tpotce/update.sh

#!/bin/bash

###################################################
# Do not change any contents of this script!
###################################################

# Some vars
myCONFIGFILE="/opt/tpot/etc/tpot.yml"
myCOMPOSEPATH="/opt/tpot/etc/compose"
myRED=""
myGREEN=""
myWHITE=""
myBLUE=""

# Got root?
myWHOAMI=$(whoami)
if [ "$myWHOAMI" != "root" ]
  then
    echo "Need to run as root ..."
    sudo ./$0
    exit
fi

# Check for existing tpot.yml
function fuCONFIGCHECK () {
  echo "### Checking for T-Pot configuration file ..."
  echo -n "###### $myBLUE$myCONFIGFILE$myWHITE "
  if ! [ -f $myCONFIGFILE ];
    then
      echo
      echo $myRED"Error - No T-Pot configuration file present."
      echo "Please copy one of the preconfigured configuration files from /opt/tpot/etc/compose/*.yml to /opt/tpot/etc/tpot.yml."$myWHITE
      echo
      exit 1
    else
      echo $myGREEN"OK"$myWHITE
  fi
}

# Let's test the internet connection
function fuCHECKINET () {
mySITES=$1
  echo "### Now checking availability of ..."
  for i in $mySITES;
    do
      echo -n "###### $myBLUE$i$myWHITE "
      curl --connect-timeout 5 -IsS $i 2>&1>/dev/null
        if [ $? -ne 0 ];
          then
            echo
            echo $myRED"Error - Internet connection test failed. This might indicate some problems with your connection."
            echo "Exiting."$myWHITE
            echo
            exit 1
          else
            echo $myGREEN"OK"$myWHITE
        fi
  done;
}

function fuSELFUPDATE () {
  echo "### Now checking for newer files in repository ..."
  git fetch
  myREMOTESTAT=$(git status | grep -c "up-to-date")
  if [ "$myREMOTESTAT" != "0" ];
    then
      echo "###### $myBLUE"No updates found in repository."$myWHITE"
      return
  fi
  myRESULT=$(git diff --name-only origin/master | grep update.sh)
  myLOCALSTAT=$(git status -uno | grep -c update.sh)
  if [ "$myRESULT" == "update.sh" ];
    then
      if [ "$myLOCALSTAT" == "0" ];
        then
          echo "###### $myBLUE"Found newer version, will update myself and restart."$myWHITE"
          git pull --force
          exec "$1" "$2"
          exit 1
        else
          echo $myRED"Error - Update script was changed locally, cannot update."
          echo "Exiting."$myWHITE
          echo
          exit 1
      fi
    else
      echo "###### Update script is already up-to-date."
      git pull --force
  fi
}

# Only run with command switch
if [ "$1" != "-y" ]; then
  echo "This script will update / upgrade all T-Pot related scripts, tools and packages"
  echo "Some of your changes might be overwritten, so make sure to save your work"
  echo "This feature is still experimental, run with \"-y\" switch"
  echo
  exit
fi

echo "### Now running T-Pot update script."
echo

fuCHECKINET "https://index.docker.io https://github.com https://pypi.python.org https://ubuntu.com"
echo

fuSELFUPDATE "$0" "$@"
echo

fuCONFIGCHECK
echo

echo "### Now stopping T-Pot"
systemctl stop tpot

# Better safe than sorry
echo "###### Creating backup and storing it in /home/tsec"
tar cvfz /root/tpot_backup.tgz /opt/tpot

echo "###### Getting the current install flavor"
myFLAVOR=$(head $myCONFIGFILE -n 1 | awk '{ print $3 }' | tr -d :'()':)

echo "###### Updating compose file"
case $myFLAVOR in
  HP)
    echo "###### Restoring HONEYPOT flavor installation."
    cp $myCOMPOSEPATH/hp.yml $myCONFIGFILE
  ;;
  Industrial)
    echo "###### Restoring INDUSTRIAL flavor installation."
    cp $myCOMPOSEPATH/industrial.yml $myCONFIGFILE
  ;;
  Standard)
    echo "###### Restoring TPOT flavor installation."
    cp $myCOMPOSEPATH/tpot.yml $myCONFIGFILE
  ;;
  Everything)
    echo "###### Restoring EVERYTHING flavor installation."
    cp $myCOMPOSEPATH/all.yml $myCONFIGFILE
  ;;
esac

echo
echo "### Now upgrading packages"
apt-get autoclean -y
apt-get autoremove -y
apt-get update
apt-get dist-upgrade -y
pip install --upgrade pip
pip install docker-compose==1.16.1
pip install elasticsearch-curator==5.2.0
ln -s /usr/bin/nodejs /usr/bin/node 2>&1
npm install https://github.com/t3chn0m4g3/wetty -g
npm install https://github.com/t3chn0m4g3/elasticsearch-dump -g
wget https://github.com/bcicen/ctop/releases/download/v0.6.1/ctop-0.6.1-linux-amd64 -O /usr/bin/ctop && chmod +x /usr/bin/ctop

echo
echo "### Now replacing T-Pot related config files on host"
cp    host/etc/systemd/* /etc/systemd/system/
cp    host/etc/issue /etc/
cp -R host/etc/nginx/ssl /etc/nginx/
cp    host/etc/nginx/tpotweb.conf /etc/nginx/sites-available/
cp    host/etc/nginx/nginx.conf /etc/nginx/nginx.conf
cp    host/usr/share/nginx/html/* /usr/share/nginx/html/

echo
echo "### Now reloading systemd, nginx"
systemctl daemon-reload
nginx -s reload

echo
echo "### Now restarting wetty, nginx, docker"
systemctl restart wetty.service
systemctl restart nginx.service
systemctl restart docker.service

echo
echo "### Now pulling latest docker images"
docker-compose -f /opt/tpot/etc/tpot.yml pull

echo
echo "### Now starting T-Pot service"
systemctl start tpot

echo
echo "### If you made changes to tpot.yml please ensure to add them again."
echo "### We stored the previous version as backup in /home/tsec."
echo "### Done."