From 5dae44b5e9fab58a3076fbd11d0ce479492f6974 Mon Sep 17 00:00:00 2001
From: t3chn0m4g3 <t3chn0m4g3@gmail.com>
Date: Fri, 15 Mar 2019 15:59:02 +0000
Subject: [PATCH] prepare for sissden opt-in

---
 bin/sissden_optin.sh          | 25 +++++++++++++++++++++++++
 docker/ews/Dockerfile         |  1 +
 docker/ews/dist/ews.cfg       | 16 ++++++++--------
 docker/ews/docker-compose.yml | 10 ++++++++++
 etc/compose/collector.yml     |  9 +++++++++
 etc/compose/industrial.yml    |  9 +++++++++
 etc/compose/legacy.yml        |  9 +++++++++
 etc/compose/nextgen.yml       |  9 +++++++++
 etc/compose/sensor.yml        |  9 +++++++++
 etc/compose/standard.yml      |  9 +++++++++
 10 files changed, 98 insertions(+), 8 deletions(-)
 create mode 100755 bin/sissden_optin.sh

diff --git a/bin/sissden_optin.sh b/bin/sissden_optin.sh
new file mode 100755
index 00000000..ab76beaa
--- /dev/null
+++ b/bin/sissden_optin.sh
@@ -0,0 +1,25 @@
+#!/bin/bash
+
+myTPOTYMLFILE="/opt/tpot/etc/tpot.yml"
+
+echo "SISSDEN Delivery Opt-In for EWSPoster"
+echo "-------------------------------------"
+echo "By running this script you agree to share your data with https://sissden.eu and agree to the corresponding sharing terms."
+echo
+echo "Please provide the credentials you created at the SISSDEN portal ..."
+read -p "Ident: " myIDENT
+read -p "Secret: " mySECRET
+echo
+echo "Now stopping T-Pot ..."
+systemctl stop tpot
+echo "Adding your credentials ..."
+sed -i.bak 's/EWS_HPFEEDS_ENABLE=false/EWS_HPFEEDS_ENABLE=true/g' "$myTPOTYMLFILE"
+sed -i 's/EWS_HPFEEDS_HOST=host/EWS_HPFEEDS_HOST=hpfeeds.sissden.eu/g' "$myTPOTYMLFILE"
+sed -i 's/EWS_HPFEEDS_PORT=port/EWS_HPFEEDS_PORT=10000/g' "$myTPOTYMLFILE"
+sed -i 's/EWS_HPFEEDS_CHANNELS=channels/EWS_HPFEEDS_CHANNELS=t-pot.events/g' "$myTPOTYMLFILE"
+sed -i "s/EWS_HPFEEDS_IDENT=user/EWS_HPFEEDS_IDENT=${myIDENT}/g" "$myTPOTYMLFILE"
+sed -i "s/EWS_HPFEEDS_SECRET=secret/EWS_HPFEEDS_SECRET=${mySECRET}/g" "$myTPOTYMLFILE"
+echo "Now starting T-Pot ..."
+systemctl start tpot
+echo "Done. On behalf of SISSDEN we thank you for sharing!"
+echo
diff --git a/docker/ews/Dockerfile b/docker/ews/Dockerfile
index c90dbf7c..da8f0561 100644
--- a/docker/ews/Dockerfile
+++ b/docker/ews/Dockerfile
@@ -36,6 +36,7 @@ RUN apk -U --no-cache add \
 
 # Supply configs
     mv /root/dist/ews.cfg /opt/ewsposter/ && \
+    mv /root/dist/ca.pem /opt/ewsposter/ && \
 
 # Clean up
     apk del build-base \
diff --git a/docker/ews/dist/ews.cfg b/docker/ews/dist/ews.cfg
index c52e7e1a..2dac88ca 100644
--- a/docker/ews/dist/ews.cfg
+++ b/docker/ews/dist/ews.cfg
@@ -18,16 +18,16 @@ rhost_second = https://community.sicherheitstacho.eu/ews-0.1/alert/postSimpleMes
 ignorecert = false
 
 [HPFEED]
-hpfeed = false
-host = 0.0.0.0
-port = 0
-channels = 0
-ident = 0
-secret= 0
+hpfeed = %(EWS_HPFEEDS_ENABLE)s
+host = %(EWS_HPFEEDS_HOST)s
+port = %(EWS_HPFEEDS_PORT)s
+channels = %(EWS_HPFEEDS_CHANNELS)s
+ident = %(EWS_HPFEEDS_IDENT)s
+secret= %(EWS_HPFEEDS_SECRET)s
 # path/to/certificate for tls broker - or "false" for non-tls broker
-tlscert = false
+tlscert = %(EWS_HPFEEDS_TLSCERT)s
 # hpfeeds submission format: "ews" (xml) or "json"
-hpfformat = json
+hpfformat = %(EWS_HPFEEDS_FORMAT)s
 
 [EWSJSON]
 json = false
diff --git a/docker/ews/docker-compose.yml b/docker/ews/docker-compose.yml
index 302a6b4c..2b5d2110 100644
--- a/docker/ews/docker-compose.yml
+++ b/docker/ews/docker-compose.yml
@@ -12,9 +12,19 @@ services:
     restart: always
     networks:
      - ewsposter_local
+    environment:
+     - EWS_HPFEEDS_ENABLE=false
+     - EWS_HPFEEDS_HOST=host
+     - EWS_HPFEEDS_PORT=port
+     - EWS_HPFEEDS_CHANNELS=channels
+     - EWS_HPFEEDS_IDENT=user
+     - EWS_HPFEEDS_SECRET=secret
+     - EWS_HPFEEDS_TLSCERT=/opt/ewsposter/ca.pem
+     - EWS_HPFEEDS_FORMAT=json
     env_file:
      - /opt/tpot/etc/compose/elk_environment
     image: "dtagdevsec/ewsposter:1903"
     volumes:
      - /data:/data
      - /data/ews/conf/ews.ip:/opt/ewsposter/ews.ip
+
diff --git a/etc/compose/collector.yml b/etc/compose/collector.yml
index 5624bbe0..6d90024e 100644
--- a/etc/compose/collector.yml
+++ b/etc/compose/collector.yml
@@ -170,6 +170,15 @@ services:
     restart: always
     networks:
      - ewsposter_local
+    environment:
+     - EWS_HPFEEDS_ENABLE=false
+     - EWS_HPFEEDS_HOST=host
+     - EWS_HPFEEDS_PORT=port
+     - EWS_HPFEEDS_CHANNELS=channels
+     - EWS_HPFEEDS_IDENT=user
+     - EWS_HPFEEDS_SECRET=secret
+     - EWS_HPFEEDS_TLSCERT=/opt/ewsposter/ca.pem
+     - EWS_HPFEEDS_FORMAT=json
     env_file:
      - /opt/tpot/etc/compose/elk_environment
     image: "dtagdevsec/ewsposter:1903"
diff --git a/etc/compose/industrial.yml b/etc/compose/industrial.yml
index 934141e7..575e8d67 100644
--- a/etc/compose/industrial.yml
+++ b/etc/compose/industrial.yml
@@ -348,6 +348,15 @@ services:
     restart: always
     networks:
      - ewsposter_local
+    environment:
+     - EWS_HPFEEDS_ENABLE=false
+     - EWS_HPFEEDS_HOST=host
+     - EWS_HPFEEDS_PORT=port
+     - EWS_HPFEEDS_CHANNELS=channels
+     - EWS_HPFEEDS_IDENT=user
+     - EWS_HPFEEDS_SECRET=secret
+     - EWS_HPFEEDS_TLSCERT=/opt/ewsposter/ca.pem
+     - EWS_HPFEEDS_FORMAT=json
     env_file:
      - /opt/tpot/etc/compose/elk_environment
     image: "dtagdevsec/ewsposter:1903"
diff --git a/etc/compose/legacy.yml b/etc/compose/legacy.yml
index 5838cb5b..f28a40ea 100644
--- a/etc/compose/legacy.yml
+++ b/etc/compose/legacy.yml
@@ -288,6 +288,15 @@ services:
     restart: always
     networks:
      - ewsposter_local
+    environment:
+     - EWS_HPFEEDS_ENABLE=false
+     - EWS_HPFEEDS_HOST=host
+     - EWS_HPFEEDS_PORT=port
+     - EWS_HPFEEDS_CHANNELS=channels
+     - EWS_HPFEEDS_IDENT=user
+     - EWS_HPFEEDS_SECRET=secret
+     - EWS_HPFEEDS_TLSCERT=/opt/ewsposter/ca.pem
+     - EWS_HPFEEDS_FORMAT=json
     env_file:
      - /opt/tpot/etc/compose/elk_environment
     image: "dtagdevsec/ewsposter:1903"
diff --git a/etc/compose/nextgen.yml b/etc/compose/nextgen.yml
index 318ff3a8..57dccaf6 100644
--- a/etc/compose/nextgen.yml
+++ b/etc/compose/nextgen.yml
@@ -514,6 +514,15 @@ services:
     restart: always
     networks:
      - ewsposter_local
+    environment:
+     - EWS_HPFEEDS_ENABLE=false
+     - EWS_HPFEEDS_HOST=host
+     - EWS_HPFEEDS_PORT=port
+     - EWS_HPFEEDS_CHANNELS=channels
+     - EWS_HPFEEDS_IDENT=user
+     - EWS_HPFEEDS_SECRET=secret
+     - EWS_HPFEEDS_TLSCERT=/opt/ewsposter/ca.pem
+     - EWS_HPFEEDS_FORMAT=json
     env_file:
      - /opt/tpot/etc/compose/elk_environment
     image: "dtagdevsec/ewsposter:1903"
diff --git a/etc/compose/sensor.yml b/etc/compose/sensor.yml
index 0789524c..4e434810 100644
--- a/etc/compose/sensor.yml
+++ b/etc/compose/sensor.yml
@@ -433,6 +433,15 @@ services:
     restart: always
     networks:
      - ewsposter_local
+    environment:
+     - EWS_HPFEEDS_ENABLE=false
+     - EWS_HPFEEDS_HOST=host
+     - EWS_HPFEEDS_PORT=port
+     - EWS_HPFEEDS_CHANNELS=channels
+     - EWS_HPFEEDS_IDENT=user
+     - EWS_HPFEEDS_SECRET=secret
+     - EWS_HPFEEDS_TLSCERT=/opt/ewsposter/ca.pem
+     - EWS_HPFEEDS_FORMAT=json
     env_file:
      - /opt/tpot/etc/compose/elk_environment
     image: "dtagdevsec/ewsposter:1903"
diff --git a/etc/compose/standard.yml b/etc/compose/standard.yml
index fe5ba7c2..bf4634c3 100644
--- a/etc/compose/standard.yml
+++ b/etc/compose/standard.yml
@@ -506,6 +506,15 @@ services:
     restart: always
     networks:
      - ewsposter_local
+    environment:
+     - EWS_HPFEEDS_ENABLE=false
+     - EWS_HPFEEDS_HOST=host
+     - EWS_HPFEEDS_PORT=port
+     - EWS_HPFEEDS_CHANNELS=channels
+     - EWS_HPFEEDS_IDENT=user
+     - EWS_HPFEEDS_SECRET=secret
+     - EWS_HPFEEDS_TLSCERT=/opt/ewsposter/ca.pem
+     - EWS_HPFEEDS_FORMAT=json
     env_file:
      - /opt/tpot/etc/compose/elk_environment
     image: "dtagdevsec/ewsposter:1903"