From 50beeef63a0de6d5eac2a3c474cc07bfb945dd5b Mon Sep 17 00:00:00 2001 From: rsatrio Date: Sat, 15 Mar 2025 10:26:32 +0700 Subject: [PATCH 1/3] feat: flags in install.sh for silent installation --- install.sh | 198 +++++++++++++++++++++++++++++++++++------------------ 1 file changed, 130 insertions(+), 68 deletions(-) diff --git a/install.sh b/install.sh index bffde8d4..318a7ff3 100755 --- a/install.sh +++ b/install.sh @@ -1,5 +1,67 @@ #!/usr/bin/env bash + +print_help() { + echo "Usage: $0 [-s y|n] [-t h|s|l|i|m|t] -u -p " + echo " -s: yes or no (optional)" + echo " -t: h (host),s (sensor), l (llm), i(mini),m(mobile),t(tarpit) (optional)" + echo " -u: web username (optional)" + echo " -p: password for web user (optional)" + exit 1 +} + +validate_s() { + if [[ -n "$myQST" ]]; then + if [[ "$myQST" =~ ^[yYnN]$ ]]; then + return 1 # Valid + else + print_help + fi + else + print_help + fi + +} + +validate_t() { + if [[ -n "$myTPOT_TYPE" ]]; then + if [[ "$myTPOT_TYPE" =~ ^[hslimtHSLIMT]$ ]]; then + return 1 # Valid + else + print_help + fi + else + print_help + fi + +} + +while getopts ":s:t:u:p:" opt; do + case "$opt" in + s) + myQST="${OPTARG}" + validate_s + ;; + t) + myTPOT_TYPE="${OPTARG}" + validate_t + ;; + u) + export myWEB_USER="${OPTARG}" + ;; + p) + export myWEB_PW="${OPTARG}" + ;; + :) + echo "Option -${OPTARG} requires an argument." + print_help + exit 1 + ;; + \?) + print_help + ;; + esac +done myINSTALL_NOTIFICATION="### Now installing required packages ..." myUSER=$(whoami) myTPOT_CONF_FILE="/home/${myUSER}/tpotce/.env" @@ -43,12 +105,13 @@ echo "$myINSTALLER" echo echo echo "### This script will now install T-Pot and all of its dependencies." -while [ "${myQST}" != "y" ] && [ "${myQST}" != "n" ]; - do +if [[ -z "$myQST" ]]; then + while [ "${myQST}" != "y" ] && [ "${myQST}" != "n" ]; do echo read -p "### Install? (y/n) " myQST echo done +fi if [ "${myQST}" = "n" ]; then echo @@ -183,7 +246,10 @@ echo "### Feed data endlessly to attackers, bots and scanners." echo "### Also runs a Denial of Service Honeypot (ddospot)." echo while true; do - read -p "### Install Type? (h/s/l/i/m/t) " myTPOT_TYPE + if [[ -z "$myTPOT_TYPE" ]]; then + read -p "### Install Type? (h/s/l/i/m/t) " myTPOT_TYPE + fi + case "${myTPOT_TYPE}" in h|H) echo @@ -234,75 +300,71 @@ done if [ "${myTPOT_TYPE}" == "HIVE" ]; # If T-Pot Type is HIVE ask for WebUI username and password then - # Preparing web user for T-Pot - echo - echo "### T-Pot User Configuration ..." - echo - # Asking for web user name - myWEB_USER="" - while [ 1 != 2 ]; - do - myOK="" - read -rp "### Enter your web user name: " myWEB_USER - myWEB_USER=$(echo $myWEB_USER | tr -cd "[:alnum:]_.-") - echo "### Your username is: ${myWEB_USER}" - while [[ ! "${myOK}" =~ [YyNn] ]]; - do - read -rp "### Is this correct? (y/n) " myOK - done - if [[ "${myOK}" =~ [Yy] ]] && [ "$myWEB_USER" != "" ]; - then - break - else - echo - fi - done + # Preparing web user for T-Pot + echo + echo "### T-Pot User Configuration ..." + echo + # Asking for web user name + if [[ -z "$myWEB_USER" ]]; then + myWEB_USER="" + while [ 1 != 2 ]; do + myOK="" + read -rp "### Enter your web user name: " myWEB_USER + myWEB_USER=$(echo $myWEB_USER | tr -cd "[:alnum:]_.-") + echo "### Your username is: ${myWEB_USER}" + while [[ ! "${myOK}" =~ [YyNn] ]]; do + read -rp "### Is this correct? (y/n) " myOK + done + if [[ "${myOK}" =~ [Yy] ]] && [ "$myWEB_USER" != "" ]; then + break + else + echo + fi + done + fi - # Asking for web user password - myWEB_PW="pass1" - myWEB_PW2="pass2" - mySECURE=0 - myOK="" - while [ "${myWEB_PW}" != "${myWEB_PW2}" ] && [ "${mySECURE}" == "0" ] - do - echo - while [ "${myWEB_PW}" == "pass1" ] || [ "${myWEB_PW}" == "" ] - do - read -rsp "### Enter password for your web user: " myWEB_PW - echo - done - read -rsp "### Repeat password you your web user: " myWEB_PW2 - echo - if [ "${myWEB_PW}" != "${myWEB_PW2}" ]; - then - echo "### Passwords do not match." - myWEB_PW="pass1" - myWEB_PW2="pass2" - fi - mySECURE=$(printf "%s" "$myWEB_PW" | /usr/sbin/cracklib-check | grep -c "OK") - if [ "$mySECURE" == "0" ] && [ "$myWEB_PW" == "$myWEB_PW2" ]; - then - while [[ ! "${myOK}" =~ [YyNn] ]]; - do - read -rp "### Keep insecure password? (y/n) " myOK - done - if [[ "${myOK}" =~ [Nn] ]] || [ "$myWEB_PW" == "" ]; - then - myWEB_PW="pass1" - myWEB_PW2="pass2" - mySECURE=0 - myOK="" - fi - fi - done + # Asking for web user password + if [[ -z "$myWEB_PW" ]]; then + myWEB_PW="pass1" + myWEB_PW2="pass2" + mySECURE=0 + myOK="" + while [ "${myWEB_PW}" != "${myWEB_PW2}" ] && [ "${mySECURE}" == "0" ]; do + echo + while [ "${myWEB_PW}" == "pass1" ] || [ "${myWEB_PW}" == "" ]; do + read -rsp "### Enter password for your web user: " myWEB_PW + echo + done + read -rsp "### Repeat password you your web user: " myWEB_PW2 + echo + if [ "${myWEB_PW}" != "${myWEB_PW2}" ]; then + echo "### Passwords do not match." + myWEB_PW="pass1" + myWEB_PW2="pass2" + fi + mySECURE=$(printf "%s" "$myWEB_PW" | /usr/sbin/cracklib-check | grep -c "OK") + if [ "$mySECURE" == "0" ] && [ "$myWEB_PW" == "$myWEB_PW2" ]; then + while [[ ! "${myOK}" =~ [YyNn] ]]; do + read -rp "### Keep insecure password? (y/n) " myOK + done + if [[ "${myOK}" =~ [Nn] ]] || [ "$myWEB_PW" == "" ]; then + myWEB_PW="pass1" + myWEB_PW2="pass2" + mySECURE=0 + myOK="" + fi + fi + done + fi - # Write username and password to T-Pot config file - echo "### Creating base64 encoded htpasswd username and password for T-Pot config file: ${myTPOT_CONF_FILE}" - myWEB_USER_ENC=$(htpasswd -b -n "${myWEB_USER}" "${myWEB_PW}") + + # Write username and password to T-Pot config file + echo "### Creating base64 encoded htpasswd username and password for T-Pot config file: ${myTPOT_CONF_FILE}" + myWEB_USER_ENC=$(htpasswd -b -n "${myWEB_USER}" "${myWEB_PW}") myWEB_USER_ENC_B64=$(echo -n "${myWEB_USER_ENC}" | base64 -w0) - echo - sed -i "s|^WEB_USER=.*|WEB_USER=${myWEB_USER_ENC_B64}|" ${myTPOT_CONF_FILE} + echo + sed -i "s|^WEB_USER=.*|WEB_USER=${myWEB_USER_ENC_B64}|" ${myTPOT_CONF_FILE} fi # Pull docker images From 7c912e656f0374be2f8f8c84ca9605764c33a749 Mon Sep 17 00:00:00 2001 From: rsatrio Date: Fri, 4 Jul 2025 22:08:22 +0700 Subject: [PATCH 2/3] chore: revise install.sh script --- install.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/install.sh b/install.sh index 318a7ff3..49f83dca 100755 --- a/install.sh +++ b/install.sh @@ -3,10 +3,10 @@ print_help() { echo "Usage: $0 [-s y|n] [-t h|s|l|i|m|t] -u -p " - echo " -s: yes or no (optional)" - echo " -t: h (host),s (sensor), l (llm), i(mini),m(mobile),t(tarpit) (optional)" - echo " -u: web username (optional)" - echo " -p: password for web user (optional)" + echo " -s: Supress Install(y/n) question. Value accepted: yes or no (optional)" + echo " -t: Type of installation. Value accepted: h (hive),s (sensor), l (llm), i(mini),m(mobile),t(tarpit) (optional)" + echo " -u: web username (mandatory for hive installation, otherwirse optional)" + echo " -p: password for web user (mandatory for hive installation, otherwirse optional)" exit 1 } From 0bb6e509307d6106e02e900a404f89634f7a526f Mon Sep 17 00:00:00 2001 From: Marco Ochse Date: Fri, 4 Jul 2025 19:47:32 +0200 Subject: [PATCH 3/3] Update install.sh I tested it extensively and made some adjustments. Let me know if it works for your tests as well and merge it into the PR. Thanks for taking the time! --- install.sh | 112 +++++++++++++++++++++++++++++------------------------ 1 file changed, 61 insertions(+), 51 deletions(-) diff --git a/install.sh b/install.sh index 49f83dca..84057118 100755 --- a/install.sh +++ b/install.sh @@ -1,67 +1,77 @@ #!/usr/bin/env bash - print_help() { - echo "Usage: $0 [-s y|n] [-t h|s|l|i|m|t] -u -p " - echo " -s: Supress Install(y/n) question. Value accepted: yes or no (optional)" - echo " -t: Type of installation. Value accepted: h (hive),s (sensor), l (llm), i(mini),m(mobile),t(tarpit) (optional)" - echo " -u: web username (mandatory for hive installation, otherwirse optional)" - echo " -p: password for web user (mandatory for hive installation, otherwirse optional)" + cat < [-u ] [-p ] + +Options: + -s Suppress installation confirmation prompt (sets myQST=y) + -t Type of installation (required if -s is used): + h - hive (requires -u and -p) + s - sensor (no user/pass required) + l - llm (requires -u and -p) + i - mini (requires -u and -p) + m - mobile (no user/pass required) + t - tarpit (requires -u and -p) + -u Web interface username (required for h/l/i/t) + -p Web interface password (required for h/l/i/t) + -h Show this help message +EOF exit 1 } -validate_s() { - if [[ -n "$myQST" ]]; then - if [[ "$myQST" =~ ^[yYnN]$ ]]; then - return 1 # Valid - else - print_help - fi - else +validate_type() { + [[ "$myTPOT_TYPE" =~ ^[hslimtHSLIMT]$ ]] || { + echo "Invalid installation type: $myTPOT_TYPE" print_help - fi - + } } -validate_t() { - if [[ -n "$myTPOT_TYPE" ]]; then - if [[ "$myTPOT_TYPE" =~ ^[hslimtHSLIMT]$ ]]; then - return 1 # Valid - else - print_help - fi - else - print_help - fi +# Defaults +myQST="" +myTPOT_TYPE="" +myWEB_USER="" +myWEB_PW="" -} - -while getopts ":s:t:u:p:" opt; do +while getopts ":st:u:p:h" opt; do case "$opt" in - s) - myQST="${OPTARG}" - validate_s - ;; - t) - myTPOT_TYPE="${OPTARG}" - validate_t - ;; - u) - export myWEB_USER="${OPTARG}" - ;; - p) - export myWEB_PW="${OPTARG}" - ;; - :) - echo "Option -${OPTARG} requires an argument." - print_help - exit 1 - ;; - \?) - print_help - ;; + s) + myQST="y" + ;; + t) + myTPOT_TYPE="${OPTARG,,}" + validate_type + ;; + u) + export myWEB_USER="${OPTARG}" + ;; + p) + export myWEB_PW="${OPTARG}" + ;; + h|\?) + print_help + ;; + :) + echo "Option -${OPTARG} requires an argument." + print_help + ;; esac done + +# -s requires -t +if [[ "$myQST" == "y" && -z "$myTPOT_TYPE" ]]; then + echo "Error: -t is required when using -s to suppress interaction." + print_help +fi + +# Determine if user/pass are required based on install type +if [[ "$myTPOT_TYPE" =~ ^[hlit]$ ]]; then + [[ -n "$myWEB_USER" && -n "$myWEB_PW" ]] || { + echo "Error: -u and -p are required for installation type '$myTPOT_TYPE'." + print_help + } +fi + myINSTALL_NOTIFICATION="### Now installing required packages ..." myUSER=$(whoami) myTPOT_CONF_FILE="/home/${myUSER}/tpotce/.env"