installer ui improvements

installer/etc/dialogrc

@@ -0,0 +1,144 @@
+#
+# Run-time configuration file for dialog
+#
+# Automatically generated by "dialog --create-rc <file>"
+#
+#
+# Types of values:
+#
+# Number     -  <number>
+# String     -  "string"
+# Boolean    -  <ON|OFF>
+# Attribute  -  (foreground,background,highlight?)
+
+# Set aspect-ration.
+aspect = 0
+
+# Set separator (for multiple widgets output).
+separate_widget = ""
+
+# Set tab-length (for textbox tab-conversion).
+tab_len = 0
+
+# Make tab-traversal for checklist, etc., include the list.
+visit_items = OFF
+
+# Shadow dialog boxes? This also turns on color.
+use_shadow = ON
+
+# Turn color support ON or OFF
+use_colors = ON
+
+# Screen color
+screen_color = (WHITE,MAGENTA,ON)
+
+# Shadow color
+shadow_color = (BLACK,BLACK,ON)
+
+# Dialog box color
+dialog_color = (BLACK,WHITE,OFF)
+
+# Dialog box title color
+title_color = (MAGENTA,WHITE,OFF)
+
+# Dialog box border color
+border_color = (WHITE,WHITE,ON)
+
+# Active button color
+button_active_color = (WHITE,MAGENTA,OFF)
+
+# Inactive button color
+button_inactive_color = dialog_color
+
+# Active button key color
+button_key_active_color = button_active_color
+
+# Inactive button key color
+button_key_inactive_color = (RED,WHITE,OFF)
+
+# Active button label color
+button_label_active_color = (YELLOW,MAGENTA,ON)
+
+# Inactive button label color
+button_label_inactive_color = (BLACK,WHITE,OFF)
+
+# Input box color
+inputbox_color = dialog_color
+
+# Input box border color
+inputbox_border_color = dialog_color
+
+# Search box color
+searchbox_color = dialog_color
+
+# Search box title color
+searchbox_title_color = title_color
+
+# Search box border color
+searchbox_border_color = border_color
+
+# File position indicator color
+position_indicator_color = title_color
+
+# Menu box color
+menubox_color = dialog_color
+
+# Menu box border color
+menubox_border_color = border_color
+
+# Item color
+item_color = dialog_color
+
+# Selected item color
+item_selected_color = button_active_color
+
+# Tag color
+tag_color = title_color
+
+# Selected tag color
+tag_selected_color = button_label_active_color
+
+# Tag key color
+tag_key_color = button_key_inactive_color
+
+# Selected tag key color
+tag_key_selected_color = (RED,MAGENTA,ON)
+
+# Check box color
+check_color = dialog_color
+
+# Selected check box color
+check_selected_color = button_active_color
+
+# Up arrow color
+uarrow_color = (MAGENTA,WHITE,ON)
+
+# Down arrow color
+darrow_color = uarrow_color
+
+# Item help-text color
+itemhelp_color = (WHITE,BLACK,OFF)
+
+# Active form text color
+form_active_text_color = button_active_color
+
+# Form text color
+form_text_color = (WHITE,CYAN,ON)
+
+# Readonly form item color
+form_item_readonly_color = (CYAN,WHITE,ON)
+
+# Dialog box gauge color
+gauge_color = title_color
+
+# Dialog box border2 color
+border2_color = dialog_color
+
+# Input box border2 color
+inputbox_border2_color = dialog_color
+
+# Search box border2 color
+searchbox_border2_color = dialog_color
+
+# Menu box border2 color
+menubox_border2_color = dialog_color

installer/install.sh

@@ -3,15 +3,24 @@
 # T-Pot post install script                            #
 # Ubuntu server 16.04.0, x64                           #
 #                                                      #
-# v17.06 by mo, DTAG, 2017-03-18                       #
+# v17.06 by mo, DTAG, 2017-03-22                       #
 ########################################################
 
+# Set TERM, DIALOGRC
+export TERM=xterm
+export DIALOGRC=/etc/dialogrc
+
+# Let's load dialog color theme
+cp /root/tpot/etc/dialogrc /etc/
+
 # Some global vars
 myPROXYFILEPATH="/root/tpot/etc/proxy"
 myNTPCONFPATH="/root/tpot/etc/ntp"
 myPFXPATH="/root/tpot/keys/8021x.pfx"
 myPFXPWPATH="/root/tpot/keys/8021x.pw"
 myPFXHOSTIDPATH="/root/tpot/keys/8021x.id"
+myBACKTITLE="T-Pot Installer"
+mySITES="https://index.docker.io https://ubuntu.com https://github.com http://nsanamegenerator.com"
 
 # Let's create a function for colorful output
 fuECHO () {
@@ -41,108 +50,6 @@ set -e
 exec 2> >(tee "install.err")
 exec > >(tee "install.log")
 
-# Let's remove NGINX default website
-fuECHO "### Removing NGINX default website."
-rm /etc/nginx/sites-enabled/default
-rm /etc/nginx/sites-available/default
-rm /usr/share/nginx/html/index.html
-
-# Let's wait a few seconds to avoid interference with service messages
-fuECHO "### Waiting a few seconds to avoid interference with service messages."
-sleep 5
-
-# Let's ask user for install type
-# Install types are TPOT, HP, INDUSTRIAL, ALL
-while [ 1 != 2 ]
-  do
-    fuECHO "### Please choose your install type and notice HW recommendation."
-    fuECHO
-    fuECHO "    [T] - T-Pot Standard Installation"
-    fuECHO "          - Cowrie, Dionaea, Elasticpot, Glastopf, Honeytrap, Suricata & ELK"
-    fuECHO "          - 4 GB RAM (6-8 GB recommended)"
-    fuECHO "          - 64GB disk (128 GB SSD recommended)"
-    fuECHO
-    fuECHO "    [H] - Honeypots Only Installation"
-    fuECHO "          - Cowrie, Dionaea, ElasticPot, Glastopf & Honeytrap"
-    fuECHO "          - 3 GB RAM (4-6 GB recommended)"
-    fuECHO "          - 64 GB disk (64 GB SSD recommended)"
-    fuECHO
-    fuECHO "    [I] - Industrial"
-    fuECHO "          - ConPot, eMobility, ELK & Suricata"
-    fuECHO "          - 4 GB RAM (8 GB recommended)"
-    fuECHO "          - 64 GB disk (128 GB SSD recommended)"
-    fuECHO
-    fuECHO "    [E] - Everything"
-    fuECHO "          - All of the above"
-    fuECHO "          - 8 GB RAM"
-    fuECHO "          - 128 GB disk or larger (128 GB SSD or larger recommended)"
-    fuECHO
-    read -p "Install Type: " myTYPE
-    case "$myTYPE" in
-      [t,T])
-        myFLAVOR="TPOT"
-        break
-        ;;
-      [h,H])
-        myFLAVOR="HP"
-        break
-        ;;
-      [i,I])
-        myFLAVOR="INDUSTRIAL"
-        break
-        ;;
-      [e,E])
-        myFLAVOR="ALL"
-        break
-        ;;
-    esac
-done
-fuECHO "### You chose: "$myFLAVOR
-fuECHO
-
-# Let's ask user for a web user and password
-myOK="n"
-myUSER="tsec"
-while [ 1 != 2 ]
-  do
-    fuECHO "### Please enter a web user name and password."
-    read -p "Username (tsec not allowed): " myUSER
-    echo "Your username is: "$myUSER
-    fuECHO
-    read -p "OK (y/n)? " myOK
-    fuECHO
-    if [ "$myOK" = "y" ] && [ "$myUSER" != "tsec" ] && [ "$myUSER" != "" ];
-      then
-        break
-    fi
-  done
-myPASS1="pass1"
-myPASS2="pass2"
-while [ "$myPASS1" != "$myPASS2"  ] 
-  do
-    while [ "$myPASS1" == "pass1"  ] || [ "$myPASS1" == "" ]
-      do
-        read -s -p "Password: " myPASS1
-        fuECHO
-      done
-    read -s -p "Repeat password: " myPASS2
-    fuECHO
-    if [ "$myPASS1" != "$myPASS2" ];
-      then
-        fuECHO "### Passwords do not match."
-        myPASS1="pass1"
-        myPASS2="pass2"
-    fi
-  done
-htpasswd -b -c /etc/nginx/nginxpasswd $myUSER $myPASS1
-fuECHO
-
-# Let's generate a SSL certificate
-fuECHO "### Generating a self-signed-certificate for NGINX."
-fuECHO "### If you are unsure you can use the default values."
-mkdir -p /etc/nginx/ssl
-openssl req -nodes -x509 -sha512 -newkey rsa:8192 -keyout "/etc/nginx/ssl/nginx.key" -out "/etc/nginx/ssl/nginx.crt" -days 3650
-
 # Let's setup the proxy for env
 if [ -f $myPROXYFILEPATH ];
 then fuECHO "### Setting up the proxy."
@@ -163,6 +70,80 @@ Acquire::https::Proxy "$myPROXY";
 EOF
 fi
 
+# Let's test internet connection
+fuECHO "### Testing internet connection."
+for i in $mySITES;
+  do
+    curl --connect-timeout 5 -IsS $i > /dev/null;
+      if [ $? -ne 0 ];
+        then
+          dialog --backtitle $myBACKTITLE --title "[ Continue? ]" --yesno "\nInternet connection test failed. This might indicate some problems with your connection. You can continue, but the installation might fail." 10 50
+          if [ $? = 1 ];
+            then
+              dialog --backtitle $myBACKTITLE --title "[ Abort ]" --msgbox "\nInstallation aborted. Exiting the installer." 7 50
+              exit
+            else
+              break;
+          fi;
+      fi;
+  done;
+
+# Let's remove NGINX default website
+fuECHO "### Removing NGINX default website."
+rm /etc/nginx/sites-enabled/default
+rm /etc/nginx/sites-available/default
+rm /usr/share/nginx/html/index.html
+
+# Let's wait a few seconds to avoid interference with service messages
+fuECHO "### Waiting a few seconds to avoid interference with service messages."
+sleep 5
+
+# Let's ask user for install flavor
+# Install types are TPOT, HP, INDUSTRIAL, ALL
+myFLAVOR=$(dialog --backtitle $myBACKTITLE --title "[ Choose your edition ]" --no-tags --menu \
+"\nRequired: 4GB RAM, 64GB disk\nRecommended: 8GB RAM, 128GB SSD" 14 60 4 \
+"TPOT" "Standard Honeypots, Suricata & ELK" \
+"HP" "Honeypots only, w/o Suricata & ELK" \
+"INDUSTRIAL" "Conpot, eMobility, Suricata & ELK" \
+"EVERYTHING" "Everything" 3>&1 1>&2 2>&3 3>&-)
+
+# Let's ask user for a web user and password
+myOK="1"
+myUSER="tsec"
+while [ 1 != 2 ]
+  do
+    myUSER=$(dialog --backtitle $myBACKTITLE --title "[ Enter your web user name ]" --inputbox "\nUsername (tsec not allowed)" 9 50 3>&1 1>&2 2>&3 3>&-)
+    dialog --backtitle $myBACKTITLE --title "[ Your username is ]" --yesno "\n"$myUSER 7 50
+    myOK=$?
+    if [ "$myOK" = "0" ] && [ "$myUSER" != "tsec" ] && [ "$myUSER" != "" ];
+      then
+        break
+    fi
+  done
+myPASS1="pass1"
+myPASS2="pass2"
+while [ "$myPASS1" != "$myPASS2"  ] 
+  do
+    while [ "$myPASS1" == "pass1"  ] || [ "$myPASS1" == "" ]
+      do
+        myPASS1=$(dialog --insecure --backtitle $myBACKTITLE --title "[ Enter your web user password ]" --passwordbox "\nPassword" 9 50 3>&1 1>&2 2>&3 3>&-)
+      done
+        myPASS2=$(dialog --insecure --backtitle $myBACKTITLE --title "[ Repeat web user password ]" --passwordbox "\nPassword" 9 50 3>&1 1>&2 2>&3 3>&-)
+    if [ "$myPASS1" != "$myPASS2" ];
+      then
+        dialog --backtitle $myBACKTITLE --title "[ Passwords do not match. ]" --msgbox "\nPlease re-enter your password." 7 50
+        myPASS1="pass1"
+        myPASS2="pass2"
+    fi
+  done
+htpasswd -b -c /etc/nginx/nginxpasswd $myUSER $myPASS1
+fuECHO
+
+# Let's generate a SSL self-signed certificate without interaction (browsers will see it invalid anyway)
+fuECHO "### Generating a self-signed-certificate for NGINX."
+mkdir -p /etc/nginx/ssl
+openssl req -nodes -x509 -sha512 -newkey rsa:8192 -keyout "/etc/nginx/ssl/nginx.key" -out "/etc/nginx/ssl/nginx.crt" -days 3650 -subj '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd'
+
 # Let's setup the ntp server
 if [ -f $myNTPCONFPATH ];
   then
@@ -267,14 +248,15 @@ apt-get upgrade -y
 apt-get autoclean -y
 apt-get autoremove -y
 
-# Installing alerta-cli, wetty, ctop
+# Installing alerta-cli, wetty, ctop, elasticdump
 fuECHO "### Installing alerta-cli."
 pip install --upgrade pip
 pip install alerta
 fuECHO "### Installing wetty."
 ln -s /usr/bin/nodejs /usr/bin/node
 npm install https://github.com/t3chn0m4g3/wetty -g
-npm install elasticdump -g
+fuECHO "### Installing elasticdump."
+npm install https://github.com/t3chn0m4g3/elasticsearch-dump -g
 fuECHO "### Installing ctop."
 wget https://github.com/bcicen/ctop/releases/download/v0.4.1/ctop-0.4.1-linux-amd64 -O ctop
 mv ctop /usr/bin/

makeiso.sh

@@ -33,6 +33,10 @@ if [ "$myWHOAMI" != "root" ]
     exit
 fi
 
+# Let's load dialog color theme
+export DIALOGRC=/etc/dialogrc
+cp installer/etc/dialogrc /etc/
+
 # Let's clean up at the end or if something goes wrong ...
 function fuCLEANUP {
 rm -rf $myTMP $myTPOTDIR $myPROXYCONFIG $myPFXPATH $myPFXPWPATH $myPFXHOSTIDPATH $myNTPCONFPATH