Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-04-20 06:02:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
tpotce/update.sh
t3chn0m4g3 2e944a9fc1 update
2018-08-08 15:05:45 +00:00

214 lines
5.9 KiB
Bash
Executable file
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
###################################################
# Do not change any contents of this script!
###################################################
# Some vars
myCONFIGFILE="/opt/tpot/etc/tpot.yml"
myCOMPOSEPATH="/opt/tpot/etc/compose"
myRED=""
myGREEN=""
myWHITE=""
myBLUE=""
# Got root?
myWHOAMI=$(whoami)
if [ "$myWHOAMI" != "root" ]
then
echo "Need to run as root ..."
sudo ./$0
exit
fi
# Check for existing tpot.yml
function fuCONFIGCHECK () {
echo "### Checking for T-Pot configuration file ..."
echo -n "###### $myBLUE$myCONFIGFILE$myWHITE "
if ! [ -f $myCONFIGFILE ];
then
echo
echo $myRED"Error - No T-Pot configuration file present."
echo "Please copy one of the preconfigured configuration files from /opt/tpot/etc/compose/*.yml to /opt/tpot/etc/tpot.yml."$myWHITE
echo
exit 1
else
echo $myGREEN"OK"$myWHITE
fi
}
# Let's test the internet connection
function fuCHECKINET () {
mySITES=$1
echo "### Now checking availability of ..."
for i in $mySITES;
do
echo -n "###### $myBLUE$i$myWHITE "
curl --connect-timeout 5 -IsS $i 2>&1>/dev/null
if [ $? -ne 0 ];
then
echo
echo $myRED"Error - Internet connection test failed. This might indicate some problems with your connection."
echo "Exiting."$myWHITE
echo
exit 1
else
echo $myGREEN"OK"$myWHITE
fi
done;
}
# Self Update
function fuSELFUPDATE () {
echo "### Now checking for newer files in repository ..."
git fetch
myREMOTESTAT=$(git status | grep -c "up-to-date")
if [ "$myREMOTESTAT" != "0" ];
then
echo "###### $myBLUE"No updates found in repository."$myWHITE"
return
fi
myRESULT=$(git diff --name-only origin/master | grep update.sh)
myLOCALSTAT=$(git status -uno | grep -c update.sh)
if [ "$myRESULT" == "update.sh" ];
then
if [ "$myLOCALSTAT" == "0" ];
then
echo "###### $myBLUE"Found newer version, will update myself and restart."$myWHITE"
git pull --force
exec "$1" "$2"
exit 1
else
echo $myRED"Error - Update script was changed locally, cannot update."
echo "Exiting."$myWHITE
echo
exit 1
fi
else
echo "###### Update script is already up-to-date."
git pull --force
fi
}
# Let's check for version
function fuCHECK_VERSION () {
local myMINVERSION="18.04.0"
local myMASTERVERSION="18.04.0"
echo
echo -n "##### Checking for version tag: "
if [ -f "version" ];
then
myVERSION=$(cat version)
echo "[ OK ] - You are running $myVERSION"
if [[ "$myVERSION" > "$myMINVERSION" || "$myVERSION" == "$myMINVERSION" ]] && [[ "$myVERSION" < "$myMASTERVERSION" || "$myVERSION" == "$myMASTERVERSION" ]]
then
echo "##### Valid version found. Update procedure will be initiated."
exit
else
echo "##### Your T-Pot installation cannot be upgraded automatically. Please run a fresh install."
exit
fi
else
echo "[ NOT OK ]"
echo "##### 'version' is missing. Please run 'update.sh' from within '/opt/tpot'."
exit
fi
}
# Only run with command switch
if [ "$1" != "-y" ]; then
echo "This script will update / upgrade all T-Pot related scripts, tools and packages"
echo "Some of your changes might be overwritten, so make sure to save your work"
echo "This is beta feature and only recommended for experienced users, run with \"-y\" switch"
echo
exit
fi
echo "### Now running T-Pot update script."
echo
fuCHECKINET "https://index.docker.io https://github.com https://pypi.python.org https://ubuntu.com"
echo
fuSELFUPDATE "$0" "$@"
echo
fuCONFIGCHECK
echo
echo "### Now stopping T-Pot"
systemctl stop tpot
# Better safe than sorry
echo "###### Creating backup and storing it in /home/tsec"
tar cvfz /root/tpot_backup.tgz /opt/tpot
echo "###### Getting the current install flavor"
myFLAVOR=$(head $myCONFIGFILE -n 1 | awk '{ print $3 }' | tr -d :'()':)
echo "###### Updating compose file"
case $myFLAVOR in
HP)
echo "###### Restoring HONEYPOT flavor installation."
cp $myCOMPOSEPATH/hp.yml $myCONFIGFILE
;;
Industrial)
echo "###### Restoring INDUSTRIAL flavor installation."
cp $myCOMPOSEPATH/industrial.yml $myCONFIGFILE
;;
Standard)
echo "###### Restoring TPOT flavor installation."
cp $myCOMPOSEPATH/tpot.yml $myCONFIGFILE
;;
Everything)
echo "###### Restoring EVERYTHING flavor installation."
cp $myCOMPOSEPATH/all.yml $myCONFIGFILE
;;
esac
echo
echo "### Now upgrading packages"
apt-get autoclean -y
apt-get autoremove -y
apt-get update
apt-get dist-upgrade -y
pip install --upgrade pip
pip install docker-compose==1.16.1
pip install elasticsearch-curator==5.2.0
ln -s /usr/bin/nodejs /usr/bin/node 2>&1
npm install https://github.com/t3chn0m4g3/wetty -g
npm install https://github.com/t3chn0m4g3/elasticsearch-dump -g
wget https://github.com/bcicen/ctop/releases/download/v0.6.1/ctop-0.6.1-linux-amd64 -O /usr/bin/ctop && chmod +x /usr/bin/ctop
echo
echo "### Now replacing T-Pot related config files on host"
cp host/etc/systemd/* /etc/systemd/system/
cp host/etc/issue /etc/
cp -R host/etc/nginx/ssl /etc/nginx/
cp host/etc/nginx/tpotweb.conf /etc/nginx/sites-available/
cp host/etc/nginx/nginx.conf /etc/nginx/nginx.conf
cp host/usr/share/nginx/html/* /usr/share/nginx/html/
echo
echo "### Now reloading systemd, nginx"
systemctl daemon-reload
nginx -s reload
echo
echo "### Now restarting wetty, nginx, docker"
systemctl restart wetty.service
systemctl restart nginx.service
systemctl restart docker.service
echo
echo "### Now pulling latest docker images"
docker-compose -f /opt/tpot/etc/tpot.yml pull
echo
echo "### Now starting T-Pot service"
systemctl start tpot
echo
echo "### If you made changes to tpot.yml please ensure to add them again."
echo "### We stored the previous version as backup in /home/tsec."
echo "### Done."
Reference in a new issue View git blame Copy permalink