mirror of https://github.com/MISP/misp-packer
HCL2 Upgrade.
parent
a117b2df32
commit
58658ca713
|
@ -1,8 +1,3 @@
|
|||
packer_cache/
|
||||
output-virtualbox-iso/
|
||||
output-vmware-iso/
|
||||
output/
|
||||
scripts/INSTALL.sh*
|
||||
*.checksum
|
||||
misp-deploy.json
|
||||
packerlog-vbox.txt
|
||||
packerlog-vmware.txt
|
||||
|
|
86
README.md
86
README.md
|
@ -1,64 +1,40 @@
|
|||
# Build Automated Machine Images for MISP
|
||||
|
||||
Build a virtual machine for MISP based on Ubuntu 18.04 server
|
||||
(for VirtualBox or VMWare).
|
||||
Fork of misp-packer
|
||||
|
||||
## Requirements
|
||||
Works with ubuntu 20.04.4 iso
|
||||
|
||||
* [VirtualBox](https://www.virtualbox.org)
|
||||
* [Packer](https://www.packer.io) from the Packer website
|
||||
* *index-fancy* -> https://github.com/Vestride/fancy-index (on deployment side)
|
||||
* *rhash* -> sudo apt install rhash (on the builder side)
|
||||
Changes:
|
||||
|
||||
## Usage
|
||||
- .json packer file converted to hcl2 with builtin packer converter.
|
||||
- required_plugins defined to allow installation with packer init.
|
||||
- Variables seperated into "variables.pkr.hcl" file.
|
||||
- Other common settings between builders turned into variables and defaults set.
|
||||
- Default variable overides in "variables.auto.pkrvars.hcl" file.
|
||||
- VirtualBox modifyvm variables moved to main source block where compatible.
|
||||
- Removed VirtualBox modifyvm variables that are setting a value that is already the default.
|
||||
- Created seperate `user-data` files as ubunu 20.04 uses `enp0s3` interface in virtualbox and `ens33` in vmware.
|
||||
- Created seperate issue files for virtualbox and vmware due to different networking interfaces.
|
||||
- Removed VirtualBox port forwards for Jupyter as it seems it is no longer installed.
|
||||
- Removed VirtualBox port forwards for Viper and Misp Dashboard as current Install script staes they are broken and not installed.
|
||||
- Boot command changed as was not working while testing.
|
||||
- Cloud config files are now mounted as cidata instead of using http.
|
||||
- INSTALL.sh needs placing in scripts folder as build scripts which download the file have not been updated.
|
||||
- Output directory has changed to "output/${var.vm_name}_{{ .Builder }}/". Easy enough to change back if wanted.
|
||||
- Post Processor checksum is used to create checksums for boxes.
|
||||
|
||||
Launch the generation with the VirtualBox builder:
|
||||
To-do:
|
||||
|
||||
$./build_vbox.sh
|
||||
- Update .sh scripts (This was not done as I wasn't too familiar with what a lot of them did).
|
||||
- Full Testing as I have limited experience with misp.
|
||||
|
||||
A VirtualBox image will be generated and stored in the folder
|
||||
*output-virtualbox-iso*.
|
||||
Instructions:
|
||||
- Read Notes
|
||||
- Run `packer init .` to install required plugins.
|
||||
- Place latest [INSTALL.sh]("https://raw.githubusercontent.com/MISP/MISP/2.4/INSTALL/INSTALL.sh") in scripts folder.
|
||||
- Run `Packer build -only=vmware-iso .` for vmware build. `Packer build -only=vmware-iso.ubuntu .` on mac.
|
||||
- Run `Packer build -only=virtualbox-iso .` for virtualbox build. `Packer build -only=virtualbox-iso.ubuntu .` on mac
|
||||
- Run `Packer build .` to build both.
|
||||
|
||||
Default credentials are displayed (Web interface, SSH and MariaDB) at the end
|
||||
of the process. You can directly import the image in VirtualBox.
|
||||
|
||||
The sha1 and sha512 checksums of the generated VM will be stored in the files
|
||||
*packer_virtualbox-iso_virtualbox-iso_sha1.checksum* and
|
||||
*packer_virtualbox-iso_virtualbox-iso_sha512.checksum* respectively.
|
||||
|
||||
In case you encounter a problem with the ``MISP_BASEURL``, you can still change
|
||||
it when the VM is running. For example the IP address of your VM is
|
||||
``172.16.100.123`` you can set ``MISP_BASEURL`` from your host with the command:
|
||||
|
||||
$ ssh misp@172.16.100.123 sudo -u www-data /var/www/MISP/app/Console/cake Baseurl http://172.16.100.123
|
||||
|
||||
If you want to build an image for VMWare you will need to install it and to
|
||||
use the VMWare builder with the command:
|
||||
|
||||
$ packer build -only=vmware-iso misp.json
|
||||
|
||||
You can also launch all builders in parallel.
|
||||
|
||||
### Modules activated by default in the VM
|
||||
|
||||
* [MISP galaxy](https://github.com/MISP/misp-galaxy)
|
||||
* [MISP modules](https://github.com/MISP/misp-modules)
|
||||
* [MISP taxonomies](https://github.com/MISP/misp-taxonomies)
|
||||
* [MISP noticelists](https://github.com/MISP/misp-noticelist)
|
||||
* [MISP warninglists](https://github.com/MISP/misp-warninglists)
|
||||
* [MISP ZMQ](https://github.com/MISP/misp-book/tree/master/misp-zmq)
|
||||
* [MISP dashboard](https://github.com/MISP/misp-dashboard)
|
||||
|
||||
## Automatic export to GitHub
|
||||
|
||||
$ GITHUB_AUTH_TOKEN=<your-github-auth-token>
|
||||
$ TAG=$(curl https://api.github.com/repos/MISP/MISP/releases/latest | jq -r '.tag_name')
|
||||
$ ./upload.sh github_api_token=$GITHUB_AUTH_TOKEN owner=MISP repo=MISP tag=$TAG filename=./output-virtualbox-iso/MISP_demo.ova
|
||||
|
||||
## Upload latest release
|
||||
|
||||
curl -s https://api.github.com/repos/MISP/MISP/tags |jq -r '.[0] | .name'
|
||||
|
||||
|
||||
You can add these lines in the *post-processors* section of the file
|
||||
*misp.json* if you want to automate the process.
|
||||
Notes:
|
||||
- Timing is important, different hosts load at different speeds, boot_wait needs changing to suit the build host. Seperate variables exist for Virtualbox and VMWare.
|
||||
|
|
|
@ -0,0 +1,28 @@
|
|||
#cloud-config
|
||||
autoinstall:
|
||||
version: 1
|
||||
apt:
|
||||
geoip: true
|
||||
preserve_sources_list: true
|
||||
identity:
|
||||
hostname: misp-vm
|
||||
username: 'misp'
|
||||
password: '$6$Zw5jtOmRPBqrzFT7$st/15FZrcYhlt7bgv70ILUsPfzEuFumiZF.CdXJ9VdVXXLHI4WIjJ6MS/5g3410L1ogCO5O7B7ro.XEFZ2P0o0'
|
||||
keyboard:
|
||||
layout: us
|
||||
variant: ''
|
||||
locale: en_US
|
||||
network:
|
||||
network:
|
||||
version: 2
|
||||
ethernets:
|
||||
enp0s3:
|
||||
dhcp4: true
|
||||
dhcp-identifier: mac
|
||||
ssh:
|
||||
allow-pw: true
|
||||
authorized-keys: []
|
||||
install-server: true
|
||||
storage:
|
||||
layout:
|
||||
name: lvm
|
|
@ -25,7 +25,4 @@ autoinstall:
|
|||
install-server: true
|
||||
storage:
|
||||
layout:
|
||||
name: lvm
|
||||
late-commands:
|
||||
- sed -i 's/^#*\(send dhcp-client-identifier\).*$/\1 = hardware;/' /target/etc/dhcp/dhclient.conf
|
||||
- 'sed -i "s/dhcp4: true/&\n dhcp-identifier: mac/" /target/etc/netplan/00-installer-config.yaml'
|
||||
name: lvm
|
|
@ -1,28 +0,0 @@
|
|||
Ubuntu 18.04.1 LTS \n \l
|
||||
|
||||
Welcome to the MISP Threat Sharing VM.
|
||||
---
|
||||
|
||||
IP address: \4{eth0}
|
||||
|
||||
---
|
||||
|
||||
MISP http://\4{eth0} admin@admin.test / admin
|
||||
https://\4{eth0}
|
||||
MISP-modules (API) http://\4{eth0}:6666 (no credentials)
|
||||
MISP-dashboard http://\4{eth0}:8001 (no credentials)
|
||||
Viper-web http://\4{eth0}:8888 admin / Password1234
|
||||
jupyter-notebook http://\4{eth0}:8889
|
||||
|
||||
The default system credentials are: misp / Password1234
|
||||
|
||||
On VirtualBox port-forwarding from your host to the guest is in place.
|
||||
Below are the forwards as we need to use ports >1024 for some.
|
||||
|
||||
MISP -> 8080 and :8443
|
||||
ssh -> 2222
|
||||
misp-modules -> 1666
|
||||
|
||||
If this fails, make sure the host machine is not occupying one of the forwarded ports or a firewall is active.
|
||||
|
||||
----
|
|
@ -0,0 +1,25 @@
|
|||
Ubuntu 20.04.4 LTS \n \l
|
||||
|
||||
Welcome to the MISP Threat Sharing VM.
|
||||
---
|
||||
|
||||
IP address: \4{enp0s3}
|
||||
|
||||
---
|
||||
|
||||
MISP http://\4{enp0s3} admin@admin.test / admin
|
||||
https://\4{enp0s3}
|
||||
MISP-Modules (API) http://\4{enp0s3}:6666 (Auth Key)
|
||||
|
||||
The default system credentials are: misp / Password1234
|
||||
|
||||
On VirtualBox port-forwarding from your host to the guest is in place.
|
||||
Below are the forwards as we need to use ports >1024 for some.
|
||||
|
||||
SSH -> 2222
|
||||
MISP -> 8080 and 8443
|
||||
MISP-Modules (API) -> 1666 (API)
|
||||
|
||||
If this fails, make sure the host machine is not occupying one of the forwarded ports or a firewall is active.
|
||||
|
||||
----
|
|
@ -0,0 +1,16 @@
|
|||
Ubuntu 20.04.4 LTS \n \l
|
||||
|
||||
Welcome to the MISP Threat Sharing VM.
|
||||
---
|
||||
|
||||
IP address: \4{ens33}
|
||||
|
||||
---
|
||||
|
||||
MISP http://\4{ens33} admin@admin.test / admin
|
||||
https://\4{ens33}
|
||||
MISP-Modules (API) http://\4{ens33}:6666 (Auth Key)
|
||||
|
||||
The default system credentials are: misp / Password1234
|
||||
|
||||
----
|
174
misp.json
174
misp.json
|
@ -1,174 +0,0 @@
|
|||
{
|
||||
"_comment": "MISP VM Autogen packer build system",
|
||||
"builders": [
|
||||
{
|
||||
"boot_command": [
|
||||
"{{ user `boot_command_prefix` }}",
|
||||
"autoinstall ds=nocloud-net;s=http://{{ .HTTPIP }}:{{ .HTTPPort }}/",
|
||||
"<enter>"
|
||||
],
|
||||
"disk_size": "{{ user `disk_size` }}",
|
||||
"export_opts": [
|
||||
"--manifest",
|
||||
"--vsys", "0",
|
||||
"--eulafile", "/tmp/LICENSE-misp",
|
||||
"--description", "{{ user `vm_description` }}",
|
||||
"--version", "{{ user `vm_version` }}"
|
||||
],
|
||||
"format": "ova",
|
||||
"guest_additions_path": "VBoxGuestAdditions_{{.Version}}.iso",
|
||||
"guest_os_type": "Ubuntu_64",
|
||||
"hard_drive_interface": "sata",
|
||||
"headless": "{{ user `headless` }}",
|
||||
"http_directory": "http",
|
||||
"http_port_max": 9011,
|
||||
"http_port_min": 9001,
|
||||
"iso_checksum": "{{ user `iso_checksum` }}",
|
||||
"iso_checksum_type": "{{ user `iso_checksum_type` }}",
|
||||
"iso_urls": [
|
||||
"{{ user `iso_path` }}/{{ user `iso_name` }}",
|
||||
"{{ user `iso_url` }}"
|
||||
],
|
||||
"shutdown_command": "echo {{ user `ssh_pass` }} | sudo -S shutdown -P now",
|
||||
"ssh_password": "{{ user `ssh_pass` }}",
|
||||
"ssh_pty": "true",
|
||||
"ssh_timeout": "20m",
|
||||
"ssh_username": "{{ user `ssh_user` }}",
|
||||
"type": "virtualbox-iso",
|
||||
"vboxmanage": [
|
||||
[ "modifyvm", "{{.Name}}", "--memory", "{{user `memory`}}" ],
|
||||
[ "modifyvm", "{{.Name}}", "--natpf1", "ssh,tcp,,2222,0.0.0.0,22" ],
|
||||
[ "modifyvm", "{{.Name}}", "--natpf1", "http,tcp,,8080,,80" ],
|
||||
[ "modifyvm", "{{.Name}}", "--natpf1", "https,tcp,,8443,,443" ],
|
||||
[ "modifyvm", "{{.Name}}", "--natpf1", "dashboard,tcp,,8001,0.0.0.0,8001" ],
|
||||
[ "modifyvm", "{{.Name}}", "--natpf1", "viper,tcp,,8888,0.0.0.0,8888" ],
|
||||
[ "modifyvm", "{{.Name}}", "--natpf1", "jupyter-notebook,tcp,,8889,0.0.0.0,8889" ],
|
||||
[ "modifyvm", "{{.Name}}", "--natpf1", "misp-modules,tcp,,1666,0.0.0.0,6666" ],
|
||||
[ "modifyvm", "{{.Name}}", "--audio", "none" ],
|
||||
[ "modifyvm", "{{.Name}}", "--graphicscontroller", "vmsvga" ],
|
||||
[ "modifyvm", "{{.Name}}", "--usb", "off" ],
|
||||
[ "modifyvm", "{{.Name}}", "--vrde", "off" ],
|
||||
[ "modifyvm", "{{.Name}}", "--cpus", "{{user `cpus`}}" ],
|
||||
[ "modifyvm", "{{.Name}}", "--vram", "32" ]
|
||||
],
|
||||
"vm_name": "{{user `vm_name`}}"
|
||||
},
|
||||
{
|
||||
"boot_command": [
|
||||
"{{ user `boot_command_prefix` }}",
|
||||
"autoinstall ds=nocloud-net;s=http://{{ .HTTPIP }}:{{ .HTTPPort }}/",
|
||||
"<enter>"
|
||||
],
|
||||
"boot_wait": "5s",
|
||||
"disk_size": "{{ user `disk_size` }}",
|
||||
"guest_os_type": "ubuntu-64",
|
||||
"headless": "{{ user `headless` }}",
|
||||
"http_directory": "http",
|
||||
"http_port_min": 9001,
|
||||
"http_port_max": 9011,
|
||||
"iso_checksum": "{{ user `iso_checksum` }}",
|
||||
"iso_checksum_type": "{{ user `iso_checksum_type` }}",
|
||||
"iso_urls": [
|
||||
"{{ user `iso_path` }}/{{ user `iso_name` }}",
|
||||
"{{ user `iso_url` }}"
|
||||
],
|
||||
"memory": "{{ user `memory` }}",
|
||||
"shutdown_command": "echo {{user `ssh_pass`}} |sudo -S shutdown -P now",
|
||||
"skip_compaction": false,
|
||||
"ssh_pty": "true",
|
||||
"ssh_timeout": "30m",
|
||||
"ssh_handshake_attempts": "90",
|
||||
"ssh_username": "{{user `ssh_user`}}",
|
||||
"ssh_password": "{{user `ssh_pass`}}",
|
||||
"type": "vmware-iso",
|
||||
"vm_name": "{{ user `vm_name` }}"
|
||||
}
|
||||
],
|
||||
"provisioners": [
|
||||
{
|
||||
"environment_vars": [
|
||||
"DESKTOP={{user `desktop`}}",
|
||||
"UPDATE={{user `update`}}",
|
||||
"http_proxy={{user `http_proxy`}}",
|
||||
"https_proxy={{user `https_proxy`}}",
|
||||
"no_proxy={{user `no_proxy`}}"
|
||||
],
|
||||
"execute_command": "echo '{{user `ssh_pass`}}' | {{ .Vars }} sudo -E -S sh '{{ .Path }}'",
|
||||
"inline": [
|
||||
"echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers"
|
||||
],
|
||||
"type": "shell"
|
||||
},
|
||||
{
|
||||
"execute_command": "echo '{{user `ssh_pass`}}' | {{ .Vars }} sudo -E -S sh '{{ .Path }}'",
|
||||
"script": "scripts/extend.sh",
|
||||
"type": "shell"
|
||||
},
|
||||
{
|
||||
"execute_command": "echo '{{user `ssh_pass`}}' | {{ .Vars }} sudo -E -S sh '{{ .Path }}'",
|
||||
"script": "scripts/users.sh",
|
||||
"type": "shell"
|
||||
},
|
||||
{
|
||||
"destination": "/tmp/INSTALL.sh",
|
||||
"source": "scripts/INSTALL.sh",
|
||||
"type": "file"
|
||||
},
|
||||
{
|
||||
"environment_vars": [
|
||||
"PACKER=1",
|
||||
"DEBIAN_FRONTEND=noninteractive"
|
||||
],
|
||||
"execute_command": "echo '{{user `ssh_pass`}}' | {{ .Vars }} sudo -u {{user `ssh_user`}} -E -S bash '{{ .Path }}'",
|
||||
"inline": [
|
||||
"chmod u+x /tmp/INSTALL.sh",
|
||||
"/tmp/INSTALL.sh -A -u"
|
||||
],
|
||||
"pause_before": "10s",
|
||||
"type": "shell"
|
||||
},
|
||||
{
|
||||
"destination": "/tmp/crontab",
|
||||
"source": "conffiles/crontab",
|
||||
"type": "file"
|
||||
},
|
||||
{
|
||||
"destination": "/tmp/issue",
|
||||
"source": "conffiles/issue",
|
||||
"type": "file"
|
||||
},
|
||||
{
|
||||
"execute_command": "echo '{{user `ssh_pass`}}' | {{ .Vars }} sudo -E -S sh '{{ .Path }}'",
|
||||
"expect_disconnect": "true",
|
||||
"pause_after": "30s",
|
||||
"pause_before": "10s",
|
||||
"script": "scripts/clean.sh",
|
||||
"type": "shell"
|
||||
}
|
||||
],
|
||||
"variables": {
|
||||
"boot_command_prefix": "<enter><enter><f6><esc><wait> ",
|
||||
"cpus": "1",
|
||||
"desktop": "false",
|
||||
"disk_size": "25000",
|
||||
"headless": "true",
|
||||
"hostname": "misp",
|
||||
"http_proxy": "{{env `http_proxy`}}",
|
||||
"https_proxy": "{{env `https_proxy`}}",
|
||||
"iso_checksum": "302c990c6d69575ff24c96566e5c7e26bf36908abb0cd546e22687c46fb07bf8dba595bf77a9d4fd9ab63e75c0437c133f35462fd41ea77f6f616140cd0e5e6a",
|
||||
"iso_checksum_type": "sha512",
|
||||
"iso_name": "ubuntu-20.04.1-live-server-amd64.iso",
|
||||
"iso_path": "iso",
|
||||
"iso_url": "https://releases.ubuntu.com/20.04/ubuntu-20.04.1-live-server-amd64.iso",
|
||||
"memory": "3072",
|
||||
"no_proxy": "{{env `no_proxy`}}",
|
||||
"ovftool_path": "ovftool",
|
||||
"ssh_fullname": "MISP User",
|
||||
"ssh_user": "misp",
|
||||
"ssh_pass": "Password1234",
|
||||
"update": "true",
|
||||
"vm_description": "MISP, is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threat about cyber security incidents analysis and malware analysis. MISP is designed by and for incident analysts, security and ICT professionals or malware reverser to support their day-to-day operations to share structured informations efficiently.",
|
||||
"vm_name": "MISP_demo",
|
||||
"vm_version": "2.4"
|
||||
}
|
||||
}
|
|
@ -0,0 +1,138 @@
|
|||
## Required plugins
|
||||
|
||||
packer {
|
||||
required_plugins {
|
||||
virtualbox = {
|
||||
version = ">= 0.0.1"
|
||||
source = "github.com/hashicorp/virtualbox"
|
||||
}
|
||||
vmware = {
|
||||
version = ">= 1.0.3"
|
||||
source = "github.com/hashicorp/vmware"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
## Source blocks
|
||||
|
||||
source "virtualbox-iso" "ubuntu" {
|
||||
boot_command = "${var.boot_command}"
|
||||
boot_wait = "${var.boot_wait_virtualbox}"
|
||||
cd_files = ["./cidata/meta-data","./cidata/virtualbox/user-data"]
|
||||
cd_label = "${var.cd_label}"
|
||||
// cpus = "${var.cpus}"
|
||||
disk_size = "${var.disk_size}"
|
||||
export_opts = [
|
||||
"--manifest",
|
||||
"--vsys", "0",
|
||||
"--description", "${var.vm_description}",
|
||||
"--version", "${var.vm_version}"
|
||||
]
|
||||
format = "ova"
|
||||
gfx_controller = "vmsvga"
|
||||
gfx_vram_size = "32"
|
||||
guest_additions_path = "VBoxGuestAdditions_{{ .Version }}.iso"
|
||||
guest_os_type = "Ubuntu_64"
|
||||
hard_drive_interface = "sata"
|
||||
headless = "${var.headless}"
|
||||
iso_checksum = "${var.iso_checksum_type}:${var.iso_checksum}"
|
||||
iso_urls = ["${var.iso_path}/${var.iso_name}", "${var.iso_url}"]
|
||||
memory = "${var.memory}"
|
||||
output_directory = "output/${var.vm_name}_virtualbox/"
|
||||
shutdown_command = "echo ${var.ssh_pass} | sudo -S shutdown -P now"
|
||||
ssh_handshake_attempts = "${var.ssh_handshake_attempts}"
|
||||
ssh_password = "${var.ssh_pass}"
|
||||
ssh_pty = "${var.ssh_pty}"
|
||||
ssh_timeout = "${var.ssh_timeout}"
|
||||
ssh_username = "${var.ssh_username}"
|
||||
vboxmanage = [
|
||||
["modifyvm", "{{ .Name }}", "--natpf1", "ssh,tcp,,2222,0.0.0.0,22"],
|
||||
["modifyvm", "{{ .Name }}", "--natpf1", "http,tcp,,8080,,80"],
|
||||
["modifyvm", "{{ .Name }}", "--natpf1", "https,tcp,,8443,,443"],
|
||||
["modifyvm", "{{ .Name }}", "--natpf1", "dashboard,tcp,,8001,0.0.0.0,8001"],
|
||||
["modifyvm", "{{ .Name }}", "--natpf1", "misp-modules,tcp,,1666,0.0.0.0,6666"],
|
||||
["modifyvm", "{{ .Name }}", "--vrde", "off"]
|
||||
]
|
||||
vm_name = "${var.vm_name}"
|
||||
}
|
||||
|
||||
source "vmware-iso" "ubuntu" {
|
||||
boot_command = "${var.boot_command}"
|
||||
boot_wait = "${var.boot_wait_vmware}"
|
||||
cd_files = ["./cidata/meta-data","./cidata/vmware/user-data"]
|
||||
cd_label = "${var.cd_label}"
|
||||
disk_size = "${var.disk_size}"
|
||||
guest_os_type = "ubuntu-64"
|
||||
headless = "${var.headless}"
|
||||
iso_checksum = "${var.iso_checksum_type}:${var.iso_checksum}"
|
||||
iso_urls = ["${var.iso_path}/${var.iso_name}", "${var.iso_url}"]
|
||||
memory = "${var.memory}"
|
||||
output_directory = "output/${var.vm_name}_vmware/"
|
||||
shutdown_command = "echo ${var.ssh_pass} |sudo -S shutdown -P now"
|
||||
skip_compaction = false
|
||||
ssh_handshake_attempts = "${var.ssh_handshake_attempts}"
|
||||
ssh_password = "${var.ssh_pass}"
|
||||
ssh_pty = "${var.ssh_pty}"
|
||||
ssh_timeout = "${var.ssh_timeout}"
|
||||
ssh_username = "${var.ssh_username}"
|
||||
tools_upload_flavor = "linux"
|
||||
vm_name = "${var.vm_name}"
|
||||
}
|
||||
|
||||
## Build blocks
|
||||
|
||||
build {
|
||||
sources = ["source.virtualbox-iso.ubuntu", "source.vmware-iso.ubuntu"]
|
||||
|
||||
provisioner "shell" {
|
||||
environment_vars = ["DESKTOP=${var.desktop}", "UPDATE=${var.update}", "http_proxy=${var.http_proxy}", "https_proxy=${var.https_proxy}", "no_proxy=${var.no_proxy}"]
|
||||
execute_command = "echo '${var.ssh_pass}' | {{ .Vars }} sudo -E -S sh '{{ .Path }}'"
|
||||
inline = ["echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers"]
|
||||
}
|
||||
|
||||
provisioner "shell" {
|
||||
execute_command = "echo '${var.ssh_pass}' | {{ .Vars }} sudo -E -S sh '{{ .Path }}'"
|
||||
script = "scripts/extend.sh"
|
||||
}
|
||||
|
||||
provisioner "shell" {
|
||||
execute_command = "echo '${var.ssh_pass}' | {{ .Vars }} sudo -E -S sh '{{ .Path }}'"
|
||||
script = "scripts/users.sh"
|
||||
}
|
||||
|
||||
provisioner "file" {
|
||||
destination = "/tmp/INSTALL.sh"
|
||||
source = "scripts/INSTALL.sh"
|
||||
}
|
||||
|
||||
provisioner "shell" {
|
||||
environment_vars = ["PACKER=1", "DEBIAN_FRONTEND=noninteractive"]
|
||||
execute_command = "echo '${var.ssh_pass}' | {{ .Vars }} sudo -u ${var.ssh_username} -E -S bash '{{ .Path }}'"
|
||||
inline = ["chmod u+x /tmp/INSTALL.sh", "/tmp/INSTALL.sh -A -u"]
|
||||
pause_before = "10s"
|
||||
}
|
||||
|
||||
provisioner "file" {
|
||||
destination = "/tmp/crontab"
|
||||
source = "conffiles/crontab"
|
||||
}
|
||||
|
||||
provisioner "file" {
|
||||
destination = "/tmp/issue"
|
||||
source = "conffiles/${trimsuffix(source.type, "-iso")}/issue"
|
||||
}
|
||||
|
||||
provisioner "shell" {
|
||||
execute_command = "echo '${var.ssh_pass}' | {{ .Vars }} sudo -E -S sh '{{ .Path }}'"
|
||||
expect_disconnect = "true"
|
||||
pause_after = "30s"
|
||||
pause_before = "10s"
|
||||
script = "scripts/clean.sh"
|
||||
}
|
||||
|
||||
post-processor "checksum" {
|
||||
checksum_types = ["sha256"]
|
||||
output = "output/${var.vm_name}_${trimsuffix(source.type, "-iso")}/${var.vm_name}_{{ .ChecksumType }}.checksum"
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,7 @@
|
|||
## Overide default variables to suit build.
|
||||
boot_wait_virtualbox = "7s"
|
||||
boot_wait_vmware = "10s"
|
||||
headless = "false"
|
||||
cpus = "2"
|
||||
memory = "4096"
|
||||
vm_name = "MISP-Ubuntu"
|
|
@ -0,0 +1,145 @@
|
|||
# Read the documentation for variables here:
|
||||
# https://www.packer.io/docs/templates/hcl_templates/variables
|
||||
|
||||
variable "boot_command" {
|
||||
type = list (string)
|
||||
default = [
|
||||
"<enter><wait2>",
|
||||
"<enter><wait2>",
|
||||
"<f6><esc><wait2>",
|
||||
"autoinstall<wait2>",
|
||||
"<spacebar>",
|
||||
"ds=nocloud;<wait2>",
|
||||
"<enter>"
|
||||
]
|
||||
}
|
||||
|
||||
variable "boot_wait_virtualbox" {
|
||||
type = string
|
||||
default = "5s"
|
||||
}
|
||||
|
||||
variable "boot_wait_vmware" {
|
||||
type = string
|
||||
default = "5s"
|
||||
}
|
||||
|
||||
variable "cd_label" {
|
||||
type = string
|
||||
default = "cidata"
|
||||
}
|
||||
|
||||
variable "cpus" {
|
||||
type = string
|
||||
default = "1"
|
||||
}
|
||||
|
||||
variable "desktop" {
|
||||
type = string
|
||||
default = "false"
|
||||
}
|
||||
|
||||
variable "disk_size" {
|
||||
type = string
|
||||
default = "25000"
|
||||
}
|
||||
|
||||
variable "headless" {
|
||||
type = string
|
||||
default = "true"
|
||||
}
|
||||
|
||||
variable "hostname" {
|
||||
type = string
|
||||
default = "misp"
|
||||
}
|
||||
|
||||
variable "http_proxy" {
|
||||
type = string
|
||||
default = "${env("http_proxy")}"
|
||||
}
|
||||
|
||||
variable "https_proxy" {
|
||||
type = string
|
||||
default = "${env("https_proxy")}"
|
||||
}
|
||||
|
||||
variable "iso_checksum" {
|
||||
type = string
|
||||
default = "https://releases.ubuntu.com/20.04/SHA256SUMS"
|
||||
}
|
||||
|
||||
variable "iso_checksum_type" {
|
||||
type = string
|
||||
default = "file"
|
||||
}
|
||||
|
||||
variable "iso_name" {
|
||||
type = string
|
||||
default = "ubuntu-20.04.4-live-server-amd64.iso"
|
||||
}
|
||||
|
||||
variable "iso_path" {
|
||||
type = string
|
||||
default = "iso"
|
||||
}
|
||||
|
||||
variable "iso_url" {
|
||||
type = string
|
||||
default = "https://releases.ubuntu.com/20.04/ubuntu-20.04.4-live-server-amd64.iso"
|
||||
}
|
||||
|
||||
variable "memory" {
|
||||
type = string
|
||||
default = "3072"
|
||||
}
|
||||
|
||||
variable "no_proxy" {
|
||||
type = string
|
||||
default = "${env("no_proxy")}"
|
||||
}
|
||||
|
||||
variable "ssh_handshake_attempts" {
|
||||
type = string
|
||||
default = "90"
|
||||
}
|
||||
|
||||
variable "ssh_pass" {
|
||||
type = string
|
||||
default = "Password1234"
|
||||
}
|
||||
|
||||
variable "ssh_username" {
|
||||
type = string
|
||||
default = "misp"
|
||||
}
|
||||
|
||||
variable "ssh_pty" {
|
||||
type = string
|
||||
default = "true"
|
||||
}
|
||||
|
||||
variable "ssh_timeout" {
|
||||
type = string
|
||||
default = "30m"
|
||||
}
|
||||
|
||||
variable "update" {
|
||||
type = string
|
||||
default = "true"
|
||||
}
|
||||
|
||||
variable "vm_description" {
|
||||
type = string
|
||||
default = "MISP, is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threat about cyber security incidents analysis and malware analysis. MISP is designed by and for incident analysts, security and ICT professionals or malware reverser to support their day-to-day operations to share structured informations efficiently."
|
||||
}
|
||||
|
||||
variable "vm_name" {
|
||||
type = string
|
||||
default = "MISP_demo"
|
||||
}
|
||||
|
||||
variable "vm_version" {
|
||||
type = string
|
||||
default = "2.4"
|
||||
}
|
121
verify.txt
121
verify.txt
|
@ -1,121 +0,0 @@
|
|||
How to verify the Automate MISP-VMs?
|
||||
------------------------------------
|
||||
|
||||
In this directory you will find the following files:
|
||||
|
||||
- OVA File (VirtualBox export of the VM)
|
||||
- ZIP File (ZIP Packae of the VMware VM)
|
||||
- ASC File (PGP Armored file of the above files)
|
||||
- checksums Directory (The directory with all the checksums of the above files)
|
||||
|
||||
Verify VirtualBox OVA
|
||||
---------------------
|
||||
|
||||
1. Download signatures
|
||||
|
||||
Download the OVA and the ASC into the same directory.
|
||||
|
||||
2. Verify signatures
|
||||
|
||||
On the command line verify the PGP signature first, example:
|
||||
|
||||
$ gpg --keyserver pgp.circl.lu --recv-key 0x34F20B13
|
||||
$ gpg --verify MISP_v2.4.107@latest.ova.asc MISP_v2.4.107@latest.ova
|
||||
gpg: Signature made Wed 15 May 2019 07:04:42 PM JST
|
||||
gpg: using RSA key EDEC891834F20B13
|
||||
gpg: Good signature from "CIRCL MISP (CIRCL MISP VM Release Key) <misp-vm@circl.lu>" [ultimate]
|
||||
|
||||
3. Download SFV files
|
||||
|
||||
Now download the checksum file and its signature, and verify.
|
||||
|
||||
$ wget https://www.circl.lu/misp-images/latest/checksums/MISP_v2.4.107@latest-CHECKSUM.sfv
|
||||
$ wget https://www.circl.lu/misp-images/latest/checksums/MISP_v2.4.107@latest-CHECKSUM.sfv.asc
|
||||
$ gpg --verify MISP_v2.4.107@latest-CHECKSUM.sfv.asc MISP_v2.4.107@latest-CHECKSUM.sfv
|
||||
gpg: Signature made Wed 15 May 2019 07:15:10 PM JST
|
||||
gpg: using RSA key EDEC891834F20B13
|
||||
gpg: BAD signature from "CIRCL MISP (CIRCL MISP VM Release Key) <misp-vm@circl.lu>" [ultimate]
|
||||
|
||||
If you get a BAD signature, please download again.
|
||||
|
||||
Next, use rhash or go with the manual way.
|
||||
|
||||
rhash
|
||||
-----
|
||||
|
||||
$ cat MISP_v2.4.107@latest-CHECKSUM.sfv |sed 's/@\(.*\)-/@latest-/g' |sed 's/@\(.*\).ova/@latest.ova/g' |rhash -c -v --percents -
|
||||
|
||||
--( Verifying MISP_v2.4.107@latest-CHECKSUM.sfv )-------------------------------
|
||||
MISP_v2.4.107@latest-VMware.zip OK
|
||||
MISP_v2.4.107@latest.ova OK
|
||||
--------------------------------------------------------------------------------
|
||||
Everything OK
|
||||
|
||||
Manual (not recommended)
|
||||
------------------------
|
||||
|
||||
Take any file you want to verify, with sha1-sum for example.
|
||||
|
||||
$ shasum MISP_v2.4.107@8a51109.nvram | cut -f 1 -d\ |grep -o -i -f - MISP_@8a51109.sfv
|
||||
D3A2EBF751E31C6972F89DEC4F57D69C4681A142
|
||||
|
||||
If you get back a shasum, it worked, the file is safe and sound.
|
||||
|
||||
Now you could do this, for all files, for all the checksums (sha1/256/384/512) OR just use rhash.
|
||||
|
||||
|
||||
Verify VMware
|
||||
-------------
|
||||
|
||||
1. Download signatures
|
||||
|
||||
Download the ZIP and the ASC into the same directory.
|
||||
|
||||
2. Verify signatures
|
||||
|
||||
On the command line verify the PGP signature first, example:
|
||||
|
||||
$ gpg --verify MISP_v2.4.107@latest-VMware.zip.asc MISP_v2.4.107@latest-VMware.zip
|
||||
gpg: Signature made Wed 15 May 2019 07:04:42 PM JST
|
||||
gpg: using RSA key EDEC891834F20B13
|
||||
gpg: Good signature from "CIRCL MISP (CIRCL MISP VM Release Key) <misp-vm@circl.lu>" [ultimate]
|
||||
|
||||
Do step number 3 from above.
|
||||
|
||||
$ unzip MISP_v2.4.107@latest-VMware.zip
|
||||
Archive: MISP_v2.4.107@latest-VMware.zip
|
||||
inflating: VMware/disk-s001.vmdk
|
||||
inflating: VMware/disk-s002.vmdk
|
||||
inflating: VMware/disk-s003.vmdk
|
||||
inflating: VMware/disk-s004.vmdk
|
||||
inflating: VMware/disk-s005.vmdk
|
||||
inflating: VMware/disk-s006.vmdk
|
||||
inflating: VMware/disk-s007.vmdk
|
||||
inflating: VMware/disk.vmdk
|
||||
inflating: VMware/MISP_v2.4@8a51109.sfv
|
||||
inflating: VMware/MISP_v2.4.107@8a51109.nvram
|
||||
extracting: VMware/MISP_v2.4.107@8a51109.vmsd
|
||||
inflating: VMware/MISP_v2.4.107@8a51109.vmx
|
||||
inflating: VMware/MISP_v2.4.107@8a51109.vmxf
|
||||
$ cd VMware
|
||||
$ rhash -c -v --percents MISP_v2.4@8a51109.sfv
|
||||
Config file: /etc/rhashrc
|
||||
|
||||
--( Verifying MISP_v2.4@8a51109.sfv )-----------------------------------------------
|
||||
disk-s001.vmdk OK
|
||||
disk-s002.vmdk OK
|
||||
disk-s003.vmdk OK
|
||||
disk-s004.vmdk OK
|
||||
disk-s005.vmdk OK
|
||||
disk-s006.vmdk OK
|
||||
disk-s007.vmdk OK
|
||||
disk.vmdk OK
|
||||
MISP_v2.4.107@8a51109.nvram OK
|
||||
MISP_v2.4.107@8a51109.vmsd OK
|
||||
MISP_v2.4.107@8a51109.vmx OK
|
||||
MISP_v2.4.107@8a51109.vmxf OK
|
||||
--------------------------------------------------------------------------------
|
||||
Everything OK
|
||||
|
||||
|
||||
You can be more or less confident that verything is fine.
|
Loading…
Reference in New Issue