prepare for sissden opt-in

bin/sissden_optin.sh

@@ -0,0 +1,25 @@
+#!/bin/bash
+
+myTPOTYMLFILE="/opt/tpot/etc/tpot.yml"
+
+echo "SISSDEN Delivery Opt-In for EWSPoster"
+echo "-------------------------------------"
+echo "By running this script you agree to share your data with https://sissden.eu and agree to the corresponding sharing terms."
+echo
+echo "Please provide the credentials you created at the SISSDEN portal ..."
+read -p "Ident: " myIDENT
+read -p "Secret: " mySECRET
+echo
+echo "Now stopping T-Pot ..."
+systemctl stop tpot
+echo "Adding your credentials ..."
+sed -i.bak 's/EWS_HPFEEDS_ENABLE=false/EWS_HPFEEDS_ENABLE=true/g' "$myTPOTYMLFILE"
+sed -i 's/EWS_HPFEEDS_HOST=host/EWS_HPFEEDS_HOST=hpfeeds.sissden.eu/g' "$myTPOTYMLFILE"
+sed -i 's/EWS_HPFEEDS_PORT=port/EWS_HPFEEDS_PORT=10000/g' "$myTPOTYMLFILE"
+sed -i 's/EWS_HPFEEDS_CHANNELS=channels/EWS_HPFEEDS_CHANNELS=t-pot.events/g' "$myTPOTYMLFILE"
+sed -i "s/EWS_HPFEEDS_IDENT=user/EWS_HPFEEDS_IDENT=${myIDENT}/g" "$myTPOTYMLFILE"
+sed -i "s/EWS_HPFEEDS_SECRET=secret/EWS_HPFEEDS_SECRET=${mySECRET}/g" "$myTPOTYMLFILE"
+echo "Now starting T-Pot ..."
+systemctl start tpot
+echo "Done. On behalf of SISSDEN we thank you for sharing!"
+echo

docker/ews/Dockerfile

@@ -36,6 +36,7 @@ RUN apk -U --no-cache add \
 
 # Supply configs
     mv /root/dist/ews.cfg /opt/ewsposter/ && \
+    mv /root/dist/ca.pem /opt/ewsposter/ && \
 
 # Clean up
     apk del build-base \

docker/ews/dist/ews.cfg

@@ -18,16 +18,16 @@ rhost_second = https://community.sicherheitstacho.eu/ews-0.1/alert/postSimpleMes
 ignorecert = false
 
 [HPFEED]
-hpfeed = false
+hpfeed = %(EWS_HPFEEDS_ENABLE)s
-host = 0.0.0.0
+host = %(EWS_HPFEEDS_HOST)s
-port = 0
+port = %(EWS_HPFEEDS_PORT)s
-channels = 0
+channels = %(EWS_HPFEEDS_CHANNELS)s
-ident = 0
+ident = %(EWS_HPFEEDS_IDENT)s
-secret= 0
+secret= %(EWS_HPFEEDS_SECRET)s
 # path/to/certificate for tls broker - or "false" for non-tls broker
-tlscert = false
+tlscert = %(EWS_HPFEEDS_TLSCERT)s
 # hpfeeds submission format: "ews" (xml) or "json"
-hpfformat = json
+hpfformat = %(EWS_HPFEEDS_FORMAT)s
 
 [EWSJSON]
 json = false

docker/ews/docker-compose.yml

@@ -12,9 +12,19 @@ services:
     restart: always
     networks:
      - ewsposter_local
+    environment:
+     - EWS_HPFEEDS_ENABLE=false
+     - EWS_HPFEEDS_HOST=host
+     - EWS_HPFEEDS_PORT=port
+     - EWS_HPFEEDS_CHANNELS=channels
+     - EWS_HPFEEDS_IDENT=user
+     - EWS_HPFEEDS_SECRET=secret
+     - EWS_HPFEEDS_TLSCERT=/opt/ewsposter/ca.pem
+     - EWS_HPFEEDS_FORMAT=json
     env_file:
      - /opt/tpot/etc/compose/elk_environment
     image: "dtagdevsec/ewsposter:1903"
     volumes:
      - /data:/data
      - /data/ews/conf/ews.ip:/opt/ewsposter/ews.ip
+

etc/compose/collector.yml

@@ -170,6 +170,15 @@ services:
     restart: always
     networks:
      - ewsposter_local
+    environment:
+     - EWS_HPFEEDS_ENABLE=false
+     - EWS_HPFEEDS_HOST=host
+     - EWS_HPFEEDS_PORT=port
+     - EWS_HPFEEDS_CHANNELS=channels
+     - EWS_HPFEEDS_IDENT=user
+     - EWS_HPFEEDS_SECRET=secret
+     - EWS_HPFEEDS_TLSCERT=/opt/ewsposter/ca.pem
+     - EWS_HPFEEDS_FORMAT=json
     env_file:
      - /opt/tpot/etc/compose/elk_environment
     image: "dtagdevsec/ewsposter:1903"

etc/compose/industrial.yml

@@ -348,6 +348,15 @@ services:
     restart: always
     networks:
      - ewsposter_local
+    environment:
+     - EWS_HPFEEDS_ENABLE=false
+     - EWS_HPFEEDS_HOST=host
+     - EWS_HPFEEDS_PORT=port
+     - EWS_HPFEEDS_CHANNELS=channels
+     - EWS_HPFEEDS_IDENT=user
+     - EWS_HPFEEDS_SECRET=secret
+     - EWS_HPFEEDS_TLSCERT=/opt/ewsposter/ca.pem
+     - EWS_HPFEEDS_FORMAT=json
     env_file:
      - /opt/tpot/etc/compose/elk_environment
     image: "dtagdevsec/ewsposter:1903"

etc/compose/legacy.yml

@@ -288,6 +288,15 @@ services:
     restart: always
     networks:
      - ewsposter_local
+    environment:
+     - EWS_HPFEEDS_ENABLE=false
+     - EWS_HPFEEDS_HOST=host
+     - EWS_HPFEEDS_PORT=port
+     - EWS_HPFEEDS_CHANNELS=channels
+     - EWS_HPFEEDS_IDENT=user
+     - EWS_HPFEEDS_SECRET=secret
+     - EWS_HPFEEDS_TLSCERT=/opt/ewsposter/ca.pem
+     - EWS_HPFEEDS_FORMAT=json
     env_file:
      - /opt/tpot/etc/compose/elk_environment
     image: "dtagdevsec/ewsposter:1903"

etc/compose/nextgen.yml

@@ -514,6 +514,15 @@ services:
     restart: always
     networks:
      - ewsposter_local
+    environment:
+     - EWS_HPFEEDS_ENABLE=false
+     - EWS_HPFEEDS_HOST=host
+     - EWS_HPFEEDS_PORT=port
+     - EWS_HPFEEDS_CHANNELS=channels
+     - EWS_HPFEEDS_IDENT=user
+     - EWS_HPFEEDS_SECRET=secret
+     - EWS_HPFEEDS_TLSCERT=/opt/ewsposter/ca.pem
+     - EWS_HPFEEDS_FORMAT=json
     env_file:
      - /opt/tpot/etc/compose/elk_environment
     image: "dtagdevsec/ewsposter:1903"

etc/compose/sensor.yml

@@ -433,6 +433,15 @@ services:
     restart: always
     networks:
      - ewsposter_local
+    environment:
+     - EWS_HPFEEDS_ENABLE=false
+     - EWS_HPFEEDS_HOST=host
+     - EWS_HPFEEDS_PORT=port
+     - EWS_HPFEEDS_CHANNELS=channels
+     - EWS_HPFEEDS_IDENT=user
+     - EWS_HPFEEDS_SECRET=secret
+     - EWS_HPFEEDS_TLSCERT=/opt/ewsposter/ca.pem
+     - EWS_HPFEEDS_FORMAT=json
     env_file:
      - /opt/tpot/etc/compose/elk_environment
     image: "dtagdevsec/ewsposter:1903"

etc/compose/standard.yml

@@ -506,6 +506,15 @@ services:
     restart: always
     networks:
      - ewsposter_local
+    environment:
+     - EWS_HPFEEDS_ENABLE=false
+     - EWS_HPFEEDS_HOST=host
+     - EWS_HPFEEDS_PORT=port
+     - EWS_HPFEEDS_CHANNELS=channels
+     - EWS_HPFEEDS_IDENT=user
+     - EWS_HPFEEDS_SECRET=secret
+     - EWS_HPFEEDS_TLSCERT=/opt/ewsposter/ca.pem
+     - EWS_HPFEEDS_FORMAT=json
     env_file:
      - /opt/tpot/etc/compose/elk_environment
     image: "dtagdevsec/ewsposter:1903"