diff --git a/docs/INSTALL.rhel7.md b/docs/INSTALL.rhel7.md
index b6a475545..60bdb019e 100644
--- a/docs/INSTALL.rhel7.md
+++ b/docs/INSTALL.rhel7.md
@@ -635,7 +635,7 @@ configWorkersRHEL () {
{!generic/MISP_CAKE_init.md!}
-{!generic/misp-modules-centos.md!}
+{!generic/misp-modules-rhel.md!}
{!generic/misp-modules-cake.md!}
diff --git a/docs/INSTALL.rhel8.md b/docs/INSTALL.rhel8.md
index 239ba8798..d79200960 100644
--- a/docs/INSTALL.rhel8.md
+++ b/docs/INSTALL.rhel8.md
@@ -1,14 +1,13 @@
# INSTALLATION INSTRUCTIONS for RHEL 8.x based distros
-------------------------
-### -2/ RHEL8/CentOS8/CentOS_Stream(8/9)/Rocky8.4/Rocky8.5/Fedora34/Fedora35 - status
+### -2/ RHEL8/Rocky8.4/Rocky8.5/Fedora34/Fedora35 - status
-------------------------
!!! notice
Tested fully working without SELinux by [@SteveClement](https://twitter.com/SteveClement) on 20210702
!!! notice
TODO: Fix SELinux permissions, *pull-requests welcome*.
- TODO: Test CentOS Stram 9, misp-core works approximately.
{!generic/manual-install-notes.md!}
@@ -19,8 +18,6 @@
### 0/ Overview and Assumptions
-{!generic/rhelVScentos.md!}
-
!!! warning
The core MISP team cannot easily verify if this guide is working or not. Please help us in keeping it up to date and accurate.
Thus we also have difficulties in supporting RHEL issues but will do a best effort on a similar yet slightly different setup.
@@ -32,8 +29,8 @@
{!generic/manual-install-notes.md!}
-This document details the steps to install MISP on Red Hat Enterprise Linux 8.x (RHEL 8.x) and CentOS 8.x.
-This is a joint RHEL/CentOS install guide. The authors tried to make it contextually evident what applies to which flavor.
+This document details the steps to install MISP on Red Hat Enterprise Linux 8.x (RHEL 8.x) and Rocky Linux 8.x.
+This is a joint RHEL/Rocky install guide. The authors tried to make it contextually evident what applies to which flavor.
The following assumptions with regard to this installation have been made.
@@ -59,7 +56,7 @@ The following assumptions with regard to this installation have been made.
### 1/ OS Install and additional repositories
-## 1.1/ Complete a minimal RHEL/CentOS installation, configure IP address to connect automatically.
+## 1.1/ Complete a minimal RHEL/Rocky installation, configure IP address to connect automatically.
## 1.2/ Configure system hostname (if not done during install)
```bash
@@ -127,14 +124,6 @@ enableEPEL_REMI_8 () {
([[ ${DISTRI} == "centos8stream" ]] || [[ ${DISTRI} == "centos8" ]] || [[ ${DISTRI} == "rocky8.4" ]] || [[ ${DISTRI} == "rocky8.5" ]]) && sudo dnf config-manager --set-enabled powertools
}
-enableEPEL_REMI_9 () {
- sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm -y
- sudo dnf install http://rpms.remirepo.net/enterprise/remi-release-9.rpm -y
- sudo dnf install dnf-utils -y
- sudo dnf module enable php:remi-7.4 -y
- ([[ ${DISTRI} == "centos9stream" ]]) && sudo dnf config-manager --set-enabled powertools
-}
-
enableREMI_fedora () {
[[ "${DISTRI%??}" == "fedora" ]] && sudo dnf install http://rpms.remirepo.net/fedora/remi-release-${DISTRI:6}.rpm -y
dnf list installed mod_lua && sudo dnf remove mod_lua -y
@@ -321,7 +310,7 @@ installCoreRHEL8 () {
# If you umask is has been changed from the default, it is a good idea to reset it to 0022 before installing python modules
([[ ${DISTRI} == 'fedora33' ]] || [[ ${DISTRI} == 'fedora34' ]] || [[ ${DISTRI} == 'rhel8.3' ]]) && sudo dnf install cmake3 -y && CMAKE_BIN='cmake3'
- ([[ ${DISTRI} == 'centos8stream' ]] || [[ ${DISTRI} == 'centos8' ]] || [[ ${DISTRI} == 'rocky8.4' ]] || [[ ${DISTRI} == 'rocky8.5' ]] || [[ ${DISTRI} == 'centos9stream']]) && sudo dnf install cmake -y && CMAKE_BIN='cmake'
+ ([[ ${DISTRI} == 'centos8stream' ]] || [[ ${DISTRI} == 'centos8' ]] || [[ ${DISTRI} == 'rocky8.4' ]] || [[ ${DISTRI} == 'rocky8.5' ]]) && sudo dnf install cmake -y && CMAKE_BIN='cmake'
UMASK=$(umask)
umask 0022
@@ -345,7 +334,7 @@ installCoreRHEL8 () {
$SUDO_WWW $PATH_TO_MISP/venv/bin/pip install -U .
# FIXME: Remove libfaup etc once the egg has the library baked-in
- # BROKEN: This needs to be tested on RHEL/CentOS
+ # BROKEN: This needs to be tested on RHEL/Rocky
sudo dnf install libcaca-devel -y
cd /tmp
[[ ! -d "faup" ]] && $SUDO_CMD git clone https://github.com/stricaud/faup.git faup
@@ -729,11 +718,11 @@ configWorkersRHEL () {
{!generic/MISP_CAKE_init.md!}
-{!generic/misp-modules-centos.md!}
+{!generic/misp-modules-rhel.md!}
{!generic/misp-modules-cake.md!}
-{!generic/misp-dashboard-centos.md!}
+{!generic/misp-dashboard-rhel.md!}
{!generic/misp-dashboard-cake.md!}
diff --git a/docs/UPDATE.md b/docs/UPDATE.md
index 953da090b..948dae503 100644
--- a/docs/UPDATE.md
+++ b/docs/UPDATE.md
@@ -81,7 +81,7 @@ cd /var/www/MISP/PyMISP
python3 setup.py install
```
-# 6. For RHEL/CentOS: enable python3 for php-fpm
+# 6. For RHEL: enable python3 for php-fpm
```bash
echo 'source scl_source enable rh-python36' >> /etc/opt/rh/rh-php71/sysconfig/php-fpm
sed -i.org -e 's/^;\(clear_env = no\)/\1/' /etc/opt/rh/rh-php71/php-fpm.d/www.conf
diff --git a/docs/archive/INSTALL.ubuntu1604.md b/docs/archive/INSTALL.ubuntu1604.md
deleted file mode 100644
index ccd395f98..000000000
--- a/docs/archive/INSTALL.ubuntu1604.md
+++ /dev/null
@@ -1,486 +0,0 @@
-# INSTALLATION INSTRUCTIONS
-## for Ubuntu 16.04.5-server
-
-### 0/ MISP Ubuntu 16.04-server install - status
--------------------------
-!!! notice
- Tested working by @SteveClement on 20181025
-
-{!generic/community.md!}
-
-{!generic/globalVariables.md!}
-
-```bash
-PHP_ETC_BASE=/etc/php/7.0
-PHP_INI=${PHP_ETC_BASE}/apache2/php.ini
-```
-
-### 1/ Minimal Ubuntu install
--------------------------
-
-#### Install a minimal Ubuntu 16.04-server system with the software:
-- OpenSSH server
-- This guide assumes a user name of 'misp' with sudo working
-
-{!generic/sudo_etckeeper.md!}
-
-{!generic/ethX.md!}
-
-#### Make sure your system is up2date
-```bash
-# Install python 3.6 from ppa due to this domaintools_api bug: https://github.com/DomainTools/python_api/issues/31
-sudo add-apt-repository ppa:jonathonf/python-3.6
-sudo apt-get update
-sudo apt-get upgrade
-```
-
-#### install postfix, there will be some questions.
-```bash
-sudo apt-get install postfix -y
-```
-!!! notice
- Postfix Configuration: Satellite system
- change the relay server later with:
- ```bash
- sudo postconf -e 'relayhost = example.com'
- sudo postfix reload
- ```
-
-### 2/ Install LAMP & dependencies
-------------------------------
-Once the system is installed you can perform the following steps.
-```bash
-# Make sure you have enabled the Universe repository
-# (ie. for redis-server), enable it with:
-# sudo add-apt-repository universe
-
-# Install the dependencies: (some might already be installed)
-sudo apt-get install curl gcc git gnupg-agent make python python3 python3.6 virtualenv openssl redis-server sudo vim zip -y
-
-# Install MariaDB (a MySQL fork/alternative)
-sudo apt-get install mariadb-client mariadb-server -y
-
-sudo apt install expect -y
-
-# Add your credentials if needed, if sudo has NOPASS, comment out the relevant lines
-pw="Password1234"
-
-expect -f - <<-EOF
- set timeout 10
-
- spawn sudo mysql_secure_installation
- expect "*?assword*"
- send -- "$pw\r"
- expect "Enter current password for root (enter for none):"
- send -- "\r"
- expect "Set root password?"
- send -- "y\r"
- expect "New password:"
- send -- "${DBPASSWORD_ADMIN}\r"
- expect "Re-enter new password:"
- send -- "${DBPASSWORD_ADMIN}\r"
- expect "Remove anonymous users?"
- send -- "y\r"
- expect "Disallow root login remotely?"
- send -- "y\r"
- expect "Remove test database and access to it?"
- send -- "y\r"
- expect "Reload privilege tables now?"
- send -- "y\r"
- expect eof
-EOF
-sudo apt-get purge -y expect ; sudo apt autoremove -y
-
-# Install Apache2
-sudo apt-get install apache2 apache2-doc apache2-utils -y
-
-# Enable modules, settings, and default of SSL in Apache
-sudo a2dismod status
-sudo a2enmod ssl
-sudo a2enmod rewrite
-sudo a2enmod headers
-sudo a2dissite 000-default
-sudo a2ensite default-ssl
-
-# Install PHP and dependencies
-sudo apt-get install libapache2-mod-php php php-cli php-gnupg php-dev php-json php-mysql php-opcache php-readline php-redis php-xml php-mbstring php-gd -y
-
-# Apply all changes
-sudo systemctl restart apache2
-```
-
-### 3/ MISP code
-------------
-```bash
-# Download MISP using git in the /var/www/ directory.
-sudo mkdir /var/www/MISP
-sudo chown www-data:www-data /var/www/MISP
-cd /var/www/MISP
-sudo -u www-data git clone https://github.com/MISP/MISP.git /var/www/MISP
-sudo -u www-data git submodule update --init --recursive
-# Make git ignore filesystem permission differences for submodules
-sudo -u www-data git submodule foreach --recursive git config core.filemode false
-
-# Make git ignore filesystem permission differences
-sudo -u www-data git config core.filemode false
-
-# Create a python3 virtualenv
-sudo -u www-data virtualenv -p python3.6 /var/www/MISP/venv
-
-# make pip happy
-sudo mkdir /var/www/.cache/
-sudo chown www-data:www-data /var/www/.cache
-
-# install Mitre's STIX and its dependencies by running the following commands:
-sudo apt-get install python3.6-dev libxml2-dev libxslt1-dev zlib1g-dev python-setuptools -y
-cd /var/www/MISP/app/files/scripts
-sudo -u www-data git clone https://github.com/CybOXProject/python-cybox.git
-sudo -u www-data git clone https://github.com/STIXProject/python-stix.git
-# install mixbox to accommodate the new STIX dependencies:
-sudo -u www-data git clone https://github.com/CybOXProject/mixbox.git
-cd /var/www/MISP/app/files/scripts/mixbox
-sudo -H -u www-data /var/www/MISP/venv/bin/pip install .
-cd /var/www/MISP/app/files/scripts/python-cybox
-sudo -H -u www-data /var/www/MISP/venv/bin/pip install .
-cd /var/www/MISP/app/files/scripts/python-stix
-sudo -H -u www-data /var/www/MISP/venv/bin/pip install .
-
-# install PyMISP
-cd /var/www/MISP/PyMISP
-sudo -H -u www-data /var/www/MISP/venv/bin/pip install .
-```
-
-### 4/ CakePHP
------------
-
-```bash
-# Once done, install CakeResque along with its dependencies
-# if you intend to use the built in background jobs:
-cd /var/www/MISP/app
-# Make composer cache happy
-# /!\ composer on Ubuntu when invoked with sudo -u doesn't set $HOME to /var/www but keeps it /home/misp \!/
-sudo mkdir /var/www/.composer ; sudo chown www-data:www-data /var/www/.composer
-sudo -H -u www-data php composer.phar install --no-dev
-
-# Enable CakeResque with php-redis
-sudo phpenmod redis
-sudo phpenmod gnupg
-
-# To use the scheduler worker for scheduled tasks, do the following:
-sudo -u www-data cp -fa /var/www/MISP/INSTALL/setup/config.php /var/www/MISP/app/Plugin/CakeResque/Config/config.php
-
-# If you have multiple MISP instances on the same system, don't forget to have a different Redis per MISP instance for the CakeResque workers
-# The default Redis port can be updated in Plugin/CakeResque/Config/config.php
-```
-
-### 5/ Set the permissions
-----------------------
-
-```bash
-# Check if the permissions are set correctly using the following commands:
-sudo chown -R www-data:www-data /var/www/MISP
-sudo chmod -R 750 /var/www/MISP
-sudo chmod -R g+ws /var/www/MISP/app/tmp
-sudo chmod -R g+ws /var/www/MISP/app/files
-sudo chmod -R g+ws /var/www/MISP/app/files/scripts/tmp
-```
-
-### 6/ Create a database and user
------------------------------
-```bash
-# Enter the mysql shell
-sudo mysql -u root -p
-```
-
-```
-MariaDB [(none)]> create database misp;
-MariaDB [(none)]> grant usage on *.* to misp@localhost identified by 'XXXXdbpasswordhereXXXXX';
-MariaDB [(none)]> grant all privileges on misp.* to misp@localhost;
-MariaDB [(none)]> flush privileges;
-MariaDB [(none)]> exit
-```
-
-#### copy/paste:
-```bash
-sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "create database $DBNAME;"
-sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant usage on *.* to $DBNAME@localhost identified by '$DBPASSWORD_MISP';"
-sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant all privileges on $DBNAME.* to '$DBUSER_MISP'@'localhost';"
-sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
-```
-
-#### Import the empty MISP database from MYSQL.sql
-```bash
-# Import the empty MISP database from MYSQL.sql
-sudo -u www-data cat $PATH_TO_MISP/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
-```
-
-### 7/ Apache configuration
------------------------
-Now configure your Apache webserver with the DocumentRoot /var/www/MISP/app/webroot/
-
-#### Apache version 2.2 config:
-```bash
-sudo cp /var/www/MISP/INSTALL/apache.22.misp.ssl /etc/apache2/sites-available/misp-ssl.conf
-```
-
-#### Apache version 2.4 config:
-```bash
-sudo cp /var/www/MISP/INSTALL/apache.24.misp.ssl /etc/apache2/sites-available/misp-ssl.conf
-```
-
-!!! notice
- Be aware that the configuration files for apache 2.4 and up have changed.
- The configuration file has to have the .conf extension in the sites-available directory
- For more information, visit http://httpd.apache.org/docs/2.4/upgrading.html
-
-```bash
-# If a valid SSL certificate is not already created for the server,
-# create a self-signed certificate:
-sudo openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
--subj "/C=${OPENSSL_C}/ST=${OPENSSL_ST}/L=${OPENSSL_L}/O=${OPENSSL_O}/OU=${OPENSSL_OU}/CN=${OPENSSL_CN}/emailAddress=${OPENSSL_EMAILADDRESS}" \
--keyout /etc/ssl/private/misp.local.key -out /etc/ssl/private/misp.local.crt
-```
-
-!!! notice
- Please find a sample conf file for an SSL enabled conf file in-line below (alternatively use one of the samples provided in /var/www/MISP/INSTALL).
- Also remember to verify the SSLCertificateChainFile property in your config file.
- This is usually commented out for the self-generated certificate in the sample configurations, such as the one pasted below.
- Otherwise, copy the SSLCertificateFile, SSLCertificateKeyFile, and SSLCertificateChainFile to /etc/ssl/private/. (Modify path and config to fit your environment)
-
-```
-============================================= Begin sample working SSL config for MISP
-:80>
- ServerName
-
- Redirect permanent / https://
-
- LogLevel warn
- ErrorLog /var/log/apache2/misp.local_error.log
- CustomLog /var/log/apache2/misp.local_access.log combined
- ServerSignature Off
-
-
-:443>
- ServerAdmin admin@
- ServerName
- DocumentRoot /var/www/MISP/app/webroot
-
- Options -Indexes
- AllowOverride all
- Order allow,deny
- allow from all
-
-
- SSLEngine On
- SSLCertificateFile /etc/ssl/private/misp.local.crt
- SSLCertificateKeyFile /etc/ssl/private/misp.local.key
-# SSLCertificateChainFile /etc/ssl/private/misp-chain.crt
-
- LogLevel warn
- ErrorLog /var/log/apache2/misp.local_error.log
- CustomLog /var/log/apache2/misp.local_access.log combined
- ServerSignature Off
-
-============================================= End sample working SSL config for MISP
-```
-
-```bash
-# activate new vhost
-sudo a2dissite default-ssl
-sudo a2ensite misp-ssl
-
-for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit
-do
- sudo sed -i "s/^\($key\).*/\1 = $(eval echo \${$key})/" $PHP_INI
-done
-
-# Restart apache
-sudo systemctl restart apache2
-```
-
-### 8/ Log rotation
----------------
-```bash
-# MISP saves the stdout and stderr of its workers in /var/www/MISP/app/tmp/logs
-# To rotate these logs install the supplied logrotate script:
-
-sudo cp /var/www/MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
-sudo chmod 0640 /etc/logrotate.d/misp
-```
-
-### 9/ MISP configuration
----------------------
-```bash
-# There are 4 sample configuration files in /var/www/MISP/app/Config that need to be copied
-sudo -u www-data cp -a /var/www/MISP/app/Config/bootstrap.default.php /var/www/MISP/app/Config/bootstrap.php
-sudo -u www-data cp -a /var/www/MISP/app/Config/database.default.php /var/www/MISP/app/Config/database.php
-sudo -u www-data cp -a /var/www/MISP/app/Config/core.default.php /var/www/MISP/app/Config/core.php
-sudo -u www-data cp -a /var/www/MISP/app/Config/config.default.php /var/www/MISP/app/Config/config.php
-
-echo " 'Database/Mysql',
- //'datasource' => 'Database/Postgres',
- 'persistent' => false,
- 'host' => '$DBHOST',
- 'login' => '$DBUSER_MISP',
- 'port' => 3306, // MySQL & MariaDB
- //'port' => 5432, // PostgreSQL
- 'password' => '$DBPASSWORD_MISP',
- 'database' => '$DBNAME',
- 'prefix' => '',
- 'encoding' => 'utf8',
- );
-}" | sudo -u www-data tee $PATH_TO_MISP/app/Config/database.php
-
-# Important! Change the salt key in /var/www/MISP/app/Config/config.php
-# The salt key must be a string at least 32 bytes long.
-# The admin user account will be generated on the first login, make sure that the salt is changed before you create that user
-# If you forget to do this step, and you are still dealing with a fresh installation, just alter the salt,
-# delete the user from mysql and log in again using the default admin credentials (admin@admin.test / admin)
-
-# and make sure the file permissions are still OK
-sudo chown -R www-data:www-data /var/www/MISP/app/Config
-sudo chmod -R 750 /var/www/MISP/app/Config
-
-# Generate a GPG encryption key.
-
-cat >/tmp/gen-key-script < /sys/kernel/mm/transparent_hugepage/enabled\n' /etc/rc.local
-sudo sed -i -e '$i \echo 1024 > /proc/sys/net/core/somaxconn\n' /etc/rc.local
-sudo sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
-sudo sed -i -e '$i \sudo -u www-data bash /var/www/MISP/app/Console/worker/start.sh > /tmp/worker_start_rc.local.log\n' /etc/rc.local
-sudo sed -i -e '$i \sudo -u www-data /var/www/MISP/venv/bin/misp-modules -l 127.0.0.1 -s > /tmp/misp-modules_rc.local.log &\n' /etc/rc.local
-
-# Start the workers
-sudo -u www-data bash $PATH_TO_MISP/app/Console/worker/start.sh
-
-# some misp-modules dependencies
-sudo apt-get install -y libpq5 libjpeg-dev libfuzzy-dev
-
-sudo chmod 2775 /usr/local/src
-sudo chown root:staff /usr/local/src
-cd /usr/local/src/
-git clone https://github.com/MISP/misp-modules.git
-cd misp-modules
-# pip install
-sudo -H -u www-data /var/www/MISP/venv/bin/pip install -I -r REQUIREMENTS
-sudo -H -u www-data /var/www/MISP/venv/bin/pip install .
-sudo apt install ruby-pygments.rb -y
-sudo gem install asciidoctor-pdf --pre
-
-# install STIX2.0 library to support STIX 2.0 export:
-sudo -H -u www-data /var/www/MISP/venv/bin/pip install stix2
-
-# install additional dependencies for extended object generation and extraction
-sudo -H -u www-data /var/www/MISP/venv/bin/pip install maec lief python-magic pathlib
-sudo -H -u www-data /var/www/MISP/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
-
-# Start misp-modules
-sudo -u www-data misp-modules -l 127.0.0.1 -s &
-
-echo "Admin (root) DB Password: $DBPASSWORD_ADMIN"
-echo "User (misp) DB Password: $DBPASSWORD_MISP"
-```
-
-{!generic/INSTALL.done.md!}
-
-{!generic/recommended.actions.md!}
-
-### Optional features
------------------
-#### MISP has a new pub/sub feature, using ZeroMQ. To enable it, simply run the following command
-```bash
-sudo -H -u www-data /var/www/MISP/venv/bin/pip install pyzmq
-```
-
-#### MISP has a feature for publishing events to Kafka. To enable it, simply run the following commands
-```bash
-apt-get install librdkafka-dev php-dev
-pecl install rdkafka
-find /etc -name php.ini | while read f; do echo 'extension=rdkafka.so' | tee -a "$f"; done
-```
-
-!!! warning
- There is an issue with the apache config of misp-dashboard in Ubuntu 16.04
- You need to **remove** the following 3 options from **WSGIDaemonProcess**
- ```
- # eviction-timeout=0
- # response-buffer-size=0
- # server-metrics=Off
- ```
- The version of **libapache2-mod-wsgi-py3** is "out-of-date".
- ```
- ii libapache2-mod-wsgi-py3 4.3.0-1.1build1 amd64 Python 3 WSGI adapter module for Apache
- ```
-
-!!! warning
- On a stock Ubuntu 16.04 **redis-server** is only at v3.0 the command GEOADD only got introduce v3.2
- If you want to use misp-dashboard on 16.04 do the following:
- ```bash
- sudo add-apt-repository ppa:chris-lea/redis-server
- sudo apt update
- sudo apt install redis-server
- ```
-
-All of the above said, it might still not work for you. If so, please open an [issue](https://github.com/MISP/misp-dashboard/issues) or join [gitter](https://gitter.im/MISP) and discuss there.
-
-{!generic/misp-dashboard-debian.md!}
-
-{!generic/viper-debian.md!}
-
-{!generic/ssdeep-debian.md!}
-
-{!generic/mail_to_misp-debian.md!}
-
-#### misp-modules (section deprecated)
--------------------------------
-!!! notice
- If you want to add the misp modules functionality, follow the setup procedure described in misp-modules:
- https://github.com/MISP/misp-modules#how-to-install-and-start-misp-modules
- Then the enrichment, export and import modules can be enabled in MISP via the settings.
diff --git a/docs/archive/xINSTALL.centos6.md b/docs/archive/xINSTALL.centos6.md
deleted file mode 100644
index 44819a427..000000000
--- a/docs/archive/xINSTALL.centos6.md
+++ /dev/null
@@ -1,587 +0,0 @@
-# INSTALLATION INSTRUCTIONS
-## for CentOS 6.10
-
-### -1/ Installer and Manual install instructions
-
-Make sure you are reading the parsed version of this Document. When in doubt [click here](https://misp.github.io/MISP/xINSTALL.centos6/).
-
-!!! warning
- In the **future**, to install MISP on a fresh CentOS 6 install all you need to do is:
-
- ```bash
- # Please check the installer options first to make the best choice for your install
- wget -O /tmp/INSTALL.sh https://raw.githubusercontent.com/MISP/MISP/2.4/INSTALL/INSTALL.sh
- bash /tmp/INSTALL.sh
-
- # This will install MISP Core
- wget -O /tmp/INSTALL.sh https://raw.githubusercontent.com/MISP/MISP/2.4/INSTALL/INSTALL.sh
- bash /tmp/INSTALL.sh -c
- ```
- **The above does NOT work yet**
-
-### 0/ MISP CentOS 6 Minimal NetInstall - Status
---------------------------------------------
-
-{!generic/community.md!}
-
-{!generic/rhelVScentos.md!}
-
-!!! notice
- Semi-maintained and tested by @SteveClement, CentOS 6.10 on 20190417
- It is still considered experimental as not everything works seemlessly.
-
-!!! notice
- Maintenance will end on: November 30th, 2020 [Source[0]](https://wiki.centos.org/About/Product) [Source[1]](https://linuxlifecycle.com/)
-
-CentOS 6.10 [NetInstallURL](http://mirrors.sonic.net/centos/6.10/os/x86_64/)
-
-{!generic/globalVariables.md!}
-
-```bash
-# CentOS Specific
-RUN_PHP='/usr/bin/scl enable rh-php70 '
-RUN_PYTHON='/usr/bin/scl enable rh-python36 '
-SUDO_WWW='sudo -H -u apache'
-
-PHP_INI=/etc/opt/rh/rh-php70/php.ini
-```
-
-### 1/ Minimal CentOS install
--------------------------
-
-Install a minimal CentOS 6.x system with the software:
-
-- OpenSSH server
-- LAMP server (actually, this is done below)
-- Mail server
-
-
-```bash
-# Make sure you set your hostname CORRECTLY vs. like an brute (manually in /etc/hostname)
-sudo hostnamectl set-hostname misp.local # Your choice, in a production environment, it's best to use a FQDN
-
-# Make sure your system is up2date:
-sudo yum update -y
-```
-
-### 2/ Dependencies *
-----------------
-Once the system is installed you can perform the following steps as root or with sudo.
-
-```bash
-# We need some packages from the Extra Packages for Enterprise Linux repository
-curl -o /tmp/epel.rpm http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
-sudo rpm -Uvh /tmp/epel.rpm
-
-# php 7.2
-# sudo rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
-# sudo yum install yum-utils
-# sudo yum-config-manager --enable remi-php72
-# sudo yum update
-
-
-# Since MISP 2.4 PHP 5.5 is a minimal requirement, so we need a newer version than CentOS base provides
-# Software Collections is a way do to this, see https://wiki.centos.org/AdditionalResources/Repositories/SCL
-sudo yum install centos-release-scl -y
-
-# Because vim is just so practical
-sudo yum install vim -y
-
-# Install the dependencies:
-sudo yum install gcc git zip \
- httpd \
- mod_ssl \
- redis \
- mysql-server \
- python-devel python-pip python-zmq \
- libxslt-devel zlib-devel ssdeep-devel -y
-
-# Install PHP 7.0 from SCL, see https://www.softwarecollections.org/en/scls/rhscl/rh-php70/
-sudo yum install rh-php70 rh-php70-php-fpm rh-php70-php-devel rh-php70-php-mysqlnd rh-php70-php-mbstring rh-php70-php-xml rh-php70-php-bcmath rh-php70-php-gd rh-php70-php-zip
-
-# Install Python 3.6 from SCL, see https://www.softwarecollections.org/en/scls/rhscl/rh-python36/
-sudo yum install rh-python36 -y
-
-# rh-php70-php only provided mod_php for httpd24-httpd from SCL
-# if we want to use httpd from CentOS base we can use rh-php70-php-fpm instead
-sudo chkconfig rh-php70-php-fpm on
-sudo service rh-php70-php-fpm start
-
-# php-fpm is accessed using the fcgi interface
-sudo yum install mod_fcgid mod_proxy_fcgi
-```
-
-!!! notice
- $RUN_PHP makes php available for you if using rh-php70. e.g: $RUN_PHP "pear list | grep Crypt_GPG"
-
-```bash
-# GPG needs lots of entropy, haveged provides entropy
-sudo yum install haveged -y
-sudo chkconfig haveged on
-sudo service haveged start
-
-# Enable and start redis
-sudo chkconfig redis on
-sudo service redis start
-```
-
-### 3/ MISP code
-------------
-```bash
-# Download MISP using git in the /var/www/ directory.
-sudo mkdir ${PATH_TO_MISP}
-sudo chown apache:apache ${PATH_TO_MISP}
-cd /var/www
-${SUDO_WWW} git clone https://github.com/MISP/MISP.git
-cd ${PATH_TO_MISP}
-##${SUDO_WWW} git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
-# if the last shortcut doesn't work, specify the latest version manually
-# example: git checkout tags/v2.4.XY
-# the message regarding a "detached HEAD state" is expected behaviour
-# (you only have to create a new branch, if you want to change stuff and do a pull request for example)
-
-# Fetch submodules
-${SUDO_WWW} git submodule update --init --recursive
-# Make git ignore filesystem permission differences for submodules
-${SUDO_WWW} git submodule foreach --recursive git config core.filemode false
-
-# Create a python3 virtualenv
-${SUDO_WWW} $RUN_PYTHON "virtualenv -p python3 ${PATH_TO_MISP}/venv"
-sudo mkdir /var/www/.cache
-sudo chown apache:apache /var/www/.cache
-${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U pip setuptools
-
-# install Mitre's STIX and its dependencies by running the following commands:
-sudo yum install python-importlib python-lxml python-dateutil python-six -y
-cd ${PATH_TO_MISP}/app/files/scripts
-${SUDO_WWW} git clone https://github.com/CybOXProject/python-cybox.git
-${SUDO_WWW} git clone https://github.com/STIXProject/python-stix.git
-cd ${PATH_TO_MISP}/app/files/scripts/python-cybox
-$SUDO_WWW git config core.filemode false
-# If you umask is has been changed from the default, it is a good idea to reset it to 0022 before installing python modules
-UMASK=$(umask)
-umask 0022
-cd ${PATH_TO_MISP}/app/files/scripts/python-stix
-$SUDO_WWW git config core.filemode false
-${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
-
-# install maec
-${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U maec
-
-# install zmq
-${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U zmq
-
-# install redis
-${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U redis
-
-# lief needs manual compilation
-sudo yum install devtoolset-7 cmake3 -y
-
-sudo yum install http://opensource.wandisco.com/centos/6/git/x86_64/wandisco-git-release-6-1.noarch.rpm
-sudo yum install git -y
-cd ${PATH_TO_MISP}/app/files/scripts
-${SUDO_WWW} git clone --branch master --single-branch https://github.com/lief-project/LIEF.git lief
-
-# TODO: Fix static path with PATH_TO_MISP
-cd ${PATH_TO_MISP}/app/files/scripts/lief
-$SUDO_WWW git config core.filemode false
-${SUDO_WWW} mkdir build
-cd build
-${SUDO_WWW} scl enable devtoolset-7 rh-python36 'bash -c "cmake3 \
--DLIEF_PYTHON_API=on \
--DLIEF_DOC=off \
--DCMAKE_INSTALL_PREFIX=$LIEF_INSTALL \
--DCMAKE_BUILD_TYPE=Release \
--DPYTHON_VERSION=3.6 \
--DPYTHON_EXECUTABLE=/var/www/MISP/venv/bin/python \
-.."'
-${SUDO_WWW} make -j3
-sudo make install
-cd api/python/lief_pybind11-prefix/src/lief_pybind11
-${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/python setup.py install
-${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install lief
-
-# install magic, pydeep
-${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -U python-magic
-## pydeep does not compile ):
-## git+https://github.com/kbandla/pydeep.git
-
-# install mixbox to accommodate the new STIX dependencies:
-cd ${PATH_TO_MISP}/app/files/scripts/
-${SUDO_WWW} git clone https://github.com/CybOXProject/mixbox.git
-cd ${PATH_TO_MISP}/app/files/scripts/mixbox
-${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
-
-# install STIX2.0 library to support STIX 2.0 export:
-cd ${PATH_TO_MISP}/cti-python-stix2
-${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
-
-# install PyMISP
-cd ${PATH_TO_MISP}/PyMISP
-${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
-
-# FIXME: Remove libfaup etc once the egg has the library baked-in
-# BROKEN: This needs to be tested on RHEL/CentOS
-##sudo apt-get install cmake libcaca-dev liblua5.3-dev -y
-cd /tmp
-[[ ! -d "faup" ]] && $SUDO_CMD git clone https://github.com/stricaud/faup.git faup
-[[ ! -d "gtcaca" ]] && $SUDO_CMD git clone https://github.com/stricaud/gtcaca.git gtcaca
-sudo chown -R ${MISP_USER}:${MISP_USER} faup gtcaca
-cd gtcaca
-$SUDO_CMD mkdir -p build
-cd build
-$SUDO_CMD cmake .. && $SUDO_CMD make
-sudo make install
-cd ../../faup
-$SUDO_CMD mkdir -p build
-cd build
-$SUDO_CMD cmake .. && $SUDO_CMD make
-sudo make install
-sudo ldconfig
-
-# Enable python3 for php-fpm
-echo 'source scl_source enable rh-python36' | sudo tee -a /etc/opt/rh/rh-php70/sysconfig/php-fpm
-sudo sed -i.org -e 's/^;\(clear_env = no\)/\1/' /etc/opt/rh/rh-php70/php-fpm.d/www.conf
-sudo service rh-php70-php-fpm restart
-
-umask $UMASK
-
-# Enable dependencies detection in the diagnostics page
-# This allows MISP to detect GnuPG, the Python modules' versions and to read the PHP settings.
-echo "env[PATH] =/opt/rh/rh-python36/root/usr/bin:/opt/rh/rh-php70/root/usr/bin:/usr/local/bin:/usr/bin:/bin" |sudo tee -a /etc/opt/rh/rh-php70/php-fpm.d/www.conf
-sudo service rh-php70-php-fpm restart
-```
-
-### 4/ CakePHP
------------
-#### CakePHP is now included as a submodule of MISP and has been fetch by a previous step.
-#### Install CakeResque along with its dependencies if you intend to use the built in background jobs.
-```bash
-sudo chown -R apache:apache ${PATH_TO_MISP}
-sudo mkdir /var/www/.composer/
-sudo chown apache:apache /var/www/.composer/
-cd ${PATH_TO_MISP}/app
-# Update composer.phar (optional)
-#EXPECTED_SIGNATURE="$(wget -q -O - https://composer.github.io/installer.sig)"
-#${SUDO_WWW} $RUN_PHP -- php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
-#${SUDO_WWW} $RUN_PHP -- php -r "if (hash_file('SHA384', 'composer-setup.php') === '$EXPECTED_SIGNATURE') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
-#${SUDO_WWW} $RUN_PHP "php composer-setup.php"
-#${SUDO_WWW} $RUN_PHP -- php -r "unlink('composer-setup.php');"
-${SUDO_WWW} $RUN_PHP "php composer.phar install --no-dev"
-
-sudo yum install php-redis -y
-sudo service rh-php70-php-fpm restart
-
-# If you have not yet set a timezone in php.ini
-echo 'date.timezone = "Europe/Luxembourg"' |sudo tee /etc/opt/rh/rh-php70/php-fpm.d/timezone.ini
-sudo ln -s ../php-fpm.d/timezone.ini /etc/opt/rh/rh-php70/php.d/99-timezone.ini
-
-# Recommended: Change some PHP settings in /etc/opt/rh/rh-php70/php.ini
-# max_execution_time=300
-# memory_limit=2048M
-# upload_max_filesize=50M
-# post_max_size=50M
-for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit
-do
- sudo sed -i "s/^\($key\).*/\1 = $(eval echo \${$key})/" $PHP_INI
-done
-sudo sed -i "s/^\(session.sid_length\).*/\1 = $(eval echo \${session0sid_length})/" $PHP_INI
-sudo sed -i "s/^\(session.use_strict_mode\).*/\1 = $(eval echo \${session0use_strict_mode})/" $PHP_INI
-sudo service rh-php70-php-fpm restart
-# To use the scheduler worker for scheduled tasks, do the following:
-sudo cp -fa ${PATH_TO_MISP}/INSTALL/setup/config.php ${PATH_TO_MISP}/app/Plugin/CakeResque/Config/config.php
-```
-
-### 5/ Set the permissions
-----------------------
-```bash
-# Make sure the permissions are set correctly using the following commands as root:
-sudo chown -R apache:apache ${PATH_TO_MISP}
-sudo find ${PATH_TO_MISP} -type d -exec chmod g=rx {} \;
-sudo chmod -R g+r,o= ${PATH_TO_MISP}
-sudo chmod -R 750 ${PATH_TO_MISP}
-sudo chmod -R g+xws ${PATH_TO_MISP}/app/tmp
-sudo chmod -R g+ws ${PATH_TO_MISP}/app/files
-sudo chmod -R g+ws ${PATH_TO_MISP}/app/files/scripts/tmp
-sudo chmod -R g+rw ${PATH_TO_MISP}/venv
-sudo chmod -R g+rw ${PATH_TO_MISP}/.git
-sudo chown apache:apache ${PATH_TO_MISP}/app/files
-sudo chown apache:apache ${PATH_TO_MISP}/app/files/terms
-sudo chown apache:apache ${PATH_TO_MISP}/app/files/scripts/tmp
-sudo chown apache:apache ${PATH_TO_MISP}/app/Plugin/CakeResque/tmp
-sudo chown -R apache:apache ${PATH_TO_MISP}/app/Config
-sudo chown -R apache:apache ${PATH_TO_MISP}/app/tmp
-sudo chown -R apache:apache ${PATH_TO_MISP}/app/webroot/img/orgs
-sudo chown -R apache:apache ${PATH_TO_MISP}/app/webroot/img/custom
-```
-
-### 6/ Create a database and user
------------------------------
-```bash
-# Enable, start and secure your mysql database server
-sudo chkconfig mysqld on
-sudo service mysqld start
-sudo yum install expect -y
-
-# Add your credentials if needed, if sudo has NOPASS, comment out the relevant lines
-pw="Password1234"
-
-expect -f - <<-EOF
- set timeout 10
-
- spawn sudo mysql_secure_installation
- expect "*?assword*"
- send -- "$pw\r"
- expect "Enter current password for root (enter for none):"
- send -- "\r"
- expect "Set root password?"
- send -- "y\r"
- expect "New password:"
- send -- "${DBPASSWORD_ADMIN}\r"
- expect "Re-enter new password:"
- send -- "${DBPASSWORD_ADMIN}\r"
- expect "Remove anonymous users?"
- send -- "y\r"
- expect "Disallow root login remotely?"
- send -- "y\r"
- expect "Remove test database and access to it?"
- send -- "y\r"
- expect "Reload privilege tables now?"
- send -- "y\r"
- expect eof
-EOF
-
-sudo yum remove tcl expect -y
-
-# Additionally, it is probably a good idea to make the database server listen on localhost only
-echo [mysqld] |sudo tee /etc/my.cnf.d/bind-address.cnf
-echo bind-address=127.0.0.1 |sudo tee -a /etc/my.cnf.d/bind-address.cnf
-sudo service mysqld restart
-```
-
-
-#### Manual procedure:
-```bash
-# Enter the mysql shell
-mysql -u root -p
-```
-
-```
-mysql> create database misp;
-mysql> grant usage on *.* to misp@localhost identified by 'XXXXXXXXX';
-mysql> grant all privileges on misp.* to misp@localhost ;
-mysql> exit
-```
-
-#### Same as Manual but for copy/paste foo:
-```bash
-sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "create database $DBNAME;"
-sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant usage on *.* to $DBNAME@localhost identified by '$DBPASSWORD_MISP';"
-sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant all privileges on $DBNAME.* to '$DBUSER_MISP'@'localhost';"
-sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
-```
-
-#### Import the empty MySQL database from MYSQL.sql
-```bash
-${SUDO_WWW} cat ${PATH_TO_MISP}/INSTALL/MYSQL.sql | mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME
-```
-
-
-### 7/ Apache configuration
------------------------
-
-!!! notice
- SELinux note, to check if it is running:
- ```bash
- $ sestatus
- SELinux status: disabled
- ```
- If it is disabled, you can ignore the **chcon/setsebool/semanage/checkmodule/semodule*** commands.
-
-```bash
-# Now configure your apache server with the DocumentRoot ${PATH_TO_MISP}/app/webroot/
-# A sample vhost can be found in ${PATH_TO_MISP}/INSTALL/old/apache.misp.centos6
-
-sudo cp ${PATH_TO_MISP}/INSTALL/old/apache.misp.centos6 /etc/httpd/conf.d/misp.conf
-
-# Allow httpd to connect to the redis server and php-fpm over tcp/ip
-sudo setsebool -P httpd_can_network_connect on
-
-# Enable and start the httpd service
-sudo chkconfig httpd on
-sudo service httpd start
-
-# Open a hole in the iptables firewall
-sudo iptables -I INPUT 5 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
-sudo service iptables save
-
-# We seriously recommend using only HTTPS / SSL !
-# Add SSL support by running: yum install mod_ssl
-# Check out the apache.misp.ssl file for an example
-```
-
-
-```bash
-# If a valid SSL certificate is not already created for the server, create a self-signed certificate:
-sudo openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
--subj "/C=${OPENSSL_C}/ST=${OPENSSL_ST}/L=${OPENSSL_L}/O=${OPENSSL_O}/OU=${OPENSSL_OU}/CN=${OPENSSL_CN}/emailAddress=${OPENSSL_EMAILADDRESS}" \
--keyout /etc/ssl/private/misp.local.key -out /etc/ssl/private/misp.local.crt
-```
-
-
-### 8/ Log rotation
----------------
-```bash
-# MISP saves the stdout and stderr of its workers in ${PATH_TO_MISP}/app/tmp/logs
-# To rotate these logs install the supplied logrotate script:
-
-sudo cp ${PATH_TO_MISP}/INSTALL/misp.logrotate /etc/logrotate.d/misp
-sudo chmod 0640 /etc/logrotate.d/misp
-
-# Now make logrotate work under SELinux as well
-# Allow logrotate to modify the log files
-sudo semanage fcontext -a -t httpd_log_t "${PATH_TO_MISP}/app/tmp/logs(/.*)?"
-sudo chcon -R -t httpd_log_t ${PATH_TO_MISP}/app/tmp/logs
-sudo chcon -R -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/tmp/logs
-
-# Allow logrotate to read /var/www
-sudo checkmodule -M -m -o /tmp/misplogrotate.mod ${PATH_TO_MISP}/INSTALL/misplogrotate.te
-sudo semodule_package -o /tmp/misplogrotate.pp -m /tmp/misplogrotate.mod
-sudo semodule -i /tmp/misplogrotate.pp
-```
-
-### 9/ MISP configuration
----------------------
-```bash
-# There are 4 sample configuration files in ${PATH_TO_MISP}/app/Config that need to be copied
-${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/bootstrap.default.php ${PATH_TO_MISP}/app/Config/bootstrap.php
-${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/database.default.php ${PATH_TO_MISP}/app/Config/database.php
-${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/core.default.php ${PATH_TO_MISP}/app/Config/core.php
-${SUDO_WWW} cp -a ${PATH_TO_MISP}/app/Config/config.default.php ${PATH_TO_MISP}/app/Config/config.php
-
-echo " 'Database/Mysql',
- //'datasource' => 'Database/Postgres',
- 'persistent' => false,
- 'host' => '$DBHOST',
- 'login' => '$DBUSER_MISP',
- 'port' => 3306, // MySQL & MariaDB
- //'port' => 5432, // PostgreSQL
- 'password' => '$DBPASSWORD_MISP',
- 'database' => '$DBNAME',
- 'prefix' => '',
- 'encoding' => 'utf8',
- );
-}" | ${SUDO_WWW} tee ${PATH_TO_MISP}/app/Config/database.php
-
-# Configure the fields in the newly created files:
-# config.php : baseurl (example: 'baseurl' => 'http://misp',) - don't use "localhost" it causes issues when browsing externally
-# core.php : Uncomment and set the timezone: `// date_default_timezone_set('UTC');`
-# database.php : login, port, password, database
-# DATABASE_CONFIG has to be filled
-# With the default values provided in section 6, this would look like:
-# class DATABASE_CONFIG {
-# public $default = array(
-# 'datasource' => 'Database/Mysql',
-# 'persistent' => false,
-# 'host' => 'localhost',
-# 'login' => 'misp', // grant usage on *.* to misp@localhost
-# 'port' => 3306,
-# 'password' => 'XXXXdbpasswordhereXXXXX', // identified by 'XXXXdbpasswordhereXXXXX';
-# 'database' => 'misp', // create database misp;
-# 'prefix' => '',
-# 'encoding' => 'utf8',
-# );
-#}
-
-# Important! Change the salt key in ${PATH_TO_MISP}/app/Config/config.php
-# The admin user account will be generated on the first login, make sure that the salt is changed before you create that user
-# If you forget to do this step, and you are still dealing with a fresh installation, just alter the salt,
-# delete the user from mysql and log in again using the default admin credentials (admin@admin.test / admin)
-
-# If you want to be able to change configuration parameters from the webinterface:
-sudo chown apache:apache ${PATH_TO_MISP}/app/Config/config.php
-sudo chcon -t httpd_sys_rw_content_t ${PATH_TO_MISP}/app/Config/config.php
-
-# Generate a GPG encryption key.
-cat >/tmp/gen-key-script < /tmp/worker_start_rc.local.log\n' /etc/rc.local
-# Make sure it will execute
-sudo chmod +x /etc/rc.local
-
-echo "Admin (root) DB Password: $DBPASSWORD_ADMIN"
-echo "User (misp) DB Password: $DBPASSWORD_MISP"
-```
-
-```
-# some misp-modules dependencies
-sudo yum install -y openjpeg-devel
-
-sudo chmod 2777 /usr/local/src
-sudo chown root:users /usr/local/src
-cd /usr/local/src/
-${SUDO_WWW} git clone https://github.com/MISP/misp-modules.git
-cd misp-modules
-# pip install
-${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install -I -r REQUIREMENTS
-# The following fails
-${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install .
-sudo yum install rubygem-rouge rubygem-asciidoctor -y
-##sudo gem install asciidoctor-pdf --pre
-
-# install additional dependencies for extended object generation and extraction
-${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install maec python-magic pathlib
-${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/pip install git+https://github.com/kbandla/pydeep.git
-
-# Start misp-modules
-${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/misp-modules -l 0.0.0.0 -s &
-
-# TODO: Fix static path with PATH_TO_MISP
-sudo sed -i -e '$i \sudo -u apache /var/www/MISP/venv/bin/misp-modules -l 127.0.0.1 -s &\n' /etc/rc.local
-```
-
-{!generic/misp-dashboard-centos.md!}
-
-{!generic/MISP_CAKE_init.md!}
-
-{!generic/INSTALL.done.md!}
-
-{!generic/recommended.actions.md!}
-
-{!generic/hardening.md!}
diff --git a/docs/generic/INSTALL.done.md b/docs/generic/INSTALL.done.md
index 500dc6810..94887d297 100644
--- a/docs/generic/INSTALL.done.md
+++ b/docs/generic/INSTALL.done.md
@@ -3,7 +3,7 @@
```bash
sudo -H -u www-data $CAKE Admin setSetting "MISP.python_bin" "${PATH_TO_MISP}/venv/bin/python"
```
- or on CentOS
+ or on Rocky Linux
```bash
sudo -u apache $RUN_PHP "$CAKE Admin setSetting "MISP.python_bin" "${PATH_TO_MISP}/venv/bin/python""
```
diff --git a/docs/generic/MISP_CAKE_init.md b/docs/generic/MISP_CAKE_init.md
index cecf4fe65..06d1275bc 100644
--- a/docs/generic/MISP_CAKE_init.md
+++ b/docs/generic/MISP_CAKE_init.md
@@ -2,7 +2,7 @@
```bash
#
# Core cake commands to tweak MISP and aleviate some of the configuration pains
-# The ${RUN_PHP} is ONLY set on RHEL/CentOS installs and can thus be ignored
+# The ${RUN_PHP} is ONLY set on RHEL installs and can thus be ignored
# This file is NOT an excuse to NOT read the settings and familiarize ourselves with them ;)
coreCAKE () {
diff --git a/docs/generic/hardening.md b/docs/generic/hardening.md
index cc8c70f51..9f14007e1 100644
--- a/docs/generic/hardening.md
+++ b/docs/generic/hardening.md
@@ -60,4 +60,6 @@ index f9f69d4..2e8fd78 100644
[CentOS Hardening](https://wiki.centos.org/HowTos/OS_Protection)
+[Apache Hardened Webserver](https://docs.rockylinux.org/sv/guides/web/apache_hardened_webserver/)
+
[Some Linux hardening tips](https://www.cyberciti.biz/tips/linux-security.html)
diff --git a/docs/generic/misp-dashboard-centos.md b/docs/generic/misp-dashboard-rhel.md
similarity index 98%
rename from docs/generic/misp-dashboard-centos.md
rename to docs/generic/misp-dashboard-rhel.md
index c985b57c1..84fad9b3f 100644
--- a/docs/generic/misp-dashboard-centos.md
+++ b/docs/generic/misp-dashboard-rhel.md
@@ -1,4 +1,4 @@
-#### MISP Dashboard on CentOS
+#### MISP Dashboard on Rocky Linux
--------------
!!! warning
diff --git a/docs/generic/misp-modules-centos.md b/docs/generic/misp-modules-rhel.md
similarity index 94%
rename from docs/generic/misp-modules-centos.md
rename to docs/generic/misp-modules-rhel.md
index 5ce3bef0a..fb3f8c727 100644
--- a/docs/generic/misp-modules-centos.md
+++ b/docs/generic/misp-modules-rhel.md
@@ -21,7 +21,7 @@ mispmodulesRHEL () {
# some misp-modules dependencies for RHEL<8
([[ "${DISTRI}" == "fedora33" ]] || [[ "${DIST_VER}" =~ ^[7].* ]]) && sudo dnf install rubygem-rouge rubygem-asciidoctor zbar-devel opencv-devel -y
# some misp-modules dependencies for RHEL8
- [[ "${DIST_VER}" =~ ^[8].* ]] && sudo dnf install https://packages.endpointdev.com/rhel/8/os/x86_64/endpoint-repo.x86_64.rpm -y && sudo dnf install zbar-devel opencv-devel -y
+ [[ "${DIST_VER}" =~ ^[8].* ]] && sudo dnf install https://packages.endpointdev.com/rhel/8/main/x86_64/endpoint-repo.noarch.rpm -y && sudo dnf install zbar-devel opencv-devel -y
echo "[Unit]
Description=MISP modules
diff --git a/docs/xINSTALL.centos7.md b/docs/xINSTALL.centos7.md
index 1ba12d04c..71d01e143 100644
--- a/docs/xINSTALL.centos7.md
+++ b/docs/xINSTALL.centos7.md
@@ -597,7 +597,7 @@ ${SUDO_WWW} ${PATH_TO_MISP}/venv/bin/misp-modules -l 0.0.0.0 -s &
sudo sed -i -e '$i \sudo -u apache ${PATH_TO_MISP}/venv/bin/misp-modules -l 127.0.0.1 -s &\n' /etc/rc.local
```
-{!generic/misp-dashboard-centos.md!}
+{!generic/misp-dashboard-rhel.md!}
{!generic/misp-dashboard-cake.md!}
diff --git a/mkdocs.yml b/mkdocs.yml
index 7cb3686a2..21d9adde4 100644
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -14,7 +14,7 @@ edit_uri: ""
#dev_addr: "192.168.10.34:8000"
# Copyright
-copyright: "Copyright © 2021 MISP Project"
+copyright: "Copyright © 2022 MISP Project"
# Options
extra:
@@ -84,12 +84,10 @@ nav:
- 'S/MIME': 'CONFIG.SMIME.md'
- Update MISP: 'UPDATE.md'
- Upgrading MISP: 'UPGRADE.md'
+ - Migrating BG Jobs: 'background-jobs-migration-guide.md'
- Old guides:
- - '2.3 to 2.4 upgrade': 'archive/old-2_3to2_4-UPGRADE.md'
- 'Ubuntu 18.04 \w webmin': 'archive/xINSTALL.ubuntu1804.with.webmin.md'
- - 'Ubuntu 16.04': 'archive/INSTALL.ubuntu1604.md'
- 'Debian 9': 'archive/xINSTALL.debian9.md'
- - 'Centos 6': 'archive/xINSTALL.centos6.md'
- 'FreeBSD': 'archive/xINSTALL.FreeBSD.md'
- About:
- 'MISP Release Notes': 'Changelog.md'