very basic installation stuff

This commit is contained in:
Marco Ochse
2016-05-12 19:26:06 +02:00
parent 6e3f3b8d24
commit fbfb5a1d90
11 changed files with 45 additions and 39 deletions

View File

@ -4,7 +4,7 @@
# T-Pot #
# ELK DB backup script #
# #
# v16.03.1 by mo, DTAG, 2016-03-09 #
# v16.10.0 by mo, DTAG, 2016-05-12 #
########################################################
myCOUNT=1
myDATE=$(date +%Y%m%d%H%M)
@ -38,7 +38,7 @@ touch /var/run/check.lock
# Stop ELK to lift db lock
echo "Now stopping ELK ..."
service elk stop
systemctl stop elk
sleep 10
# Backup DB in 2 flavors
@ -53,7 +53,7 @@ chmod 760 -R $myELKPATH
chown tpot:tpot -R $myELKPATH
# Start ELK
service elk start
systemctl start elk
echo "Now starting up ELK ..."
# Allow checks to resume

View File

@ -4,7 +4,7 @@
# T-Pot #
# Check container and services script #
# #
# v16.03.1 by mo, DTAG, 2016-03-09 #
# v16.10.0 by mo, DTAG, 2016-05-12 #
########################################################
if [ -a /var/run/check.lock ];
then
@ -29,9 +29,9 @@ for i in $myIMAGES
if [ $myUPTIME -gt 4 ] && [ $myCIDSTATUS -gt 0 ];
then
echo "Restarting "$i"."
service $i stop
systemctl stop $i
sleep 5
service $i start
systemctl start $i
fi
done

View File

@ -4,7 +4,7 @@
# T-Pot #
# Container and services restart script #
# #
# v16.03.1 by mo, DTAG, 2016-03-09 #
# v16.10.0 by mo, DTAG, 2016-05-12 #
########################################################
myCOUNT=1
@ -38,12 +38,12 @@ if [ $myUPTIME -gt 4 ];
then
for i in $myIMAGES
do
service $i stop
systemctl stop $i
done
echo "### Waiting 10 seconds before restarting docker ..."
sleep 10
iptables -w -F
service docker restart
systemctl restart docker
while true
do
docker info > /dev/null
@ -64,7 +64,7 @@ if [ $myUPTIME -gt 4 ];
echo "### Starting T-Pot services ..."
for i in $myIMAGES
do
service $i start
systemctl start $i
done
sleep 5
else

View File

@ -4,7 +4,7 @@
# T-Pot #
# Container and services status script #
# #
# v16.03.1 by mo, DTAG, 2016-03-09 #
# v16.10.0 by mo, DTAG, 2016-05-12 #
########################################################
myCOUNT=1

View File

@ -4,9 +4,11 @@
# T-Pot #
# Only start the containers found in /etc/init/ #
# #
# v16.03.2 by mo, DTAG, 2016-04-20 #
# v16.10.0 by mo, DTAG, 2016-05-12 #
########################################################
echo "### I still need some dev-work!"
# Make sure not to interrupt a check
while true
do
@ -33,19 +35,21 @@ done
touch /var/run/check.lock
# Stop T-Pot services and delete all T-Pot upstart scripts
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
echo "### Stopping T-Pot services and cleaning up."
for i in $(cat /data/imgcfg/all_images.conf);
do
service $i stop
systemctl stop $i
sleep 2
rm -rf /etc/init/$i.conf || true;
done
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# Restarting docker services
echo "### Restarting docker services ..."
service docker stop
systemctl stop docker
sleep 2
service docker start
systemctl start docker
sleep 2
# Setup only T-Pot upstart scripts from images.conf and pull the images

View File

@ -1,4 +1,4 @@
T-Pot 16.03
T-Pot 16.10 (development)
Hostname: \n
IP:

View File

@ -4,11 +4,10 @@
# T-Pot #
# Two-Factor-Authentication and SSH enable script #
# #
# v16.03.2 by mo, DTAG, 2016-03-09 #
# v16.10.0 by mo, DTAG, 2016-05-12 #
########################################################
myBACKTITLE="T-Pot - Two-Factor-Authentication and SSH enable script"
# Let's ask if the user wants to enable two-factor ...
dialog --backtitle "$myBACKTITLE" --title "[ Enable 2FA? ]" --yesno "\nDo you want to enable Two-Factor-Authentication based on Google Authenticator for SSH?" 8 70
my2FA=$?
@ -32,13 +31,13 @@ if [ "$my2FA" = "0" ] && ! [ -f /etc/pam.d/sshd.bak ];
fi
# Enable SSH
if [ "$mySSH" = "0" ] && [ -f /etc/init/ssh.override ];
if [ "$mySSH" = "0" ] && [ "$(systemctl status ssh | grep -o dead)" = "dead" ];
then
clear
sudo rm /etc/init/ssh.override
sudo service ssh start
sudo systemctl enable ssh
sudo systemctl start ssh
dialog --backtitle "$myBACKTITLE" --title "[ SSH enabled ]" --msgbox "\nThe SSH service has been enabled and is now reachable via port tcp/64295. Password authentication is disabled by default." 8 70
elif ! [ -f /etc/init/ssh.override ]
elif [ "$(systemctl status ssh | grep -o dead)" = "" ]
then
dialog --backtitle "$myBACKTITLE" --title "[ Already enabled ]" --msgbox "\nIt seems that SSH has already been enabled." 8 70
fi

View File

@ -1,9 +1,9 @@
#!/bin/bash
########################################################
# T-Pot post install script #
# Ubuntu server 14.04.4, x64 #
# Ubuntu server 16.04.0, x64 #
# #
# v16.03.14 by mo, DTAG, 2016-03-08 #
# v16.10.0 by mo, DTAG, 2016-05-12 #
########################################################
# Type of install, SENSOR, INDUSTRIAL or FULL?
@ -20,9 +20,9 @@ myPFXHOSTIDPATH="/root/tpot/keys/8021x.id"
fuECHO () {
local myRED=1
local myWHT=7
tput setaf $myRED
tput setaf $myRED -T xterm
echo $1 "$2"
tput setaf $myWHT
tput setaf $myWHT -T xterm
}
# Let's make sure there is a warning if running for a second time
@ -154,7 +154,7 @@ EOF
fuECHO "### Adding the docker repository."
apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
tee /etc/apt/sources.list.d/docker.list <<EOF
deb https://apt.dockerproject.org/repo ubuntu-trusty main
deb https://apt.dockerproject.org/repo ubuntu-xenial main
EOF
# Let's pull some updates
@ -165,7 +165,11 @@ apt-get upgrade -y
# Let's install docker
fuECHO "### Installing docker-engine."
apt-get install docker-engine=1.10.2-0~trusty -y
apt-get install docker-engine=1.11.1-0~xenial -y
# Let's enable docker at boot and start service
systemctl enable docker
systemctl start docker
# Let's add proxy settings to docker defaults
if [ -f $myPROXYFILEPATH ];
@ -197,7 +201,7 @@ sed -i 's#Port 22#Port 64295#' /etc/ssh/sshd_config
sed -i 's#\#PasswordAuthentication yes#PasswordAuthentication no#' /etc/ssh/sshd_config
# Let's disable ssh service
echo "manual" >> /etc/init/ssh.override
systemctl disable ssh
# Let's patch docker defaults, so we can run images as service
fuECHO "### Patching docker defaults."