2021-02-08 22:09:42 +08:00
|
|
|
#!/bin/bash
|
|
|
|
|
2021-04-29 23:50:22 +08:00
|
|
|
APPDIR="./squashfs-root"
|
2021-04-13 00:25:16 +08:00
|
|
|
CONFIG_URL="https://raw.githubusercontent.com/guardicore/monkey/develop/deployment_scripts/config"
|
2021-02-08 22:09:42 +08:00
|
|
|
INSTALL_DIR="$APPDIR/usr/src"
|
|
|
|
|
|
|
|
GIT=$HOME/git
|
|
|
|
|
|
|
|
REPO_MONKEY_HOME=$GIT/monkey
|
|
|
|
REPO_MONKEY_SRC=$REPO_MONKEY_HOME/monkey
|
|
|
|
|
|
|
|
ISLAND_PATH="$INSTALL_DIR/monkey_island"
|
|
|
|
MONGO_PATH="$ISLAND_PATH/bin/mongodb"
|
|
|
|
ISLAND_BINARIES_PATH="$ISLAND_PATH/cc/binaries"
|
|
|
|
|
2021-04-13 01:11:16 +08:00
|
|
|
NODE_SRC=https://deb.nodesource.com/setup_12.x
|
|
|
|
APP_TOOL_URL=https://github.com/AppImage/AppImageKit/releases/download/12/appimagetool-x86_64.AppImage
|
2021-04-21 19:32:35 +08:00
|
|
|
PYTHON_VERSION="3.7.10"
|
|
|
|
PYTHON_APPIMAGE_URL="https://github.com/niess/python-appimage/releases/download/python3.7/python${PYTHON_VERSION}-cp37-cp37m-manylinux1_x86_64.AppImage"
|
2021-04-13 01:11:16 +08:00
|
|
|
|
2021-02-08 22:09:42 +08:00
|
|
|
is_root() {
|
2021-04-05 09:23:35 +08:00
|
|
|
return "$(id -u)"
|
2021-02-08 22:09:42 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
has_sudo() {
|
|
|
|
# 0 true, 1 false
|
2021-04-05 09:23:35 +08:00
|
|
|
sudo -nv > /dev/null 2>&1
|
|
|
|
return $?
|
2021-02-08 22:09:42 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
handle_error() {
|
|
|
|
echo "Fix the errors above and rerun the script"
|
|
|
|
exit 1
|
|
|
|
}
|
|
|
|
|
|
|
|
log_message() {
|
|
|
|
echo -e "\n\n"
|
|
|
|
echo -e "DEPLOYMENT SCRIPT: $1"
|
|
|
|
}
|
|
|
|
|
|
|
|
install_nodejs() {
|
|
|
|
log_message "Installing nodejs"
|
2021-04-02 00:25:06 +08:00
|
|
|
|
|
|
|
curl -sL $NODE_SRC | sudo -E bash -
|
2021-02-08 22:09:42 +08:00
|
|
|
sudo apt-get install -y nodejs
|
|
|
|
}
|
|
|
|
|
|
|
|
install_build_prereqs() {
|
2021-04-02 00:25:06 +08:00
|
|
|
sudo apt update
|
2021-04-16 00:19:36 +08:00
|
|
|
sudo apt upgrade -y
|
2021-04-02 00:25:06 +08:00
|
|
|
|
2021-04-13 00:32:37 +08:00
|
|
|
# monkey island prereqs
|
|
|
|
sudo apt install -y curl libcurl4 openssl git build-essential moreutils
|
2021-02-08 22:09:42 +08:00
|
|
|
install_nodejs
|
|
|
|
}
|
|
|
|
|
|
|
|
install_appimage_tool() {
|
|
|
|
APP_TOOL_BIN=$HOME/bin/appimagetool
|
2021-04-02 00:25:06 +08:00
|
|
|
|
2021-04-13 00:25:16 +08:00
|
|
|
mkdir -p "$HOME"/bin
|
2021-04-05 09:23:35 +08:00
|
|
|
curl -L -o "$APP_TOOL_BIN" "$APP_TOOL_URL"
|
|
|
|
chmod u+x "$APP_TOOL_BIN"
|
2021-02-08 22:09:42 +08:00
|
|
|
|
|
|
|
PATH=$PATH:$HOME/bin
|
|
|
|
}
|
|
|
|
|
|
|
|
load_monkey_binary_config() {
|
|
|
|
tmpfile=$(mktemp)
|
|
|
|
|
|
|
|
log_message "downloading configuration"
|
2021-04-13 00:25:16 +08:00
|
|
|
curl -L -s -o "$tmpfile" "$CONFIG_URL"
|
2021-02-08 22:09:42 +08:00
|
|
|
|
|
|
|
log_message "loading configuration"
|
2021-04-05 09:23:35 +08:00
|
|
|
source "$tmpfile"
|
2021-02-08 22:09:42 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
clone_monkey_repo() {
|
|
|
|
if [[ ! -d ${GIT} ]]; then
|
|
|
|
mkdir -p "${GIT}"
|
|
|
|
fi
|
|
|
|
|
|
|
|
log_message "Cloning files from git"
|
2021-04-16 00:20:10 +08:00
|
|
|
branch=${1:-"develop"}
|
2021-02-08 22:09:42 +08:00
|
|
|
git clone --single-branch --recurse-submodules -b "$branch" "${MONKEY_GIT_URL}" "${REPO_MONKEY_HOME}" 2>&1 || handle_error
|
|
|
|
}
|
|
|
|
|
2021-04-13 00:42:18 +08:00
|
|
|
setup_appdir() {
|
|
|
|
setup_python_37_appdir
|
|
|
|
|
|
|
|
copy_monkey_island_to_appdir
|
|
|
|
download_monkey_agent_binaries
|
|
|
|
|
|
|
|
install_monkey_island_python_dependencies
|
|
|
|
install_mongodb
|
|
|
|
|
|
|
|
generate_ssl_cert
|
|
|
|
build_frontend
|
|
|
|
|
|
|
|
add_monkey_icon
|
|
|
|
add_desktop_file
|
|
|
|
add_apprun
|
|
|
|
}
|
|
|
|
|
|
|
|
setup_python_37_appdir() {
|
2021-04-21 19:32:35 +08:00
|
|
|
PYTHON_APPIMAGE="python${PYTHON_VERSION}_x86_64.AppImage"
|
2021-04-13 00:42:18 +08:00
|
|
|
rm -rf "$APPDIR" || true
|
2021-04-16 00:20:33 +08:00
|
|
|
|
|
|
|
log_message "downloading Python3.7 Appimage"
|
2021-04-13 00:42:18 +08:00
|
|
|
curl -L -o "$PYTHON_APPIMAGE" "$PYTHON_APPIMAGE_URL"
|
|
|
|
|
|
|
|
chmod u+x "$PYTHON_APPIMAGE"
|
|
|
|
|
|
|
|
./"$PYTHON_APPIMAGE" --appimage-extract
|
|
|
|
rm "$PYTHON_APPIMAGE"
|
|
|
|
mkdir -p "$INSTALL_DIR"
|
|
|
|
}
|
|
|
|
|
2021-02-08 22:09:42 +08:00
|
|
|
copy_monkey_island_to_appdir() {
|
2021-04-05 09:23:35 +08:00
|
|
|
cp "$REPO_MONKEY_SRC"/__init__.py "$INSTALL_DIR"
|
|
|
|
cp "$REPO_MONKEY_SRC"/monkey_island.py "$INSTALL_DIR"
|
2021-04-13 00:25:16 +08:00
|
|
|
cp -r "$REPO_MONKEY_SRC"/common "$INSTALL_DIR/"
|
|
|
|
cp -r "$REPO_MONKEY_SRC"/monkey_island "$INSTALL_DIR/"
|
2021-04-05 09:23:35 +08:00
|
|
|
cp ./run_appimage.sh "$INSTALL_DIR"/monkey_island/linux/
|
|
|
|
cp ./island_logger_config.json "$INSTALL_DIR"/
|
|
|
|
cp ./server_config.json.standard "$INSTALL_DIR"/monkey_island/cc/
|
2021-02-11 20:27:56 +08:00
|
|
|
|
|
|
|
# TODO: This is a workaround that may be able to be removed after PR #848 is
|
|
|
|
# merged. See monkey_island/cc/environment_singleton.py for more information.
|
2021-04-05 09:23:35 +08:00
|
|
|
cp ./server_config.json.standard "$INSTALL_DIR"/monkey_island/cc/server_config.json
|
2021-02-08 22:09:42 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
install_monkey_island_python_dependencies() {
|
|
|
|
log_message "Installing island requirements"
|
2021-02-18 04:40:33 +08:00
|
|
|
|
2021-04-16 22:28:00 +08:00
|
|
|
log_message "Installing pipenv"
|
|
|
|
"$APPDIR"/AppRun -m pip install pipenv || handle_error
|
|
|
|
|
2021-02-08 22:09:42 +08:00
|
|
|
requirements_island="$ISLAND_PATH/requirements.txt"
|
2021-04-16 22:28:00 +08:00
|
|
|
generate_requirements_from_pipenv_lock $requirements_island
|
2021-02-18 04:40:33 +08:00
|
|
|
|
2021-04-16 22:28:00 +08:00
|
|
|
log_message "Installing island python requirements"
|
2021-04-13 00:25:16 +08:00
|
|
|
"$APPDIR"/AppRun -m pip install -r "${requirements_island}" --ignore-installed || handle_error
|
2021-02-08 22:09:42 +08:00
|
|
|
}
|
|
|
|
|
2021-04-16 22:28:00 +08:00
|
|
|
generate_requirements_from_pipenv_lock () {
|
|
|
|
log_message "Generating a requirements.txt file with 'pipenv lock -r'"
|
|
|
|
cd $ISLAND_PATH
|
|
|
|
"$APPDIR"/AppRun -m pipenv --python "$APPDIR/AppRun" lock -r > "$1" || handle_error
|
|
|
|
cd -
|
|
|
|
}
|
|
|
|
|
2021-02-08 22:09:42 +08:00
|
|
|
download_monkey_agent_binaries() {
|
|
|
|
log_message "Downloading monkey agent binaries to ${ISLAND_BINARIES_PATH}"
|
|
|
|
mkdir -p "${ISLAND_BINARIES_PATH}" || handle_error
|
2021-04-05 09:23:35 +08:00
|
|
|
curl -L -o "${ISLAND_BINARIES_PATH}/${LINUX_32_BINARY_NAME}" "${LINUX_32_BINARY_URL}"
|
|
|
|
curl -L -o "${ISLAND_BINARIES_PATH}/${LINUX_64_BINARY_NAME}" "${LINUX_64_BINARY_URL}"
|
|
|
|
curl -L -o "${ISLAND_BINARIES_PATH}/${WINDOWS_32_BINARY_NAME}" "${WINDOWS_32_BINARY_URL}"
|
|
|
|
curl -L -o "${ISLAND_BINARIES_PATH}/${WINDOWS_64_BINARY_NAME}" "${WINDOWS_64_BINARY_URL}"
|
2021-02-08 22:09:42 +08:00
|
|
|
|
|
|
|
# Allow them to be executed
|
|
|
|
chmod a+x "$ISLAND_BINARIES_PATH/$LINUX_32_BINARY_NAME"
|
|
|
|
chmod a+x "$ISLAND_BINARIES_PATH/$LINUX_64_BINARY_NAME"
|
|
|
|
}
|
|
|
|
|
|
|
|
install_mongodb() {
|
|
|
|
log_message "Installing MongoDB"
|
|
|
|
|
2021-04-05 09:23:35 +08:00
|
|
|
mkdir -p "$MONGO_PATH"
|
|
|
|
"${ISLAND_PATH}"/linux/install_mongo.sh "${MONGO_PATH}" || handle_error
|
2021-02-08 22:09:42 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
generate_ssl_cert() {
|
|
|
|
log_message "Generating certificate"
|
|
|
|
|
|
|
|
chmod u+x "${ISLAND_PATH}"/linux/create_certificate.sh
|
2021-04-05 09:23:35 +08:00
|
|
|
"${ISLAND_PATH}"/linux/create_certificate.sh "${ISLAND_PATH}"/cc
|
2021-02-08 22:09:42 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
build_frontend() {
|
2021-04-21 08:18:22 +08:00
|
|
|
pushd "$ISLAND_PATH/cc/ui" || handle_error
|
|
|
|
npm install sass-loader node-sass webpack --save-dev
|
|
|
|
npm update
|
2021-02-08 22:09:42 +08:00
|
|
|
|
2021-04-21 08:18:22 +08:00
|
|
|
log_message "Generating front end"
|
|
|
|
npm run dist
|
|
|
|
popd || handle_error
|
|
|
|
|
|
|
|
remove_node_modules
|
|
|
|
}
|
|
|
|
|
|
|
|
remove_node_modules() {
|
|
|
|
# Node has served its purpose. We don't need to deliver the node modules with
|
|
|
|
# the AppImage.
|
|
|
|
rm -rf "$ISLAND_PATH"/cc/ui/node_modules
|
2021-02-08 22:09:42 +08:00
|
|
|
}
|
|
|
|
|
2021-04-13 00:42:18 +08:00
|
|
|
add_monkey_icon() {
|
|
|
|
unlink "$APPDIR"/python.png
|
|
|
|
mkdir -p "$APPDIR"/usr/share/icons
|
2021-04-15 01:30:29 +08:00
|
|
|
cp "$REPO_MONKEY_SRC"/monkey_island/cc/ui/src/images/monkey-icon.svg "$APPDIR"/usr/share/icons/infection-monkey.svg
|
|
|
|
ln -s "$APPDIR"/usr/share/icons/infection-monkey.svg "$APPDIR"/infection-monkey.svg
|
2021-04-13 00:42:18 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
add_desktop_file() {
|
2021-04-21 19:32:35 +08:00
|
|
|
unlink "$APPDIR/python${PYTHON_VERSION}.desktop"
|
2021-04-15 01:25:37 +08:00
|
|
|
cp ./infection-monkey.desktop "$APPDIR"/usr/share/applications
|
|
|
|
ln -s "$APPDIR"/usr/share/applications/infection-monkey.desktop "$APPDIR"/infection-monkey.desktop
|
2021-04-13 00:42:18 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
add_apprun() {
|
|
|
|
cp ./AppRun "$APPDIR"
|
|
|
|
}
|
|
|
|
|
2021-02-19 00:33:59 +08:00
|
|
|
build_appimage() {
|
2021-04-02 00:25:06 +08:00
|
|
|
log_message "Building AppImage"
|
2021-04-13 00:25:16 +08:00
|
|
|
ARCH="x86_64" appimagetool "$APPDIR"
|
2021-02-19 00:33:59 +08:00
|
|
|
}
|
|
|
|
|
2021-02-08 22:09:42 +08:00
|
|
|
if is_root; then
|
|
|
|
log_message "Please don't run this script as root"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
if ! has_sudo; then
|
|
|
|
log_message "You need root permissions for some of this script operations. \
|
|
|
|
Run \`sudo -v\`, enter your password, and then re-run this script."
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
install_build_prereqs
|
2021-04-13 00:25:16 +08:00
|
|
|
install_appimage_tool
|
|
|
|
|
2021-02-08 22:09:42 +08:00
|
|
|
load_monkey_binary_config
|
2021-04-05 09:23:35 +08:00
|
|
|
clone_monkey_repo "$@"
|
2021-02-08 22:09:42 +08:00
|
|
|
|
2021-04-13 00:42:18 +08:00
|
|
|
setup_appdir
|
2021-02-08 22:09:42 +08:00
|
|
|
|
2021-02-19 00:33:59 +08:00
|
|
|
build_appimage
|
2021-02-08 22:09:42 +08:00
|
|
|
|
|
|
|
log_message "Deployment script finished."
|
|
|
|
exit 0
|