- Final merge, 90% in line.

- More automation
- ToDo: Seperate optional features from the essential

INSTALL/INSTALL.debian9.txt

@@ -348,9 +348,38 @@ sudo -u www-data sh -c "gpg --homedir /var/www/MISP/.gnupg --export --armor YOUR
 
 # To make the background workers start on boot
 sudo chmod +x /var/www/MISP/app/Console/worker/start.sh
-sudo vim /etc/rc.local
-# Add the following line before the last line (exit 0). Make sure that you replace www-data with your apache user:
-sudo -u www-data bash /var/www/MISP/app/Console/worker/start.sh
+if [ ! -e /etc/rc.local ]
+then
+    echo '#!/bin/sh -e' | sudo tee -a /etc/rc.local
+    echo 'exit 0' | sudo tee -a /etc/rc.local
+    sudo chmod u+x /etc/rc.local
+fi
+
+# Initialize user and fetch Auth Key
+sudo -E /var/www/MISP/app/Console/cake userInit -q
+AUTH_KEY=$(mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP misp -e "SELECT authkey FROM users;" | tail -1)
+
+# Update: galaxies, taxonomies, warning-/notice-lists, object templates
+
+curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -o /dev/null -s -X POST http://127.0.0.1/galaxies/update
+curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -o /dev/null -s -X POST http://127.0.0.1/taxonomies/update
+curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -o /dev/null -s -X POST http://127.0.0.1/warninglists/update
+curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -o /dev/null -s -X POST http://127.0.0.1/noticelists/update
+curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -o /dev/null -s -X POST http://127.0.0.1/objectTemplates/update
+
+# Setup some more MISP default via cake CLI
+
+sudo /var/www/MISP/app/Console/cake Admin setSetting "GnuPG.email" "admin@admin.test"
+sudo /var/www/MISP/app/Console/cake Admin setSetting "GnuPG.homedir" "/var/www/MISP/.gnupg"
+sudo /var/www/MISP/app/Console/cake Admin setSetting "MISP.host_org_id" 1
+sudo /var/www/MISP/app/Console/cake Admin setSetting "MISP.email" "info@admin.test"
+sudo /var/www/MISP/app/Console/cake Admin setSetting "MISP.disable_emailing" true
+sudo /var/www/MISP/app/Console/cake Admin setSetting "MISP.contact" "info@admin.test"
+sudo /var/www/MISP/app/Console/cake Admin setSetting "MISP.disablerestalert" true
+sudo /var/www/MISP/app/Console/cake Admin setSetting "MISP.showCorrelationsOnIndex" true
+sudo /var/www/MISP/app/Console/cake Admin setSetting "Session.autoRegenerate" false
+sudo /var/www/MISP/app/Console/cake Admin setSetting "Session.timeout" 600
+sudo /var/www/MISP/app/Console/cake Admin setSetting "Session.cookie_timeout" 3600
 
 # Now log in using the webinterface:
 # The default user/pass = admin@admin.test/admin
@@ -374,12 +403,54 @@ curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --h
 
 # Updating the warning lists…
 curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/warninglists/update
+
 # Updating the notice lists…
+curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/noticelists/update
+
+# Updating the object templates…
+curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/objectTemplates/update
+
+# Enable ZeroMQ for misp-dashboard
+sudo /var/www/MISP/app/Console/cake Admin setSetting "Plugin.ZeroMQ_enable" true
+sudo /var/www/MISP/app/Console/cake Admin setSetting "Plugin.ZeroMQ_event_notifications_enable" true
+sudo /var/www/MISP/app/Console/cake Admin setSetting "Plugin.ZeroMQ_object_notifications_enable" true
+sudo /var/www/MISP/app/Console/cake Admin setSetting "Plugin.ZeroMQ_object_reference_notifications_enable" true
+sudo /var/www/MISP/app/Console/cake Admin setSetting "Plugin.ZeroMQ_attribute_notifications_enable" true
+sudo /var/www/MISP/app/Console/cake Admin setSetting "Plugin.ZeroMQ_sighting_notifications_enable" true
+sudo /var/www/MISP/app/Console/cake Admin setSetting "Plugin.ZeroMQ_user_notifications_enable" true
+sudo /var/www/MISP/app/Console/cake Admin setSetting "Plugin.ZeroMQ_organisation_notifications_enable" true
+
+# Add the following lines before the last line (exit 0). Make sure that you replace www-data with your apache user:
+sudo -u www-data bash /var/www/MISP/app/Console/worker/start.sh
+sudo sed -i -e '$i \echo never > /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
+sudo sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
+sudo sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
+sudo sed -i -e '$i \sudo -u www-data bash /var/www/MISP/app/Console/worker/start.sh\n' /etc/rc.local
+sudo sed -i -e '$i \sudo -u www-data misp-modules -l 0.0.0.0 -s &\n' /etc/rc.local
+sudo sed -i -e '$i \sudo -u www-data bash /var/www/misp-dashboard/start_all.sh\n' /etc/rc.local
 
 # Start the workers
-
 /var/www/MISP/app/Console/worker/start.sh
 
+# Installing MISP modules…
+sudo apt-get install -y python3-dev python3-pip python-pip libpq5 libjpeg-dev libfuzzy-dev
+cd /usr/local/src/
+sudo git clone https://github.com/MISP/misp-modules.git
+cd misp-modules
+# pip3 install
+sudo pip3 install -I -r REQUIREMENTS
+sudo pip3 install -I .
+sudo pip3 install lief
+sudo pip3 install maec
+sudo pip3 install pymisp python-magic
+sudo pip3 install git+https://github.com/kbandla/pydeep.git
+# pip2 install
+sudo pip install pymisp python-magic
+sudo pip install git+https://github.com/kbandla/pydeep.git
+sudo pip install lief
+# install STIX2.0 library to support STIX 2.0 export:
+sudo pip3 install stix2
+
 # Once done, have a look at the diagnostics
 
 # If any of the directories that MISP uses to store files is not writeable to the apache user, change the permissions

INSTALL/INSTALL.debian_testing.txt

@@ -126,6 +126,7 @@ sudo a2ensite default-ssl
 
 # Install PHP and dependencies
 sudo apt-get install -y libapache2-mod-php7.2 php7.2 php7.2-cli php7.2-gnupg php7.2-dev php7.2-json php7.2-xml php7.2-mysql php7.2-opcache php7.2-readline php7.2-redis php7.2-mbstring php-pear
+sudo pear channel-update pear.php.net
 sudo pear install Crypt_GPG
 sudo a2enmod php7.2
 
@@ -433,6 +434,9 @@ sudo sed -i -e '$i \sudo -u www-data bash /var/www/MISP/app/Console/worker/start
 sudo sed -i -e '$i \sudo -u www-data misp-modules -l 0.0.0.0 -s &\n' /etc/rc.local
 sudo sed -i -e '$i \sudo -u www-data bash /var/www/misp-dashboard/start_all.sh\n' /etc/rc.local
 
+# Start the workers
+/var/www/MISP/app/Console/worker/start.sh
+
 # Installing MISP modules…
 sudo apt-get install -y python3-dev python3-pip python-pip libpq5 libjpeg-dev libfuzzy-dev
 cd /usr/local/src/
@@ -481,6 +485,7 @@ Recommended actions
 
 Optional features
 -------------------
+# MISP has a new pub/sub feature, using ZeroMQ. To enable it, simply run the following commands
 
 # Install misp-dashboard