Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-01 12:32:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

tweaking updater, conpot

Browse source
This commit is contained in:
listbot 2018-08-20 15:06:10 +00:00
parent e2613e7d17
commit 6b77e64ff4
3 changed files with 129 additions and 114 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
docker/conpot/Dockerfile
View file

@ -1,4 +1,4 @@
FROM alpine FROM alpine:3.7
# Include dist # Include dist
ADD dist/ /root/dist/ ADD dist/ /root/dist/
@ -12,10 +12,10 @@ RUN apk -U --no-cache add \
libev \ libev \
libtool \ libtool \
libcap \ libcap \
libxml2-dev \
libxslt \ libxslt \
libxslt-dev \
mariadb-dev \
mariadb-client-libs \ mariadb-client-libs \
mariadb-dev \
pkgconfig \ pkgconfig \
python \ python \
python-dev \ python-dev \
@ -58,6 +58,7 @@ RUN apk -U --no-cache add \
git \ git \
libev \ libev \
libtool \ libtool \
libxml2-dev \
libxslt-dev \ libxslt-dev \
mariadb-dev \ mariadb-dev \
pkgconfig \ pkgconfig \

4
docker/conpot/dist/templates/kamstrup_382/template.xml vendored
View file

@ -446,10 +446,10 @@
<value type="value">'255.255.255.0'</value> <value type="value">'255.255.255.0'</value>
</key> </key>
<key name="kap_a_server_hostname"> <key name="kap_a_server_hostname">
<value type="value">'kapserver.evilpowerprovider.org'</value> <value type="value">'pwr_ctrl_mgmt01.int.local'</value>
</key> </key>
<key name="kap_a_server_ip"> <key name="kap_a_server_ip">
<value type="value">'202.202.202.1'</value> <value type="value">'10.232.15.242'</value>
</key> </key>
<key name="kap_a_server_port"> <key name="kap_a_server_port">
<value type="value">'50'</value> <value type="value">'50'</value>

226
update.sh
View file

@ -12,14 +12,6 @@ myGREEN=""
myWHITE="" myWHITE=""
myBLUE="" myBLUE=""
# Got root?
myWHOAMI=$(whoami)
if [ "$myWHOAMI" != "root" ]
then
echo "Need to run as root ..."
sudo ./$0
exit
fi
# Check for existing tpot.yml # Check for existing tpot.yml
function fuCONFIGCHECK () { function fuCONFIGCHECK () {
@ -28,12 +20,12 @@ function fuCONFIGCHECK () {
if ! [ -f $myCONFIGFILE ]; if ! [ -f $myCONFIGFILE ];
then then
echo echo
echo $myRED"Error - No T-Pot configuration file present." echo "[ $myRED""NOT OK""$myWHITE ] - No T-Pot configuration found."
echo "Please copy one of the preconfigured configuration files from /opt/tpot/etc/compose/*.yml to /opt/tpot/etc/tpot.yml."$myWHITE echo "Please create a link to your desired config i.e. 'ln -s /opt/tpot/etc/compose/standard.yml /opt/tpot/etc/tpot.yml'."
echo echo
exit 1 exit 1
else else
echo $myGREEN"OK"$myWHITE echo "[ $myGREEN""OK""$myWHITE ]"
fi fi
} }
@ -48,24 +40,24 @@ mySITES=$1
if [ $? -ne 0 ]; if [ $? -ne 0 ];
then then
echo echo
echo $myRED"Error - Internet connection test failed. This might indicate some problems with your connection." echo "###### $myBLUE""Error - Internet connection test failed.""$myWHITE"" [ $myRED""NOT OK""$myWHITE ]"
echo "Exiting."$myWHITE echo "Exiting.""$myWHITE"
echo echo
exit 1 exit 1
else else
echo $myGREEN"OK"$myWHITE echo "[ $myGREEN"OK"$myWHITE ]"
fi fi
done; done;
} }
# Self Update # Update
function fuSELFUPDATE () { function fuSELFUPDATE () {
echo "### Now checking for newer files in repository ..." echo "### Now checking for newer files in repository ..."
git fetch git fetch --all
myREMOTESTAT=$(git status | grep -c "up-to-date") myREMOTESTAT=$(git status | grep -c "up-to-date")
if [ "$myREMOTESTAT" != "0" ]; if [ "$myREMOTESTAT" != "0" ];
then then
echo "###### $myBLUE"No updates found in repository."$myWHITE" echo "###### $myBLUE""No updates found in repository.""$myWHITE"
return return
fi fi
myRESULT=$(git diff --name-only origin/master | grep update.sh) myRESULT=$(git diff --name-only origin/master | grep update.sh)
@ -74,18 +66,15 @@ function fuSELFUPDATE () {
then then
if [ "$myLOCALSTAT" == "0" ]; if [ "$myLOCALSTAT" == "0" ];
then then
echo "###### $myBLUE"Found newer version, will update myself and restart."$myWHITE" echo "###### $myBLUE""Found newer version, will update myself and restart.""$myWHITE"
git reset --hard
git pull --force git pull --force
exec "$1" "$2" exec "$1" "$2"
exit 1 exit 1
else
echo $myRED"Error - Update script was changed locally, cannot update."
echo "Exiting."$myWHITE
echo
exit 1
fi fi
else else
echo "###### Update script is already up-to-date." echo "###### $myBLUE""Update script is already up-to-date.""$myWHITE"
git reset --hard
git pull --force git pull --force
fi fi
} }
@ -95,120 +84,145 @@ function fuCHECK_VERSION () {
local myMINVERSION="18.04.0" local myMINVERSION="18.04.0"
local myMASTERVERSION="18.04.0" local myMASTERVERSION="18.04.0"
echo echo
echo -n "##### Checking for version tag: " echo "### Checking for version tag ..."
if [ -f "version" ]; if [ -f "version" ];
then then
myVERSION=$(cat version) myVERSION=$(cat version)
echo "[ OK ] - You are running $myVERSION"
if [[ "$myVERSION" > "$myMINVERSION" || "$myVERSION" == "$myMINVERSION" ]] && [[ "$myVERSION" < "$myMASTERVERSION" || "$myVERSION" == "$myMASTERVERSION" ]] if [[ "$myVERSION" > "$myMINVERSION" || "$myVERSION" == "$myMINVERSION" ]] && [[ "$myVERSION" < "$myMASTERVERSION" || "$myVERSION" == "$myMASTERVERSION" ]]
then then
echo "##### Valid version found. Update procedure will be initiated." echo "###### $myBLUE$myVERSION is eligible for the update procedure.$myWHITE"" [ $myGREEN""OK""$myWHITE ]"
exit
else else
echo "##### Your T-Pot installation cannot be upgraded automatically. Please run a fresh install." echo "###### $myBLUE $myVERSION cannot be upgraded automatically. Please run a fresh install.$myWHITE"" [ $myRED""NOT OK""$myWHITE ]"
exit exit
fi fi
else else
echo "[ NOT OK ]" echo "###### $myBLUE""Unable to determine version. Please run 'update.sh' from within '/opt/tpot'.""$myWHITE"" [ $myRED""NOT OK""$myWHITE ]"
echo "##### 'version' is missing. Please run 'update.sh' from within '/opt/tpot'."
exit exit
fi fi
} }
# Stop T-Pot to avoid race conditions with running containers with regard to the current T-Pot config
function fuSTOP_TPOT () {
echo "### Need to stop T-Pot ..."
echo -n "###### $myBLUE Now stopping T-Pot.$myWHITE "
systemctl stop tpot
if [ $? -ne 0 ];
then
echo " [ $myRED""NOT OK""$myWHITE ]"
echo "###### $myBLUE""Could not stop T-Pot.""$myWHITE"" [ $myRED""NOT OK""$myWHITE ]"
echo "Exiting.""$myWHITE"
echo
exit 1
else
echo "[ $myGREEN"OK"$myWHITE ]"
fi
}
# Backup
function fuBACKUP () {
local myARCHIVE="/root/$(date +%Y%m%d%H%M)_tpot_backup.tgz"
local myPATH=$PWD
echo "### Create a backup, just in case ... "
echo -n "###### $myBLUE Building archive in $myARCHIVE $myWHITE"
cd /opt/tpot
tar cvfz $myARCHIVE * 2>&1>/dev/null
if [ $? -ne 0 ];
then
echo " [ $myRED""NOT OK""$myWHITE ]"
echo "###### $myBLUE""Something went wrong.""$myWHITE"" [ $myRED""NOT OK""$myWHITE ]"
echo "Exiting.""$myWHITE"
echo
cd $myPATH
exit 1
else
echo "[ $myGREEN"OK"$myWHITE ]"
cd $myPATH
fi
}
# Let's load docker images in parallel
function fuPULLIMAGES {
local myTPOTCOMPOSE="/opt/tpot/etc/tpot.yml"
for name in $(cat $myTPOTCOMPOSE | grep -v '#' | grep image | cut -d'"' -f2 | uniq)
do
docker pull $name &
done
wait
}
function fuUPDATER () {
local myPACKAGES="apache2-utils apparmor apt-transport-https aufs-tools bash-completion build-essential ca-certificates cgroupfs-mount cockpit cockpit-docker curl dialog dnsutils docker.io docker-compose dstat ethtool fail2ban genisoimage git glances grc html2text htop ifupdown iptables iw jq libcrack2 libltdl7 lm-sensors man multitail net-tools npm ntp openssh-server openssl pass prips syslinux psmisc pv python-pip unattended-upgrades unzip vim wireless-tools wpasupplicant"
echo "### Now upgrading packages ..."
apt-get -y autoclean
apt-get -y autoremove
apt-get update
apt-get -y install $myPACKAGES
# Some updates require interactive attention, you can override that for unattended upgrades.
# Be warned, this can easily break your system.
# apt-get dist-upgrade -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --force-yes
apt-get -y dist-upgrade
npm install "https://github.com/taskrabbit/elasticsearch-dump#9fcc8cc" -g
pip install --upgrade pip
hash -r
pip install --upgrade elasticsearch-curator yq
wget https://github.com/bcicen/ctop/releases/download/v0.7.1/ctop-0.7.1-linux-amd64 -O /usr/bin/ctop && chmod +x /usr/bin/ctop
echo
echo "### Now replacing T-Pot related config files on host"
cp host/etc/systemd/* /etc/systemd/system/
cp host/etc/issue /etc/
echo
echo "### Now pulling latest docker images"
fuPULLIMAGES
echo
echo "### If you made changes to tpot.yml please ensure to add them again."
echo "### We stored the previous version as backup in /root/."
echo "### Done, please reboot."
}
################
# Main section #
################
# Got root?
myWHOAMI=$(whoami)
if [ "$myWHOAMI" != "root" ]
then
echo "Need to run as root ..."
sudo ./$0
exit
fi
# Only run with command switch # Only run with command switch
if [ "$1" != "-y" ]; then if [ "$1" != "-y" ]; then
echo "This script will update / upgrade all T-Pot related scripts, tools and packages" echo "This script will update / upgrade all T-Pot related scripts, tools and packages"
echo "Some of your changes might be overwritten, so make sure to save your work" echo "Some of your changes might be overwritten, so make sure to save your work"
echo "This is beta feature and only recommended for experienced users, run with \"-y\" switch" echo "This is beta feature and only recommended for experienced users, run with '-y' switch"
echo echo
exit exit
fi fi
echo "### Now running T-Pot update script." fuCHECK_VERSION
echo
fuCHECKINET "https://index.docker.io https://github.com https://pypi.python.org https://ubuntu.com"
echo
fuSELFUPDATE "$0" "$@"
echo echo
fuCONFIGCHECK fuCONFIGCHECK
echo echo
echo "### Now stopping T-Pot" fuCHECKINET "https://index.docker.io https://github.com https://pypi.python.org https://ubuntu.com"
systemctl stop tpot
# Better safe than sorry
echo "###### Creating backup and storing it in /home/tsec"
tar cvfz /root/tpot_backup.tgz /opt/tpot
echo "###### Getting the current install flavor"
myFLAVOR=$(head $myCONFIGFILE -n 1 | awk '{ print $3 }' | tr -d :'()':)
echo "###### Updating compose file"
case $myFLAVOR in
HP)
echo "###### Restoring HONEYPOT flavor installation."
cp $myCOMPOSEPATH/hp.yml $myCONFIGFILE
;;
Industrial)
echo "###### Restoring INDUSTRIAL flavor installation."
cp $myCOMPOSEPATH/industrial.yml $myCONFIGFILE
;;
Standard)
echo "###### Restoring TPOT flavor installation."
cp $myCOMPOSEPATH/tpot.yml $myCONFIGFILE
;;
Everything)
echo "###### Restoring EVERYTHING flavor installation."
cp $myCOMPOSEPATH/all.yml $myCONFIGFILE
;;
esac
echo echo
echo "### Now upgrading packages"
apt-get autoclean -y
apt-get autoremove -y
apt-get update
apt-get dist-upgrade -y
pip install --upgrade pip
pip install docker-compose==1.16.1
pip install elasticsearch-curator==5.2.0
ln -s /usr/bin/nodejs /usr/bin/node 2>&1
npm install https://github.com/t3chn0m4g3/wetty -g
npm install https://github.com/t3chn0m4g3/elasticsearch-dump -g
wget https://github.com/bcicen/ctop/releases/download/v0.6.1/ctop-0.6.1-linux-amd64 -O /usr/bin/ctop && chmod +x /usr/bin/ctop
fuSTOP_TPOT
echo echo
echo "### Now replacing T-Pot related config files on host"
cp host/etc/systemd/* /etc/systemd/system/
cp host/etc/issue /etc/
cp -R host/etc/nginx/ssl /etc/nginx/
cp host/etc/nginx/tpotweb.conf /etc/nginx/sites-available/
cp host/etc/nginx/nginx.conf /etc/nginx/nginx.conf
cp host/usr/share/nginx/html/* /usr/share/nginx/html/
fuBACKUP
echo echo
echo "### Now reloading systemd, nginx"
systemctl daemon-reload
nginx -s reload
fuSELFUPDATE "$0" "$@"
echo echo
echo "### Now restarting wetty, nginx, docker"
systemctl restart wetty.service
systemctl restart nginx.service
systemctl restart docker.service
fuUPDATER
echo echo
echo "### Now pulling latest docker images"
docker-compose -f /opt/tpot/etc/tpot.yml pull
echo
echo "### Now starting T-Pot service"
systemctl start tpot
echo
echo "### If you made changes to tpot.yml please ensure to add them again."
echo "### We stored the previous version as backup in /home/tsec."
echo "### Done."