p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
monkey/deployment_scripts/deploy_linux.sh

232 lines
5.7 KiB
Bash
Executable File
Raw Permalink Blame History

#!/bin/bash
exists() {
command -v "$1" >/dev/null 2>&1
}
is_root() {
return $(id -u)
}
has_sudo() {
# 0 true, 1 false
return $(sudo -nv > /dev/null 2>&1)
}
handle_error() {
echo "Fix the errors above and rerun the script"
exit 1
}
log_message() {
echo -e "\n\n"
echo -e "DEPLOYMENT SCRIPT: $1"
}
configure_precommit() {
$1 -m pip install --user pre-commit
pushd "$2"
$HOME/.local/bin/pre-commit install -t pre-commit -t pre-push
popd
}
if is_root; then
log_message "Please don't run this script as root"
exit 1
fi
config_branch=${2:-"develop"}
config_url="https://raw.githubusercontent.com/guardicore/monkey/${config_branch}/deployment_scripts/config"
if (! exists curl) && (! exists wget); then
log_message 'Your system does not have curl or wget, exiting'
exit 1
fi
file=$(mktemp)
# shellcheck disable=SC2086
if exists wget; then
# shellcheck disable=SC2086
wget --output-document=$file "$config_url"
else
# shellcheck disable=SC2086
curl -s -o $file "$config_url"
fi
log_message "downloaded configuration"
# shellcheck source=deployment_scripts/config
# shellcheck disable=SC2086
source $file
log_message "loaded configuration"
# shellcheck disable=SC2086
# rm $file
# Setup monkey either in dir required or current dir
monkey_home=${1:-$(pwd)}
if [[ $monkey_home == $(pwd) ]]; then
monkey_home="$monkey_home/$MONKEY_FOLDER_NAME"
fi
# We can set main paths after we know the home dir
ISLAND_PATH="$monkey_home/monkey/monkey_island"
MONGO_PATH="$ISLAND_PATH/bin/mongodb"
ISLAND_BINARIES_PATH="$ISLAND_PATH/cc/binaries"
INFECTION_MONKEY_DIR="$monkey_home/monkey/infection_monkey"
MONKEY_BIN_DIR="$INFECTION_MONKEY_DIR/bin"
if ! has_sudo; then
log_message "You need root permissions for some of this script operations. \
Run \`sudo -v\`, enter your password, and then re-run this script."
exit 1
fi
if [[ ! -d ${monkey_home} ]]; then
mkdir -p "${monkey_home}"
fi
if ! exists git; then
log_message "Please install git and re-run this script"
exit 1
fi
log_message "Cloning files from git"
branch=${2:-"develop"}
log_message "Branch selected: ${branch}"
if [[ ! -d "$monkey_home/monkey" ]]; then # If not already cloned
git clone --recurse-submodules -b "$branch" "${MONKEY_GIT_URL}" "${monkey_home}" 2>&1 || handle_error
fi
# Create folders
log_message "Creating island dirs under $ISLAND_PATH"
mkdir -p "${MONGO_PATH}" || handle_error
mkdir -p "${ISLAND_BINARIES_PATH}" || handle_error
# Detecting command that calls python 3.7
python_cmd=""
if [[ $(python --version 2>&1) == *"Python 3.7"* ]]; then
python_cmd="python"
fi
if [[ $(python37 --version 2>&1) == *"Python 3.7"* ]]; then
python_cmd="python37"
fi
if [[ $(python3.7 --version 2>&1) == *"Python 3.7"* ]]; then
python_cmd="python3.7"
fi
if [[ ${python_cmd} == "" ]]; then
log_message "Python 3.7 command not found. Installing python 3.7."
sudo add-apt-repository ppa:deadsnakes/ppa
sudo apt-get update
sudo apt-get install -y python3.7 python3.7-dev python3.7-venv
log_message "Python 3.7 is now available with command 'python3.7'."
python_cmd="python3.7"
fi
log_message "Installing build-essential"
sudo apt-get install -y build-essential
log_message "Installing python3-distutils"
sudo apt-get install -y python3-distutils
log_message "Installing or updating pip"
# shellcheck disable=SC2086
pip_url=https://bootstrap.pypa.io/get-pip.py
if exists wget; then
wget --output-document=get-pip.py $pip_url
else
curl $pip_url -o get-pip.py
fi
${python_cmd} get-pip.py
rm get-pip.py
log_message "Installing pipenv"
${python_cmd} -m pip install --user -U pipx
${python_cmd} -m pipx ensurepath
source ~/.profile
pipx install pipenv
log_message "Installing island requirements"
pushd $ISLAND_PATH
pipenv install --dev
popd
log_message "Installing monkey requirements"
sudo apt-get install -y libffi-dev upx libssl-dev libc++1
pushd $INFECTION_MONKEY_DIR
pipenv install --dev
popd
agents=${3:-true}
# Download binaries
if [ "$agents" = true ] ; then
log_message "Downloading binaries"
if exists wget; then
wget -c -N -P ${ISLAND_BINARIES_PATH} ${LINUX_64_BINARY_URL}
wget -c -N -P ${ISLAND_BINARIES_PATH} ${WINDOWS_64_BINARY_URL}
else
curl -o ${ISLAND_BINARIES_PATH}\monkey-linux-64 ${LINUX_64_BINARY_URL}
curl -o ${ISLAND_BINARIES_PATH}\monkey-windows-64.exe ${WINDOWS_64_BINARY_URL}
fi
fi
# Allow them to be executed
chmod a+x "$ISLAND_BINARIES_PATH/$LINUX_64_BINARY_NAME"
# If a user haven't installed mongo manually check if we can install it with our script
if ! exists mongod; then
log_message "Installing libcurl4"
sudo apt-get install -y libcurl4
log_message "Installing MongoDB"
"${ISLAND_PATH}"/linux/install_mongo.sh ${MONGO_PATH} || handle_error
fi
log_message "Installing openssl"
sudo apt-get install -y openssl
# Generate SSL certificate
log_message "Generating certificate"
chmod u+x "${ISLAND_PATH}"/linux/create_certificate.sh
"${ISLAND_PATH}"/linux/create_certificate.sh ${ISLAND_PATH}/cc
# Update node
if ! exists npm; then
log_message "Installing nodejs"
node_src=https://deb.nodesource.com/setup_16.x
if exists curl; then
curl -sL $node_src | sudo -E bash -
else
wget -q -O - $node_src | sudo -E bash -
fi
sudo apt-get install -y nodejs
fi
pushd "$ISLAND_PATH/cc/ui" || handle_error
npm ci
log_message "Generating front end"
npm run dev
popd || handle_error
# Making dir for binaries
mkdir "${MONKEY_BIN_DIR}"
# Download Swimm
log_message "Downloading swimm"
if exists wget; then
wget ${SWIMM_URL} -O $HOME/swimm
else
curl ${SWIMM_URL} -o $HOME/swimm
fi
log_message "Installing swimm"
sudo dpkg -i $HOME/swimm || (sudo apt-get update && sudo apt-get -f install)
rm $HOME/swimm
sudo chmod +x "${INFECTION_MONKEY_DIR}/build_linux.sh"
configure_precommit ${python_cmd} ${monkey_home}
log_message "Deployment script finished."
exit 0
Reference in New Issue View Git Blame Copy Permalink