Added uo-to-date graylog and netbox installation sripts.

2024-04-15 22:17:43 +01:00 · 2024-04-15 22:17:43 +01:00 · 25f3cdf040
commit 25f3cdf040
parent dfd7c48701
3 changed files with 240 additions and 0 deletions
--- a/!archived/ubuntu/install-docker.sh
+++ b/!archived/ubuntu/install-docker.sh
--- a/graylog/install.sh
+++ b/graylog/install.sh
@ -0,0 +1,101 @@
+#!/bin/bash
+
+# Check if the script is being run as root
+if [ "$(id -u)" -ne 0 ]; then
+    echo "This script must be run as root" 1>&2
+    exit 1
+fi
+
+echo "Updating system..."
+# Update the system
+apt update && apt upgrade -y
+
+echo "Installing dependencies..."
+# Install prerequisites for Graylog, OpenSearch, and MongoDB
+apt install -y apt-transport-https openjdk-11-jre-headless uuid-runtime pwgen wget gnupg
+
+# Disable huge pages support
+echo "Disabling huge pages support..."
+echo never > /sys/kernel/mm/transparent_hugepage/enabled
+echo never > /sys/kernel/mm/transparent_hugepage/defrag
+
+# Set maximum file count for OpenSearch
+echo "Setting maximum file count for OpenSearch..."
+sysctl -w vm.max_map_count=262144
+echo "vm.max_map_count=262144" >> /etc/sysctl.conf
+
+# Add the OpenSearch repository and its GPG key
+echo "Adding OpenSearch repository..."
+wget -qO - https://d3g5vo6xdbdb9a.cloudfront.net/GPG-KEY-opensearch | apt-key add -
+echo "deb https://d3g5vo6xdbdb9a.cloudfront.net/debian stable main" | tee /etc/apt/sources.list.d/opensearch.list
+
+# Add the MongoDB repository
+echo "Adding MongoDB repository..."
+wget -qO - https://www.mongodb.org/static/pgp/server-6.0.asc | apt-key add -
+echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/debian buster/mongodb-org/6.0 main" | tee /etc/apt/sources.list.d/mongodb-org-6.0.list
+
+# Add the Graylog repository and its GPG key
+echo "Adding Graylog repository..."
+wget -qO - https://packages.graylog2.org/repo/packages/graylog-5.3-repository_latest.deb | dpkg -i -
+
+# Update the package index again
+echo "Updating package index..."
+apt update
+
+#Add OpenSearch User
+echo "Adding Opensearch User"
+adduser --system --disabled-password --disabled-login --home /var/empty --no-create-home --quiet --force-badname --group opensearch
+
+# Install OpenSearch and MongoDB
+echo "Installing OpenSearch"
+apt install -y opensearch
+
+#Create OpenSearch Directories
+mkdir -p /graylog/opensearch/data
+mkdir /var/log/opensearch
+
+#Extract Contents from tar
+tar -zxf opensearch-2.0.1-linux-x64.tar.gz
+mv opensearch-2.0.1/* /graylog/opensearch/
+
+#Create empty log file
+sudo -u opensearch touch /var/log/opensearch/graylog.log
+
+#Set Permissions
+chown -R opensearch:opensearch /graylog/opensearch/
+chown -R opensearch:opensearch /var/log/opensearch
+chmod -R 2750 /graylog/opensearch/
+chmod -R 2750 /var/log/opensearch/
+
+#Install MongoDB
+echo "Installing MongoDB"
+sudo apt install -y MongoDB
+
+# Install Graylog
+echo "Installing Graylog..."
+apt install -y graylog-server
+
+# Prompt user to enter admin user password
+read -sp "Enter your desired admin password for Graylog: " GRAYLOG_ADMIN_PASSWORD
+echo
+
+# Generate a secret key for Graylog
+echo "Generating secret key for Graylog..."
+GRAYLOG_SECRET=$(pwgen -N 1 -s 96)
+sed -i "s/password_secret =.*/password_secret = $GRAYLOG_SECRET/" /etc/graylog/server/server.conf
+
+# Generate a hash password for the admin user
+echo "Generating hash password for the admin user..."
+GRAYLOG_PASSWORD=$(echo -n "$GRAYLOG_ADMIN_PASSWORD" | sha256sum | awk '{print $1}')
+sed -i "s/root_password_sha2 =.*/root_password_sha2 = $GRAYLOG_PASSWORD/" /etc/graylog/server/server.conf
+
+# Reload systemd
+echo "Reloading systemd..."
+systemctl daemon-reload
+
+# Enable and start Graylog service
+echo "Enabling and starting Graylog service..."
+systemctl enable graylog-server
+systemctl start graylog-server
+
+echo "Graylog installation complete. You can access it at http://your-server-ip:9000"
--- a/netbox/install.sh
+++ b/netbox/install.sh
@ -0,0 +1,139 @@
+#!/bin/bash
+
+# Check if running as root
+if [[ $EUID -ne 0 ]]; then
+   echo "This script must be run as root" 
+   exit 1
+fi
+
+# Update and upgrade the system
+echo "Updating and upgrading the system..."
+apt update && apt upgrade -y
+
+# Install dependencies
+echo "Installing dependencies..."
+apt install -y python3 python3-pip python3-dev build-essential libxml2 libxml2-dev libxslt1-dev libffi-dev graphviz git libpq-dev libssl-dev redis-server postgresql postgresql-contrib nginx
+
+# Check Python version
+echo "Checking Python version. Please ensure this meets the minimum requirements of Python 3.8, 3.9, 3.10 or 3.11.:"
+python3 --version
+
+# Prompt user to confirm if the currently installed Python version meets the minimum requirements
+read -p "Does the installed Python version meet the minimum requirements? (y/n): " PYTHON_CONFIRM
+if [[ $PYTHON_CONFIRM != "y" ]]; then
+    echo "Please install the required version of Python and rerun this script."
+    exit 1
+fi
+
+# Add Netbox repository
+echo "Adding Netbox repository..."
+echo "deb https://packagecloud.io/netbox-community/netbox/ubuntu/ $(lsb_release -sc) main" | tee -a /etc/apt/sources.list.d/netbox-community.list
+curl -L https://packagecloud.io/netbox-community/netbox/gpgkey | apt-key add -
+
+# Prompt user for PostgreSQL and Netbox password
+read -p "Enter PostgreSQL password for 'netbox' user: " PG_PASSWORD
+read -p "Enter password for Netbox application: " NETBOX_PASSWORD
+
+# Create PostgreSQL user and database
+echo "Creating PostgreSQL user and database..."
+sudo -u postgres psql -c "CREATE DATABASE netbox;"
+sudo -u postgres psql -c "CREATE USER netbox WITH PASSWORD '$PG_PASSWORD';"
+sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE netbox TO netbox;"
+
+# Create new user for Netbox
+echo "Creating new user for Netbox..."
+useradd -m -s /bin/bash netbox
+
+# Install Netbox
+echo "Installing Netbox..."
+apt update
+apt install -y netbox
+
+# Move into NetBox configuration directory and make a copy of configuration_example.py
+echo "Copying Netbox configuration file..."
+cd /opt/netbox/netbox/netbox/
+cp configuration.example.py configuration.py
+
+# Populate database fields in configuration.py with PostgreSQL information
+echo "Populating the Netbox configuration file with prior PostgreSQL information..."
+sed -i "s/'USER': '',/'USER': 'netbox',/g" configuration.py
+sed -i "s/'NAME': '',/'NAME': 'netbox',/g" configuration.py
+sed -i "s/'PASSWORD': '',/'PASSWORD': '$PG_PASSWORD',/g" configuration.py
+sed -i "s/'HOST': '',/'HOST': 'localhost',/g" configuration.py
+
+# Prompt user to enter ALLOWED_HOSTS, REDIS, and SECRET_KEY
+echo "Please enter manually input the following inforation..."
+read -p "Enter ALLOWED_HOSTS (separated by commas): " ALLOWED_HOSTS
+read -p "Enter REDIS server (usually 'localhost'): " REDIS
+read -p "Enter SECRET_KEY: " SECRET_KEY
+
+# Parse user input into configuration.py
+echo "Parsing the entered information to configuration.py..."
+sed -i "s/ALLOWED_HOSTS = \[\]/ALLOWED_HOSTS = \[$ALLOWED_HOSTS\]/g" configuration.py
+sed -i "s/REDIS = {}/REDIS = {'HOST': '$REDIS', 'PORT': 6379, 'PASSWORD': '', 'DATABASE': 0}/g" configuration.py
+sed -i "s/SECRET_KEY = ''/SECRET_KEY = '$SECRET_KEY'/g" configuration.py
+
+# Perform initial database migration
+echo "Performing initial database migration..."
+sudo -u netbox /opt/netbox/upgrade.sh
+
+# Create directory for Netbox reports
+echo "Creating directory for Netbox reports..."
+mkdir -p /opt/netbox/netbox/media/reports
+
+# Check if directories exist
+echo "Checking if directories exist..."
+if [ ! -d "/opt/netbox/netbox/media/reports" ] || [ ! -d "/opt/netbox/netbox/media/" ] || [ ! -d "/opt/netbox/netbox/static/" ]; then
+    read -p "Required directories are missing. Do you want to create them? (y/n): " CREATE_DIRS
+    if [[ $CREATE_DIRS == "y" ]]; then
+        mkdir -p /opt/netbox/netbox/media/reports
+        mkdir -p /opt/netbox/netbox/media/
+        mkdir -p /opt/netbox/netbox/static/
+    else
+        echo "Please create the required directories manually and rerun the script."
+        exit 1
+    fi
+fi
+
+# Collect static files
+echo "Collecting static files..."
+sudo -u netbox /opt/netbox/manage.py collectstatic --no-input
+
+# Set file and directory permissions
+echo "Setting file permissions..."
+chown -R netbox:netbox /opt/netbox/netbox/media
+chown -R netbox:netbox /opt/netbox/netbox/static
+chown -R netbox:netbox /opt/netbox/netbox/media/reports
+
+# Restart services
+echo "Restarting services..."
+systemctl restart nginx
+systemctl restart redis-server
+systemctl restart postgresql
+
+# NGINX reverse proxy config
+echo "NGINX reverse proxy configuration for Netbox:"
+echo "
+server {
+    listen 80;
+    server_name netbox.example.com;
+
+    location / {
+        proxy_pass http://localhost:8001;
+        proxy_set_header X-Forwarded-Host \$server_name;
+        proxy_set_header X-Real-IP \$remote_addr;
+        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto \$scheme;
+    }
+
+    location /static/ {
+        alias /opt/netbox/netbox/static/;
+    }
+
+    location /media/ {
+        alias /opt/netbox/netbox/media/;
+    }
+}
+"
+
+echo "Netbox installation completed successfully!"