mirror of https://github.com/MISP/MISP
- FreeBSD OpenBSD install updates
parent
ce7a2672a5
commit
573952e7e6
|
@ -1,5 +1,7 @@
|
|||
INSTALLATION INSTRUCTIONS
|
||||
------------------------- for FreeBSD 11.1-amd64
|
||||
------------------------- for FreeBSD 11.2-amd64
|
||||
|
||||
0/ WIP /!\ You are warned, this does not work yet! /!\
|
||||
|
||||
1/ Minimal FreeBSD install
|
||||
--------------------------
|
||||
|
@ -17,45 +19,53 @@ INSTALLATION INSTRUCTIONS
|
|||
# Install pkg and point to latest
|
||||
|
||||
Install pkg by typing:
|
||||
|
||||
```
|
||||
$ su -
|
||||
# pkg
|
||||
```
|
||||
|
||||
Edit the default pkg location in /etc/pkg/FreeBSD.conf
|
||||
Change: quarterly to: latest
|
||||
|
||||
perl -pi -w -e 's/quarterly/latest/g;' /etc/pkg/FreeBSD.conf
|
||||
```
|
||||
# perl -pi -w -e 's/quarterly/latest/g;' /etc/pkg/FreeBSD.conf
|
||||
```
|
||||
|
||||
# Install sudo
|
||||
|
||||
pkg install sudo
|
||||
|
||||
Edit: pw useradd misp -s bash -G wheel,www
|
||||
Make sure users in group wheel can sudo.
|
||||
|
||||
# Update system
|
||||
|
||||
sudo freebsd-update fetch install
|
||||
|
||||
# Install bash
|
||||
|
||||
sudo pkg install bash
|
||||
|
||||
# Install postfix
|
||||
Make sure users in group wheel can sudo, uncomment in /usr/local/etc/sudoers :
|
||||
```
|
||||
%wheel ALL=(ALL) ALL
|
||||
```
|
||||
|
||||
# Update system
|
||||
```
|
||||
sudo freebsd-update fetch install
|
||||
```
|
||||
|
||||
# Install postfix
|
||||
```
|
||||
sudo pkg install postfix
|
||||
|
||||
# Optional but useful, add a local misp user
|
||||
pw useradd misp -s /usr/local/bin/bash -G wheel,www
|
||||
mkdir /home/misp ; chown misp:misp /home/misp
|
||||
passwd misp
|
||||
sudo pw user add misp -s /usr/local/bin/bash -G wheel,www
|
||||
sudo mkdir /home/misp ; sudo chown misp:misp /home/misp
|
||||
sudo passwd misp
|
||||
```
|
||||
|
||||
# Install misc dependencies
|
||||
|
||||
pkg install curl git python3 redis vim
|
||||
```
|
||||
sudo pkg install curl git python3 redis vim
|
||||
```
|
||||
|
||||
# LAMP
|
||||
|
||||
pkg install apache24 \
|
||||
```
|
||||
sudo pkg install apache24 \
|
||||
logrotate \
|
||||
gnupg \
|
||||
mariadb102-server mariadb102-client \
|
||||
|
@ -72,7 +82,7 @@ pkg install apache24 \
|
|||
php72-dom \
|
||||
php72-opcache \
|
||||
php72-session \
|
||||
mod_php72 \
|
||||
mod_php72
|
||||
|
||||
sudo cp -p /usr/local/etc/php.ini-development /usr/local/etc/php.ini
|
||||
|
||||
|
@ -82,9 +92,11 @@ sudo sysrc mysql_enable="yes"
|
|||
sudo sysrc mysql_args="--bind-address=127.0.0.1"
|
||||
sudo service apache24 start
|
||||
sudo service mysql-server start
|
||||
sudo usr/local/bin/mysql_secure_installation
|
||||
sudo /usr/local/bin/mysql_secure_installation
|
||||
```
|
||||
|
||||
vi /usr/local/etc/apache24/Includes/php.conf
|
||||
```
|
||||
sudo vi /usr/local/etc/apache24/Includes/php.conf
|
||||
<IfModule dir_module>
|
||||
DirectoryIndex index.php index.html
|
||||
SetHandler application/x-httpd-php
|
||||
|
@ -92,6 +104,7 @@ vi /usr/local/etc/apache24/Includes/php.conf
|
|||
SetHandler application/x-httpd-php-source
|
||||
</FilesMatch>
|
||||
</IfModule>
|
||||
```
|
||||
|
||||
3/ MISP code
|
||||
------------
|
||||
|
@ -100,31 +113,27 @@ sudo mkdir /usr/local/www/MISP
|
|||
sudo chown www:www /usr/local/www/MISP
|
||||
cd /usr/local/www/MISP
|
||||
sudo -u www git clone https://github.com/MISP/MISP.git /usr/local/www/MISP
|
||||
sudo -u www git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
|
||||
# if the last shortcut doesn't work, specify the latest version manually
|
||||
# example: git checkout tags/v2.4.XY
|
||||
# the message regarding a "detached HEAD state" is expected behaviour
|
||||
# (you only have to create a new branch, if you want to change stuff and do a pull request for example)
|
||||
|
||||
# Make git ignore filesystem permission differences
|
||||
sudo -u www git config core.filemode false
|
||||
|
||||
# install Mitre's STIX and its dependencies by running the following commands:
|
||||
sudo apt-get install python-dev zlib1g-dev python-setuptools
|
||||
##sudo apt-get install python-dev zlib1g-dev python-setuptools
|
||||
sudo pkg install py27-pip py36-pip libxml2 libxslt
|
||||
|
||||
cd /usr/local/www/MISP/app/files/scripts
|
||||
sudo -u www git clone https://github.com/CybOXProject/python-cybox.git
|
||||
sudo -u www git clone https://github.com/STIXProject/python-stix.git
|
||||
cd /usr/local/www/MISP/app/files/scripts/python-cybox
|
||||
sudo python2 setup.py install
|
||||
sudo python3 setup.py install
|
||||
cd /usr/local/www/MISP/app/files/scripts/python-stix
|
||||
sudo python2 setup.py install
|
||||
sudo python3 setup.py install
|
||||
|
||||
# install mixbox to accomodate the new STIX dependencies:
|
||||
cd /usr/local/www/MISP/app/files/scripts/
|
||||
sudo -u www git clone https://github.com/CybOXProject/mixbox.git
|
||||
cd /usr/local/www/MISP/app/files/scripts/mixbox
|
||||
sudo python2 setup.py install
|
||||
sudo python3 setup.py install
|
||||
|
||||
4/ CakePHP
|
||||
-----------
|
||||
|
@ -174,15 +183,9 @@ sudo -u www sh -c "mysql -u misp -p misp < /usr/local/www/MISP/INSTALL/MYSQL.sql
|
|||
-----------------------
|
||||
# Now configure your Apache webserver with the DocumentRoot /usr/local/www/MISP/app/webroot/
|
||||
|
||||
# 2.2
|
||||
sudo mkdir /usr/local/etc/apache22/sites-available/ /usr/local/etc/apache2/sites-enabled/
|
||||
|
||||
#2.4
|
||||
sudo mkdir /usr/local/etc/apache24/sites-available/ /usr/local/etc/apache24/sites-enabled/
|
||||
|
||||
# If the apache version is 2.2:
|
||||
sudo cp /usr/local/www/MISP/INSTALL/apache.22.misp.ssl /usr/local/etc/apache22/sites-available/misp-ssl.conf
|
||||
|
||||
# If the apache version is 2.4:
|
||||
sudo cp /usr/local/www/MISP/INSTALL/apache.24.misp.ssl /usr/local/etc/apache24/sites-available/misp-ssl.conf
|
||||
|
||||
|
@ -196,6 +199,9 @@ sudo openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
|
|||
-subj "/C=<Country>/ST=<State>/L=<Locality>/O=<Organization>/OU=<Organizational Unit Name>/CN=<QDN.here>/emailAddress=admin@<your.FQDN.here>" \
|
||||
-keyout /etc/ssl/private/misp.local.key -out /etc/ssl/private/misp.local.crt
|
||||
|
||||
|
||||
|
||||
|
||||
# Otherwise, copy the SSLCertificateFile, SSLCertificateKeyFile, and SSLCertificateChainFile to /etc/ssl/private/. (Modify path and config to fit your environment)
|
||||
|
||||
sudo mkdir /var/log/apache2/
|
||||
|
@ -237,9 +243,10 @@ sudo mkdir /var/log/apache2/
|
|||
|
||||
# activate new vhost
|
||||
cd /usr/local/etc/apache24/sites-enabled/
|
||||
ln -s ../sites-available/misp.conf
|
||||
sudo ln -s ../sites-available/misp.conf
|
||||
echo "Include etc/apache24/sites-enabled/*.conf" >> /usr/local/etc/apache24/httpd.conf
|
||||
|
||||
sudo vi /usr/local/etc/apache24/httpd.conf
|
||||
/!\ Enable mod_rewrite in httpd.conf /!\
|
||||
LoadModule rewrite_module libexec/apache24/mod_rewrite.so
|
||||
|
||||
|
|
|
@ -10,9 +10,7 @@ INSTALLATION INSTRUCTIONS
|
|||
|
||||
# System Hardening
|
||||
|
||||
- Clean /tmp
|
||||
- Disable Syslogd network socket
|
||||
- Disable Sendmail service
|
||||
- TBD
|
||||
|
||||
# doas & pkg
|
||||
```
|
||||
|
@ -68,7 +66,7 @@ server "default" {
|
|||
listen on $ext6_addr port 80
|
||||
listen on $ext6_addr tls port 443
|
||||
|
||||
root "/htdocs/MISP/app"
|
||||
root "/htdocs/MISP/app/webroot"
|
||||
|
||||
tls {
|
||||
key "/etc/ssl/private/server.key"
|
||||
|
@ -196,6 +194,8 @@ doas -u www git clone https://github.com/MISP/MISP.git /var/www/htdocs/MISP
|
|||
# Make git ignore filesystem permission differences
|
||||
doas -u www git config core.filemode false
|
||||
|
||||
doas pkg_add py-pip py3-pip libxml libxslt
|
||||
|
||||
cd /var/www/htdocs/MISP/app/files/scripts
|
||||
doas -u www git clone https://github.com/CybOXProject/python-cybox.git
|
||||
doas -u www git clone https://github.com/STIXProject/python-stix.git
|
||||
|
|
Loading…
Reference in New Issue