mirror of https://github.com/MISP/misp-docker
organize and cleanup
parent
4ec6a302c8
commit
90994c86d0
|
@ -1,7 +1,7 @@
|
||||||
# docker-misp
|
# docker-misp
|
||||||
A (nearly) production ready Dockered MISP
|
A (nearly) production ready Dockered MISP
|
||||||
|
|
||||||
This is based on some of the work from the DSCO docker build.
|
This is based on some of the work from the DSCO docker build, nearly all of the details have been rewritten.
|
||||||
|
|
||||||
Getting Started:
|
Getting Started:
|
||||||
- Copy the "default" configs removing "default" and edit the files in `server-configs`
|
- Copy the "default" configs removing "default" and edit the files in `server-configs`
|
||||||
|
|
|
@ -31,7 +31,7 @@ services:
|
||||||
- "CRON_USER_ID=1"
|
- "CRON_USER_ID=1"
|
||||||
- "REDIS_FQDN=redis"
|
- "REDIS_FQDN=redis"
|
||||||
- "MYSQL_PASSWORD=example"
|
- "MYSQL_PASSWORD=example"
|
||||||
- "INIT_MYSQL=true" # Lack of "IF NOT EXISTS" in sql dump.. sigh
|
- "INIT=true" # Initialze MISP, things includes, attempting to import SQL and the Files DIR
|
||||||
|
|
||||||
misp-modules:
|
misp-modules:
|
||||||
image: misp-modules
|
image: misp-modules
|
||||||
|
|
|
@ -7,7 +7,6 @@ MISP_APP_CONFIG_PATH=/var/www/MISP/app/Config
|
||||||
[ -z "$MYSQL_PASSWORD" ] && MYSQL_PASSWORD=example
|
[ -z "$MYSQL_PASSWORD" ] && MYSQL_PASSWORD=example
|
||||||
[ -z "$MYSQL_DATABASE" ] && MYSQL_DATABASE=misp
|
[ -z "$MYSQL_DATABASE" ] && MYSQL_DATABASE=misp
|
||||||
[ -z "$REDIS_FQDN" ] && REDIS_FQDN=redis
|
[ -z "$REDIS_FQDN" ] && REDIS_FQDN=redis
|
||||||
|
|
||||||
[ -z "$MYSQLCMD" ] && MYSQLCMD="mysql -u $MYSQL_USER -p$MYSQL_PASSWORD -P $MYSQL_PORT -h $MYSQL_HOST -r -N $MYSQL_DATABASE"
|
[ -z "$MYSQLCMD" ] && MYSQLCMD="mysql -u $MYSQL_USER -p$MYSQL_PASSWORD -P $MYSQL_PORT -h $MYSQL_HOST -r -N $MYSQL_DATABASE"
|
||||||
|
|
||||||
ENTRYPOINT_PID_FILE="/entrypoint_apache.install"
|
ENTRYPOINT_PID_FILE="/entrypoint_apache.install"
|
||||||
|
@ -23,6 +22,10 @@ change_php_vars(){
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
|
setup_cake_config(){
|
||||||
|
sed -i "s/'host' => 'localhost'.*/'host' => '$REDIS_FQDN', \/\/ Redis server hostname/" "/var/www/MISP/app/Plugin/CakeResque/Config/config.php"
|
||||||
|
}
|
||||||
|
|
||||||
init_misp_config(){
|
init_misp_config(){
|
||||||
[ -f $MISP_APP_CONFIG_PATH/bootstrap.php ] || cp $MISP_APP_CONFIG_PATH/bootstrap.default.php $MISP_APP_CONFIG_PATH/bootstrap.php
|
[ -f $MISP_APP_CONFIG_PATH/bootstrap.php ] || cp $MISP_APP_CONFIG_PATH/bootstrap.default.php $MISP_APP_CONFIG_PATH/bootstrap.php
|
||||||
[ -f $MISP_APP_CONFIG_PATH/database.php ] || cp $MISP_APP_CONFIG_PATH/database.default.php $MISP_APP_CONFIG_PATH/database.php
|
[ -f $MISP_APP_CONFIG_PATH/database.php ] || cp $MISP_APP_CONFIG_PATH/database.default.php $MISP_APP_CONFIG_PATH/database.php
|
||||||
|
@ -33,10 +36,6 @@ init_misp_config(){
|
||||||
sed -i "s/localhost/$MYSQL_HOST/" $MISP_APP_CONFIG_PATH/database.php
|
sed -i "s/localhost/$MYSQL_HOST/" $MISP_APP_CONFIG_PATH/database.php
|
||||||
sed -i "s/db\s*login/$MYSQL_USER/" $MISP_APP_CONFIG_PATH/database.php
|
sed -i "s/db\s*login/$MYSQL_USER/" $MISP_APP_CONFIG_PATH/database.php
|
||||||
sed -i "s/db\s*password/$MYSQL_PASSWORD/" $MISP_APP_CONFIG_PATH/database.php
|
sed -i "s/db\s*password/$MYSQL_PASSWORD/" $MISP_APP_CONFIG_PATH/database.php
|
||||||
|
|
||||||
#### CAKE ####
|
|
||||||
echo "Configure Cake | Change Redis host to $REDIS_FQDN"
|
|
||||||
sed -i "s/'host' => 'localhost'.*/'host' => '$REDIS_FQDN', \/\/ Redis server hostname/" "/var/www/MISP/app/Plugin/CakeResque/Config/config.php"
|
|
||||||
}
|
}
|
||||||
|
|
||||||
init_misp_files(){
|
init_misp_files(){
|
||||||
|
@ -46,17 +45,8 @@ init_misp_files(){
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
check_mysql(){
|
init_mysql(){
|
||||||
# Test when MySQL is ready....
|
# Test when MySQL is ready....
|
||||||
|
|
||||||
# Test if entrypoint_local_mariadb.sh is ready
|
|
||||||
sleep 5
|
|
||||||
while (true)
|
|
||||||
do
|
|
||||||
[ ! -f /var/lib/mysql/entrypoint_local_mariadb.sh.pid ] && break
|
|
||||||
sleep 5
|
|
||||||
done
|
|
||||||
|
|
||||||
# wait for Database come ready
|
# wait for Database come ready
|
||||||
isDBup () {
|
isDBup () {
|
||||||
echo "SHOW STATUS" | $MYSQLCMD 1>/dev/null
|
echo "SHOW STATUS" | $MYSQLCMD 1>/dev/null
|
||||||
|
@ -74,18 +64,7 @@ check_mysql(){
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
init_mysql(){
|
|
||||||
#####################################################################
|
|
||||||
if [[ "$INIT_MYSQL" == true ]]; then
|
|
||||||
check_mysql
|
|
||||||
# import MISP DB Scheme
|
|
||||||
echo "... importing MySQL scheme..."
|
|
||||||
$MYSQLCMD < /var/www/MISP/INSTALL/MYSQL.sql
|
$MYSQLCMD < /var/www/MISP/INSTALL/MYSQL.sql
|
||||||
echo "MySQL import...finished"
|
|
||||||
fi
|
|
||||||
echo
|
|
||||||
}
|
}
|
||||||
|
|
||||||
start_apache() {
|
start_apache() {
|
||||||
|
@ -95,31 +74,27 @@ start_apache() {
|
||||||
/usr/sbin/apache2ctl -D FOREGROUND -k "$1"
|
/usr/sbin/apache2ctl -D FOREGROUND -k "$1"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Things we should do when we have the INITIALIZE Env Flag
|
||||||
|
if [[ "$INIT" == true ]]; then
|
||||||
|
echo "Import MySQL scheme..." && init_mysql
|
||||||
|
echo "Setup MISP files dir..." && init_misp_files
|
||||||
|
fi
|
||||||
|
|
||||||
##### check MySQL
|
# Things we should do if we're configuring MISP via ENV
|
||||||
echo "Check if MySQL is ready..." && check_mysql
|
|
||||||
|
|
||||||
# Change PHP VARS
|
|
||||||
echo "Change PHP values ..." && change_php_vars
|
|
||||||
|
|
||||||
##### Import MySQL scheme
|
|
||||||
echo "Import MySQL scheme..." && init_mysql
|
|
||||||
|
|
||||||
##### initialize MISP-Server
|
|
||||||
echo "Initialize misp base config..." && init_misp_config
|
echo "Initialize misp base config..." && init_misp_config
|
||||||
|
|
||||||
echo "Make sure files dir is setup..." && init_misp_files
|
# Things that should ALWAYS happen
|
||||||
|
echo "Configure PHP | Change PHP values ..." && change_php_vars
|
||||||
##### Check permissions #####
|
echo "Configure Cake | Change Redis host to $REDIS_FQDN ... " && setup_cake_config
|
||||||
echo "Configure MISP | Check permissions..."
|
echo "Configure MISP | Enforce permissions ..."
|
||||||
echo "... chown -R www-data.www-data /var/www/MISP..." && find /var/www/MISP -not -user www-data -exec chown www-data.www-data {} +
|
echo "... chown -R www-data.www-data /var/www/MISP ..." && find /var/www/MISP -not -user www-data -exec chown www-data.www-data {} +
|
||||||
echo "... chmod -R 0750 /var/www/MISP..." && find /var/www/MISP -perm 550 -type f -exec chmod 0550 {} + && find /var/www/MISP -perm 770 -type d -exec chmod 0770 {} +
|
echo "... chmod -R 0750 /var/www/MISP ..." && find /var/www/MISP -perm 550 -type f -exec chmod 0550 {} + && find /var/www/MISP -perm 770 -type d -exec chmod 0770 {} +
|
||||||
echo "... chmod -R g+ws /var/www/MISP/app/tmp..." && chmod -R g+ws /var/www/MISP/app/tmp
|
echo "... chmod -R g+ws /var/www/MISP/app/tmp ..." && chmod -R g+ws /var/www/MISP/app/tmp
|
||||||
echo "... chmod -R g+ws /var/www/MISP/app/files..." && chmod -R g+ws /var/www/MISP/app/files
|
echo "... chmod -R g+ws /var/www/MISP/app/files ..." && chmod -R g+ws /var/www/MISP/app/files
|
||||||
echo "... chmod -R g+ws /var/www/MISP/app/files/scripts/tmp" && chmod -R g+ws /var/www/MISP/app/files/scripts/tmp
|
echo "... chmod -R g+ws /var/www/MISP/app/files/scripts/tmp ..." && chmod -R g+ws /var/www/MISP/app/files/scripts/tmp
|
||||||
|
|
||||||
# delete pid file
|
# delete pid file
|
||||||
[ -f $ENTRYPOINT_PID_FILE ] && rm $ENTRYPOINT_PID_FILE
|
[ -f $ENTRYPOINT_PID_FILE ] && rm $ENTRYPOINT_PID_FILE
|
||||||
|
|
||||||
##### execute apache
|
# execute apache
|
||||||
start_apache start
|
start_apache start
|
||||||
|
|
Loading…
Reference in New Issue