chg: [doc] Initial Install working. Todo: Virtualenv everything.

2018-11-05 10:34:06 +09:00 · 2018-11-05 10:34:06 +09:00 · b736823e1a
parent 088d9f5551
commit b736823e1a
1 changed files with 28 additions and 23 deletions
--- a/INSTALL/xINSTALL.tsurugi.txt
+++ b/INSTALL/xINSTALL.tsurugi.txt
@ -14,18 +14,19 @@
 # /!\ Please read the installer script before randomly doing the above.
 # The script is tested on a plain vanilla Tsurugi Linux Boot CD and installs quite a few dependencies.

-MISP_USER='tsurugi'
+MISP_USER='misp'
 MISP_PASSWORD='Password1234'

 function tsurugiOnRootR0ckz() {
  if [[ $EUID -ne 0 ]]; then
   echo "This script must be run as root"
   exit 1
-  elif [[ $(id misp >/dev/null; echo $?) -ne 0 ]]; then
-    useradd -s /bin/bash -m -G adm,cdrom,sudo,dip,plugdev,www-data misp
+  elif [[ $(id $MISP_USER >/dev/null; echo $?) -ne 0 ]]; then
+    useradd -s /bin/bash -m -G adm,cdrom,sudo,dip,plugdev,www-data $MISP_USER
    echo $MISP_USER:$MISP_PASSWORD | chpasswd
  else
    echo "User ${MISP_USER} exists, skipping creation"
+    adduser $MISP_USER www-data
  fi
 }

@ -74,8 +75,8 @@ function installMISPonTsurugi() {
  export DEBIAN_FRONTEND=noninteractive

  # sudo config to run $LUSER commands
-  SUDO="sudo -u ${MISP_USER}"
-  SUDO_WWW="sudo -u www-data"
+  SUDO="sudo -H -u ${MISP_USER}"
+  SUDO_WWW="sudo -H -u www-data"

  echo "Admin (${DBUSER_ADMIN}) DB Password: ${DBPASSWORD_ADMIN}"
  echo "User  (${DBUSER_MISP}) DB Password: ${DBPASSWORD_MISP}"
@ -97,20 +98,18 @@ function installMISPonTsurugi() {
  apt install -qy postfix

  apt install -qy \
-  curl gcc git gnupg-agent make openssl redis-server neovim zip libyara-dev python3-yara python3-redis python3-zmq \
+  curl gcc git gnupg-agent make openssl redis-server zip libyara-dev python3-yara python3-redis python3-zmq \
  mariadb-client \
  mariadb-server \
  apache2 apache2-doc apache2-utils \
-  libapache2-mod-php7.2 php7.2 php7.2-cli  php7.2-mbstring php-pear php7.2-dev php7.2-json php7.2-xml php7.2-mysql php7.2-opcache php7.2-readline \
+  libapache2-mod-php7.0 php7.0 php7.0-cli  php7.0-mbstring php-pear php7.0-dev php7.0-json php7.0-xml php7.0-mysql php7.0-opcache php7.0-readline \
  python3-dev python3-pip libpq5 libjpeg-dev libfuzzy-dev ruby asciidoctor \
  libxml2-dev libxslt1-dev zlib1g-dev python3-setuptools expect

-  modprobe tpm-rng
-  echo tpm-rng >> /etc/modules
-  apt install -qy rng-tools # This might fail on TPM grounds, enable the security chip in your BIOS
-  service rng-tools start
+  apt install -qy haveged
+  systemctl restart haveged

-  systemctl restart mariadb.service
+  systemctl restart mysql.service

  a2dismod status
  a2enmod ssl rewrite headers
@ -123,12 +122,13 @@ function installMISPonTsurugi() {

  yes '' |pecl install redis

-  echo "extension=redis.so" | tee /etc/php/7.2/mods-available/redis.ini
+  echo "extension=redis.so" | tee /etc/php/7.0/mods-available/redis.ini

  phpenmod redis

-  update-alternatives --install /usr/bin/python python /usr/bin/python2.7 1
-  update-alternatives --install /usr/bin/python python /usr/bin/python3.6 2
+  # You can make Python 3 default, if you wish to.
+  #update-alternatives --install /usr/bin/python python /usr/bin/python2.7 1
+  #update-alternatives --install /usr/bin/python python /usr/bin/python3.5 2

  mkdir $PATH_TO_MISP
  chown www-data:www-data $PATH_TO_MISP
@ -140,10 +140,10 @@ function installMISPonTsurugi() {
  cd $PATH_TO_MISP/app/files/scripts
  $SUDO_WWW git clone https://github.com/CybOXProject/python-cybox.git
  $SUDO_WWW git clone https://github.com/STIXProject/python-stix.git
-  cd $PATH_TO_MISP/app/files/scripts/python-cybox
-  pip3 install .
  cd $PATH_TO_MISP/app/files/scripts/python-stix
  pip3 install .
+  cd $PATH_TO_MISP/app/files/scripts/python-cybox
+  pip3 install .

  cd $PATH_TO_MISP/app/files/scripts/
  $SUDO_WWW git clone https://github.com/CybOXProject/mixbox.git
@ -156,6 +156,7 @@ function installMISPonTsurugi() {
  $SUDO_WWW git submodule foreach --recursive git config core.filemode false

  # install PyMISP
+  pip3 install enum34
  cd $PATH_TO_MISP/PyMISP
  pip3 install .

@ -317,13 +318,10 @@ function installMISPonTsurugi() {
         inactivity-timeout=0 \
         deadlock-timeout=60 \
         graceful-timeout=15 \
-         eviction-timeout=0 \
         shutdown-timeout=5 \
         send-buffer-size=0 \
         receive-buffer-size=0 \
-         header-buffer-size=0 \
-         response-buffer-size=0 \
-         server-metrics=Off
+         header-buffer-size=0

      WSGIScriptAlias / /var/www/misp-dashboard/misp-dashboard.wsgi

@ -363,9 +361,9 @@ function installMISPonTsurugi() {
  $CAKE Baseurl $MISP_BASEURL

  echo "%echo Generating a default key
-      Key-Type: default
+      Key-Type: 1
      Key-Length: $GPG_KEY_LENGTH
-      Subkey-Type: default
+      Subkey-Type: 1
      Name-Real: $GPG_REAL_NAME
      Name-Comment: $GPG_COMMENT
      Name-Email: $GPG_EMAIL_ADDRESS
@ -501,6 +499,13 @@ function installMISPonTsurugi() {
  cd /usr/local/src/
  git clone https://github.com/MISP/misp-modules.git
  cd misp-modules
+  cp -p /etc/lsb_release /etc/lsb_release.tmp
+  sudo sed -i 's/TSURUGI/Ubuntu/g' /etc/lsb_release
+  sudo sed -i 's/bamboo/xenial/g' /etc/lsb_release
+  sudo add-apt-repository ppa:jonathonf/python-3.6
+  sudo apt-get update
+  sudo apt-get install python3.6
+  mv /etc/lsb_release.tmp /etc/lsb_release
  # pip3 install
  pip3 install -I -r REQUIREMENTS
  pip3 install -I .