh ##/`cat 0_sudoKeeper.sh`/ge' -i INSTALL.debian.sh
-# $ perl -pe 's/## 0_support-functions.sh ##/`cat 0_support-functions.sh`/ge' -i INSTALL.debian.sh
-# $ perl -pe 's/## 2_gnupg.sh ##/`cat 2_gnupg.sh`/ge' -i INSTALL.debian.sh
-# $ perl -pe 's/## 2_core-cake.sh ##/`cat 2_core-cake.sh`/ge' -i INSTALL.debian.sh
-# $ perl -pe 's/## 3_misp-modules.sh ##/`cat 3_misp-modules.sh`/ge' -i INSTALL.debian.sh
-# $ perl -pe 's/## 4_misp-dashboard-cake.sh ##/`cat 4_misp-dashboard-cake.sh`/ge' -i INSTALL.debian.sh
-# $ perl -pe 's/## 4_misp-dashboard.sh ##/`cat 4_misp-dashboard.sh`/ge' -i INSTALL.debian.sh
-# $ perl -pe 's/## 5_mail_to_misp.sh ##/`cat 5_mail_to_misp.sh`/ge' -i INSTALL.debian.sh
-# $ perl -pe 's/## 6_viper.sh ##/`cat 6_viper.sh`/ge' -i INSTALL.debian.sh
+# $ perl -pe 's/^## 0_global-vars.sh ##/`cat 0_global-vars.sh`/ge' -i INSTALL.debian.sh
+# $ perl -pe 's/^## 0_sudoKeeper.sh ##/`cat 0_sudoKeeper.sh`/ge' -i INSTALL.debian.sh
+# $ perl -pe 's/^## 0_support-functions.sh ##/`cat 0_support-functions.sh`/ge' -i INSTALL.debian.sh
+# $ perl -pe 's/^## 2_gnupg.sh ##/`cat 2_gnupg.sh`/ge' -i INSTALL.debian.sh
+# $ perl -pe 's/^## 2_core-cake.sh ##/`cat 2_core-cake.sh`/ge' -i INSTALL.debian.sh
+# $ perl -pe 's/^## 3_misp-modules.sh ##/`cat 3_misp-modules.sh`/ge' -i INSTALL.debian.sh
+# $ perl -pe 's/^## 4_misp-dashboard-cake.sh ##/`cat 4_misp-dashboard-cake.sh`/ge' -i INSTALL.debian.sh
+# $ perl -pe 's/^## 4_misp-dashboard.sh ##/`cat 4_misp-dashboard.sh`/ge' -i INSTALL.debian.sh
+# $ perl -pe 's/^## 5_mail_to_misp.sh ##/`cat 5_mail_to_misp.sh`/ge' -i INSTALL.debian.sh
+# $ perl -pe 's/^## 6_viper.sh ##/`cat 6_viper.sh`/ge' -i INSTALL.debian.sh
 
 ### BEGIN AUTOMATED SECTION ###
 

docs/INSTALL.ubuntu1804.md

@@ -14,10 +14,10 @@
 
 ```bash
 ## TODO: Move this away, this should be done depending on using php7.2 or php7.3
-# <snippet-begin 1_php-vars.sh>
+# <snippet-begin php-vars.sh>
 PHP_ETC_BASE=/etc/php/7.2
 PHP_INI=${PHP_ETC_BASE}/apache2/php.ini
-# <snippet-end 1_php-vars.sh>
+# <snippet-end php-vars.sh>
 ```
 
 ### 1/ Minimal Ubuntu install
@@ -43,7 +43,7 @@ sudo apt-get upgrade
 ```bash
 # <snippet-begin postfix.sh>
 sudo apt-get install postfix dialog -y
-# <snippet-begin postfix.sh>
+# <snippet-end postfix.sh>
 ```
 
 !!! notice

docs/generic/MISP_CAKE_init.md

@@ -1,6 +1,6 @@
 #### Initialize MISP configuration and set some defaults
 ```bash
-# <snippet-start core-cake.sh>
+# <snippet-begin 2_core-cake.sh>
 # Core cake commands
 coreCAKE () {
   sudo -H -u www-data -E $CAKE userInit -q
@@ -159,5 +159,5 @@ updateGOWNT () {
   ##sudo -H -u www-data $CAKE Admin updateObjectTemplates
   curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/objectTemplates/update
 }
-# <snippet-end core-cake.sh>
+# <snippet-end 2_core-cake.sh>
 ```

docs/generic/ethX.md

@@ -3,13 +3,30 @@
 This will bring back 'ethX' e.g: eth0
 
 ```bash
+# <snippet-end interfaces.sh>
 GRUB_CMDLINE_LINUX="net.ifnames=0 biosdevname=0"
 DEFAULT_GRUB=/etc/default/grub
-for key in GRUB_CMDLINE_LINUX
-do
-    sudo sed -i "s/^\($key\)=.*/\1=\"$(eval echo \${$key})\"/" $DEFAULT_GRUB
-done
+
+echo "--- Using old style name (ethX) for interfaces"
+#for key in GRUB_CMDLINE_LINUX
+#do
+#    sudo sed -i "s/^\($key\)=.*/\1=\"$(eval echo \${$key})\"/" $DEFAULT_GRUB
+#done
+sed  -r  's/^(GRUB_CMDLINE_LINUX=).*/\1\"net\.ifnames=0\ biosdevname=0\"/' /etc/default/grub | sudo tee /etc/default/grub > /dev/null
+
+# install ifupdown since ubuntu 18.04
+sudo apt-get update
+sudo apt-get install -y ifupdown
+
+# enable eth0
+echo "--- Configuring eth0"
+
+echo "# The primary network interface
+auto eth0
+iface eth0 inet dhcp" | sudo tee /etc/network/interfaces
 sudo grub-mkconfig -o /boot/grub/grub.cfg
+sudo update-grub  > /dev/null 2>&1
+# <snippet-end interfaces.sh>
 ```
 
 !!! notice

docs/generic/gnupg.md

@@ -0,0 +1,28 @@
+```bash
+# <snippet-begin 2_gnupg.sh>
+# Generate GnuPG key
+setupGnuPG () {
+  if [ -ne $PATH_TO_MISP/.gnupg ]; then
+    # The email address should match the one set in the config.php
+    # set in the configuration menu in the administration menu configuration file
+    echo "%echo Generating a default key
+      Key-Type: default
+      Key-Length: $GPG_KEY_LENGTH
+      Subkey-Type: default
+      Name-Real: $GPG_REAL_NAME
+      Name-Comment: $GPG_COMMENT
+      Name-Email: $GPG_EMAIL_ADDRESS
+      Expire-Date: 0
+      Passphrase: $GPG_PASSPHRASE
+      # Do a commit here, so that we can later print "done"
+      %commit
+    %echo done" > /tmp/gen-key-script
+
+    $SUDO_WWW gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key /tmp/gen-key-script
+
+    # Export the public key to the webroot
+    $SUDO_WWW sh -c "gpg --homedir $PATH_TO_MISP/.gnupg --export --armor $GPG_EMAIL_ADDRESS" | $SUDO_WWW tee $PATH_TO_MISP/app/webroot/gpg.asc
+  fi
+}
+# <snippet-end 2_gnupg.sh>
+```

docs/generic/mail_to_misp-debian.md

@@ -9,7 +9,7 @@
     ```
 
 ```bash
-#<snippet-begin mail_to_misp.sh>
+# <snippet-begin 5_mail_to_misp.sh>
 # Main mail2misp install function
 mail2misp () {
   cd /usr/local/src/
@@ -34,5 +34,5 @@ mail2misp () {
   sed -i "s/^misp_url\ =\ 'YOUR_MISP_URL'/misp_url\ =\ 'https:\/\/localhost'/g" /usr/local/src/mail_to_misp/mail_to_misp_config.py
   sed -i "s/^misp_key\ =\ 'YOUR_KEY_HERE'/misp_key\ =\ '${AUTH_KEY}'/g" /usr/local/src/mail_to_misp/mail_to_misp_config.py
 }
-#<snippet-end mail_to_misp.sh>
+# <snippet-end 5_mail_to_misp.sh>
 ```

docs/generic/misp-dashboard-centos.md

@@ -0,0 +1,75 @@
+#### MISP Dashboard on CentOS
+--------------
+```bash
+cd /var/www
+sudo mkdir misp-dashboard
+sudo chown www-data:www-data misp-dashboard
+sudo -u www-data git clone https://github.com/MISP/misp-dashboard.git
+cd misp-dashboard
+sudo -H /var/www/misp-dashboard/install_dependencies.sh
+sudo sed -i "s/^host\ =\ localhost/host\ =\ 0.0.0.0/g" /var/www/misp-dashboard/config/config.cfg
+sudo sed -i '/Listen 80/a Listen 0.0.0.0:8001' /etc/apache2/ports.conf
+sudo apt install libapache2-mod-wsgi-py3 -y
+
+echo "<VirtualHost *:8001>
+    ServerAdmin admin@misp.local
+    ServerName misp.local
+    DocumentRoot /var/www/misp-dashboard
+    
+    WSGIDaemonProcess misp-dashboard \
+       user=misp group=misp \
+       python-home=/var/www/misp-dashboard/DASHENV \
+       processes=1 \
+       threads=15 \
+       maximum-requests=5000 \
+       listen-backlog=100 \
+       queue-timeout=45 \
+       socket-timeout=60 \
+       connect-timeout=15 \
+       request-timeout=60 \
+       inactivity-timeout=0 \
+       deadlock-timeout=60 \
+       graceful-timeout=15 \
+       eviction-timeout=0 \
+       shutdown-timeout=5 \
+       send-buffer-size=0 \
+       receive-buffer-size=0 \
+       header-buffer-size=0 \
+       response-buffer-size=0 \
+       server-metrics=Off
+    WSGIScriptAlias / /var/www/misp-dashboard/misp-dashboard.wsgi
+    <Directory /var/www/misp-dashboard>
+        WSGIProcessGroup misp-dashboard
+        WSGIApplicationGroup %{GLOBAL}
+        Require all granted
+    </Directory>
+    LogLevel info
+    ErrorLog /var/log/apache2/misp-dashboard.local_error.log
+    CustomLog /var/log/apache2/misp-dashboard.local_access.log combined
+    ServerSignature Off
+</VirtualHost>" | sudo tee /etc/apache2/sites-available/misp-dashboard.conf
+
+sudo a2ensite misp-dashboard
+sudo systemctl reload apache2
+
+# Add misp-dashboard to rc.local to start on boot.
+sudo sed -i -e '$i \sudo -u www-data bash /var/www/misp-dashboard/start_all.sh > /tmp/misp-dashboard_rc.local.log\n' /etc/rc.local
+
+# Enable ZeroMQ for misp-dashboard
+sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_enable" true"
+sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_event_notifications_enable" true"
+sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_object_notifications_enable" true"
+sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_object_reference_notifications_enable" true"
+sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_attribute_notifications_enable" true"
+sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_sighting_notifications_enable" true"
+sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_user_notifications_enable" true"
+sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_organisation_notifications_enable" true"
+sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_port" 50000"
+sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_redis_host" "localhost""
+sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_redis_port" 6379"
+sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_redis_database" 1"
+sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_redis_namespace" "mispq""
+sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_include_attachments" false"
+sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_tag_notifications_enable" false"
+sudo $RUN_PHP "$CAKE Admin setSetting "Plugin.ZeroMQ_audit_notifications_enable" false"
+```

docs/generic/misp-dashboard-debian.md

@@ -1,7 +1,7 @@
 #### MISP Dashboard
 --------------
 ```bash
-# <snippet-start 0_misp-dashboard.sh>
+# <snippet-begin 4_misp-dashboard.sh>
 # Main MISP Dashboard install function
 mispDashboard () {
   cd /var/www
@@ -63,9 +63,9 @@ mispDashboard () {
   # Add misp-dashboard to rc.local to start on boot.
   sudo sed -i -e '$i \sudo -u www-data bash /var/www/misp-dashboard/start_all.sh > /tmp/misp-dashboard_rc.local.log\n' /etc/rc.local
 }
-# <snippet-end 0_misp-dashboard.sh>
+# <snippet-end 4_misp-dashboard.sh>
 
-# <snippet-start 0_misp-dashboard-cake.sh>
+# <snippet-begin 4_misp-dashboard-cake.sh>
 dashboardCAKE () {
   # Enable ZeroMQ for misp-dashboard
   sudo -H -u www-data $CAKE Admin setSetting "Plugin.ZeroMQ_enable" true
@@ -85,5 +85,5 @@ dashboardCAKE () {
   sudo -H -u www-data $CAKE Admin setSetting "Plugin.ZeroMQ_tag_notifications_enable" false
   sudo -H -u www-data $CAKE Admin setSetting "Plugin.ZeroMQ_audit_notifications_enable" false
 }
-# <snippet-end 0_misp-dashboard-cake.sh>
+# <snippet-end 4_misp-dashboard-cake.sh>
 ```

docs/generic/misp-modules-debian.md

@@ -1,51 +1,31 @@
 #### Install misp-modules (optional)
 
 ```bash
-# <snippet-start misp-modules.sh>
+# <snippet-begin 3_misp-modules.sh>
 # Main MISP Modules install function
 mispmodules () {
-  sed -i -e '$i \sudo -u www-data misp-modules -l 0.0.0.0 -s &\n' /etc/rc.local
+  sudo sed -i -e '$i \sudo -u www-data ${PATH_TO_MISP}/venv/bin/misp-modules -l 127.0.0.1 -s > /tmp/misp-modules_rc.local.log &\n' /etc/rc.local
   $SUDO_WWW bash $PATH_TO_MISP/app/Console/worker/start.sh
   cd /usr/local/src/
   git clone https://github.com/MISP/misp-modules.git
   cd misp-modules
-  # pip3 install
-  pip3 install -I -r REQUIREMENTS
-  pip3 install -I .
-  pip3 install maec lief python-magic wand yara
-  pip3 install git+https://github.com/kbandla/pydeep.git
-  gem install pygments.rb
-  gem install asciidoctor-pdf --pre
-  $SUDO_WWW misp-modules -l 0.0.0.0 -s &
+  # some misp-modules dependencies
+  sudo apt-get install libpq5 libjpeg-dev libfuzzy-dev -y
+  # pip install
+  sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install -I -r REQUIREMENTS
+  sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install -I .
+  sudo apt install ruby-pygments.rb -y
+  sudo gem install asciidoctor-pdf --pre
+  # install additional dependencies for extended object generation and extraction
+  sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install maec lief python-magic wand yara pathlib
+  sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
+  # Start misp-modules
+  $SUDO_WWW ${PATH_TO_MISP}/venv/bin/misp-modules -l 127.0.0.1 -s &
+
+  # Cake commands for enabling basic misp-modules
+  sudo -H -u www-data $CAKE Admin setSetting "Plugin.Enrichment_asn_history_enabled" true
+  sudo -H -u www-data $CAKE Admin setSetting "Plugin.Enrichment_cve_enabled" true
+  sudo -H -u www-data $CAKE Admin setSetting "Plugin.Enrichment_dns_enabled" true
 }
-
-sudo sed -i -e '$i \sudo -u www-data ${PATH_TO_MISP}/venv/bin/misp-modules -l 127.0.0.1 -s > /tmp/misp-modules_rc.local.log &\n' /etc/rc.local
-
-# some misp-modules dependencies
-sudo apt-get install libpq5 libjpeg-dev libfuzzy-dev -y
-
-sudo chmod 2775 /usr/local/src
-sudo chown root:staff /usr/local/src
-cd /usr/local/src/
-git clone https://github.com/MISP/misp-modules.git
-cd misp-modules
-# pip install
-sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install -I -r REQUIREMENTS
-sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install .
-sudo apt install ruby-pygments.rb -y
-sudo gem install asciidoctor-pdf --pre
-
-# install additional dependencies for extended object generation and extraction
-sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install maec lief python-magic pathlib
-sudo -H -u www-data ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
-
-# Start misp-modules
-sudo -u www-data ${PATH_TO_MISP}/venv/bin/misp-modules -l 127.0.0.1 -s &
-
-# Cake commands for enabling basic misp-modules
-sudo -H -u www-data $CAKE Admin setSetting "Plugin.Enrichment_asn_history_enabled" true
-sudo -H -u www-data $CAKE Admin setSetting "Plugin.Enrichment_cve_enabled" true
-sudo -H -u www-data $CAKE Admin setSetting "Plugin.Enrichment_dns_enabled" true
-# <snippet-end misp-modules.sh>
+# <snippet-end 3_misp-modules.sh>
 ```
-

docs/generic/sudo_etckeeper.md

@@ -14,18 +14,17 @@ checkSudoKeeper () {
     sudo apt install etckeeper -y
   fi
 }
-# <snippet-begin 0_sudoKeeper.sh>
+# <snippet-end 0_sudoKeeper.sh>
 ```
 
 ##### add the misp user to staff and www-data (mandatory)
 ```bash
-# <snippet-begin apt-upgrade.sh>
+# <snippet-begin add-user.sh>
 # Add the user to the staff group to be able to write to /usr/local/src
 # TODO: Fix this, user misp might not exist
 sudo adduser misp staff
 sudo adduser misp www-data
-# TODO: FIXME: this breaks a script...
-sudo su - misp
-# <snippet-begin apt-upgrade.sh>
+# <snippet-end add-user.sh>
+# Logout and back in to make the group changes take effect.
 logout
 ```

docs/generic/supportFunctions.md

@@ -135,7 +135,16 @@ if [[ -e /usr/local/src ]]; then
     echo -n "/usr/local/src need to be writeable by $MISP_USER, permission to fix? (y/n)"
     read ANSWER
     ANSWER=$(echo $ANSWER |tr [A-Z] [a-z])
+    if [ "$ANSWER" == "y" ]; then
+      sudo chmod 2775 /usr/local/src
+      sudo chown root:staff /usr/local/src
+    fi
   fi
+else
+  echo "/usr/local/src does not exist, creating."
+  mkdir /usr/local/src
+  sudo chmod 2775 /usr/local/src
+  sudo chown root:staff /usr/local/src
 fi
 
 }
@@ -440,5 +449,5 @@ theEnd () {
   echo "Enjoy using MISP. For any issues see here: https://github.com/MISP/MISP/issues"
   su - ${MISP_USER}
 }
-# <snippet-begin 0_support-functions.sh>
+# <snippet-end 0_support-functions.sh>
 ```

docs/generic/viper-debian.md

@@ -9,7 +9,7 @@
     ```
 
 ```bash
-# <snippet-begin viper.sh>
+# <snippet-begin 6_viper.sh>
 # Main Viper install function
 viper () {
   cd /usr/local/src/
@@ -63,5 +63,5 @@ viper () {
   # Add viper-web to rc.local to be started on boot
   sudo sed -i -e '$i \sudo -u misp /usr/local/src/viper/viper-web -p 8888 -H 0.0.0.0 > /tmp/viper-web_rc.local.log &\n' /etc/rc.local
 }
-# <snippet-end viper.sh>
+# <snippet-end 6_viper.sh>
 ```