MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #5938 from SteveClement/guides

pull/5941/head
Steve Clement 2020-05-25 14:58:24 +09:00 committed by GitHub
parent 8916ea948f e9ba131596
commit 5d7244741f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 82 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
docs/xINSTALL.NetBSD.md
View File

@ -1,5 +1,5 @@
# INSTALLATION INSTRUCTIONS
## for NetBSD 8.1-amd64
## for NetBSD 9.0-amd64
!!! warning
This is not fully working yet. Mostly it is a template for our ongoing documentation efforts :spider:
@ -33,7 +33,9 @@ export AUTOCONF_VERSION=2.69
#### sudo & pkgin (as root)
```bash
su root -c "pkgin install sudo gsed"
su root -c "cd /usr/pkgsrc/pkg tools/pkgin/; make install clean"
su root -c "pkgin update"
su root -c "pkgin -y install sudo gsed"
su root -c 'gsed -i -e "s/# %wheel ALL=(ALL) NOPASSWD: ALL/%wheel ALL=(ALL) NOPASSWD: ALL/" /usr/pkg/etc/sudoers'
```
@ -41,10 +43,11 @@ su root -c 'gsed -i -e "s/# %wheel ALL=(ALL) NOPASSWD: ALL/%wheel ALL=(ALL) NOPA
```bash
cd /usr
env CVS_RSH=ssh sudo cvs -d anoncvs@anoncvs.NetBSD.org:/cvsroot checkout -P pkgsrc
env CVS_RSH=ssh cvs -d anoncvs@anoncvs.NetBSD.org:/cvsroot checkout -P pkgsrc
cd pkgsrc/bootstrap
sudo ./bootstrap
sudo /usr/pkg/sbin/pkg_admin -K /var/db/pkg fetch-pkg-vulnerabilities
./bootstrap
cd /usr/pkgsrc/pkg tools/pkgin/; make install clean
/usr/pkg/sbin/pkg_admin fetch-pkg-vulnerabilities
```
```
@ -61,56 +64,56 @@ users crontab(5) entry. For example the entry
#### Install bash
```bash
sudo pkgin install bash
sudo pkgin -y install bash
```
#### mariadb server
```bash
sudo pkgin install mariadb-server
sudo pkgin -y install mysql-server
```
#### Install misc dependencies
```bash
sudo pkgin install curl git python36 py36-pip redis autoconf automake libtool magic
sudo pkgin -y install curl git python37 py37-pip redis autoconf automake libtool magic
```
```bash
sudo pkgin install gnupg2
sudo pkgin -y install gnupg2
```
#### Install postfix (optional)
```bash
sudo pkgin install postfix
sudo pkgin -y install postfix
```
#### vim (optional)
```bash
sudo pkgin install vim
sudo pkgin -y install vim
sudo mv /usr/bin/vi /usr/bin/vi-`date +%d%m%y`
sudo ln -s /usr/pkg/bin/vim /usr/bin/vi
```
#### misp user #REMOVE
```bash
sudo useradd -m -s /usr/local/bin/bash -G wheel,www misp
```
#### apache + php + moz-rootcerts
```bash
sudo pkgin install php ap24-php73 php73-fpm php73-redis3 php73-mysqli php73-pdo_mysql php73-pcntl php73-json php73-iconv php73-gd php73-mbstring php73-pear-Crypt_GPG
sudo pkgin -y install php ap24-php74 php74-fpm php74-redis3 php74-mysqli php74-pdo_mysql php74-pcntl php74-json php74-iconv php74-gd php74-mbstring php74-pear-Crypt_GPG
sudo cp /usr/share/examples/openssl/openssl.cnf /etc/openssl/
sudo mozilla-rootcerts install
sudo cp /usr/pkg/share/examples/rc.d/apache /etc/rc.d/
echo apache=yes |sudo tee /etc/rc.conf.d/apache
```
#### misp user
```bash
sudo useradd -m -s /usr/pkg/bin/bash -G wheel,www misp
```
#### Install X11R7 post-install
```bash
cd /tmp
wget https://ftp.netbsd.org/pub/NetBSD/NetBSD-8.1/amd64/binary/sets/xbase.tgz
wget https://ftp.netbsd.org/pub/NetBSD/NetBSD-9.0/amd64/binary/sets/xbase.tgz
sudo tar -C / -xzphf xbase.tgz
rm xbase.tgz
```
@ -129,16 +132,16 @@ OPENSSL_EMAILADDRESS='info@localhost'
```
```bash
sudo openssl req -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=$OPENSSL_C/ST=$OPENSSL_ST/L=$OPENSSL_L/O=<$OPENSSL_O/OU=$OPENSSL_OU/CN=$OPENSSL_CN/emailAddress=$OPENSSL_EMAILADDRESS" -keyout /etc/openssl/private/server.key -out /usr/pkg/etc/httpd/server.crt
sudo openssl req -sha256 -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=$OPENSSL_C/ST=$OPENSSL_ST/L=$OPENSSL_L/O=<$OPENSSL_O/OU=$OPENSSL_OU/CN=$OPENSSL_CN/emailAddress=$OPENSSL_EMAILADDRESS" -keyout /etc/openssl/private/server.key -out /usr/pkg/etc/httpd/server.crt
```
#### Install Python virtualenv
```bash
sudo ln -sf /usr/pkg/bin/pip3.6 /usr/pkg/bin/pip
sudo ln -s /usr/pkg/bin/python3.6 /usr/pkg/bin/python
sudo ln -s /usr/pkg/bin/python3.6 /usr/pkg/bin/python3
sudo pkgin install py36-virtualenv
sudo ln -s /usr/pkg/bin/virtualenv-3.6 /usr/pkg/bin/virtualenv
sudo ln -sf /usr/pkg/bin/pip3.7 /usr/pkg/bin/pip
sudo ln -s /usr/pkg/bin/python3.7 /usr/pkg/bin/python
sudo ln -s /usr/pkg/bin/python3.7 /usr/pkg/bin/python3
sudo pkgin -y install py37-virtualenv
sudo ln -s /usr/pkg/bin/virtualenv-3.7 /usr/pkg/bin/virtualenv
```
#### Install ssdeep
@ -146,11 +149,11 @@ sudo ln -s /usr/pkg/bin/virtualenv-3.6 /usr/pkg/bin/virtualenv
sudo mkdir -p /usr/local/src
sudo chown misp:users /usr/local/src
cd /usr/local/src
git clone https://github.com/ssdeep-project/ssdeep.git
sudo -u misp git clone https://github.com/ssdeep-project/ssdeep.git
cd ssdeep
./bootstrap
./configure --prefix=/usr
make
sudo -u misp ./bootstrap
sudo -u misp ./configure --prefix=/usr
sudo -u misp make
sudo make install
```
@ -167,10 +170,8 @@ sudo /etc/rc.d/redis start
#### Enable mysqld
```bash
sudo /usr/pkg/bin/mysql_install_db
sudo cp /usr/pkg/share/examples/rc.d/mysqld /etc/rc.d/
echo mysqld=yes |sudo tee /etc/rc.conf.d/mysqld
sudo chown -R mariadb:mariadb /var/mariadb
sudo /etc/rc.d/mysqld start
sudo /usr/pkg/bin/mysql_secure_installation
# TODO: Figure out how to properly bind to localhost
@ -186,15 +187,15 @@ sudo mkdir $PATH_TO_MISP
sudo chown www:www $PATH_TO_MISP
cd $PATH_TO_MISP
sudo -u www git clone https://github.com/MISP/MISP.git $PATH_TO_MISP
sudo -u www git submodule update --init --recursive
sudo -u www git submodule update --progress --init --recursive
# Make git ignore filesystem permission differences for submodules
sudo -u www git submodule foreach --recursive git config core.filemode false
# Make git ignore filesystem permission differences
sudo -u www git config core.filemode false
#sudo pkgin install py-pip py3-pip libxslt py3-jsonschema
sudo pkgin install libxslt
#sudo pkgin -y install py-pip py3-pip libxslt py3-jsonschema
sudo pkgin -y install libxslt
#sudo virtualenv -ppython3 /usr/local/virtualenvs/MISP
sudo -u www virtualenv -ppython3 $PATH_TO_MISP/venv
sudo -u www HOME=/tmp $PATH_TO_MISP/venv/bin/pip install -U pip
@ -462,7 +463,7 @@ sudo -u www bash $PATH_TO_MISP/app/Console/worker/start.sh
#### MISP Modules
```
#/usr/pkgsrc/graphics/opencv2/ (needs X11)
sudo pkgin install jpeg yara
sudo pkgin -y install jpeg yara
cd /usr/local/src/
git clone https://github.com/MISP/misp-modules.git
cd misp-modules
@ -645,7 +646,7 @@ sudo -u www $CAKE Admin setSetting "Session.cookie_timeout" 3600
#### ZeroMQ depends on the Python client for Redis
```bash
sudo pkgin install zeromq
sudo pkgin -y install zeromq
sudo -u www HOME=/tmp $PATH_TO_MISP/venv/bin/pip install pyzmq
```

101
docs/xINSTALL.OpenBSD.md
View File

@ -85,30 +85,19 @@ doas pkg_add -v mariadb-server
#### Install misc dependencies
!!! notice
install python 3.x when asked, option 2
autoconf wants to be version 2.69, option 16
automake wants to be version 1.16, option 10
unzip can be whatever
```bash
doas pkg_add -v curl git python redis libmagic autoconf automake libtool unzip
doas pkg_add -v curl git python--%3.7 redis libmagic autoconf--%2.69 automake--%1.16 libtool unzip--iconv
```
!!! notice
GnuPG 2.x is best, option 2
```bash
doas pkg_add -v gnupg
doas pkg_add -v gnupg--%gnupg2
doas ln -s /usr/local/bin/gpg2 /usr/local/bin/gpg
```
#### Install postfix (optional)
!!! notice
When asked, the standard postfix 3.5 will be enough for a basic setup, option 1
```bash
doas pkg_add -v postfix
doas pkg_add -v postfix--%stable
doas /usr/local/sbin/postfix-enable
```
@ -147,21 +136,17 @@ doas cp /etc/examples/httpd.conf /etc # adjust by hand, or copy/paste the config
```
```
# $OpenBSD: httpd.conf,v 1.18 2018/03/23 11:36:41 florian Exp $
# $OpenBSD: httpd.conf,v 1.20 2018/06/13 15:08:24 reyk Exp $
#
# Macros
#
ext4_addr="*"
ext6_addr="::"
ext_addr="*"
server "default" {
#listen on $ext4_addr port 80 block return 301 "https://$SERVER_NAME$REQUEST_URI"
listen on $ext4_addr port 80
listen on $ext4_addr tls port 443
#listen on $ext6_addr port 80 block return 301 "https://$SERVER_NAME$REQUEST_URI"
listen on $ext6_addr port 80
listen on $ext6_addr tls port 443
listen on $ext_addr port 80
listen on $ext_addr tls port 443
root "/htdocs/MISP/app/webroot"
@ -268,13 +253,12 @@ doas pkg_add -v fcgi-cgi fcgi
If on OpenBSD 6.3, upgrade to 6.7 to make your life much easier.
```
doas pkg_add -v php-mysqli php-pcntl php-pdo_mysql php-apache pecl74-redis php-gd
doas pkg_add -v php-mysqli--%7.4 php-pcntl--%7.4 php-pdo_mysql--%7.4 php-apache--%7.4 pecl74-redis php-gd--%7.4
```
#### /etc/php-7.4.ini
```
## TODO: sed foo as .ini exists
allow_url_fopen = On
doas sed -i "s/^allow_url_fopen = Off/allow_url_fopen = On/g" /etc/php-7.4.ini
```
```bash
@ -298,11 +282,10 @@ doas rcctl enable php74_fpm
```
doas vi /etc/php-fpm.conf
# pid = /var/www/run/php-fpm.pid
# error_log = /var/www/logs/php-fpm.log
doas sed -i "s/^;pid = run\/php-fpm.pid/pid = \/var\/www\/run\/php-fpm.pid/g" /etc/php-fpm.conf
doas sed -i "s/^;error_log = log\/php-fpm.log/error_log = \/var\/www\/logs\/php-fpm.log/g" /etc/php-fpm.conf
doas mkdir /etc/php-fpm.d
doas vi /etc/php-fpm.d/default.conf
doas mkdir -p /etc/php-fpm.d
echo ";;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;
@ -340,6 +323,7 @@ doas /usr/local/bin/mysql_install_db
doas rcctl set mysqld status on
doas rcctl set mysqld flags --bind-address=127.0.0.1
doas /etc/rc.d/mysqld start
echo "Admin (${DBUSER_ADMIN}) DB Password: ${DBPASSWORD_ADMIN}"
doas mysql_secure_installation
```
@ -353,12 +337,12 @@ cd /var/www/htdocs/MISP
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git clone https://github.com/MISP/MISP.git /var/www/htdocs/MISP; done
false; while [[ $? -ne 0 ]]; do ${SUDO_WWW} git submodule update --progress --init --recursive; done
# Make git ignore filesystem permission differences for submodules
doas -u www git submodule foreach --recursive git config core.filemode false
${SUDO_WWW} git submodule foreach --recursive git config core.filemode false
# Make git ignore filesystem permission differences
doas -u www git config core.filemode false
${SUDO_WWW} git config core.filemode false
doas pkg_add py3-pip libxml libxslt py3-jsonschema
doas pkg_add -v py3-pip libxml libxslt py3-jsonschema
doas /usr/local/virtualenvs/MISP/bin/pip install -U pip
cd /var/www/htdocs/MISP/app/files/scripts
@ -400,10 +384,10 @@ doas /usr/local/virtualenvs/MISP/bin/pip install git+https://github.com/kbandla/
# Install CakeResque along with its dependencies if you intend to use the built in background jobs:
cd /var/www/htdocs/MISP/app
doas mkdir /var/www/.composer ; doas chown www:www /var/www/.composer
doas -u www env HOME=/var/www php composer.phar install
${SUDO_WWW} env HOME=/var/www php composer.phar install
# To use the scheduler worker for scheduled tasks, do the following:
doas -u www cp -f /var/www/htdocs/MISP/INSTALL/setup/config.php /var/www/htdocs/MISP/app/Plugin/CakeResque/Config/config.php
${SUDO_WWW} cp -f /var/www/htdocs/MISP/INSTALL/setup/config.php /var/www/htdocs/MISP/app/Plugin/CakeResque/Config/config.php
```
### 4/ Set the permissions
@ -425,8 +409,11 @@ doas mysql -u root -p
```
```
echo "Admin (${DBUSER_ADMIN}) DB Password: ${DBPASSWORD_ADMIN}"
echo "User (${DBUSER_MISP}) DB Password: ${DBPASSWORD_MISP}"
MariaDB [(none)]> create database misp;
MariaDB [(none)]> grant usage on *.* to misp@localhost identified by 'XXXXdbpasswordhereXXXXX';
MariaDB [(none)]> grant usage on *.* to misp@localhost identified by '${DBPASSWORD_MISP}';
MariaDB [(none)]> grant all privileges on misp.* to misp@localhost;
MariaDB [(none)]> flush privileges;
MariaDB [(none)]> exit
@ -434,7 +421,7 @@ MariaDB [(none)]> exit
```bash
# Import the empty MISP database from MYSQL.sql
doas -u www sh -c "mysql -u misp -p misp < /var/www/htdocs/MISP/INSTALL/MYSQL.sql"
${SUDO_WWW} sh -c "mysql -u misp -p${DBPASSWORD_MISP} misp < /var/www/htdocs/MISP/INSTALL/MYSQL.sql"
# enter the password you set previously
```
@ -521,7 +508,7 @@ DirectoryIndex index.php
```
```bash
doas ln -sf /var/www/conf/modules.sample/php-7.3.conf /var/www/conf/modules/php.conf
doas ln -sf /var/www/conf/modules.sample/php-7.4.conf /var/www/conf/modules/php.conf
# Restart apache
doas /etc/rc.d/apache2 restart
```
@ -535,13 +522,13 @@ doas /etc/rc.d/apache2 restart
---------------------
```
# There are 4 sample configuration files in /var/www/htdocs/MISP/app/Config that need to be copied
doas -u www cp /var/www/htdocs/MISP/app/Config/bootstrap.default.php /var/www/htdocs/MISP/app/Config/bootstrap.php
doas -u www cp /var/www/htdocs/MISP/app/Config/database.default.php /var/www/htdocs/MISP/app/Config/database.php
doas -u www cp /var/www/htdocs/MISP/app/Config/core.default.php /var/www/htdocs/MISP/app/Config/core.php
doas -u www cp /var/www/htdocs/MISP/app/Config/config.default.php /var/www/htdocs/MISP/app/Config/config.php
${SUDO_WWW} cp /var/www/htdocs/MISP/app/Config/bootstrap.default.php /var/www/htdocs/MISP/app/Config/bootstrap.php
${SUDO_WWW} cp /var/www/htdocs/MISP/app/Config/database.default.php /var/www/htdocs/MISP/app/Config/database.php
${SUDO_WWW} cp /var/www/htdocs/MISP/app/Config/core.default.php /var/www/htdocs/MISP/app/Config/core.php
${SUDO_WWW} cp /var/www/htdocs/MISP/app/Config/config.default.php /var/www/htdocs/MISP/app/Config/config.php
# Configure the fields in the newly created files:
doas -u www vi /var/www/htdocs/MISP/app/Config/database.php
${SUDO_WWW} vi /var/www/htdocs/MISP/app/Config/database.php
```
```
# DATABASE_CONFIG has to be filled
@ -570,7 +557,7 @@ doas -u www vi /var/www/htdocs/MISP/app/Config/database.php
```
# Change base url in config.php
doas -u www vi /var/www/htdocs/MISP/app/Config/config.php
${SUDO_WWW} vi /var/www/htdocs/MISP/app/Config/config.php
# example: 'baseurl' => 'https://<your.FQDN.here>',
# alternatively, you can leave this field empty if you would like to use relative pathing in MISP
# 'baseurl' => '',
@ -597,7 +584,7 @@ echo "%echo Generating a default key
# Do a commit here, so that we can later print "done"
%commit
%echo done" > /tmp/gen-key-script
doas -u www mkdir /var/www/htdocs/MISP/.gnupg
${SUDO_WWW} mkdir /var/www/htdocs/MISP/.gnupg
doas chmod 700 /var/www/htdocs/MISP/.gnupg
doas gpg2 --homedir /var/www/htdocs/MISP/.gnupg --batch --gen-key /tmp/gen-key-script
# The email address should match the one set in the config.php / set in the configuration menu in the administration menu configuration file
@ -609,7 +596,7 @@ doas sh -c "gpg2 --homedir /var/www/htdocs/MISP/.gnupg --export --armor $GPG_EMA
doas chmod +x /var/www/htdocs/MISP/app/Console/worker/start.sh
doas vi /etc/rc.local
# Add the following line before the last line (exit 0). Make sure that you replace www with your apache user:
doas -u www bash /var/www/htdocs/MISP/app/Console/worker/start.sh
${SUDO_WWW} bash /var/www/htdocs/MISP/app/Console/worker/start.sh
```
{!generic/INSTALL.done.md!}
@ -619,7 +606,9 @@ doas -u www bash /var/www/htdocs/MISP/app/Console/worker/start.sh
#### MISP Modules
```
doas pkg_add -v jpeg yara
mkdir -p /usr/local/src/
cd /usr/local/src/
doas chown ${MISP_USER} /usr/local/src
doas -u misp git clone https://github.com/MISP/misp-modules.git
cd misp-modules
# pip3 install
@ -629,8 +618,8 @@ doas /usr/local/virtualenvs/MISP/bin/pip install git+https://github.com/VirusTot
doas /usr/local/virtualenvs/MISP/bin/pip install wand
##doas gem install pygments.rb
##doas gem install asciidoctor-pdf --pre
doas -u www /usr/local/virtualenvs/MISP/bin/misp-modules -l 0.0.0.0 -s &
echo "doas -u www /usr/local/virtualenvs/MISP/bin/misp-modules -l 0.0.0.0 -s &" |doas tee -a /etc/rc.local
${SUDO_WWW} /usr/local/virtualenvs/MISP/bin/misp-modules -l 0.0.0.0 -s &
echo "${SUDO_WWW} /usr/local/virtualenvs/MISP/bin/misp-modules -l 0.0.0.0 -s &" |doas tee -a /etc/rc.local
```
!!! notice
@ -648,7 +637,11 @@ echo "doas -u www /usr/local/virtualenvs/MISP/bin/misp-modules -l 0.0.0.0 -s &"
```bash
doas $CAKE Live $MISP_LIVE
AUTH_KEY=$(mysql -u misp -p misp -e "SELECT authkey FROM users;" | tail -1)
AUTH_KEY=$(mysql -u misp -p${DBPASSWORD_MISP} misp -e "SELECT authkey FROM users;" | tail -1)
$CAKE userInit -q
$CAKE Admin runUpdates
$CAKE Admin setSetting "MISP.python_bin" "/usr/local/virtualenvs/MISP/bin/python"
# Update the galaxies…
doas $CAKE Admin updateGalaxies
@ -659,12 +652,10 @@ doas $CAKE Admin updateTaxonomies
doas $CAKE Admin updateWarningLists
# Updating the notice lists…
## doas $CAKE Admin updateNoticeLists
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/noticelists/update
doas $CAKE Admin updateNoticeLists
# Updating the object templates…
##doas $CAKE Admin updateObjectTemplates
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/objectTemplates/update
doas $CAKE Admin updateObjectTemplates "1337"
# Tune global time outs
doas $CAKE Admin setSetting "Session.autoRegenerate" 0
@ -848,7 +839,7 @@ doas /usr/local/virtualenvs/MISP/bin/pip install pyzmq
cd /var/www
doas mkdir misp-dashboard
doas chown www:www misp-dashboard
doas -u www git clone https://github.com/MISP/misp-dashboard.git
${SUDO_WWW} git clone https://github.com/MISP/misp-dashboard.git
cd misp-dashboard
#/!\ Made on Linux, the next script will fail
#doas /var/www/misp-dashboard/install_dependencies.sh
@ -856,7 +847,7 @@ doas virtualenv -ppython3 /usr/local/virtualenvs/DASHENV
doas /usr/local/virtualenvs/DASHENV/bin/pip install -U pip argparse redis zmq geoip2 flask phonenumbers pycountry
doas sed -i "s/^host\ =\ localhost/host\ =\ 0.0.0.0/g" /var/www/misp-dashboard/config/config.cfg
doas sed -i -e '$i \doas -u www bash /var/www/misp-dashboard/start_all.sh\n' /etc/rc.local
doas sed -i -e '$i \${SUDO_WWW} bash /var/www/misp-dashboard/start_all.sh\n' /etc/rc.local
#/!\ Add port 8001 as a listener
#doas sed -i '/Listen 80/a Listen 0.0.0.0:8001' /etc/apache2/ports.conf
doas pkg_add -v ap2-mod_wsgi
@ -902,7 +893,7 @@ echo "<VirtualHost *:8001>
doas ln -s /etc/apache2/sites-available/misp-dashboard.conf /etc/apache2/sites-enabled/misp-dashboard.conf
```
Add this to /etc/httpd2.conf
Add this to /etc/httpd.conf
```
LoadModule wsgi_module /usr/local/lib/apache2/mod_wsgi.so
Listen 8001