organize and cleanup

pull/1/head
Jason Kendall 2019-11-28 17:46:30 -05:00
parent 4ec6a302c8
commit 90994c86d0
3 changed files with 25 additions and 50 deletions

View File

@ -1,7 +1,7 @@
# docker-misp # docker-misp
A (nearly) production ready Dockered MISP A (nearly) production ready Dockered MISP
This is based on some of the work from the DSCO docker build. This is based on some of the work from the DSCO docker build, nearly all of the details have been rewritten.
Getting Started: Getting Started:
- Copy the "default" configs removing "default" and edit the files in `server-configs` - Copy the "default" configs removing "default" and edit the files in `server-configs`

View File

@ -31,7 +31,7 @@ services:
- "CRON_USER_ID=1" - "CRON_USER_ID=1"
- "REDIS_FQDN=redis" - "REDIS_FQDN=redis"
- "MYSQL_PASSWORD=example" - "MYSQL_PASSWORD=example"
- "INIT_MYSQL=true" # Lack of "IF NOT EXISTS" in sql dump.. sigh - "INIT=true" # Initialze MISP, things includes, attempting to import SQL and the Files DIR
misp-modules: misp-modules:
image: misp-modules image: misp-modules

View File

@ -7,7 +7,6 @@ MISP_APP_CONFIG_PATH=/var/www/MISP/app/Config
[ -z "$MYSQL_PASSWORD" ] && MYSQL_PASSWORD=example [ -z "$MYSQL_PASSWORD" ] && MYSQL_PASSWORD=example
[ -z "$MYSQL_DATABASE" ] && MYSQL_DATABASE=misp [ -z "$MYSQL_DATABASE" ] && MYSQL_DATABASE=misp
[ -z "$REDIS_FQDN" ] && REDIS_FQDN=redis [ -z "$REDIS_FQDN" ] && REDIS_FQDN=redis
[ -z "$MYSQLCMD" ] && MYSQLCMD="mysql -u $MYSQL_USER -p$MYSQL_PASSWORD -P $MYSQL_PORT -h $MYSQL_HOST -r -N $MYSQL_DATABASE" [ -z "$MYSQLCMD" ] && MYSQLCMD="mysql -u $MYSQL_USER -p$MYSQL_PASSWORD -P $MYSQL_PORT -h $MYSQL_HOST -r -N $MYSQL_DATABASE"
ENTRYPOINT_PID_FILE="/entrypoint_apache.install" ENTRYPOINT_PID_FILE="/entrypoint_apache.install"
@ -23,6 +22,10 @@ change_php_vars(){
done done
} }
setup_cake_config(){
sed -i "s/'host' => 'localhost'.*/'host' => '$REDIS_FQDN', \/\/ Redis server hostname/" "/var/www/MISP/app/Plugin/CakeResque/Config/config.php"
}
init_misp_config(){ init_misp_config(){
[ -f $MISP_APP_CONFIG_PATH/bootstrap.php ] || cp $MISP_APP_CONFIG_PATH/bootstrap.default.php $MISP_APP_CONFIG_PATH/bootstrap.php [ -f $MISP_APP_CONFIG_PATH/bootstrap.php ] || cp $MISP_APP_CONFIG_PATH/bootstrap.default.php $MISP_APP_CONFIG_PATH/bootstrap.php
[ -f $MISP_APP_CONFIG_PATH/database.php ] || cp $MISP_APP_CONFIG_PATH/database.default.php $MISP_APP_CONFIG_PATH/database.php [ -f $MISP_APP_CONFIG_PATH/database.php ] || cp $MISP_APP_CONFIG_PATH/database.default.php $MISP_APP_CONFIG_PATH/database.php
@ -33,10 +36,6 @@ init_misp_config(){
sed -i "s/localhost/$MYSQL_HOST/" $MISP_APP_CONFIG_PATH/database.php sed -i "s/localhost/$MYSQL_HOST/" $MISP_APP_CONFIG_PATH/database.php
sed -i "s/db\s*login/$MYSQL_USER/" $MISP_APP_CONFIG_PATH/database.php sed -i "s/db\s*login/$MYSQL_USER/" $MISP_APP_CONFIG_PATH/database.php
sed -i "s/db\s*password/$MYSQL_PASSWORD/" $MISP_APP_CONFIG_PATH/database.php sed -i "s/db\s*password/$MYSQL_PASSWORD/" $MISP_APP_CONFIG_PATH/database.php
#### CAKE ####
echo "Configure Cake | Change Redis host to $REDIS_FQDN"
sed -i "s/'host' => 'localhost'.*/'host' => '$REDIS_FQDN', \/\/ Redis server hostname/" "/var/www/MISP/app/Plugin/CakeResque/Config/config.php"
} }
init_misp_files(){ init_misp_files(){
@ -46,17 +45,8 @@ init_misp_files(){
fi fi
} }
check_mysql(){ init_mysql(){
# Test when MySQL is ready.... # Test when MySQL is ready....
# Test if entrypoint_local_mariadb.sh is ready
sleep 5
while (true)
do
[ ! -f /var/lib/mysql/entrypoint_local_mariadb.sh.pid ] && break
sleep 5
done
# wait for Database come ready # wait for Database come ready
isDBup () { isDBup () {
echo "SHOW STATUS" | $MYSQLCMD 1>/dev/null echo "SHOW STATUS" | $MYSQLCMD 1>/dev/null
@ -74,18 +64,7 @@ check_mysql(){
exit 1 exit 1
fi fi
}
init_mysql(){
#####################################################################
if [[ "$INIT_MYSQL" == true ]]; then
check_mysql
# import MISP DB Scheme
echo "... importing MySQL scheme..."
$MYSQLCMD < /var/www/MISP/INSTALL/MYSQL.sql $MYSQLCMD < /var/www/MISP/INSTALL/MYSQL.sql
echo "MySQL import...finished"
fi
echo
} }
start_apache() { start_apache() {
@ -95,31 +74,27 @@ start_apache() {
/usr/sbin/apache2ctl -D FOREGROUND -k "$1" /usr/sbin/apache2ctl -D FOREGROUND -k "$1"
} }
# Things we should do when we have the INITIALIZE Env Flag
if [[ "$INIT" == true ]]; then
echo "Import MySQL scheme..." && init_mysql
echo "Setup MISP files dir..." && init_misp_files
fi
##### check MySQL # Things we should do if we're configuring MISP via ENV
echo "Check if MySQL is ready..." && check_mysql
# Change PHP VARS
echo "Change PHP values ..." && change_php_vars
##### Import MySQL scheme
echo "Import MySQL scheme..." && init_mysql
##### initialize MISP-Server
echo "Initialize misp base config..." && init_misp_config echo "Initialize misp base config..." && init_misp_config
echo "Make sure files dir is setup..." && init_misp_files # Things that should ALWAYS happen
echo "Configure PHP | Change PHP values ..." && change_php_vars
##### Check permissions ##### echo "Configure Cake | Change Redis host to $REDIS_FQDN ... " && setup_cake_config
echo "Configure MISP | Check permissions..." echo "Configure MISP | Enforce permissions ..."
echo "... chown -R www-data.www-data /var/www/MISP..." && find /var/www/MISP -not -user www-data -exec chown www-data.www-data {} + echo "... chown -R www-data.www-data /var/www/MISP ..." && find /var/www/MISP -not -user www-data -exec chown www-data.www-data {} +
echo "... chmod -R 0750 /var/www/MISP..." && find /var/www/MISP -perm 550 -type f -exec chmod 0550 {} + && find /var/www/MISP -perm 770 -type d -exec chmod 0770 {} + echo "... chmod -R 0750 /var/www/MISP ..." && find /var/www/MISP -perm 550 -type f -exec chmod 0550 {} + && find /var/www/MISP -perm 770 -type d -exec chmod 0770 {} +
echo "... chmod -R g+ws /var/www/MISP/app/tmp..." && chmod -R g+ws /var/www/MISP/app/tmp echo "... chmod -R g+ws /var/www/MISP/app/tmp ..." && chmod -R g+ws /var/www/MISP/app/tmp
echo "... chmod -R g+ws /var/www/MISP/app/files..." && chmod -R g+ws /var/www/MISP/app/files echo "... chmod -R g+ws /var/www/MISP/app/files ..." && chmod -R g+ws /var/www/MISP/app/files
echo "... chmod -R g+ws /var/www/MISP/app/files/scripts/tmp" && chmod -R g+ws /var/www/MISP/app/files/scripts/tmp echo "... chmod -R g+ws /var/www/MISP/app/files/scripts/tmp ..." && chmod -R g+ws /var/www/MISP/app/files/scripts/tmp
# delete pid file # delete pid file
[ -f $ENTRYPOINT_PID_FILE ] && rm $ENTRYPOINT_PID_FILE [ -f $ENTRYPOINT_PID_FILE ] && rm $ENTRYPOINT_PID_FILE
##### execute apache # execute apache
start_apache start start_apache start