Update installer

installer/bin/check.sh

@@ -4,38 +4,57 @@
 # T-Pot Community Edition                              #
 # Check container and services script                  #
 #                                                      #
-# v0.10 by mo, DTAG, 2015-01-27                        #
+# v0.11 by mo, DTAG, 2015-01-28                        #
 ########################################################
-
 if [ -f /var/run/check.lock ];
   then exit
 fi
 
+myIMAGES=$(cat /data/images.conf)
+
 touch /var/run/check.lock
 
 myUPTIME=$(awk '{print int($1/60)}' /proc/uptime)
-for i in dionaea elk ews glastopf honeytrap kippo suricata
-do 
-  myCIDSTATUS=$(docker exec -i $i supervisorctl status)
-  if [ $? -ne 0 ]; then
-    myCIDSTATUS=1 
-  else 
-    myCIDSTATUS=$(echo $myCIDSTATUS | egrep -c "(STOPPED|FATAL)")
-  fi
-  if [ $myCIDSTATUS -gt 0 ]; then
-    if [ $myUPTIME -gt 5 ]; then
-      service docker stop
-      docker rm $(docker ps -aq)
-      service docker start
-      for j in dionaea glastopf honeytrap kippo suricata ews elk
-      do
-        sleep 10
-        service $j start
-      done
-      rm /var/run/check.lock
-      exit 0
-    fi
-  fi
+for i in $myIMAGES
+  do 
+    myCIDSTATUS=$(docker exec -i $i supervisorctl status)
+      if [ $? -ne 0 ]; 
+        then
+          myCIDSTATUS=1 
+        else 
+          myCIDSTATUS=$(echo $myCIDSTATUS | egrep -c "(STOPPED|FATAL)")
+      fi
+      if [ $myCIDSTATUS -gt 0 ]; 
+        then
+          if [ $myUPTIME -gt 5 ]; 
+            then
+              for j in $myIMAGES
+                do
+                  service $j stop
+              done
+              service docker restart
+              while true
+                do
+                  docker info > /dev/null
+                  if [ $? -ne 0 ];
+                    then
+                      echo Docker daemon is still starting.
+                    else
+                      echo Docker daemon is now available.
+                      break
+                  fi
+                  sleep 0.1
+              done
+              docker rm $(docker ps -aq)
+              for j in $myIMAGES
+                do
+                  service $j start
+                  sleep $(((RANDOM %5)+5))
+              done
+              rm /var/run/check.lock
+              exit
+          fi
+      fi
 done
 
 rm /var/run/check.lock

installer/bin/dcres.sh

@@ -0,0 +1,47 @@
+#!/bin/bash
+
+########################################################
+# T-Pot Community Edition                              #
+# Container and services restart script                #
+#                                                      #
+# v0.10 by mo, DTAG, 2015-01-28                        #
+########################################################
+
+if [ -f /var/run/check.lock ];
+  then exit
+fi
+
+myIMAGES=$(cat /data/images.conf)
+
+touch /var/run/check.lock
+
+myUPTIME=$(awk '{print int($1/60)}' /proc/uptime)
+if [ $myUPTIME -gt 5 ]; 
+  then
+    for i in $myIMAGES 
+      do
+        service $i stop
+    done
+    service docker restart
+    while true
+      do
+        docker info > /dev/null
+        if [ $? -ne 0 ];
+          then
+            echo Docker daemon is still starting.
+          else 
+            echo Docker daemon is now available.
+            break
+        fi
+        sleep 0.1
+    done
+    docker rm $(docker ps -aq)
+    for i in $myIMAGES
+      do
+        service $i start
+        sleep $(((RANDOM %5)+5))
+    done
+fi
+
+rm /var/run/check.lock
+

installer/bin/status.sh

@@ -7,6 +7,7 @@
 # v0.10 by mo, DTAG, 2015-01-27                        #
 ########################################################
 myCOUNT=1
+myIMAGES=$(cat /data/images.conf)
 while true
 do 
   if ! [ -f /var/run/check.lock ];
@@ -18,6 +19,12 @@ do
       echo -n "Waiting for services "
     else echo -n .
   fi
+  if [ $myCOUNT = 300 ];
+    then
+    echo
+    echo "Services are busy or not available. Please retry later."
+    exit 1
+  fi
   myCOUNT=$[$myCOUNT +1]
 done
 echo
@@ -25,7 +32,7 @@ echo
 echo "****************** $(date) ******************"
 echo
 echo
-for i in dionaea elk ews glastopf honeytrap kippo suricata
+for i in $myIMAGES
 do 
   echo "======| Container:" $i "|======"
   docker exec -i $i supervisorctl status | GREP_COLORS='mt=01;32' egrep --color=always "(RUNNING)|$" | GREP_COLORS='mt=01;31' egrep --color=always "(STOPPED|FATAL)|$"

installer/data/images.conf

@@ -0,0 +1,7 @@
+dionaea
+glastopf
+honeytrap
+kippo
+suricata
+ews
+elk

installer/etc/rc.local

@@ -0,0 +1,13 @@
+#!/bin/sh -e
+# Let's add the first local ip to the /etc/issue and ews.ip file
+myIP=$(hostname -I | awk '{ print $1 }')
+sed -i "s#IP:.*#IP: $myIP#" /etc/issue
+tee /data/ews/conf/ews.ip << EOF
+[MAIN]
+ip = $myIP
+EOF
+if [ -f /var/run/check.lock ];
+  then rm /var/run/check.lock
+fi
+setupcon
+exit 0

installer/install1.sh

@@ -4,7 +4,7 @@
 #                           and consoleblank permanently    #
 # Ubuntu server 14.04.1, x64                                #
 #                                                           #
-# v0.10 by mo, DTAG, 2015-01-20                             #
+# v0.11 by mo, DTAG, 2015-01-28                             #
 #############################################################
 
 # Let's replace "quiet splash" options and update grub
@@ -15,4 +15,4 @@ sed -i 's#FONTFACE="VGA"#FONTFACE="Terminus"#' /etc/default/console-setup
 sed -i 's#FONTSIZE="16"#FONTSIZE="12x6"#' /etc/default/console-setup
 
 # Let's move the install script to rc.local and reboot
-mv /root/install.sh /etc/rc.local && sleep 2 && reboot
+mv /root/tpotce/install2.sh /etc/rc.local && sleep 2 && reboot

installer/install2.sh

@@ -3,7 +3,7 @@
 # T-Pot Community Edition post install script          #
 # Ubuntu server 14.04, x64                             #
 #                                                      #
-# v0.30 by mo, DTAG, 2015-01-27                        #
+# v0.40 by mo, DTAG, 2015-01-28                        #
 ########################################################
 
 # Let's make sure there is a warning if running for a second time
@@ -59,9 +59,6 @@ mkdir -p /data/ews/log /data/ews/conf /data/elk/data /data/elk/log
 chmod 760 -R /data
 chown tpot:tpot -R /data
 
-chmod 700 /home/tsec/*.sh
-chown tsec:tsec /home/tsec/*.sh
-
 # Let's set the hostname
 fuECHO "### Setting a new hostname."
 myHOST=ce$(date +%s)$RANDOM
@@ -84,7 +81,7 @@ EOF
 
 # Let's load docker images from remote
 fuECHO "### Downloading docker images from DockerHub. Please be patient, this may take a while."
-for name in dionaea elk ews glastopf honeytrap kippo suricata
+for name in $(cat /root/tpotce/data/images.conf) 
 do
   docker pull dtagdevsec/$name
 done
@@ -102,29 +99,31 @@ fuECHO "### Adding cronjobs."
 tee -a /etc/crontab <<EOF
 
 # Show running containers every 60s via /dev/tty2
-*/2 * * * * root /usr/bin/status.sh 2 > /dev/tty2 
+*/1 * * * * root /usr/bin/status.sh > /dev/tty2 
 
 # Check if containers and services are up
 */5 * * * * root /usr/bin/check.sh
+
+# Restart docker service and containers
+7 3 * * * root /usr/bin/dcres.sh
 EOF
 
-# Let's update rc.local
-fuECHO "### Updating rc.local."
-tee /etc/rc.local.new <<EOF
-#!/bin/sh -e
-# Let's add the first local ip to the /etc/issue file
-sed -i "s#IP:.*#IP: \$(hostname -I | awk '{ print \$1 }')#" /etc/issue
-if [ -f /var/run/check.lock ];
-  then rm /var/run/check.lock
-fi
-setupcon
-exit 0
-EOF
+# Let's take care of some files and permissions
+chmod 500 /root/tpotce/bin/*
+chmod 600 /root/tpotce/data/*
+chmod 644 /root/tpotce/etc/issue
+chmod 755 /root/tpotce/etc/rc.local
+chmod 700 /root/tpotce/home/*
+chown tsec:tsec /root/tpotce/home/*
+chmod 644 /root/tpotce/upstart/*
 
-chmod +x /etc/rc.local.new
+# Let's move some files
+mv /root/tpotce/bin/* /usr/bin/
+mv /root/tpotce/data/* /data/
+mv /root/tpotce/etc/issue /etc/
+mv /root/tpotce/home/* /home/tsec/
+mv /root/tpotce/upstart/* /etc/init/
 
 # Final steps
 fuECHO "### Thanks for your patience. Now rebooting."
-mv /root/upstart/*.conf /etc/init/
-rm -rf /root/upstart/
-mv /etc/rc.local.new /etc/rc.local && chage -d 0 tsec && sleep 2 && reboot
+mv /root/tpotce/etc/rc.local /etc/rc.local && rm -rf /root/tpotce/ && chage -d 0 tsec && sleep 2 && reboot

installer/upstart/elk.conf

@@ -2,12 +2,12 @@
 # T-Pot Community Edition                              #
 # ELK upstart script                                   #
 #                                                      #
-# v0.50 by mo, DTAG, 2015-01-27                        #
+# v0.51 by mo, DTAG, 2015-01-28                        #
 ########################################################
 
 description "ELK"
 author "mo"
-start on started docker and filesystem
+start on started docker and filesystem and started ews and started dionaea and started glastopf and started honeytrap and started kippo and started suricata
 stop on runlevel [!2345]
 respawn
 pre-start script

installer/upstart/ews.conf

@@ -2,12 +2,12 @@
 # T-Pot Community Edition                              #
 # EWS upstart script                                   #
 #                                                      #
-# v0.50 by mo, DTAG, 2015-01-27                        #
+# v0.51 by mo, DTAG, 2015-01-28                        #
 ########################################################
 
 description "EWS"
 author "mo"
-start on started docker and filesystem
+start on started docker and filesystem and started dionaea and started glastopf and started honeytrap and started kippo
 stop on runlevel [!2345]
 respawn
 pre-start script

makeiso.sh

@@ -48,7 +48,7 @@ losetup -d /dev/loop0
 # Let's add the files for the automated install
 fuECHO "### Adding the automated install files."
 mkdir -p $myTPOTCEDIR/tpotce
-cp installer/* -r $myTPOTCEDIR/tpotce/
+cp installer/* -R $myTPOTCEDIR/tpotce/
 cp isolinux/* $myTPOTCEDIR/isolinux/
 cp kickstart/* $myTPOTCEDIR/tpotce/
 cp preseed/* $myTPOTCEDIR/tpotce/

preseed/tpotce.seed

@@ -36,11 +36,7 @@ d-i pkgsel/update-policy select unattended-upgrades
 # Post install
 d-i preseed/late_command string \
 cp /cdrom/tpotce/install1.sh /target/etc/rc.local; \
-cp /cdrom/tpotce/install2.sh /target/root/install.sh; \
-cp /cdrom/tpotce/bin/*.sh /target/usr/bin/; \
-cp /cdrom/tpotce/etc/issue /target/etc/; \
-cp /cdrom/tpotce/home/*.sh /target/home/tsec/; \
-cp -r /cdrom/tpotce/upstart/ /target/root/
+cp -r /cdrom/tpotce/ /target/root/
 
 # Reboot
 d-i finish-install/reboot_in_progress note