forked from p15670423/monkey
Merge pull request #900 from mssalvatore/linux-deployment-scripts-tweaks
Linux deployment scripts tweaks
This commit is contained in:
commit
44fd1ab69c
|
@ -39,6 +39,7 @@ Your user must have root permissions; however, don't run the script as root!
|
|||
|
||||
```sh
|
||||
wget https://raw.githubusercontent.com/guardicore/monkey/develop/deployment_scripts/deploy_linux.sh
|
||||
chmod u+x ./deploy_linux.sh
|
||||
```
|
||||
|
||||
This will download our deploy script. It's a good idea to read it quickly before executing it!
|
||||
|
@ -53,3 +54,12 @@ After downloading that script, execute it in a shell. The first argument should
|
|||
- `./deploy_linux.sh "/home/user/new" "master"` (if directory "new" is not found creates it and clones master branch into it)
|
||||
|
||||
You may also pass in an optional third `false` parameter to disable downloading the latest agent binaries.
|
||||
|
||||
### Run on Linux
|
||||
|
||||
After the `deploy_linux.sh` script completes, you can start the monkey island.
|
||||
|
||||
```sh
|
||||
cd infection_monkey/monkey
|
||||
./monkey_island/linux/run.sh
|
||||
```
|
||||
|
|
|
@ -4,41 +4,53 @@ export MONKEY_FOLDER_NAME="infection_monkey"
|
|||
# Url of public git repository that contains monkey's source code
|
||||
export MONKEY_GIT_URL="https://github.com/guardicore/monkey"
|
||||
|
||||
exists() {
|
||||
command -v "$1" >/dev/null 2>&1
|
||||
}
|
||||
|
||||
get_latest_release() {
|
||||
curl --silent "https://api.github.com/repos/$1/releases/latest" | # Get latest release from GitHub API
|
||||
RELEASE_URL="https://api.github.com/repos/$1/releases/latest"
|
||||
|
||||
if exists wget; then
|
||||
RELEASE_INFO=$(wget --quiet -O - "$RELEASE_URL") # Get latest release from GitHub API
|
||||
else
|
||||
RELEASE_INFO=$(curl --silent "$RELEASE_URL") # Get latest release from GitHub API
|
||||
fi
|
||||
|
||||
echo "$RELEASE_INFO" |
|
||||
grep '"tag_name":' | # Get tag line
|
||||
sed -E 's/.*"([^"]+)".*/\1/' # Pluck JSON value
|
||||
}
|
||||
|
||||
MONKEY_LATEST_RELEASE=$(get_latest_release "monkey/guardicore")
|
||||
MONKEY_LATEST_RELEASE=$(get_latest_release "guardicore/monkey")
|
||||
|
||||
# Monkey binaries
|
||||
LINUX_32_BINARY_NAME="monkey-linux-32"
|
||||
LINUX_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$($MONKEY_LATEST_RELEASE)/monkey-linux-32"
|
||||
LINUX_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$MONKEY_LATEST_RELEASE/monkey-linux-32"
|
||||
export LINUX_32_BINARY_URL
|
||||
export LINUX_32_BINARY_NAME
|
||||
|
||||
LINUX_64_BINARY_NAME="monkey-linux-64"
|
||||
LINUX_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$($MONKEY_LATEST_RELEASE)/monkey-linux-64"
|
||||
LINUX_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$MONKEY_LATEST_RELEASE/monkey-linux-64"
|
||||
export LINUX_64_BINARY_URL
|
||||
export LINUX_64_BINARY_NAME
|
||||
|
||||
WINDOWS_32_BINARY_NAME="monkey-windows-32.exe"
|
||||
WINDOWS_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$($MONKEY_LATEST_RELEASE)/monkey-windows-32.exe"
|
||||
WINDOWS_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$MONKEY_LATEST_RELEASE/monkey-windows-32.exe"
|
||||
export WINDOWS_32_BINARY_URL
|
||||
export WINDOWS_32_BINARY_NAME
|
||||
|
||||
WINDOWS_64_BINARY_NAME="monkey-windows-64.exe"
|
||||
WINDOWS_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$($MONKEY_LATEST_RELEASE)/monkey-windows-64.exe"
|
||||
WINDOWS_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$MONKEY_LATEST_RELEASE/monkey-windows-64.exe"
|
||||
export WINDOWS_64_BINARY_URL
|
||||
export WINDOWS_64_BINARY_NAME
|
||||
|
||||
# Other binaries for monkey
|
||||
TRACEROUTE_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$($MONKEY_LATEST_RELEASE)/traceroute64"
|
||||
TRACEROUTE_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$MONKEY_LATEST_RELEASE/traceroute64"
|
||||
export TRACEROUTE_64_BINARY_URL
|
||||
TRACEROUTE_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$($MONKEY_LATEST_RELEASE)/traceroute32"
|
||||
TRACEROUTE_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$MONKEY_LATEST_RELEASE/traceroute32"
|
||||
export TRACEROUTE_32_BINARY_URL
|
||||
SAMBACRY_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$($MONKEY_LATEST_RELEASE)/sc_monkey_runner64.so"
|
||||
SAMBACRY_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$MONKEY_LATEST_RELEASE/sc_monkey_runner64.so"
|
||||
export SAMBACRY_64_BINARY_URL
|
||||
SAMBACRY_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$($MONKEY_LATEST_RELEASE)/sc_monkey_runner32.so"
|
||||
SAMBACRY_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$MONKEY_LATEST_RELEASE/sc_monkey_runner32.so"
|
||||
export SAMBACRY_32_BINARY_URL
|
||||
|
|
|
@ -10,7 +10,7 @@ is_root() {
|
|||
|
||||
has_sudo() {
|
||||
# 0 true, 1 false
|
||||
timeout 1 sudo id && return 0 || return 1
|
||||
return $(sudo -nv > /dev/null 2>&1)
|
||||
}
|
||||
|
||||
handle_error() {
|
||||
|
@ -23,6 +23,11 @@ log_message() {
|
|||
echo -e "DEPLOYMENT SCRIPT: $1"
|
||||
}
|
||||
|
||||
if is_root; then
|
||||
log_message "Please don't run this script as root"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
config_branch=${2:-"develop"}
|
||||
config_url="https://raw.githubusercontent.com/guardicore/monkey/${config_branch}/deployment_scripts/config"
|
||||
|
||||
|
@ -62,14 +67,9 @@ ISLAND_BINARIES_PATH="$ISLAND_PATH/cc/binaries"
|
|||
INFECTION_MONKEY_DIR="$monkey_home/monkey/infection_monkey"
|
||||
MONKEY_BIN_DIR="$INFECTION_MONKEY_DIR/bin"
|
||||
|
||||
if is_root; then
|
||||
log_message "Please don't run this script as root"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
HAS_SUDO=$(has_sudo)
|
||||
if [[ ! $HAS_SUDO ]]; then
|
||||
log_message "You need root permissions for some of this script operations. Quiting."
|
||||
if ! has_sudo; then
|
||||
log_message "You need root permissions for some of this script operations. \
|
||||
Run \`sudo -v\`, enter your password, and then re-run this script."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
|
@ -110,13 +110,16 @@ if [[ ${python_cmd} == "" ]]; then
|
|||
log_message "Python 3.7 command not found. Installing python 3.7."
|
||||
sudo add-apt-repository ppa:deadsnakes/ppa
|
||||
sudo apt-get update
|
||||
sudo apt install python3.7 python3.7-dev
|
||||
sudo apt-get install -y python3.7 python3.7-dev
|
||||
log_message "Python 3.7 is now available with command 'python3.7'."
|
||||
python_cmd="python3.7"
|
||||
fi
|
||||
|
||||
log_message "Installing build-essential"
|
||||
sudo apt install build-essential
|
||||
sudo apt-get install -y build-essential
|
||||
|
||||
log_message "Installing python3-distutils"
|
||||
sudo apt-get install -y python3-distutils
|
||||
|
||||
log_message "Installing or updating pip"
|
||||
# shellcheck disable=SC2086
|
||||
|
@ -134,7 +137,7 @@ requirements_island="$ISLAND_PATH/requirements.txt"
|
|||
${python_cmd} -m pip install -r "${requirements_island}" --user --upgrade || handle_error
|
||||
|
||||
log_message "Installing monkey requirements"
|
||||
sudo apt-get install libffi-dev upx libssl-dev libc++1
|
||||
sudo apt-get install -y libffi-dev upx libssl-dev libc++1
|
||||
requirements_monkey="$INFECTION_MONKEY_DIR/requirements.txt"
|
||||
${python_cmd} -m pip install -r "${requirements_monkey}" --user --upgrade || handle_error
|
||||
|
||||
|
@ -162,15 +165,19 @@ chmod a+x "$ISLAND_BINARIES_PATH/$LINUX_64_BINARY_NAME"
|
|||
|
||||
# If a user haven't installed mongo manually check if we can install it with our script
|
||||
if ! exists mongod; then
|
||||
log_message "Installing libcurl4"
|
||||
sudo apt-get install -y libcurl4
|
||||
|
||||
log_message "Installing MongoDB"
|
||||
"${ISLAND_PATH}"/linux/install_mongo.sh ${MONGO_PATH} || handle_error
|
||||
fi
|
||||
log_message "Installing openssl"
|
||||
sudo apt-get install openssl
|
||||
sudo apt-get install -y openssl
|
||||
|
||||
# Generate SSL certificate
|
||||
log_message "Generating certificate"
|
||||
|
||||
chmod u+x "${ISLAND_PATH}"/linux/create_certificate.sh
|
||||
"${ISLAND_PATH}"/linux/create_certificate.sh ${ISLAND_PATH}/cc
|
||||
|
||||
# Update node
|
||||
|
|
Loading…
Reference in New Issue