mirror of https://github.com/MISP/MISP
chg: [doc] Finally got rid of the RHELL/CentOS specific Cake commands (_yay_)
parent
d27c88fb13
commit
c10eaf81c8
|
@ -737,6 +737,16 @@ sudo systemctl enable --now misp-modules
|
|||
#$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_asn_history_enabled" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_cve_enabled" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_dns_enabled" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_btc_steroids_enabled" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_ipasn_enabled" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_yara_syntax_validator_enabled" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_yara_query_enabled" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_pdf_enabled" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_docx_enabled" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_xlsx_enabled" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_pptx_enabled" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_ods_enabled" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_odt_enabled" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_services_url" "http://127.0.0.1"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Enrichment_services_port" 6666
|
||||
|
||||
|
@ -746,6 +756,9 @@ sudo systemctl enable --now misp-modules
|
|||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_services_port" 6666
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_timeout" 300
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_ocr_enabled" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_mispjson_enabled" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_openiocimport_enabled" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_threatanalyzer_import_enabled" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Import_csvimport_enabled" true
|
||||
|
||||
# Enable Export modules, set better timeout
|
||||
|
@ -754,12 +767,11 @@ sudo systemctl enable --now misp-modules
|
|||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Export_services_port" 6666
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Export_timeout" 300
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Export_pdfexport_enabled" true
|
||||
|
||||
```
|
||||
|
||||
{!generic/misp-dashboard-centos.md!}
|
||||
|
||||
{!generic/MISP_CAKE_init_centos.md!}
|
||||
{!generic/MISP_CAKE_init.md!}
|
||||
|
||||
{!generic/INSTALL.done.md!}
|
||||
|
||||
|
|
|
@ -1,143 +1,151 @@
|
|||
#### Initialize MISP configuration and set some defaults
|
||||
```bash
|
||||
# <snippet-begin 2_core-cake.sh>
|
||||
# Core cake commands
|
||||
# Core cake commands to tweak MISP and aleviate some of the configuration pains
|
||||
# The $RUN_PHP is ONLY set on RHEL/CentOS installs and can thus be ignored
|
||||
# This file is NOT an excuse to NOT read the settings and familiarize ourselves with them ;)
|
||||
|
||||
coreCAKE () {
|
||||
debug "Running core Cake commands to set sane defaults for ${LBLUE}MISP${NC}"
|
||||
$SUDO_WWW $CAKE userInit -q
|
||||
|
||||
# IF you have logged in prior to running this, it will fail but the fail is NON-blocking
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE userInit -q
|
||||
|
||||
# This makes sure all Database upgrades are done, without logging in.
|
||||
$SUDO_WWW $CAKE Admin updateDatabase
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin updateDatabase
|
||||
|
||||
# Setup some more MISP default via cake CLI
|
||||
|
||||
# The default install is Python in a virtualenv, setting accordingly
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.python_bin" "${PATH_TO_MISP}/venv/bin/python"
|
||||
# The default install is Python >=3.6 in a virtualenv, setting accordingly
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.python_bin" "${PATH_TO_MISP}/venv/bin/python"
|
||||
|
||||
# Tune global time outs
|
||||
$SUDO_WWW $CAKE Admin setSetting "Session.autoRegenerate" 0
|
||||
$SUDO_WWW $CAKE Admin setSetting "Session.timeout" 600
|
||||
$SUDO_WWW $CAKE Admin setSetting "Session.cookieTimeout" 3600
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Session.autoRegenerate" 0
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Session.timeout" 600
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Session.cookieTimeout" 3600
|
||||
|
||||
# Change base url, either with this CLI command or in the UI
|
||||
$SUDO_WWW $CAKE Baseurl $MISP_BASEURL
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Baseurl $MISP_BASEURL
|
||||
# example: 'baseurl' => 'https://<your.FQDN.here>',
|
||||
# alternatively, you can leave this field empty if you would like to use relative pathing in MISP
|
||||
# 'baseurl' => '',
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.external_baseurl" $MISP_BASEURL
|
||||
# The base url of the application (in the format https://www.mymispinstance.com) as visible externally/by other MISPs.
|
||||
# MISP will encode this URL in sharing groups when including itself. If this value is not set, the baseurl is used as a fallback.
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.external_baseurl" $MISP_BASEURL
|
||||
|
||||
# Enable GnuPG
|
||||
$SUDO_WWW $CAKE Admin setSetting "GnuPG.email" "$GPG_EMAIL_ADDRESS"
|
||||
$SUDO_WWW $CAKE Admin setSetting "GnuPG.homedir" "$PATH_TO_MISP/.gnupg"
|
||||
$SUDO_WWW $CAKE Admin setSetting "GnuPG.password" "$GPG_PASSPHRASE"
|
||||
$SUDO_WWW $CAKE Admin setSetting "GnuPG.binary" "$(which gpg)"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "GnuPG.email" "$GPG_EMAIL_ADDRESS"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "GnuPG.homedir" "$PATH_TO_MISP/.gnupg"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "GnuPG.password" "$GPG_PASSPHRASE"
|
||||
# FIXME: what if we have not gpg binary but a gpg2 one?
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "GnuPG.binary" "$(which gpg)"
|
||||
|
||||
# Enable installer org and tune some configurables
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.host_org_id" 1
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.email" "info@admin.test"
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.disable_emailing" true
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.contact" "info@admin.test"
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.disablerestalert" true
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.showCorrelationsOnIndex" true
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.default_event_tag_collection" 0
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.host_org_id" 1
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.email" "info@admin.test"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.disable_emailing" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.contact" "info@admin.test"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.disablerestalert" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.showCorrelationsOnIndex" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.default_event_tag_collection" 0
|
||||
|
||||
# Provisional Cortex tunes
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_services_enable" false
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_services_url" "http://127.0.0.1"
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_services_port" 9000
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_timeout" 120
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_authkey" ""
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_ssl_verify_peer" false
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_ssl_verify_host" false
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.Cortex_ssl_allow_self_signed" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_services_enable" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_services_url" "http://127.0.0.1"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_services_port" 9000
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_timeout" 120
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_authkey" ""
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_ssl_verify_peer" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_ssl_verify_host" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_ssl_allow_self_signed" true
|
||||
|
||||
# Various plugin sightings settings
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.Sightings_policy" 0
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.Sightings_anonymise" false
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.Sightings_range" 365
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_policy" 0
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_anonymise" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_range" 365
|
||||
|
||||
# Plugin CustomAuth tuneable
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.CustomAuth_disable_logout" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.CustomAuth_disable_logout" false
|
||||
|
||||
# RPZ Plugin settings
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_policy" "DROP"
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_walled_garden" "127.0.0.1"
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_serial" "\$date00"
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_refresh" "2h"
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_retry" "30m"
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_expiry" "30d"
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_minimum_ttl" "1h"
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_ttl" "1w"
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_ns" "localhost."
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_ns_alt" ""
|
||||
$SUDO_WWW $CAKE Admin setSetting "Plugin.RPZ_email" "root.localhost"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_policy" "DROP"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_walled_garden" "127.0.0.1"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_serial" "\$date00"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_refresh" "2h"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_retry" "30m"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_expiry" "30d"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_minimum_ttl" "1h"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_ttl" "1w"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_ns" "localhost."
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_ns_alt" ""
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_email" "root.localhost"
|
||||
|
||||
# Force defaults to make MISP Server Settings less RED
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.language" "eng"
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.proposals_block_attributes" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.language" "eng"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.proposals_block_attributes" false
|
||||
|
||||
# Redis block
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.redis_host" "127.0.0.1"
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.redis_port" 6379
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.redis_database" 13
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.redis_password" ""
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.redis_host" "127.0.0.1"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.redis_port" 6379
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.redis_database" 13
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.redis_password" ""
|
||||
|
||||
# Force defaults to make MISP Server Settings less YELLOW
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.ssdeep_correlation_threshold" 40
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.extended_alert_subject" false
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.default_event_threat_level" 4
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.newUserText" "Dear new MISP user,\\n\\nWe would hereby like to welcome you to the \$org MISP community.\\n\\n Use the credentials below to log into MISP at \$misp, where you will be prompted to manually change your password to something of your own choice.\\n\\nUsername: \$username\\nPassword: \$password\\n\\nIf you have any questions, don't hesitate to contact us at: \$contact.\\n\\nBest regards,\\nYour \$org MISP support team"
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.passwordResetText" "Dear MISP user,\\n\\nA password reset has been triggered for your account. Use the below provided temporary password to log into MISP at \$misp, where you will be prompted to manually change your password to something of your own choice.\\n\\nUsername: \$username\\nYour temporary password: \$password\\n\\nIf you have any questions, don't hesitate to contact us at: \$contact.\\n\\nBest regards,\\nYour \$org MISP support team"
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.enableEventBlacklisting" true
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.enableOrgBlacklisting" true
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.log_client_ip" false
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.log_auth" false
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.disableUserSelfManagement" false
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.block_event_alert" false
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.block_event_alert_tag" "no-alerts=\"true\""
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.block_old_event_alert" false
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.block_old_event_alert_age" ""
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.incoming_tags_disabled_by_default" false
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.maintenance_message" "Great things are happening! MISP is undergoing maintenance, but will return shortly. You can contact the administration at \$email."
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.footermidleft" "This is an initial install"
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.footermidright" "Please configure and harden accordingly"
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.welcome_text_top" "Initial Install, please configure"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.ssdeep_correlation_threshold" 40
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.extended_alert_subject" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.default_event_threat_level" 4
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.newUserText" "Dear new MISP user,\\n\\nWe would hereby like to welcome you to the \$org MISP community.\\n\\n Use the credentials below to log into MISP at \$misp, where you will be prompted to manually change your password to something of your own choice.\\n\\nUsername: \$username\\nPassword: \$password\\n\\nIf you have any questions, don't hesitate to contact us at: \$contact.\\n\\nBest regards,\\nYour \$org MISP support team"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.passwordResetText" "Dear MISP user,\\n\\nA password reset has been triggered for your account. Use the below provided temporary password to log into MISP at \$misp, where you will be prompted to manually change your password to something of your own choice.\\n\\nUsername: \$username\\nYour temporary password: \$password\\n\\nIf you have any questions, don't hesitate to contact us at: \$contact.\\n\\nBest regards,\\nYour \$org MISP support team"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.enableEventBlacklisting" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.enableOrgBlacklisting" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.log_client_ip" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.log_auth" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.disableUserSelfManagement" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.block_event_alert" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.block_event_alert_tag" "no-alerts=\"true\""
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.block_old_event_alert" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.block_old_event_alert_age" ""
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.incoming_tags_disabled_by_default" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.maintenance_message" "Great things are happening! MISP is undergoing maintenance, but will return shortly. You can contact the administration at \$email."
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.footermidleft" "This is an initial install"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.footermidright" "Please configure and harden accordingly"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.welcome_text_top" "Initial Install, please configure"
|
||||
# TODO: Make sure $FLAVOUR is correct
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.welcome_text_bottom" "Welcome to MISP on $FLAVOUR, change this message in MISP Settings"
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.attachments_dir" "$PATH_TO_MISP/app/files"
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.download_attachments_on_load" true
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.title_text" "MISP"
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.terms_download" false
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.showorgalternate" false
|
||||
$SUDO_WWW $CAKE Admin setSetting "MISP.event_view_filter_fields" "id, uuid, value, comment, type, category, Tag.name"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.welcome_text_bottom" "Welcome to MISP on $FLAVOUR, change this message in MISP Settings"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.attachments_dir" "$PATH_TO_MISP/app/files"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.download_attachments_on_load" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.title_text" "MISP"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.terms_download" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.showorgalternate" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.event_view_filter_fields" "id, uuid, value, comment, type, category, Tag.name"
|
||||
|
||||
# Force defaults to make MISP Server Settings less GREEN
|
||||
$SUDO_WWW $CAKE Admin setSetting "Security.password_policy_length" 12
|
||||
$SUDO_WWW $CAKE Admin setSetting "Security.password_policy_complexity" '/^((?=.*\d)|(?=.*\W+))(?![\n])(?=.*[A-Z])(?=.*[a-z]).*$|.{16,}/'
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Security.password_policy_length" 12
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Security.password_policy_complexity" '/^((?=.*\d)|(?=.*\W+))(?![\n])(?=.*[A-Z])(?=.*[a-z]).*$|.{16,}/'
|
||||
|
||||
# Set MISP Live
|
||||
$SUDO_WWW $CAKE Live $MISP_LIVE
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Live $MISP_LIVE
|
||||
}
|
||||
|
||||
# This updates Galaxies, ObjectTemplates, Warninglists, Noticelists, Templates
|
||||
updateGOWNT () {
|
||||
# AUTH_KEY Place holder in case we need to **curl** somehing in the future
|
||||
#
|
||||
# AUTH_KEY=$(mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP misp -e "SELECT authkey FROM users;" | tail -1)
|
||||
# RHEL/CentOS
|
||||
# AUTH_KEY=$(scl enable rh-mariadb102 "mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP misp -e 'SELECT authkey FROM users;' | tail -1")
|
||||
# AUTH_KEY Place holder in case we need to **curl** somehing in the future
|
||||
#
|
||||
# AUTH_KEY=$(mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP misp -e "SELECT authkey FROM users;" | tail -1)
|
||||
# RHEL/CentOS
|
||||
# AUTH_KEY=$(scl enable rh-mariadb102 "mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP misp -e 'SELECT authkey FROM users;' | tail -1")
|
||||
#
|
||||
|
||||
debug "Updating Galaxies, ObjectTemplates, Warninglists, Noticelists and Templates"
|
||||
# Update the galaxies…
|
||||
# TODO: Fix updateGalaxies
|
||||
$SUDO_WWW $CAKE Admin updateGalaxies
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin updateGalaxies
|
||||
# Updating the taxonomies…
|
||||
$SUDO_WWW $CAKE Admin updateTaxonomies
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin updateTaxonomies
|
||||
# Updating the warning lists…
|
||||
$SUDO_WWW $CAKE Admin updateWarningLists
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin updateWarningLists
|
||||
# Updating the notice lists…
|
||||
$SUDO_WWW $CAKE Admin updateNoticeLists
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin updateNoticeLists
|
||||
# Updating the object templates…
|
||||
$SUDO_WWW $CAKE Admin updateObjectTemplates "1337"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin updateObjectTemplates "1337"
|
||||
}
|
||||
# <snippet-end 2_core-cake.sh>
|
||||
```
|
||||
|
|
|
@ -1,142 +0,0 @@
|
|||
#### Initialize MISP configuration and set some defaults
|
||||
|
||||
!!! warning
|
||||
This section is autogenerated, please **do not** manually modify it. Modify: **docs/generic/MISP_CAKE_init.md**
|
||||
Generated, approximately, like this:
|
||||
```bash
|
||||
cat generic/MISP_CAKE_init.md |sed -E 's/\$SUDO_WWW/\$SUDO_WWW \$RUN_PHP --/' |tail +3 |sed -E 's/2_core-cake.sh/2_core-cake-centos.sh/' >> MISP_CAKE_init_centos.md
|
||||
```
|
||||
|
||||
```bash
|
||||
# <snippet-begin 2_core-cake-centos.sh>
|
||||
# Core cake commands
|
||||
coreCAKE () {
|
||||
debug "Running core Cake commands to set sane defaults for ${LBLUE}MISP${NC}"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE userInit -q
|
||||
|
||||
# This makes sure all Database upgrades are done, without logging in.
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin updateDatabase
|
||||
|
||||
# Setup some more MISP default via cake CLI
|
||||
|
||||
# The default install is Python in a virtualenv, setting accordingly
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.python_bin" "${PATH_TO_MISP}/venv/bin/python"
|
||||
|
||||
# Tune global time outs
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Session.autoRegenerate" 0
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Session.timeout" 600
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Session.cookieTimeout" 3600
|
||||
|
||||
# Change base url, either with this CLI command or in the UI
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Baseurl $MISP_BASEURL
|
||||
# example: 'baseurl' => 'https://<your.FQDN.here>',
|
||||
# alternatively, you can leave this field empty if you would like to use relative pathing in MISP
|
||||
# 'baseurl' => '',
|
||||
|
||||
# Enable GnuPG
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "GnuPG.email" "$GPG_EMAIL_ADDRESS"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "GnuPG.homedir" "$PATH_TO_MISP/.gnupg"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "GnuPG.password" "$GPG_PASSPHRASE"
|
||||
|
||||
# Enable installer org and tune some configurables
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.host_org_id" 1
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.email" "info@admin.test"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.disable_emailing" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.contact" "info@admin.test"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.disablerestalert" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.showCorrelationsOnIndex" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.default_event_tag_collection" 0
|
||||
|
||||
# Provisional Cortex tunes
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_services_enable" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_services_url" "http://127.0.0.1"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_services_port" 9000
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_timeout" 120
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_authkey" ""
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_ssl_verify_peer" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_ssl_verify_host" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Cortex_ssl_allow_self_signed" true
|
||||
|
||||
# Various plugin sightings settings
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_policy" 0
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_anonymise" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.Sightings_range" 365
|
||||
|
||||
# Plugin CustomAuth tuneable
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.CustomAuth_disable_logout" false
|
||||
|
||||
# RPZ Plugin settings
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_policy" "DROP"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_walled_garden" "127.0.0.1"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_serial" "\$date00"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_refresh" "2h"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_retry" "30m"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_expiry" "30d"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_minimum_ttl" "1h"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_ttl" "1w"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_ns" "localhost."
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_ns_alt" ""
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Plugin.RPZ_email" "root.localhost"
|
||||
|
||||
# Force defaults to make MISP Server Settings less RED
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.language" "eng"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.proposals_block_attributes" false
|
||||
|
||||
# Redis block
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.redis_host" "127.0.0.1"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.redis_port" 6379
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.redis_database" 13
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.redis_password" ""
|
||||
|
||||
# Force defaults to make MISP Server Settings less YELLOW
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.ssdeep_correlation_threshold" 40
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.extended_alert_subject" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.default_event_threat_level" 4
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.newUserText" "Dear new MISP user,\\n\\nWe would hereby like to welcome you to the \$org MISP community.\\n\\n Use the credentials below to log into MISP at \$misp, where you will be prompted to manually change your password to something of your own choice.\\n\\nUsername: \$username\\nPassword: \$password\\n\\nIf you have any questions, don't hesitate to contact us at: \$contact.\\n\\nBest regards,\\nYour \$org MISP support team"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.passwordResetText" "Dear MISP user,\\n\\nA password reset has been triggered for your account. Use the below provided temporary password to log into MISP at \$misp, where you will be prompted to manually change your password to something of your own choice.\\n\\nUsername: \$username\\nYour temporary password: \$password\\n\\nIf you have any questions, don't hesitate to contact us at: \$contact.\\n\\nBest regards,\\nYour \$org MISP support team"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.enableEventBlacklisting" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.enableOrgBlacklisting" true
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.log_client_ip" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.log_auth" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.disableUserSelfManagement" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.block_event_alert" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.block_event_alert_tag" "no-alerts=\"true\""
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.block_old_event_alert" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.block_old_event_alert_age" ""
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.incoming_tags_disabled_by_default" false
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.footermidleft" "This is an initial install"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.footermidright" "Please configure and harden accordingly"
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.welcome_text_top" "Initial Install, please configure"
|
||||
# TODO: Make sure $FLAVOUR is correct
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "MISP.welcome_text_bottom" "Welcome to MISP on $FLAVOUR, change this message in MISP Settings"
|
||||
|
||||
# Force defaults to make MISP Server Settings less GREEN
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Security.password_policy_length" 12
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin setSetting "Security.password_policy_complexity" '/^((?=.*\d)|(?=.*\W+))(?![\n])(?=.*[A-Z])(?=.*[a-z]).*$|.{16,}/'
|
||||
|
||||
# Set MISP Live
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Live $MISP_LIVE
|
||||
}
|
||||
|
||||
# This updates Galaxies, ObjectTemplates, Warninglists, Noticelists, Templates
|
||||
updateGOWNT () {
|
||||
# AUTH_KEY Place holder in case we need to **curl** somehing in the future
|
||||
#
|
||||
# AUTH_KEY=$(mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP misp -e "SELECT authkey FROM users;" | tail -1)
|
||||
# RHEL/CentOS
|
||||
# AUTH_KEY=$(scl enable rh-mariadb102 "mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP misp -e 'SELECT authkey FROM users;' | tail -1")
|
||||
debug "Updating Galaxies, ObjectTemplates, Warninglists, Noticelists and Templates"
|
||||
# Update the galaxies…
|
||||
# TODO: Fix updateGalaxies
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin updateGalaxies
|
||||
# Updating the taxonomies…
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin updateTaxonomies
|
||||
# Updating the warning lists…
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin updateWarningLists
|
||||
# Updating the notice lists…
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin updateNoticeLists
|
||||
# Updating the object templates…
|
||||
$SUDO_WWW $RUN_PHP -- $CAKE Admin updateObjectTemplates "1337"
|
||||
}
|
||||
# <snippet-end 2_core-cake-centos.sh>
|
||||
```
|
Loading…
Reference in New Issue