mirror of https://github.com/MISP/MISP
- Final merge, 90% in line.
- More automation - ToDo: Seperate optional features from the essentialpull/3436/head
parent
3e3ac7f609
commit
78d17b5d06
|
@ -348,9 +348,38 @@ sudo -u www-data sh -c "gpg --homedir /var/www/MISP/.gnupg --export --armor YOUR
|
|||
|
||||
# To make the background workers start on boot
|
||||
sudo chmod +x /var/www/MISP/app/Console/worker/start.sh
|
||||
sudo vim /etc/rc.local
|
||||
# Add the following line before the last line (exit 0). Make sure that you replace www-data with your apache user:
|
||||
sudo -u www-data bash /var/www/MISP/app/Console/worker/start.sh
|
||||
if [ ! -e /etc/rc.local ]
|
||||
then
|
||||
echo '#!/bin/sh -e' | sudo tee -a /etc/rc.local
|
||||
echo 'exit 0' | sudo tee -a /etc/rc.local
|
||||
sudo chmod u+x /etc/rc.local
|
||||
fi
|
||||
|
||||
# Initialize user and fetch Auth Key
|
||||
sudo -E /var/www/MISP/app/Console/cake userInit -q
|
||||
AUTH_KEY=$(mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP misp -e "SELECT authkey FROM users;" | tail -1)
|
||||
|
||||
# Update: galaxies, taxonomies, warning-/notice-lists, object templates
|
||||
|
||||
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -o /dev/null -s -X POST http://127.0.0.1/galaxies/update
|
||||
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -o /dev/null -s -X POST http://127.0.0.1/taxonomies/update
|
||||
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -o /dev/null -s -X POST http://127.0.0.1/warninglists/update
|
||||
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -o /dev/null -s -X POST http://127.0.0.1/noticelists/update
|
||||
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -o /dev/null -s -X POST http://127.0.0.1/objectTemplates/update
|
||||
|
||||
# Setup some more MISP default via cake CLI
|
||||
|
||||
sudo /var/www/MISP/app/Console/cake Admin setSetting "GnuPG.email" "admin@admin.test"
|
||||
sudo /var/www/MISP/app/Console/cake Admin setSetting "GnuPG.homedir" "/var/www/MISP/.gnupg"
|
||||
sudo /var/www/MISP/app/Console/cake Admin setSetting "MISP.host_org_id" 1
|
||||
sudo /var/www/MISP/app/Console/cake Admin setSetting "MISP.email" "info@admin.test"
|
||||
sudo /var/www/MISP/app/Console/cake Admin setSetting "MISP.disable_emailing" true
|
||||
sudo /var/www/MISP/app/Console/cake Admin setSetting "MISP.contact" "info@admin.test"
|
||||
sudo /var/www/MISP/app/Console/cake Admin setSetting "MISP.disablerestalert" true
|
||||
sudo /var/www/MISP/app/Console/cake Admin setSetting "MISP.showCorrelationsOnIndex" true
|
||||
sudo /var/www/MISP/app/Console/cake Admin setSetting "Session.autoRegenerate" false
|
||||
sudo /var/www/MISP/app/Console/cake Admin setSetting "Session.timeout" 600
|
||||
sudo /var/www/MISP/app/Console/cake Admin setSetting "Session.cookie_timeout" 3600
|
||||
|
||||
# Now log in using the webinterface:
|
||||
# The default user/pass = admin@admin.test/admin
|
||||
|
@ -374,12 +403,54 @@ curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --h
|
|||
|
||||
# Updating the warning lists…
|
||||
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/warninglists/update
|
||||
|
||||
# Updating the notice lists…
|
||||
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/noticelists/update
|
||||
|
||||
# Updating the object templates…
|
||||
curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -k -X POST https://127.0.0.1/objectTemplates/update
|
||||
|
||||
# Enable ZeroMQ for misp-dashboard
|
||||
sudo /var/www/MISP/app/Console/cake Admin setSetting "Plugin.ZeroMQ_enable" true
|
||||
sudo /var/www/MISP/app/Console/cake Admin setSetting "Plugin.ZeroMQ_event_notifications_enable" true
|
||||
sudo /var/www/MISP/app/Console/cake Admin setSetting "Plugin.ZeroMQ_object_notifications_enable" true
|
||||
sudo /var/www/MISP/app/Console/cake Admin setSetting "Plugin.ZeroMQ_object_reference_notifications_enable" true
|
||||
sudo /var/www/MISP/app/Console/cake Admin setSetting "Plugin.ZeroMQ_attribute_notifications_enable" true
|
||||
sudo /var/www/MISP/app/Console/cake Admin setSetting "Plugin.ZeroMQ_sighting_notifications_enable" true
|
||||
sudo /var/www/MISP/app/Console/cake Admin setSetting "Plugin.ZeroMQ_user_notifications_enable" true
|
||||
sudo /var/www/MISP/app/Console/cake Admin setSetting "Plugin.ZeroMQ_organisation_notifications_enable" true
|
||||
|
||||
# Add the following lines before the last line (exit 0). Make sure that you replace www-data with your apache user:
|
||||
sudo -u www-data bash /var/www/MISP/app/Console/worker/start.sh
|
||||
sudo sed -i -e '$i \echo never > /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \sudo -u www-data bash /var/www/MISP/app/Console/worker/start.sh\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \sudo -u www-data misp-modules -l 0.0.0.0 -s &\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \sudo -u www-data bash /var/www/misp-dashboard/start_all.sh\n' /etc/rc.local
|
||||
|
||||
# Start the workers
|
||||
|
||||
/var/www/MISP/app/Console/worker/start.sh
|
||||
|
||||
# Installing MISP modules…
|
||||
sudo apt-get install -y python3-dev python3-pip python-pip libpq5 libjpeg-dev libfuzzy-dev
|
||||
cd /usr/local/src/
|
||||
sudo git clone https://github.com/MISP/misp-modules.git
|
||||
cd misp-modules
|
||||
# pip3 install
|
||||
sudo pip3 install -I -r REQUIREMENTS
|
||||
sudo pip3 install -I .
|
||||
sudo pip3 install lief
|
||||
sudo pip3 install maec
|
||||
sudo pip3 install pymisp python-magic
|
||||
sudo pip3 install git+https://github.com/kbandla/pydeep.git
|
||||
# pip2 install
|
||||
sudo pip install pymisp python-magic
|
||||
sudo pip install git+https://github.com/kbandla/pydeep.git
|
||||
sudo pip install lief
|
||||
# install STIX2.0 library to support STIX 2.0 export:
|
||||
sudo pip3 install stix2
|
||||
|
||||
# Once done, have a look at the diagnostics
|
||||
|
||||
# If any of the directories that MISP uses to store files is not writeable to the apache user, change the permissions
|
||||
|
|
|
@ -126,6 +126,7 @@ sudo a2ensite default-ssl
|
|||
|
||||
# Install PHP and dependencies
|
||||
sudo apt-get install -y libapache2-mod-php7.2 php7.2 php7.2-cli php7.2-gnupg php7.2-dev php7.2-json php7.2-xml php7.2-mysql php7.2-opcache php7.2-readline php7.2-redis php7.2-mbstring php-pear
|
||||
sudo pear channel-update pear.php.net
|
||||
sudo pear install Crypt_GPG
|
||||
sudo a2enmod php7.2
|
||||
|
||||
|
@ -433,6 +434,9 @@ sudo sed -i -e '$i \sudo -u www-data bash /var/www/MISP/app/Console/worker/start
|
|||
sudo sed -i -e '$i \sudo -u www-data misp-modules -l 0.0.0.0 -s &\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \sudo -u www-data bash /var/www/misp-dashboard/start_all.sh\n' /etc/rc.local
|
||||
|
||||
# Start the workers
|
||||
/var/www/MISP/app/Console/worker/start.sh
|
||||
|
||||
# Installing MISP modules…
|
||||
sudo apt-get install -y python3-dev python3-pip python-pip libpq5 libjpeg-dev libfuzzy-dev
|
||||
cd /usr/local/src/
|
||||
|
@ -481,6 +485,7 @@ Recommended actions
|
|||
|
||||
Optional features
|
||||
-------------------
|
||||
# MISP has a new pub/sub feature, using ZeroMQ. To enable it, simply run the following commands
|
||||
|
||||
# Install misp-dashboard
|
||||
|
||||
|
|
Loading…
Reference in New Issue