mirror of https://github.com/MISP/misp-packer
Merge branch 'master' of github.com:MISP/misp-packer
chrisr3d
commit
aba9ae2451
|
|
@ -61,7 +61,7 @@ if [ "${LATEST_COMMIT}" != "$(cat /tmp/misp-latest.sha)" ]; then
|
|||
|
||||
|
||||
# Current file list of everything to gpg sign and transfer
|
||||
FILE_LIST="MISP_${VER}@${LATEST_COMMIT}-vmware.zip output-virtualbox-iso/MISP_${VER}@${LATEST_COMMIT}.ova packer_virtualbox-iso_virtualbox-iso_sha1.checksum packer_virtualbox-iso_virtualbox-iso_sha256.checksum packer_virtualbox-iso_virtualbox-iso_sha384.checksum packer_virtualbox-iso_virtualbox-iso_sha512.checksum MISP_${VER}@${LATEST_COMMIT}-vmware.zip.sha1 MISP_${VER}@${LATEST_COMMIT}-vmware.zip.sha256 MISP_${VER}@${LATEST_COMMIT}-vmware.zip.sha384 MISP_${VER}@${LATEST_COMMIT}-vmware.zip.sha512 mysql.txt"
|
||||
FILE_LIST="MISP_${VER}@${LATEST_COMMIT}-vmware.zip output-virtualbox-iso/MISP_${VER}@${LATEST_COMMIT}.ova packer_virtualbox-iso_virtualbox-iso_sha1.checksum packer_virtualbox-iso_virtualbox-iso_sha256.checksum packer_virtualbox-iso_virtualbox-iso_sha384.checksum packer_virtualbox-iso_virtualbox-iso_sha512.checksum MISP_${VER}@${LATEST_COMMIT}-vmware.zip.sha1 MISP_${VER}@${LATEST_COMMIT}-vmware.zip.sha256 MISP_${VER}@${LATEST_COMMIT}-vmware.zip.sha384 MISP_${VER}@${LATEST_COMMIT}-vmware.zip.sha512"
|
||||
|
||||
# Create the latest MISP export directory
|
||||
ssh ${REL_USER}@${REL_SERVER} mkdir -p export/MISP_${VER}@${LATEST_COMMIT}
|
||||
|
|
@ -79,7 +79,6 @@ if [ "${LATEST_COMMIT}" != "$(cat /tmp/misp-latest.sha)" ]; then
|
|||
ssh ${REL_USER}@${REL_SERVER} cd export ; tree -T "MISP VM Images" -H https://www.circl.lu/misp-images/ -o index.html
|
||||
|
||||
# Remove files for next run
|
||||
rm mysql.txt
|
||||
rm -r output-virtualbox-iso
|
||||
rm -r output-vmware-iso
|
||||
rm *.checksum *.zip *.sha*
|
||||
|
|
|
|||
|
|
@ -29,7 +29,9 @@
|
|||
["modifyvm", "{{.Name}}", "--memory", "2048"],
|
||||
["modifyvm", "{{.Name}}", "--natpf1", "ssh,tcp,,2222,0.0.0.0,22" ],
|
||||
["modifyvm", "{{.Name}}", "--natpf1", "http,tcp,,8080,,80" ],
|
||||
["modifyvm", "{{.Name}}", "--natpf1", "https,tcp,,8443,,443" ],
|
||||
["modifyvm", "{{.Name}}", "--natpf1", "dashboard,tcp,,8001,0.0.0.0,8001" ],
|
||||
["modifyvm", "{{.Name}}", "--natpf1", "viper,tcp,,8888,0.0.0.0,8888" ],
|
||||
["modifyvm", "{{.Name}}", "--natpf1", "misp-modules,tcp,,1666,0.0.0.0,6666" ],
|
||||
["modifyvm", "{{.Name}}", "--vram", "32"]
|
||||
],
|
||||
|
|
|
|||
|
|
@ -72,7 +72,7 @@ GPG_REAL_NAME='Autogenerated Key'
|
|||
GPG_COMMENT='WARNING: MISP AutoGenerated VM consider this Key VOID!'
|
||||
GPG_EMAIL_ADDRESS='admin@admin.test'
|
||||
GPG_KEY_LENGTH='2048'
|
||||
GPG_PASSPHRASE=''
|
||||
GPG_PASSPHRASE='Password1234'
|
||||
|
||||
# php.ini configuration
|
||||
upload_max_filesize=50M
|
||||
|
|
@ -412,13 +412,14 @@ sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "Plugin.ZeroMQ_organisation
|
|||
|
||||
sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "GnuPG.email" "admin@admin.test"
|
||||
sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "GnuPG.homedir" "/var/www/MISP/.gnupg"
|
||||
sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "GnuPG.password" "Password1234"
|
||||
sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "MISP.host_org_id" 1
|
||||
sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "MISP.email" "info@admin.test"
|
||||
sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "MISP.disable_emailing" true
|
||||
sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "MISP.contact" "info@admin.test"
|
||||
sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "MISP.disablerestalert" true
|
||||
sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "MISP.showCorrelationsOnIndex" true
|
||||
sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "Session.autoRegenerate" false
|
||||
sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "Session.autoRegenerate" 0
|
||||
sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "Session.timeout" 600
|
||||
sudo $PATH_TO_MISP/app/Console/cake Admin setSetting "Session.cookie_timeout" 3600
|
||||
|
||||
|
|
@ -435,7 +436,7 @@ cat >/tmp/gen-key-script <<EOF
|
|||
Name-Comment: $GPG_COMMENT
|
||||
Name-Email: $GPG_EMAIL_ADDRESS
|
||||
Expire-Date: 0
|
||||
Passphrase: '$GPG_PASSPHRASE'
|
||||
Passphrase: $GPG_PASSPHRASE
|
||||
# Do a commit here, so that we can later print "done"
|
||||
%commit
|
||||
%echo done
|
||||
|
|
@ -479,6 +480,7 @@ sudo sed -i -e '$i \sysctl vm.overcommit_memory=1\n' /etc/rc.local
|
|||
sudo sed -i -e '$i \sudo -u www-data bash /var/www/MISP/app/Console/worker/start.sh\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \sudo -u www-data misp-modules -l 0.0.0.0 -s &\n' /etc/rc.local
|
||||
sudo sed -i -e '$i \sudo -u www-data bash /var/www/misp-dashboard/start_all.sh\n' /etc/rc.local
|
||||
sed -i -e '$i \sudo -u misp /usr/local/src/viper/viper-web -p 8888 -H 0.0.0.0 &\n' /etc/rc.local
|
||||
|
||||
echo "--- Installing MISP modules… ---"
|
||||
sudo apt-get install -y libpq5 libjpeg-dev libfuzzy-dev > /dev/null 2>&1
|
||||
|
|
@ -517,6 +519,38 @@ sudo pip3 install stix2 > /dev/null 2>&1
|
|||
# With initd:
|
||||
# sudo sed -i -e '$i \sudo -u www-data misp-modules -l 0.0.0.0 -s &\n' /etc/rc.local
|
||||
|
||||
echo "--- Installing viper-framework ---"
|
||||
cd /usr/local/src/
|
||||
apt-get install -y libssl-dev swig python3-ssdeep p7zip-full unrar sqlite python3-pyclamd exiftool radare2
|
||||
pip3 install SQLAlchemy PrettyTable python-magic 2>&1
|
||||
git clone https://github.com/viper-framework/viper.git
|
||||
cd viper
|
||||
git submodule init
|
||||
git submodule update
|
||||
pip3 install -r requirements.txt > /dev/null 2>&1
|
||||
sudo -u misp /usr/local/src/viper/viper-cli -h > /dev/null 2>&1
|
||||
sudo -u misp /usr/local/src/viper/viper-web -p 8888 -H 0.0.0.0 &
|
||||
echo 'PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/usr/local/src/viper"' |sudo tee /etc/environment
|
||||
|
||||
echo "--- Installing mail2misp ---"
|
||||
cd /usr/local/src/
|
||||
sudo apt-get install -y cmake
|
||||
sudo git clone https://github.com/MISP/mail_to_misp.git
|
||||
sudo git clone git://github.com/stricaud/faup.git
|
||||
cd faup
|
||||
sudo mkdir -p build
|
||||
cd build
|
||||
sudo cmake .. && sudo make
|
||||
sudo make install
|
||||
sudo ldconfig
|
||||
cd ../../
|
||||
cd mail_to_misp
|
||||
sudo pip3 install -r requirements.txt > /dev/null 2>&1
|
||||
sudo cp mail_to_misp_config.py-example mail_to_misp_config.py
|
||||
|
||||
echo "--- Generating Certificate ---"
|
||||
sudo openssl req -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=LU/ST=/L=Luxembourg/O=CIRCL/OU=VM AutoGen/CN=localhost/emailAddress=admin@admin.test" -keyout /etc/ssl/private/misp.local.key -out /etc/ssl/private/misp.local.crt
|
||||
|
||||
|
||||
echo "--- Setting the permissions… ---"
|
||||
sudo chown -R www-data:www-data $PATH_TO_MISP
|
||||
|
|
@ -553,12 +587,24 @@ sudo $PATH_TO_MISP/app/Console/cake Baseurl ""
|
|||
echo "--- Enabling MISP new pub/sub feature (ZeroMQ)… ---"
|
||||
sudo apt-get install -y pkg-config python-redis python-zmq python3-zmq > /dev/null 2>&1
|
||||
|
||||
echo "--- Configuring viper ---"
|
||||
sed -i "s/^misp_url\ =/misp_url\ =\ http:\/\/localhost/g" ~/.viper/viper.conf
|
||||
sed -i "s/^misp_key\ =/misp_key\ =\ $AUTH_KEY/g" ~/.viper/viper.conf
|
||||
# Setting viper-web admin user password to 'Password1234'
|
||||
sqlite3 ~/.viper/admin.db 'UPDATE auth_user SET password="pbkdf2_sha256$100000$iXgEJh8hz7Cf$vfdDAwLX8tko1t0M1TLTtGlxERkNnltUnMhbv56wK/U="'
|
||||
|
||||
echo "--- Configuring mail2misp ---"
|
||||
sudo sed -i "s/^misp_url\ =\ 'YOUR_MISP_URL'/misp_url\ =\ 'http:\/\/localhost'/g" /usr/local/src/mail_to_misp/mail_to_misp_config.py
|
||||
sudo sed -i "s/^misp_key\ =\ 'YOUR_KEY_HERE'/misp_key\ =\ '$AUTH_KEY'/g" /usr/local/src/mail_to_misp/mail_to_misp_config.py
|
||||
|
||||
echo "--- Setting the permissions… ---"
|
||||
sudo chown -R www-data:www-data $PATH_TO_MISP
|
||||
sudo chmod -R 750 $PATH_TO_MISP
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/tmp
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/files
|
||||
sudo chmod -R g+ws $PATH_TO_MISP/app/files/scripts/tmp
|
||||
sudo chmod 700 $PATH_TO_MISP/.gnupg
|
||||
sudo chown -R misp:misp ~misp/.viper
|
||||
|
||||
echo "--- Setting Baseurl ---"
|
||||
sudo $PATH_TO_MISP/app/Console/cake Baseurl ""
|
||||
|
|
@ -569,7 +615,8 @@ echo "Web interface (default network settings): $MISP_BASEURL"
|
|||
echo "MISP admin: admin@admin.test/admin"
|
||||
echo "Shell/SSH: misp/Password1234"
|
||||
echo "MySQL: $DBUSER_ADMIN/$DBPASSWORD_ADMIN - $DBUSER_MISP/$DBPASSWORD_MISP"
|
||||
echo "MySQL: $DBUSER_ADMIN/$DBPASSWORD_ADMIN - $DBUSER_MISP/$DBPASSWORD_MISP" > mysql.txt
|
||||
echo "MySQL: $DBUSER_ADMIN/$DBPASSWORD_ADMIN - $DBUSER_MISP/$DBPASSWORD_MISP" > ~/mysql.txt
|
||||
chown misp:misp ~/mysql.txt
|
||||
|
||||
|
||||
TIME_END=$(date +%s)
|
||||
|
|
|
|||
Loading…
Reference in New Issue