mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-07-01 20:42:11 +00:00
Web based access
It is now possible to access T-Pot web based and without a SSH tunnel
This commit is contained in:
Marco Ochse
parent
5200af3ccf
commit
f038173920
9 changed files with 89 additions and 267 deletions
|
|
@ -19,20 +19,23 @@ touch /var/run/check.lock
|
|||
myUPTIME=$(awk '{print int($1/60)}' /proc/uptime)
|
||||
for i in $myIMAGES
|
||||
do
|
||||
myCIDSTATUS=$(docker exec $i supervisorctl status)
|
||||
if [ $? -ne 0 ];
|
||||
then
|
||||
myCIDSTATUS=1
|
||||
else
|
||||
myCIDSTATUS=$(echo $myCIDSTATUS | egrep -c "(STOPPED|FATAL)")
|
||||
fi
|
||||
if [ $myUPTIME -gt 4 ] && [ $myCIDSTATUS -gt 0 ];
|
||||
then
|
||||
echo "Restarting "$i"."
|
||||
systemctl stop $i
|
||||
sleep 5
|
||||
systemctl start $i
|
||||
fi
|
||||
if [ "$i" != "ui-for-docker" ] && [ "$i" != "netdata" ];
|
||||
then
|
||||
myCIDSTATUS=$(docker exec $i supervisorctl status)
|
||||
if [ $? -ne 0 ];
|
||||
then
|
||||
myCIDSTATUS=1
|
||||
else
|
||||
myCIDSTATUS=$(echo $myCIDSTATUS | egrep -c "(STOPPED|FATAL)")
|
||||
fi
|
||||
if [ $myUPTIME -gt 4 ] && [ $myCIDSTATUS -gt 0 ];
|
||||
then
|
||||
echo "Restarting "$i"."
|
||||
systemctl stop $i
|
||||
sleep 5
|
||||
systemctl start $i
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
rm /var/run/check.lock
|
||||
|
|
|
|||
|
|
@ -42,7 +42,10 @@ echo CPU temp: $(sensors | grep "Physical" | awk '{ print $4 }')
|
|||
echo
|
||||
for i in $myIMAGES
|
||||
do
|
||||
echo "======| Container:" $i "|======"
|
||||
docker exec $i supervisorctl status | GREP_COLORS='mt=01;32' egrep --color=always "(RUNNING)|$" | GREP_COLORS='mt=01;31' egrep --color=always "(STOPPED|FATAL)|$"
|
||||
echo
|
||||
if [ "$i" != "ui-for-docker" ] && [ "$i" != "netdata" ];
|
||||
then
|
||||
echo "======| Container:" $i "|======"
|
||||
docker exec $i supervisorctl status | GREP_COLORS='mt=01;32' egrep --color=always "(RUNNING)|$" | GREP_COLORS='mt=01;31' egrep --color=always "(STOPPED|FATAL)|$"
|
||||
echo
|
||||
fi
|
||||
done
|
||||
|
|
|
|||
|
|
@ -1,7 +1,5 @@
|
|||
T-Pot 16.10 (development)
|
||||
Hostname: \n
|
||||
IP:
|
||||
|
||||
|
||||
___________ _____________________________
|
||||
\\__ ___/ \\______ \\_____ \\__ ___/
|
||||
|
|
@ -10,6 +8,9 @@ ___________ _____________________________
|
|||
|____| |____| \\_______ /____|
|
||||
\\/
|
||||
|
||||
IP:
|
||||
SSH:
|
||||
WEB:
|
||||
|
||||
|
||||
|
||||
CTRL+ALT+F2 - Display current container status
|
||||
CTRL+ALT+F1 - Return to this screen
|
||||
|
|
|
|||
|
|
@ -1,53 +0,0 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIJXTCCBUWgAwIBAgIJANU7jQr6/QTdMA0GCSqGSIb3DQEBDQUAMEUxCzAJBgNV
|
||||
BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
|
||||
aWRnaXRzIFB0eSBMdGQwHhcNMTYwODAxMTMwMjEzWhcNMjYwNzMwMTMwMjEzWjBF
|
||||
MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
|
||||
ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIEIjANBgkqhkiG9w0BAQEFAAOCBA8AMIIE
|
||||
CgKCBAEAnQKXLLcvpvxcoV/vZYbMxBSo8dyZKkUVJhMqWqpAi9+kkuk0bIWGD0Bj
|
||||
9NEExNqdtKZ2+ZmrBWo1a5SSCrfum+jW+JrQxYQubeiEbCij6687sOwuM17EDUJn
|
||||
xaF7c6ZQx+ofRGtUsIE79ycIH6amZNwBFd+Cw70HnPH28w51D65KSIQqEcb1peAC
|
||||
V7eZQo8bwQ1vajRp+XF6CA3TeGA5707v+ij0AMl8xWk1q8IMel5e2USvnIF27mH+
|
||||
Pc35qNJj4PzZ3yM2hOl4/zO9/3fHoQKp+WvBDYDK5R+3QeVbSBiTu/zpFtlAjCVo
|
||||
reMWFPG5gxE2QlYl4YM2gbv2jN/trQpySgoY+cQiwSyd353mdJV4UXAY8ukE2NiN
|
||||
dxrRpqIbBLU8G3uy/wKKIcrbBBtXYMmaGAK73fQRX06Lea0m15y9DcvEnxqsH5CZ
|
||||
qK3qRE9o4HzGdStivq0WUK/fuToeAzH4mEAryiDfsk/VXSTmhKlacCRddawdwaGk
|
||||
ivuqViuKJ8S3x/idyy4K2yGHU1U4ihDUT+cwF/JUOMJ/hdoiODbloN92eB7gpHVp
|
||||
kn7+2bBC3BEHZtD+mQVnasztYBPyQsfIce/pDQFeI+YvRjF68f6EeJoHXFj3vx84
|
||||
bONCgDcRQzfrUujJlfoC4vd9iKogk+RXpb4BKOrNIvNsEP22P/Dxw32nH9sUy29u
|
||||
j/0weTLVUlpMvWFLzXc0fVGY1WmXAezaCG4f87baWZEePykgZPW+rel4Rn5q5YxD
|
||||
nI76nbJrMpIBqSjTuWX+JH5vn3mNMrItF6manH6KqIEdBEPWGC5AlE1PuLoK4ort
|
||||
NB1KoHG46pFOikl7hyiXSs2rWTXmaBRTFHqG5f4K1HP9i3XnMBHWdouNZ39lnLls
|
||||
rxStSKsfNY8bRnPzBGb4PAzjZ53LbrScJcjHxI+jfde1CwSZIdVB6bwlbJo5HXUl
|
||||
WvoGYjDKbCyFKHPLtR+8Jcb47uPvw2AQuInGamOpqGzI1y2XEM6LOU5+BNd3nQiO
|
||||
l6o+e2qMpSPJYf/lECYiTCvvKbkbyHTw9SLQ6RmInNgGyolSSnTqQTTxELRqazIj
|
||||
6iiz969NfwEs+nx43kCfLqo7g+86WoHdTqjFVBi2JpDNjy5quwTg2AxPqfm1gg8/
|
||||
p2cB8to1Gej7iUgAjifN7lcWJmgCdw2uEL77InF+Zaw2UqYhrhsPy5IM3X61ly+e
|
||||
xiZTzgWB9YbH21N8MgHGAMNd9PLdZ6eZswTQpsT1UdoBMS6RhpWy/c6cKAX0W9cA
|
||||
vfBSWPHLAU56qzpKuTwbQenIQEshH2/N6x2as30bgoQ2vo2uCDbgx9J769AJglmY
|
||||
dUiuvYZv7u/21I0VzEEC1z8FCqlxawIDAQABo1AwTjAdBgNVHQ4EFgQUf0gNHQde
|
||||
p6OqfSRj1qqSIjujVG4wHwYDVR0jBBgwFoAUf0gNHQdep6OqfSRj1qqSIjujVG4w
|
||||
DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOCBAEAkqa41Fy6m1CkocVuaGrn
|
||||
r1l2nLtPiTZjVohZ2liVpfH09Jk0xKm+FBsbUK5wbS10kIPKmtvLq60JCTb8QjK8
|
||||
K43AMWiUPVl93YcEJO6ZC2FU8TKJYwHPQ7VpjsKS2kW63fGZ3J812cByCbWF70FE
|
||||
Wp/aHRd7ECDAarvDUN+/GZs6UoMl0teJt2CSAmHq2UbzlxJl6eXv7BePBzPd9qrv
|
||||
gqGuWnOq57voltyFNfwZGtJn3o2CQoFrPE1dlHJX+upL9oDTC7n+6LhPbxjLZo2C
|
||||
M66/qqjfR1F6zLhplE+5N+J1EZ1yRF5izkMkXwyAJEeSNO+n33dzfXItPU4qmJ0J
|
||||
Hqo1ME+3pO9cPI6eSMH7Rk7qR7Dr6UIpdoGRNX8dTDN5yGzopP5aI7AaTH1zd7CR
|
||||
czmX8QQbKh5NClXhQMa56JI3wAJgfG4dv6jmQT+5PA8+SSR+ccdmbWvDnZ9MWX/W
|
||||
LpNajalzvN6+x1d3MSAABqO0u014kywKu1cCLgcBzdKBEcGOA2au3vfBdyiBauRV
|
||||
E2OB6yLoSqUDNNDw//tr5Eih4gJZqnknzKj8UD+Sv84ExOJsX04apVz62Rba9dRj
|
||||
CU6Ni2h8fnPBK/ws3Yx7ob30UozofZTJaxWeBxqZ/2nBkRcsLR+2AkdIybMSrttj
|
||||
NbR/+1h67c74TLivkFU+cy+KXF0KgdfVwfUZYVlleaQA12dIp/7+Ivhxo/jyaw6W
|
||||
s9A8ctaGtUtp3+UZeNBOSN3bTIrcgPxDTnuzKbS8K8ABQUzbyHCIuKyhxbkPR5y8
|
||||
YwIfheSmHbBYhK2fG0AWPUpTLUMQg2IR9+CPEi6GZXRcbPkRL7AjJMLSqbecJlpT
|
||||
LQ+xltU/D4my/WTjonsY2b4xvEEiYhF9OT8+L4z0UUo66HGCJnuGFdJEdJdK2RDr
|
||||
ABnP1NOenAp5M7+8cf79jLop6fIbP3/kWQoWvPYBW/WkIHF0Fefmw+FgyI/7N9uJ
|
||||
CXTOps2YiDeMyk+kdykJOaWcKZSrs9FZGk1bOx2/HaPfbaZdI+hYdfKxedK/4L9D
|
||||
YZIdU7jWtORRdBM9b45ZluPdeYsD169AgfRD3ltvKEwebWdjJFERzDc+uk2sHdPL
|
||||
ojiPxLmewa4OLMQFgo2pL2jwJPybWF/n4UW0MaPIPLfTkCSmay8V3tq4EdGjXJYj
|
||||
8K8jOn1VjPeDL14FHs48T1pSElgxpFanAQkVEIpPfaRCWSXRJykG9YcuBWfLWzbs
|
||||
QOWwweGaC4w8fY9k8Ev08tn5FLe9YPFFBVO++gzd5JzoQTMDwORrSzUu+D23QZER
|
||||
TMkwIess0COsq+7+QeZZISiYnsq8dV3OfpiAp5XAQTCbln1fVeJNWwzxBegvw118
|
||||
8g==
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -1,100 +0,0 @@
|
|||
-----BEGIN PRIVATE KEY-----
|
||||
MIISQQIBADANBgkqhkiG9w0BAQEFAASCEiswghInAgEAAoIEAQCdApcsty+m/Fyh
|
||||
X+9lhszEFKjx3JkqRRUmEypaqkCL36SS6TRshYYPQGP00QTE2p20pnb5masFajVr
|
||||
lJIKt+6b6Nb4mtDFhC5t6IRsKKPrrzuw7C4zXsQNQmfFoXtzplDH6h9Ea1SwgTv3
|
||||
JwgfpqZk3AEV34LDvQec8fbzDnUPrkpIhCoRxvWl4AJXt5lCjxvBDW9qNGn5cXoI
|
||||
DdN4YDnvTu/6KPQAyXzFaTWrwgx6Xl7ZRK+cgXbuYf49zfmo0mPg/NnfIzaE6Xj/
|
||||
M73/d8ehAqn5a8ENgMrlH7dB5VtIGJO7/OkW2UCMJWit4xYU8bmDETZCViXhgzaB
|
||||
u/aM3+2tCnJKChj5xCLBLJ3fneZ0lXhRcBjy6QTY2I13GtGmohsEtTwbe7L/Aooh
|
||||
ytsEG1dgyZoYArvd9BFfTot5rSbXnL0Ny8SfGqwfkJmorepET2jgfMZ1K2K+rRZQ
|
||||
r9+5Oh4DMfiYQCvKIN+yT9VdJOaEqVpwJF11rB3BoaSK+6pWK4onxLfH+J3LLgrb
|
||||
IYdTVTiKENRP5zAX8lQ4wn+F2iI4NuWg33Z4HuCkdWmSfv7ZsELcEQdm0P6ZBWdq
|
||||
zO1gE/JCx8hx7+kNAV4j5i9GMXrx/oR4mgdcWPe/Hzhs40KANxFDN+tS6MmV+gLi
|
||||
932IqiCT5FelvgEo6s0i82wQ/bY/8PHDfacf2xTLb26P/TB5MtVSWky9YUvNdzR9
|
||||
UZjVaZcB7NoIbh/zttpZkR4/KSBk9b6t6XhGfmrljEOcjvqdsmsykgGpKNO5Zf4k
|
||||
fm+feY0ysi0XqZqcfoqogR0EQ9YYLkCUTU+4ugriiu00HUqgcbjqkU6KSXuHKJdK
|
||||
zatZNeZoFFMUeobl/grUc/2LdecwEdZ2i41nf2WcuWyvFK1Iqx81jxtGc/MEZvg8
|
||||
DONnnctutJwlyMfEj6N917ULBJkh1UHpvCVsmjkddSVa+gZiMMpsLIUoc8u1H7wl
|
||||
xvju4+/DYBC4icZqY6mobMjXLZcQzos5Tn4E13edCI6Xqj57aoylI8lh/+UQJiJM
|
||||
K+8puRvIdPD1ItDpGYic2AbKiVJKdOpBNPEQtGprMiPqKLP3r01/ASz6fHjeQJ8u
|
||||
qjuD7zpagd1OqMVUGLYmkM2PLmq7BODYDE+p+bWCDz+nZwHy2jUZ6PuJSACOJ83u
|
||||
VxYmaAJ3Da4QvvsicX5lrDZSpiGuGw/LkgzdfrWXL57GJlPOBYH1hsfbU3wyAcYA
|
||||
w1308t1np5mzBNCmxPVR2gExLpGGlbL9zpwoBfRb1wC98FJY8csBTnqrOkq5PBtB
|
||||
6chASyEfb83rHZqzfRuChDa+ja4INuDH0nvr0AmCWZh1SK69hm/u7/bUjRXMQQLX
|
||||
PwUKqXFrAgMBAAECggQAXcWfTih2AFA2bnbifotcnjsMj67Fl1Y9BElsAUwvUpqW
|
||||
Ktu24J16bH9zc1Kme39psuu8oOPjHU/Kad8IvfgOPPV59m5YA68nH6M/+2zmQaud
|
||||
hdP439tYUeb4HTONjIunMU6lr/I+WVBF5R1dn7GjLResWkjsS0UJV/W3HIDk7yGT
|
||||
4e11RrrCGXhJTeQsV3ErDUid4xs8s6rPTCIdy4YE8+T8NDbjS9kKeMiWMmeplifo
|
||||
k/COxXUY99R0yKrM0cQdvNCmurrII+dgyWI4tmvuQT5bD8kIOq1SADfJ9kQqGUv8
|
||||
Z8jr2SaVg14QP9IhbQ7VUe8krcfPxfjcw+zjmk1fIPrdOVUAh6NZcm/YNiaS7cwb
|
||||
WOAPNnxu1ae4DYtp7RBh/JTVOkDNrbnxj68c0T4XGIovSunPFAdhnL9HU7tTOHC3
|
||||
BJdPbgq7A/sTmoeMI5Idu/0pde8cgW7Upgn0HycTp6rfouaogIbTsyY08vVH67FN
|
||||
fy5o1w+dkfidUhhuKhrE322AqaDVdPShrTBAJ0f9hY/5jWMw+QxUurWG/gVCbLp0
|
||||
uHjdw24FkpNBIypPwOmhdNeCyShG9lMg6ctMdhZTmQjCsTGsyYSomd4vG8gPepoc
|
||||
uf6cKM5F4NKfm4C7ReIdoDy0ggbf5n+z26QeSFH7NPiqVCW/gZWCQL6LKzar81Ff
|
||||
JLVdVnHN28H8DtqIHJzDG+xQMsXpQZt92Aamk70KRqBNMvsnCCmpU4amBdwvWwes
|
||||
ungtPf17NVRpI7GVA5u3g0XO8gOFowZZ+b8FLYBNS1ueMTv7ex5KTstSUOh+4y06
|
||||
ueBbWWWUClMsL1sBq6f1PVVykvtTLkI5Zbc0k9duAOvEofV1wmtayy33uzuq6Q4J
|
||||
opcrrzwsa+PRZb5bhXuBy8fZdgmnYVlCQfZKTnKelfk2Daf/4MtSOleQKzf9cn1d
|
||||
dX31pQt/94Yduad1Ob4D+/L7m/1dvlIyjkDrBGk5IXMqb5jBELodezJsOAPjbTj/
|
||||
RRrg0pUJhn/AVlOU36p1GfZXNU1mjr70T52H/5VDRYiiaPuQvX4rvE68TvFfKAEJ
|
||||
MS0xzwGHG8itp5z3KFKiUb3GFaksWAhEZt+77vvN6k9b2b2TkjaDxOerRqZoL4lw
|
||||
QbhTaWQy+iocfFHVPPskVlQeVY1s//o6PN4tM1wVlgLCj/ZdKrOMTGTLn5OnTE/V
|
||||
AN21dyIfy6um8qx76nf3j3bhRBOPl2RNXielsrL8f8z0wB8P0Q3hBU6WQi8AV0m8
|
||||
sLfRjfS1ZUUzuGnn9msywyGkor+681NjWirwkSJLIc7ZykHRdwVBsplwFiU7JH+a
|
||||
t2F5A3J4JQhFQyVzML/RgHmmzEyEudnRwlFzycgWOQKCAgEAz3ZKdN5zjhDW0Eb7
|
||||
3+wxFPGmp8QV5+HXjPXxt8L/CRu3fiFG/J5m0/+ElzLG4R/GsDNbnZ4bSawsuZcI
|
||||
CxaTfKNVKE2QNeJjZP96H6bFpgmOpKEM60MbKSEJsvheUG941Ak9KihHXQZv7KKh
|
||||
XWprfwrA9HcMxwKHVEAoIGgnNVmXGd8OdJr80jdRuQawzK+QtoKSFr6mB212zK+n
|
||||
KFyoSGl4spcaZzciIIfMc87Ig9ic62GnD4HSc+OnrvWvzIOA8LPLIR5zWBVWCqW3
|
||||
GDMSQ8xB20w3usT/dDgu0isRGeNebC+ZBMBHX/0wmwtQXk6RjsBY+mhF8GB6qXR7
|
||||
S5dn01KwGfVOclrN5HvSnFsxfzmqOqBAmHK1Tz609XxlOr9hch2hhNoXMZkk0HGZ
|
||||
e3w3l/SXE+dseVT8GLBSQRdajAa7b01aTo8rS7gcDo9QWy+9l0lWfpEX3o4lK12l
|
||||
EXj1L+mcF2yiOc+Xycih+0RJFsnEBGzB+B7JCfp3d9r9SDORPMqQDCX3u3Nk9RfV
|
||||
b8Hc3UNK/cw9IKKCLcQQ8CXKmm0pA6OkYUWGNSaquLOzw3aC5Rpcx0UnG4a5YIPh
|
||||
aMlxCWPuc2qxvnXCpxPqOx3KewM3MT3zA+5g5Y3yheWtl36XhmLlb5ETRx3HWIQ6
|
||||
8DqAJEPeL++vVOEXN1WB22ZFhhUCggIBAMG+iUZjZOvT3Ovm3kcUTAiDtcTvu0wd
|
||||
xV7J/GASbN6Y+0LiQ84EeXz0hYdnny03mV3hASNalXG3/7mVRmp8tc5rd0D/wIQA
|
||||
Yplabsqgt6bo07q28V25PyM0YQGD8Pt5clN6wCl6IDiC9SmPd+dwIdWCUfHvaL9d
|
||||
aSP2NCsmWVbADrgF+85uFJsM+9fSTELYZuSggaWoGQ3415NRlYaE0nbJuOKm8c4g
|
||||
6svRk1Weuf/Jr1thoCSu5bDbZAljPyVh5ZMWTXPC29wjqa6QJ/9iV69Jc7i/Hd7h
|
||||
H2fFSEwW07H7rwZAOp0RR0o3W8KRua89BqbEBC9Qr+AScewwAn+gaAR5yIblTT4f
|
||||
RURo0jGRQcy3a/leAf1HCgea1E9X9CmwyX0pIE3iSS0kzaUy1YngWwMP7++6ubQQ
|
||||
hTN7K7AAjBgQ6QVo03f3r/SHzCUgajDp8OH5p+yK9PLOZCVlJ0lgEFlFCzAWhvry
|
||||
mn4bR3yMZKYV+NanYHO4ELdXUorO92AEHbOvBL9kUNKVoBfuZzCd7uds+Ummg1tF
|
||||
5+j01+t3/qMKITYE/d7tNNJem7u6W0h1gJlaP6vJlwR1HGp8gwDDk7dFqjmLrkt6
|
||||
4F0Miro3uH7/ZcAV9B2Eeq7WRdfbb+d8wKSCwyXDv2yKH7YconclyKZvTT9c7WRD
|
||||
mzWBzzoJnHl/AoICACZ2MbuU+iteZ9TZNB0BduABJPp5We5RalrRxexhlFKl9tDF
|
||||
bpmq7DllZ7l4SnK2J2nHO7bu9vQjnW8S1wTnPJSg20rLhm7W98JjsspnasEriGxx
|
||||
ByoemMx5OYkajrGu2OHGjLZiHUjbxqhCRlRBRIia/8bSw2WpzFkMQ+QuKwazA1Zi
|
||||
ihWIHlMCun3pBaIM8nFDp73bvoAmBR5RelX7R5+VHjFN3jFAgW0yf+8AaSA4am8g
|
||||
/Y3cbZ3amN3Q4rSxtJfrXT9Ym926pub2bglofnxfQ95aNQLFPu7W86c3IMaB5qF7
|
||||
+Yxt8U2UbQxxfobdXhLvCg/ygPTdjiAYXjtXaII/FDLbzZ1ZxE4VvqgKKBUEJdEU
|
||||
oKUirwZwA7B3TXUkwfYcFDPDEwW49KBIT0Ibd1sOl2uzPeMIpGwXVEiJAdpv7RPn
|
||||
bVSfKlGxYlI4s5cUNLv1drmkQJ6cD7wIcm/Y0uv9DVkyZKj/GY7pSU6CDGLTKSoA
|
||||
170eR/s3mip4SPi3xrdUfnwiFdmEvTTLJGDBuiazMRX4ZWTFfAjsDo/XEcarci0g
|
||||
i3sVHpp//qqbdjpIoF/FEWpIIcXypi+Eg6efoPsysaRoJWfAAURkZspq7Xz8zaCt
|
||||
cX5LFV+5fzrfp90sNP9PGmYiqUZH+QsqCJs83UDb7DdK4mCEEn/JtHducHk5AoIC
|
||||
ACe+cmKiGR3XhEZQQeDK5R4KBsuzcfSXVtmvDbqXjQXM1B5QVCB7AoEDmDDCrQCV
|
||||
mzyK37Tk7Cs715W2bY+Crbj+iqQm0tNBUPiseHXQqlvu/yAaT0EusykBobSx4El2
|
||||
DGHbmHfpuZpeIvS3nZ04f3hRF4ZN2msHOn5KD0GayFDnbR2K/LDIHCoCa9dGKKa9
|
||||
xb24v1/AMAORvIdYARhrPtFnaCn2nTvvvLq670JtITK7qOFSEYv05OF23/qdBWMh
|
||||
xfp6ZMEOhBOQrUpGAC5/egVXSAnqCrKh89NRwRb6x8qHGsxpeJyn4rvyxzwOsMyl
|
||||
9CtZopIiNzH8Fqqg3qJXwX7JjL0/ZK0NtSPnbNcGOT1JkzjAdCAE5qXQuSTdohS7
|
||||
U1n9icbwWJqOJjFxUCTMhV8Hcez3nQi3Ktv4tGmScyqsrWCStG6zvMCo6tPi5mXK
|
||||
V8PDdxMrHjyA4kJZkcmXj0MAyt6+gEoSYmbkKbH/CtaXQ0ilZT/XznYNz7zx4AUu
|
||||
Uvl9ObgZWAsa7pB6M2jhvRR0Yl8dbWzX1k8PiwuevfmsJkvykjGc720IQ2IrRHaE
|
||||
xDCxNsaCwBwF+iJOEIGjnTXHcLgFU2fgeQ4deIfizlIfCjxxRHaZqqEbC5DQTxBp
|
||||
owscV/PzR914KDEvhpRyh8q8olgRNBGRXNGJI32AYzz5AoICAGoE6Xr7ajsFPUJA
|
||||
40S9svqoD8aZskoqBTGlSfWJq9+Z7CbluIrnLqHvo6maukG0KwfdbcG3AHICL2rF
|
||||
Ekf4j0m0Fqy2C9DktvP5sG6Qjr4S+j666gWRW5Y2ggnzX/Ad5QQnfIT4/y8l8abV
|
||||
ATTskLkw4ROPgvAsQHxXphPFIeEzAeJZB3DwSfTKwJYQbg33FpVvblLVMQUFflER
|
||||
A5VNvQjMW7wr2nnQjDkMKi8S5cUY+pog8i3eHyyjplJoBDOm44Ls3jTj5X4QAA0m
|
||||
H7IqLhfxHFJVvlke4jrUoUdoU08fHX03BhDkx3e/MuWGCQKfkFt2y7GKhDT7uoA/
|
||||
5azHdHaBnrbgXEHrOaPdP6gI78PzzgoXTh0NNc1esYyXAeNYIbjFl5QIg1Y0tj/m
|
||||
i6N9S1pG0Km5A5QeysAok0jV2Z+uZNHU9SJbxaMn9biddku4k4R7+l0wOK0rwc+l
|
||||
C5MwaLEq6ThoUKPvWgu43Mkx4LD4DOVgZgyVrXooJBLCUrF7lfPt83F/M2fdA29z
|
||||
YAyzlFJR7DcMZlyABkLFgHf1/qn7+3BGu6JTUrIkyO+lTTJIpFWxK2kt2XDMpaPC
|
||||
DBUVjB7kj4EjHmhdzM3CyZxTL96IrIWKhnvfJi6wJG1a3EvLdLzeNF+yLiqma4TZ
|
||||
VMG44x78shJfH0z4C+wwpYb3ESR8
|
||||
-----END PRIVATE KEY-----
|
||||
|
|
@ -2,8 +2,10 @@
|
|||
# Let's add the first local ip to the /etc/issue and external ip to ews.ip file
|
||||
source /etc/environment
|
||||
myLOCALIP=$(hostname -I | awk '{ print $1 }')
|
||||
myEXTIP=$(curl myexternalip.com/raw)
|
||||
sed -i "s#IP:.*#IP: $myLOCALIP, $myEXTIP#" /etc/issue
|
||||
myEXTIP=$(curl -s myexternalip.com/raw)
|
||||
sed -i "s#IP:.*#IP: $myLOCALIP ($myEXTIP)#" /etc/issue
|
||||
sed -i "s#SSH:.*#SSH: ssh -l tsec -p 64295 $myLOCALIP#" /etc/issue
|
||||
sed -i "s#WEB:.*#WEB: https://$myLOCALIP:64297#" /etc/issue
|
||||
tee /data/ews/conf/ews.ip << EOF
|
||||
[MAIN]
|
||||
ip = $myEXTIP
|
||||
|
|
|
|||
|
|
@ -1,43 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
########################################################
|
||||
# T-Pot #
|
||||
# Two-Factor-Authentication and SSH enable script #
|
||||
# #
|
||||
# v16.10.0 by mo, DTAG, 2016-05-12 #
|
||||
########################################################
|
||||
myBACKTITLE="T-Pot - Two-Factor-Authentication and SSH enable script"
|
||||
|
||||
# Let's ask if the user wants to enable two-factor ...
|
||||
dialog --backtitle "$myBACKTITLE" --title "[ Enable 2FA? ]" --yesno "\nDo you want to enable Two-Factor-Authentication based on Google Authenticator for SSH?" 8 70
|
||||
my2FA=$?
|
||||
|
||||
# Let's ask if the user wants to enable ssh ...
|
||||
dialog --backtitle "$myBACKTITLE" --title "[ Enable SSH? ]" --yesno "\nDo you want to enable the SSH service?" 8 70
|
||||
mySSH=$?
|
||||
|
||||
# Enable 2FA
|
||||
if [ "$my2FA" = "0" ] && ! [ -f /etc/pam.d/sshd.bak ];
|
||||
then
|
||||
clear
|
||||
sudo sed -i.bak '\# PAM#aauth required pam_google_authenticator.so' /etc/pam.d/sshd
|
||||
sudo sed -i.bak 's#ChallengeResponseAuthentication no#ChallengeResponseAuthentication yes#' /etc/ssh/sshd_config
|
||||
google-authenticator -t -d -f -r 3 -R 30 -w 21
|
||||
echo "2FA enabled. Please press return to continue ..."
|
||||
read
|
||||
elif [ -f /etc/pam.d/sshd.bak ]
|
||||
then
|
||||
dialog --backtitle "$myBACKTITLE" --title "[ Already enabled ]" --msgbox "\nIt seems that Two-Factor-Authentication has already been enabled. Please run 'google-authenticator -t -d -f -r 3 -R 30 -w 21' if you want to rewrite your token." 8 70
|
||||
fi
|
||||
|
||||
# Enable SSH
|
||||
if [ "$mySSH" = "0" ] && [ "$(systemctl status ssh | grep -o dead)" = "dead" ];
|
||||
then
|
||||
clear
|
||||
sudo systemctl enable ssh
|
||||
sudo systemctl start ssh
|
||||
dialog --backtitle "$myBACKTITLE" --title "[ SSH enabled ]" --msgbox "\nThe SSH service has been enabled and is now reachable via port tcp/64295. Password authentication is disabled by default." 8 70
|
||||
elif [ "$(systemctl status ssh | grep -o dead)" = "" ]
|
||||
then
|
||||
dialog --backtitle "$myBACKTITLE" --title "[ Already enabled ]" --msgbox "\nIt seems that SSH has already been enabled." 8 70
|
||||
fi
|
||||
|
|
@ -47,29 +47,6 @@ exec > >(tee "install.log")
|
|||
fuECHO "### Removing link to NGINX default website."
|
||||
rm /etc/nginx/sites-enabled/default
|
||||
|
||||
# Let's ask user for web password
|
||||
fuECHO "### Please enter a web user name and password."
|
||||
myOK="n"
|
||||
myUSER="tsec"
|
||||
while [ "$myOK" != "y" ]
|
||||
do
|
||||
while [ "$myUSER" = "tsec" ]
|
||||
do
|
||||
echo -n "Username (tsec not allowed): "
|
||||
read myUSER
|
||||
echo "Your username is: "$myUSER
|
||||
done
|
||||
echo -n "OK (y/n)? "
|
||||
read myOK
|
||||
done
|
||||
htpasswd -c /etc/nginx/nginxpasswd $myUSER
|
||||
|
||||
# Let's generate a SSL certificate
|
||||
fuECHO "### Generating a self-signed-certificate for NGINX."
|
||||
fuECHO "### If you are unsure you can use the default values."
|
||||
mkdir -p /etc/nginx/ssl
|
||||
openssl req -nodes -x509 -sha512 -newkey rsa:8192 -keyout "/etc/nginx/ssl/nginx.key" -out "/etc/nginx/ssl/nginx.crt" -days 3650
|
||||
|
||||
# Let's setup the proxy for env
|
||||
if [ -f $myPROXYFILEPATH ];
|
||||
then fuECHO "### Setting up the proxy."
|
||||
|
|
@ -203,25 +180,25 @@ npm install git://github.com/t3chn0m4g3/wetty -g
|
|||
|
||||
# Let's install docker
|
||||
#fuECHO "### Installing docker-engine."
|
||||
#wget -qO- https://test.docker.com/ | sh
|
||||
#wget -qO- https://get.docker.com/ | sh
|
||||
|
||||
# Let's add the docker repository
|
||||
#fuECHO "### Adding the docker repository."
|
||||
#apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
|
||||
#tee /etc/apt/sources.list.d/docker.list <<EOF
|
||||
#deb https://apt.dockerproject.org/repo ubuntu-xenial main
|
||||
#EOF
|
||||
fuECHO "### Adding the docker repository."
|
||||
apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
|
||||
tee /etc/apt/sources.list.d/docker.list <<EOF
|
||||
deb https://apt.dockerproject.org/repo ubuntu-xenial main
|
||||
EOF
|
||||
|
||||
# Let's pull some updates
|
||||
#fuECHO "### Pulling Updates."
|
||||
#apt-get update -y
|
||||
fuECHO "### Pulling Updates."
|
||||
apt-get update -y
|
||||
|
||||
# Let's install docker
|
||||
#fuECHO "### Installing docker-engine."
|
||||
#fuECHO "### You can safely ignore the [FAILED] message,"
|
||||
#fuECHO "### which is caused by a bug in the docker installer."
|
||||
fuECHO "### Installing docker-engine."
|
||||
fuECHO "### You can safely ignore the [FAILED] message,"
|
||||
fuECHO "### which is caused by a bug in the docker installer."
|
||||
#apt-get install docker-engine=1.10.2-0~trusty -y
|
||||
#apt-get install docker-engine -y || true && sleep 5
|
||||
apt-get install docker-engine=1.12.0-0~xenial -y || true && sleep 5
|
||||
|
||||
# Let's add proxy settings to docker defaults
|
||||
if [ -f $myPROXYFILEPATH ];
|
||||
|
|
@ -328,7 +305,7 @@ fuECHO "### Adding cronjobs."
|
|||
tee -a /etc/crontab <<EOF
|
||||
|
||||
# Show running containers every 60s via /dev/tty2
|
||||
*/2 * * * * root status.sh > /dev/tty2
|
||||
#*/2 * * * * root status.sh > /dev/tty2
|
||||
|
||||
# Check if containers and services are up
|
||||
*/5 * * * * root check.sh
|
||||
|
|
@ -369,8 +346,6 @@ chmod 500 /root/tpot/bin/*
|
|||
chmod 600 /root/tpot/data/*
|
||||
chmod 644 /root/tpot/etc/issue
|
||||
chmod 755 /root/tpot/etc/rc.local
|
||||
chmod 700 /root/tpot/home/*
|
||||
chown tsec:tsec /root/tpot/home/*
|
||||
chmod 644 /root/tpot/data/systemd/*
|
||||
|
||||
# Let's copy some files
|
||||
|
|
@ -379,10 +354,9 @@ cp /root/tpot/data/elkbase.tgz /data/
|
|||
cp -R /root/tpot/bin/* /usr/bin/
|
||||
cp -R /root/tpot/data/* /data/
|
||||
cp /root/tpot/data/systemd/* /etc/systemd/system/
|
||||
cp -R /root/tpot/etc/issue /etc/
|
||||
cp /root/tpot/etc/nginx/ssl/* /etc/nginx/ssl/
|
||||
cp /root/tpot/etc/issue /etc/
|
||||
cp -R /root/tpot/etc/nginx/ssl /etc/nginx/
|
||||
cp /root/tpot/etc/nginx/tpotweb.conf /etc/nginx/sites-available/
|
||||
cp -R /root/tpot/home/* /home/tsec/
|
||||
cp /root/tpot/keys/authorized_keys /home/tsec/.ssh/authorized_keys
|
||||
cp /root/tpot/usr/share/nginx/html/* /usr/share/nginx/html/
|
||||
for i in $(cat /data/images.conf);
|
||||
|
|
@ -399,7 +373,7 @@ ln -s /etc/nginx/sites-available/tpotweb.conf /etc/nginx/sites-enabled/tpotweb.c
|
|||
chmod 760 -R /data
|
||||
chown tpot:tpot -R /data
|
||||
chmod 600 /home/tsec/.ssh/authorized_keys
|
||||
chown tsec:tsec /home/tsec/*.sh /home/tsec/.ssh /home/tsec/.ssh/authorized_keys
|
||||
chown tsec:tsec /home/tsec/.ssh /home/tsec/.ssh/authorized_keys
|
||||
|
||||
# Let's replace "quiet splash" options, set a console font for more screen canvas and update grub
|
||||
sed -i 's#GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"#GRUB_CMDLINE_LINUX_DEFAULT="consoleblank=0"#' /etc/default/grub
|
||||
|
|
@ -421,15 +395,50 @@ sed -i 's#\#force_color_prompt=yes#force_color_prompt=yes#' /home/tsec/.bashrc
|
|||
sed -i 's#\#force_color_prompt=yes#force_color_prompt=yes#' /root/.bashrc
|
||||
|
||||
# Let's create ews.ip before reboot and prevent race condition for first start
|
||||
source /etc/environment
|
||||
myLOCALIP=$(hostname -I | awk '{ print $1 }')
|
||||
myEXTIP=$(curl myexternalip.com/raw)
|
||||
sed -i "s#IP:.*#IP: $myLOCALIP, $myEXTIP#" /etc/issue
|
||||
myEXTIP=$(curl -s myexternalip.com/raw)
|
||||
sed -i "s#IP:.*#IP: $myLOCALIP ($myEXTIP)#" /etc/issue
|
||||
sed -i "s#SSH:.*#SSH: ssh -l tsec -p 64295 $myLOCALIP#" /etc/issue
|
||||
sed -i "s#WEB:.*#WEB: https://$myLOCALIP:64297#" /etc/issue
|
||||
tee /data/ews/conf/ews.ip << EOF
|
||||
[MAIN]
|
||||
ip = $myEXTIP
|
||||
EOF
|
||||
echo $myLOCALIP > /data/elk/logstash/mylocal.ip
|
||||
chown tpot:tpot /data/ews/conf/ews.ip
|
||||
|
||||
# Let's ask user for web password
|
||||
fuECHO "### Please enter a web user name and password."
|
||||
myOK="n"
|
||||
myUSER="tsec"
|
||||
while [ 1 != 2 ]
|
||||
do
|
||||
read -p "Username (tsec not allowed): " myUSER
|
||||
echo "Your username is: "$myUSER
|
||||
read -p "OK (y/n)? " myOK
|
||||
if [ "$myOK" = "y" ] && [ "$myUSER" != "tsec" ];
|
||||
then
|
||||
break
|
||||
fi
|
||||
done
|
||||
myPASS1="pass1"
|
||||
myPASS2="pass2"
|
||||
while [ "$myPASS1" != "$myPASS2" ]
|
||||
do
|
||||
read -s -p "Password: " myPASS1
|
||||
echo
|
||||
read -s -p "Repeat password: " myPASS2
|
||||
echo
|
||||
done
|
||||
htpasswd -b -c /etc/nginx/nginxpasswd $myUSER $myPASS1
|
||||
|
||||
# Let's generate a SSL certificate
|
||||
fuECHO "### Generating a self-signed-certificate for NGINX."
|
||||
fuECHO "### If you are unsure you can use the default values."
|
||||
mkdir -p /etc/nginx/ssl
|
||||
openssl req -nodes -x509 -sha512 -newkey rsa:8192 -keyout "/etc/nginx/ssl/nginx.key" -out "/etc/nginx/ssl/nginx.crt" -days 3650
|
||||
|
||||
# Final steps
|
||||
fuECHO "### Thanks for your patience. Now rebooting."
|
||||
#mv /root/tpot/etc/rc.local /etc/rc.local && rm -rf /root/tpot/ && chage -d 0 tsec && sleep 2 && reboot
|
||||
|
|
|
|||
|
|
@ -100,7 +100,7 @@ tasksel tasksel/first multiselect ubuntu-server
|
|||
########################
|
||||
### Package Installation
|
||||
########################
|
||||
d-i pkgsel/include string apache2-utils apparmor apt-transport-https aufs-tools bash-completion build-essential ca-certificates cgroupfs-mount curl dialog docker.io dstat ethtool genisoimage git html2text htop iptables iw libpam-google-authenticator libltdl7 lm-sensors nginx-extras nodejs npm ntp openssh-server openssl syslinux psmisc pv python-pip vim wireless-tools wpasupplicant
|
||||
d-i pkgsel/include string apache2-utils apparmor apt-transport-https aufs-tools bash-completion build-essential ca-certificates cgroupfs-mount curl dialog dstat ethtool genisoimage git html2text htop iptables iw libltdl7 lm-sensors man nginx-extras nodejs npm ntp openssh-server openssl syslinux psmisc pv python-pip vim wireless-tools wpasupplicant
|
||||
|
||||
#################
|
||||
### Update Policy
|
||||
|
|
|
|||
Loading…
Reference in a new issue