p59342861
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Docs: extract the server configuration workflow to a separate server_configuration.md page, which explains how to setup and use server_configuration.json 

This change extracts server_config.json usage into a single page, which can then be referred to from any page that requires island configuration
This commit is contained in:
VakarisZ 2021-11-26 16:55:43 +02:00
parent dcc71faaa9
commit 3e32dbbc52
6 changed files with 112 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/content/FAQ/_index.md
View File

@ -174,6 +174,10 @@ The log enables you to see which requests were requested from the server and ext
2019-07-23 10:52:24,027 - report.py:580 - get_domain_issues() - INFO - Domain issues generated for reporting 2019-07-23 10:52:24,027 - report.py:580 - get_domain_issues() - INFO - Domain issues generated for reporting
``` ```
It's also possible to change the default log level by editing `log_level` value in a [server configuration file](../../reference/server_configuration).
You can use any of the default Python log levels.
### Infection Monkey agent logs ### Infection Monkey agent logs
The Infection Monkey agent log file can be found in the following paths on machines where it was executed: The Infection Monkey agent log file can be found in the following paths on machines where it was executed:

2
docs/content/reference/data_directory.md
View File

@ -22,7 +22,7 @@ On Windows, the default path is `%AppData%\monkey_island`.
The location of the data directory is set in the `data_dir` field in the The location of the data directory is set in the `data_dir` field in the
`server_config.json` file. `server_config.json` file.
1. Create a custom `server_config.json` file and set the `data_dir` field. Its 1. [Create a custom server_config.json file](../server_configuration) and set the `data_dir` field. Its
contents will look like: contents will look like:
```json ```json

100
docs/content/reference/server_configuration.md Normal file
View File

@ -0,0 +1,100 @@
---
title: "Server configuration"
date: 2021-11-26T12:00:19+02:00
draft: true
pre: '<i class="fas fa-cogs"></i> '
weight: 1
---
## Configuring the Island
The Island Server(C&C) is configured by creating a `server_config.json` file.
### Creating a configuration file
Here's an example `server_config.json` with all options specified:
```json
{
"log_level": "DEBUG",
"ssl_certificate": {
"ssl_certificate_file": "<PATH_TO_CRT_FILE>",
"ssl_certificate_key_file": "<PATH_TO_KEY_FILE>"
},
"mongodb": {
"start_mongodb": true
},
"data_dir": "/monkey_island_data"
}
```
Only relevant options can be specified, for example:
```json
{
"ssl_certificate": {
"ssl_certificate_file": "<PATH_TO_CRT_FILE>",
"ssl_certificate_key_file": "<PATH_TO_KEY_FILE>"
}
}
```
### Applying configuration to the island
#### AppImage (Linux)
Specify the path to the `server_config.json` through a command line argument.
Example: `./InfectionMonkey-v1.12.0.AppImage --server-config="/tmp/server_config.json"`
#### Windows
Move the created `server_config.json` to the install directory, monkey island directory.
If you haven't changed the default install directory, the path should look like:
`C:\Program Files\Guardicore\Monkey Island\monkey\monkey_island\server_config.json`
#### Docker
Best way to configure the docker is to is to map server's [data directory](../data_directory) to a volume:
1. Create a directory for server configuration and other files, e.g. `monkey_island_data`. If you already have it,
**make sure it's empty**.
```bash
mkdir ./monkey_island_data
chmod 700 ./monkey_island_data
```
1. Establish and populate the created directory with server files (modify the `VERSION` to the one you downloaded):
```bash
sudo docker run \
--rm \
--name monkey-island \
--network=host \
--user "$(id -u ${USER}):$(id -g ${USER})" \
--volume "$(realpath ./monkey_island_data)":/monkey_island_data \
guardicore/monkey-island:VERSION --setup-only
```
Once the volume is mapped, we can put `server_config.json` there.
`server_config.json` for docker **must** contain a valid data directory field and `start_mongodb` set to false.
So, at minimum your `server_config.json` should look like this:
```json
{
"data_dir": "/monkey_island_data",
"mongodb": {
"start_mongodb": false
}
}
```
Then, the container can be launched by providing `server_config.json` path in the arguments:
```bash
sudo docker run \
--rm \
--name monkey-island \
--network=host \
--user "$(id -u ${USER}):$(id -g ${USER})" \
--volume "$(realpath ./monkey_island_data)":/monkey_island_data \
guardicore/monkey-island:VERSION --server-config="/monkey_island_data/server_config.json"
```

32
docs/content/setup/docker.md
View File

@ -73,28 +73,9 @@ If you are upgrading the Infection Monkey to a new version, be sure to remove
any volumes associated with the previous version. any volumes associated with the previous version.
{{% /notice %}} {{% /notice %}}
1. Create a directory named `monkey_island_data`. If you already have it, 1. [Setup a volume with configuration file](../../reference/server_configuration/#docker).
**make sure it's empty**. This will serve as the location where Infection
Monkey stores its configuration and runtime artifacts.
```bash 1. Move your `.crt` and `.key` files to the volume created in the previous step (`./monkey_island_data`).
mkdir ./monkey_island_data
chmod 700 ./monkey_island_data
```
1. Run Monkey Island with the `--setup-only` flag to populate the `./monkey_island_data` directory with a default `server_config.json` file.
```bash
sudo docker run \
--rm \
--name monkey-island \
--network=host \
--user "$(id -u ${USER}):$(id -g ${USER})" \
--volume "$(realpath ./monkey_island_data)":/monkey_island_data \
guardicore/monkey-island:VERSION --setup-only
```
1. Move your `.crt` and `.key` files to `./monkey_island_data`.
1. Make sure that your `.crt` and `.key` files are readable and writeable only by you. 1. Make sure that your `.crt` and `.key` files are readable and writeable only by you.
@ -109,11 +90,6 @@ any volumes associated with the previous version.
```json {linenos=inline,hl_lines=["11-14"]} ```json {linenos=inline,hl_lines=["11-14"]}
{ {
"data_dir": "/monkey_island_data", "data_dir": "/monkey_island_data",
"log_level": "DEBUG",
"environment": {
"server_config": "password",
"deployment": "docker"
},
"mongodb": { "mongodb": {
"start_mongodb": false "start_mongodb": false
}, },
@ -124,7 +100,7 @@ any volumes associated with the previous version.
} }
``` ```
1. Start the Monkey Island server: 1. Start/restart the Monkey Island server:
```bash ```bash
sudo docker run \ sudo docker run \
@ -134,7 +110,7 @@ any volumes associated with the previous version.
--network=host \ --network=host \
--user "$(id -u ${USER}):$(id -g ${USER})" \ --user "$(id -u ${USER}):$(id -g ${USER})" \
--volume "$(realpath ./monkey_island_data)":/monkey_island_data \ --volume "$(realpath ./monkey_island_data)":/monkey_island_data \
guardicore/monkey-island:VERSION guardicore/monkey-island:VERSION --server-config="/monkey_island_data/server_config.json"
``` ```
### 4. Accessing Monkey Island ### 4. Accessing Monkey Island

23
docs/content/setup/linux.md
View File

@ -72,30 +72,11 @@ private certificate authority.
chmod 600 <PATH_TO_CRT_FILE> chmod 600 <PATH_TO_CRT_FILE>
``` ```
1. Edit `$HOME/.monkey_island/server_config.json` to configure Monkey Island 1. Create a [server configuration file and provide the path to the certificate](../../reference/server_configuration).
to use your certificate. Your config should look something like this:
```json {linenos=inline,hl_lines=["11-14"]}
{
"data_dir": "~/.monkey_island",
"log_level": "DEBUG",
"environment": {
"server_config": "password",
"deployment": "linux"
},
"mongodb": {
"start_mongodb": true
},
"ssl_certificate": {
"ssl_certificate_file": "<PATH_TO_CRT_FILE>",
"ssl_certificate_key_file": "<PATH_TO_KEY_FILE>"
}
}
```
1. Start Monkey Island by running the Infection Monkey AppImage package: 1. Start Monkey Island by running the Infection Monkey AppImage package:
```bash ```bash
./InfectionMonkey-v1.12.0.AppImage ./InfectionMonkey-v1.12.0.AppImage --server-config="/path/to/server_config.json"
``` ```
1. Access the Monkey Island web UI by pointing your browser at 1. Access the Monkey Island web UI by pointing your browser at

20
docs/content/setup/windows.md
View File

@ -39,25 +39,7 @@ private certificate authority.
`%AppData%\monkey_island`. `%AppData%\monkey_island`.
1. Stop the Monkey Island process. 1. Stop the Monkey Island process.
1. (Optional but recommended) Move your `.crt` and `.key` files to `%AppData%\monkey_island`. 1. (Optional but recommended) Move your `.crt` and `.key` files to `%AppData%\monkey_island`.
1. Edit `%AppData%\monkey_island\server_config.json` to configure Monkey Island 1. Create a [server configuration file and provide the path to the certificate](../../reference/server_configuration).
to use your certificate. Your config should look something like this:
```json {linenos=inline,hl_lines=["11-14"]}
{
"log_level": "DEBUG",
"environment": {
"server_config": "password",
"deployment": "windows"
},
"mongodb": {
"start_mongodb": true
},
"ssl_certificate": {
"ssl_certificate_file": "<PATH_TO_CRT_FILE>",
"ssl_certificate_key_file": "<PATH_TO_KEY_FILE>"
}
}
```
1. Run the Monkey Island by clicking on the desktop shortcut. 1. Run the Monkey Island by clicking on the desktop shortcut.
1. Access the Monkey Island web UI by pointing your browser at 1. Access the Monkey Island web UI by pointing your browser at