chg: [doc] Initial Install working. Todo: Virtualenv everything.

pull/3843/head
Steve Clement 2018-11-05 10:34:06 +09:00
parent 088d9f5551
commit b736823e1a
1 changed files with 28 additions and 23 deletions

View File

@ -14,18 +14,19 @@
# /!\ Please read the installer script before randomly doing the above.
# The script is tested on a plain vanilla Tsurugi Linux Boot CD and installs quite a few dependencies.
MISP_USER='tsurugi'
MISP_USER='misp'
MISP_PASSWORD='Password1234'
function tsurugiOnRootR0ckz() {
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root"
exit 1
elif [[ $(id misp >/dev/null; echo $?) -ne 0 ]]; then
useradd -s /bin/bash -m -G adm,cdrom,sudo,dip,plugdev,www-data misp
elif [[ $(id $MISP_USER >/dev/null; echo $?) -ne 0 ]]; then
useradd -s /bin/bash -m -G adm,cdrom,sudo,dip,plugdev,www-data $MISP_USER
echo $MISP_USER:$MISP_PASSWORD | chpasswd
else
echo "User ${MISP_USER} exists, skipping creation"
adduser $MISP_USER www-data
fi
}
@ -74,8 +75,8 @@ function installMISPonTsurugi() {
export DEBIAN_FRONTEND=noninteractive
# sudo config to run $LUSER commands
SUDO="sudo -u ${MISP_USER}"
SUDO_WWW="sudo -u www-data"
SUDO="sudo -H -u ${MISP_USER}"
SUDO_WWW="sudo -H -u www-data"
echo "Admin (${DBUSER_ADMIN}) DB Password: ${DBPASSWORD_ADMIN}"
echo "User (${DBUSER_MISP}) DB Password: ${DBPASSWORD_MISP}"
@ -97,20 +98,18 @@ function installMISPonTsurugi() {
apt install -qy postfix
apt install -qy \
curl gcc git gnupg-agent make openssl redis-server neovim zip libyara-dev python3-yara python3-redis python3-zmq \
curl gcc git gnupg-agent make openssl redis-server zip libyara-dev python3-yara python3-redis python3-zmq \
mariadb-client \
mariadb-server \
apache2 apache2-doc apache2-utils \
libapache2-mod-php7.2 php7.2 php7.2-cli php7.2-mbstring php-pear php7.2-dev php7.2-json php7.2-xml php7.2-mysql php7.2-opcache php7.2-readline \
libapache2-mod-php7.0 php7.0 php7.0-cli php7.0-mbstring php-pear php7.0-dev php7.0-json php7.0-xml php7.0-mysql php7.0-opcache php7.0-readline \
python3-dev python3-pip libpq5 libjpeg-dev libfuzzy-dev ruby asciidoctor \
libxml2-dev libxslt1-dev zlib1g-dev python3-setuptools expect
modprobe tpm-rng
echo tpm-rng >> /etc/modules
apt install -qy rng-tools # This might fail on TPM grounds, enable the security chip in your BIOS
service rng-tools start
apt install -qy haveged
systemctl restart haveged
systemctl restart mariadb.service
systemctl restart mysql.service
a2dismod status
a2enmod ssl rewrite headers
@ -123,12 +122,13 @@ function installMISPonTsurugi() {
yes '' |pecl install redis
echo "extension=redis.so" | tee /etc/php/7.2/mods-available/redis.ini
echo "extension=redis.so" | tee /etc/php/7.0/mods-available/redis.ini
phpenmod redis
update-alternatives --install /usr/bin/python python /usr/bin/python2.7 1
update-alternatives --install /usr/bin/python python /usr/bin/python3.6 2
# You can make Python 3 default, if you wish to.
#update-alternatives --install /usr/bin/python python /usr/bin/python2.7 1
#update-alternatives --install /usr/bin/python python /usr/bin/python3.5 2
mkdir $PATH_TO_MISP
chown www-data:www-data $PATH_TO_MISP
@ -140,10 +140,10 @@ function installMISPonTsurugi() {
cd $PATH_TO_MISP/app/files/scripts
$SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
$SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
cd $PATH_TO_MISP/app/files/scripts/python-cybox
pip3 install .
cd $PATH_TO_MISP/app/files/scripts/python-stix
pip3 install .
cd $PATH_TO_MISP/app/files/scripts/python-cybox
pip3 install .
cd $PATH_TO_MISP/app/files/scripts/
$SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
@ -156,6 +156,7 @@ function installMISPonTsurugi() {
$SUDO_WWW git submodule foreach --recursive git config core.filemode false
# install PyMISP
pip3 install enum34
cd $PATH_TO_MISP/PyMISP
pip3 install .
@ -317,13 +318,10 @@ function installMISPonTsurugi() {
inactivity-timeout=0 \
deadlock-timeout=60 \
graceful-timeout=15 \
eviction-timeout=0 \
shutdown-timeout=5 \
send-buffer-size=0 \
receive-buffer-size=0 \
header-buffer-size=0 \
response-buffer-size=0 \
server-metrics=Off
header-buffer-size=0
WSGIScriptAlias / /var/www/misp-dashboard/misp-dashboard.wsgi
@ -363,9 +361,9 @@ function installMISPonTsurugi() {
$CAKE Baseurl $MISP_BASEURL
echo "%echo Generating a default key
Key-Type: default
Key-Type: 1
Key-Length: $GPG_KEY_LENGTH
Subkey-Type: default
Subkey-Type: 1
Name-Real: $GPG_REAL_NAME
Name-Comment: $GPG_COMMENT
Name-Email: $GPG_EMAIL_ADDRESS
@ -501,6 +499,13 @@ function installMISPonTsurugi() {
cd /usr/local/src/
git clone https://github.com/MISP/misp-modules.git
cd misp-modules
cp -p /etc/lsb_release /etc/lsb_release.tmp
sudo sed -i 's/TSURUGI/Ubuntu/g' /etc/lsb_release
sudo sed -i 's/bamboo/xenial/g' /etc/lsb_release
sudo add-apt-repository ppa:jonathonf/python-3.6
sudo apt-get update
sudo apt-get install python3.6
mv /etc/lsb_release.tmp /etc/lsb_release
# pip3 install
pip3 install -I -r REQUIREMENTS
pip3 install -I .