monkey/deployment_scripts/deploy_linux.sh

249 lines
6.6 KiB
Bash
Raw Permalink Normal View History

#!/bin/bash
2020-01-05 04:55:00 +08:00
exists() {
command -v "$1" >/dev/null 2>&1
}
is_root() {
return $(id -u)
}
has_sudo() {
# 0 true, 1 false
return $(sudo -nv > /dev/null 2>&1)
}
2020-01-20 15:43:45 +08:00
handle_error() {
echo "Fix the errors above and rerun the script"
exit 1
}
log_message() {
echo -e "\n\n"
echo -e "DEPLOYMENT SCRIPT: $1"
}
configure_precommit() {
$1 -m pip install --user pre-commit
pushd "$2"
$HOME/.local/bin/pre-commit install -t pre-commit -t pre-push
popd
}
if is_root; then
log_message "Please don't run this script as root"
exit 1
fi
config_branch=${2:-"develop"}
2020-02-03 14:43:35 +08:00
config_url="https://raw.githubusercontent.com/guardicore/monkey/${config_branch}/deployment_scripts/config"
if (! exists curl) && (! exists wget); then
log_message 'Your system does not have curl or wget, exiting'
2020-02-09 05:24:25 +08:00
exit 1
fi
file=$(mktemp)
# shellcheck disable=SC2086
if exists wget; then
2020-02-09 05:24:25 +08:00
# shellcheck disable=SC2086
wget --output-document=$file "$config_url"
else
2020-02-09 05:24:25 +08:00
# shellcheck disable=SC2086
curl -s -o $file "$config_url"
fi
2020-02-09 05:24:25 +08:00
log_message "downloaded configuration"
# shellcheck source=deployment_scripts/config
# shellcheck disable=SC2086
source $file
log_message "loaded configuration"
# shellcheck disable=SC2086
# rm $file
2020-02-09 05:24:25 +08:00
# Setup monkey either in dir required or current dir
2020-01-05 04:55:00 +08:00
monkey_home=${1:-$(pwd)}
if [[ $monkey_home == $(pwd) ]]; then
monkey_home="$monkey_home/$MONKEY_FOLDER_NAME"
fi
# We can set main paths after we know the home dir
ISLAND_PATH="$monkey_home/monkey/monkey_island"
MONGO_PATH="$ISLAND_PATH/bin/mongodb"
ISLAND_BINARIES_PATH="$ISLAND_PATH/cc/binaries"
INFECTION_MONKEY_DIR="$monkey_home/monkey/infection_monkey"
MONKEY_BIN_DIR="$INFECTION_MONKEY_DIR/bin"
if ! has_sudo; then
log_message "You need root permissions for some of this script operations. \
Run \`sudo -v\`, enter your password, and then re-run this script."
2020-01-05 04:55:00 +08:00
exit 1
fi
if [[ ! -d ${monkey_home} ]]; then
2020-01-17 01:57:20 +08:00
mkdir -p "${monkey_home}"
fi
if ! exists git; then
log_message "Please install git and re-run this script"
2020-01-05 04:55:00 +08:00
exit 1
fi
log_message "Cloning files from git"
branch=${2:-"develop"}
log_message "Branch selected: ${branch}"
if [[ ! -d "$monkey_home/monkey" ]]; then # If not already cloned
git clone --single-branch --recurse-submodules -b "$branch" "${MONKEY_GIT_URL}" "${monkey_home}" 2>&1 || handle_error
fi
# Create folders
log_message "Creating island dirs under $ISLAND_PATH"
2020-02-09 17:53:06 +08:00
mkdir -p "${MONGO_PATH}" || handle_error
2020-01-17 01:57:20 +08:00
mkdir -p "${ISLAND_BINARIES_PATH}" || handle_error
# Detecting command that calls python 3.7
python_cmd=""
2020-01-05 04:55:00 +08:00
if [[ $(python --version 2>&1) == *"Python 3.7"* ]]; then
python_cmd="python"
fi
2020-01-05 04:55:00 +08:00
if [[ $(python37 --version 2>&1) == *"Python 3.7"* ]]; then
python_cmd="python37"
fi
2020-01-05 04:55:00 +08:00
if [[ $(python3.7 --version 2>&1) == *"Python 3.7"* ]]; then
python_cmd="python3.7"
fi
if [[ ${python_cmd} == "" ]]; then
log_message "Python 3.7 command not found. Installing python 3.7."
sudo add-apt-repository ppa:deadsnakes/ppa
sudo apt-get update
sudo apt-get install -y python3.7 python3.7-dev python3.7-venv
log_message "Python 3.7 is now available with command 'python3.7'."
python_cmd="python3.7"
fi
2020-02-11 01:06:39 +08:00
log_message "Installing build-essential"
sudo apt-get install -y build-essential
2020-02-09 17:04:45 +08:00
log_message "Installing python3-distutils"
sudo apt-get install -y python3-distutils
2020-02-09 17:04:45 +08:00
log_message "Installing or updating pip"
# shellcheck disable=SC2086
2020-02-10 19:53:24 +08:00
pip_url=https://bootstrap.pypa.io/get-pip.py
if exists wget; then
2020-02-10 19:53:24 +08:00
wget --output-document=get-pip.py $pip_url
2020-02-09 05:24:25 +08:00
else
2020-02-10 19:53:24 +08:00
curl $pip_url -o get-pip.py
2020-02-09 05:24:25 +08:00
fi
2020-02-03 15:16:11 +08:00
${python_cmd} get-pip.py
2020-02-09 05:24:25 +08:00
rm get-pip.py
2020-02-03 15:16:11 +08:00
log_message "Installing pipenv"
${python_cmd} -m pip install --user -U pipx
${python_cmd} -m pipx ensurepath
source ~/.profile
pipx install pipenv
2020-02-09 18:02:57 +08:00
log_message "Installing island requirements"
pushd $ISLAND_PATH
pipenv install --dev
popd
2020-02-09 18:02:57 +08:00
log_message "Installing monkey requirements"
sudo apt-get install -y libffi-dev upx libssl-dev libc++1
pushd $INFECTION_MONKEY_DIR
pipenv install --dev
popd
agents=${3:-true}
# Download binaries
if [ "$agents" = true ] ; then
log_message "Downloading binaries"
if exists wget; then
wget -c -N -P ${ISLAND_BINARIES_PATH} ${LINUX_32_BINARY_URL}
wget -c -N -P ${ISLAND_BINARIES_PATH} ${LINUX_64_BINARY_URL}
wget -c -N -P ${ISLAND_BINARIES_PATH} ${WINDOWS_32_BINARY_URL}
wget -c -N -P ${ISLAND_BINARIES_PATH} ${WINDOWS_64_BINARY_URL}
else
curl -o ${ISLAND_BINARIES_PATH}\monkey-linux-32 ${LINUX_32_BINARY_URL}
curl -o ${ISLAND_BINARIES_PATH}\monkey-linux-64 ${LINUX_64_BINARY_URL}
curl -o ${ISLAND_BINARIES_PATH}\monkey-windows-32.exe ${WINDOWS_32_BINARY_URL}
curl -o ${ISLAND_BINARIES_PATH}\monkey-windows-64.exe ${WINDOWS_64_BINARY_URL}
fi
2020-02-09 05:24:25 +08:00
fi
# Allow them to be executed
chmod a+x "$ISLAND_BINARIES_PATH/$LINUX_32_BINARY_NAME"
chmod a+x "$ISLAND_BINARIES_PATH/$LINUX_64_BINARY_NAME"
2019-05-11 23:33:32 +08:00
# If a user haven't installed mongo manually check if we can install it with our script
if ! exists mongod; then
2020-12-09 02:50:33 +08:00
log_message "Installing libcurl4"
sudo apt-get install -y libcurl4
2020-12-09 02:50:33 +08:00
log_message "Installing MongoDB"
"${ISLAND_PATH}"/linux/install_mongo.sh ${MONGO_PATH} || handle_error
fi
log_message "Installing openssl"
sudo apt-get install -y openssl
# Generate SSL certificate
log_message "Generating certificate"
chmod u+x "${ISLAND_PATH}"/linux/create_certificate.sh
"${ISLAND_PATH}"/linux/create_certificate.sh ${ISLAND_PATH}/cc
# Update node
if ! exists npm; then
log_message "Installing nodejs"
2020-02-10 19:53:24 +08:00
node_src=https://deb.nodesource.com/setup_12.x
if exists curl; then
2020-02-10 19:53:24 +08:00
curl -sL $node_src | sudo -E bash -
else
2020-02-10 19:53:24 +08:00
wget -q -O - $node_src | sudo -E bash -
fi
sudo apt-get install -y nodejs
2020-02-09 05:24:25 +08:00
fi
2020-02-09 17:53:06 +08:00
pushd "$ISLAND_PATH/cc/ui" || handle_error
2019-10-24 16:17:10 +08:00
npm install sass-loader node-sass webpack --save-dev
npm update
log_message "Generating front end"
npm run dist
2020-02-09 17:53:06 +08:00
popd || handle_error
# Making dir for binaries
2020-01-17 01:57:20 +08:00
mkdir "${MONKEY_BIN_DIR}"
# Download sambacry binaries
log_message "Downloading sambacry binaries"
# shellcheck disable=SC2086
if exists wget; then
2020-02-09 05:24:25 +08:00
wget -c -N -P "${MONKEY_BIN_DIR}" ${SAMBACRY_64_BINARY_URL}
wget -c -N -P "${MONKEY_BIN_DIR}" ${SAMBACRY_32_BINARY_URL}
else
2020-02-09 17:27:10 +08:00
curl -o ${MONKEY_BIN_DIR}/sc_monkey_runner64.so ${SAMBACRY_64_BINARY_URL}
curl -o ${MONKEY_BIN_DIR}/sc_monkey_runner32.so ${SAMBACRY_32_BINARY_URL}
2020-02-09 05:24:25 +08:00
fi
2021-04-26 20:38:37 +08:00
# Download Swimm
log_message "Downloading swimm"
2021-04-26 20:38:37 +08:00
if exists wget; then
wget ${SWIMM_URL} -O $HOME/swimm
else
curl ${SWIMM_URL} -o $HOME/swimm
fi
log_message "Installing swimm"
2021-04-26 20:38:37 +08:00
sudo dpkg -i $HOME/swimm || (sudo apt-get update && sudo apt-get -f install)
rm $HOME/swimm
2021-04-26 20:38:37 +08:00
2020-02-03 14:43:35 +08:00
sudo chmod +x "${INFECTION_MONKEY_DIR}/build_linux.sh"
configure_precommit ${python_cmd} ${monkey_home}
log_message "Deployment script finished."
exit 0