From a0c5a8c0e719e318d464c8674dea050bdeb1c5e9 Mon Sep 17 00:00:00 2001
From: t3chn0m4g3 <t3chn0m4g3@gmail.com>
Date: Tue, 27 Jun 2023 09:23:52 +0000
Subject: [PATCH 1/2] fix port definitions

- docker-compose no longer accepts ports definitions when network_mode: host is set
- previous versions simply ignored the ports definitions, the updated docker-compose breaks with an error however
---
 bin/rules.sh                    | 2 +-
 docker/nginx/docker-compose.yml | 6 +++---
 etc/compose/collector.yml       | 6 +++---
 etc/compose/hive.yml            | 6 +++---
 etc/compose/industrial.yml      | 6 +++---
 etc/compose/log4j.yml           | 6 +++---
 etc/compose/medical.yml         | 6 +++---
 etc/compose/mini.yml            | 6 +++---
 etc/compose/nextgen.yml         | 6 +++---
 etc/compose/standard.yml        | 6 +++---
 etc/compose/tarpit.yml          | 6 +++---
 11 files changed, 31 insertions(+), 31 deletions(-)

diff --git a/bin/rules.sh b/bin/rules.sh
index 52eb7e48..c4a964da 100755
--- a/bin/rules.sh
+++ b/bin/rules.sh
@@ -1,7 +1,7 @@
 #!/bin/bash
 
 ### Vars, Ports for Standard services
-myHOSTPORTS="7634 64294 64295"
+myHOSTPORTS="7634 64294 64295 64297 64304"
 myDOCKERCOMPOSEYML="$1"
 myRULESFUNCTION="$2"
 
diff --git a/docker/nginx/docker-compose.yml b/docker/nginx/docker-compose.yml
index 7e337abe..1029a4d9 100644
--- a/docker/nginx/docker-compose.yml
+++ b/docker/nginx/docker-compose.yml
@@ -20,9 +20,9 @@ services:
 #    cpu_count: 1
 #    cpus: 0.75
     network_mode: "host"
-    ports:
-     - "64297:64297"
-     - "127.0.0.1:64304:64304"
+      #    ports:
+      #     - "64297:64297"
+      #     - "127.0.0.1:64304:64304"
     image: "dtagdevsec/nginx:2204"
     read_only: true
     volumes:
diff --git a/etc/compose/collector.yml b/etc/compose/collector.yml
index 2e8134e8..9e72ef1a 100644
--- a/etc/compose/collector.yml
+++ b/etc/compose/collector.yml
@@ -237,9 +237,9 @@ services:
      - /run
      - /var/lib/nginx/tmp:uid=100,gid=82
     network_mode: "host"
-    ports:
-     - "64297:64297"
-     - "127.0.0.1:64304:64304"
+      #    ports:
+      #     - "64297:64297"
+      #     - "127.0.0.1:64304:64304"
     image: "dtagdevsec/nginx:2204"
     read_only: true
     volumes:
diff --git a/etc/compose/hive.yml b/etc/compose/hive.yml
index 29825486..4ed8cedc 100644
--- a/etc/compose/hive.yml
+++ b/etc/compose/hive.yml
@@ -118,9 +118,9 @@ services:
      - /run
      - /var/lib/nginx/tmp:uid=100,gid=82
     network_mode: "host"
-    ports:
-     - "64297:64297"
-     - "127.0.0.1:64304:64304"
+      #    ports:
+      #     - "64297:64297"
+      #     - "127.0.0.1:64304:64304"
     image: "dtagdevsec/nginx:2204"
     read_only: true
     volumes:
diff --git a/etc/compose/industrial.yml b/etc/compose/industrial.yml
index 15478286..ab9a6490 100644
--- a/etc/compose/industrial.yml
+++ b/etc/compose/industrial.yml
@@ -408,9 +408,9 @@ services:
      - /run
      - /var/lib/nginx/tmp:uid=100,gid=82
     network_mode: "host"
-    ports:
-     - "64297:64297"
-     - "127.0.0.1:64304:64304"
+      #    ports:
+      #     - "64297:64297"
+      #     - "127.0.0.1:64304:64304"
     image: "dtagdevsec/nginx:2204"
     read_only: true
     volumes:
diff --git a/etc/compose/log4j.yml b/etc/compose/log4j.yml
index 9d6b9179..666716c7 100644
--- a/etc/compose/log4j.yml
+++ b/etc/compose/log4j.yml
@@ -227,9 +227,9 @@ services:
      - /run
      - /var/lib/nginx/tmp:uid=100,gid=82
     network_mode: "host"
-    ports:
-     - "64297:64297"
-     - "127.0.0.1:64304:64304"
+      #    ports:
+      #     - "64297:64297"
+      #     - "127.0.0.1:64304:64304"
     image: "dtagdevsec/nginx:2204"
     read_only: true
     volumes:
diff --git a/etc/compose/medical.yml b/etc/compose/medical.yml
index f2c966f4..73c56ea7 100644
--- a/etc/compose/medical.yml
+++ b/etc/compose/medical.yml
@@ -221,9 +221,9 @@ services:
      - /run
      - /var/lib/nginx/tmp:uid=100,gid=82
     network_mode: "host"
-    ports:
-     - "64297:64297"
-     - "127.0.0.1:64304:64304"
+      #    ports:
+      #     - "64297:64297"
+      #     - "127.0.0.1:64304:64304"
     image: "dtagdevsec/nginx:2204"
     read_only: true
     volumes:
diff --git a/etc/compose/mini.yml b/etc/compose/mini.yml
index 052891d9..1c328af3 100644
--- a/etc/compose/mini.yml
+++ b/etc/compose/mini.yml
@@ -248,9 +248,9 @@ services:
      - /run
      - /var/lib/nginx/tmp:uid=100,gid=82
     network_mode: "host"
-    ports:
-     - "64297:64297"
-     - "127.0.0.1:64304:64304"
+      #    ports:
+      #     - "64297:64297"
+      #     - "127.0.0.1:64304:64304"
     image: "dtagdevsec/nginx:2204"
     read_only: true
     volumes:
diff --git a/etc/compose/nextgen.yml b/etc/compose/nextgen.yml
index 75ddc90e..93ae1e4d 100644
--- a/etc/compose/nextgen.yml
+++ b/etc/compose/nextgen.yml
@@ -552,9 +552,9 @@ services:
      - /run
      - /var/lib/nginx/tmp:uid=100,gid=82
     network_mode: "host"
-    ports:
-     - "64297:64297"
-     - "127.0.0.1:64304:64304"
+      #    ports:
+      #     - "64297:64297"
+      #     - "127.0.0.1:64304:64304"
     image: "dtagdevsec/nginx:2204"
     read_only: true
     volumes:
diff --git a/etc/compose/standard.yml b/etc/compose/standard.yml
index e16cfd39..d5025e17 100644
--- a/etc/compose/standard.yml
+++ b/etc/compose/standard.yml
@@ -639,9 +639,9 @@ services:
      - /run
      - /var/lib/nginx/tmp:uid=100,gid=82
     network_mode: "host"
-    ports:
-     - "64297:64297"
-     - "127.0.0.1:64304:64304"
+      #    ports:
+      #     - "64297:64297"
+      #     - "127.0.0.1:64304:64304"
     image: "dtagdevsec/nginx:2204"
     read_only: true
     volumes:
diff --git a/etc/compose/tarpit.yml b/etc/compose/tarpit.yml
index 3ca278b8..377e94ec 100644
--- a/etc/compose/tarpit.yml
+++ b/etc/compose/tarpit.yml
@@ -264,9 +264,9 @@ services:
      - /run
      - /var/lib/nginx/tmp:uid=100,gid=82
     network_mode: "host"
-    ports:
-     - "64297:64297"
-     - "127.0.0.1:64304:64304"
+      #    ports:
+      #     - "64297:64297"
+      #     - "127.0.0.1:64304:64304"
     image: "dtagdevsec/nginx:2204"
     read_only: true
     volumes:

From 81fab84040dd833ad1410bc2b95bb8f841c128e7 Mon Sep 17 00:00:00 2001
From: t3chn0m4g3 <t3chn0m4g3@gmail.com>
Date: Tue, 27 Jun 2023 09:53:28 +0000
Subject: [PATCH 2/2] add bookworm check to updates

while not supported the update script will no longer break if bookworm is found
---
 update.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/update.sh b/update.sh
index 321cb8c2..877d38fd 100755
--- a/update.sh
+++ b/update.sh
@@ -3,7 +3,7 @@
 # Some global vars
 myCONFIGFILE="/opt/tpot/etc/tpot.yml"
 myCOMPOSEPATH="/opt/tpot/etc/compose"
-myLSB_RELEASE="bullseye"
+myLSB_RELEASE=("bullseye" "bookworm")
 myRED="[0;31m"
 myGREEN="[0;32m"
 myWHITE="[0;0m"
@@ -91,7 +91,7 @@ local myMASTERVERSION="22.04.0"
 echo
 echo "### Checking for Release ID"
 myRELEASE=$(lsb_release -c | awk '{ print $2 }')
-if [ "$myRELEASE" != "$myLSB_RELEASE" ] 
+if [[ ! " ${myLSB_RELEASE[@]} " =~ " ${myRELEASE} " ]]; 
   then
     echo "###### Need to upgrade to Debian 11 (Bullseye) first:$myWHITE"" [ $myRED""NOT OK""$myWHITE ]"
     echo "###### Upgrade may result in complete data loss and should not be run via SSH."