tpotce/host/etc/systemd/tpot.service

[Unit]
Description=tpot
Requires=docker.service
After=docker.service

[Service]
Restart=always
RestartSec=5
TimeoutSec=infinity

# Get and set internal, external IP infos, but ignore errors
ExecStartPre=-/opt/tpot/bin/updateip.sh

# Clear state or if persistence is enabled rotate and compress logs from /data
ExecStartPre=-/bin/bash -c '/opt/tpot/bin/clean.sh on'

# Remove old containers, images and volumes
ExecStartPre=-/usr/bin/docker-compose -f /opt/tpot/etc/tpot.yml down -v
ExecStartPre=-/usr/bin/docker-compose -f /opt/tpot/etc/tpot.yml rm -v
ExecStartPre=-/bin/bash -c 'docker volume rm $(docker volume ls -q)'
ExecStartPre=-/bin/bash -c 'docker rm -v $(docker ps -aq)'
ExecStartPre=-/bin/bash -c 'docker rmi $(docker images | grep "<none>" | awk \'{print $3}\')'

# Get IF, disable offloading, enable promiscious mode for p0f and suricata
ExecStartPre=-/bin/bash -c '/sbin/ethtool --offload $(/sbin/ip address | grep "^2: " | awk \'{ print $2 }\' | tr -d [:punct:]) rx off tx off'
ExecStartPre=/bin/bash -c '/sbin/ethtool -K $(/sbin/ip address | grep "^2: " | awk \'{ print $2 }\' | tr -d [:punct:]) gso off gro off'
ExecStartPre=/bin/bash -c '/sbin/ip link set $(/sbin/ip address | grep "^2: " | awk \'{ print $2 }\' | tr -d [:punct:]) promisc on'

# Modify access rights on docker.sock for netdata
ExecStartPre=-/bin/chmod 666 /var/run/docker.sock

# Set iptables accept rules to avoid forwarding to honeytrap / NFQUEUE
# Forward all other connections to honeytrap / NFQUEUE
ExecStartPre=/opt/tpot/bin/rules.sh /opt/tpot/etc/tpot.yml set

# Compose T-Pot up
ExecStart=/usr/bin/docker-compose -f /opt/tpot/etc/tpot.yml up --no-color

# Compose T-Pot down, remove containers and volumes
ExecStop=/usr/bin/docker-compose -f /opt/tpot/etc/tpot.yml down -v

# Remove only previously set iptables rules
ExecStopPost=/opt/tpot/bin/rules.sh /opt/tpot/etc/tpot.yml unset

[Install]
WantedBy=multi-user.target
update scripts to new file layout iso will not include tpot repo tpot repo will be cloned during install as all the other tools 2017-09-26 15:15:17 +00:00			`[Unit]`
			`Description=tpot`
			`Requires=docker.service`
			`After=docker.service`

			`[Service]`
			`Restart=always`
			`RestartSec=5`
Fixes #142 2017-11-23 16:08:19 +00:00			`TimeoutSec=infinity`
update scripts to new file layout iso will not include tpot repo tpot repo will be cloned during install as all the other tools 2017-09-26 15:15:17 +00:00
			`# Get and set internal, external IP infos, but ignore errors`
			`ExecStartPre=-/opt/tpot/bin/updateip.sh`

			`# Clear state or if persistence is enabled rotate and compress logs from /data`
			`ExecStartPre=-/bin/bash -c '/opt/tpot/bin/clean.sh on'`

			`# Remove old containers, images and volumes`
adjust path for docker-compose 2018-02-13 11:17:50 +00:00			`ExecStartPre=-/usr/bin/docker-compose -f /opt/tpot/etc/tpot.yml down -v`
			`ExecStartPre=-/usr/bin/docker-compose -f /opt/tpot/etc/tpot.yml rm -v`
update scripts to new file layout iso will not include tpot repo tpot repo will be cloned during install as all the other tools 2017-09-26 15:15:17 +00:00			`ExecStartPre=-/bin/bash -c 'docker volume rm $(docker volume ls -q)'`
			`ExecStartPre=-/bin/bash -c 'docker rm -v $(docker ps -aq)'`
			`ExecStartPre=-/bin/bash -c 'docker rmi $(docker images \| grep "<none>" \| awk \'{print $3}\')'`

			`# Get IF, disable offloading, enable promiscious mode for p0f and suricata`
AWS and OTC do not permit rx off / tx off To ensure compatability with dtag-dev-sec/t-pot-autoinstall and AWS / OTC `tpot.service` no longer expects successful execution of disabling offloading. 2017-11-17 13:59:14 +00:00			`ExecStartPre=-/bin/bash -c '/sbin/ethtool --offload $(/sbin/ip address \| grep "^2: " \| awk \'{ print $2 }\' \| tr -d [:punct:]) rx off tx off'`
update scripts to new file layout iso will not include tpot repo tpot repo will be cloned during install as all the other tools 2017-09-26 15:15:17 +00:00			`ExecStartPre=/bin/bash -c '/sbin/ethtool -K $(/sbin/ip address \| grep "^2: " \| awk \'{ print $2 }\' \| tr -d [:punct:]) gso off gro off'`
			`ExecStartPre=/bin/bash -c '/sbin/ip link set $(/sbin/ip address \| grep "^2: " \| awk \'{ print $2 }\' \| tr -d [:punct:]) promisc on'`

			`# Modify access rights on docker.sock for netdata`
			`ExecStartPre=-/bin/chmod 666 /var/run/docker.sock`

			`# Set iptables accept rules to avoid forwarding to honeytrap / NFQUEUE`
			`# Forward all other connections to honeytrap / NFQUEUE`
generate iptables rules dynamically from docker-compose.yml 2018-03-15 10:59:27 +00:00			`ExecStartPre=/opt/tpot/bin/rules.sh /opt/tpot/etc/tpot.yml set`
update scripts to new file layout iso will not include tpot repo tpot repo will be cloned during install as all the other tools 2017-09-26 15:15:17 +00:00
			`# Compose T-Pot up`
adjust path for docker-compose 2018-02-13 11:17:50 +00:00			`ExecStart=/usr/bin/docker-compose -f /opt/tpot/etc/tpot.yml up --no-color`
update scripts to new file layout iso will not include tpot repo tpot repo will be cloned during install as all the other tools 2017-09-26 15:15:17 +00:00
			`# Compose T-Pot down, remove containers and volumes`
adjust path for docker-compose 2018-02-13 11:19:04 +00:00			`ExecStop=/usr/bin/docker-compose -f /opt/tpot/etc/tpot.yml down -v`
update scripts to new file layout iso will not include tpot repo tpot repo will be cloned during install as all the other tools 2017-09-26 15:15:17 +00:00
			`# Remove only previously set iptables rules`
generate iptables rules dynamically from docker-compose.yml 2018-03-15 10:59:27 +00:00			`ExecStopPost=/opt/tpot/bin/rules.sh /opt/tpot/etc/tpot.yml unset`
update scripts to new file layout iso will not include tpot repo tpot repo will be cloned during install as all the other tools 2017-09-26 15:15:17 +00:00
			`[Install]`
			`WantedBy=multi-user.target`