mirror of https://github.com/MISP/misp-vagrant
Fixed warnings: the HOME environment variable of user root was passed to the script instead of user www-data's HOME environment variable.
parent
46a25601f2
commit
6469e4552f
60
bootstrap.sh
60
bootstrap.sh
|
@ -104,14 +104,16 @@ sudo systemctl restart apache2 > /dev/null 2>&1
|
||||||
|
|
||||||
echo "--- Retrieving MISP ---"
|
echo "--- Retrieving MISP ---"
|
||||||
if [ "$MISP_ENV" != "dev" ]; then
|
if [ "$MISP_ENV" != "dev" ]; then
|
||||||
mkdir $PATH_TO_MISP
|
sudo mkdir $PATH_TO_MISP
|
||||||
sudo chown www-data:www-data $PATH_TO_MISP
|
|
||||||
sudo -u www-data git clone https://github.com/MISP/MISP.git $PATH_TO_MISP
|
|
||||||
fi
|
|
||||||
sudo chown www-data:www-data $PATH_TO_MISP
|
sudo chown www-data:www-data $PATH_TO_MISP
|
||||||
cd $PATH_TO_MISP
|
cd $PATH_TO_MISP
|
||||||
#sudo -u www-data git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
|
sudo -u www-data -H git clone https://github.com/MISP/MISP.git $PATH_TO_MISP
|
||||||
sudo -u www-data git config core.filemode false
|
else
|
||||||
|
sudo chown www-data:www-data $PATH_TO_MISP
|
||||||
|
cd $PATH_TO_MISP
|
||||||
|
fi
|
||||||
|
#sudo -u www-data -H git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`)
|
||||||
|
sudo -u www-data -H git config core.filemode false
|
||||||
# chown -R www-data $PATH_TO_MISP
|
# chown -R www-data $PATH_TO_MISP
|
||||||
# chgrp -R www-data $PATH_TO_MISP
|
# chgrp -R www-data $PATH_TO_MISP
|
||||||
# chmod -R 700 $PATH_TO_MISP
|
# chmod -R 700 $PATH_TO_MISP
|
||||||
|
@ -120,36 +122,36 @@ sudo -u www-data git config core.filemode false
|
||||||
echo "--- Installing Mitre's STIX ---"
|
echo "--- Installing Mitre's STIX ---"
|
||||||
sudo apt-get install -y python-dev python-pip libxml2-dev libxslt1-dev zlib1g-dev python-setuptools > /dev/null 2>&1
|
sudo apt-get install -y python-dev python-pip libxml2-dev libxslt1-dev zlib1g-dev python-setuptools > /dev/null 2>&1
|
||||||
cd $PATH_TO_MISP/app/files/scripts
|
cd $PATH_TO_MISP/app/files/scripts
|
||||||
sudo -u www-data git clone https://github.com/CybOXProject/python-cybox.git
|
sudo -u www-data -H git clone https://github.com/CybOXProject/python-cybox.git
|
||||||
sudo -u www-data git clone https://github.com/STIXProject/python-stix.git
|
sudo -u www-data -H git clone https://github.com/STIXProject/python-stix.git
|
||||||
cd $PATH_TO_MISP/app/files/scripts/python-cybox
|
cd $PATH_TO_MISP/app/files/scripts/python-cybox
|
||||||
sudo -u www-data git checkout v2.1.0.12
|
sudo -u www-data -H git checkout v2.1.0.12
|
||||||
sudo python setup.py install > /dev/null 2>&1
|
sudo python setup.py install > /dev/null 2>&1
|
||||||
cd $PATH_TO_MISP/app/files/scripts/python-stix
|
cd $PATH_TO_MISP/app/files/scripts/python-stix
|
||||||
sudo -u www-data git checkout v1.1.1.4
|
sudo -u www-data -H git checkout v1.1.1.4
|
||||||
sudo python setup.py install > /dev/null 2>&1
|
sudo python setup.py install > /dev/null 2>&1
|
||||||
# install mixbox to accomodate the new STIX dependencies:
|
# install mixbox to accomodate the new STIX dependencies:
|
||||||
cd $PATH_TO_MISP/app/files/scripts/
|
cd $PATH_TO_MISP/app/files/scripts/
|
||||||
sudo -u www-data git clone https://github.com/CybOXProject/mixbox.git
|
sudo -u www-data -H git clone https://github.com/CybOXProject/mixbox.git
|
||||||
cd $PATH_TO_MISP/app/files/scripts/mixbox
|
cd $PATH_TO_MISP/app/files/scripts/mixbox
|
||||||
sudo -u www-data git checkout v1.0.2
|
sudo -u www-data -H git checkout v1.0.2
|
||||||
sudo python setup.py install > /dev/null 2>&1
|
sudo python setup.py install > /dev/null 2>&1
|
||||||
|
|
||||||
|
|
||||||
echo "--- Retrieving CakePHP... ---"
|
echo "--- Retrieving CakePHP... ---"
|
||||||
# CakePHP is included as a submodule of MISP, execute the following commands to let git fetch it:
|
# CakePHP is included as a submodule of MISP, execute the following commands to let git fetch it:
|
||||||
cd $PATH_TO_MISP
|
cd $PATH_TO_MISP
|
||||||
sudo -u www-data git submodule init
|
sudo -u www-data -H git submodule init
|
||||||
sudo -u www-data git submodule update
|
sudo -u www-data -H git submodule update
|
||||||
# Once done, install CakeResque along with its dependencies if you intend to use the built in background jobs:
|
# Once done, install CakeResque along with its dependencies if you intend to use the built in background jobs:
|
||||||
cd $PATH_TO_MISP/app
|
cd $PATH_TO_MISP/app
|
||||||
sudo -u www-data php composer.phar require kamisama/cake-resque:4.1.2
|
sudo -u www-data -H php composer.phar require kamisama/cake-resque:4.1.2
|
||||||
sudo -u www-data php composer.phar config vendor-dir Vendor
|
sudo -u www-data -H php composer.phar config vendor-dir Vendor
|
||||||
sudo -u www-data php composer.phar install
|
sudo -u www-data -H php composer.phar install
|
||||||
# Enable CakeResque with php-redis
|
# Enable CakeResque with php-redis
|
||||||
sudo phpenmod redis
|
sudo phpenmod redis
|
||||||
# To use the scheduler worker for scheduled tasks, do the following:
|
# To use the scheduler worker for scheduled tasks, do the following:
|
||||||
sudo -u www-data cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
|
sudo -u www-data -H cp -fa $PATH_TO_MISP/INSTALL/setup/config.php $PATH_TO_MISP/app/Plugin/CakeResque/Config/config.php
|
||||||
|
|
||||||
|
|
||||||
echo "--- Setting the permissions... ---"
|
echo "--- Setting the permissions... ---"
|
||||||
|
@ -166,7 +168,7 @@ sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant usage on *.* to $DBNAM
|
||||||
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant all privileges on $DBNAME.* to '$DBUSER_MISP'@'localhost';"
|
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "grant all privileges on $DBNAME.* to '$DBUSER_MISP'@'localhost';"
|
||||||
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
|
sudo mysql -u $DBUSER_ADMIN -p$DBPASSWORD_ADMIN -e "flush privileges;"
|
||||||
# Import the empty MISP database from MYSQL.sql
|
# Import the empty MISP database from MYSQL.sql
|
||||||
sudo -u www-data mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME < /var/www/MISP/INSTALL/MYSQL.sql
|
sudo -u www-data -H mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP $DBNAME < /var/www/MISP/INSTALL/MYSQL.sql
|
||||||
|
|
||||||
|
|
||||||
echo "--- Configuring Apache... ---"
|
echo "--- Configuring Apache... ---"
|
||||||
|
@ -244,11 +246,11 @@ sudo cp $PATH_TO_MISP/INSTALL/misp.logrotate /etc/logrotate.d/misp
|
||||||
|
|
||||||
echo "--- MISP configuration ---"
|
echo "--- MISP configuration ---"
|
||||||
# There are 4 sample configuration files in /var/www/MISP/app/Config that need to be copied
|
# There are 4 sample configuration files in /var/www/MISP/app/Config that need to be copied
|
||||||
sudo -u www-data cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php /var/www/MISP/app/Config/bootstrap.php
|
sudo -u www-data -H cp -a $PATH_TO_MISP/app/Config/bootstrap.default.php /var/www/MISP/app/Config/bootstrap.php
|
||||||
sudo -u www-data cp -a $PATH_TO_MISP/app/Config/database.default.php /var/www/MISP/app/Config/database.php
|
sudo -u www-data -H cp -a $PATH_TO_MISP/app/Config/database.default.php /var/www/MISP/app/Config/database.php
|
||||||
sudo -u www-data cp -a $PATH_TO_MISP/app/Config/core.default.php /var/www/MISP/app/Config/core.php
|
sudo -u www-data -H cp -a $PATH_TO_MISP/app/Config/core.default.php /var/www/MISP/app/Config/core.php
|
||||||
sudo -u www-data cp -a $PATH_TO_MISP/app/Config/config.default.php /var/www/MISP/app/Config/config.php
|
sudo -u www-data -H cp -a $PATH_TO_MISP/app/Config/config.default.php /var/www/MISP/app/Config/config.php
|
||||||
sudo -u www-data cat > $PATH_TO_MISP/app/Config/database.php <<EOF
|
sudo -u www-data -H cat > $PATH_TO_MISP/app/Config/database.php <<EOF
|
||||||
<?php
|
<?php
|
||||||
class DATABASE_CONFIG {
|
class DATABASE_CONFIG {
|
||||||
public \$default = array(
|
public \$default = array(
|
||||||
|
@ -276,7 +278,7 @@ sudo $PATH_TO_MISP/app/Console/cake Live $MISP_LIVE
|
||||||
|
|
||||||
echo "--- Generating a GPG encryption key... ---"
|
echo "--- Generating a GPG encryption key... ---"
|
||||||
sudo apt-get install -y rng-tools haveged
|
sudo apt-get install -y rng-tools haveged
|
||||||
sudo -u www-data mkdir $PATH_TO_MISP/.gnupg
|
sudo -u www-data -H mkdir $PATH_TO_MISP/.gnupg
|
||||||
sudo chmod 700 $PATH_TO_MISP/.gnupg
|
sudo chmod 700 $PATH_TO_MISP/.gnupg
|
||||||
cat >gen-key-script <<EOF
|
cat >gen-key-script <<EOF
|
||||||
%echo Generating a default key
|
%echo Generating a default key
|
||||||
|
@ -292,10 +294,10 @@ cat >gen-key-script <<EOF
|
||||||
%commit
|
%commit
|
||||||
%echo done
|
%echo done
|
||||||
EOF
|
EOF
|
||||||
sudo -u www-data gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key gen-key-script
|
sudo -u www-data -H gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key gen-key-script
|
||||||
rm gen-key-script
|
rm gen-key-script
|
||||||
# And export the public key to the webroot
|
# And export the public key to the webroot
|
||||||
sudo -u www-data gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key gen-key-scriptgpg --homedir $PATH_TO_MISP/.gnupg --export --armor $EMAIL_ADDRESS > $PATH_TO_MISP/app/webroot/gpg.asc
|
sudo -u www-data -H gpg --homedir $PATH_TO_MISP/.gnupg --batch --gen-key gen-key-scriptgpg --homedir $PATH_TO_MISP/.gnupg --export --armor $EMAIL_ADDRESS > $PATH_TO_MISP/app/webroot/gpg.asc
|
||||||
|
|
||||||
|
|
||||||
echo "--- Making the background workers start on boot... ---"
|
echo "--- Making the background workers start on boot... ---"
|
||||||
|
@ -323,7 +325,7 @@ then
|
||||||
echo 'exit 0' | sudo tee -a /etc/rc.local
|
echo 'exit 0' | sudo tee -a /etc/rc.local
|
||||||
sudo chmod u+x /etc/rc.local
|
sudo chmod u+x /etc/rc.local
|
||||||
fi
|
fi
|
||||||
sudo sed -i -e '$i \sudo -u www-data bash /var/www/MISP/app/Console/worker/start.sh\n' /etc/rc.local
|
sudo sed -i -e '$i \sudo -u www-data -H bash /var/www/MISP/app/Console/worker/start.sh\n' /etc/rc.local
|
||||||
|
|
||||||
|
|
||||||
echo "--- Installing MISP modules... ---"
|
echo "--- Installing MISP modules... ---"
|
||||||
|
@ -350,7 +352,7 @@ sudo pip3 install -I . > /dev/null 2>&1
|
||||||
# sudo systemctl restart misp-modules.service > /dev/null
|
# sudo systemctl restart misp-modules.service > /dev/null
|
||||||
|
|
||||||
# With initd:
|
# With initd:
|
||||||
sudo sed -i -e '$i \sudo -u www-data misp-modules -l 0.0.0.0 -s &\n' /etc/rc.local
|
sudo sed -i -e '$i \sudo -u www-data -H misp-modules -l 0.0.0.0 -s &\n' /etc/rc.local
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue