Skip to content

Commit

Permalink
Merge pull request #3 from activecm/wls_installer_secondary_os
Browse files Browse the repository at this point in the history
Installer script fixes for unsupported operating systems.
  • Loading branch information
lisaSW authored Jul 15, 2024
2 parents 2d274d7 + 6a951f5 commit 235819b
Show file tree
Hide file tree
Showing 3 changed files with 92 additions and 91 deletions.
127 changes: 49 additions & 78 deletions installer/install_scripts/ansible-installer.sh
Original file line number Diff line number Diff line change
Expand Up @@ -17,14 +17,10 @@ source ./helper.sh
#the original idea and multiple improvements.


#Tested on:
#FIXME

ansible_installer_version="0.3.6"
ansible_installer_version="0.3.7"

#Uncomment one of the following lines to set the default program to download and install
data_needed="rita"
#data_needed="achunter"



Expand Down Expand Up @@ -73,13 +69,13 @@ enable_repositories() {
else
. /etc/os-release
case "$ID/$VERSION_ID" in
alma/8*|rocky/8*)
dnf config-manager --set-enabled powertools
dnf install epel-release
alma/8*|almalinux/8*|rocky/8*)
$SUDO dnf config-manager --set-enabled powertools
$SUDO dnf install -y epel-release
;;
alma/9*|rocky/9*)
dnf config-manager --set-enabled crb
dnf install epel-release
alma/9*|almalinux/9*|rocky/9*)
$SUDO dnf config-manager --set-enabled crb
$SUDO dnf install -y epel-release
;;
centos/7)
yum install epel-release
Expand All @@ -92,6 +88,17 @@ enable_repositories() {
dnf config-manager --set-enabled crb
dnf install epel-release epel-next-release
;;
debian/12|zorin/16)
: #Does not appear that any extra repositories are needed
;;
kali/*)
sudo apt update
sudo apt install software-properties-common || sudo apt install python-software-properties
sudo add-apt-repository --yes --update ppa:ansible/ansible
;;
ol/*) #Oracle linux, which is also the base for security onion 2470
:
;;
rhel/7)
subscription-manager repos --enable rhel-*-optional-rpms --enable rhel-*-extras-rpms --enable rhel-ha-for-rhel-*-server-rpms
yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
Expand All @@ -107,6 +114,9 @@ enable_repositories() {
fedora/*)
: #It does not appear that fedora needs any extra repositories
;;
pop/*)
: #popos does not appear to need any extra repositories
;;
ubuntu/*)
sudo apt update
sudo apt install software-properties-common || sudo apt install python-software-properties
Expand All @@ -125,10 +135,12 @@ patch_system() {

status "Patching system" #================
if [ -x /usr/bin/apt-get -a -x /usr/bin/dpkg-query ]; then
while ! $SUDO sudo add-apt-repository universe ; do
echo "Error subscribing to universe repository, perhaps because a system update is running; will wait 60 seconds and try again." >&2
sleep 60
done
if [ -s /etc/os-release ] && egrep -iq '(^ID=ubuntu|^ID=pop|^ID=Zorin OS)' /etc/os-release ; then #The "universe" repository is only available on Ubuntu (and, in theory, popos and Zorin) Kali DOES NOT have universe
while ! $SUDO add-apt-repository universe ; do
echo "Error subscribing to universe repository, perhaps because a system update is running; will wait 60 seconds and try again." >&2
sleep 60
done
fi
while ! $SUDO apt-get -q -y update >/dev/null ; do
echo "Error updating package metadata, perhaps because a system update is running; will wait 60 seconds and try again." >&2
sleep 60
Expand Down Expand Up @@ -209,21 +221,26 @@ install_tool() {

echo "ansible_installer version $ansible_installer_version" >&2

if [ -n "$1" ]; then
if [ "$1" = "rita" ]; then
data_needed="rita"
elif [ "$1" = "achunter" ]; then
data_needed="achunter"
else
echo "I do not recognize the command line parameter you specified - please put rita or achunter as the first command line parameter to say which program you need installed, followed by the host on which you want rita installed. Exiting."
exit 1
fi
fi
if [ -n "$2" ]; then
install_target="$2"
else
install_target="localhost"
fi
#FIXME We no longer need these choices, remove the following block
#if [ -n "$1" ]; then
# if [ "$1" = "rita" ]; then
# data_needed="rita"
# shift
# elif [ "$1" = "achunter" ]; then
# data_needed="achunter"
# shift
# else
# install_target="$1"
# shift
# fi
#fi
#if [ -n "$1" ]; then
# install_target="$1"
#fi
#
#if [ -z "$install_target" ]; then
# install_target="localhost"
#fi

require_sudo

Expand Down Expand Up @@ -254,7 +271,7 @@ else

status "Installing needed tools" #================
install_tool python3 "python3"
install_tool pip3 "python3-pip"
install_tool pip3 "python3-pip" #Note, oracle linux does not come with pip at all. The "python3-pip-wheel" package does not include pip.
python3 -m pip -V ; retcode="$?"
if [ "$retcode" != 0 ]; then
fail "Unable to run python3's pip, exiting."
Expand Down Expand Up @@ -292,55 +309,9 @@ if ! echo "$PATH" | grep -q '/usr/local/bin' ; then
fi
fi

#ansible-galaxy install community.docker #FIXME Removeme
ansible-galaxy collection install community.docker --force


# if [ "$data_needed" = "rita" ]; then
#This may not be needed with ansible-playbook's "-i" param followed by a comma separated list of hosts that ends in a comma
##FIXME - this won't support a comma separated list of hosts, forcing us to install to one remote target at a time.
#if [ -d "/opt/local/etc/ansible/" ]; then
# ans_hosts="/opt/local/etc/ansible/hosts"
#elif [ -d "/etc/ansible" ]; then
# ans_hosts="/etc/ansible/hosts"
#else
# echo "Unable to locate ansible configuration directory to manage the hosts file, exiting."
# exit 1
#fi
#if ! grep -q '^'"$install_target"'$' "$ans_hosts"
# #There's no entry for this host in the ansible hosts file, we must add it.
# echo "" >>"$ans_hosts"
# echo "#Added by the rita installer" >>"$ans_hosts"
# echo '['"${install_target}-group"']' >>"$ans_hosts"
# echo "$install_target" >>"$ans_hosts"
# echo "" >>"$ans_hosts"
#fi

# status "Installing rita via ansible on $install_target" #================
# if [ "$install_target" = "localhost" -o "$install_target" = "127.0.0.1" -o "$install_target" = "::1" ]; then
# ansible-playbook --connection=local -K -i "127.0.0.1," -e "install_hosts=127.0.0.1," ~/.ansible/playbooks/install_rita.yml
# else
# status "Setting up future ssh connections to $install_target . You may be asked to provide your ssh password to $install_target ." #================
# sshprep "$install_target"
# ansible-playbook -K -i "${install_target}," -e "install_hosts=${install_target}," ~/.ansible/playbooks/install_rita.yml
# fi

# elif [ "$data_needed" = "achunter" ]; then
# echo 'Not implemented yet, exiting.' >&2
# else
# echo 'I do not know what program to install, skipping.' >&2
# fi

# echo "Unless you see warnings above that an install failed, you should have RITA installed." >&2
# echo '!!!!!!!!!!!!You must log out and log back in to make sure your PATH is set correctly!!!!!!!!!!!!' >&2










popd > /dev/null
popd > /dev/null
9 changes: 8 additions & 1 deletion installer/install_scripts/install_rita.sh
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,14 @@ RITA_VERSION="REPLACE_ME"

set -e

install_target="$1"
if [ -n "$1" ]; then
install_target="$1"
else
echo "Please add the name of the system on which you want rita installed as a command line option. If you want to install rita on this computer, use 127.0.0.1 ." >&2
echo "The final command will look like:" >&2
echo "$0 the_computer_name_or_ip_on_which_to_install_rita" >&2
exit 1
fi

# change working directory to directory of this script
pushd "$(dirname "$(readlink -f "${BASH_SOURCE[0]}")")" > /dev/null
Expand Down
47 changes: 35 additions & 12 deletions installer/install_scripts/install_rita.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,16 +33,16 @@
#Known distribution?
- name: "RITA Install: Checking Linux distribution."
ansible.builtin.fail:
msg: "Distribution name: {{ ansible_distribution }} does not appear to be recognized - please contact ACM"
when: ( ansible_distribution != 'AlmaLinux' and ansible_distribution != 'CentOS' and ansible_distribution != 'Fedora' and ansible_distribution != 'OracleLinux' and ansible_distribution != 'Rocky' and ansible_distribution != 'Debian' and ansible_distribution != 'Ubuntu' and ansible_distribution != 'Kali' )
msg: "Distribution name: {{ ansible_distribution }} does not appear to be recognized - please contact ACM"
when: ( ansible_distribution != 'AlmaLinux' and ansible_distribution != 'CentOS' and ansible_distribution != 'Fedora' and ansible_distribution != 'OracleLinux' and ansible_distribution != 'Pop!_OS' and ansible_distribution != 'Rocky' and ansible_distribution != 'Debian' and ansible_distribution != 'Ubuntu' and ansible_distribution != 'Kali' and ansible_distribution != 'Zorin OS' )
# and ansible_distribution != 'RedHat'
tags:
- linux

- name: "RITA Install: Checking Linux distribution version."
ansible.builtin.fail:
msg: "Warning: Linux distribution {{ ansible_distribution }} {{ ansible_distribution_major_version }} may not have been tested - please contact ACM and report whether the install worked or not"
when: ( ( ansible_distribution == 'AlmaLinux' and (ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'CentOS' and (ansible_distribution_major_version != '7' and ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'Fedora' and (ansible_distribution_major_version != '40') ) or ( ansible_distribution == 'OracleLinux' and (ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'Rocky' and (ansible_distribution_major_version != '8') ) or ( ansible_distribution == 'Debian' and (ansible_distribution_major_version != '12') ) or ( ansible_distribution == 'Kali' and (ansible_distribution_major_version != '2024') ) or ( ansible_distribution == 'Ubuntu' and (ansible_distribution_major_version != '20' and ansible_distribution_major_version != '24') ) )
when: ( ( ansible_distribution == 'AlmaLinux' and (ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'CentOS' and (ansible_distribution_major_version != '7' and ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'Fedora' and (ansible_distribution_major_version != '40') ) or ( ansible_distribution == 'OracleLinux' and (ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'Pop!_OS' and (ansible_distribution_major_version != '22') ) or ( ansible_distribution == 'Rocky' and (ansible_distribution_major_version != '8' and ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'Debian' and (ansible_distribution_major_version != '12') ) or ( ansible_distribution == 'Kali' and (ansible_distribution_major_version != '2024') ) or ( ansible_distribution == 'Ubuntu' and (ansible_distribution_major_version != '20' and ansible_distribution_major_version != '22' and ansible_distribution_major_version != '24') ) or ( ansible_distribution == 'Zorin OS' and (ansible_distribution_major_version != '16') ) )
#or ( ansible_distribution != 'RedHat' and (ansible_distribution_major_version == '9') )
ignore_errors: True #We print a warning but do not abort if this is an unknown combination of distribution and major version.
tags:
Expand Down Expand Up @@ -109,7 +109,7 @@
state: latest
update_cache: true
cache_valid_time: 3600
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu' ) #While Kali is based on Debian, it does not include the aptitude package.
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Zorin OS' ) #While Kali is based on Debian, it does not include the aptitude package.
tags:
- packages
- linux
Expand Down Expand Up @@ -194,7 +194,7 @@
- packages
- linux
- linuxdeb
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Ubuntu' )
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Zorin OS' )


- name: "RITA Install: Install packages on Debian and Ubuntu."
Expand All @@ -211,7 +211,7 @@
- packages
- linux
- linuxdeb
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu' )
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Zorin OS' )

- name: "RITA Install: Install packages on Kali."
apt:
Expand Down Expand Up @@ -244,7 +244,7 @@
apt_key:
url: https://download.docker.com/linux/debian/gpg
state: present
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' )
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Zorin OS' )
tags:
- packages
- linux
Expand All @@ -271,6 +271,28 @@
- linux
- linuxdeb

- name: "RITA Install: Add Docker Repository to PopOS."
apt_repository:
repo: deb https://download.docker.com/linux/ubuntu jammy stable
state: present
when: ( ansible_distribution == 'Pop!_OS' and ansible_distribution_major_version == '22' )
#Ubuntu jammy appears to be the right one to use.
tags:
- packages
- linux
- linuxdeb

- name: "RITA Install: Add Docker Repository to Zorin."
apt_repository:
repo: deb https://download.docker.com/linux/ubuntu focal stable
state: present
when: ( ansible_distribution == 'Zorin OS' and ansible_distribution_major_version == '16' )
#Ubuntu focal appears to be the right one to use.
tags:
- packages
- linux
- linuxdeb

- name: "RITA Install: Add Docker repository to Fedora distributions."
yum_repository:
name: docker-ce
Expand Down Expand Up @@ -365,7 +387,7 @@
- docker
- linux
- linuxdeb
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Ubuntu')
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Zorin OS' )


- name: "RITA Install: Install docker on rpm-based distributions."
Expand Down Expand Up @@ -482,8 +504,8 @@
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: root #FIXME - check
group: root #FIXME - check
owner: root
group: root
mode: 0755
loop:
- /etc/rita/
Expand Down Expand Up @@ -585,7 +607,7 @@
stat:
path: /var/run/reboot-required
get_checksum: no
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Ubuntu' )
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Zorin OS' )
tags:
- packages
- linux
Expand All @@ -594,10 +616,11 @@
- name: "RITA Install: Rebooting system if needed."
reboot:
reboot_timeout: 120
when: ( ansible_connection != 'local' and ( ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Ubuntu' ) and ( reboot_required_file.stat.exists ) ) or ( ( ansible_distribution == 'AlmaLinux' or ansible_distribution == 'CentOS' or ansible_distribution == 'Fedora' or ansible_distribution == 'OracleLinux' or ansible_distribution == 'RedHat' or ansible_distribution == 'Rocky' ) and ( reboot_result.rc == 1 ) ) )
when: ( ansible_connection != 'local' and ( ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Zorin OS' ) and ( reboot_required_file.stat.exists ) ) or ( ( ansible_distribution == 'AlmaLinux' or ansible_distribution == 'CentOS' or ansible_distribution == 'Fedora' or ansible_distribution == 'OracleLinux' or ansible_distribution == 'RedHat' or ansible_distribution == 'Rocky' ) and ( reboot_result.rc == 1 ) ) )
register: reboot_status
async: 1
poll: 0
ignore_errors: True #If unable to reboot (as ansible refuses to do if installing to localhost) we leave the error at the end of the output but don't treat it as a failure.
tags:
- packages
- linux
Expand Down

0 comments on commit 235819b

Please sign in to comment.