diff --git a/installer/bin/check.sh b/installer/bin/check.sh index 0878e3e5..ddb46217 100755 --- a/installer/bin/check.sh +++ b/installer/bin/check.sh @@ -19,20 +19,23 @@ touch /var/run/check.lock myUPTIME=$(awk '{print int($1/60)}' /proc/uptime) for i in $myIMAGES do - myCIDSTATUS=$(docker exec $i supervisorctl status) - if [ $? -ne 0 ]; - then - myCIDSTATUS=1 - else - myCIDSTATUS=$(echo $myCIDSTATUS | egrep -c "(STOPPED|FATAL)") - fi - if [ $myUPTIME -gt 4 ] && [ $myCIDSTATUS -gt 0 ]; - then - echo "Restarting "$i"." - systemctl stop $i - sleep 5 - systemctl start $i - fi + if [ "$i" != "ui-for-docker" ] && [ "$i" != "netdata" ]; + then + myCIDSTATUS=$(docker exec $i supervisorctl status) + if [ $? -ne 0 ]; + then + myCIDSTATUS=1 + else + myCIDSTATUS=$(echo $myCIDSTATUS | egrep -c "(STOPPED|FATAL)") + fi + if [ $myUPTIME -gt 4 ] && [ $myCIDSTATUS -gt 0 ]; + then + echo "Restarting "$i"." + systemctl stop $i + sleep 5 + systemctl start $i + fi + fi done rm /var/run/check.lock diff --git a/installer/bin/status.sh b/installer/bin/status.sh index ecdb4e05..e39280cf 100755 --- a/installer/bin/status.sh +++ b/installer/bin/status.sh @@ -42,7 +42,10 @@ echo CPU temp: $(sensors | grep "Physical" | awk '{ print $4 }') echo for i in $myIMAGES do - echo "======| Container:" $i "|======" - docker exec $i supervisorctl status | GREP_COLORS='mt=01;32' egrep --color=always "(RUNNING)|$" | GREP_COLORS='mt=01;31' egrep --color=always "(STOPPED|FATAL)|$" - echo + if [ "$i" != "ui-for-docker" ] && [ "$i" != "netdata" ]; + then + echo "======| Container:" $i "|======" + docker exec $i supervisorctl status | GREP_COLORS='mt=01;32' egrep --color=always "(RUNNING)|$" | GREP_COLORS='mt=01;31' egrep --color=always "(STOPPED|FATAL)|$" + echo + fi done diff --git a/installer/etc/issue b/installer/etc/issue index 6e0dbd43..114e1fa5 100644 --- a/installer/etc/issue +++ b/installer/etc/issue @@ -1,7 +1,5 @@ T-Pot 16.10 (development) Hostname: \n -IP: - ___________ _____________________________ \\__ ___/ \\______ \\_____ \\__ ___/ @@ -10,6 +8,9 @@ ___________ _____________________________ |____| |____| \\_______ /____| \\/ + IP: +SSH: +WEB: -CTRL+ALT+F2 - Display current container status -CTRL+ALT+F1 - Return to this screen + + diff --git a/installer/etc/nginx/ssl/nginx.crt b/installer/etc/nginx/ssl/nginx.crt deleted file mode 100644 index a5f9483a..00000000 --- a/installer/etc/nginx/ssl/nginx.crt +++ /dev/null @@ -1,53 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIJXTCCBUWgAwIBAgIJANU7jQr6/QTdMA0GCSqGSIb3DQEBDQUAMEUxCzAJBgNV -BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX -aWRnaXRzIFB0eSBMdGQwHhcNMTYwODAxMTMwMjEzWhcNMjYwNzMwMTMwMjEzWjBF -MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50 -ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIEIjANBgkqhkiG9w0BAQEFAAOCBA8AMIIE -CgKCBAEAnQKXLLcvpvxcoV/vZYbMxBSo8dyZKkUVJhMqWqpAi9+kkuk0bIWGD0Bj -9NEExNqdtKZ2+ZmrBWo1a5SSCrfum+jW+JrQxYQubeiEbCij6687sOwuM17EDUJn -xaF7c6ZQx+ofRGtUsIE79ycIH6amZNwBFd+Cw70HnPH28w51D65KSIQqEcb1peAC -V7eZQo8bwQ1vajRp+XF6CA3TeGA5707v+ij0AMl8xWk1q8IMel5e2USvnIF27mH+ -Pc35qNJj4PzZ3yM2hOl4/zO9/3fHoQKp+WvBDYDK5R+3QeVbSBiTu/zpFtlAjCVo -reMWFPG5gxE2QlYl4YM2gbv2jN/trQpySgoY+cQiwSyd353mdJV4UXAY8ukE2NiN -dxrRpqIbBLU8G3uy/wKKIcrbBBtXYMmaGAK73fQRX06Lea0m15y9DcvEnxqsH5CZ -qK3qRE9o4HzGdStivq0WUK/fuToeAzH4mEAryiDfsk/VXSTmhKlacCRddawdwaGk -ivuqViuKJ8S3x/idyy4K2yGHU1U4ihDUT+cwF/JUOMJ/hdoiODbloN92eB7gpHVp -kn7+2bBC3BEHZtD+mQVnasztYBPyQsfIce/pDQFeI+YvRjF68f6EeJoHXFj3vx84 -bONCgDcRQzfrUujJlfoC4vd9iKogk+RXpb4BKOrNIvNsEP22P/Dxw32nH9sUy29u -j/0weTLVUlpMvWFLzXc0fVGY1WmXAezaCG4f87baWZEePykgZPW+rel4Rn5q5YxD -nI76nbJrMpIBqSjTuWX+JH5vn3mNMrItF6manH6KqIEdBEPWGC5AlE1PuLoK4ort -NB1KoHG46pFOikl7hyiXSs2rWTXmaBRTFHqG5f4K1HP9i3XnMBHWdouNZ39lnLls -rxStSKsfNY8bRnPzBGb4PAzjZ53LbrScJcjHxI+jfde1CwSZIdVB6bwlbJo5HXUl -WvoGYjDKbCyFKHPLtR+8Jcb47uPvw2AQuInGamOpqGzI1y2XEM6LOU5+BNd3nQiO -l6o+e2qMpSPJYf/lECYiTCvvKbkbyHTw9SLQ6RmInNgGyolSSnTqQTTxELRqazIj -6iiz969NfwEs+nx43kCfLqo7g+86WoHdTqjFVBi2JpDNjy5quwTg2AxPqfm1gg8/ -p2cB8to1Gej7iUgAjifN7lcWJmgCdw2uEL77InF+Zaw2UqYhrhsPy5IM3X61ly+e -xiZTzgWB9YbH21N8MgHGAMNd9PLdZ6eZswTQpsT1UdoBMS6RhpWy/c6cKAX0W9cA -vfBSWPHLAU56qzpKuTwbQenIQEshH2/N6x2as30bgoQ2vo2uCDbgx9J769AJglmY -dUiuvYZv7u/21I0VzEEC1z8FCqlxawIDAQABo1AwTjAdBgNVHQ4EFgQUf0gNHQde -p6OqfSRj1qqSIjujVG4wHwYDVR0jBBgwFoAUf0gNHQdep6OqfSRj1qqSIjujVG4w -DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOCBAEAkqa41Fy6m1CkocVuaGrn -r1l2nLtPiTZjVohZ2liVpfH09Jk0xKm+FBsbUK5wbS10kIPKmtvLq60JCTb8QjK8 -K43AMWiUPVl93YcEJO6ZC2FU8TKJYwHPQ7VpjsKS2kW63fGZ3J812cByCbWF70FE -Wp/aHRd7ECDAarvDUN+/GZs6UoMl0teJt2CSAmHq2UbzlxJl6eXv7BePBzPd9qrv -gqGuWnOq57voltyFNfwZGtJn3o2CQoFrPE1dlHJX+upL9oDTC7n+6LhPbxjLZo2C -M66/qqjfR1F6zLhplE+5N+J1EZ1yRF5izkMkXwyAJEeSNO+n33dzfXItPU4qmJ0J -Hqo1ME+3pO9cPI6eSMH7Rk7qR7Dr6UIpdoGRNX8dTDN5yGzopP5aI7AaTH1zd7CR -czmX8QQbKh5NClXhQMa56JI3wAJgfG4dv6jmQT+5PA8+SSR+ccdmbWvDnZ9MWX/W -LpNajalzvN6+x1d3MSAABqO0u014kywKu1cCLgcBzdKBEcGOA2au3vfBdyiBauRV -E2OB6yLoSqUDNNDw//tr5Eih4gJZqnknzKj8UD+Sv84ExOJsX04apVz62Rba9dRj -CU6Ni2h8fnPBK/ws3Yx7ob30UozofZTJaxWeBxqZ/2nBkRcsLR+2AkdIybMSrttj -NbR/+1h67c74TLivkFU+cy+KXF0KgdfVwfUZYVlleaQA12dIp/7+Ivhxo/jyaw6W -s9A8ctaGtUtp3+UZeNBOSN3bTIrcgPxDTnuzKbS8K8ABQUzbyHCIuKyhxbkPR5y8 -YwIfheSmHbBYhK2fG0AWPUpTLUMQg2IR9+CPEi6GZXRcbPkRL7AjJMLSqbecJlpT -LQ+xltU/D4my/WTjonsY2b4xvEEiYhF9OT8+L4z0UUo66HGCJnuGFdJEdJdK2RDr -ABnP1NOenAp5M7+8cf79jLop6fIbP3/kWQoWvPYBW/WkIHF0Fefmw+FgyI/7N9uJ -CXTOps2YiDeMyk+kdykJOaWcKZSrs9FZGk1bOx2/HaPfbaZdI+hYdfKxedK/4L9D -YZIdU7jWtORRdBM9b45ZluPdeYsD169AgfRD3ltvKEwebWdjJFERzDc+uk2sHdPL -ojiPxLmewa4OLMQFgo2pL2jwJPybWF/n4UW0MaPIPLfTkCSmay8V3tq4EdGjXJYj -8K8jOn1VjPeDL14FHs48T1pSElgxpFanAQkVEIpPfaRCWSXRJykG9YcuBWfLWzbs -QOWwweGaC4w8fY9k8Ev08tn5FLe9YPFFBVO++gzd5JzoQTMDwORrSzUu+D23QZER -TMkwIess0COsq+7+QeZZISiYnsq8dV3OfpiAp5XAQTCbln1fVeJNWwzxBegvw118 -8g== ------END CERTIFICATE----- diff --git a/installer/etc/nginx/ssl/nginx.key b/installer/etc/nginx/ssl/nginx.key deleted file mode 100644 index d4a8228c..00000000 --- a/installer/etc/nginx/ssl/nginx.key +++ /dev/null @@ -1,100 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIISQQIBADANBgkqhkiG9w0BAQEFAASCEiswghInAgEAAoIEAQCdApcsty+m/Fyh -X+9lhszEFKjx3JkqRRUmEypaqkCL36SS6TRshYYPQGP00QTE2p20pnb5masFajVr -lJIKt+6b6Nb4mtDFhC5t6IRsKKPrrzuw7C4zXsQNQmfFoXtzplDH6h9Ea1SwgTv3 -JwgfpqZk3AEV34LDvQec8fbzDnUPrkpIhCoRxvWl4AJXt5lCjxvBDW9qNGn5cXoI -DdN4YDnvTu/6KPQAyXzFaTWrwgx6Xl7ZRK+cgXbuYf49zfmo0mPg/NnfIzaE6Xj/ -M73/d8ehAqn5a8ENgMrlH7dB5VtIGJO7/OkW2UCMJWit4xYU8bmDETZCViXhgzaB -u/aM3+2tCnJKChj5xCLBLJ3fneZ0lXhRcBjy6QTY2I13GtGmohsEtTwbe7L/Aooh -ytsEG1dgyZoYArvd9BFfTot5rSbXnL0Ny8SfGqwfkJmorepET2jgfMZ1K2K+rRZQ -r9+5Oh4DMfiYQCvKIN+yT9VdJOaEqVpwJF11rB3BoaSK+6pWK4onxLfH+J3LLgrb -IYdTVTiKENRP5zAX8lQ4wn+F2iI4NuWg33Z4HuCkdWmSfv7ZsELcEQdm0P6ZBWdq -zO1gE/JCx8hx7+kNAV4j5i9GMXrx/oR4mgdcWPe/Hzhs40KANxFDN+tS6MmV+gLi -932IqiCT5FelvgEo6s0i82wQ/bY/8PHDfacf2xTLb26P/TB5MtVSWky9YUvNdzR9 -UZjVaZcB7NoIbh/zttpZkR4/KSBk9b6t6XhGfmrljEOcjvqdsmsykgGpKNO5Zf4k -fm+feY0ysi0XqZqcfoqogR0EQ9YYLkCUTU+4ugriiu00HUqgcbjqkU6KSXuHKJdK -zatZNeZoFFMUeobl/grUc/2LdecwEdZ2i41nf2WcuWyvFK1Iqx81jxtGc/MEZvg8 -DONnnctutJwlyMfEj6N917ULBJkh1UHpvCVsmjkddSVa+gZiMMpsLIUoc8u1H7wl -xvju4+/DYBC4icZqY6mobMjXLZcQzos5Tn4E13edCI6Xqj57aoylI8lh/+UQJiJM -K+8puRvIdPD1ItDpGYic2AbKiVJKdOpBNPEQtGprMiPqKLP3r01/ASz6fHjeQJ8u -qjuD7zpagd1OqMVUGLYmkM2PLmq7BODYDE+p+bWCDz+nZwHy2jUZ6PuJSACOJ83u -VxYmaAJ3Da4QvvsicX5lrDZSpiGuGw/LkgzdfrWXL57GJlPOBYH1hsfbU3wyAcYA -w1308t1np5mzBNCmxPVR2gExLpGGlbL9zpwoBfRb1wC98FJY8csBTnqrOkq5PBtB -6chASyEfb83rHZqzfRuChDa+ja4INuDH0nvr0AmCWZh1SK69hm/u7/bUjRXMQQLX -PwUKqXFrAgMBAAECggQAXcWfTih2AFA2bnbifotcnjsMj67Fl1Y9BElsAUwvUpqW -Ktu24J16bH9zc1Kme39psuu8oOPjHU/Kad8IvfgOPPV59m5YA68nH6M/+2zmQaud -hdP439tYUeb4HTONjIunMU6lr/I+WVBF5R1dn7GjLResWkjsS0UJV/W3HIDk7yGT -4e11RrrCGXhJTeQsV3ErDUid4xs8s6rPTCIdy4YE8+T8NDbjS9kKeMiWMmeplifo -k/COxXUY99R0yKrM0cQdvNCmurrII+dgyWI4tmvuQT5bD8kIOq1SADfJ9kQqGUv8 -Z8jr2SaVg14QP9IhbQ7VUe8krcfPxfjcw+zjmk1fIPrdOVUAh6NZcm/YNiaS7cwb -WOAPNnxu1ae4DYtp7RBh/JTVOkDNrbnxj68c0T4XGIovSunPFAdhnL9HU7tTOHC3 -BJdPbgq7A/sTmoeMI5Idu/0pde8cgW7Upgn0HycTp6rfouaogIbTsyY08vVH67FN -fy5o1w+dkfidUhhuKhrE322AqaDVdPShrTBAJ0f9hY/5jWMw+QxUurWG/gVCbLp0 -uHjdw24FkpNBIypPwOmhdNeCyShG9lMg6ctMdhZTmQjCsTGsyYSomd4vG8gPepoc -uf6cKM5F4NKfm4C7ReIdoDy0ggbf5n+z26QeSFH7NPiqVCW/gZWCQL6LKzar81Ff -JLVdVnHN28H8DtqIHJzDG+xQMsXpQZt92Aamk70KRqBNMvsnCCmpU4amBdwvWwes -ungtPf17NVRpI7GVA5u3g0XO8gOFowZZ+b8FLYBNS1ueMTv7ex5KTstSUOh+4y06 -ueBbWWWUClMsL1sBq6f1PVVykvtTLkI5Zbc0k9duAOvEofV1wmtayy33uzuq6Q4J -opcrrzwsa+PRZb5bhXuBy8fZdgmnYVlCQfZKTnKelfk2Daf/4MtSOleQKzf9cn1d -dX31pQt/94Yduad1Ob4D+/L7m/1dvlIyjkDrBGk5IXMqb5jBELodezJsOAPjbTj/ -RRrg0pUJhn/AVlOU36p1GfZXNU1mjr70T52H/5VDRYiiaPuQvX4rvE68TvFfKAEJ -MS0xzwGHG8itp5z3KFKiUb3GFaksWAhEZt+77vvN6k9b2b2TkjaDxOerRqZoL4lw -QbhTaWQy+iocfFHVPPskVlQeVY1s//o6PN4tM1wVlgLCj/ZdKrOMTGTLn5OnTE/V -AN21dyIfy6um8qx76nf3j3bhRBOPl2RNXielsrL8f8z0wB8P0Q3hBU6WQi8AV0m8 -sLfRjfS1ZUUzuGnn9msywyGkor+681NjWirwkSJLIc7ZykHRdwVBsplwFiU7JH+a -t2F5A3J4JQhFQyVzML/RgHmmzEyEudnRwlFzycgWOQKCAgEAz3ZKdN5zjhDW0Eb7 -3+wxFPGmp8QV5+HXjPXxt8L/CRu3fiFG/J5m0/+ElzLG4R/GsDNbnZ4bSawsuZcI -CxaTfKNVKE2QNeJjZP96H6bFpgmOpKEM60MbKSEJsvheUG941Ak9KihHXQZv7KKh -XWprfwrA9HcMxwKHVEAoIGgnNVmXGd8OdJr80jdRuQawzK+QtoKSFr6mB212zK+n -KFyoSGl4spcaZzciIIfMc87Ig9ic62GnD4HSc+OnrvWvzIOA8LPLIR5zWBVWCqW3 -GDMSQ8xB20w3usT/dDgu0isRGeNebC+ZBMBHX/0wmwtQXk6RjsBY+mhF8GB6qXR7 -S5dn01KwGfVOclrN5HvSnFsxfzmqOqBAmHK1Tz609XxlOr9hch2hhNoXMZkk0HGZ -e3w3l/SXE+dseVT8GLBSQRdajAa7b01aTo8rS7gcDo9QWy+9l0lWfpEX3o4lK12l -EXj1L+mcF2yiOc+Xycih+0RJFsnEBGzB+B7JCfp3d9r9SDORPMqQDCX3u3Nk9RfV -b8Hc3UNK/cw9IKKCLcQQ8CXKmm0pA6OkYUWGNSaquLOzw3aC5Rpcx0UnG4a5YIPh -aMlxCWPuc2qxvnXCpxPqOx3KewM3MT3zA+5g5Y3yheWtl36XhmLlb5ETRx3HWIQ6 -8DqAJEPeL++vVOEXN1WB22ZFhhUCggIBAMG+iUZjZOvT3Ovm3kcUTAiDtcTvu0wd -xV7J/GASbN6Y+0LiQ84EeXz0hYdnny03mV3hASNalXG3/7mVRmp8tc5rd0D/wIQA -Yplabsqgt6bo07q28V25PyM0YQGD8Pt5clN6wCl6IDiC9SmPd+dwIdWCUfHvaL9d -aSP2NCsmWVbADrgF+85uFJsM+9fSTELYZuSggaWoGQ3415NRlYaE0nbJuOKm8c4g -6svRk1Weuf/Jr1thoCSu5bDbZAljPyVh5ZMWTXPC29wjqa6QJ/9iV69Jc7i/Hd7h -H2fFSEwW07H7rwZAOp0RR0o3W8KRua89BqbEBC9Qr+AScewwAn+gaAR5yIblTT4f -RURo0jGRQcy3a/leAf1HCgea1E9X9CmwyX0pIE3iSS0kzaUy1YngWwMP7++6ubQQ -hTN7K7AAjBgQ6QVo03f3r/SHzCUgajDp8OH5p+yK9PLOZCVlJ0lgEFlFCzAWhvry -mn4bR3yMZKYV+NanYHO4ELdXUorO92AEHbOvBL9kUNKVoBfuZzCd7uds+Ummg1tF -5+j01+t3/qMKITYE/d7tNNJem7u6W0h1gJlaP6vJlwR1HGp8gwDDk7dFqjmLrkt6 -4F0Miro3uH7/ZcAV9B2Eeq7WRdfbb+d8wKSCwyXDv2yKH7YconclyKZvTT9c7WRD -mzWBzzoJnHl/AoICACZ2MbuU+iteZ9TZNB0BduABJPp5We5RalrRxexhlFKl9tDF -bpmq7DllZ7l4SnK2J2nHO7bu9vQjnW8S1wTnPJSg20rLhm7W98JjsspnasEriGxx -ByoemMx5OYkajrGu2OHGjLZiHUjbxqhCRlRBRIia/8bSw2WpzFkMQ+QuKwazA1Zi -ihWIHlMCun3pBaIM8nFDp73bvoAmBR5RelX7R5+VHjFN3jFAgW0yf+8AaSA4am8g -/Y3cbZ3amN3Q4rSxtJfrXT9Ym926pub2bglofnxfQ95aNQLFPu7W86c3IMaB5qF7 -+Yxt8U2UbQxxfobdXhLvCg/ygPTdjiAYXjtXaII/FDLbzZ1ZxE4VvqgKKBUEJdEU -oKUirwZwA7B3TXUkwfYcFDPDEwW49KBIT0Ibd1sOl2uzPeMIpGwXVEiJAdpv7RPn -bVSfKlGxYlI4s5cUNLv1drmkQJ6cD7wIcm/Y0uv9DVkyZKj/GY7pSU6CDGLTKSoA -170eR/s3mip4SPi3xrdUfnwiFdmEvTTLJGDBuiazMRX4ZWTFfAjsDo/XEcarci0g -i3sVHpp//qqbdjpIoF/FEWpIIcXypi+Eg6efoPsysaRoJWfAAURkZspq7Xz8zaCt -cX5LFV+5fzrfp90sNP9PGmYiqUZH+QsqCJs83UDb7DdK4mCEEn/JtHducHk5AoIC -ACe+cmKiGR3XhEZQQeDK5R4KBsuzcfSXVtmvDbqXjQXM1B5QVCB7AoEDmDDCrQCV -mzyK37Tk7Cs715W2bY+Crbj+iqQm0tNBUPiseHXQqlvu/yAaT0EusykBobSx4El2 -DGHbmHfpuZpeIvS3nZ04f3hRF4ZN2msHOn5KD0GayFDnbR2K/LDIHCoCa9dGKKa9 -xb24v1/AMAORvIdYARhrPtFnaCn2nTvvvLq670JtITK7qOFSEYv05OF23/qdBWMh -xfp6ZMEOhBOQrUpGAC5/egVXSAnqCrKh89NRwRb6x8qHGsxpeJyn4rvyxzwOsMyl -9CtZopIiNzH8Fqqg3qJXwX7JjL0/ZK0NtSPnbNcGOT1JkzjAdCAE5qXQuSTdohS7 -U1n9icbwWJqOJjFxUCTMhV8Hcez3nQi3Ktv4tGmScyqsrWCStG6zvMCo6tPi5mXK -V8PDdxMrHjyA4kJZkcmXj0MAyt6+gEoSYmbkKbH/CtaXQ0ilZT/XznYNz7zx4AUu -Uvl9ObgZWAsa7pB6M2jhvRR0Yl8dbWzX1k8PiwuevfmsJkvykjGc720IQ2IrRHaE -xDCxNsaCwBwF+iJOEIGjnTXHcLgFU2fgeQ4deIfizlIfCjxxRHaZqqEbC5DQTxBp -owscV/PzR914KDEvhpRyh8q8olgRNBGRXNGJI32AYzz5AoICAGoE6Xr7ajsFPUJA -40S9svqoD8aZskoqBTGlSfWJq9+Z7CbluIrnLqHvo6maukG0KwfdbcG3AHICL2rF -Ekf4j0m0Fqy2C9DktvP5sG6Qjr4S+j666gWRW5Y2ggnzX/Ad5QQnfIT4/y8l8abV -ATTskLkw4ROPgvAsQHxXphPFIeEzAeJZB3DwSfTKwJYQbg33FpVvblLVMQUFflER -A5VNvQjMW7wr2nnQjDkMKi8S5cUY+pog8i3eHyyjplJoBDOm44Ls3jTj5X4QAA0m -H7IqLhfxHFJVvlke4jrUoUdoU08fHX03BhDkx3e/MuWGCQKfkFt2y7GKhDT7uoA/ -5azHdHaBnrbgXEHrOaPdP6gI78PzzgoXTh0NNc1esYyXAeNYIbjFl5QIg1Y0tj/m -i6N9S1pG0Km5A5QeysAok0jV2Z+uZNHU9SJbxaMn9biddku4k4R7+l0wOK0rwc+l -C5MwaLEq6ThoUKPvWgu43Mkx4LD4DOVgZgyVrXooJBLCUrF7lfPt83F/M2fdA29z -YAyzlFJR7DcMZlyABkLFgHf1/qn7+3BGu6JTUrIkyO+lTTJIpFWxK2kt2XDMpaPC -DBUVjB7kj4EjHmhdzM3CyZxTL96IrIWKhnvfJi6wJG1a3EvLdLzeNF+yLiqma4TZ -VMG44x78shJfH0z4C+wwpYb3ESR8 ------END PRIVATE KEY----- diff --git a/installer/etc/rc.local b/installer/etc/rc.local index 58bf9e54..301a8abb 100755 --- a/installer/etc/rc.local +++ b/installer/etc/rc.local @@ -2,8 +2,10 @@ # Let's add the first local ip to the /etc/issue and external ip to ews.ip file source /etc/environment myLOCALIP=$(hostname -I | awk '{ print $1 }') -myEXTIP=$(curl myexternalip.com/raw) -sed -i "s#IP:.*#IP: $myLOCALIP, $myEXTIP#" /etc/issue +myEXTIP=$(curl -s myexternalip.com/raw) +sed -i "s#IP:.*#IP: $myLOCALIP ($myEXTIP)#" /etc/issue +sed -i "s#SSH:.*#SSH: ssh -l tsec -p 64295 $myLOCALIP#" /etc/issue +sed -i "s#WEB:.*#WEB: https://$myLOCALIP:64297#" /etc/issue tee /data/ews/conf/ews.ip << EOF [MAIN] ip = $myEXTIP diff --git a/installer/home/2fa_enable.sh b/installer/home/2fa_enable.sh deleted file mode 100755 index 8ee97d8b..00000000 --- a/installer/home/2fa_enable.sh +++ /dev/null @@ -1,43 +0,0 @@ -#!/bin/bash - -######################################################## -# T-Pot # -# Two-Factor-Authentication and SSH enable script # -# # -# v16.10.0 by mo, DTAG, 2016-05-12 # -######################################################## -myBACKTITLE="T-Pot - Two-Factor-Authentication and SSH enable script" - -# Let's ask if the user wants to enable two-factor ... -dialog --backtitle "$myBACKTITLE" --title "[ Enable 2FA? ]" --yesno "\nDo you want to enable Two-Factor-Authentication based on Google Authenticator for SSH?" 8 70 -my2FA=$? - -# Let's ask if the user wants to enable ssh ... -dialog --backtitle "$myBACKTITLE" --title "[ Enable SSH? ]" --yesno "\nDo you want to enable the SSH service?" 8 70 -mySSH=$? - -# Enable 2FA -if [ "$my2FA" = "0" ] && ! [ -f /etc/pam.d/sshd.bak ]; - then - clear - sudo sed -i.bak '\# PAM#aauth required pam_google_authenticator.so' /etc/pam.d/sshd - sudo sed -i.bak 's#ChallengeResponseAuthentication no#ChallengeResponseAuthentication yes#' /etc/ssh/sshd_config - google-authenticator -t -d -f -r 3 -R 30 -w 21 - echo "2FA enabled. Please press return to continue ..." - read - elif [ -f /etc/pam.d/sshd.bak ] - then - dialog --backtitle "$myBACKTITLE" --title "[ Already enabled ]" --msgbox "\nIt seems that Two-Factor-Authentication has already been enabled. Please run 'google-authenticator -t -d -f -r 3 -R 30 -w 21' if you want to rewrite your token." 8 70 -fi - -# Enable SSH -if [ "$mySSH" = "0" ] && [ "$(systemctl status ssh | grep -o dead)" = "dead" ]; - then - clear - sudo systemctl enable ssh - sudo systemctl start ssh - dialog --backtitle "$myBACKTITLE" --title "[ SSH enabled ]" --msgbox "\nThe SSH service has been enabled and is now reachable via port tcp/64295. Password authentication is disabled by default." 8 70 - elif [ "$(systemctl status ssh | grep -o dead)" = "" ] - then - dialog --backtitle "$myBACKTITLE" --title "[ Already enabled ]" --msgbox "\nIt seems that SSH has already been enabled." 8 70 -fi diff --git a/installer/install.sh b/installer/install.sh index 917b1343..4a9ca7ac 100755 --- a/installer/install.sh +++ b/installer/install.sh @@ -47,29 +47,6 @@ exec > >(tee "install.log") fuECHO "### Removing link to NGINX default website." rm /etc/nginx/sites-enabled/default -# Let's ask user for web password -fuECHO "### Please enter a web user name and password." -myOK="n" -myUSER="tsec" -while [ "$myOK" != "y" ] - do - while [ "$myUSER" = "tsec" ] - do - echo -n "Username (tsec not allowed): " - read myUSER - echo "Your username is: "$myUSER - done - echo -n "OK (y/n)? " - read myOK -done -htpasswd -c /etc/nginx/nginxpasswd $myUSER - -# Let's generate a SSL certificate -fuECHO "### Generating a self-signed-certificate for NGINX." -fuECHO "### If you are unsure you can use the default values." -mkdir -p /etc/nginx/ssl -openssl req -nodes -x509 -sha512 -newkey rsa:8192 -keyout "/etc/nginx/ssl/nginx.key" -out "/etc/nginx/ssl/nginx.crt" -days 3650 - # Let's setup the proxy for env if [ -f $myPROXYFILEPATH ]; then fuECHO "### Setting up the proxy." @@ -203,25 +180,25 @@ npm install git://github.com/t3chn0m4g3/wetty -g # Let's install docker #fuECHO "### Installing docker-engine." -#wget -qO- https://test.docker.com/ | sh +#wget -qO- https://get.docker.com/ | sh # Let's add the docker repository -#fuECHO "### Adding the docker repository." -#apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D -#tee /etc/apt/sources.list.d/docker.list < /dev/tty2 +#*/2 * * * * root status.sh > /dev/tty2 # Check if containers and services are up */5 * * * * root check.sh @@ -362,15 +339,13 @@ mkdir -p /data/conpot/log \ /data/glastopf /data/honeytrap/log/ /data/honeytrap/attacks/ /data/honeytrap/downloads/ \ /data/emobility/log \ /data/ews/log /data/ews/conf /data/ews/dionaea /data/ews/emobility \ - /data/suricata/log /home/tsec/.ssh/ + /data/suricata/log /home/tsec/.ssh/ # Let's take care of some files and permissions before copying chmod 500 /root/tpot/bin/* chmod 600 /root/tpot/data/* chmod 644 /root/tpot/etc/issue chmod 755 /root/tpot/etc/rc.local -chmod 700 /root/tpot/home/* -chown tsec:tsec /root/tpot/home/* chmod 644 /root/tpot/data/systemd/* # Let's copy some files @@ -379,10 +354,9 @@ cp /root/tpot/data/elkbase.tgz /data/ cp -R /root/tpot/bin/* /usr/bin/ cp -R /root/tpot/data/* /data/ cp /root/tpot/data/systemd/* /etc/systemd/system/ -cp -R /root/tpot/etc/issue /etc/ -cp /root/tpot/etc/nginx/ssl/* /etc/nginx/ssl/ +cp /root/tpot/etc/issue /etc/ +cp -R /root/tpot/etc/nginx/ssl /etc/nginx/ cp /root/tpot/etc/nginx/tpotweb.conf /etc/nginx/sites-available/ -cp -R /root/tpot/home/* /home/tsec/ cp /root/tpot/keys/authorized_keys /home/tsec/.ssh/authorized_keys cp /root/tpot/usr/share/nginx/html/* /usr/share/nginx/html/ for i in $(cat /data/images.conf); @@ -391,7 +365,7 @@ for i in $(cat /data/images.conf); done systemctl enable wetty -# Let's enable T-Pot website +# Let's enable T-Pot website fuECHO "### Enabling T-Pot website." ln -s /etc/nginx/sites-available/tpotweb.conf /etc/nginx/sites-enabled/tpotweb.conf @@ -399,7 +373,7 @@ ln -s /etc/nginx/sites-available/tpotweb.conf /etc/nginx/sites-enabled/tpotweb.c chmod 760 -R /data chown tpot:tpot -R /data chmod 600 /home/tsec/.ssh/authorized_keys -chown tsec:tsec /home/tsec/*.sh /home/tsec/.ssh /home/tsec/.ssh/authorized_keys +chown tsec:tsec /home/tsec/.ssh /home/tsec/.ssh/authorized_keys # Let's replace "quiet splash" options, set a console font for more screen canvas and update grub sed -i 's#GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"#GRUB_CMDLINE_LINUX_DEFAULT="consoleblank=0"#' /etc/default/grub @@ -421,15 +395,50 @@ sed -i 's#\#force_color_prompt=yes#force_color_prompt=yes#' /home/tsec/.bashrc sed -i 's#\#force_color_prompt=yes#force_color_prompt=yes#' /root/.bashrc # Let's create ews.ip before reboot and prevent race condition for first start +source /etc/environment myLOCALIP=$(hostname -I | awk '{ print $1 }') -myEXTIP=$(curl myexternalip.com/raw) -sed -i "s#IP:.*#IP: $myLOCALIP, $myEXTIP#" /etc/issue +myEXTIP=$(curl -s myexternalip.com/raw) +sed -i "s#IP:.*#IP: $myLOCALIP ($myEXTIP)#" /etc/issue +sed -i "s#SSH:.*#SSH: ssh -l tsec -p 64295 $myLOCALIP#" /etc/issue +sed -i "s#WEB:.*#WEB: https://$myLOCALIP:64297#" /etc/issue tee /data/ews/conf/ews.ip << EOF [MAIN] ip = $myEXTIP EOF +echo $myLOCALIP > /data/elk/logstash/mylocal.ip chown tpot:tpot /data/ews/conf/ews.ip +# Let's ask user for web password +fuECHO "### Please enter a web user name and password." +myOK="n" +myUSER="tsec" +while [ 1 != 2 ] + do + read -p "Username (tsec not allowed): " myUSER + echo "Your username is: "$myUSER + read -p "OK (y/n)? " myOK + if [ "$myOK" = "y" ] && [ "$myUSER" != "tsec" ]; + then + break + fi + done +myPASS1="pass1" +myPASS2="pass2" +while [ "$myPASS1" != "$myPASS2" ] + do + read -s -p "Password: " myPASS1 + echo + read -s -p "Repeat password: " myPASS2 + echo + done +htpasswd -b -c /etc/nginx/nginxpasswd $myUSER $myPASS1 + +# Let's generate a SSL certificate +fuECHO "### Generating a self-signed-certificate for NGINX." +fuECHO "### If you are unsure you can use the default values." +mkdir -p /etc/nginx/ssl +openssl req -nodes -x509 -sha512 -newkey rsa:8192 -keyout "/etc/nginx/ssl/nginx.key" -out "/etc/nginx/ssl/nginx.crt" -days 3650 + # Final steps fuECHO "### Thanks for your patience. Now rebooting." #mv /root/tpot/etc/rc.local /etc/rc.local && rm -rf /root/tpot/ && chage -d 0 tsec && sleep 2 && reboot diff --git a/preseed/tpot.seed b/preseed/tpot.seed index 8080fd05..c2e4ecdf 100755 --- a/preseed/tpot.seed +++ b/preseed/tpot.seed @@ -100,7 +100,7 @@ tasksel tasksel/first multiselect ubuntu-server ######################## ### Package Installation ######################## -d-i pkgsel/include string apache2-utils apparmor apt-transport-https aufs-tools bash-completion build-essential ca-certificates cgroupfs-mount curl dialog docker.io dstat ethtool genisoimage git html2text htop iptables iw libpam-google-authenticator libltdl7 lm-sensors nginx-extras nodejs npm ntp openssh-server openssl syslinux psmisc pv python-pip vim wireless-tools wpasupplicant +d-i pkgsel/include string apache2-utils apparmor apt-transport-https aufs-tools bash-completion build-essential ca-certificates cgroupfs-mount curl dialog dstat ethtool genisoimage git html2text htop iptables iw libltdl7 lm-sensors man nginx-extras nodejs npm ntp openssh-server openssl syslinux psmisc pv python-pip vim wireless-tools wpasupplicant ################# ### Update Policy