forked from telekom-security/tpotce
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathupdate.sh
executable file
·188 lines (166 loc) · 5.08 KB
/
update.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
#!/bin/bash
###################################################
# Do not change any contents of this script!
###################################################
# Some vars
myCONFIGFILE="/opt/tpot/etc/tpot.yml"
myCOMPOSEPATH="/opt/tpot/etc/compose"
myRED="[0;31m"
myGREEN="[0;32m"
myWHITE="[0;0m"
myBLUE="[0;34m"
# Got root?
myWHOAMI=$(whoami)
if [ "$myWHOAMI" != "root" ]
then
echo "Need to run as root ..."
sudo ./$0
exit
fi
# Check for existing tpot.yml
function fuCONFIGCHECK () {
echo "### Checking for T-Pot configuration file ..."
echo -n "###### $myBLUE$myCONFIGFILE$myWHITE "
if ! [ -f $myCONFIGFILE ];
then
echo
echo $myRED"Error - No T-Pot configuration file present."
echo "Please copy one of the preconfigured configuration files from /opt/tpot/etc/compose/*.yml to /opt/tpot/etc/tpot.yml."$myWHITE
echo
exit 1
else
echo $myGREEN"OK"$myWHITE
fi
}
# Let's test the internet connection
function fuCHECKINET () {
mySITES=$1
echo "### Now checking availability of ..."
for i in $mySITES;
do
echo -n "###### $myBLUE$i$myWHITE "
curl --connect-timeout 5 -IsS $i 2>&1>/dev/null
if [ $? -ne 0 ];
then
echo
echo $myRED"Error - Internet connection test failed. This might indicate some problems with your connection."
echo "Exiting."$myWHITE
echo
exit 1
else
echo $myGREEN"OK"$myWHITE
fi
done;
}
function fuSELFUPDATE () {
echo "### Now checking for newer files in repository ..."
git fetch
myREMOTESTAT=$(git status | grep -c "up-to-date")
if [ "$myREMOTESTAT" != "0" ];
then
echo "###### $myBLUE"No updates found in repository."$myWHITE"
return
fi
myRESULT=$(git diff --name-only origin/master | grep update.sh)
myLOCALSTAT=$(git status -uno | grep -c update.sh)
if [ "$myRESULT" == "update.sh" ];
then
if [ "$myLOCALSTAT" == "0" ];
then
echo "###### $myBLUE"Found newer version, will update myself and restart."$myWHITE"
git pull --force
exec "$1" "$2"
exit 1
else
echo $myRED"Error - Update script was changed locally, cannot update."
echo "Exiting."$myWHITE
echo
exit 1
fi
else
echo "###### Update script is already up-to-date."
git pull --force
fi
}
# Only run with command switch
if [ "$1" != "-y" ]; then
echo "This script will update / upgrade all T-Pot related scripts, tools and packages"
echo "Some of your changes might be overwritten, so make sure to save your work"
echo "This feature is still experimental, run with \"-y\" switch"
echo
exit
fi
echo "### Now running T-Pot update script."
echo
fuCHECKINET "https://index.docker.io https://github.com https://pypi.python.org https://ubuntu.com"
echo
fuSELFUPDATE "$0" "$@"
echo
fuCONFIGCHECK
echo
echo "### Now stopping T-Pot"
systemctl stop tpot
# Better safe than sorry
echo "###### Creating backup and storing it in /home/tsec"
tar cvfz /root/tpot_backup.tgz /opt/tpot
echo "###### Getting the current install flavor"
myFLAVOR=$(head $myCONFIGFILE -n 1 | awk '{ print $3 }' | tr -d :'()':)
echo "###### Updating compose file"
case $myFLAVOR in
HP)
echo "###### Restoring HONEYPOT flavor installation."
cp $myCOMPOSEPATH/hp.yml $myCONFIGFILE
;;
Industrial)
echo "###### Restoring INDUSTRIAL flavor installation."
cp $myCOMPOSEPATH/industrial.yml $myCONFIGFILE
;;
Standard)
echo "###### Restoring TPOT flavor installation."
cp $myCOMPOSEPATH/tpot.yml $myCONFIGFILE
;;
Everything)
echo "###### Restoring EVERYTHING flavor installation."
cp $myCOMPOSEPATH/all.yml $myCONFIGFILE
;;
esac
echo
echo "### Now upgrading packages"
apt-get autoclean -y
apt-get autoremove -y
apt-get update
apt-get dist-upgrade -y
pip install --upgrade pip
pip install docker-compose==1.16.1
pip install elasticsearch-curator==5.2.0
ln -s /usr/bin/nodejs /usr/bin/node 2>&1
npm install https://github.com/t3chn0m4g3/wetty -g
npm install https://github.com/t3chn0m4g3/elasticsearch-dump -g
wget https://github.com/bcicen/ctop/releases/download/v0.6.1/ctop-0.6.1-linux-amd64 -O /usr/bin/ctop && chmod +x /usr/bin/ctop
echo
echo "### Now replacing T-Pot related config files on host"
cp host/etc/systemd/* /etc/systemd/system/
cp host/etc/issue /etc/
cp -R host/etc/nginx/ssl /etc/nginx/
cp host/etc/nginx/tpotweb.conf /etc/nginx/sites-available/
cp host/etc/nginx/nginx.conf /etc/nginx/nginx.conf
cp host/usr/share/nginx/html/* /usr/share/nginx/html/
echo
echo "### Now reloading systemd, nginx"
systemctl daemon-reload
nginx -s reload
echo
echo "### Now restarting wetty, nginx, docker"
systemctl restart wetty.service
systemctl restart nginx.service
systemctl restart docker.service
echo
echo "### Now pulling latest docker images"
docker-compose -f /opt/tpot/etc/tpot.yml pull
echo
echo "### Now starting T-Pot service"
systemctl start tpot
echo
echo "### If you made changes to tpot.yml please ensure to add them again."
echo "### We stored the previous version as backup in /home/tsec."
echo "### Done."