-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsetup.sh
executable file
·193 lines (156 loc) · 4.47 KB
/
setup.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
#!/bin/bash
clear_output()
{
tput cup 7 0 && tput ed
}
execute_command()
{
printf "$1"
columns=$(expr `tput cols` - ${#1})
printf '%s %s\n' "$(date)" "Running command \'$2\'" >>install.log
echo "Start command output" >>install.log
eval $2 &>>install.log
if [ $? -ne 0 ]
then
printf "%${columns}s\n" "[FAILED]"
return 1
fi
printf "%${columns}s\n" "[Done]"
return 0
}
#########################
# Start installation
#########################
# Clear Screen
clear
echo "#####################"
echo
echo "Welcome to SOAR setup"
echo
echo "#####################"
echo
# Check prerequisites
docker &> /dev/null && docker-compose ps &> /dev/null
if [ $? -ne 0 ]
then
echo "Please install prerequisites"
echo "docker and docker-compose are required components"
exit 1
fi
# Set some variables
# Docker Host IP address
HOST_IP=$(ping -q -c 1 -t 1 `hostname` | grep PING | sed -e "s/).*//" | sed -e "s/.*(//")
# intelMQ
read -p "Install intelMQ (y|N): " INTELMQ_INSTALL || INTELMQ_INSTALL = "n"
# Integrate intelMQ with ePO
if [ "${INTELMQ_INSTALL,,}" == "y" ]
then
read -p "Configure McAfee ePO (y|N): " EPO_CONFIG || EPO_CONFIG="n"
if [ "${EPO_CONFIG,,}" == "y" ]
then
read -p "ePO IP address: " EPO_IP
read -e -p "ePO Port [8443]: " -i "8443" EPO_PORT
read -p "ePO Admin User: " EPO_ADMIN
read -sp "ePO Admin password: " EPO_PW
echo
fi
fi
# MISP
read -p "Install MISP (y|N): " MISP_INSTALL || MISP_INSTALL = "n"
# MAC
read -p "Install MAC (y|N): " MAC_INSTALL || MAC_INSTALL = "n"
#########################
# intelMQ Installation
#########################
if [ "${INTELMQ_INSTALL,,}" == "y" ]
then
# create folders
execute_command "intelMQ: Create dev directory" "mkdir dev_intelmq"
# clone intelmq dev
execute_command "intelMQ: Clone intelMQ DEV" "git clone https://github.com/tux78/intelmq.git ./dev_intelmq"
# Build intelMQ image
execute_command "intelMQ: Build intelMQ image" "\
docker build \
-t intelmq:PROD \
-f ./intelmq/Dockerfile.intelmq .\
"
# create intelMQ container
execute_command "intelMQ: Create intelMQ Container" "\
docker-compose up --no-start --force-recreate intelmq\
"
# start intelMQ container
execute_command "intelMQ: Start intelMQ" "\
docker-compose start intelmq\
"
# Integrate intelMQ with ePO
if [ "${EPO_CONFIG,,}" == "y" ]
then
execute_command "ePO: Integrate intelMQ with ePO: provision DXL certificate" "\
docker-compose exec intelmq\
/usr/local/bin/dxlclient\
provisionconfig /etc/intelmq/openDXL $EPO_IP $HOST_IP -t $EPO_PORT -u $EPO_ADMIN -p $EPO_PW\
"
execute_command "ePO: Integrate intelMQ with ePO: change file permissions" "\
docker-compose exec intelmq\
chown intelmq:intelmq /etc/intelmq/openDXL/*\
"
fi
# Incorporate DEV environment
execute_command "intelMQ: Incorporate intelMQ DEV environment" "\
docker-compose exec intelmq /update_dev.sh \
"
fi
#########################
# MISP Installation
#########################
if [ "${MISP_INSTALL,,}" == "y" ]
then
# create folders
execute_command "MISP: Create MISP directories" "mkdir misp/misp-db"
# Build MISP image
execute_command "MISP: Build MISP image (may take a long time)" "\
docker build \
--build-arg MISP_FQDN=$HOST_IP \
-t misp:PROD \
-f ./misp/Dockerfile.misp .\
"
# create MISP container
execute_command "MISP: Create MISP Container" "\
docker-compose up --no-start --force-recreate misp\
"
# start MISP container
execute_command "MISP: Start MISP" "\
docker-compose start misp\
"
# Init MISP DB
execute_command "MISP: Init MISP DB" "\
docker-compose exec misp /init-db\
"
fi
#########################
# MAC Installation
#########################
if [ "${MAC_INSTALL,,}" == "y" ]
then
# create folders
execute_command "MAC: Create necessary directory" "mkdir mac/app"
# clone MAC
execute_command "MAC: Clone from github" "git clone https://github.com/tux78/MAC.git ./mac/app"
# create empty config for MAC
execute_command "MAC: create empty config file" "echo {} > mac/app/config.json"
# Build MAC image
execute_command "MAC: Build image" "\
docker build \
-t mac:PROD \
-f ./mac/Dockerfile.mac .\
"
# create MAC container
execute_command "MAC: Create Container" "\
docker-compose up --no-start --force-recreate mac\
"
# start MAC container
execute_command "MAC: Start Container" "\
docker-compose start mac\
"
fi
echo "Installation finished!"