mirror of https://github.com/MISP/MISP
Merge pull request #5938 from SteveClement/guides
commit
5d7244741f
|
@ -1,5 +1,5 @@
|
|||
# INSTALLATION INSTRUCTIONS
|
||||
## for NetBSD 8.1-amd64
|
||||
## for NetBSD 9.0-amd64
|
||||
|
||||
!!! warning
|
||||
This is not fully working yet. Mostly it is a template for our ongoing documentation efforts :spider:
|
||||
|
@ -33,7 +33,9 @@ export AUTOCONF_VERSION=2.69
|
|||
|
||||
#### sudo & pkgin (as root)
|
||||
```bash
|
||||
su root -c "pkgin install sudo gsed"
|
||||
su root -c "cd /usr/pkgsrc/pkg tools/pkgin/; make install clean"
|
||||
su root -c "pkgin update"
|
||||
su root -c "pkgin -y install sudo gsed"
|
||||
su root -c 'gsed -i -e "s/# %wheel ALL=(ALL) NOPASSWD: ALL/%wheel ALL=(ALL) NOPASSWD: ALL/" /usr/pkg/etc/sudoers'
|
||||
```
|
||||
|
||||
|
@ -41,10 +43,11 @@ su root -c 'gsed -i -e "s/# %wheel ALL=(ALL) NOPASSWD: ALL/%wheel ALL=(ALL) NOPA
|
|||
|
||||
```bash
|
||||
cd /usr
|
||||
env CVS_RSH=ssh sudo cvs -d anoncvs@anoncvs.NetBSD.org:/cvsroot checkout -P pkgsrc
|
||||
env CVS_RSH=ssh cvs -d anoncvs@anoncvs.NetBSD.org:/cvsroot checkout -P pkgsrc
|
||||
cd pkgsrc/bootstrap
|
||||
sudo ./bootstrap
|
||||
sudo /usr/pkg/sbin/pkg_admin -K /var/db/pkg fetch-pkg-vulnerabilities
|
||||
./bootstrap
|
||||
cd /usr/pkgsrc/pkg tools/pkgin/; make install clean
|
||||
/usr/pkg/sbin/pkg_admin fetch-pkg-vulnerabilities
|
||||
```
|
||||
|
||||
```
|
||||
|
@ -61,56 +64,56 @@ users crontab(5) entry. For example the entry
|
|||
|
||||
#### Install bash
|
||||
```bash
|
||||
sudo pkgin install bash
|
||||
sudo pkgin -y install bash
|
||||
```
|
||||
|
||||
#### mariadb server
|
||||
```bash
|
||||
sudo pkgin install mariadb-server
|
||||
sudo pkgin -y install mysql-server
|
||||
```
|
||||
|
||||
#### Install misc dependencies
|
||||
|
||||
```bash
|
||||
sudo pkgin install curl git python36 py36-pip redis autoconf automake libtool magic
|
||||
sudo pkgin -y install curl git python37 py37-pip redis autoconf automake libtool magic
|
||||
```
|
||||
|
||||
```bash
|
||||
sudo pkgin install gnupg2
|
||||
sudo pkgin -y install gnupg2
|
||||
```
|
||||
|
||||
#### Install postfix (optional)
|
||||
|
||||
```bash
|
||||
sudo pkgin install postfix
|
||||
sudo pkgin -y install postfix
|
||||
```
|
||||
|
||||
#### vim (optional)
|
||||
```bash
|
||||
sudo pkgin install vim
|
||||
sudo pkgin -y install vim
|
||||
sudo mv /usr/bin/vi /usr/bin/vi-`date +%d%m%y`
|
||||
sudo ln -s /usr/pkg/bin/vim /usr/bin/vi
|
||||
```
|
||||
|
||||
#### misp user #REMOVE
|
||||
```bash
|
||||
sudo useradd -m -s /usr/local/bin/bash -G wheel,www misp
|
||||
```
|
||||
|
||||
#### apache + php + moz-rootcerts
|
||||
|
||||
```bash
|
||||
sudo pkgin install php ap24-php73 php73-fpm php73-redis3 php73-mysqli php73-pdo_mysql php73-pcntl php73-json php73-iconv php73-gd php73-mbstring php73-pear-Crypt_GPG
|
||||
sudo pkgin -y install php ap24-php74 php74-fpm php74-redis3 php74-mysqli php74-pdo_mysql php74-pcntl php74-json php74-iconv php74-gd php74-mbstring php74-pear-Crypt_GPG
|
||||
sudo cp /usr/share/examples/openssl/openssl.cnf /etc/openssl/
|
||||
sudo mozilla-rootcerts install
|
||||
sudo cp /usr/pkg/share/examples/rc.d/apache /etc/rc.d/
|
||||
echo apache=yes |sudo tee /etc/rc.conf.d/apache
|
||||
```
|
||||
|
||||
#### misp user
|
||||
```bash
|
||||
sudo useradd -m -s /usr/pkg/bin/bash -G wheel,www misp
|
||||
```
|
||||
|
||||
#### Install X11R7 post-install
|
||||
```bash
|
||||
cd /tmp
|
||||
wget https://ftp.netbsd.org/pub/NetBSD/NetBSD-8.1/amd64/binary/sets/xbase.tgz
|
||||
wget https://ftp.netbsd.org/pub/NetBSD/NetBSD-9.0/amd64/binary/sets/xbase.tgz
|
||||
sudo tar -C / -xzphf xbase.tgz
|
||||
rm xbase.tgz
|
||||
```
|
||||
|
@ -129,16 +132,16 @@ OPENSSL_EMAILADDRESS='info@localhost'
|
|||
```
|
||||
|
||||
```bash
|
||||
sudo openssl req -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=$OPENSSL_C/ST=$OPENSSL_ST/L=$OPENSSL_L/O=<$OPENSSL_O/OU=$OPENSSL_OU/CN=$OPENSSL_CN/emailAddress=$OPENSSL_EMAILADDRESS" -keyout /etc/openssl/private/server.key -out /usr/pkg/etc/httpd/server.crt
|
||||
sudo openssl req -sha256 -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=$OPENSSL_C/ST=$OPENSSL_ST/L=$OPENSSL_L/O=<$OPENSSL_O/OU=$OPENSSL_OU/CN=$OPENSSL_CN/emailAddress=$OPENSSL_EMAILADDRESS" -keyout /etc/openssl/private/server.key -out /usr/pkg/etc/httpd/server.crt
|
||||
```
|
||||
|
||||
#### Install Python virtualenv
|
||||
```bash
|
||||
sudo ln -sf /usr/pkg/bin/pip3.6 /usr/pkg/bin/pip
|
||||
sudo ln -s /usr/pkg/bin/python3.6 /usr/pkg/bin/python
|
||||
sudo ln -s /usr/pkg/bin/python3.6 /usr/pkg/bin/python3
|
||||
sudo pkgin install py36-virtualenv
|
||||
sudo ln -s /usr/pkg/bin/virtualenv-3.6 /usr/pkg/bin/virtualenv
|
||||
sudo ln -sf /usr/pkg/bin/pip3.7 /usr/pkg/bin/pip
|
||||
sudo ln -s /usr/pkg/bin/python3.7 /usr/pkg/bin/python
|
||||
sudo ln -s /usr/pkg/bin/python3.7 /usr/pkg/bin/python3
|
||||
sudo pkgin -y install py37-virtualenv
|
||||
sudo ln -s /usr/pkg/bin/virtualenv-3.7 /usr/pkg/bin/virtualenv
|
||||
```
|
||||
|
||||
#### Install ssdeep
|
||||
|
@ -146,11 +149,11 @@ sudo ln -s /usr/pkg/bin/virtualenv-3.6 /usr/pkg/bin/virtualenv
|
|||
sudo mkdir -p /usr/local/src
|
||||
sudo chown misp:users /usr/local/src
|
||||
cd /usr/local/src
|
||||
git clone https://github.com/ssdeep-project/ssdeep.git
|
||||
sudo -u misp git clone https://github.com/ssdeep-project/ssdeep.git
|
||||
cd ssdeep
|
||||
./bootstrap
|
||||
./configure --prefix=/usr
|
||||
make
|
||||
sudo -u misp ./bootstrap
|
||||
sudo -u misp ./configure --prefix=/usr
|
||||
sudo -u misp make
|
||||
sudo make install
|
||||
```
|
||||
|
||||
|
@ -167,10 +170,8 @@ sudo /etc/rc.d/redis start
|
|||
|
||||
#### Enable mysqld
|
||||
```bash
|
||||
sudo /usr/pkg/bin/mysql_install_db
|
||||
sudo cp /usr/pkg/share/examples/rc.d/mysqld /etc/rc.d/
|
||||
echo mysqld=yes |sudo tee /etc/rc.conf.d/mysqld
|
||||
sudo chown -R mariadb:mariadb /var/mariadb
|
||||
sudo /etc/rc.d/mysqld start
|
||||
sudo /usr/pkg/bin/mysql_secure_installation
|
||||
# TODO: Figure out how to properly bind to localhost
|
||||
|
@ -186,15 +187,15 @@ sudo mkdir $PATH_TO_MISP
|
|||
sudo chown www:www $PATH_TO_MISP
|
||||
cd $PATH_TO_MISP
|
||||
sudo -u www git clone https://github.com/MISP/MISP.git $PATH_TO_MISP
|
||||
sudo -u www git submodule update --init --recursive
|
||||
sudo -u www git submodule update --progress --init --recursive
|
||||
# Make git ignore filesystem permission differences for submodules
|
||||
sudo -u www git submodule foreach --recursive git config core.filemode false
|
||||
|
||||
# Make git ignore filesystem permission differences
|
||||
sudo -u www git config core.filemode false
|
||||
|
||||
#sudo pkgin install py-pip py3-pip libxslt py3-jsonschema
|
||||
sudo pkgin install libxslt
|
||||
#sudo pkgin -y install py-pip py3-pip libxslt py3-jsonschema
|
||||
sudo pkgin -y install libxslt
|
||||
#sudo virtualenv -ppython3 /usr/local/virtualenvs/MISP
|
||||
sudo -u www virtualenv -ppython3 $PATH_TO_MISP/venv
|
||||
sudo -u www HOME=/tmp $PATH_TO_MISP/venv/bin/pip install -U pip
|
||||
|
@ -462,7 +463,7 @@ sudo -u www bash $PATH_TO_MISP/app/Console/worker/start.sh
|
|||
#### MISP Modules
|
||||
```
|
||||
#/usr/pkgsrc/graphics/opencv2/ (needs X11)
|
||||
sudo pkgin install jpeg yara
|
||||
sudo pkgin -y install jpeg yara
|
||||
cd /usr/local/src/
|
||||
git clone https://github.com/MISP/misp-modules.git
|
||||
cd misp-modules
|
||||
|
@ -645,7 +646,7 @@ sudo -u www $CAKE Admin setSetting "Session.cookie_timeout" 3600
|
|||
|
||||
#### ZeroMQ depends on the Python client for Redis
|
||||
```bash
|
||||
sudo pkgin install zeromq
|
||||
sudo pkgin -y install zeromq
|
||||
sudo -u www HOME=/tmp $PATH_TO_MISP/venv/bin/pip install pyzmq
|
||||
```
|
||||
|
||||
|
|
|
@ -85,30 +85,19 @@ doas pkg_add -v mariadb-server
|
|||
|
||||
#### Install misc dependencies
|
||||
|
||||
!!! notice
|
||||
install python 3.x when asked, option 2
|
||||
autoconf wants to be version 2.69, option 16
|
||||
automake wants to be version 1.16, option 10
|
||||
unzip can be whatever
|
||||
|
||||
```bash
|
||||
doas pkg_add -v curl git python redis libmagic autoconf automake libtool unzip
|
||||
doas pkg_add -v curl git python--%3.7 redis libmagic autoconf--%2.69 automake--%1.16 libtool unzip--iconv
|
||||
```
|
||||
|
||||
!!! notice
|
||||
GnuPG 2.x is best, option 2
|
||||
|
||||
```bash
|
||||
doas pkg_add -v gnupg
|
||||
doas pkg_add -v gnupg--%gnupg2
|
||||
doas ln -s /usr/local/bin/gpg2 /usr/local/bin/gpg
|
||||
```
|
||||
|
||||
#### Install postfix (optional)
|
||||
!!! notice
|
||||
When asked, the standard postfix 3.5 will be enough for a basic setup, option 1
|
||||
|
||||
```bash
|
||||
doas pkg_add -v postfix
|
||||
doas pkg_add -v postfix--%stable
|
||||
doas /usr/local/sbin/postfix-enable
|
||||
```
|
||||
|
||||
|
@ -147,21 +136,17 @@ doas cp /etc/examples/httpd.conf /etc # adjust by hand, or copy/paste the config
|
|||
```
|
||||
|
||||
```
|
||||
# $OpenBSD: httpd.conf,v 1.18 2018/03/23 11:36:41 florian Exp $
|
||||
# $OpenBSD: httpd.conf,v 1.20 2018/06/13 15:08:24 reyk Exp $
|
||||
|
||||
#
|
||||
# Macros
|
||||
#
|
||||
ext4_addr="*"
|
||||
ext6_addr="::"
|
||||
ext_addr="*"
|
||||
|
||||
server "default" {
|
||||
#listen on $ext4_addr port 80 block return 301 "https://$SERVER_NAME$REQUEST_URI"
|
||||
listen on $ext4_addr port 80
|
||||
listen on $ext4_addr tls port 443
|
||||
#listen on $ext6_addr port 80 block return 301 "https://$SERVER_NAME$REQUEST_URI"
|
||||
listen on $ext6_addr port 80
|
||||
listen on $ext6_addr tls port 443
|
||||
listen on $ext_addr port 80
|
||||
listen on $ext_addr tls port 443
|
||||
|
||||
root "/htdocs/MISP/app/webroot"
|
||||
|
||||
|
@ -268,13 +253,12 @@ doas pkg_add -v fcgi-cgi fcgi
|
|||
If on OpenBSD 6.3, upgrade to 6.7 to make your life much easier.
|
||||
|
||||
```
|
||||
doas pkg_add -v php-mysqli php-pcntl php-pdo_mysql php-apache pecl74-redis php-gd
|
||||
doas pkg_add -v php-mysqli--%7.4 php-pcntl--%7.4 php-pdo_mysql--%7.4 php-apache--%7.4 pecl74-redis php-gd--%7.4
|
||||
```
|
||||
|
||||
#### /etc/php-7.4.ini
|
||||
```
|
||||
## TODO: sed foo as .ini exists
|
||||
allow_url_fopen = On
|
||||
doas sed -i "s/^allow_url_fopen = Off/allow_url_fopen = On/g" /etc/php-7.4.ini
|
||||
```
|
||||
|
||||
```bash
|
||||
|
@ -298,11 +282,10 @@ doas rcctl enable php74_fpm
|
|||
```
|
||||
doas vi /etc/php-fpm.conf
|
||||
|
||||
# pid = /var/www/run/php-fpm.pid
|
||||
# error_log = /var/www/logs/php-fpm.log
|
||||
doas sed -i "s/^;pid = run\/php-fpm.pid/pid = \/var\/www\/run\/php-fpm.pid/g" /etc/php-fpm.conf
|
||||
doas sed -i "s/^;error_log = log\/php-fpm.log/error_log = \/var\/www\/logs\/php-fpm.log/g" /etc/php-fpm.conf
|
||||
|
||||
doas mkdir /etc/php-fpm.d
|
||||
doas vi /etc/php-fpm.d/default.conf
|
||||
doas mkdir -p /etc/php-fpm.d
|
||||
echo ";;;;;;;;;;;;;;;;;;;;
|
||||
; Pool Definitions ;
|
||||
;;;;;;;;;;;;;;;;;;;;
|
||||
|
@ -340,6 +323,7 @@ doas /usr/local/bin/mysql_install_db
|
|||
doas rcctl set mysqld status on
|
||||
doas rcctl set mysqld flags --bind-address=127.0.0.1
|
||||
doas /etc/rc.d/mysqld start
|
||||
echo "Admin (${DBUSER_ADMIN}) DB Password: ${DBPASSWORD_ADMIN}"
|
||||
doas mysql_secure_installation
|
||||
```
|
||||
|
||||
|
@ -353,12 +337,12 @@ cd /var/www/htdocs/MISP
|
|||
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git clone https://github.com/MISP/MISP.git /var/www/htdocs/MISP; done
|
||||
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git submodule update --progress --init --recursive; done
|
||||
# Make git ignore filesystem permission differences for submodules
|
||||
doas -u www git submodule foreach --recursive git config core.filemode false
|
||||
${SUDO_WWW} git submodule foreach --recursive git config core.filemode false
|
||||
|
||||
# Make git ignore filesystem permission differences
|
||||
doas -u www git config core.filemode false
|
||||
${SUDO_WWW} git config core.filemode false
|
||||
|
||||
doas pkg_add py3-pip libxml libxslt py3-jsonschema
|
||||
doas pkg_add -v py3-pip libxml libxslt py3-jsonschema
|
||||
doas /usr/local/virtualenvs/MISP/bin/pip install -U pip
|
||||
|
||||
cd /var/www/htdocs/MISP/app/files/scripts
|
||||
|
@ -400,10 +384,10 @@ doas /usr/local/virtualenvs/MISP/bin/pip install git+https://github.com/kbandla/
|
|||
# Install CakeResque along with its dependencies if you intend to use the built in background jobs:
|
||||
cd /var/www/htdocs/MISP/app
|
||||
doas mkdir /var/www/.composer ; doas chown www:www /var/www/.composer
|
||||
doas -u www env HOME=/var/www php composer.phar install
|
||||
${SUDO_WWW} env HOME=/var/www php composer.phar install
|
||||
|
||||
# To use the scheduler worker for scheduled tasks, do the following:
|
||||
doas -u www cp -f /var/www/htdocs/MISP/INSTALL/setup/config.php /var/www/htdocs/MISP/app/Plugin/CakeResque/Config/config.php
|
||||
${SUDO_WWW} cp -f /var/www/htdocs/MISP/INSTALL/setup/config.php /var/www/htdocs/MISP/app/Plugin/CakeResque/Config/config.php
|
||||
```
|
||||
|
||||
### 4/ Set the permissions
|
||||
|
@ -425,8 +409,11 @@ doas mysql -u root -p
|
|||
```
|
||||
|
||||
```
|
||||
echo "Admin (${DBUSER_ADMIN}) DB Password: ${DBPASSWORD_ADMIN}"
|
||||
echo "User (${DBUSER_MISP}) DB Password: ${DBPASSWORD_MISP}"
|
||||
|
||||
MariaDB [(none)]> create database misp;
|
||||
MariaDB [(none)]> grant usage on *.* to misp@localhost identified by 'XXXXdbpasswordhereXXXXX';
|
||||
MariaDB [(none)]> grant usage on *.* to misp@localhost identified by '${DBPASSWORD_MISP}';
|
||||
MariaDB [(none)]> grant all privileges on misp.* to misp@localhost;
|
||||
MariaDB [(none)]> flush privileges;
|
||||
MariaDB [(none)]> exit
|
||||
|
@ -434,7 +421,7 @@ MariaDB [(none)]> exit
|
|||
|
||||
```bash
|
||||
# Import the empty MISP database from MYSQL.sql
|
||||
doas -u www sh -c "mysql -u misp -p misp < /var/www/htdocs/MISP/INSTALL/MYSQL.sql"
|
||||
${SUDO_WWW} sh -c "mysql -u misp -p${DBPASSWORD_MISP} misp < /var/www/htdocs/MISP/INSTALL/MYSQL.sql"
|
||||
# enter the password you set previously
|
||||
```
|
||||
|
||||
|
@ -521,7 +508,7 @@ DirectoryIndex index.php
|
|||
```
|
||||
|
||||
```bash
|
||||
doas ln -sf /var/www/conf/modules.sample/php-7.3.conf /var/www/conf/modules/php.conf
|
||||
doas ln -sf /var/www/conf/modules.sample/php-7.4.conf /var/www/conf/modules/php.conf
|
||||
# Restart apache
|
||||
doas /etc/rc.d/apache2 restart
|
||||
```
|
||||
|
@ -535,13 +522,13 @@ doas /etc/rc.d/apache2 restart
|
|||
---------------------
|
||||
```
|
||||
# There are 4 sample configuration files in /var/www/htdocs/MISP/app/Config that need to be copied
|
||||
doas -u www cp /var/www/htdocs/MISP/app/Config/bootstrap.default.php /var/www/htdocs/MISP/app/Config/bootstrap.php
|
||||
doas -u www cp /var/www/htdocs/MISP/app/Config/database.default.php /var/www/htdocs/MISP/app/Config/database.php
|
||||
doas -u www cp /var/www/htdocs/MISP/app/Config/core.default.php /var/www/htdocs/MISP/app/Config/core.php
|
||||
doas -u www cp /var/www/htdocs/MISP/app/Config/config.default.php /var/www/htdocs/MISP/app/Config/config.php
|
||||
${SUDO_WWW} cp /var/www/htdocs/MISP/app/Config/bootstrap.default.php /var/www/htdocs/MISP/app/Config/bootstrap.php
|
||||
${SUDO_WWW} cp /var/www/htdocs/MISP/app/Config/database.default.php /var/www/htdocs/MISP/app/Config/database.php
|
||||
${SUDO_WWW} cp /var/www/htdocs/MISP/app/Config/core.default.php /var/www/htdocs/MISP/app/Config/core.php
|
||||
${SUDO_WWW} cp /var/www/htdocs/MISP/app/Config/config.default.php /var/www/htdocs/MISP/app/Config/config.php
|
||||
|
||||
# Configure the fields in the newly created files:
|
||||
doas -u www vi /var/www/htdocs/MISP/app/Config/database.php
|
||||
${SUDO_WWW} vi /var/www/htdocs/MISP/app/Config/database.php
|
||||
```
|
||||
```
|
||||
# DATABASE_CONFIG has to be filled
|
||||
|
@ -570,7 +557,7 @@ doas -u www vi /var/www/htdocs/MISP/app/Config/database.php
|
|||
|
||||
```
|
||||
# Change base url in config.php
|
||||
doas -u www vi /var/www/htdocs/MISP/app/Config/config.php
|
||||
${SUDO_WWW} vi /var/www/htdocs/MISP/app/Config/config.php
|
||||
# example: 'baseurl' => 'https://<your.FQDN.here>',
|
||||
# alternatively, you can leave this field empty if you would like to use relative pathing in MISP
|
||||
# 'baseurl' => '',
|
||||
|
@ -597,7 +584,7 @@ echo "%echo Generating a default key
|
|||
# Do a commit here, so that we can later print "done"
|
||||
%commit
|
||||
%echo done" > /tmp/gen-key-script
|
||||
doas -u www mkdir /var/www/htdocs/MISP/.gnupg
|
||||
${SUDO_WWW} mkdir /var/www/htdocs/MISP/.gnupg
|
||||
doas chmod 700 /var/www/htdocs/MISP/.gnupg
|
||||
doas gpg2 --homedir /var/www/htdocs/MISP/.gnupg --batch --gen-key /tmp/gen-key-script
|
||||
# The email address should match the one set in the config.php / set in the configuration menu in the administration menu configuration file
|
||||
|
@ -609,7 +596,7 @@ doas sh -c "gpg2 --homedir /var/www/htdocs/MISP/.gnupg --export --armor $GPG_EMA
|
|||
doas chmod +x /var/www/htdocs/MISP/app/Console/worker/start.sh
|
||||
doas vi /etc/rc.local
|
||||
# Add the following line before the last line (exit 0). Make sure that you replace www with your apache user:
|
||||
doas -u www bash /var/www/htdocs/MISP/app/Console/worker/start.sh
|
||||
${SUDO_WWW} bash /var/www/htdocs/MISP/app/Console/worker/start.sh
|
||||
```
|
||||
|
||||
{!generic/INSTALL.done.md!}
|
||||
|
@ -619,7 +606,9 @@ doas -u www bash /var/www/htdocs/MISP/app/Console/worker/start.sh
|
|||
#### MISP Modules
|
||||
```
|
||||
doas pkg_add -v jpeg yara
|
||||
mkdir -p /usr/local/src/
|
||||
cd /usr/local/src/
|
||||
doas chown ${MISP_USER} /usr/local/src
|
||||
doas -u misp git clone https://github.com/MISP/misp-modules.git
|
||||
cd misp-modules
|
||||
# pip3 install
|
||||
|
@ -629,8 +618,8 @@ doas /usr/local/virtualenvs/MISP/bin/pip install git+https://github.com/VirusTot
|
|||
doas /usr/local/virtualenvs/MISP/bin/pip install wand
|
||||
##doas gem install pygments.rb
|
||||
##doas gem install asciidoctor-pdf --pre
|
||||
doas -u www /usr/local/virtualenvs/MISP/bin/misp-modules -l 0.0.0.0 -s &
|
||||
echo "doas -u www /usr/local/virtualenvs/MISP/bin/misp-modules -l 0.0.0.0 -s &" |doas tee -a /etc/rc.local
|
||||
${SUDO_WWW} /usr/local/virtualenvs/MISP/bin/misp-modules -l 0.0.0.0 -s &
|
||||
echo "${SUDO_WWW} /usr/local/virtualenvs/MISP/bin/misp-modules -l 0.0.0.0 -s &" |doas tee -a /etc/rc.local
|
||||
```
|
||||
|
||||
!!! notice
|
||||
|
@ -648,7 +637,11 @@ echo "doas -u www /usr/local/virtualenvs/MISP/bin/misp-modules -l 0.0.0.0 -s &"
|
|||
|
||||
```bash
|
||||
doas $CAKE Live $MISP_LIVE
|
||||
AUTH_KEY=$(mysql -u misp -p misp -e "SELECT authkey FROM users;" | tail -1)
|
||||
AUTH_KEY=$(mysql -u misp -p${DBPASSWORD_MISP} misp -e "SELECT authkey FROM users;" | tail -1)
|
||||
$CAKE userInit -q
|
||||
$CAKE Admin runUpdates
|
||||
$CAKE Admin setSetting "MISP.python_bin" "/usr/local/virtualenvs/MISP/bin/python"
|
||||
|
||||
# Update the galaxies…
|
||||
doas $CAKE Admin updateGalaxies
|
||||
|
||||
|
@ -659,12 +652,10 @@ doas $CAKE Admin updateTaxonomies
|
|||
doas $CAKE Admin updateWarningLists
|
||||
|
||||
# Updating the notice lists…
|
||||
## doas $CAKE Admin updateNoticeLists
|
||||
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/noticelists/update
|
||||
doas $CAKE Admin updateNoticeLists
|
||||
|
||||
# Updating the object templates…
|
||||
##doas $CAKE Admin updateObjectTemplates
|
||||
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/objectTemplates/update
|
||||
doas $CAKE Admin updateObjectTemplates "1337"
|
||||
|
||||
# Tune global time outs
|
||||
doas $CAKE Admin setSetting "Session.autoRegenerate" 0
|
||||
|
@ -848,7 +839,7 @@ doas /usr/local/virtualenvs/MISP/bin/pip install pyzmq
|
|||
cd /var/www
|
||||
doas mkdir misp-dashboard
|
||||
doas chown www:www misp-dashboard
|
||||
doas -u www git clone https://github.com/MISP/misp-dashboard.git
|
||||
${SUDO_WWW} git clone https://github.com/MISP/misp-dashboard.git
|
||||
cd misp-dashboard
|
||||
#/!\ Made on Linux, the next script will fail
|
||||
#doas /var/www/misp-dashboard/install_dependencies.sh
|
||||
|
@ -856,7 +847,7 @@ doas virtualenv -ppython3 /usr/local/virtualenvs/DASHENV
|
|||
doas /usr/local/virtualenvs/DASHENV/bin/pip install -U pip argparse redis zmq geoip2 flask phonenumbers pycountry
|
||||
|
||||
doas sed -i "s/^host\ =\ localhost/host\ =\ 0.0.0.0/g" /var/www/misp-dashboard/config/config.cfg
|
||||
doas sed -i -e '$i \doas -u www bash /var/www/misp-dashboard/start_all.sh\n' /etc/rc.local
|
||||
doas sed -i -e '$i \${SUDO_WWW} bash /var/www/misp-dashboard/start_all.sh\n' /etc/rc.local
|
||||
#/!\ Add port 8001 as a listener
|
||||
#doas sed -i '/Listen 80/a Listen 0.0.0.0:8001' /etc/apache2/ports.conf
|
||||
doas pkg_add -v ap2-mod_wsgi
|
||||
|
@ -902,7 +893,7 @@ echo "<VirtualHost *:8001>
|
|||
doas ln -s /etc/apache2/sites-available/misp-dashboard.conf /etc/apache2/sites-enabled/misp-dashboard.conf
|
||||
```
|
||||
|
||||
Add this to /etc/httpd2.conf
|
||||
Add this to /etc/httpd.conf
|
||||
```
|
||||
LoadModule wsgi_module /usr/local/lib/apache2/mod_wsgi.so
|
||||
Listen 8001
|
||||
|
|
Loading…
Reference in New Issue