mirror of https://github.com/MISP/misp-packer
Changement code, Ubuntu 20.04 installer
parent
e561d13a9a
commit
a87b0bab62
27
checkDeps.sh
27
checkDeps.sh
|
@ -1,19 +1,38 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
|
#GOT_PACKER=$(which packer > /dev/null 2>&1; echo $?)
|
||||||
|
#if [[ "${GOT_PACKER}" == 0 ]]; then
|
||||||
|
# echo "Packer detected, version: $(packer -v)"
|
||||||
|
# PACKER_RUN=$(which packer)
|
||||||
|
#else
|
||||||
|
# echo "No packer binary detected, please make sure you installed it from: https://www.packer.io/downloads.html"
|
||||||
|
# exit 1
|
||||||
|
#fi
|
||||||
|
|
||||||
|
#GOT_RHASH=$(which rhash > /dev/null 2>&1; echo $?)
|
||||||
|
#if [[ "${GOT_RHASH}" == 0 ]]; then
|
||||||
|
# echo "rhash detected, version: $(rhash --version)"
|
||||||
|
# RHASH_RUN=$(which rhash)
|
||||||
|
#else
|
||||||
|
# echo "No rhash binary detected, please make sure you installed it."
|
||||||
|
# exit 1
|
||||||
|
#fi
|
||||||
|
|
||||||
|
|
||||||
GOT_PACKER=$(which packer > /dev/null 2>&1; echo $?)
|
GOT_PACKER=$(which packer > /dev/null 2>&1; echo $?)
|
||||||
if [[ "${GOT_PACKER}" == 0 ]]; then
|
if [[ "${GOT_PACKER}" == 0 ]]; then
|
||||||
echo "Packer detected, version: $(packer -v)"
|
echo "Packer détecté, version : $(packer -v)"
|
||||||
PACKER_RUN=$(which packer)
|
PACKER_RUN=$(which packer)
|
||||||
else
|
else
|
||||||
echo "No packer binary detected, please make sure you installed it from: https://www.packer.io/downloads.html"
|
echo "Aucun binaire packer détecté, veuillez vous assurer de l'avoir installé à partir de : https://www.packer.io/downloads.html"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
GOT_RHASH=$(which rhash > /dev/null 2>&1; echo $?)
|
GOT_RHASH=$(which rhash > /dev/null 2>&1; echo $?)
|
||||||
if [[ "${GOT_RHASH}" == 0 ]]; then
|
if [[ "${GOT_RHASH}" == 0 ]]; then
|
||||||
echo "rhash detected, version: $(rhash --version)"
|
echo "rhash détecté, version : $(rhash --version)"
|
||||||
RHASH_RUN=$(which rhash)
|
RHASH_RUN=$(which rhash)
|
||||||
else
|
else
|
||||||
echo "No rhash binary detected, please make sure you installed it."
|
echo "Aucun binaire rhash détecté, veuillez vous assurer de l'avoir installé."
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
27
config.sh
27
config.sh
|
@ -1,6 +1,6 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
# Leave empty for NO debug messages, if run with set -x or bash -x it will enable DEBUG by default
|
# Laissez vide pour désactiver les messages de débogage. S'il est exécuté avec set -x ou bash -x, il activera le mode DEBUG par défaut.
|
||||||
DEBUG=
|
DEBUG=
|
||||||
|
|
||||||
case "$-" in
|
case "$-" in
|
||||||
|
@ -8,12 +8,12 @@ case "$-" in
|
||||||
*) NO_PROGRESS=0 ;;
|
*) NO_PROGRESS=0 ;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
# Name of the packer
|
# Nom du packer
|
||||||
PACKER_NAME="misp"
|
PACKER_NAME="misp"
|
||||||
PACKER_VM="MISP"
|
PACKER_VM="MISP"
|
||||||
NAME="${PACKER_NAME}-packer"
|
NAME="${PACKER_NAME}-packer"
|
||||||
|
|
||||||
# Configure your user and remote server
|
# Configurez votre utilisateur et serveur distant
|
||||||
REMOTE=1
|
REMOTE=1
|
||||||
REL_USER="${PACKER_NAME}-release"
|
REL_USER="${PACKER_NAME}-release"
|
||||||
REL_SERVER="cpab"
|
REL_SERVER="cpab"
|
||||||
|
@ -22,16 +22,16 @@ REL_SERVER="cpab"
|
||||||
GPG_ENABLED=1
|
GPG_ENABLED=1
|
||||||
GPG_KEY="0x34F20B13"
|
GPG_KEY="0x34F20B13"
|
||||||
|
|
||||||
# Enable debug for packer, omit -debug to disable
|
# Activer le débogage pour packer, omettre -debug pour le désactiver
|
||||||
##PACKER_DEBUG="-debug"
|
##PACKER_DEBUG="-debug"
|
||||||
|
|
||||||
# Enable logging and debug for packer
|
# Activer l'enregistrement et le débogage pour packer
|
||||||
export PACKER_LOG=1
|
export PACKER_LOG=1
|
||||||
|
|
||||||
REPO="MISP/MISP"
|
REPO="MISP/MISP"
|
||||||
BRANCH="2.4"
|
BRANCH="2.4"
|
||||||
|
|
||||||
# SHAsums to be computed, note the -- notatiation is for ease of use with rhash
|
# SOMmes de contrôle à calculer, notez la notation -- pour faciliter l'utilisation avec rhash
|
||||||
SHA_SUMS="--sha1 --sha256 --sha384 --sha512"
|
SHA_SUMS="--sha1 --sha256 --sha384 --sha512"
|
||||||
|
|
||||||
NAME_OF_INSTALLER="INSTALL.sh"
|
NAME_OF_INSTALLER="INSTALL.sh"
|
||||||
|
@ -39,16 +39,15 @@ PATH_TO_INSTALLER="scripts/${NAME_OF_INSTALLER}"
|
||||||
URL_TO_INSTALLER="https://raw.githubusercontent.com/${REPO}/${BRANCH}/INSTALL/${NAME_OF_INSTALLER}"
|
URL_TO_INSTALLER="https://raw.githubusercontent.com/${REPO}/${BRANCH}/INSTALL/${NAME_OF_INSTALLER}"
|
||||||
URL_TO_LICENSE="https://raw.githubusercontent.com/${REPO}/${BRANCH}/LICENSE"
|
URL_TO_LICENSE="https://raw.githubusercontent.com/${REPO}/${BRANCH}/LICENSE"
|
||||||
|
|
||||||
UBUNTU_VERSION="20.04" # Update to Ubuntu 20.04
|
UBUNTU_VERSION="20.04" # Mettez à jour vers Ubuntu 20.04
|
||||||
|
|
||||||
if [[ ! -z $DEBUG ]]; then
|
if [[ ! -z $DEBUG ]]; then
|
||||||
echo "Debug mode enabled."
|
echo "Mode de débogage activé."
|
||||||
echo "-------------------"
|
echo "-------------------"
|
||||||
echo ""
|
echo ""
|
||||||
echo "Some config info:"
|
echo "Informations de configuration :"
|
||||||
echo "Using: $NAME"
|
echo "Utilisation de : $NAME"
|
||||||
[[ ! -z $GPG_ENABLED ]] && echo "GnuPG enabled with key $GPG_KEY"
|
[[ ! -z $GPG_ENABLED ]] && echo "GnuPG activé avec la clé $GPG_KEY"
|
||||||
[[ ! -z $PACKER_LOG ]] && echo "Packer Log enabled."
|
[[ ! -z $PACKER_LOG ]] && echo "Enregistrement Packer activé."
|
||||||
[[ ! -z $REMOTE ]] && echo "Remote deploy enabled with connection string: $REL_USER@$REL_SERVER"
|
[[ ! -z $REMOTE ]] && echo "Déploiement distant activé avec la chaîne de connexion : $REL_USER@$REL_SERVER"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
221
deploy.sh
221
deploy.sh
|
@ -62,224 +62,5 @@ signify ()
|
||||||
#
|
#
|
||||||
# iQIcBAEBCAAGBQJcw139AAoJEO88ER/Pxlm557kP/2KCssWq9WF75XGSXuoALdpC
|
# iQIcBAEBCAAGBQJcw139AAoJEO88ER/Pxlm557kP/2KCssWq9WF75XGSXuoALdpC
|
||||||
# ptEoUNgHBwlv00YtUwRyyuPQ/VGE6Jst9dEN7m4CUJGDgeSm2X8hPkvGcJ+Ns3+C
|
# ptEoUNgHBwlv00YtUwRyyuPQ/VGE6Jst9dEN7m4CUJGDgeSm2X8hPkvGcJ+Ns3+C
|
||||||
# 9LJurJ603fetvDFm80mqIxY3yfGSpL6Oqh3ppXVo/UC62No9a3sfg1/Fhu0G6Uk0
|
# 9LJurJ603fet.
|
||||||
# bgvRxTgjXFTS7pA5KEqB8d07jxJJF5Z6Xjkz/mHp5zoRLaBE7z2v0uYTXARf91x4
|
|
||||||
# shSFSjUapYL2DYpJCWY8u7ROchU9sqiZmZrzZ0OHNZ3TZhvs8LIySecBY5NZO9xt
|
|
||||||
# 5Y9WYvB1Ivw875I+DSARshJB+hLW6VIAwIZ+UMcdrv7xgS+lMkgG77H37yS/pZ+8
|
|
||||||
# bL+pZb6uFo8OzdFmPWVodw4P/3jA/NxiZJFF81/K/pLFg/TVP8i/vfWzWS50Bx9p
|
|
||||||
# yzm3hGUliFocAhDcAipE0rPFko4Gm+TmwMzgE8hGDgFblmEfdlOcLH6zH36YXzQp
|
|
||||||
# ATCeavjClaJU8292/64+YWROHVRaNXcLpYIW9pD8a0XRz/prGFdzNdDF52QC/CE2
|
|
||||||
# gmaFfo6ggn208ciXLQKvYlaKEZa6m3nmLi6neHBiOla05jL94UXdcpYjI9kuIGxj
|
|
||||||
# 60AQaPhVKzAE4Yjh7Zxf5RKxMCHMjw8oT730GXD2TRwnv0Dmx8Ioc6IYoLMF57t3
|
|
||||||
# zpjK0m3T8vNuHKr5deMp
|
|
||||||
# =8sTO
|
|
||||||
# -----END PGP SIGNATURE-----
|
|
||||||
## Source: https://getfedora.org/en/static/checksums/Fedora-Server-30-1.2-x86_64-CHECKSUM
|
|
||||||
|
|
||||||
if [[ -z ${1} ]]; then
|
|
||||||
echo "This function needs an argument"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
convertSecs() {
|
|
||||||
((h=${1}/3600))
|
|
||||||
((m=(${1}%3600)/60))
|
|
||||||
((s=${1}%60))
|
|
||||||
printf "%02d:%02d:%02d\n" ${h} ${m} ${s}
|
|
||||||
}
|
|
||||||
|
|
||||||
# Check if ponysay is installed. (https://github.com/erkin/ponysay)
|
|
||||||
say () {
|
|
||||||
echo ${1} > /tmp/lastBuild.time
|
|
||||||
if [[ $(command -v ponysay) ]]; then
|
|
||||||
printf "\n\n\n\n\n"
|
|
||||||
ponysay -c ${1}
|
|
||||||
else
|
|
||||||
echo ${1}
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
think () {
|
|
||||||
if [[ $(command -v ponythink) ]]; then
|
|
||||||
printf "\n\n\n\n\n"
|
|
||||||
ponythink -c ${1}
|
|
||||||
else
|
|
||||||
echo ${1}
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
checkInstaller () {
|
|
||||||
/usr/bin/wget --no-cache -q -O ${PATH_TO_INSTALLER}.sfv ${URL_TO_INSTALLER}.sfv
|
|
||||||
rhash_chk=$(cd scripts ; ${RHASH_RUN} -c ${NAME_OF_INSTALLER}.sfv > /dev/null 2>&1; echo $?)
|
|
||||||
for sum in $(echo ${SHA_SUMS} |sed 's/--sha//g'); do
|
|
||||||
/usr/bin/wget --no-cache -q -O ${PATH_TO_INSTALLER}.sha${sum} ${URL_TO_INSTALLER}.sha${sum}
|
|
||||||
INSTsum=$(shasum -a ${sum} ${PATH_TO_INSTALLER} | cut -f1 -d\ )
|
|
||||||
chsum=$(cat ${PATH_TO_INSTALLER}.sha${sum} | cut -f1 -d\ )
|
|
||||||
|
|
||||||
if [[ ${chsum} == ${INSTsum} ]] && [[ ${rhash_chk} == 0 ]]; then
|
|
||||||
echo "sha${sum} matches"
|
|
||||||
else
|
|
||||||
echo "Either: sha${sum}: ${chsum} does not match the installer sum of: ${INSTsum}"
|
|
||||||
echo "Or: rhash failed on non Zero: ${rhash_chk}"
|
|
||||||
echo "Deleting installer, please run again."
|
|
||||||
rm ${PATH_TO_INSTALLER}
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
}
|
|
||||||
|
|
||||||
removeAll () {
|
|
||||||
# Remove files for next run
|
|
||||||
[[ -d "output-virtualbox-iso" ]] && rm -r output-virtualbox-iso
|
|
||||||
[[ -d "output-vmware-iso" ]] && rm -r output-vmware-iso
|
|
||||||
[[ -d "VMware" ]] && rm -r VMware
|
|
||||||
rm -f *.zip *.zip.asc *.sfv *.sfv.asc *.ova *.ova.asc index.html
|
|
||||||
rm ${PACKER_NAME}-deploy.json
|
|
||||||
rm script/INSTALL.sh*
|
|
||||||
rm /tmp/LICENSE-${PACKER_NAME}
|
|
||||||
rm /tmp/${PACKER_NAME}-vbox.done /tmp/${PACKER_NAME}-vmware.done
|
|
||||||
}
|
|
||||||
|
|
||||||
# TODO: Make it more graceful if files do not exist
|
|
||||||
removeAll 2> /dev/null
|
|
||||||
|
|
||||||
# Fetching latest MISP LICENSE
|
|
||||||
NET_WGET=$(/usr/bin/wget -q -O /tmp/LICENSE-${PACKER_NAME} ${URL_TO_LICENSE}; echo $?)
|
|
||||||
|
|
||||||
if [[ "$NET_WGET" != "0" ]]; then
|
|
||||||
echo "wget failed with error code: ${NET_WGET} - please fix."
|
|
||||||
exit $NET_WGET
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Make sure the installer we run is the one that is currently on GitHub
|
|
||||||
if [[ -e ${PATH_TO_INSTALLER} ]]; then
|
|
||||||
echo "Checking checksums"
|
|
||||||
checkInstaller
|
|
||||||
else
|
|
||||||
/usr/bin/wget --no-cache -q -O ${PATH_TO_INSTALLER} ${URL_TO_INSTALLER}
|
|
||||||
checkInstaller
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Check if latest build is still up to date, if not, roll and deploy new
|
|
||||||
if [[ "${LATEST_COMMIT}" != "$(cat /tmp/${PACKER_NAME}-latest.sha)" ]]; then
|
|
||||||
echo "Current ${PACKER_VM} version is: ${VER}@${LATEST_COMMIT_SHORT}"
|
|
||||||
|
|
||||||
# Search and replace for vm_name and make sure we can easily identify the generated VMs
|
|
||||||
cat ${PACKER_NAME}.json| sed "s|\"vm_name\": \"${PACKER_VM}_demo\",|\"vm_name\": \"${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}\",|" > ${PACKER_NAME}-deploy.json
|
|
||||||
|
|
||||||
if [[ -z $DEBUG ]]; then
|
|
||||||
# Build virtualbox VM set
|
|
||||||
export PACKER_LOG_PATH="${PWD}/packerlog-vbox.txt"
|
|
||||||
($PACKER_RUN build --on-error=cleanup -only=virtualbox-iso ${PACKER_NAME}-deploy.json ; echo $? > /tmp/${PACKER_NAME}-vbox.done) &
|
|
||||||
|
|
||||||
# Build vmware VM set
|
|
||||||
export PACKER_LOG_PATH="${PWD}/packerlog-vmware.txt"
|
|
||||||
($PACKER_RUN build --on-error=cleanup -only=vmware-iso ${PACKER_NAME}-deploy.json ; echo $? > /tmp/${PACKER_NAME}-vmware.done) &
|
|
||||||
|
|
||||||
else
|
|
||||||
echo "Disabling // builds"
|
|
||||||
# Build virtualbox VM set
|
|
||||||
export PACKER_LOG_PATH="${PWD}/packerlog-vbox.txt"
|
|
||||||
($PACKER_RUN build --on-error=cleanup -only=virtualbox-iso ${PACKER_NAME}-deploy.json ; echo $? > /tmp/${PACKER_NAME}-vbox.done)
|
|
||||||
|
|
||||||
# Build vmware VM set
|
|
||||||
export PACKER_LOG_PATH="${PWD}/packerlog-vmware.txt"
|
|
||||||
($PACKER_RUN build --on-error=cleanup -only=vmware-iso ${PACKER_NAME}-deploy.json ; echo $? > /tmp/${PACKER_NAME}-vmware.done)
|
|
||||||
TIME_END=$(date +%s)
|
|
||||||
TIME_DELTA=$(expr ${TIME_END} - ${TIME_START})
|
|
||||||
TIME=$(convertSecs ${TIME_DELTA})
|
|
||||||
echo "So far the generation took ${TIME}"
|
|
||||||
echo ""
|
|
||||||
echo "Waiting for return key..."
|
|
||||||
read
|
|
||||||
#exit -1
|
|
||||||
fi
|
|
||||||
|
|
||||||
# The below waits for the above 2 parallel packer builds to finish
|
|
||||||
while [[ ! -f /tmp/${PACKER_NAME}-vmware.done ]]; do :; done
|
|
||||||
while [[ ! -f /tmp/${PACKER_NAME}-vbox.done ]]; do :; done
|
|
||||||
|
|
||||||
# Prevent uploading only half a build
|
|
||||||
if [[ "$(cat /tmp/${PACKER_NAME}-vbox.done)" == "0" ]] && [[ "$(cat /tmp/${PACKER_NAME}-vmware.done)" == "0" ]]; then
|
|
||||||
# ZIPup all the vmware stuff
|
|
||||||
mv output-vmware-iso VMware
|
|
||||||
cd VMware
|
|
||||||
# TODO/FIXME: Use ${SHA_SUMS} instead of static --shaFOO
|
|
||||||
${RHASH_RUN} --lowercase --sfv --sha1 --sha256 --sha384 --sha512 -o ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}.sfv *
|
|
||||||
cd ../
|
|
||||||
zip -r ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-VMware.zip VMware/*
|
|
||||||
|
|
||||||
mv output-virtualbox-iso/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}.ova .
|
|
||||||
|
|
||||||
# Create a hashfile for the zip
|
|
||||||
# TODO/FIXME: Use ${SHA_SUMS} instead of static --shaFOO
|
|
||||||
${RHASH_RUN} --lowercase --sfv --sha1 --sha256 --sha384 --sha512 -o ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv *.zip *.ova
|
|
||||||
|
|
||||||
# Current file list of everything to gpg sign and transfer
|
|
||||||
FILE_LIST="${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-VMware.zip \
|
|
||||||
${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}.ova \
|
|
||||||
${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv"
|
|
||||||
|
|
||||||
# Create the latest MISP export directory
|
|
||||||
if [[ "${REMOTE}" == "1" ]]; then
|
|
||||||
ssh ${REL_USER}@${REL_SERVER} "mkdir -p export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT} ; mkdir -p export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums"
|
|
||||||
scp verify.txt ${REL_USER}@${REL_SERVER}:export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Sign and transfer files
|
|
||||||
for FILE in ${FILE_LIST}; do
|
|
||||||
if [[ "$GPG_ENABLED" == "1" ]]; then
|
|
||||||
if [[ "$GPG_KEY" == "0x" ]] || [[ -z "$GPG_KEY" ]]; then
|
|
||||||
gpg --armor --output ${FILE}.asc --detach-sig ${FILE}
|
|
||||||
else
|
|
||||||
gpg --armor -u ${GPG_KEY} --output ${FILE}.asc --detach-sig ${FILE}
|
|
||||||
fi
|
|
||||||
[[ "${REMOTE}" == "1" ]] && rsync -azvq --progress ${FILE}.asc ${REL_USER}@${REL_SERVER}:export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ "${REMOTE}" == "1" ]]; then
|
|
||||||
rsync -azvq --progress ${FILE} ${REL_USER}@${REL_SERVER}:export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}
|
|
||||||
ssh ${REL_USER}@${REL_SERVER} "rm export/latest ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT} export/latest ;\
|
|
||||||
rm export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv.asc ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv.asc export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv.asc"
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
if [[ "${REMOTE}" == "1" ]]; then
|
|
||||||
ssh ${REL_USER}@${REL_SERVER} "chmod -R +r export ;\
|
|
||||||
mv export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums ;\
|
|
||||||
mv export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv.asc export/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums ;\
|
|
||||||
rm export/${PACKER_VM}_${VER}@latest.ova ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}.ova export/${PACKER_VM}_${VER}@latest.ova ;\
|
|
||||||
rm export/${PACKER_VM}_${VER}@latest.ova.asc ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}.ova.asc export/${PACKER_VM}_${VER}@latest.ova.asc ;\
|
|
||||||
rm export/${PACKER_VM}_${VER}@latest-VMware.zip ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-VMware.zip export/${PACKER_VM}_${VER}@latest-VMware.zip ;\
|
|
||||||
rm export/${PACKER_VM}_${VER}@latest-VMware.zip.asc ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-VMware.zip.asc export/${PACKER_VM}_${VER}@latest-VMware.zip.asc ;\
|
|
||||||
rm export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv ;\
|
|
||||||
rm export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv.asc ; ln -s ${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}/checksums/${PACKER_VM}_${VER}@${LATEST_COMMIT_SHORT}-CHECKSUM.sfv.asc export/${PACKER_VM}_${VER}@latest-CHECKSUM.sfv.asc"
|
|
||||||
fi
|
|
||||||
|
|
||||||
else
|
|
||||||
echo "The packer exit code of VMware was: ${VMWARE_BUILD}"
|
|
||||||
echo "The packer exit code of VBox was: ${VIRTUALBOX_BUILD}"
|
|
||||||
echo "--------------------------------------------------------------------------------"
|
|
||||||
echo "#fail" > /tmp/${PACKER_NAME}-latest.sha
|
|
||||||
removeAll 2> /dev/null
|
|
||||||
TIME_END=$(date +%s)
|
|
||||||
TIME_DELTA=$(expr ${TIME_END} - ${TIME_START})
|
|
||||||
TIME=$(convertSecs ${TIME_DELTA})
|
|
||||||
echo "The last generation took ${TIME}" |tee /tmp/${PACKER_NAME}-lastBuild.time
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Remove files for next run
|
|
||||||
removeAll 2> /dev/null
|
|
||||||
echo ${LATEST_COMMIT} > /tmp/${PACKER_NAME}-latest.sha
|
|
||||||
TIME_END=$(date +%s)
|
|
||||||
TIME_DELTA=$(expr ${TIME_END} - ${TIME_START})
|
|
||||||
TIME=$(convertSecs ${TIME_DELTA})
|
|
||||||
|
|
||||||
say "The last generation took ${TIME}"
|
|
||||||
else
|
|
||||||
clear
|
|
||||||
think "Current ${PACKER_VM} version ${VER}@${LATEST_COMMIT_SHORT} is up to date."
|
|
||||||
fi
|
|
||||||
|
|
|
@ -248,7 +248,7 @@
|
||||||
"iso_checksum_type": "sha512",
|
"iso_checksum_type": "sha512",
|
||||||
"iso_name": "ubuntu-20.04.6-server-amd64.iso",
|
"iso_name": "ubuntu-20.04.6-server-amd64.iso",
|
||||||
"iso_path": "iso",
|
"iso_path": "iso",
|
||||||
"iso_url": "http://cdimage.ubuntu.com/ubuntu/releases/focal/release/ubuntu-20.04.6-server-amd64.iso",
|
"iso_url": "https://releases.ubuntu.com/20.04.6/ubuntu-20.04.6-desktop-amd64.iso",
|
||||||
"memory": "3072",
|
"memory": "3072",
|
||||||
"no_proxy": "{{env `no_proxy`}}",
|
"no_proxy": "{{env `no_proxy`}}",
|
||||||
"ovftool_path": "ovftool",
|
"ovftool_path": "ovftool",
|
||||||
|
|
|
@ -32,3 +32,4 @@ rm /etc/apt/apt.conf.d/99progressbar
|
||||||
# End Cleaning
|
# End Cleaning
|
||||||
echo "VM cleaned and rebooting for automagic reas0ns."
|
echo "VM cleaned and rebooting for automagic reas0ns."
|
||||||
reboot
|
reboot
|
||||||
|
|
||||||
|
|
|
@ -8,19 +8,23 @@
|
||||||
# $ cp /tmp/interfaces.sh .
|
# $ cp /tmp/interfaces.sh .
|
||||||
|
|
||||||
echo "--- Using old style name (ethX) for interfaces"
|
echo "--- Using old style name (ethX) for interfaces"
|
||||||
sed -r 's/^(GRUB_CMDLINE_LINUX=).*/\1\"net\.ifnames=0\ biosdevname=0\"/' /etc/default/grub | sudo tee /etc/default/grub > /dev/null
|
sed -i 's/^\(GRUB_CMDLINE_LINUX=\).*/\1"net.ifnames=0 biosdevname=0"/' /etc/default/grub
|
||||||
|
|
||||||
# install ifupdown since ubuntu 20.04
|
# install ifupdown since ubuntu 18.04
|
||||||
sudo apt update
|
sudo apt update
|
||||||
sudo apt install ifupdown -qqy
|
sudo apt install ifupdown -qqy
|
||||||
|
|
||||||
# enable eth0
|
# enable eth0
|
||||||
echo "--- Configuring eth0"
|
echo "--- Configuring eth0"
|
||||||
|
|
||||||
cat >> /etc/network/interfaces << EOF
|
cat >> /etc/netplan/01-netcfg.yaml << EOF
|
||||||
# The primary network interface
|
network:
|
||||||
auto eth0
|
version: 2
|
||||||
iface eth0 inet dhcp
|
renderer: networkd
|
||||||
|
ethernets:
|
||||||
|
eth0:
|
||||||
|
dhcp4: true
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
update-grub > /dev/null 2>&1
|
netplan apply
|
||||||
|
|
||||||
|
|
|
@ -14,12 +14,48 @@
|
||||||
#echo 'Dpkg::Progress-Fancy "0";' > /etc/apt/apt.conf.d/99progressbar
|
#echo 'Dpkg::Progress-Fancy "0";' > /etc/apt/apt.conf.d/99progressbar
|
||||||
#echo 'Dpkg::Use-Pty "0";' >> /etc/apt/apt.conf.d/99progressbar
|
#echo 'Dpkg::Use-Pty "0";' >> /etc/apt/apt.conf.d/99progressbar
|
||||||
|
|
||||||
|
#echo "--- Configuring sudo"
|
||||||
|
#echo "misp ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers.d/misp
|
||||||
|
#chmod 0440 /etc/sudoers.d/misp
|
||||||
|
|
||||||
|
#echo 'APT::ProgressBar::Fancy "0";' > /etc/apt/apt.conf.d/99progressbar
|
||||||
|
#echo 'APT::Use-Pty "0";' >> /etc/apt/apt.conf.d/99progressbar
|
||||||
|
|
||||||
|
|
||||||
|
#echo "--- Creating thehive user"
|
||||||
|
#useradd -U -G sudo -m -s /bin/bash thehive
|
||||||
|
#echo -e "thehive1234\nthehive1234" | passwd thehive
|
||||||
|
|
||||||
|
#echo "--- Configuring sudo"
|
||||||
|
#echo "thehive ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers.d/thehive
|
||||||
|
#echo "misp ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers.d/misp
|
||||||
|
#chmod 0440 /etc/sudoers.d/thehive
|
||||||
|
#chmod 0440 /etc/sudoers.d/misp
|
||||||
|
|
||||||
|
#echo 'APT::ProgressBar::Fancy "0";' > /etc/apt/apt.conf.d/99progressbar
|
||||||
|
#echo 'APT::Use-Pty "0";' >> /etc/apt/apt.conf.d/99progressbar
|
||||||
|
|
||||||
|
|
||||||
|
echo "--- Creating thehive user"
|
||||||
|
useradd -U -G sudo -m -s /bin/bash thehive
|
||||||
|
echo -e "thehive1234\nthehive1234" | chpasswd
|
||||||
|
|
||||||
echo "--- Configuring sudo"
|
echo "--- Configuring sudo"
|
||||||
|
echo "thehive ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers.d/thehive
|
||||||
echo "misp ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers.d/misp
|
echo "misp ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers.d/misp
|
||||||
|
chmod 0440 /etc/sudoers.d/thehive
|
||||||
chmod 0440 /etc/sudoers.d/misp
|
chmod 0440 /etc/sudoers.d/misp
|
||||||
|
|
||||||
echo 'APT::ProgressBar::Fancy "0";' > /etc/apt/apt.conf.d/99progressbar
|
echo 'APT::ProgressBar::Fancy "0";' > /etc/apt/apt.conf.d/99progressbar
|
||||||
echo 'APT::Use-Pty "0";' >> /etc/apt/apt.conf.d/99progressbar
|
echo 'APT::Use-Pty "0";' >> /etc/apt/apt.conf.d/99progressbar
|
||||||
|
|
||||||
|
#préambule on dirait
|
||||||
|
sudo apt update
|
||||||
|
sudo apt upgrade -y
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# Upgrade to Ubuntu 20.04
|
||||||
|
echo "--- Upgrading to Ubuntu 20.04"
|
||||||
|
do-release-upgrade -f DistUpgradeViewNonInteractive
|
||||||
|
|
||||||
|
|
55
upload.sh
55
upload.sh
|
@ -20,6 +20,9 @@
|
||||||
#
|
#
|
||||||
|
|
||||||
# Check dependencies.
|
# Check dependencies.
|
||||||
|
|
||||||
|
upload-github-release-asset.sh github_api_token=TOKEN owner=stefanbuck repo=playground tag=v0.1.0 filename=./build.zip
|
||||||
|
|
||||||
set -e
|
set -e
|
||||||
xargs=$(which gxargs || which xargs)
|
xargs=$(which gxargs || which xargs)
|
||||||
|
|
||||||
|
@ -29,36 +32,40 @@ xargs=$(which gxargs || which xargs)
|
||||||
CONFIG=$@
|
CONFIG=$@
|
||||||
|
|
||||||
for line in $CONFIG; do
|
for line in $CONFIG; do
|
||||||
eval "$line"
|
eval "$line"
|
||||||
done
|
done
|
||||||
|
|
||||||
# Define variables.
|
# Define variables.
|
||||||
GH_API="https://api.github.com"
|
GH_API="https://api.github.com"
|
||||||
GH_REPO="$GH_API/repos/$owner/$repo"
|
GH_REPO="$GH_API/repos/$owner/$repo"
|
||||||
GH_TAGS="$GH_REPO/releases/tags/$tag"
|
GH_TAGS="$GH_REPO/releases/tags/$tag"
|
||||||
AUTH="Authorization: token $github_api_token"
|
AUTH="Authorization: token $github_api_token"
|
||||||
WGET_ARGS="--content-disposition --auth-no-challenge --no-cookie"
|
WGET_ARGS="--content-disposition --auth-no-challenge --no-cookie"
|
||||||
CURL_ARGS="-LJO#"
|
CURL_ARGS="-LJO#"
|
||||||
|
|
||||||
if [[ "$tag" == 'LATEST' ]]; then
|
if [[ "$tag" == 'LATEST' ]]; then
|
||||||
GH_TAGS="$GH_REPO/releases/latest"
|
GH_TAGS="$GH_REPO/releases/latest"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Validate token.
|
# Validate token.
|
||||||
curl -o /dev/null -sH "$AUTH" $GH_REPO || { echo "Error: Invalid repo, token or network issue!"; exit 1; }
|
curl -o /dev/null -sH "$AUTH" $GH_REPO || { echo "Error: Invalid repo, token, or network issue!"; exit 1; }
|
||||||
|
|
||||||
# Read asset tags.
|
# Read asset tags.
|
||||||
response=$(curl -sH "$AUTH" $GH_TAGS)
|
response=$(curl -sH "$AUTH" $GH_TAGS)
|
||||||
|
|
||||||
# Get ID of the asset based on given filename.
|
# Get ID of the asset based on the given filename.
|
||||||
eval $(echo "$response" | grep -m 1 "id.:" | grep -w id | tr : = | tr -cd '[[:alnum:]]=')
|
eval $(echo "$response" | grep -m 1 "id.:" | grep -w id | tr : = | tr -cd '[[:alnum:]]=')
|
||||||
[ "$id" ] || { echo "Error: Failed to get release id for tag: $tag"; echo "$response" | awk 'length($0)<100' >&2; exit 1; }
|
[ "$id" ] || { echo "Error: Failed to get release id for tag: $tag"; echo "$response" | awk 'length($0)<100' >&2; exit 1; }
|
||||||
|
|
||||||
# Upload asset
|
# Upload asset
|
||||||
echo "Uploading asset... $localAssetPath" >&2
|
echo "Uploading asset... $filename" >&2
|
||||||
|
|
||||||
# Construct url
|
# Construct URL
|
||||||
GH_ASSET="https://uploads.github.com/repos/$owner/$repo/releases/$id/assets?name=$(basename $filename)"
|
GH_ASSET="https://uploads.github.com/repos/$owner/$repo/releases/$id/assets?name=$(basename $filename)"
|
||||||
|
|
||||||
curl "$GITHUB_OAUTH_BASIC" --data-binary @"$filename" -H "Authorization: token $github_api_token" -H "Content-Type: application/octet-stream" $GH_ASSET
|
# Install required packages
|
||||||
|
apt-get update
|
||||||
|
apt-get install -y curl
|
||||||
|
|
||||||
|
curl "$GITHUB_OAUTH_BASIC" --data-binary @"$filename" -H "Authorization: token $github_api_token" -H "Content-Type: application/octet-stream" $GH_ASSET
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue