From bd4e58dca74b378dcca7067335c1cb92377d8e9e Mon Sep 17 00:00:00 2001 From: t3chn0m4g3 Date: Wed, 28 Jan 2015 17:08:34 +0100 Subject: [PATCH] Update installer --- installer/bin/check.sh | 67 ++++++++++++++++++++++++-------------- installer/bin/dcres.sh | 47 ++++++++++++++++++++++++++ installer/bin/status.sh | 9 ++++- installer/data/images.conf | 7 ++++ installer/etc/rc.local | 13 ++++++++ installer/install1.sh | 4 +-- installer/install2.sh | 43 ++++++++++++------------ installer/upstart/elk.conf | 4 +-- installer/upstart/ews.conf | 4 +-- makeiso.sh | 2 +- preseed/tpotce.seed | 6 +--- 11 files changed, 147 insertions(+), 59 deletions(-) create mode 100755 installer/bin/dcres.sh create mode 100644 installer/data/images.conf create mode 100755 installer/etc/rc.local diff --git a/installer/bin/check.sh b/installer/bin/check.sh index e147dd69..aab2d6e9 100755 --- a/installer/bin/check.sh +++ b/installer/bin/check.sh @@ -4,38 +4,57 @@ # T-Pot Community Edition # # Check container and services script # # # -# v0.10 by mo, DTAG, 2015-01-27 # +# v0.11 by mo, DTAG, 2015-01-28 # ######################################################## - if [ -f /var/run/check.lock ]; then exit fi +myIMAGES=$(cat /data/images.conf) + touch /var/run/check.lock myUPTIME=$(awk '{print int($1/60)}' /proc/uptime) -for i in dionaea elk ews glastopf honeytrap kippo suricata -do - myCIDSTATUS=$(docker exec -i $i supervisorctl status) - if [ $? -ne 0 ]; then - myCIDSTATUS=1 - else - myCIDSTATUS=$(echo $myCIDSTATUS | egrep -c "(STOPPED|FATAL)") - fi - if [ $myCIDSTATUS -gt 0 ]; then - if [ $myUPTIME -gt 5 ]; then - service docker stop - docker rm $(docker ps -aq) - service docker start - for j in dionaea glastopf honeytrap kippo suricata ews elk - do - sleep 10 - service $j start - done - rm /var/run/check.lock - exit 0 - fi - fi +for i in $myIMAGES + do + myCIDSTATUS=$(docker exec -i $i supervisorctl status) + if [ $? -ne 0 ]; + then + myCIDSTATUS=1 + else + myCIDSTATUS=$(echo $myCIDSTATUS | egrep -c "(STOPPED|FATAL)") + fi + if [ $myCIDSTATUS -gt 0 ]; + then + if [ $myUPTIME -gt 5 ]; + then + for j in $myIMAGES + do + service $j stop + done + service docker restart + while true + do + docker info > /dev/null + if [ $? -ne 0 ]; + then + echo Docker daemon is still starting. + else + echo Docker daemon is now available. + break + fi + sleep 0.1 + done + docker rm $(docker ps -aq) + for j in $myIMAGES + do + service $j start + sleep $(((RANDOM %5)+5)) + done + rm /var/run/check.lock + exit + fi + fi done rm /var/run/check.lock diff --git a/installer/bin/dcres.sh b/installer/bin/dcres.sh new file mode 100755 index 00000000..cf920ab3 --- /dev/null +++ b/installer/bin/dcres.sh @@ -0,0 +1,47 @@ +#!/bin/bash + +######################################################## +# T-Pot Community Edition # +# Container and services restart script # +# # +# v0.10 by mo, DTAG, 2015-01-28 # +######################################################## + +if [ -f /var/run/check.lock ]; + then exit +fi + +myIMAGES=$(cat /data/images.conf) + +touch /var/run/check.lock + +myUPTIME=$(awk '{print int($1/60)}' /proc/uptime) +if [ $myUPTIME -gt 5 ]; + then + for i in $myIMAGES + do + service $i stop + done + service docker restart + while true + do + docker info > /dev/null + if [ $? -ne 0 ]; + then + echo Docker daemon is still starting. + else + echo Docker daemon is now available. + break + fi + sleep 0.1 + done + docker rm $(docker ps -aq) + for i in $myIMAGES + do + service $i start + sleep $(((RANDOM %5)+5)) + done +fi + +rm /var/run/check.lock + diff --git a/installer/bin/status.sh b/installer/bin/status.sh index 7a72c0b3..288ec8bf 100755 --- a/installer/bin/status.sh +++ b/installer/bin/status.sh @@ -7,6 +7,7 @@ # v0.10 by mo, DTAG, 2015-01-27 # ######################################################## myCOUNT=1 +myIMAGES=$(cat /data/images.conf) while true do if ! [ -f /var/run/check.lock ]; @@ -18,6 +19,12 @@ do echo -n "Waiting for services " else echo -n . fi + if [ $myCOUNT = 300 ]; + then + echo + echo "Services are busy or not available. Please retry later." + exit 1 + fi myCOUNT=$[$myCOUNT +1] done echo @@ -25,7 +32,7 @@ echo echo "****************** $(date) ******************" echo echo -for i in dionaea elk ews glastopf honeytrap kippo suricata +for i in $myIMAGES do echo "======| Container:" $i "|======" docker exec -i $i supervisorctl status | GREP_COLORS='mt=01;32' egrep --color=always "(RUNNING)|$" | GREP_COLORS='mt=01;31' egrep --color=always "(STOPPED|FATAL)|$" diff --git a/installer/data/images.conf b/installer/data/images.conf new file mode 100644 index 00000000..e42ceab6 --- /dev/null +++ b/installer/data/images.conf @@ -0,0 +1,7 @@ +dionaea +glastopf +honeytrap +kippo +suricata +ews +elk diff --git a/installer/etc/rc.local b/installer/etc/rc.local new file mode 100755 index 00000000..e4884080 --- /dev/null +++ b/installer/etc/rc.local @@ -0,0 +1,13 @@ +#!/bin/sh -e +# Let's add the first local ip to the /etc/issue and ews.ip file +myIP=$(hostname -I | awk '{ print $1 }') +sed -i "s#IP:.*#IP: $myIP#" /etc/issue +tee /data/ews/conf/ews.ip << EOF +[MAIN] +ip = $myIP +EOF +if [ -f /var/run/check.lock ]; + then rm /var/run/check.lock +fi +setupcon +exit 0 diff --git a/installer/install1.sh b/installer/install1.sh index 5682f884..04553f60 100755 --- a/installer/install1.sh +++ b/installer/install1.sh @@ -4,7 +4,7 @@ # and consoleblank permanently # # Ubuntu server 14.04.1, x64 # # # -# v0.10 by mo, DTAG, 2015-01-20 # +# v0.11 by mo, DTAG, 2015-01-28 # ############################################################# # Let's replace "quiet splash" options and update grub @@ -15,4 +15,4 @@ sed -i 's#FONTFACE="VGA"#FONTFACE="Terminus"#' /etc/default/console-setup sed -i 's#FONTSIZE="16"#FONTSIZE="12x6"#' /etc/default/console-setup # Let's move the install script to rc.local and reboot -mv /root/install.sh /etc/rc.local && sleep 2 && reboot +mv /root/tpotce/install2.sh /etc/rc.local && sleep 2 && reboot diff --git a/installer/install2.sh b/installer/install2.sh index a7b19a74..91c7032c 100755 --- a/installer/install2.sh +++ b/installer/install2.sh @@ -3,7 +3,7 @@ # T-Pot Community Edition post install script # # Ubuntu server 14.04, x64 # # # -# v0.30 by mo, DTAG, 2015-01-27 # +# v0.40 by mo, DTAG, 2015-01-28 # ######################################################## # Let's make sure there is a warning if running for a second time @@ -59,9 +59,6 @@ mkdir -p /data/ews/log /data/ews/conf /data/elk/data /data/elk/log chmod 760 -R /data chown tpot:tpot -R /data -chmod 700 /home/tsec/*.sh -chown tsec:tsec /home/tsec/*.sh - # Let's set the hostname fuECHO "### Setting a new hostname." myHOST=ce$(date +%s)$RANDOM @@ -84,7 +81,7 @@ EOF # Let's load docker images from remote fuECHO "### Downloading docker images from DockerHub. Please be patient, this may take a while." -for name in dionaea elk ews glastopf honeytrap kippo suricata +for name in $(cat /root/tpotce/data/images.conf) do docker pull dtagdevsec/$name done @@ -102,29 +99,31 @@ fuECHO "### Adding cronjobs." tee -a /etc/crontab < /dev/tty2 +*/1 * * * * root /usr/bin/status.sh > /dev/tty2 # Check if containers and services are up */5 * * * * root /usr/bin/check.sh + +# Restart docker service and containers +7 3 * * * root /usr/bin/dcres.sh EOF -# Let's update rc.local -fuECHO "### Updating rc.local." -tee /etc/rc.local.new <