Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-04-20 06:02:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

tweaking updater, conpot

Browse source
This commit is contained in:
listbot 2018-08-20 15:06:10 +00:00
parent e2613e7d17
commit 6b77e64ff4
3 changed files with 129 additions and 114 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
docker/conpot/Dockerfile
View file

@ -1,4 +1,4 @@
FROM alpine
FROM alpine:3.7
# Include dist
ADD dist/ /root/dist/
@ -12,10 +12,10 @@ RUN apk -U --no-cache add \
libev \
libtool \
libcap \
libxml2-dev \
libxslt \
libxslt-dev \
mariadb-dev \
mariadb-client-libs \
mariadb-dev \
pkgconfig \
python \
python-dev \
@ -58,6 +58,7 @@ RUN apk -U --no-cache add \
git \
libev \
libtool \
libxml2-dev \
libxslt-dev \
mariadb-dev \
pkgconfig \

6
docker/conpot/dist/templates/kamstrup_382/template.xml vendored
View file

@ -446,10 +446,10 @@
<value type="value">'255.255.255.0'</value>
</key>
<key name="kap_a_server_hostname">
<value type="value">'kapserver.evilpowerprovider.org'</value>
<value type="value">'pwr_ctrl_mgmt01.int.local'</value>
</key>
<key name="kap_a_server_ip">
<value type="value">'202.202.202.1'</value>
<value type="value">'10.232.15.242'</value>
</key>
<key name="kap_a_server_port">
<value type="value">'50'</value>
@ -513,4 +513,4 @@
</key>
</key_value_mappings>
</databus>
</core>
</core>

230
update.sh
View file

@ -12,14 +12,6 @@ myGREEN=""
myWHITE=""
myBLUE=""
# Got root?
myWHOAMI=$(whoami)
if [ "$myWHOAMI" != "root" ]
then
echo "Need to run as root ..."
sudo ./$0
exit
fi
# Check for existing tpot.yml
function fuCONFIGCHECK () {
@ -28,12 +20,12 @@ function fuCONFIGCHECK () {
if ! [ -f $myCONFIGFILE ];
then
echo
echo $myRED"Error - No T-Pot configuration file present."
echo "Please copy one of the preconfigured configuration files from /opt/tpot/etc/compose/*.yml to /opt/tpot/etc/tpot.yml."$myWHITE
echo "[ $myRED""NOT OK""$myWHITE ] - No T-Pot configuration found."
echo "Please create a link to your desired config i.e. 'ln -s /opt/tpot/etc/compose/standard.yml /opt/tpot/etc/tpot.yml'."
echo
exit 1
else
echo $myGREEN"OK"$myWHITE
echo "[ $myGREEN""OK""$myWHITE ]"
fi
}
@ -47,25 +39,25 @@ mySITES=$1
curl --connect-timeout 5 -IsS $i 2>&1>/dev/null
if [ $? -ne 0 ];
then
echo
echo $myRED"Error - Internet connection test failed. This might indicate some problems with your connection."
echo "Exiting."$myWHITE
echo
echo "###### $myBLUE""Error - Internet connection test failed.""$myWHITE"" [ $myRED""NOT OK""$myWHITE ]"
echo "Exiting.""$myWHITE"
echo
exit 1
else
echo $myGREEN"OK"$myWHITE
echo "[ $myGREEN"OK"$myWHITE ]"
fi
done;
}
# Self Update
# Update
function fuSELFUPDATE () {
echo "### Now checking for newer files in repository ..."
git fetch
git fetch --all
myREMOTESTAT=$(git status | grep -c "up-to-date")
if [ "$myREMOTESTAT" != "0" ];
then
echo "###### $myBLUE"No updates found in repository."$myWHITE"
echo "###### $myBLUE""No updates found in repository.""$myWHITE"
return
fi
myRESULT=$(git diff --name-only origin/master | grep update.sh)
@ -74,18 +66,15 @@ function fuSELFUPDATE () {
then
if [ "$myLOCALSTAT" == "0" ];
then
echo "###### $myBLUE"Found newer version, will update myself and restart."$myWHITE"
echo "###### $myBLUE""Found newer version, will update myself and restart.""$myWHITE"
git reset --hard
git pull --force
exec "$1" "$2"
exit 1
else
echo $myRED"Error - Update script was changed locally, cannot update."
echo "Exiting."$myWHITE
echo
exit 1
fi
else
echo "###### Update script is already up-to-date."
echo "###### $myBLUE""Update script is already up-to-date.""$myWHITE"
git reset --hard
git pull --force
fi
}
@ -95,120 +84,145 @@ function fuCHECK_VERSION () {
local myMINVERSION="18.04.0"
local myMASTERVERSION="18.04.0"
echo
echo -n "##### Checking for version tag: "
echo "### Checking for version tag ..."
if [ -f "version" ];
then
myVERSION=$(cat version)
echo "[ OK ] - You are running $myVERSION"
if [[ "$myVERSION" > "$myMINVERSION" || "$myVERSION" == "$myMINVERSION" ]] && [[ "$myVERSION" < "$myMASTERVERSION" || "$myVERSION" == "$myMASTERVERSION" ]]
then
echo "##### Valid version found. Update procedure will be initiated."
exit
echo "###### $myBLUE$myVERSION is eligible for the update procedure.$myWHITE"" [ $myGREEN""OK""$myWHITE ]"
else
echo "##### Your T-Pot installation cannot be upgraded automatically. Please run a fresh install."
exit
echo "###### $myBLUE $myVERSION cannot be upgraded automatically. Please run a fresh install.$myWHITE"" [ $myRED""NOT OK""$myWHITE ]"
exit
fi
else
echo "[ NOT OK ]"
echo "##### 'version' is missing. Please run 'update.sh' from within '/opt/tpot'."
echo "###### $myBLUE""Unable to determine version. Please run 'update.sh' from within '/opt/tpot'.""$myWHITE"" [ $myRED""NOT OK""$myWHITE ]"
exit
fi
}
# Stop T-Pot to avoid race conditions with running containers with regard to the current T-Pot config
function fuSTOP_TPOT () {
echo "### Need to stop T-Pot ..."
echo -n "###### $myBLUE Now stopping T-Pot.$myWHITE "
systemctl stop tpot
if [ $? -ne 0 ];
then
echo " [ $myRED""NOT OK""$myWHITE ]"
echo "###### $myBLUE""Could not stop T-Pot.""$myWHITE"" [ $myRED""NOT OK""$myWHITE ]"
echo "Exiting.""$myWHITE"
echo
exit 1
else
echo "[ $myGREEN"OK"$myWHITE ]"
fi
}
# Backup
function fuBACKUP () {
local myARCHIVE="/root/$(date +%Y%m%d%H%M)_tpot_backup.tgz"
local myPATH=$PWD
echo "### Create a backup, just in case ... "
echo -n "###### $myBLUE Building archive in $myARCHIVE $myWHITE"
cd /opt/tpot
tar cvfz $myARCHIVE * 2>&1>/dev/null
if [ $? -ne 0 ];
then
echo " [ $myRED""NOT OK""$myWHITE ]"
echo "###### $myBLUE""Something went wrong.""$myWHITE"" [ $myRED""NOT OK""$myWHITE ]"
echo "Exiting.""$myWHITE"
echo
cd $myPATH
exit 1
else
echo "[ $myGREEN"OK"$myWHITE ]"
cd $myPATH
fi
}
# Let's load docker images in parallel
function fuPULLIMAGES {
local myTPOTCOMPOSE="/opt/tpot/etc/tpot.yml"
for name in $(cat $myTPOTCOMPOSE | grep -v '#' | grep image | cut -d'"' -f2 | uniq)
do
docker pull $name &
done
wait
}
function fuUPDATER () {
local myPACKAGES="apache2-utils apparmor apt-transport-https aufs-tools bash-completion build-essential ca-certificates cgroupfs-mount cockpit cockpit-docker curl dialog dnsutils docker.io docker-compose dstat ethtool fail2ban genisoimage git glances grc html2text htop ifupdown iptables iw jq libcrack2 libltdl7 lm-sensors man multitail net-tools npm ntp openssh-server openssl pass prips syslinux psmisc pv python-pip unattended-upgrades unzip vim wireless-tools wpasupplicant"
echo "### Now upgrading packages ..."
apt-get -y autoclean
apt-get -y autoremove
apt-get update
apt-get -y install $myPACKAGES
# Some updates require interactive attention, you can override that for unattended upgrades.
# Be warned, this can easily break your system.
# apt-get dist-upgrade -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --force-yes
apt-get -y dist-upgrade
npm install "https://github.com/taskrabbit/elasticsearch-dump#9fcc8cc" -g
pip install --upgrade pip
hash -r
pip install --upgrade elasticsearch-curator yq
wget https://github.com/bcicen/ctop/releases/download/v0.7.1/ctop-0.7.1-linux-amd64 -O /usr/bin/ctop && chmod +x /usr/bin/ctop
echo
echo "### Now replacing T-Pot related config files on host"
cp host/etc/systemd/* /etc/systemd/system/
cp host/etc/issue /etc/
echo
echo "### Now pulling latest docker images"
fuPULLIMAGES
echo
echo "### If you made changes to tpot.yml please ensure to add them again."
echo "### We stored the previous version as backup in /root/."
echo "### Done, please reboot."
}
################
# Main section #
################
# Got root?
myWHOAMI=$(whoami)
if [ "$myWHOAMI" != "root" ]
then
echo "Need to run as root ..."
sudo ./$0
exit
fi
# Only run with command switch
if [ "$1" != "-y" ]; then
echo "This script will update / upgrade all T-Pot related scripts, tools and packages"
echo "Some of your changes might be overwritten, so make sure to save your work"
echo "This is beta feature and only recommended for experienced users, run with \"-y\" switch"
echo "This is beta feature and only recommended for experienced users, run with '-y' switch"
echo
exit
fi
echo "### Now running T-Pot update script."
echo
fuCHECKINET "https://index.docker.io https://github.com https://pypi.python.org https://ubuntu.com"
echo
fuSELFUPDATE "$0" "$@"
fuCHECK_VERSION
echo
fuCONFIGCHECK
echo
echo "### Now stopping T-Pot"
systemctl stop tpot
# Better safe than sorry
echo "###### Creating backup and storing it in /home/tsec"
tar cvfz /root/tpot_backup.tgz /opt/tpot
echo "###### Getting the current install flavor"
myFLAVOR=$(head $myCONFIGFILE -n 1 | awk '{ print $3 }' | tr -d :'()':)
echo "###### Updating compose file"
case $myFLAVOR in
HP)
echo "###### Restoring HONEYPOT flavor installation."
cp $myCOMPOSEPATH/hp.yml $myCONFIGFILE
;;
Industrial)
echo "###### Restoring INDUSTRIAL flavor installation."
cp $myCOMPOSEPATH/industrial.yml $myCONFIGFILE
;;
Standard)
echo "###### Restoring TPOT flavor installation."
cp $myCOMPOSEPATH/tpot.yml $myCONFIGFILE
;;
Everything)
echo "###### Restoring EVERYTHING flavor installation."
cp $myCOMPOSEPATH/all.yml $myCONFIGFILE
;;
esac
fuCHECKINET "https://index.docker.io https://github.com https://pypi.python.org https://ubuntu.com"
echo
echo "### Now upgrading packages"
apt-get autoclean -y
apt-get autoremove -y
apt-get update
apt-get dist-upgrade -y
pip install --upgrade pip
pip install docker-compose==1.16.1
pip install elasticsearch-curator==5.2.0
ln -s /usr/bin/nodejs /usr/bin/node 2>&1
npm install https://github.com/t3chn0m4g3/wetty -g
npm install https://github.com/t3chn0m4g3/elasticsearch-dump -g
wget https://github.com/bcicen/ctop/releases/download/v0.6.1/ctop-0.6.1-linux-amd64 -O /usr/bin/ctop && chmod +x /usr/bin/ctop
fuSTOP_TPOT
echo
echo "### Now replacing T-Pot related config files on host"
cp host/etc/systemd/* /etc/systemd/system/
cp host/etc/issue /etc/
cp -R host/etc/nginx/ssl /etc/nginx/
cp host/etc/nginx/tpotweb.conf /etc/nginx/sites-available/
cp host/etc/nginx/nginx.conf /etc/nginx/nginx.conf
cp host/usr/share/nginx/html/* /usr/share/nginx/html/
fuBACKUP
echo
echo "### Now reloading systemd, nginx"
systemctl daemon-reload
nginx -s reload
fuSELFUPDATE "$0" "$@"
echo
echo "### Now restarting wetty, nginx, docker"
systemctl restart wetty.service
systemctl restart nginx.service
systemctl restart docker.service
fuUPDATER
echo
echo "### Now pulling latest docker images"
docker-compose -f /opt/tpot/etc/tpot.yml pull
echo
echo "### Now starting T-Pot service"
systemctl start tpot
echo
echo "### If you made changes to tpot.yml please ensure to add them again."
echo "### We stored the previous version as backup in /home/tsec."
echo "### Done."