mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-07-02 01:27:27 -04:00
very basic installation stuff
This commit is contained in:
@ -4,7 +4,7 @@
|
||||
# T-Pot #
|
||||
# ELK DB backup script #
|
||||
# #
|
||||
# v16.03.1 by mo, DTAG, 2016-03-09 #
|
||||
# v16.10.0 by mo, DTAG, 2016-05-12 #
|
||||
########################################################
|
||||
myCOUNT=1
|
||||
myDATE=$(date +%Y%m%d%H%M)
|
||||
@ -38,7 +38,7 @@ touch /var/run/check.lock
|
||||
|
||||
# Stop ELK to lift db lock
|
||||
echo "Now stopping ELK ..."
|
||||
service elk stop
|
||||
systemctl stop elk
|
||||
sleep 10
|
||||
|
||||
# Backup DB in 2 flavors
|
||||
@ -53,7 +53,7 @@ chmod 760 -R $myELKPATH
|
||||
chown tpot:tpot -R $myELKPATH
|
||||
|
||||
# Start ELK
|
||||
service elk start
|
||||
systemctl start elk
|
||||
echo "Now starting up ELK ..."
|
||||
|
||||
# Allow checks to resume
|
||||
|
@ -4,7 +4,7 @@
|
||||
# T-Pot #
|
||||
# Check container and services script #
|
||||
# #
|
||||
# v16.03.1 by mo, DTAG, 2016-03-09 #
|
||||
# v16.10.0 by mo, DTAG, 2016-05-12 #
|
||||
########################################################
|
||||
if [ -a /var/run/check.lock ];
|
||||
then
|
||||
@ -29,9 +29,9 @@ for i in $myIMAGES
|
||||
if [ $myUPTIME -gt 4 ] && [ $myCIDSTATUS -gt 0 ];
|
||||
then
|
||||
echo "Restarting "$i"."
|
||||
service $i stop
|
||||
systemctl stop $i
|
||||
sleep 5
|
||||
service $i start
|
||||
systemctl start $i
|
||||
fi
|
||||
done
|
||||
|
||||
|
@ -4,7 +4,7 @@
|
||||
# T-Pot #
|
||||
# Container and services restart script #
|
||||
# #
|
||||
# v16.03.1 by mo, DTAG, 2016-03-09 #
|
||||
# v16.10.0 by mo, DTAG, 2016-05-12 #
|
||||
########################################################
|
||||
myCOUNT=1
|
||||
|
||||
@ -38,12 +38,12 @@ if [ $myUPTIME -gt 4 ];
|
||||
then
|
||||
for i in $myIMAGES
|
||||
do
|
||||
service $i stop
|
||||
systemctl stop $i
|
||||
done
|
||||
echo "### Waiting 10 seconds before restarting docker ..."
|
||||
sleep 10
|
||||
iptables -w -F
|
||||
service docker restart
|
||||
systemctl restart docker
|
||||
while true
|
||||
do
|
||||
docker info > /dev/null
|
||||
@ -64,7 +64,7 @@ if [ $myUPTIME -gt 4 ];
|
||||
echo "### Starting T-Pot services ..."
|
||||
for i in $myIMAGES
|
||||
do
|
||||
service $i start
|
||||
systemctl start $i
|
||||
done
|
||||
sleep 5
|
||||
else
|
||||
|
@ -4,7 +4,7 @@
|
||||
# T-Pot #
|
||||
# Container and services status script #
|
||||
# #
|
||||
# v16.03.1 by mo, DTAG, 2016-03-09 #
|
||||
# v16.10.0 by mo, DTAG, 2016-05-12 #
|
||||
########################################################
|
||||
myCOUNT=1
|
||||
|
||||
|
@ -4,9 +4,11 @@
|
||||
# T-Pot #
|
||||
# Only start the containers found in /etc/init/ #
|
||||
# #
|
||||
# v16.03.2 by mo, DTAG, 2016-04-20 #
|
||||
# v16.10.0 by mo, DTAG, 2016-05-12 #
|
||||
########################################################
|
||||
|
||||
echo "### I still need some dev-work!"
|
||||
|
||||
# Make sure not to interrupt a check
|
||||
while true
|
||||
do
|
||||
@ -33,19 +35,21 @@ done
|
||||
touch /var/run/check.lock
|
||||
|
||||
# Stop T-Pot services and delete all T-Pot upstart scripts
|
||||
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
echo "### Stopping T-Pot services and cleaning up."
|
||||
for i in $(cat /data/imgcfg/all_images.conf);
|
||||
do
|
||||
service $i stop
|
||||
systemctl stop $i
|
||||
sleep 2
|
||||
rm -rf /etc/init/$i.conf || true;
|
||||
done
|
||||
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
|
||||
|
||||
# Restarting docker services
|
||||
echo "### Restarting docker services ..."
|
||||
service docker stop
|
||||
systemctl stop docker
|
||||
sleep 2
|
||||
service docker start
|
||||
systemctl start docker
|
||||
sleep 2
|
||||
|
||||
# Setup only T-Pot upstart scripts from images.conf and pull the images
|
||||
|
@ -1,4 +1,4 @@
|
||||
T-Pot 16.03
|
||||
T-Pot 16.10 (development)
|
||||
Hostname: \n
|
||||
IP:
|
||||
|
||||
|
@ -4,11 +4,10 @@
|
||||
# T-Pot #
|
||||
# Two-Factor-Authentication and SSH enable script #
|
||||
# #
|
||||
# v16.03.2 by mo, DTAG, 2016-03-09 #
|
||||
# v16.10.0 by mo, DTAG, 2016-05-12 #
|
||||
########################################################
|
||||
myBACKTITLE="T-Pot - Two-Factor-Authentication and SSH enable script"
|
||||
|
||||
|
||||
# Let's ask if the user wants to enable two-factor ...
|
||||
dialog --backtitle "$myBACKTITLE" --title "[ Enable 2FA? ]" --yesno "\nDo you want to enable Two-Factor-Authentication based on Google Authenticator for SSH?" 8 70
|
||||
my2FA=$?
|
||||
@ -32,13 +31,13 @@ if [ "$my2FA" = "0" ] && ! [ -f /etc/pam.d/sshd.bak ];
|
||||
fi
|
||||
|
||||
# Enable SSH
|
||||
if [ "$mySSH" = "0" ] && [ -f /etc/init/ssh.override ];
|
||||
if [ "$mySSH" = "0" ] && [ "$(systemctl status ssh | grep -o dead)" = "dead" ];
|
||||
then
|
||||
clear
|
||||
sudo rm /etc/init/ssh.override
|
||||
sudo service ssh start
|
||||
sudo systemctl enable ssh
|
||||
sudo systemctl start ssh
|
||||
dialog --backtitle "$myBACKTITLE" --title "[ SSH enabled ]" --msgbox "\nThe SSH service has been enabled and is now reachable via port tcp/64295. Password authentication is disabled by default." 8 70
|
||||
elif ! [ -f /etc/init/ssh.override ]
|
||||
elif [ "$(systemctl status ssh | grep -o dead)" = "" ]
|
||||
then
|
||||
dialog --backtitle "$myBACKTITLE" --title "[ Already enabled ]" --msgbox "\nIt seems that SSH has already been enabled." 8 70
|
||||
fi
|
||||
|
@ -1,9 +1,9 @@
|
||||
#!/bin/bash
|
||||
########################################################
|
||||
# T-Pot post install script #
|
||||
# Ubuntu server 14.04.4, x64 #
|
||||
# Ubuntu server 16.04.0, x64 #
|
||||
# #
|
||||
# v16.03.14 by mo, DTAG, 2016-03-08 #
|
||||
# v16.10.0 by mo, DTAG, 2016-05-12 #
|
||||
########################################################
|
||||
|
||||
# Type of install, SENSOR, INDUSTRIAL or FULL?
|
||||
@ -20,9 +20,9 @@ myPFXHOSTIDPATH="/root/tpot/keys/8021x.id"
|
||||
fuECHO () {
|
||||
local myRED=1
|
||||
local myWHT=7
|
||||
tput setaf $myRED
|
||||
tput setaf $myRED -T xterm
|
||||
echo $1 "$2"
|
||||
tput setaf $myWHT
|
||||
tput setaf $myWHT -T xterm
|
||||
}
|
||||
|
||||
# Let's make sure there is a warning if running for a second time
|
||||
@ -154,7 +154,7 @@ EOF
|
||||
fuECHO "### Adding the docker repository."
|
||||
apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
|
||||
tee /etc/apt/sources.list.d/docker.list <<EOF
|
||||
deb https://apt.dockerproject.org/repo ubuntu-trusty main
|
||||
deb https://apt.dockerproject.org/repo ubuntu-xenial main
|
||||
EOF
|
||||
|
||||
# Let's pull some updates
|
||||
@ -165,7 +165,11 @@ apt-get upgrade -y
|
||||
|
||||
# Let's install docker
|
||||
fuECHO "### Installing docker-engine."
|
||||
apt-get install docker-engine=1.10.2-0~trusty -y
|
||||
apt-get install docker-engine=1.11.1-0~xenial -y
|
||||
|
||||
# Let's enable docker at boot and start service
|
||||
systemctl enable docker
|
||||
systemctl start docker
|
||||
|
||||
# Let's add proxy settings to docker defaults
|
||||
if [ -f $myPROXYFILEPATH ];
|
||||
@ -197,7 +201,7 @@ sed -i 's#Port 22#Port 64295#' /etc/ssh/sshd_config
|
||||
sed -i 's#\#PasswordAuthentication yes#PasswordAuthentication no#' /etc/ssh/sshd_config
|
||||
|
||||
# Let's disable ssh service
|
||||
echo "manual" >> /etc/init/ssh.override
|
||||
systemctl disable ssh
|
||||
|
||||
# Let's patch docker defaults, so we can run images as service
|
||||
fuECHO "### Patching docker defaults."
|
||||
|
Reference in New Issue
Block a user