Changement code, Ubuntu 20.04 installer

2023-06-02 11:52:43 +02:00 · 2023-06-02 11:52:43 +02:00 · a87b0bab62
parent e561d13a9a
commit a87b0bab62
8 changed files with 118 additions and 271 deletions
--- a/checkDeps.sh
+++ b/checkDeps.sh
@ -1,19 +1,38 @@
 #!/bin/bash

+#GOT_PACKER=$(which packer > /dev/null 2>&1; echo $?)
+#if [[ "${GOT_PACKER}" == 0 ]]; then
+#  echo "Packer detected, version: $(packer -v)"
+#  PACKER_RUN=$(which packer)
+#else
+#  echo "No packer binary detected, please make sure you installed it from: https://www.packer.io/downloads.html"
+#  exit 1
+#fi
+
+#GOT_RHASH=$(which rhash > /dev/null 2>&1; echo $?)
+#if [[ "${GOT_RHASH}" == 0 ]]; then
+#  echo "rhash detected, version: $(rhash --version)"
+#  RHASH_RUN=$(which rhash)
+#else
+#  echo "No rhash binary detected, please make sure you installed it."
+#  exit 1
+#fi
+
+
 GOT_PACKER=$(which packer > /dev/null 2>&1; echo $?)
 if [[ "${GOT_PACKER}" == 0 ]]; then
-  echo "Packer detected, version: $(packer -v)"
+  echo "Packer détecté, version : $(packer -v)"
  PACKER_RUN=$(which packer)
 else
-  echo "No packer binary detected, please make sure you installed it from: https://www.packer.io/downloads.html"
+  echo "Aucun binaire packer détecté, veuillez vous assurer de l'avoir installé à partir de : https://www.packer.io/downloads.html"
  exit 1
 fi

 GOT_RHASH=$(which rhash > /dev/null 2>&1; echo $?)
 if [[ "${GOT_RHASH}" == 0 ]]; then
-  echo "rhash detected, version: $(rhash --version)"
+  echo "rhash détecté, version : $(rhash --version)"
  RHASH_RUN=$(which rhash)
 else
-  echo "No rhash binary detected, please make sure you installed it."
+  echo "Aucun binaire rhash détecté, veuillez vous assurer de l'avoir installé."
  exit 1
 fi
--- a/config.sh
+++ b/config.sh
@ -1,6 +1,6 @@
 #!/bin/bash

-# Leave empty for NO debug messages, if run with set -x or bash -x it will enable DEBUG by default
+# Laissez vide pour désactiver les messages de débogage. S'il est exécuté avec set -x ou bash -x, il activera le mode DEBUG par défaut.
 DEBUG=

 case "$-" in
@ -8,12 +8,12 @@ case "$-" in
  *)    NO_PROGRESS=0 ;;
 esac

-# Name of the packer
+# Nom du packer
 PACKER_NAME="misp"
 PACKER_VM="MISP"
 NAME="${PACKER_NAME}-packer"

-# Configure your user and remote server
+# Configurez votre utilisateur et serveur distant
 REMOTE=1
 REL_USER="${PACKER_NAME}-release"
 REL_SERVER="cpab"
@ -22,16 +22,16 @@ REL_SERVER="cpab"
 GPG_ENABLED=1
 GPG_KEY="0x34F20B13"

-# Enable debug for packer, omit -debug to disable
+# Activer le débogage pour packer, omettre -debug pour le désactiver
 ##PACKER_DEBUG="-debug"

-# Enable logging and debug for packer
+# Activer l'enregistrement et le débogage pour packer
 export PACKER_LOG=1

 REPO="MISP/MISP"
 BRANCH="2.4"

-# SHAsums to be computed, note the -- notatiation is for ease of use with rhash
+# SOMmes de contrôle à calculer, notez la notation -- pour faciliter l'utilisation avec rhash
 SHA_SUMS="--sha1 --sha256 --sha384 --sha512"

 NAME_OF_INSTALLER="INSTALL.sh"
@ -39,16 +39,15 @@ PATH_TO_INSTALLER="scripts/${NAME_OF_INSTALLER}"
 URL_TO_INSTALLER="https://raw.githubusercontent.com/${REPO}/${BRANCH}/INSTALL/${NAME_OF_INSTALLER}"
 URL_TO_LICENSE="https://raw.githubusercontent.com/${REPO}/${BRANCH}/LICENSE"

-UBUNTU_VERSION="20.04"  # Update to Ubuntu 20.04
+UBUNTU_VERSION="20.04"  # Mettez à jour vers Ubuntu 20.04

 if [[ ! -z $DEBUG ]]; then
-  echo "Debug mode enabled."
+  echo "Mode de débogage activé."
  echo "-------------------"
  echo ""
-  echo "Some config info:"
-  echo "Using: $NAME"
-  [[ ! -z $GPG_ENABLED ]] && echo "GnuPG enabled with key $GPG_KEY"
-  [[ ! -z $PACKER_LOG ]] && echo "Packer Log enabled."
-  [[ ! -z $REMOTE ]] && echo "Remote deploy enabled with connection string: $REL_USER@$REL_SERVER"
+  echo "Informations de configuration :"
+  echo "Utilisation de : $NAME"
+  [[ ! -z $GPG_ENABLED ]] && echo "GnuPG activé avec la clé $GPG_KEY"
+  [[ ! -z $PACKER_LOG ]] && echo "Enregistrement Packer activé."
+  [[ ! -z $REMOTE ]] && echo "Déploiement distant activé avec la chaîne de connexion : $REL_USER@$REL_SERVER"
 fi
-
--- a/deploy.sh
+++ b/deploy.sh
@ -62,224 +62,5 @@ signify ()
  #
  # iQIcBAEBCAAGBQJcw139AAoJEO88ER/Pxlm557kP/2KCssWq9WF75XGSXuoALdpC
  # ptEoUNgHBwlv00YtUwRyyuPQ/VGE6Jst9dEN7m4CUJGDgeSm2X8hPkvGcJ+Ns3+C
-  # 9LJurJ603fetvDFm80mqIxY3yfGSpL6Oqh3ppXVo/UC62No9a3sfg1/Fhu0G6Uk0
-  # bgvRxTgjXFTS7pA5KEqB8d07jxJJF5Z6Xjkz/mHp5zoRLaBE7z2v0uYTXARf91x4
-  # shSFSjUapYL2DYpJCWY8u7ROchU9sqiZmZrzZ0OHNZ3TZhvs8LIySecBY5NZO9xt
-  # 5Y9WYvB1Ivw875I+DSARshJB+hLW6VIAwIZ+UMcdrv7xgS+lMkgG77H37yS/pZ+8
-  # bL+pZb6uFo8OzdFmPWVodw4P/3jA/NxiZJFF81/K/pLFg/TVP8i/vfWzWS50Bx9p
-  # yzm3hGUliFocAhDcAipE0rPFko4Gm+TmwMzgE8hGDgFblmEfdlOcLH6zH36YXzQp
-  # ATCeavjClaJU8292/64+YWROHVRaNXcLpYIW9pD8a0XRz/prGFdzNdDF52QC/CE2
-  # gmaFfo6ggn208ciXLQKvYlaKEZa6m3nmLi6neHBiOla05jL94UXdcpYjI9kuIGxj
-  # 60AQaPhVKzAE4Yjh7Zxf5RKxMCHMjw8oT730GXD2TRwnv0Dmx8Ioc6IYoLMF57t3
-  # zpjK0m3T8vNuHKr5deMp
-  # =8sTO
-  # -----END PGP SIGNATURE-----
-  ## Source: https://getfedora.org/en/static/checksums/Fedora-Server-30-1.2-x86_64-CHECKSUM
+  # 9LJurJ603fet.

-if [[ -z ${1} ]]; then
-  echo "This function needs an argument"
-  exit 1
-fi
-
-}
-
-convertSecs() {
-  ((h=${1}/3600))
-  ((m=(${1}%3600)/60))
-  ((s=${1}%60))
-  printf "%02d:%02d:%02d\n" ${h} ${m} ${s}
-}
-
-# Check if ponysay is installed. (https://github.com/erkin/ponysay)
-say () {
-  echo ${1} > /tmp/lastBuild.time
-  if [[ $(command -v ponysay) ]]; then
-    printf "\n\n\n\n\n"
-    ponysay -c ${1}
-  else
-    echo ${1}
-  fi
-}
-
-think () {
-  if [[ $(command -v ponythink) ]]; then
-    printf "\n\n\n\n\n"
-    ponythink -c ${1}
-  else
-    echo ${1}
-  fi
-}
-
-checkInstaller () {
-  /usr/bin/wget --no-cache -q -O ${PATH_TO_INSTALLER}.sfv ${URL_TO_INSTALLER}.sfv
-  rhash_chk=$(cd scripts ; ${RHASH_RUN} -c ${NAME_OF_INSTALLER}.sfv > /dev/null 2>&1; echo $?)
-  for sum in $(echo ${SHA_SUMS} |sed 's/--sha//g'); do
-    /usr/bin/wget --no-cache -q -O ${PATH_TO_INSTALLER}.sha${sum} ${URL_TO_INSTALLER}.sha${sum}
-    INSTsum=$(shasum -a ${sum} ${PATH_TO_INSTALLER} | cut -f1 -d\ )
-    chsum=$(cat ${PATH_TO_INSTALLER}.sha${sum} | cut -f1 -d\ )
-
-    if [[ ${chsum} == ${INSTsum} ]] && [[ ${rhash_chk} == 0 ]]; then
-      echo "sha${sum} matches"
-    else
-      echo "Either: sha${sum}: ${chsum} does not match the installer sum of: ${INSTsum}"
-      echo "Or: rhash failed on non Zero: ${rhash_chk}"
-      echo "Deleting installer, please run again."
-      rm ${PATH_TO_INSTALLER}
-      exit 1
-    fi
-  done
-}
-
-removeAll () {
-  # Remove files for next run
-  [[ -d "output-virtualbox-iso" ]] && rm -r output-virtualbox-iso
-  [[ -d "output-vmware-iso" ]] && rm -r output-vmware-iso
-  [[ -d "VMware" ]] && rm -r VMware
-  rm -f *.zip *.zip.asc *.sfv *.sfv.asc *.ova *.ova.asc index.html
-  rm ${PACKER_NAME}-deploy.json
-  rm script/INSTALL.sh*
-  rm /tmp/LICENSE-${PACKER_NAME}
-  rm /tmp/${PACKER_NAME}-vbox.done /tmp/${PACKER_NAME}-vmware.done
-}
-
-# TODO: Make it more graceful if files do not exist
-removeAll 2> /dev/null
-
-# Fetching latest MISP LICENSE
-NET_WGET=$(/usr/bin/wget -q -O /tmp/LICENSE-${PACKER_NAME} ${URL_TO_LICENSE}; echo $?)
-
-if [[ "$NET_WGET" != "0" ]]; then
-  echo "wget failed with error code: ${NET_WGET} - please fix."
-  exit $NET_WGET
-fi
-
-# Make sure the installer we run is the one that is currently on GitHub
-if [[ -e ${PATH_TO_INSTALLER} ]]; then
-  echo "Checking checksums"
-  checkInstaller
-else
-  /usr/bin/wget --no-cache -q -O ${PATH_TO_INSTALLER} ${URL_TO_INSTALLER}
-  checkInstaller
-fi
-
-# Check if latest build is still up to date, if not, roll and deploy new
-if [[ "${LATEST_COMMIT}" != "$(cat /tmp/${PACKER_NAME}-latest.sha)" ]]; then
-  echo "Current ${PACKER_VM} version is: ${VER}@${LATEST_COMMIT_SHORT}"
-
-  # Search and replace for vm_name and make sure we can easily identify the generated VMs
-  cat ${PACKER_NAME}.json| sed "s|\"vm_name\": \"${PACKER_VM}_demo\",|\"vm_name\": \"${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}\",|" > ${PACKER_NAME}-deploy.json
-
-  if [[ -z $DEBUG ]]; then
-    # Build virtualbox VM set
-    export PACKER_LOG_PATH="${PWD}/packerlog-vbox.txt"
-    ($PACKER_RUN build --on-error=cleanup -only=virtualbox-iso ${PACKER_NAME}-deploy.json ; echo $? > /tmp/${PACKER_NAME}-vbox.done) &
-
-  # Build vmware VM set
-    export PACKER_LOG_PATH="${PWD}/packerlog-vmware.txt"
-    ($PACKER_RUN build --on-error=cleanup -only=vmware-iso ${PACKER_NAME}-deploy.json ; echo $? > /tmp/${PACKER_NAME}-vmware.done) &
-
-  else
-    echo "Disabling // builds"
-    # Build virtualbox VM set
-    export PACKER_LOG_PATH="${PWD}/packerlog-vbox.txt"
-    ($PACKER_RUN build --on-error=cleanup -only=virtualbox-iso ${PACKER_NAME}-deploy.json ; echo $? > /tmp/${PACKER_NAME}-vbox.done)
-
-  # Build vmware VM set
-    export PACKER_LOG_PATH="${PWD}/packerlog-vmware.txt"
-    ($PACKER_RUN build --on-error=cleanup -only=vmware-iso ${PACKER_NAME}-deploy.json ; echo $? > /tmp/${PACKER_NAME}-vmware.done)
-    TIME_END=$(date +%s)
-    TIME_DELTA=$(expr ${TIME_END} - ${TIME_START})
-    TIME=$(convertSecs ${TIME_DELTA})
-    echo "So far the generation took ${TIME}"
-    echo ""
-    echo "Waiting for return key..."
-    read
-    #exit -1
-  fi
-
-  # The below waits for the above 2 parallel packer builds to finish
-  while [[ ! -f /tmp/${PACKER_NAME}-vmware.done ]]; do :; done
-  while [[ ! -f /tmp/${PACKER_NAME}-vbox.done   ]]; do :; done
-
-  # Prevent uploading only half a build
-  if [[ "$(cat /tmp/${PACKER_NAME}-vbox.done)" == "0" ]] && [[ "$(cat /tmp/${PACKER_NAME}-vmware.done)" == "0" ]]; then
-    # ZIPup all the vmware stuff
-    mv output-vmware-iso VMware
-    cd VMware
-    # TODO/FIXME: Use ${SHA_SUMS} instead of static --shaFOO
-    ${RHASH_RUN} --lowercase --sfv --sha1 --sha256 --sha384 --sha512 -o ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}.sfv *
-    cd ../
-    zip -r ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-VMware.zip VMware/*
-
-    mv output-virtualbox-iso/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}.ova .
-
-    # Create a hashfile for the zip
-    # TODO/FIXME: Use ${SHA_SUMS} instead of static --shaFOO
-    ${RHASH_RUN} --lowercase --sfv --sha1 --sha256 --sha384 --sha512 -o ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv *.zip *.ova
-
-    # Current file list of everything to gpg sign and transfer
-    FILE_LIST="${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-VMware.zip \
-               ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}.ova \
-               ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv"
-
-    # Create the latest MISP export directory
-    if [[ "${REMOTE}" == "1" ]]; then
-      ssh ${REL_USER}@${REL_SERVER} "mkdir -p export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT} ; mkdir -p export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums"
-      scp verify.txt ${REL_USER}@${REL_SERVER}:export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/
-    fi
-
-    # Sign and transfer files
-    for FILE in ${FILE_LIST}; do
-      if [[ "$GPG_ENABLED" == "1" ]]; then
-        if [[ "$GPG_KEY" == "0x" ]] || [[ -z "$GPG_KEY" ]]; then
-          gpg --armor --output ${FILE}.asc --detach-sig ${FILE}
-        else
-          gpg --armor -u ${GPG_KEY} --output ${FILE}.asc --detach-sig ${FILE}
-        fi
-        [[ "${REMOTE}" == "1" ]] && rsync -azvq --progress ${FILE}.asc ${REL_USER}@${REL_SERVER}:export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}
-      fi
-
-      if [[ "${REMOTE}" == "1" ]]; then
-        rsync -azvq --progress ${FILE} ${REL_USER}@${REL_SERVER}:export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}
-        ssh ${REL_USER}@${REL_SERVER} "rm export/latest ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT} export/latest ;\
-                                       rm export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv.asc ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv.asc export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv.asc"
-      fi
-    done
-
-    if [[ "${REMOTE}" == "1" ]]; then
-      ssh ${REL_USER}@${REL_SERVER} "chmod -R +r export ;\
-         mv export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv     export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums ;\
-         mv export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv.asc export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums ;\
-         rm export/${PACKER_VM}_${VER}@latest.ova              ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}.ova export/${PACKER_VM}_${VER}@latest.ova ;\
-         rm export/${PACKER_VM}_${VER}@latest.ova.asc          ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}.ova.asc export/${PACKER_VM}_${VER}@latest.ova.asc ;\
-         rm export/${PACKER_VM}_${VER}@latest-VMware.zip       ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-VMware.zip export/${PACKER_VM}_${VER}@latest-VMware.zip ;\
-         rm export/${PACKER_VM}_${VER}@latest-VMware.zip.asc   ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-VMware.zip.asc export/${PACKER_VM}_${VER}@latest-VMware.zip.asc ;\
-         rm export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv     ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv ;\
-         rm export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv.asc ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv.asc export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv.asc"
-    fi
-
-  else
-    echo "The packer exit code of VMware was: ${VMWARE_BUILD}"
-    echo "The packer exit code of VBox   was: ${VIRTUALBOX_BUILD}"
-    echo "--------------------------------------------------------------------------------"
-    echo "#fail" > /tmp/${PACKER_NAME}-latest.sha
-    removeAll 2> /dev/null
-    TIME_END=$(date +%s)
-    TIME_DELTA=$(expr ${TIME_END} - ${TIME_START})
-    TIME=$(convertSecs ${TIME_DELTA})
-    echo "The last generation took ${TIME}" |tee /tmp/${PACKER_NAME}-lastBuild.time
-    exit 1
-  fi
-
-  # Remove files for next run
-  removeAll 2> /dev/null
-  echo ${LATEST_COMMIT} > /tmp/${PACKER_NAME}-latest.sha
-  TIME_END=$(date +%s)
-  TIME_DELTA=$(expr ${TIME_END} - ${TIME_START})
-  TIME=$(convertSecs ${TIME_DELTA})
-
-  say "The last generation took ${TIME}"
-else
-  clear
-  think "Current ${PACKER_VM} version ${VER}@${LATEST_COMMIT_SHORT} is up to date."
-fi
--- a/misp.json
+++ b/misp.json
@ -248,7 +248,7 @@
    "iso_checksum_type": "sha512",
    "iso_name": "ubuntu-20.04.6-server-amd64.iso",
    "iso_path": "iso",
-    "iso_url": "http://cdimage.ubuntu.com/ubuntu/releases/focal/release/ubuntu-20.04.6-server-amd64.iso",
+    "iso_url": "https://releases.ubuntu.com/20.04.6/ubuntu-20.04.6-desktop-amd64.iso",
    "memory": "3072",
    "no_proxy": "{{env `no_proxy`}}",
    "ovftool_path": "ovftool",
--- a/scripts/clean.sh
+++ b/scripts/clean.sh
@ -32,3 +32,4 @@ rm /etc/apt/apt.conf.d/99progressbar
 # End Cleaning
 echo "VM cleaned and rebooting for automagic reas0ns."
 reboot
+
--- a/scripts/interfaces.sh
+++ b/scripts/interfaces.sh
@ -8,19 +8,23 @@
 # $ cp /tmp/interfaces.sh .

 echo "--- Using old style name (ethX) for interfaces"
-sed -r 's/^(GRUB_CMDLINE_LINUX=).*/\1\"net\.ifnames=0\ biosdevname=0\"/' /etc/default/grub | sudo tee /etc/default/grub > /dev/null
+sed -i 's/^\(GRUB_CMDLINE_LINUX=\).*/\1"net.ifnames=0 biosdevname=0"/' /etc/default/grub

-# install ifupdown since ubuntu 20.04
+# install ifupdown since ubuntu 18.04
 sudo apt update
 sudo apt install ifupdown -qqy

 # enable eth0
 echo "--- Configuring eth0"

-cat >> /etc/network/interfaces << EOF
-# The primary network interface
-auto eth0
-iface eth0 inet dhcp
+cat >> /etc/netplan/01-netcfg.yaml << EOF
+network:
+  version: 2
+  renderer: networkd
+  ethernets:
+    eth0:
+      dhcp4: true
 EOF

-update-grub > /dev/null 2>&1
+netplan apply
+
--- a/scripts/users.sh
+++ b/scripts/users.sh
@ -14,12 +14,48 @@
 #echo 'Dpkg::Progress-Fancy "0";' > /etc/apt/apt.conf.d/99progressbar
 #echo 'Dpkg::Use-Pty "0";' >> /etc/apt/apt.conf.d/99progressbar

+#echo "--- Configuring sudo"
+#echo "misp ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers.d/misp
+#chmod 0440 /etc/sudoers.d/misp
+
+#echo 'APT::ProgressBar::Fancy "0";' > /etc/apt/apt.conf.d/99progressbar
+#echo 'APT::Use-Pty "0";' >> /etc/apt/apt.conf.d/99progressbar


+#echo "--- Creating thehive user"
+#useradd -U -G sudo -m -s /bin/bash thehive
+#echo -e "thehive1234\nthehive1234" | passwd thehive
+
+#echo "--- Configuring sudo"
+#echo "thehive ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers.d/thehive
+#echo "misp ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers.d/misp
+#chmod 0440 /etc/sudoers.d/thehive
+#chmod 0440 /etc/sudoers.d/misp
+
+#echo 'APT::ProgressBar::Fancy "0";' > /etc/apt/apt.conf.d/99progressbar
+#echo 'APT::Use-Pty "0";' >> /etc/apt/apt.conf.d/99progressbar
+
+
+echo "--- Creating thehive user"
+useradd -U -G sudo -m -s /bin/bash thehive
+echo -e "thehive1234\nthehive1234" | chpasswd

 echo "--- Configuring sudo"
+echo "thehive ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers.d/thehive
 echo "misp ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers.d/misp
+chmod 0440 /etc/sudoers.d/thehive
 chmod 0440 /etc/sudoers.d/misp

 echo 'APT::ProgressBar::Fancy "0";' > /etc/apt/apt.conf.d/99progressbar
 echo 'APT::Use-Pty "0";' >> /etc/apt/apt.conf.d/99progressbar
+
+#préambule on dirait
+sudo apt update
+sudo apt upgrade -y
+
+
+
+# Upgrade to Ubuntu 20.04
+echo "--- Upgrading to Ubuntu 20.04"
+do-release-upgrade -f DistUpgradeViewNonInteractive
+
--- a/upload.sh
+++ b/upload.sh
@ -20,6 +20,9 @@
 #

 # Check dependencies.
+
+upload-github-release-asset.sh github_api_token=TOKEN owner=stefanbuck repo=playground tag=v0.1.0 filename=./build.zip
+
 set -e
 xargs=$(which gxargs || which xargs)

@ -29,36 +32,40 @@ xargs=$(which gxargs || which xargs)
 CONFIG=$@

 for line in $CONFIG; do
-	  eval "$line"
-  done
+  eval "$line"
+done

-  # Define variables.
-  GH_API="https://api.github.com"
-  GH_REPO="$GH_API/repos/$owner/$repo"
-  GH_TAGS="$GH_REPO/releases/tags/$tag"
-  AUTH="Authorization: token $github_api_token"
-  WGET_ARGS="--content-disposition --auth-no-challenge --no-cookie"
-  CURL_ARGS="-LJO#"
+# Define variables.
+GH_API="https://api.github.com"
+GH_REPO="$GH_API/repos/$owner/$repo"
+GH_TAGS="$GH_REPO/releases/tags/$tag"
+AUTH="Authorization: token $github_api_token"
+WGET_ARGS="--content-disposition --auth-no-challenge --no-cookie"
+CURL_ARGS="-LJO#"

-  if [[ "$tag" == 'LATEST' ]]; then
-	    GH_TAGS="$GH_REPO/releases/latest"
-    fi
+if [[ "$tag" == 'LATEST' ]]; then
+  GH_TAGS="$GH_REPO/releases/latest"
+fi

-    # Validate token.
-    curl -o /dev/null -sH "$AUTH" $GH_REPO || { echo "Error: Invalid repo, token or network issue!";  exit 1; }
+# Validate token.
+curl -o /dev/null -sH "$AUTH" $GH_REPO || { echo "Error: Invalid repo, token, or network issue!"; exit 1; }

-    # Read asset tags.
-    response=$(curl -sH "$AUTH" $GH_TAGS)
+# Read asset tags.
+response=$(curl -sH "$AUTH" $GH_TAGS)

-    # Get ID of the asset based on given filename.
-    eval $(echo "$response" | grep -m 1 "id.:" | grep -w id | tr : = | tr -cd '[[:alnum:]]=')
-    [ "$id" ] || { echo "Error: Failed to get release id for tag: $tag"; echo "$response" | awk 'length($0)<100' >&2; exit 1; }
+# Get ID of the asset based on the given filename.
+eval $(echo "$response" | grep -m 1 "id.:" | grep -w id | tr : = | tr -cd '[[:alnum:]]=')
+[ "$id" ] || { echo "Error: Failed to get release id for tag: $tag"; echo "$response" | awk 'length($0)<100' >&2; exit 1; }

-    # Upload asset
-    echo "Uploading asset... $localAssetPath" >&2
+# Upload asset
+echo "Uploading asset... $filename" >&2

-    # Construct url
-    GH_ASSET="https://uploads.github.com/repos/$owner/$repo/releases/$id/assets?name=$(basename $filename)"
+# Construct URL
+GH_ASSET="https://uploads.github.com/repos/$owner/$repo/releases/$id/assets?name=$(basename $filename)"
+
+# Install required packages
+apt-get update
+apt-get install -y curl
+
+curl "$GITHUB_OAUTH_BASIC" --data-binary @"$filename" -H "Authorization: token $github_api_token" -H "Content-Type: application/octet-stream" $GH_ASSET

-    curl "$GITHUB_OAUTH_BASIC" --data-binary @"$filename" -H "Authorization: token $github_api_token" -H "Content-Type: application/octet-stream" $GH_ASSET
-