From 24454c64d6be87ed27838ffaffb5d04f07543fd6 Mon Sep 17 00:00:00 2001 From: Mathieu Deloitte Date: Fri, 26 Aug 2016 15:10:19 +0200 Subject: [PATCH] Add misp-module automatic installation --- README.md | 10 ++++++++ misp.yml | 3 +++ roles/misp/tasks/main.yml | 10 ++++++-- roles/misp/tasks/modules.yml | 50 ++++++++++++++++++++++++++++++++++++ 4 files changed, 71 insertions(+), 2 deletions(-) create mode 100644 roles/misp/tasks/modules.yml diff --git a/README.md b/README.md index 15a9895..f49d8c6 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,10 @@ MISP - Ansible installation script ---------------------------------------- +- V0.2 + * Data location management + * misp-modules installation + - V0.1 * Nginx support only * Backup script provided @@ -13,6 +17,12 @@ Instructions ansible-playbook -i , misp.yml -k -K -u ``` +- If you want to move the MISP data location to (MySQL database, MISP files and tmp), add the following parameter to ansible-playbook: + +```bash +--extra-vars "data_location=" +``` + - Update the self-signed certificate in /etc/nginx/ssl - Create and export your GPG key: diff --git a/misp.yml b/misp.yml index ca45f72..f7df48e 100644 --- a/misp.yml +++ b/misp.yml @@ -27,4 +27,7 @@ private: yes - name: enable_auto_backup prompt: "Do you want to enable automatic backup everyday ? (y/n)" + private: no + - name: install_modules + prompt: "Do you want to install misp-modules ? (y/n)" private: no \ No newline at end of file diff --git a/roles/misp/tasks/main.yml b/roles/misp/tasks/main.yml index f2a56df..cea47ed 100644 --- a/roles/misp/tasks/main.yml +++ b/roles/misp/tasks/main.yml @@ -326,14 +326,20 @@ state: directory mode: "g=u" -############ BACKUP ########### +####### BACKUP ####### - name: Configure and enable MISP backup include: backup.yml when: enable_auto_backup == 'y' -####### NEW DATA LOCATION ##### +####### NEW DATA LOCATION ####### - name: Change DATA location of MISP include: new_data_location.yml when: data_location != '/opt/misp-server/misp/app' + +####### MISP-MODULES ####### + +- name: Install misp-modules + include: modules.yml + when: install_modules == 'y' \ No newline at end of file diff --git a/roles/misp/tasks/modules.yml b/roles/misp/tasks/modules.yml new file mode 100644 index 0000000..cfa7536 --- /dev/null +++ b/roles/misp/tasks/modules.yml @@ -0,0 +1,50 @@ +############################################ +##### MISP-MODULES #### +############################################ + +- name: Install all needed packages + apt: + pkg: "{{ item }}" + state: latest + update_cache: yes + with_items: + - python3-dev + - python3-pip + - libpq5 + - libjpeg-dev + - libjpeg8-dev + +- name: Clone MISP-MODULES git + become: true + git: + repo: "https://github.com/MISP/misp-modules.git" + dest: "/usr/local/src/misp-modules" + recursive: yes + force: no + update: no + accept_hostkey: yes + +- name: Install MISP-MODULES requirements + become: true + pip: + executable: pip3 + requirements: "/usr/local/src/misp-modules/REQUIREMENTS" + environment: + TMPDIR: /opt/misp-server/tmp + register: mispmodules_requirements + +- name: Upgrade MISP-MODULES requirements + become: True + args: + chdir: "/usr/local/src/misp-modules" + shell: "{{ item }}" + with_items: + - pip3 install --upgrade . + when: mysql_init.changed + +- name: Check MISP worker autolaunch at boot + lineinfile: + state: present + dest: /etc/rc.local + insertbefore: "exit 0" + line: "sudo -u www-data misp-modules -s" \ No newline at end of file