MISP
/
misp-docker
mirror of https://github.com/MISP/misp-docker
2
0
Fork 0
Code Issues Releases Wiki Activity

Refactor handling of syncserver variables

pull/1/head
Stefano Ortolani 2023-05-13 14:17:53 +01:00
parent d3db17ef78
commit e548b22ffa
3 changed files with 41 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
docker-compose.yml
View File

@ -59,16 +59,15 @@ services:
- "ADMIN_KEY=${ADMIN_KEY}" - "ADMIN_KEY=${ADMIN_KEY}"
- "ADMIN_ORG=${ADMIN_ORG}" - "ADMIN_ORG=${ADMIN_ORG}"
- "GPG_PASSPHRASE=${GPG_PASSPHRASE}" - "GPG_PASSPHRASE=${GPG_PASSPHRASE}"
# sync server settings # sync server settings (see https://www.misp-project.org/openapi/#tag/Servers for more options)
- "SYNCSERVERS=${SYNCSERVERS}" - "SYNCSERVERS=${SYNCSERVERS}"
- "SYNCSERVERS_1_NAME=${SYNCSERVERS_1_NAME}"
- "SYNCSERVERS_1_UUID=${SYNCSERVERS_1_UUID}"
- "SYNCSERVERS_1_KEY=${SYNCSERVERS_1_KEY}"
- | - |
SYNCSERVERS_1_DATA= SYNCSERVERS_1_DATA=
{ {
"remote_org_uuid": "${SYNCSERVERS_1_UUID}",
"name": "${SYNCSERVERS_1_NAME}",
"authkey": "${SYNCSERVERS_1_KEY}",
"url": "${SYNCSERVERS_1_URL}", "url": "${SYNCSERVERS_1_URL}",
"pull_rules": "{\"tags\":{\"OR\":[],\"NOT\":[]},\"orgs\":{\"OR\":[],\"NOT\":[]},\"url_params\":\"{\\\"searchanalysis\\\": \\\"2\\\"}\"}",
"pull": true "pull": true
} }

48
server/files/configure_misp.sh
View File

@ -155,20 +155,44 @@ update_components() {
create_sync_servers() { create_sync_servers() {
SPLITTED_SYNCSERVERS=$(echo $SYNCSERVERS | tr ',' '\n') SPLITTED_SYNCSERVERS=$(echo $SYNCSERVERS | tr ',' '\n')
for ID in $SPLITTED_SYNCSERVERS; do for ID in $SPLITTED_SYNCSERVERS; do
NAME="SYNCSERVERS_${ID}_NAME"
UUID="SYNCSERVERS_${ID}_UUID"
DATA="SYNCSERVERS_${ID}_DATA" DATA="SYNCSERVERS_${ID}_DATA"
KEY="SYNCSERVERS_${ID}_KEY"
echo "... searching sync server ${!NAME}..." # Validate #1
if ! get_server ${HOSTNAME} ${ADMIN_KEY} ${!NAME}; then NAME=$(echo "${!DATA}" | jq -r '.name')
echo "... adding new sync server ${!NAME}..." if [[ -z $NAME ]]; then
add_organization ${HOSTNAME} ${ADMIN_KEY} ${!NAME} false ${!UUID} echo "... error missing sync server name"
ORG_ID=$(get_organization ${HOSTNAME} ${ADMIN_KEY} ${!UUID}) continue
DATA=$(echo "${!DATA}" | jq --arg org_id ${ORG_ID} --arg name ${!NAME} --arg key ${!KEY} '. + {remote_org_id: $org_id, name: $name, authkey: $key}')
add_server ${HOSTNAME} ${ADMIN_KEY} "$DATA"
else
echo "... found existing sync server ${!NAME}..."
fi fi
# Skip sync server if we can
echo "... searching sync server ${NAME}"
if get_server ${HOSTNAME} ${ADMIN_KEY} ${NAME}; then
echo "... found existing sync server ${NAME}"
continue
fi
# Validate #2
UUID=$(echo "${!DATA}" | jq -r '.remote_org_uuid')
if [[ -z $UUID ]]; then
echo "... error missing sync server remote_org_uuid"
continue
fi
# Get remote organization
echo "... searching remote organization ${UUID}"
ORG_ID=$(get_organization ${HOSTNAME} ${ADMIN_KEY} ${UUID})
if [[ -z $ORG_ID ]]; then
# Add remote organization if missing
echo "... adding missing organization ${UUID}"
add_organization ${HOSTNAME} ${ADMIN_KEY} ${NAME} false ${UUID}
ORG_ID=$(get_organization ${HOSTNAME} ${ADMIN_KEY} ${UUID})
fi
# Add sync server
echo "... adding new sync server ${NAME} with organization id ${ORG_ID}"
JSON_DATA=$(echo "${!DATA}" | jq --arg org_id ${ORG_ID} 'del(.remote_org_uuid) | . + {remote_org_id: $org_id}')
echo "... adding new sync server ${JSON_DATA}"
add_server ${HOSTNAME} ${ADMIN_KEY} "$JSON_DATA"
done done
} }

3
template.env
View File

@ -24,8 +24,7 @@ SMARTHOST_ALIASES=
# comma separated list of IDs of syncservers (e.g. SYNCSERVERS=1) # comma separated list of IDs of syncservers (e.g. SYNCSERVERS=1)
SYNCSERVERS= SYNCSERVERS=
# name, remote organization uuid, and key of each syncserver # note: if you have more than one syncserver, you need to update docker-compose.yml
# note: if you have more than one, you need to update docker-compose.yml
SYNCSERVERS_1_URL= SYNCSERVERS_1_URL=
SYNCSERVERS_1_NAME= SYNCSERVERS_1_NAME=
SYNCSERVERS_1_UUID= SYNCSERVERS_1_UUID=