From d7215e65e34c9f0cb91ae93a627d4cb441c690e0 Mon Sep 17 00:00:00 2001 From: Steven Goossens Date: Wed, 8 Jul 2020 11:35:53 +0200 Subject: [PATCH] Update run.sh to work with all-in-one MISP --- web/run.sh | 152 ++--------------------------------------------------- 1 file changed, 4 insertions(+), 148 deletions(-) diff --git a/web/run.sh b/web/run.sh index 963e485..bc91506 100755 --- a/web/run.sh +++ b/web/run.sh @@ -1,160 +1,16 @@ #!/bin/bash # # MISP docker startup script -# Xavier Mertens -# -# 2017/05/17 - Created -# 2017/05/31 - Fixed small errors -# 2019/10/17 - Use built-in mysql docker DB creation and use std env names (dafal) -# 2020/07/05 - Update MISP when it's not the first start +# Steven Goossens - steven@teamg.be set -e +git pull /var/www/MISP -/usr/sbin/sshd - -if [ -r /.firstboot.tmp ]; then - echo "Container started for the first time. Setup might time a few minutes. Please wait..." - echo "(Details are logged in /tmp/install.log)" - export DEBIAN_FRONTEND=noninteractive - - # If the user uses a mount point restore our files - if [ ! -d /var/www/MISP/app ]; then - echo "Restoring MISP files..." - cd /var/www/MISP - tar xzpf /root/MISP.tgz - rm /root/MISP.tgz - fi - - echo "Configuring postfix" - if [ -z "$POSTFIX_RELAY_HOST" ]; then - echo "POSTFIX_RELAY_HOST is not set, please configure Postfix manually later..." - else - postconf -e "relayhost = $POSTFIX_RELAY" - fi - - # Fix timezone (adapt to your local zone) - if [ -z "$TIMEZONE" ]; then - echo "TIMEZONE is not set, please configure the local time zone manually later..." - else - echo "$TIMEZONE" > /etc/timezone - dpkg-reconfigure -f noninteractive tzdata >>/tmp/install.log - fi - - echo "Creating MySQL database" - - # Check MYSQL_HOST - if [ -z "$MYSQL_HOST" ]; then - echo "MYSQL_HOST is not set. Aborting." - exit 1 - fi - - # Waiting for DB to be ready - while ! mysqladmin ping -h"$MYSQL_HOST" --silent; do - sleep 5 - echo "Waiting for database to be ready..." - done - - # Set MYSQL_PASSWORD - if [ -z "$MYSQL_PASSWORD" ]; then - echo "MYSQL_PASSWORD is not set, use default value 'misp'" - MYSQL_PASSWORD=misp - else - echo "MYSQL_PASSWORD is set to '$MYSQL_PASSWORD'" - fi - - dbExists=`echo 'SHOW DATABASES;' | mysql -u $MYSQL_USER --password="$MYSQL_PASSWORD" -h $MYSQL_HOST -P 3306` - if [[ $dbExists != *$MYSQL_DATABASE* ]]; then - echo "Database misp doesn't exist, creating database ..." - echo 'CREATE DATABASE '$MYSQL_DATABASE';' | mysql -u $MYSQL_USER --password="$MYSQL_PASSWORD" -h $MYSQL_HOST -P 3306 - fi - ret=`echo 'SHOW TABLES;' | mysql -u $MYSQL_USER --password="$MYSQL_PASSWORD" -h $MYSQL_HOST -P 3306 $MYSQL_DATABASE # 2>&1` - if [ $? -eq 0 ]; then - echo "Connected to database successfully!" - found=0 - for table in $ret; do - if [ "$table" == "attributes" ]; then - found=1 - fi - done - if [ $found -eq 1 ]; then - echo "Database misp available" - else - echo "Database misp empty, creating tables ..." - ret=`mysql -u $MYSQL_USER --password="$MYSQL_PASSWORD" $MYSQL_DATABASE -h $MYSQL_HOST -P 3306 2>&1 < /var/www/MISP/INSTALL/MYSQL.sql` - if [ $? -eq 0 ]; then - echo "Imported /var/www/MISP/INSTALL/MYSQL.sql successfully" - else - echo "ERROR: Importing /var/www/MISP/INSTALL/MYSQL.sql failed:" - echo $ret - fi - fi - else - echo "ERROR: Connecting to database failed:" - echo $ret - fi - - # MISP configuration - echo "Creating MISP configuration files" - cd /var/www/MISP/app/Config - cp -a database.default.php database.php - sed -i "s/localhost/$MYSQL_HOST/" database.php - sed -i "s/db\s*login/$MYSQL_USER/" database.php - sed -i "s/8889/3306/" database.php - sed -i "s/db\s*password/$MYSQL_PASSWORD/" database.php - - # Fix the base url - if [ -z "$MISP_BASEURL" ]; then - echo "No base URL defined, don't forget to define it manually!" - else - echo "Fixing the MISP base URL ($MISP_BASEURL) ..." - sed -i "s/'baseurl' => '',/'baseurl' => '$MISP_BASEURL',/" /var/www/MISP/app/Config/config.php - fi - - # Generate the admin user PGP key - echo "Creating admin GnuPG key" - if [ -z "$MISP_ADMIN_EMAIL" -o -z "$MISP_ADMIN_PASSPHRASE" ]; then - echo "No admin details provided, don't forget to generate the PGP key manually!" - else - echo "Generating admin PGP key ... (please be patient, we need some entropy)" - cat >/tmp/gpg.tmp <>/tmp/install.log - rm -f /tmp/gpg.tmp - sudo -u www-data gpg --homedir /var/www/MISP/.gnupg --export --armor $MISP_ADMIN_EMAIL > /var/www/MISP/app/webroot/gpg.asc - fi - - # Display tips - cat <<__WELCOME__ -Congratulations! -Your MISP docker has been successfully booted for the first time. -Don't forget: -- Reconfigure postfix to match your environment -- Change the MISP admin email address to $MISP_ADMIN_EMAIL - -__WELCOME__ - rm -f /.firstboot.tmp -else - git pull /var/www/MISP -fi - -# Make MISP live - this isn't ideal, as it means taking an instance -# non-live will make it live again if the container restarts. That seems -# better than the default which is that MISP is non-live on container restart. -# Ideally live/non-live would be persisted in the database. +# Make MISP live /var/www/MISP/app/Console/cake live 1 chown www-data:www-data /var/www/MISP/app/Config/config.php* # Start supervisord echo "Starting supervisord" cd / -exec /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf - +exec /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf