-
Notifications
You must be signed in to change notification settings - Fork 629
/
Copy pathinstall.sh
executable file
·158 lines (135 loc) · 4.67 KB
/
install.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
#!/bin/bash
if [ "$(whoami)" != "root" ]
then
echo -e "You must be root to run this script"
exit 1
fi
if [[ $# -eq "1" && $1 -eq "0" ]]
then
echo "Running in unattended mode. Assuming config.py exists. Splunk, ELK and UFW will be skipped."
MHN_SERVER_SCRIPT="install_mhnserver_unattended.sh"
UNATTENDED=true
elif [[ $# -eq "1" && $1 -eq "1" ]]
then
echo "Running in attended mode (config.py not created)"
MHN_SERVER_SCRIPT="install_mhnserver.sh"
UNATTENDED=false
else
MHN_SERVER_SCRIPT="install_mhnserver.sh"
UNATTENDED=false
fi
set -e
set -x
MHN_HOME=`dirname "$(readlink -f "$0")"`
WWW_OWNER="www-data"
SCRIPTS="$MHN_HOME/scripts/"
cd $SCRIPTS
if [ -f /etc/redhat-release ]; then
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:$PATH
#yum updates + health
yum clean all -y
yum update -y
#Dump yum info for troubleshooting
echo -e "Yum Repo List:\n"
yum repolist
echo -e "Yum Dev Group Packages:\n"
yum grouplist | grep -i development
echo -e "Attempting to install Dev Tools"
yum groupinfo mark install "Development Tools"
yum groupinfo mark convert "Development Tools"
yum groupinstall "Development Tools" -y
echo -e "Development Tools successfully installed\n"
WWW_OWNER="nginx"
./install_sqlite.sh
if [ ! -f /usr/local/bin/python2.7 ]; then
echo "[`date`] Installing Python2.7 as a pre-req"
./install_python2.7.sh
fi
./install_supervisord.sh
fi
if [ -f /etc/debian_version ]; then
apt-get update && apt-get upgrade -y
apt-get install -y python-pip
pip install --upgrade pip
apt-get install apt-transport-https -y
apt-get install build-essential -y #needed for building some python modules
fi
echo "[`date`] Starting Installation of all MHN packages"
echo "[`date`] ========= Installing hpfeeds ========="
./install_hpfeeds.sh
echo "[`date`] ========= Installing menmosyne ========="
./install_mnemosyne.sh
echo "[`date`] ========= Installing Honeymap ========="
./install_honeymap.sh
echo "[`date`] ========= Installing MHN Server ========="
./$MHN_SERVER_SCRIPT
echo "[`date`] ========= MHN Server Install Finished ========="
echo ""
if [ $UNATTENDED = false ]
then
while true;
do
echo -n "Would you like to integrate with Splunk? (y/n) "
read SPLUNK
if [ "$SPLUNK" == "y" -o "$SPLUNK" == "Y" ]
then
echo -n "Splunk Forwarder Host: "
read SPLUNK_HOST
echo -n "Splunk Forwarder Port: "
read SPLUNK_PORT
echo "The Splunk Universal Forwarder will send all MHN logs to $SPLUNK_HOST:$SPLUNK_PORT"
./install_splunk_universalforwarder.sh "$SPLUNK_HOST" "$SPLUNK_PORT"
./install_hpfeeds-logger-splunk.sh
break
elif [ "$SPLUNK" == "n" -o "$SPLUNK" == "N" ]
then
echo "Skipping Splunk integration"
echo "The splunk integration can be completed at a later time by running this:"
echo " cd /opt/mhn/scripts/"
echo " sudo ./install_splunk_universalforwarder.sh <SPLUNK_HOST> <SPLUNK_PORT>"
echo " sudo ./install_hpfeeds-logger-splunk.sh"
break
fi
done
while true;
do
echo -n "ELK Script will only work on Debian Based systems like Ubuntu"
echo -n "Would you like to install ELK? (y/n) "
read ELK
if [ "$ELK" == "y" -o "$ELK" == "Y" ]
then
./install_elk.sh
break
elif [ "$ELK" == "n" -o "$ELK" == "N" ]
then
echo "Skipping ELK installation"
echo "The ELK installation can be completed at a later time by running this:"
echo " cd /opt/mhn/scripts/"
echo " sudo ./install_elk.sh"
break
fi
done
while true;
do
echo -n "A properly configured firewall is highly encouraged while running MHN."
echo -n "This script can enable and configure UFW for use with MHN."
echo -n "Would you like to add MHN rules to UFW? (y/n) "
read UFW
if [ "$UFW" == "y" -o "$UFW" == "Y" ]
then
./enable_ufw.sh
break
elif [ "$UFW" == "n" -o "$UFW" == "N" ]
then
echo "Skipping UFW configuration"
echo "The UFW configuration can be completed at a later time by running this:"
echo " cd /opt/mhn/scripts/"
echo " sudo ./enable_ufw.sh"
break
fi
done
fi
chown $WWW_OWNER /var/log/mhn/mhn.log
chown $WWW_OWNER /var/log/mhn/mhn.log
supervisorctl restart mhn-celery-worker
echo "[`date`] Completed Installation of all MHN packages"