Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-04-29 03:38:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge pull request #134 from dtag-dev-sec/autoupdate

Browse source 
Add Update Feature
This commit is contained in:
Marco Ochse 2017-10-06 01:05:59 +02:00 committed by GitHub
commit b56ed67dd0
46 changed files with 471 additions and 170 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

0
installer/bin/backup_es_folders.sh → bin/backup_es_folders.sh
View file

4
installer/bin/clean.sh → bin/clean.sh
View file

@ -18,8 +18,8 @@ echo $(ls $myFOLDER | wc -l)
# Let's create a function to rotate and compress logs # Let's create a function to rotate and compress logs
fuLOGROTATE () { fuLOGROTATE () {
local mySTATUS="/etc/tpot/logrotate/status" local mySTATUS="/opt/tpot/etc/logrotate/status"
local myCONF="/etc/tpot/logrotate/logrotate.conf" local myCONF="/opt/tpot/etc/logrotate/logrotate.conf"
local myCOWRIETTYLOGS="/data/cowrie/log/tty/" local myCOWRIETTYLOGS="/data/cowrie/log/tty/"
local myCOWRIETTYTGZ="/data/cowrie/log/ttylogs.tgz" local myCOWRIETTYTGZ="/data/cowrie/log/ttylogs.tgz"
local myCOWRIEDL="/data/cowrie/downloads/" local myCOWRIEDL="/data/cowrie/downloads/"

2
installer/bin/dps.sh → bin/dps.sh
View file

@ -1,7 +1,7 @@
#/bin/bash #/bin/bash
# Show current status of all running containers # Show current status of all running containers
myPARAM="$1" myPARAM="$1"
myIMAGES="$(cat /etc/tpot/tpot.yml | grep -v '#' | grep container_name | cut -d: -f2)" myIMAGES="$(cat /opt/tpot/etc/tpot.yml | grep -v '#' | grep container_name | cut -d: -f2)"
myRED="" myRED=""
myGREEN="" myGREEN=""
myBLUE="" myBLUE=""

0
installer/bin/dump_es.sh → bin/dump_es.sh
View file

0
installer/bin/export_kibana-objects.sh → bin/export_kibana-objects.sh
View file

0
installer/bin/import_kibana-objects.sh → bin/import_kibana-objects.sh
View file

103
bin/myip.sh Executable file
View file

@ -0,0 +1,103 @@
#!/bin/bash
## Get my external IP
timeout=2 # seconds to wait for a reply before trying next server
verbose=1 # prints which server was used to STDERR
dnslist=(
"dig +short myip.opendns.com @resolver1.opendns.com"
"dig +short myip.opendns.com @resolver2.opendns.com"
"dig +short myip.opendns.com @resolver3.opendns.com"
"dig +short myip.opendns.com @resolver4.opendns.com"
"dig +short -4 -t a whoami.akamai.net @ns1-1.akamaitech.net"
"dig +short whoami.akamai.net @ns1-1.akamaitech.net"
)
httplist=(
alma.ch/myip.cgi
api.infoip.io/ip
api.ipify.org
bot.whatismyipaddress.com
canhazip.com
checkip.amazonaws.com
eth0.me
icanhazip.com
ident.me
ipecho.net/plain
ipinfo.io/ip
ipof.in/txt
ip.tyk.nu
l2.io/ip
smart-ip.net/myip
wgetip.com
whatismyip.akamai.com
)
# function to check for valid ip
function valid_ip()
{
local ip=$1
local stat=1
if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
OIFS=$IFS
IFS='.'
ip=($ip)
IFS=$OIFS
[[ ${ip[0]} -le 255 && ${ip[1]} -le 255 \
&& ${ip[2]} -le 255 && ${ip[3]} -le 255 ]]
stat=$?
fi
return $stat
}
# function to shuffle the global array "array"
shuffle() {
local i tmp size max rand
size=${#array[*]}
max=$(( 32768 / size * size ))
for ((i=size-1; i>0; i--)); do
while (( (rand=$RANDOM) >= max )); do :; done
rand=$(( rand % (i+1) ))
tmp=${array[i]} array[i]=${array[rand]} array[rand]=$tmp
done
}
# if we have dig and a list of dns methods, try that first
if hash dig 2>/dev/null && [ ${#dnslist[*]} -gt 0 ]; then
eval array=( \"\${dnslist[@]}\" )
shuffle
for cmd in "${array[@]}"; do
[ "$verbose" == 1 ] && echo Trying: $cmd 1>&2
ip=$(timeout $timeout $cmd)
if [ -n "$ip" ]; then
if valid_ip $ip; then
echo $ip
exit
fi
fi
done
fi
# if we haven't succeeded with DNS, try HTTP
if [ ${#httplist[*]} == 0 ]; then
echo "No hosts in httplist array!" >&2
exit 1
fi
# use curl or wget, depending on which one we find
curl_or_wget=$(if hash curl 2>/dev/null; then echo "curl -s"; elif hash wget 2>/dev/null; then echo "wget -qO-"; fi);
if [ -z "$curl_or_wget" ]; then
echo "Neither curl nor wget found. Cannot use http method." >&2
exit 1
fi
eval array=( \"\${httplist[@]}\" )
shuffle
for url in "${array[@]}"; do
[ "$verbose" == 1 ] && echo Trying: $curl_or_wget "$url" 1>&2
ip=$(timeout $timeout $curl_or_wget "$url")
if [ -n "$ip" ]; then
if valid_ip $ip; then
echo $ip
exit
fi
fi
done

0
installer/bin/restore_es.sh → bin/restore_es.sh
View file

4
installer/bin/updateip.sh → bin/updateip.sh
View file

@ -3,7 +3,7 @@
# If the external IP cannot be detected, the internal IP will be inherited. # If the external IP cannot be detected, the internal IP will be inherited.
source /etc/environment source /etc/environment
myLOCALIP=$(hostname -I | awk '{ print $1 }') myLOCALIP=$(hostname -I | awk '{ print $1 }')
myEXTIP=$(/usr/share/tpot/bin/myip.sh) myEXTIP=$(/opt/tpot/bin/myip.sh)
if [ "$myEXTIP" = "" ]; if [ "$myEXTIP" = "" ];
then then
myEXTIP=$myLOCALIP myEXTIP=$myLOCALIP
@ -15,7 +15,7 @@ tee /data/ews/conf/ews.ip << EOF
[MAIN] [MAIN]
ip = $myEXTIP ip = $myEXTIP
EOF EOF
tee /etc/tpot/elk/environment << EOF tee /opt/tpot/etc/compose/elk_environment << EOF
MY_EXTIP=$myEXTIP MY_EXTIP=$myEXTIP
MY_INTIP=$myLOCALIP MY_INTIP=$myLOCALIP
MY_HOSTNAME=$HOSTNAME MY_HOSTNAME=$HOSTNAME

2
installer/etc/tpot/compose/all.yml → etc/compose/all.yml
View file

@ -142,7 +142,7 @@ services:
elasticsearch: elasticsearch:
condition: service_healthy condition: service_healthy
env_file: env_file:
- /etc/tpot/elk/environment - /opt/tpot/etc/compose/elk_environment
image: "dtagdevsec/logstash:1710" image: "dtagdevsec/logstash:1710"
volumes: volumes:
- /data:/data - /data:/data

0
installer/etc/tpot/compose/hp.yml → etc/compose/hp.yml
View file

2
installer/etc/tpot/compose/industrial.yml → etc/compose/industrial.yml
View file

@ -67,7 +67,7 @@ services:
elasticsearch: elasticsearch:
condition: service_healthy condition: service_healthy
env_file: env_file:
- /etc/tpot/elk/environment - /opt/tpot/etc/compose/elk_environment
image: "dtagdevsec/logstash:1710" image: "dtagdevsec/logstash:1710"
volumes: volumes:
- /data:/data - /data:/data

2
installer/etc/tpot/compose/tpot.yml → etc/compose/tpot.yml
View file

@ -127,7 +127,7 @@ services:
elasticsearch: elasticsearch:
condition: service_healthy condition: service_healthy
env_file: env_file:
- /etc/tpot/elk/environment - /opt/tpot/etc/compose/elk_environment
image: "dtagdevsec/logstash:1710" image: "dtagdevsec/logstash:1710"
volumes: volumes:
- /data:/data - /data:/data

0
installer/etc/tpot/curator/actions.yml → etc/curator/actions.yml
View file

0
installer/etc/tpot/curator/curator.yml → etc/curator/curator.yml
View file

0
installer/etc/tpot/logrotate/logrotate.conf → etc/logrotate/logrotate.conf
View file

0
installer/etc/tpot/elkbase.tgz → etc/objects/elkbase.tgz
View file

0
installer/etc/tpot/kibana-objects.tgz → etc/objects/kibana-objects.tgz
View file

0
installer/etc/dialogrc → host/etc/dialogrc
View file

0
installer/etc/issue → host/etc/issue
View file

0
installer/etc/nginx/nginx.conf → host/etc/nginx/nginx.conf
View file

0
installer/etc/nginx/ssl/dhparam4096.pem → host/etc/nginx/ssl/dhparam4096.pem
View file

0
installer/etc/nginx/ssl/gen-cert.sh → host/etc/nginx/ssl/gen-cert.sh Executable file → Normal file
View file

0
installer/etc/nginx/ssl/gen-dhparam.sh → host/etc/nginx/ssl/gen-dhparam.sh Executable file → Normal file
View file

0
installer/etc/nginx/tpotweb.conf → host/etc/nginx/tpotweb.conf
View file

0
installer/etc/rc.local → host/etc/rc.local
View file

12
installer/etc/tpot/systemd/tpot.service → host/etc/systemd/tpot.service
View file

@ -8,14 +8,14 @@ Restart=always
RestartSec=5 RestartSec=5
# Get and set internal, external IP infos, but ignore errors # Get and set internal, external IP infos, but ignore errors
ExecStartPre=-/usr/share/tpot/bin/updateip.sh ExecStartPre=-/opt/tpot/bin/updateip.sh
# Clear state or if persistence is enabled rotate and compress logs from /data # Clear state or if persistence is enabled rotate and compress logs from /data
ExecStartPre=-/bin/bash -c '/usr/share/tpot/bin/clean.sh on' ExecStartPre=-/bin/bash -c '/opt/tpot/bin/clean.sh on'
# Remove old containers, images and volumes # Remove old containers, images and volumes
ExecStartPre=-/usr/local/bin/docker-compose -f /etc/tpot/tpot.yml down -v ExecStartPre=-/usr/local/bin/docker-compose -f /opt/tpot/etc/tpot.yml down -v
ExecStartPre=-/usr/local/bin/docker-compose -f /etc/tpot/tpot.yml rm -v ExecStartPre=-/usr/local/bin/docker-compose -f /opt/tpot/etc/tpot.yml rm -v
ExecStartPre=-/bin/bash -c 'docker volume rm $(docker volume ls -q)' ExecStartPre=-/bin/bash -c 'docker volume rm $(docker volume ls -q)'
ExecStartPre=-/bin/bash -c 'docker rm -v $(docker ps -aq)' ExecStartPre=-/bin/bash -c 'docker rm -v $(docker ps -aq)'
ExecStartPre=-/bin/bash -c 'docker rmi $(docker images | grep "<none>" | awk \'{print $3}\')' ExecStartPre=-/bin/bash -c 'docker rmi $(docker images | grep "<none>" | awk \'{print $3}\')'
@ -39,10 +39,10 @@ ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 1025,50100,
ExecStartPre=/sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -j NFQUEUE ExecStartPre=/sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -j NFQUEUE
# Compose T-Pot up # Compose T-Pot up
ExecStart=/usr/local/bin/docker-compose -f /etc/tpot/tpot.yml up --no-color ExecStart=/usr/local/bin/docker-compose -f /opt/tpot/etc/tpot.yml up --no-color
# Compose T-Pot down, remove containers and volumes # Compose T-Pot down, remove containers and volumes
ExecStop=/usr/local/bin/docker-compose -f /etc/tpot/tpot.yml down -v ExecStop=/usr/local/bin/docker-compose -f /opt/tpot/etc/tpot.yml down -v
# Remove only previously set iptables rules # Remove only previously set iptables rules
ExecStopPost=/sbin/iptables -w -D INPUT -s 127.0.0.1 -j ACCEPT ExecStopPost=/sbin/iptables -w -D INPUT -s 127.0.0.1 -j ACCEPT

0
installer/etc/tpot/systemd/wetty.service → host/etc/systemd/wetty.service
View file

0
installer/usr/share/dict/a.txt → host/usr/share/dict/a.txt
View file

0
installer/usr/share/dict/n.txt → host/usr/share/dict/n.txt
View file

0
installer/usr/share/dict/names → host/usr/share/dict/names
View file

0
installer/usr/share/nginx/html/error.html → host/usr/share/nginx/html/error.html
View file

0
installer/usr/share/nginx/html/favicon.ico → host/usr/share/nginx/html/favicon.ico
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 805 B

After

Width:  |  Height:  |  Size: 805 B

0
installer/usr/share/nginx/html/navbar.html → host/usr/share/nginx/html/navbar.html
View file

0
installer/usr/share/nginx/html/style.css → host/usr/share/nginx/html/style.css
View file

0
installer/usr/share/nginx/html/tpotweb.html → host/usr/share/nginx/html/tpotweb.html
View file

88
installer/bin/myip.sh
View file

@ -1,88 +0,0 @@
#!/bin/bash
## Get my external IP
timeout=2 # seconds to wait for a reply before trying next server
verbose=1 # prints which server was used to STDERR
dnslist=(
"dig +short myip.opendns.com @resolver1.opendns.com"
"dig +short myip.opendns.com @resolver2.opendns.com"
"dig +short myip.opendns.com @resolver3.opendns.com"
"dig +short myip.opendns.com @resolver4.opendns.com"
"dig +short -4 -t a whoami.akamai.net @ns1-1.akamaitech.net"
"dig +short whoami.akamai.net @ns1-1.akamaitech.net"
)
httplist=(
alma.ch/myip.cgi
api.infoip.io/ip
api.ipify.org
bot.whatismyipaddress.com
canhazip.com
checkip.amazonaws.com
eth0.me
icanhazip.com
ident.me
ipecho.net/plain
ipinfo.io/ip
ipof.in/txt
ip.tyk.nu
l2.io/ip
smart-ip.net/myip
wgetip.com
whatismyip.akamai.com
)
# function to shuffle the global array "array"
shuffle() {
local i tmp size max rand
size=${#array[*]}
max=$(( 32768 / size * size ))
for ((i=size-1; i>0; i--)); do
while (( (rand=$RANDOM) >= max )); do :; done
rand=$(( rand % (i+1) ))
tmp=${array[i]} array[i]=${array[rand]} array[rand]=$tmp
done
}
# if we have dig and a list of dns methods, try that first
if hash dig 2>/dev/null && [ ${#dnslist[*]} -gt 0 ]; then
eval array=( \"\${dnslist[@]}\" )
shuffle
for cmd in "${array[@]}"; do
[ "$verbose" == 1 ] && echo Trying: $cmd 1>&2
ip=$(timeout $timeout $cmd)
if [ -n "$ip" ]; then
echo $ip
exit
fi
done
fi
# if we haven't succeeded with DNS, try HTTP
if [ ${#httplist[*]} == 0 ]; then
echo "No hosts in httplist array!" >&2
exit 1
fi
# use curl or wget, depending on which one we find
curl_or_wget=$(if hash curl 2>/dev/null; then echo curl; elif hash wget 2>/dev/null; then echo "wget -qO-"; fi);
if [ -z "$curl_or_wget" ]; then
echo "Neither curl nor wget found. Cannot use http method." >&2
exit 1
fi
eval array=( \"\${httplist[@]}\" )
shuffle
for url in "${array[@]}"; do
[ "$verbose" == 1 ] && echo Trying: $curl_or_wget -s "$url" 1>&2
ip=$(timeout $timeout $curl_or_wget -s "$url")
if [ -n "$ip" ]; then
echo $ip
exit
fi
done

2
installer/rc.local.install
View file

@ -1,2 +0,0 @@
#!/bin/bash
openvt -w -s /root/tpot/install.sh

144
iso/installer/dialogrc Normal file
View file

@ -0,0 +1,144 @@
#
# Run-time configuration file for dialog
#
# Automatically generated by "dialog --create-rc <file>"
#
#
# Types of values:
#
# Number - <number>
# String - "string"
# Boolean - <ON|OFF>
# Attribute - (foreground,background,highlight?)
# Set aspect-ration.
aspect = 0
# Set separator (for multiple widgets output).
separate_widget = ""
# Set tab-length (for textbox tab-conversion).
tab_len = 0
# Make tab-traversal for checklist, etc., include the list.
visit_items = OFF
# Shadow dialog boxes? This also turns on color.
use_shadow = ON
# Turn color support ON or OFF
use_colors = ON
# Screen color
screen_color = (WHITE,MAGENTA,ON)
# Shadow color
shadow_color = (BLACK,BLACK,ON)
# Dialog box color
dialog_color = (BLACK,WHITE,OFF)
# Dialog box title color
title_color = (MAGENTA,WHITE,OFF)
# Dialog box border color
border_color = (WHITE,WHITE,ON)
# Active button color
button_active_color = (WHITE,MAGENTA,OFF)
# Inactive button color
button_inactive_color = dialog_color
# Active button key color
button_key_active_color = button_active_color
# Inactive button key color
button_key_inactive_color = (RED,WHITE,OFF)
# Active button label color
button_label_active_color = (YELLOW,MAGENTA,ON)
# Inactive button label color
button_label_inactive_color = (BLACK,WHITE,OFF)
# Input box color
inputbox_color = dialog_color
# Input box border color
inputbox_border_color = dialog_color
# Search box color
searchbox_color = dialog_color
# Search box title color
searchbox_title_color = title_color
# Search box border color
searchbox_border_color = border_color
# File position indicator color
position_indicator_color = title_color
# Menu box color
menubox_color = dialog_color
# Menu box border color
menubox_border_color = border_color
# Item color
item_color = dialog_color
# Selected item color
item_selected_color = button_active_color
# Tag color
tag_color = title_color
# Selected tag color
tag_selected_color = button_label_active_color
# Tag key color
tag_key_color = button_key_inactive_color
# Selected tag key color
tag_key_selected_color = (RED,MAGENTA,ON)
# Check box color
check_color = dialog_color
# Selected check box color
check_selected_color = button_active_color
# Up arrow color
uarrow_color = (MAGENTA,WHITE,ON)
# Down arrow color
darrow_color = uarrow_color
# Item help-text color
itemhelp_color = (WHITE,BLACK,OFF)
# Active form text color
form_active_text_color = button_active_color
# Form text color
form_text_color = (WHITE,CYAN,ON)
# Readonly form item color
form_item_readonly_color = (CYAN,WHITE,ON)
# Dialog box gauge color
gauge_color = title_color
# Dialog box border2 color
border2_color = dialog_color
# Input box border2 color
inputbox_border2_color = dialog_color
# Search box border2 color
searchbox_border2_color = dialog_color
# Menu box border2 color
menubox_border2_color = dialog_color

86
installer/install.sh → iso/installer/install.sh
View file

@ -6,14 +6,15 @@ export TERM=linux
export DIALOGRC=/etc/dialogrc export DIALOGRC=/etc/dialogrc
# Let's load dialog color theme # Let's load dialog color theme
cp /root/tpot/etc/dialogrc /etc/ cp /root/installer/dialogrc /etc/
# Some global vars # Some global vars
myPROXYFILEPATH="/root/tpot/etc/proxy" myPROXYFILEPATH="/root/installer/proxy"
myNTPCONFPATH="/root/tpot/etc/ntp" myNTPCONFPATH="/root/installer/ntp"
myPFXPATH="/root/tpot/keys/8021x.pfx" myPFXPATH="/root/installer/keys/8021x.pfx"
myPFXPWPATH="/root/tpot/keys/8021x.pw" myPFXPWPATH="/root/installer/keys/8021x.pw"
myPFXHOSTIDPATH="/root/tpot/keys/8021x.id" myPFXHOSTIDPATH="/root/installer/keys/8021x.id"
myTPOTCOMPOSE="/opt/tpot/etc/tpot.yml"
myBACKTITLE="T-Pot-Installer" myBACKTITLE="T-Pot-Installer"
mySITES="https://index.docker.io https://github.com https://pypi.python.org https://ubuntu.com" mySITES="https://index.docker.io https://github.com https://pypi.python.org https://ubuntu.com"
myPROGRESSBOXCONF=" --backtitle "$myBACKTITLE" --progressbox 24 80" myPROGRESSBOXCONF=" --backtitle "$myBACKTITLE" --progressbox 24 80"
@ -326,24 +327,25 @@ apt-get upgrade -y 2>&1 | dialog --title "[ Pulling updates ]" $myPROGRESSBOXCON
apt-get autoclean -y 2>&1 | dialog --title "[ Pulling updates ]" $myPROGRESSBOXCONF apt-get autoclean -y 2>&1 | dialog --title "[ Pulling updates ]" $myPROGRESSBOXCONF
apt-get autoremove -y 2>&1 | dialog --title "[ Pulling updates ]" $myPROGRESSBOXCONF apt-get autoremove -y 2>&1 | dialog --title "[ Pulling updates ]" $myPROGRESSBOXCONF
# Installing docker-compose, wetty, ctop, elasticdump # Installing docker-compose, wetty, ctop, elasticdump, tpot
pip install --upgrade pip 2>&1 | dialog --title "[ Installing pip ]" $myPROGRESSBOXCONF pip install --upgrade pip 2>&1 | dialog --title "[ Installing pip ]" $myPROGRESSBOXCONF
pip install docker-compose==1.12.0 2>&1 | dialog --title "[ Installing docker-compose ]" $myPROGRESSBOXCONF pip install docker-compose==1.16.1 2>&1 | dialog --title "[ Installing docker-compose ]" $myPROGRESSBOXCONF
pip install elasticsearch-curator==5.1.1 2>&1 | dialog --title "[ Installing elasticsearch-curator ]" $myPROGRESSBOXCONF pip install elasticsearch-curator==5.2.0 2>&1 | dialog --title "[ Installing elasticsearch-curator ]" $myPROGRESSBOXCONF
ln -s /usr/bin/nodejs /usr/bin/node 2>&1 | dialog --title "[ Installing wetty ]" $myPROGRESSBOXCONF ln -s /usr/bin/nodejs /usr/bin/node 2>&1 | dialog --title "[ Installing wetty ]" $myPROGRESSBOXCONF
npm install https://github.com/t3chn0m4g3/wetty -g 2>&1 | dialog --title "[ Installing wetty ]" $myPROGRESSBOXCONF npm install https://github.com/t3chn0m4g3/wetty -g 2>&1 | dialog --title "[ Installing wetty ]" $myPROGRESSBOXCONF
npm install https://github.com/t3chn0m4g3/elasticsearch-dump -g 2>&1 | dialog --title "[ Installing elasticsearch-dump ]" $myPROGRESSBOXCONF npm install https://github.com/t3chn0m4g3/elasticsearch-dump -g 2>&1 | dialog --title "[ Installing elasticsearch-dump ]" $myPROGRESSBOXCONF
wget https://github.com/bcicen/ctop/releases/download/v0.6.1/ctop-0.6.1-linux-amd64 -O ctop 2>&1 | dialog --title "[ Installing ctop ]" $myPROGRESSBOXCONF wget https://github.com/bcicen/ctop/releases/download/v0.6.1/ctop-0.6.1-linux-amd64 -O ctop 2>&1 | dialog --title "[ Installing ctop ]" $myPROGRESSBOXCONF
mv ctop /usr/bin/ 2>&1 | dialog --title "[ Installing ctop ]" $myPROGRESSBOXCONF mv ctop /usr/bin/ 2>&1 | dialog --title "[ Installing ctop ]" $myPROGRESSBOXCONF
chmod +x /usr/bin/ctop 2>&1 | dialog --title "[ Installing ctop ]" $myPROGRESSBOXCONF chmod +x /usr/bin/ctop 2>&1 | dialog --title "[ Installing ctop ]" $myPROGRESSBOXCONF
git clone https://github.com/dtag-dev-sec/tpotce -b autoupdate /opt/tpot 2>&1 | dialog --title "[ Cloning T-Pot ]" $myPROGRESSBOXCONF
# Let's add a new user # Let's add a new user
addgroup --gid 2000 tpot 2>&1 | dialog --title "[ Adding new user ]" $myPROGRESSBOXCONF addgroup --gid 2000 tpot 2>&1 | dialog --title "[ Adding new user ]" $myPROGRESSBOXCONF
adduser --system --no-create-home --uid 2000 --disabled-password --disabled-login --gid 2000 tpot 2>&1 | dialog --title "[ Adding new user ]" $myPROGRESSBOXCONF adduser --system --no-create-home --uid 2000 --disabled-password --disabled-login --gid 2000 tpot 2>&1 | dialog --title "[ Adding new user ]" $myPROGRESSBOXCONF
# Let's set the hostname # Let's set the hostname
a=$(fuRANDOMWORD /usr/share/dict/a.txt) a=$(fuRANDOMWORD /opt/tpot/host/usr/share/dict/a.txt)
n=$(fuRANDOMWORD /usr/share/dict/n.txt) n=$(fuRANDOMWORD /opt/tpot/host/usr/share/dict/n.txt)
myHOST=$a$n myHOST=$a$n
hostnamectl set-hostname $myHOST 2>&1 | dialog --title "[ Setting new hostname ]" $myPROGRESSBOXCONF hostnamectl set-hostname $myHOST 2>&1 | dialog --title "[ Setting new hostname ]" $myPROGRESSBOXCONF
sed -i 's#127.0.1.1.*#127.0.1.1\t'"$myHOST"'#g' /etc/hosts 2>&1 | dialog --title "[ Setting new hostname ]" $myPROGRESSBOXCONF sed -i 's#127.0.1.1.*#127.0.1.1\t'"$myHOST"'#g' /etc/hosts 2>&1 | dialog --title "[ Setting new hostname ]" $myPROGRESSBOXCONF
@ -362,26 +364,26 @@ EOF
case $myFLAVOR in case $myFLAVOR in
HP) HP)
echo "### Preparing HONEYPOT flavor installation." echo "### Preparing HONEYPOT flavor installation."
cp /root/tpot/etc/tpot/compose/hp.yml /root/tpot/etc/tpot/tpot.yml 2>&1>/dev/null cp /opt/tpot/etc/compose/hp.yml $myTPOTCOMPOSE 2>&1>/dev/null
;; ;;
INDUSTRIAL) INDUSTRIAL)
echo "### Preparing INDUSTRIAL flavor installation." echo "### Preparing INDUSTRIAL flavor installation."
cp /root/tpot/etc/tpot/compose/industrial.yml /root/tpot/etc/tpot/tpot.yml 2>&1>/dev/null cp /opt/tpot/etc/compose/industrial.yml $myTPOTCOMPOSE 2>&1>/dev/null
;; ;;
TPOT) TPOT)
echo "### Preparing TPOT flavor installation." echo "### Preparing TPOT flavor installation."
cp /root/tpot/etc/tpot/compose/tpot.yml /root/tpot/etc/tpot/tpot.yml 2>&1>/dev/null cp /opt/tpot/etc/compose/tpot.yml $myTPOTCOMPOSE 2>&1>/dev/null
;; ;;
EVERYTHING) EVERYTHING)
echo "### Preparing EVERYTHING flavor installation." echo "### Preparing EVERYTHING flavor installation."
cp /root/tpot/etc/tpot/compose/all.yml /root/tpot/etc/tpot/tpot.yml 2>&1>/dev/null cp /opt/tpot/etc/compose/all.yml $myTPOTCOMPOSE 2>&1>/dev/null
;; ;;
esac esac
# Let's load docker images # Let's load docker images
myIMAGESCOUNT=$(cat /root/tpot/etc/tpot/tpot.yml | grep -v '#' | grep image | cut -d: -f2 | wc -l) myIMAGESCOUNT=$(cat $myTPOTCOMPOSE | grep -v '#' | grep image | cut -d: -f2 | wc -l)
j=0 j=0
for name in $(cat /root/tpot/etc/tpot/tpot.yml | grep -v '#' | grep image | cut -d'"' -f2) for name in $(cat $myTPOTCOMPOSE | grep -v '#' | grep image | cut -d'"' -f2)
do do
dialog --title "[ Downloading docker images, please be patient ]" --backtitle "$myBACKTITLE" \ dialog --title "[ Downloading docker images, please be patient ]" --backtitle "$myBACKTITLE" \
--gauge "\n Now downloading: $name\n" 8 80 $(expr 100 \* $j / $myIMAGESCOUNT) <<EOF --gauge "\n Now downloading: $name\n" 8 80 $(expr 100 \* $j / $myIMAGESCOUNT) <<EOF
@ -423,10 +425,10 @@ EOF
tee -a /etc/crontab 2>&1>/dev/null <<EOF tee -a /etc/crontab 2>&1>/dev/null <<EOF
# Check if updated images are available and download them # Check if updated images are available and download them
27 1 * * * root /usr/bin/docker-compose -f /etc/tpot/tpot.yml pull 27 1 * * * root /usr/bin/docker-compose -f /opt/tpot/etc/tpot.yml pull
# Delete elasticsearch logstash indices older than 90 days # Delete elasticsearch logstash indices older than 90 days
27 4 * * * root /usr/local/bin/curator --config /etc/tpot/curator/curator.yml /etc/tpot/curator/actions.yml 27 4 * * * root /usr/local/bin/curator --config /opt/tpot/etc/curator/curator.yml /opt/tpot/etc/curator/actions.yml
# Uploaded binaries are not supposed to be downloaded # Uploaded binaries are not supposed to be downloaded
*/1 * * * * root mv --backup=numbered /data/dionaea/roots/ftp/* /data/dionaea/binaries/ */1 * * * * root mv --backup=numbered /data/dionaea/roots/ftp/* /data/dionaea/binaries/
@ -452,29 +454,18 @@ mkdir -p /data/conpot/log \
/data/spiderfoot \ /data/spiderfoot \
/data/suricata/log /home/tsec/.ssh/ \ /data/suricata/log /home/tsec/.ssh/ \
/data/p0f/log \ /data/p0f/log \
/data/vnclowpot/log \ /data/vnclowpot/log 2>&1 | dialog --title "[ Creating some files and folders ]" $myPROGRESSBOXCONF
/etc/tpot/elk /etc/tpot/compose /etc/tpot/systemd \
/usr/share/tpot/bin 2>&1 | dialog --title "[ Creating some files and folders ]" $myPROGRESSBOXCONF
touch /data/spiderfoot/spiderfoot.db 2>&1 | dialog --title "[ Creating some files and folders ]" $myPROGRESSBOXCONF touch /data/spiderfoot/spiderfoot.db 2>&1 | dialog --title "[ Creating some files and folders ]" $myPROGRESSBOXCONF
# Let's take care of some files and permissions before copying
chmod 500 /root/tpot/bin/* 2>&1 | dialog --title "[ Setting permissions ]" $myPROGRESSBOXCONF
chmod 600 -R /root/tpot/etc/tpot 2>&1 | dialog --title "[ Setting permissions ]" $myPROGRESSBOXCONF
chmod 644 /root/tpot/etc/issue 2>&1 | dialog --title "[ Setting permissions ]" $myPROGRESSBOXCONF
chmod 755 /root/tpot/etc/rc.local 2>&1 | dialog --title "[ Setting permissions ]" $myPROGRESSBOXCONF
chmod 644 /root/tpot/etc/tpot/systemd/* 2>&1 | dialog --title "[ Setting permissions ]" $myPROGRESSBOXCONF
# Let's copy some files # Let's copy some files
tar xvfz /root/tpot/etc/tpot/elkbase.tgz -C / 2>&1 | dialog --title "[ Extracting elkbase.tgz ]" $myPROGRESSBOXCONF tar xvfz /opt/tpot/etc/objects/elkbase.tgz -C / 2>&1 | dialog --title "[ Extracting elkbase.tgz ]" $myPROGRESSBOXCONF
cp -R /root/tpot/bin/* /usr/share/tpot/bin/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF cp /opt/tpot/host/etc/systemd/* /etc/systemd/system/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF
cp -R /root/tpot/etc/tpot/* /etc/tpot/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF cp /opt/tpot/host/etc/issue /etc/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF
cp /root/tpot/etc/tpot/systemd/* /etc/systemd/system/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF cp -R /opt/tpot/host/etc/nginx/ssl /etc/nginx/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF
cp /root/tpot/etc/issue /etc/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF cp /opt/tpot/host/etc/nginx/tpotweb.conf /etc/nginx/sites-available/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF
cp -R /root/tpot/etc/nginx/ssl /etc/nginx/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF cp /opt/tpot/host/etc/nginx/nginx.conf /etc/nginx/nginx.conf 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF
cp /root/tpot/etc/nginx/tpotweb.conf /etc/nginx/sites-available/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF cp /opt/tpot/host/usr/share/nginx/html/* /usr/share/nginx/html/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF
cp /root/tpot/etc/nginx/nginx.conf /etc/nginx/nginx.conf 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF cp /root/installer/keys/authorized_keys /home/tsec/.ssh/authorized_keys 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF
cp /root/tpot/keys/authorized_keys /home/tsec/.ssh/authorized_keys 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF
cp /root/tpot/usr/share/nginx/html/* /usr/share/nginx/html/ 2>&1 | dialog --title "[ Copy configs ]" $myPROGRESSBOXCONF
systemctl enable tpot 2>&1 | dialog --title "[ Enabling service for tpot ]" $myPROGRESSBOXCONF systemctl enable tpot 2>&1 | dialog --title "[ Enabling service for tpot ]" $myPROGRESSBOXCONF
systemctl enable wetty 2>&1 | dialog --title "[ Enabling service for wetty ]" $myPROGRESSBOXCONF systemctl enable wetty 2>&1 | dialog --title "[ Enabling service for wetty ]" $myPROGRESSBOXCONF
@ -490,11 +481,6 @@ chown tsec:tsec /home/tsec/.ssh /home/tsec/.ssh/authorized_keys 2>&1 | dialog --
# Let's replace "quiet splash" options, set a console font for more screen canvas and update grub # Let's replace "quiet splash" options, set a console font for more screen canvas and update grub
sed -i 's#GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"#GRUB_CMDLINE_LINUX_DEFAULT="consoleblank=0"#' /etc/default/grub 2>&1>/dev/null sed -i 's#GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"#GRUB_CMDLINE_LINUX_DEFAULT="consoleblank=0"#' /etc/default/grub 2>&1>/dev/null
sed -i 's#GRUB_CMDLINE_LINUX=""#GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"#' /etc/default/grub 2>&1>/dev/null sed -i 's#GRUB_CMDLINE_LINUX=""#GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"#' /etc/default/grub 2>&1>/dev/null
#sed -i 's#\#GRUB_GFXMODE=640x480#GRUB_GFXMODE=800x600x32#' /etc/default/grub
#tee -a /etc/default/grub <<EOF
#GRUB_GFXPAYLOAD=800x600x32
#GRUB_GFXPAYLOAD_LINUX=800x600x32
#EOF
update-grub 2>&1 | dialog --title "[ Update grub ]" $myPROGRESSBOXCONF update-grub 2>&1 | dialog --title "[ Update grub ]" $myPROGRESSBOXCONF
cp /usr/share/consolefonts/Uni2-Terminus12x6.psf.gz /etc/console-setup/ cp /usr/share/consolefonts/Uni2-Terminus12x6.psf.gz /etc/console-setup/
gunzip /etc/console-setup/Uni2-Terminus12x6.psf.gz gunzip /etc/console-setup/Uni2-Terminus12x6.psf.gz
@ -502,23 +488,23 @@ sed -i 's#FONTFACE=".*#FONTFACE="Terminus"#' /etc/default/console-setup
sed -i 's#FONTSIZE=".*#FONTSIZE="12x6"#' /etc/default/console-setup sed -i 's#FONTSIZE=".*#FONTSIZE="12x6"#' /etc/default/console-setup
update-initramfs -u 2>&1 | dialog --title "[ Update initramfs ]" $myPROGRESSBOXCONF update-initramfs -u 2>&1 | dialog --title "[ Update initramfs ]" $myPROGRESSBOXCONF
# Let's enable a color prompt and add /usr/share/tpot/bin to path # Let's enable a color prompt and add /opt/tpot/bin to path
myROOTPROMPT='PS1="\[\033[38;5;8m\][\[$(tput sgr0)\]\[\033[38;5;1m\]\u\[$(tput sgr0)\]\[\033[38;5;6m\]@\[$(tput sgr0)\]\[\033[38;5;4m\]\h\[$(tput sgr0)\]\[\033[38;5;6m\]:\[$(tput sgr0)\]\[\033[38;5;5m\]\w\[$(tput sgr0)\]\[\033[38;5;8m\]]\[$(tput sgr0)\]\[\033[38;5;1m\]\\$\[$(tput sgr0)\]\[\033[38;5;15m\] \[$(tput sgr0)\]"' myROOTPROMPT='PS1="\[\033[38;5;8m\][\[$(tput sgr0)\]\[\033[38;5;1m\]\u\[$(tput sgr0)\]\[\033[38;5;6m\]@\[$(tput sgr0)\]\[\033[38;5;4m\]\h\[$(tput sgr0)\]\[\033[38;5;6m\]:\[$(tput sgr0)\]\[\033[38;5;5m\]\w\[$(tput sgr0)\]\[\033[38;5;8m\]]\[$(tput sgr0)\]\[\033[38;5;1m\]\\$\[$(tput sgr0)\]\[\033[38;5;15m\] \[$(tput sgr0)\]"'
myUSERPROMPT='PS1="\[\033[38;5;8m\][\[$(tput sgr0)\]\[\033[38;5;2m\]\u\[$(tput sgr0)\]\[\033[38;5;6m\]@\[$(tput sgr0)\]\[\033[38;5;4m\]\h\[$(tput sgr0)\]\[\033[38;5;6m\]:\[$(tput sgr0)\]\[\033[38;5;5m\]\w\[$(tput sgr0)\]\[\033[38;5;8m\]]\[$(tput sgr0)\]\[\033[38;5;2m\]\\$\[$(tput sgr0)\]\[\033[38;5;15m\] \[$(tput sgr0)\]"' myUSERPROMPT='PS1="\[\033[38;5;8m\][\[$(tput sgr0)\]\[\033[38;5;2m\]\u\[$(tput sgr0)\]\[\033[38;5;6m\]@\[$(tput sgr0)\]\[\033[38;5;4m\]\h\[$(tput sgr0)\]\[\033[38;5;6m\]:\[$(tput sgr0)\]\[\033[38;5;5m\]\w\[$(tput sgr0)\]\[\033[38;5;8m\]]\[$(tput sgr0)\]\[\033[38;5;2m\]\\$\[$(tput sgr0)\]\[\033[38;5;15m\] \[$(tput sgr0)\]"'
tee -a /root/.bashrc 2>&1>/dev/null <<EOF tee -a /root/.bashrc 2>&1>/dev/null <<EOF
$myROOTPROMPT $myROOTPROMPT
PATH="$PATH:/usr/share/tpot/bin" PATH="$PATH:/opt/tpot/bin"
EOF EOF
tee -a /home/tsec/.bashrc 2>&1>/dev/null <<EOF tee -a /home/tsec/.bashrc 2>&1>/dev/null <<EOF
$myUSERPROMPT $myUSERPROMPT
PATH="$PATH:/usr/share/tpot/bin" PATH="$PATH:/opt/tpot/bin"
EOF EOF
# Let's create ews.ip before reboot and prevent race condition for first start # Let's create ews.ip before reboot and prevent race condition for first start
/usr/share/tpot/bin/updateip.sh 2>&1>/dev/null /opt/tpot/bin/updateip.sh 2>&1>/dev/null
# Final steps # Final steps
mv /root/tpot/etc/rc.local /etc/rc.local 2>&1>/dev/null && \ cp /opt/tpot/host/etc/rc.local /etc/rc.local 2>&1>/dev/null && \
rm -rf /root/tpot/ 2>&1>/dev/null && \ rm -rf /root/installer 2>&1>/dev/null && \
dialog --no-ok --no-cancel --backtitle "$myBACKTITLE" --title "[ Thanks for your patience. Now rebooting. ]" --pause "" 6 80 2 && \ dialog --no-ok --no-cancel --backtitle "$myBACKTITLE" --title "[ Thanks for your patience. Now rebooting. ]" --pause "" 6 80 2 && \
reboot reboot

0
installer/keys/authorized_keys → iso/installer/keys/authorized_keys
View file

2
iso/installer/rc.local.install Executable file
View file

@ -0,0 +1,2 @@
#!/bin/bash
openvt -w -s /root/installer/install.sh

0
isolinux/txt.cfg → iso/isolinux/txt.cfg
View file

5
preseed/tpot.seed → iso/preseed/tpot.seed
View file

@ -114,9 +114,8 @@ d-i preseed/late_command string \
in-target apt-get -y install grub-pc; \ in-target apt-get -y install grub-pc; \
in-target grub-install --force $(debconf-get partman-auto/disk); \ in-target grub-install --force $(debconf-get partman-auto/disk); \
in-target update-grub; \ in-target update-grub; \
cp /opt/tpot/rc.local.install /target/etc/rc.local; \ cp /opt/installer/rc.local.install /target/etc/rc.local; \
cp -r /opt/tpot/ /target/root/; \ cp /opt/installer -R /target/root/;
cp /opt/tpot/usr/share/dict/* /target/usr/share/dict/
########## ##########
### Reboot ### Reboot

26
makeiso.sh
View file

@ -12,15 +12,15 @@ myUBUNTULINK="http://archive.ubuntu.com/ubuntu/dists/xenial-updates/main/install
myUBUNTUISO="mini.iso" myUBUNTUISO="mini.iso"
myTPOTISO="tpot.iso" myTPOTISO="tpot.iso"
myTPOTDIR="tpotiso" myTPOTDIR="tpotiso"
myTPOTSEED="preseed/tpot.seed" myTPOTSEED="iso/preseed/tpot.seed"
myPACKAGES="dialog genisoimage syslinux syslinux-utils pv udisks2" myPACKAGES="dialog genisoimage syslinux syslinux-utils pv udisks2"
myAUTHKEYSPATH="installer/keys/authorized_keys" myAUTHKEYSPATH="iso/installer/keys/authorized_keys"
myPFXPATH="installer/keys/8021x.pfx" myPFXPATH="iso/installer/keys/8021x.pfx"
myPFXPWPATH="installer/keys/8021x.pw" myPFXPWPATH="iso/installer/keys/8021x.pw"
myPFXHOSTIDPATH="installer/keys/8021x.id" myPFXHOSTIDPATH="iso/installer/keys/8021x.id"
myINSTALLERPATH="installer/install.sh" myINSTALLERPATH="iso/installer/install.sh"
myPROXYCONFIG="installer/etc/proxy" myPROXYCONFIG="iso/installer/proxy"
myNTPCONFPATH="installer/etc/ntp" myNTPCONFPATH="iso/installer/ntp"
myTMP="tmp" myTMP="tmp"
# Got root? # Got root?
@ -33,7 +33,7 @@ if [ "$myWHOAMI" != "root" ]
fi fi
# Let's load dialog color theme # Let's load dialog color theme
cp installer/etc/dialogrc /etc/ cp host/etc/dialogrc /etc/
# Let's clean up at the end or if something goes wrong ... # Let's clean up at the end or if something goes wrong ...
function fuCLEANUP { function fuCLEANUP {
@ -228,10 +228,10 @@ rm initrd
cd .. cd ..
# Let's add the files for the automated install # Let's add the files for the automated install
mkdir -p $myTPOTDIR/tmp/opt/tpot mkdir -p $myTPOTDIR/tmp/opt/
cp installer/* -R $myTPOTDIR/tmp/opt/tpot/ cp iso/installer -R $myTPOTDIR/tmp/opt/
cp isolinux/* $myTPOTDIR/ cp iso/isolinux/* $myTPOTDIR/
cp preseed/tpot.seed $myTPOTDIR/tmp/preseed.cfg cp iso/preseed/tpot.seed $myTPOTDIR/tmp/preseed.cfg
# Let's create the new initrd # Let's create the new initrd
cd $myTPOTDIR/tmp cd $myTPOTDIR/tmp

157
update.sh Executable file
View file

@ -0,0 +1,157 @@
#!/bin/bash
###################################################
# Do not change any contents of this script!
###################################################
# Some vars
myCONFIGFILE="/opt/tpot/etc/tpot.yml"
myRED=""
myGREEN=""
myWHITE=""
myBLUE=""
# Got root?
myWHOAMI=$(whoami)
if [ "$myWHOAMI" != "root" ]
then
echo "Need to run as root ..."
sudo ./$0
exit
fi
# Check for existing tpot.yml
function fuCONFIGCHECK () {
echo "### Checking for T-Pot configuration file ..."
echo -n "###### $myBLUE$myCONFIGFILE$myWHITE "
if ! [ -f $myCONFIGFILE ];
then
echo
echo $myRED"Error - No T-Pot configuration file present."
echo "Please copy one of the preconfigured configuration files from /opt/tpot/etc/compose/*.yml to /opt/tpot/etc/tpot.yml."$myWHITE
echo
exit 1
else
echo $myGREEN"OK"$myWHITE
fi
}
# Let's test the internet connection
function fuCHECKINET () {
mySITES=$1
echo "### Now checking availability of ..."
for i in $mySITES;
do
echo -n "###### $myBLUE$i$myWHITE "
curl --connect-timeout 5 -IsS $i 2>&1>/dev/null
if [ $? -ne 0 ];
then
echo
echo $myRED"Error - Internet connection test failed. This might indicate some problems with your connection."
echo "Exiting."$myWHITE
echo
exit 1
else
echo $myGREEN"OK"$myWHITE
fi
done;
}
function fuSELFUPDATE () {
echo "### Now checking for newer files in repository ..."
git fetch
myREMOTESTAT=$(git status | grep -c "up-to-date")
if [ "$myREMOTESTAT" != "0" ];
then
echo "###### $myBLUE"No updates found in repository."$myWHITE"
return
fi
myRESULT=$(git diff --name-only origin/17.06 | grep update.sh)
myLOCALSTAT=$(git status -uno | grep -c update.sh)
if [ "$myRESULT" == "update.sh" ];
then
if [ "$myLOCALSTAT" == "0" ];
then
echo "###### $myBLUE"Found newer version, will update myself and restart."$myWHITE"
git pull --force
exec "$1" "$2"
exit 1
else
echo $myRED"Error - Update script was changed locally, cannot update."
echo "Exiting."$myWHITE
echo
exit 1
fi
else
echo "###### Update script is already up-to-date."
fi
}
# Only run with command switch
if [ "$1" != "-y" ]; then
echo "This script will update / upgrade all T-Pot related scripts, tools and packages"
echo "Some of your changes might be overwritten, so make sure to save your work"
echo "This feature is still experimental, run with \"-y\" switch"
echo
exit
fi
echo "### Now running T-Pot update script."
echo
fuCHECKINET "https://index.docker.io https://github.com https://pypi.python.org https://ubuntu.com"
echo
fuSELFUPDATE "$0" "$@"
echo
fuCONFIGCHECK
echo
echo "### Now stopping T-Pot"
systemctl stop tpot
echo
echo "### Now upgrading packages"
apt-get autoclean -y
apt-get autoremove -y
apt-get update
apt-get dist-upgrade -y
pip install --upgrade pip
pip install docker-compose==1.16.1
pip install elasticsearch-curator==5.2.0
ln -s /usr/bin/nodejs /usr/bin/node 2>&1
npm install https://github.com/t3chn0m4g3/wetty -g
npm install https://github.com/t3chn0m4g3/elasticsearch-dump -g
wget https://github.com/bcicen/ctop/releases/download/v0.6.1/ctop-0.6.1-linux-amd64 -O /usr/bin/ctop && chmod +x /usr/bin/ctop
echo
echo "### Now replacing T-Pot related config files on host"
cp host/etc/systemd/* /etc/systemd/system/
cp host/etc/issue /etc/
cp -R host/etc/nginx/ssl /etc/nginx/
cp host/etc/nginx/tpotweb.conf /etc/nginx/sites-available/
cp host/etc/nginx/nginx.conf /etc/nginx/nginx.conf
cp host/usr/share/nginx/html/* /usr/share/nginx/html/
echo
echo "### Now reloading systemd, nginx"
systemctl daemon-reload
nginx -s reload
echo
echo "### Now restarting wetty, nginx, docker"
systemctl restart wetty.service
systemctl restart nginx.service
systemctl restart docker.service
echo
echo "### Now pulling latest docker images"
docker-compose -f /opt/tpot/etc/tpot.yml pull
echo
echo "### Now starting T-Pot service"
systemctl start tpot
echo
echo "### Done."