From 58658ca713f3c64c82ca8ed4c8d0515c4f8fe0db Mon Sep 17 00:00:00 2001 From: lluked <17367626+lluked@users.noreply.github.com> Date: Mon, 14 Mar 2022 18:41:06 +0000 Subject: [PATCH] HCL2 Upgrade. --- .gitignore | 7 +- README.md | 86 ++++++--------- {http => cidata}/meta-data | 0 cidata/virtualbox/user-data | 28 +++++ {http => cidata/vmware}/user-data | 5 +- conffiles/issue | 28 ----- conffiles/virtualbox/issue | 25 +++++ conffiles/vmware/issue | 16 +++ misp.json | 174 ------------------------------ misp.pkr.hcl | 138 ++++++++++++++++++++++++ variables.auto.pkrvars.hcl | 7 ++ variables.pkr.hcl | 145 +++++++++++++++++++++++++ verify.txt | 121 --------------------- 13 files changed, 392 insertions(+), 388 deletions(-) rename {http => cidata}/meta-data (100%) create mode 100644 cidata/virtualbox/user-data rename {http => cidata/vmware}/user-data (69%) delete mode 100644 conffiles/issue create mode 100644 conffiles/virtualbox/issue create mode 100644 conffiles/vmware/issue delete mode 100644 misp.json create mode 100644 misp.pkr.hcl create mode 100644 variables.auto.pkrvars.hcl create mode 100644 variables.pkr.hcl delete mode 100644 verify.txt diff --git a/.gitignore b/.gitignore index 2b45eed..6595f7a 100644 --- a/.gitignore +++ b/.gitignore @@ -1,8 +1,3 @@ packer_cache/ -output-virtualbox-iso/ -output-vmware-iso/ +output/ scripts/INSTALL.sh* -*.checksum -misp-deploy.json -packerlog-vbox.txt -packerlog-vmware.txt diff --git a/README.md b/README.md index 6880e43..7e5dbd8 100644 --- a/README.md +++ b/README.md @@ -1,64 +1,40 @@ # Build Automated Machine Images for MISP -Build a virtual machine for MISP based on Ubuntu 18.04 server -(for VirtualBox or VMWare). +Fork of misp-packer -## Requirements +Works with ubuntu 20.04.4 iso -* [VirtualBox](https://www.virtualbox.org) -* [Packer](https://www.packer.io) from the Packer website -* *index-fancy* -> https://github.com/Vestride/fancy-index (on deployment side) -* *rhash* -> sudo apt install rhash (on the builder side) +Changes: -## Usage +- .json packer file converted to hcl2 with builtin packer converter. +- required_plugins defined to allow installation with packer init. +- Variables seperated into "variables.pkr.hcl" file. +- Other common settings between builders turned into variables and defaults set. +- Default variable overides in "variables.auto.pkrvars.hcl" file. +- VirtualBox modifyvm variables moved to main source block where compatible. +- Removed VirtualBox modifyvm variables that are setting a value that is already the default. +- Created seperate `user-data` files as ubunu 20.04 uses `enp0s3` interface in virtualbox and `ens33` in vmware. +- Created seperate issue files for virtualbox and vmware due to different networking interfaces. +- Removed VirtualBox port forwards for Jupyter as it seems it is no longer installed. +- Removed VirtualBox port forwards for Viper and Misp Dashboard as current Install script staes they are broken and not installed. +- Boot command changed as was not working while testing. +- Cloud config files are now mounted as cidata instead of using http. +- INSTALL.sh needs placing in scripts folder as build scripts which download the file have not been updated. +- Output directory has changed to "output/${var.vm_name}_{{ .Builder }}/". Easy enough to change back if wanted. +- Post Processor checksum is used to create checksums for boxes. -Launch the generation with the VirtualBox builder: +To-do: - $./build_vbox.sh +- Update .sh scripts (This was not done as I wasn't too familiar with what a lot of them did). +- Full Testing as I have limited experience with misp. -A VirtualBox image will be generated and stored in the folder -*output-virtualbox-iso*. +Instructions: +- Read Notes +- Run `packer init .` to install required plugins. +- Place latest [INSTALL.sh]("https://raw.githubusercontent.com/MISP/MISP/2.4/INSTALL/INSTALL.sh") in scripts folder. +- Run `Packer build -only=vmware-iso .` for vmware build. `Packer build -only=vmware-iso.ubuntu .` on mac. +- Run `Packer build -only=virtualbox-iso .` for virtualbox build. `Packer build -only=virtualbox-iso.ubuntu .` on mac +- Run `Packer build .` to build both. -Default credentials are displayed (Web interface, SSH and MariaDB) at the end -of the process. You can directly import the image in VirtualBox. - -The sha1 and sha512 checksums of the generated VM will be stored in the files -*packer_virtualbox-iso_virtualbox-iso_sha1.checksum* and -*packer_virtualbox-iso_virtualbox-iso_sha512.checksum* respectively. - -In case you encounter a problem with the ``MISP_BASEURL``, you can still change -it when the VM is running. For example the IP address of your VM is -``172.16.100.123`` you can set ``MISP_BASEURL`` from your host with the command: - - $ ssh misp@172.16.100.123 sudo -u www-data /var/www/MISP/app/Console/cake Baseurl http://172.16.100.123 - -If you want to build an image for VMWare you will need to install it and to -use the VMWare builder with the command: - - $ packer build -only=vmware-iso misp.json - -You can also launch all builders in parallel. - -### Modules activated by default in the VM - -* [MISP galaxy](https://github.com/MISP/misp-galaxy) -* [MISP modules](https://github.com/MISP/misp-modules) -* [MISP taxonomies](https://github.com/MISP/misp-taxonomies) -* [MISP noticelists](https://github.com/MISP/misp-noticelist) -* [MISP warninglists](https://github.com/MISP/misp-warninglists) -* [MISP ZMQ](https://github.com/MISP/misp-book/tree/master/misp-zmq) -* [MISP dashboard](https://github.com/MISP/misp-dashboard) - -## Automatic export to GitHub - - $ GITHUB_AUTH_TOKEN= - $ TAG=$(curl https://api.github.com/repos/MISP/MISP/releases/latest | jq -r '.tag_name') - $ ./upload.sh github_api_token=$GITHUB_AUTH_TOKEN owner=MISP repo=MISP tag=$TAG filename=./output-virtualbox-iso/MISP_demo.ova - -## Upload latest release - -curl -s https://api.github.com/repos/MISP/MISP/tags |jq -r '.[0] | .name' - - -You can add these lines in the *post-processors* section of the file -*misp.json* if you want to automate the process. +Notes: +- Timing is important, different hosts load at different speeds, boot_wait needs changing to suit the build host. Seperate variables exist for Virtualbox and VMWare. diff --git a/http/meta-data b/cidata/meta-data similarity index 100% rename from http/meta-data rename to cidata/meta-data diff --git a/cidata/virtualbox/user-data b/cidata/virtualbox/user-data new file mode 100644 index 0000000..8a79b27 --- /dev/null +++ b/cidata/virtualbox/user-data @@ -0,0 +1,28 @@ +#cloud-config +autoinstall: + version: 1 + apt: + geoip: true + preserve_sources_list: true + identity: + hostname: misp-vm + username: 'misp' + password: '$6$Zw5jtOmRPBqrzFT7$st/15FZrcYhlt7bgv70ILUsPfzEuFumiZF.CdXJ9VdVXXLHI4WIjJ6MS/5g3410L1ogCO5O7B7ro.XEFZ2P0o0' + keyboard: + layout: us + variant: '' + locale: en_US + network: + network: + version: 2 + ethernets: + enp0s3: + dhcp4: true + dhcp-identifier: mac + ssh: + allow-pw: true + authorized-keys: [] + install-server: true + storage: + layout: + name: lvm \ No newline at end of file diff --git a/http/user-data b/cidata/vmware/user-data similarity index 69% rename from http/user-data rename to cidata/vmware/user-data index 9195a11..4cb6aa6 100644 --- a/http/user-data +++ b/cidata/vmware/user-data @@ -25,7 +25,4 @@ autoinstall: install-server: true storage: layout: - name: lvm - late-commands: - - sed -i 's/^#*\(send dhcp-client-identifier\).*$/\1 = hardware;/' /target/etc/dhcp/dhclient.conf - - 'sed -i "s/dhcp4: true/&\n dhcp-identifier: mac/" /target/etc/netplan/00-installer-config.yaml' + name: lvm \ No newline at end of file diff --git a/conffiles/issue b/conffiles/issue deleted file mode 100644 index c8a69ec..0000000 --- a/conffiles/issue +++ /dev/null @@ -1,28 +0,0 @@ -Ubuntu 18.04.1 LTS \n \l - -Welcome to the MISP Threat Sharing VM. ---- - -IP address: \4{eth0} - ---- - -MISP http://\4{eth0} admin@admin.test / admin - https://\4{eth0} -MISP-modules (API) http://\4{eth0}:6666 (no credentials) -MISP-dashboard http://\4{eth0}:8001 (no credentials) -Viper-web http://\4{eth0}:8888 admin / Password1234 -jupyter-notebook http://\4{eth0}:8889 - -The default system credentials are: misp / Password1234 - -On VirtualBox port-forwarding from your host to the guest is in place. -Below are the forwards as we need to use ports >1024 for some. - -MISP -> 8080 and :8443 -ssh -> 2222 -misp-modules -> 1666 - -If this fails, make sure the host machine is not occupying one of the forwarded ports or a firewall is active. - ----- diff --git a/conffiles/virtualbox/issue b/conffiles/virtualbox/issue new file mode 100644 index 0000000..524c715 --- /dev/null +++ b/conffiles/virtualbox/issue @@ -0,0 +1,25 @@ +Ubuntu 20.04.4 LTS \n \l + +Welcome to the MISP Threat Sharing VM. +--- + +IP address: \4{enp0s3} + +--- + +MISP http://\4{enp0s3} admin@admin.test / admin + https://\4{enp0s3} +MISP-Modules (API) http://\4{enp0s3}:6666 (Auth Key) + +The default system credentials are: misp / Password1234 + +On VirtualBox port-forwarding from your host to the guest is in place. +Below are the forwards as we need to use ports >1024 for some. + +SSH -> 2222 +MISP -> 8080 and 8443 +MISP-Modules (API) -> 1666 (API) + +If this fails, make sure the host machine is not occupying one of the forwarded ports or a firewall is active. + +---- diff --git a/conffiles/vmware/issue b/conffiles/vmware/issue new file mode 100644 index 0000000..bc7eb01 --- /dev/null +++ b/conffiles/vmware/issue @@ -0,0 +1,16 @@ +Ubuntu 20.04.4 LTS \n \l + +Welcome to the MISP Threat Sharing VM. +--- + +IP address: \4{ens33} + +--- + +MISP http://\4{ens33} admin@admin.test / admin + https://\4{ens33} +MISP-Modules (API) http://\4{ens33}:6666 (Auth Key) + +The default system credentials are: misp / Password1234 + +---- diff --git a/misp.json b/misp.json deleted file mode 100644 index 1513396..0000000 --- a/misp.json +++ /dev/null @@ -1,174 +0,0 @@ -{ - "_comment": "MISP VM Autogen packer build system", - "builders": [ - { - "boot_command": [ - "{{ user `boot_command_prefix` }}", - "autoinstall ds=nocloud-net;s=http://{{ .HTTPIP }}:{{ .HTTPPort }}/", - "" - ], - "disk_size": "{{ user `disk_size` }}", - "export_opts": [ - "--manifest", - "--vsys", "0", - "--eulafile", "/tmp/LICENSE-misp", - "--description", "{{ user `vm_description` }}", - "--version", "{{ user `vm_version` }}" - ], - "format": "ova", - "guest_additions_path": "VBoxGuestAdditions_{{.Version}}.iso", - "guest_os_type": "Ubuntu_64", - "hard_drive_interface": "sata", - "headless": "{{ user `headless` }}", - "http_directory": "http", - "http_port_max": 9011, - "http_port_min": 9001, - "iso_checksum": "{{ user `iso_checksum` }}", - "iso_checksum_type": "{{ user `iso_checksum_type` }}", - "iso_urls": [ - "{{ user `iso_path` }}/{{ user `iso_name` }}", - "{{ user `iso_url` }}" - ], - "shutdown_command": "echo {{ user `ssh_pass` }} | sudo -S shutdown -P now", - "ssh_password": "{{ user `ssh_pass` }}", - "ssh_pty": "true", - "ssh_timeout": "20m", - "ssh_username": "{{ user `ssh_user` }}", - "type": "virtualbox-iso", - "vboxmanage": [ - [ "modifyvm", "{{.Name}}", "--memory", "{{user `memory`}}" ], - [ "modifyvm", "{{.Name}}", "--natpf1", "ssh,tcp,,2222,0.0.0.0,22" ], - [ "modifyvm", "{{.Name}}", "--natpf1", "http,tcp,,8080,,80" ], - [ "modifyvm", "{{.Name}}", "--natpf1", "https,tcp,,8443,,443" ], - [ "modifyvm", "{{.Name}}", "--natpf1", "dashboard,tcp,,8001,0.0.0.0,8001" ], - [ "modifyvm", "{{.Name}}", "--natpf1", "viper,tcp,,8888,0.0.0.0,8888" ], - [ "modifyvm", "{{.Name}}", "--natpf1", "jupyter-notebook,tcp,,8889,0.0.0.0,8889" ], - [ "modifyvm", "{{.Name}}", "--natpf1", "misp-modules,tcp,,1666,0.0.0.0,6666" ], - [ "modifyvm", "{{.Name}}", "--audio", "none" ], - [ "modifyvm", "{{.Name}}", "--graphicscontroller", "vmsvga" ], - [ "modifyvm", "{{.Name}}", "--usb", "off" ], - [ "modifyvm", "{{.Name}}", "--vrde", "off" ], - [ "modifyvm", "{{.Name}}", "--cpus", "{{user `cpus`}}" ], - [ "modifyvm", "{{.Name}}", "--vram", "32" ] - ], - "vm_name": "{{user `vm_name`}}" - }, - { - "boot_command": [ - "{{ user `boot_command_prefix` }}", - "autoinstall ds=nocloud-net;s=http://{{ .HTTPIP }}:{{ .HTTPPort }}/", - "" - ], - "boot_wait": "5s", - "disk_size": "{{ user `disk_size` }}", - "guest_os_type": "ubuntu-64", - "headless": "{{ user `headless` }}", - "http_directory": "http", - "http_port_min": 9001, - "http_port_max": 9011, - "iso_checksum": "{{ user `iso_checksum` }}", - "iso_checksum_type": "{{ user `iso_checksum_type` }}", - "iso_urls": [ - "{{ user `iso_path` }}/{{ user `iso_name` }}", - "{{ user `iso_url` }}" - ], - "memory": "{{ user `memory` }}", - "shutdown_command": "echo {{user `ssh_pass`}} |sudo -S shutdown -P now", - "skip_compaction": false, - "ssh_pty": "true", - "ssh_timeout": "30m", - "ssh_handshake_attempts": "90", - "ssh_username": "{{user `ssh_user`}}", - "ssh_password": "{{user `ssh_pass`}}", - "type": "vmware-iso", - "vm_name": "{{ user `vm_name` }}" - } - ], - "provisioners": [ - { - "environment_vars": [ - "DESKTOP={{user `desktop`}}", - "UPDATE={{user `update`}}", - "http_proxy={{user `http_proxy`}}", - "https_proxy={{user `https_proxy`}}", - "no_proxy={{user `no_proxy`}}" - ], - "execute_command": "echo '{{user `ssh_pass`}}' | {{ .Vars }} sudo -E -S sh '{{ .Path }}'", - "inline": [ - "echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers" - ], - "type": "shell" - }, - { - "execute_command": "echo '{{user `ssh_pass`}}' | {{ .Vars }} sudo -E -S sh '{{ .Path }}'", - "script": "scripts/extend.sh", - "type": "shell" - }, - { - "execute_command": "echo '{{user `ssh_pass`}}' | {{ .Vars }} sudo -E -S sh '{{ .Path }}'", - "script": "scripts/users.sh", - "type": "shell" - }, - { - "destination": "/tmp/INSTALL.sh", - "source": "scripts/INSTALL.sh", - "type": "file" - }, - { - "environment_vars": [ - "PACKER=1", - "DEBIAN_FRONTEND=noninteractive" - ], - "execute_command": "echo '{{user `ssh_pass`}}' | {{ .Vars }} sudo -u {{user `ssh_user`}} -E -S bash '{{ .Path }}'", - "inline": [ - "chmod u+x /tmp/INSTALL.sh", - "/tmp/INSTALL.sh -A -u" - ], - "pause_before": "10s", - "type": "shell" - }, - { - "destination": "/tmp/crontab", - "source": "conffiles/crontab", - "type": "file" - }, - { - "destination": "/tmp/issue", - "source": "conffiles/issue", - "type": "file" - }, - { - "execute_command": "echo '{{user `ssh_pass`}}' | {{ .Vars }} sudo -E -S sh '{{ .Path }}'", - "expect_disconnect": "true", - "pause_after": "30s", - "pause_before": "10s", - "script": "scripts/clean.sh", - "type": "shell" - } - ], - "variables": { - "boot_command_prefix": " ", - "cpus": "1", - "desktop": "false", - "disk_size": "25000", - "headless": "true", - "hostname": "misp", - "http_proxy": "{{env `http_proxy`}}", - "https_proxy": "{{env `https_proxy`}}", - "iso_checksum": "302c990c6d69575ff24c96566e5c7e26bf36908abb0cd546e22687c46fb07bf8dba595bf77a9d4fd9ab63e75c0437c133f35462fd41ea77f6f616140cd0e5e6a", - "iso_checksum_type": "sha512", - "iso_name": "ubuntu-20.04.1-live-server-amd64.iso", - "iso_path": "iso", - "iso_url": "https://releases.ubuntu.com/20.04/ubuntu-20.04.1-live-server-amd64.iso", - "memory": "3072", - "no_proxy": "{{env `no_proxy`}}", - "ovftool_path": "ovftool", - "ssh_fullname": "MISP User", - "ssh_user": "misp", - "ssh_pass": "Password1234", - "update": "true", - "vm_description": "MISP, is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threat about cyber security incidents analysis and malware analysis. MISP is designed by and for incident analysts, security and ICT professionals or malware reverser to support their day-to-day operations to share structured informations efficiently.", - "vm_name": "MISP_demo", - "vm_version": "2.4" - } -} diff --git a/misp.pkr.hcl b/misp.pkr.hcl new file mode 100644 index 0000000..9ed9ff9 --- /dev/null +++ b/misp.pkr.hcl @@ -0,0 +1,138 @@ +## Required plugins + +packer { + required_plugins { + virtualbox = { + version = ">= 0.0.1" + source = "github.com/hashicorp/virtualbox" + } + vmware = { + version = ">= 1.0.3" + source = "github.com/hashicorp/vmware" + } + } +} + +## Source blocks + +source "virtualbox-iso" "ubuntu" { + boot_command = "${var.boot_command}" + boot_wait = "${var.boot_wait_virtualbox}" + cd_files = ["./cidata/meta-data","./cidata/virtualbox/user-data"] + cd_label = "${var.cd_label}" + // cpus = "${var.cpus}" + disk_size = "${var.disk_size}" + export_opts = [ + "--manifest", + "--vsys", "0", + "--description", "${var.vm_description}", + "--version", "${var.vm_version}" + ] + format = "ova" + gfx_controller = "vmsvga" + gfx_vram_size = "32" + guest_additions_path = "VBoxGuestAdditions_{{ .Version }}.iso" + guest_os_type = "Ubuntu_64" + hard_drive_interface = "sata" + headless = "${var.headless}" + iso_checksum = "${var.iso_checksum_type}:${var.iso_checksum}" + iso_urls = ["${var.iso_path}/${var.iso_name}", "${var.iso_url}"] + memory = "${var.memory}" + output_directory = "output/${var.vm_name}_virtualbox/" + shutdown_command = "echo ${var.ssh_pass} | sudo -S shutdown -P now" + ssh_handshake_attempts = "${var.ssh_handshake_attempts}" + ssh_password = "${var.ssh_pass}" + ssh_pty = "${var.ssh_pty}" + ssh_timeout = "${var.ssh_timeout}" + ssh_username = "${var.ssh_username}" + vboxmanage = [ + ["modifyvm", "{{ .Name }}", "--natpf1", "ssh,tcp,,2222,0.0.0.0,22"], + ["modifyvm", "{{ .Name }}", "--natpf1", "http,tcp,,8080,,80"], + ["modifyvm", "{{ .Name }}", "--natpf1", "https,tcp,,8443,,443"], + ["modifyvm", "{{ .Name }}", "--natpf1", "dashboard,tcp,,8001,0.0.0.0,8001"], + ["modifyvm", "{{ .Name }}", "--natpf1", "misp-modules,tcp,,1666,0.0.0.0,6666"], + ["modifyvm", "{{ .Name }}", "--vrde", "off"] + ] + vm_name = "${var.vm_name}" +} + +source "vmware-iso" "ubuntu" { + boot_command = "${var.boot_command}" + boot_wait = "${var.boot_wait_vmware}" + cd_files = ["./cidata/meta-data","./cidata/vmware/user-data"] + cd_label = "${var.cd_label}" + disk_size = "${var.disk_size}" + guest_os_type = "ubuntu-64" + headless = "${var.headless}" + iso_checksum = "${var.iso_checksum_type}:${var.iso_checksum}" + iso_urls = ["${var.iso_path}/${var.iso_name}", "${var.iso_url}"] + memory = "${var.memory}" + output_directory = "output/${var.vm_name}_vmware/" + shutdown_command = "echo ${var.ssh_pass} |sudo -S shutdown -P now" + skip_compaction = false + ssh_handshake_attempts = "${var.ssh_handshake_attempts}" + ssh_password = "${var.ssh_pass}" + ssh_pty = "${var.ssh_pty}" + ssh_timeout = "${var.ssh_timeout}" + ssh_username = "${var.ssh_username}" + tools_upload_flavor = "linux" + vm_name = "${var.vm_name}" +} + +## Build blocks + +build { + sources = ["source.virtualbox-iso.ubuntu", "source.vmware-iso.ubuntu"] + + provisioner "shell" { + environment_vars = ["DESKTOP=${var.desktop}", "UPDATE=${var.update}", "http_proxy=${var.http_proxy}", "https_proxy=${var.https_proxy}", "no_proxy=${var.no_proxy}"] + execute_command = "echo '${var.ssh_pass}' | {{ .Vars }} sudo -E -S sh '{{ .Path }}'" + inline = ["echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers"] + } + + provisioner "shell" { + execute_command = "echo '${var.ssh_pass}' | {{ .Vars }} sudo -E -S sh '{{ .Path }}'" + script = "scripts/extend.sh" + } + + provisioner "shell" { + execute_command = "echo '${var.ssh_pass}' | {{ .Vars }} sudo -E -S sh '{{ .Path }}'" + script = "scripts/users.sh" + } + + provisioner "file" { + destination = "/tmp/INSTALL.sh" + source = "scripts/INSTALL.sh" + } + + provisioner "shell" { + environment_vars = ["PACKER=1", "DEBIAN_FRONTEND=noninteractive"] + execute_command = "echo '${var.ssh_pass}' | {{ .Vars }} sudo -u ${var.ssh_username} -E -S bash '{{ .Path }}'" + inline = ["chmod u+x /tmp/INSTALL.sh", "/tmp/INSTALL.sh -A -u"] + pause_before = "10s" + } + + provisioner "file" { + destination = "/tmp/crontab" + source = "conffiles/crontab" + } + + provisioner "file" { + destination = "/tmp/issue" + source = "conffiles/${trimsuffix(source.type, "-iso")}/issue" + } + + provisioner "shell" { + execute_command = "echo '${var.ssh_pass}' | {{ .Vars }} sudo -E -S sh '{{ .Path }}'" + expect_disconnect = "true" + pause_after = "30s" + pause_before = "10s" + script = "scripts/clean.sh" + } + + post-processor "checksum" { + checksum_types = ["sha256"] + output = "output/${var.vm_name}_${trimsuffix(source.type, "-iso")}/${var.vm_name}_{{ .ChecksumType }}.checksum" + } + +} diff --git a/variables.auto.pkrvars.hcl b/variables.auto.pkrvars.hcl new file mode 100644 index 0000000..2ee7396 --- /dev/null +++ b/variables.auto.pkrvars.hcl @@ -0,0 +1,7 @@ +## Overide default variables to suit build. +boot_wait_virtualbox = "7s" +boot_wait_vmware = "10s" +headless = "false" +cpus = "2" +memory = "4096" +vm_name = "MISP-Ubuntu" \ No newline at end of file diff --git a/variables.pkr.hcl b/variables.pkr.hcl new file mode 100644 index 0000000..184c022 --- /dev/null +++ b/variables.pkr.hcl @@ -0,0 +1,145 @@ +# Read the documentation for variables here: +# https://www.packer.io/docs/templates/hcl_templates/variables + +variable "boot_command" { + type = list (string) + default = [ + "", + "", + "", + "autoinstall", + "", + "ds=nocloud;", + "" + ] +} + +variable "boot_wait_virtualbox" { + type = string + default = "5s" +} + +variable "boot_wait_vmware" { + type = string + default = "5s" +} + +variable "cd_label" { + type = string + default = "cidata" +} + +variable "cpus" { + type = string + default = "1" +} + +variable "desktop" { + type = string + default = "false" +} + +variable "disk_size" { + type = string + default = "25000" +} + +variable "headless" { + type = string + default = "true" +} + +variable "hostname" { + type = string + default = "misp" +} + +variable "http_proxy" { + type = string + default = "${env("http_proxy")}" +} + +variable "https_proxy" { + type = string + default = "${env("https_proxy")}" +} + +variable "iso_checksum" { + type = string + default = "https://releases.ubuntu.com/20.04/SHA256SUMS" +} + +variable "iso_checksum_type" { + type = string + default = "file" +} + +variable "iso_name" { + type = string + default = "ubuntu-20.04.4-live-server-amd64.iso" +} + +variable "iso_path" { + type = string + default = "iso" +} + +variable "iso_url" { + type = string + default = "https://releases.ubuntu.com/20.04/ubuntu-20.04.4-live-server-amd64.iso" +} + +variable "memory" { + type = string + default = "3072" +} + +variable "no_proxy" { + type = string + default = "${env("no_proxy")}" +} + +variable "ssh_handshake_attempts" { + type = string + default = "90" +} + +variable "ssh_pass" { + type = string + default = "Password1234" +} + +variable "ssh_username" { + type = string + default = "misp" +} + +variable "ssh_pty" { + type = string + default = "true" +} + +variable "ssh_timeout" { + type = string + default = "30m" +} + +variable "update" { + type = string + default = "true" +} + +variable "vm_description" { + type = string + default = "MISP, is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threat about cyber security incidents analysis and malware analysis. MISP is designed by and for incident analysts, security and ICT professionals or malware reverser to support their day-to-day operations to share structured informations efficiently." +} + +variable "vm_name" { + type = string + default = "MISP_demo" +} + +variable "vm_version" { + type = string + default = "2.4" +} diff --git a/verify.txt b/verify.txt deleted file mode 100644 index 36e3195..0000000 --- a/verify.txt +++ /dev/null @@ -1,121 +0,0 @@ -How to verify the Automate MISP-VMs? ------------------------------------- - -In this directory you will find the following files: - -- OVA File (VirtualBox export of the VM) -- ZIP File (ZIP Packae of the VMware VM) -- ASC File (PGP Armored file of the above files) -- checksums Directory (The directory with all the checksums of the above files) - -Verify VirtualBox OVA ---------------------- - -1. Download signatures - -Download the OVA and the ASC into the same directory. - -2. Verify signatures - -On the command line verify the PGP signature first, example: - -$ gpg --keyserver pgp.circl.lu --recv-key 0x34F20B13 -$ gpg --verify MISP_v2.4.107@latest.ova.asc MISP_v2.4.107@latest.ova -gpg: Signature made Wed 15 May 2019 07:04:42 PM JST -gpg: using RSA key EDEC891834F20B13 -gpg: Good signature from "CIRCL MISP (CIRCL MISP VM Release Key) " [ultimate] - -3. Download SFV files - -Now download the checksum file and its signature, and verify. - -$ wget https://www.circl.lu/misp-images/latest/checksums/MISP_v2.4.107@latest-CHECKSUM.sfv -$ wget https://www.circl.lu/misp-images/latest/checksums/MISP_v2.4.107@latest-CHECKSUM.sfv.asc -$ gpg --verify MISP_v2.4.107@latest-CHECKSUM.sfv.asc MISP_v2.4.107@latest-CHECKSUM.sfv -gpg: Signature made Wed 15 May 2019 07:15:10 PM JST -gpg: using RSA key EDEC891834F20B13 -gpg: BAD signature from "CIRCL MISP (CIRCL MISP VM Release Key) " [ultimate] - -If you get a BAD signature, please download again. - -Next, use rhash or go with the manual way. - -rhash ------ - -$ cat MISP_v2.4.107@latest-CHECKSUM.sfv |sed 's/@\(.*\)-/@latest-/g' |sed 's/@\(.*\).ova/@latest.ova/g' |rhash -c -v --percents - - ---( Verifying MISP_v2.4.107@latest-CHECKSUM.sfv )------------------------------- -MISP_v2.4.107@latest-VMware.zip OK -MISP_v2.4.107@latest.ova OK --------------------------------------------------------------------------------- -Everything OK - -Manual (not recommended) ------------------------- - -Take any file you want to verify, with sha1-sum for example. - -$ shasum MISP_v2.4.107@8a51109.nvram | cut -f 1 -d\ |grep -o -i -f - MISP_@8a51109.sfv -D3A2EBF751E31C6972F89DEC4F57D69C4681A142 - -If you get back a shasum, it worked, the file is safe and sound. - -Now you could do this, for all files, for all the checksums (sha1/256/384/512) OR just use rhash. - - -Verify VMware -------------- - -1. Download signatures - -Download the ZIP and the ASC into the same directory. - -2. Verify signatures - -On the command line verify the PGP signature first, example: - -$ gpg --verify MISP_v2.4.107@latest-VMware.zip.asc MISP_v2.4.107@latest-VMware.zip -gpg: Signature made Wed 15 May 2019 07:04:42 PM JST -gpg: using RSA key EDEC891834F20B13 -gpg: Good signature from "CIRCL MISP (CIRCL MISP VM Release Key) " [ultimate] - -Do step number 3 from above. - -$ unzip MISP_v2.4.107@latest-VMware.zip -Archive: MISP_v2.4.107@latest-VMware.zip - inflating: VMware/disk-s001.vmdk - inflating: VMware/disk-s002.vmdk - inflating: VMware/disk-s003.vmdk - inflating: VMware/disk-s004.vmdk - inflating: VMware/disk-s005.vmdk - inflating: VMware/disk-s006.vmdk - inflating: VMware/disk-s007.vmdk - inflating: VMware/disk.vmdk - inflating: VMware/MISP_v2.4@8a51109.sfv - inflating: VMware/MISP_v2.4.107@8a51109.nvram - extracting: VMware/MISP_v2.4.107@8a51109.vmsd - inflating: VMware/MISP_v2.4.107@8a51109.vmx - inflating: VMware/MISP_v2.4.107@8a51109.vmxf -$ cd VMware -$ rhash -c -v --percents MISP_v2.4@8a51109.sfv -Config file: /etc/rhashrc - ---( Verifying MISP_v2.4@8a51109.sfv )----------------------------------------------- -disk-s001.vmdk OK -disk-s002.vmdk OK -disk-s003.vmdk OK -disk-s004.vmdk OK -disk-s005.vmdk OK -disk-s006.vmdk OK -disk-s007.vmdk OK -disk.vmdk OK -MISP_v2.4.107@8a51109.nvram OK -MISP_v2.4.107@8a51109.vmsd OK -MISP_v2.4.107@8a51109.vmx OK -MISP_v2.4.107@8a51109.vmxf OK --------------------------------------------------------------------------------- -Everything OK - - -You can be more or less confident that verything is fine.