Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Installer script fixes for unsupported operating systems. #3

Merged
merged 1 commit into from
Jul 15, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
127 changes: 49 additions & 78 deletions installer/install_scripts/ansible-installer.sh
Original file line number Diff line number Diff line change
Expand Up @@ -17,14 +17,10 @@ source ./helper.sh
#the original idea and multiple improvements.


#Tested on:
#FIXME

ansible_installer_version="0.3.6"
ansible_installer_version="0.3.7"

#Uncomment one of the following lines to set the default program to download and install
data_needed="rita"
#data_needed="achunter"



Expand Down Expand Up @@ -73,13 +69,13 @@ enable_repositories() {
else
. /etc/os-release
case "$ID/$VERSION_ID" in
alma/8*|rocky/8*)
dnf config-manager --set-enabled powertools
dnf install epel-release
alma/8*|almalinux/8*|rocky/8*)
$SUDO dnf config-manager --set-enabled powertools
$SUDO dnf install -y epel-release
;;
alma/9*|rocky/9*)
dnf config-manager --set-enabled crb
dnf install epel-release
alma/9*|almalinux/9*|rocky/9*)
$SUDO dnf config-manager --set-enabled crb
$SUDO dnf install -y epel-release
;;
centos/7)
yum install epel-release
Expand All @@ -92,6 +88,17 @@ enable_repositories() {
dnf config-manager --set-enabled crb
dnf install epel-release epel-next-release
;;
debian/12|zorin/16)
: #Does not appear that any extra repositories are needed
;;
kali/*)
sudo apt update
sudo apt install software-properties-common || sudo apt install python-software-properties
sudo add-apt-repository --yes --update ppa:ansible/ansible
;;
ol/*) #Oracle linux, which is also the base for security onion 2470
:
;;
rhel/7)
subscription-manager repos --enable rhel-*-optional-rpms --enable rhel-*-extras-rpms --enable rhel-ha-for-rhel-*-server-rpms
yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
Expand All @@ -107,6 +114,9 @@ enable_repositories() {
fedora/*)
: #It does not appear that fedora needs any extra repositories
;;
pop/*)
: #popos does not appear to need any extra repositories
;;
ubuntu/*)
sudo apt update
sudo apt install software-properties-common || sudo apt install python-software-properties
Expand All @@ -125,10 +135,12 @@ patch_system() {

status "Patching system" #================
if [ -x /usr/bin/apt-get -a -x /usr/bin/dpkg-query ]; then
while ! $SUDO sudo add-apt-repository universe ; do
echo "Error subscribing to universe repository, perhaps because a system update is running; will wait 60 seconds and try again." >&2
sleep 60
done
if [ -s /etc/os-release ] && egrep -iq '(^ID=ubuntu|^ID=pop|^ID=Zorin OS)' /etc/os-release ; then #The "universe" repository is only available on Ubuntu (and, in theory, popos and Zorin) Kali DOES NOT have universe
while ! $SUDO add-apt-repository universe ; do
echo "Error subscribing to universe repository, perhaps because a system update is running; will wait 60 seconds and try again." >&2
sleep 60
done
fi
while ! $SUDO apt-get -q -y update >/dev/null ; do
echo "Error updating package metadata, perhaps because a system update is running; will wait 60 seconds and try again." >&2
sleep 60
Expand Down Expand Up @@ -209,21 +221,26 @@ install_tool() {

echo "ansible_installer version $ansible_installer_version" >&2

if [ -n "$1" ]; then
if [ "$1" = "rita" ]; then
data_needed="rita"
elif [ "$1" = "achunter" ]; then
data_needed="achunter"
else
echo "I do not recognize the command line parameter you specified - please put rita or achunter as the first command line parameter to say which program you need installed, followed by the host on which you want rita installed. Exiting."
exit 1
fi
fi
if [ -n "$2" ]; then
install_target="$2"
else
install_target="localhost"
fi
#FIXME We no longer need these choices, remove the following block
#if [ -n "$1" ]; then
# if [ "$1" = "rita" ]; then
# data_needed="rita"
# shift
# elif [ "$1" = "achunter" ]; then
# data_needed="achunter"
# shift
# else
# install_target="$1"
# shift
# fi
#fi
#if [ -n "$1" ]; then
# install_target="$1"
#fi
#
#if [ -z "$install_target" ]; then
# install_target="localhost"
#fi

require_sudo

Expand Down Expand Up @@ -254,7 +271,7 @@ else

status "Installing needed tools" #================
install_tool python3 "python3"
install_tool pip3 "python3-pip"
install_tool pip3 "python3-pip" #Note, oracle linux does not come with pip at all. The "python3-pip-wheel" package does not include pip.
python3 -m pip -V ; retcode="$?"
if [ "$retcode" != 0 ]; then
fail "Unable to run python3's pip, exiting."
Expand Down Expand Up @@ -292,55 +309,9 @@ if ! echo "$PATH" | grep -q '/usr/local/bin' ; then
fi
fi

#ansible-galaxy install community.docker #FIXME Removeme
ansible-galaxy collection install community.docker --force


# if [ "$data_needed" = "rita" ]; then
#This may not be needed with ansible-playbook's "-i" param followed by a comma separated list of hosts that ends in a comma
##FIXME - this won't support a comma separated list of hosts, forcing us to install to one remote target at a time.
#if [ -d "/opt/local/etc/ansible/" ]; then
# ans_hosts="/opt/local/etc/ansible/hosts"
#elif [ -d "/etc/ansible" ]; then
# ans_hosts="/etc/ansible/hosts"
#else
# echo "Unable to locate ansible configuration directory to manage the hosts file, exiting."
# exit 1
#fi
#if ! grep -q '^'"$install_target"'$' "$ans_hosts"
# #There's no entry for this host in the ansible hosts file, we must add it.
# echo "" >>"$ans_hosts"
# echo "#Added by the rita installer" >>"$ans_hosts"
# echo '['"${install_target}-group"']' >>"$ans_hosts"
# echo "$install_target" >>"$ans_hosts"
# echo "" >>"$ans_hosts"
#fi

# status "Installing rita via ansible on $install_target" #================
# if [ "$install_target" = "localhost" -o "$install_target" = "127.0.0.1" -o "$install_target" = "::1" ]; then
# ansible-playbook --connection=local -K -i "127.0.0.1," -e "install_hosts=127.0.0.1," ~/.ansible/playbooks/install_rita.yml
# else
# status "Setting up future ssh connections to $install_target . You may be asked to provide your ssh password to $install_target ." #================
# sshprep "$install_target"
# ansible-playbook -K -i "${install_target}," -e "install_hosts=${install_target}," ~/.ansible/playbooks/install_rita.yml
# fi

# elif [ "$data_needed" = "achunter" ]; then
# echo 'Not implemented yet, exiting.' >&2
# else
# echo 'I do not know what program to install, skipping.' >&2
# fi

# echo "Unless you see warnings above that an install failed, you should have RITA installed." >&2
# echo '!!!!!!!!!!!!You must log out and log back in to make sure your PATH is set correctly!!!!!!!!!!!!' >&2










popd > /dev/null
popd > /dev/null
9 changes: 8 additions & 1 deletion installer/install_scripts/install_rita.sh
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,14 @@ RITA_VERSION="REPLACE_ME"

set -e

install_target="$1"
if [ -n "$1" ]; then
install_target="$1"
else
echo "Please add the name of the system on which you want rita installed as a command line option. If you want to install rita on this computer, use 127.0.0.1 ." >&2
echo "The final command will look like:" >&2
echo "$0 the_computer_name_or_ip_on_which_to_install_rita" >&2
exit 1
fi

# change working directory to directory of this script
pushd "$(dirname "$(readlink -f "${BASH_SOURCE[0]}")")" > /dev/null
Expand Down
47 changes: 35 additions & 12 deletions installer/install_scripts/install_rita.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,16 +33,16 @@
#Known distribution?
- name: "RITA Install: Checking Linux distribution."
ansible.builtin.fail:
msg: "Distribution name: {{ ansible_distribution }} does not appear to be recognized - please contact ACM"
when: ( ansible_distribution != 'AlmaLinux' and ansible_distribution != 'CentOS' and ansible_distribution != 'Fedora' and ansible_distribution != 'OracleLinux' and ansible_distribution != 'Rocky' and ansible_distribution != 'Debian' and ansible_distribution != 'Ubuntu' and ansible_distribution != 'Kali' )
msg: "Distribution name: {{ ansible_distribution }} does not appear to be recognized - please contact ACM"
when: ( ansible_distribution != 'AlmaLinux' and ansible_distribution != 'CentOS' and ansible_distribution != 'Fedora' and ansible_distribution != 'OracleLinux' and ansible_distribution != 'Pop!_OS' and ansible_distribution != 'Rocky' and ansible_distribution != 'Debian' and ansible_distribution != 'Ubuntu' and ansible_distribution != 'Kali' and ansible_distribution != 'Zorin OS' )
# and ansible_distribution != 'RedHat'
tags:
- linux

- name: "RITA Install: Checking Linux distribution version."
ansible.builtin.fail:
msg: "Warning: Linux distribution {{ ansible_distribution }} {{ ansible_distribution_major_version }} may not have been tested - please contact ACM and report whether the install worked or not"
when: ( ( ansible_distribution == 'AlmaLinux' and (ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'CentOS' and (ansible_distribution_major_version != '7' and ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'Fedora' and (ansible_distribution_major_version != '40') ) or ( ansible_distribution == 'OracleLinux' and (ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'Rocky' and (ansible_distribution_major_version != '8') ) or ( ansible_distribution == 'Debian' and (ansible_distribution_major_version != '12') ) or ( ansible_distribution == 'Kali' and (ansible_distribution_major_version != '2024') ) or ( ansible_distribution == 'Ubuntu' and (ansible_distribution_major_version != '20' and ansible_distribution_major_version != '24') ) )
when: ( ( ansible_distribution == 'AlmaLinux' and (ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'CentOS' and (ansible_distribution_major_version != '7' and ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'Fedora' and (ansible_distribution_major_version != '40') ) or ( ansible_distribution == 'OracleLinux' and (ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'Pop!_OS' and (ansible_distribution_major_version != '22') ) or ( ansible_distribution == 'Rocky' and (ansible_distribution_major_version != '8' and ansible_distribution_major_version != '9') ) or ( ansible_distribution == 'Debian' and (ansible_distribution_major_version != '12') ) or ( ansible_distribution == 'Kali' and (ansible_distribution_major_version != '2024') ) or ( ansible_distribution == 'Ubuntu' and (ansible_distribution_major_version != '20' and ansible_distribution_major_version != '22' and ansible_distribution_major_version != '24') ) or ( ansible_distribution == 'Zorin OS' and (ansible_distribution_major_version != '16') ) )
#or ( ansible_distribution != 'RedHat' and (ansible_distribution_major_version == '9') )
ignore_errors: True #We print a warning but do not abort if this is an unknown combination of distribution and major version.
tags:
Expand Down Expand Up @@ -109,7 +109,7 @@
state: latest
update_cache: true
cache_valid_time: 3600
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu' ) #While Kali is based on Debian, it does not include the aptitude package.
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Zorin OS' ) #While Kali is based on Debian, it does not include the aptitude package.
tags:
- packages
- linux
Expand Down Expand Up @@ -194,7 +194,7 @@
- packages
- linux
- linuxdeb
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Ubuntu' )
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Zorin OS' )


- name: "RITA Install: Install packages on Debian and Ubuntu."
Expand All @@ -211,7 +211,7 @@
- packages
- linux
- linuxdeb
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu' )
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Zorin OS' )

- name: "RITA Install: Install packages on Kali."
apt:
Expand Down Expand Up @@ -244,7 +244,7 @@
apt_key:
url: https://download.docker.com/linux/debian/gpg
state: present
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' )
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Zorin OS' )
tags:
- packages
- linux
Expand All @@ -271,6 +271,28 @@
- linux
- linuxdeb

- name: "RITA Install: Add Docker Repository to PopOS."
apt_repository:
repo: deb https://download.docker.com/linux/ubuntu jammy stable
state: present
when: ( ansible_distribution == 'Pop!_OS' and ansible_distribution_major_version == '22' )
#Ubuntu jammy appears to be the right one to use.
tags:
- packages
- linux
- linuxdeb

- name: "RITA Install: Add Docker Repository to Zorin."
apt_repository:
repo: deb https://download.docker.com/linux/ubuntu focal stable
state: present
when: ( ansible_distribution == 'Zorin OS' and ansible_distribution_major_version == '16' )
#Ubuntu focal appears to be the right one to use.
tags:
- packages
- linux
- linuxdeb

- name: "RITA Install: Add Docker repository to Fedora distributions."
yum_repository:
name: docker-ce
Expand Down Expand Up @@ -365,7 +387,7 @@
- docker
- linux
- linuxdeb
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Ubuntu')
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Zorin OS' )


- name: "RITA Install: Install docker on rpm-based distributions."
Expand Down Expand Up @@ -482,8 +504,8 @@
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: root #FIXME - check
group: root #FIXME - check
owner: root
group: root
mode: 0755
loop:
- /etc/rita/
Expand Down Expand Up @@ -585,7 +607,7 @@
stat:
path: /var/run/reboot-required
get_checksum: no
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Ubuntu' )
when: ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Zorin OS' )
tags:
- packages
- linux
Expand All @@ -594,10 +616,11 @@
- name: "RITA Install: Rebooting system if needed."
reboot:
reboot_timeout: 120
when: ( ansible_connection != 'local' and ( ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Ubuntu' ) and ( reboot_required_file.stat.exists ) ) or ( ( ansible_distribution == 'AlmaLinux' or ansible_distribution == 'CentOS' or ansible_distribution == 'Fedora' or ansible_distribution == 'OracleLinux' or ansible_distribution == 'RedHat' or ansible_distribution == 'Rocky' ) and ( reboot_result.rc == 1 ) ) )
when: ( ansible_connection != 'local' and ( ( ansible_distribution == 'Debian' or ansible_distribution == 'Kali' or ansible_distribution == 'Pop!_OS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Zorin OS' ) and ( reboot_required_file.stat.exists ) ) or ( ( ansible_distribution == 'AlmaLinux' or ansible_distribution == 'CentOS' or ansible_distribution == 'Fedora' or ansible_distribution == 'OracleLinux' or ansible_distribution == 'RedHat' or ansible_distribution == 'Rocky' ) and ( reboot_result.rc == 1 ) ) )
register: reboot_status
async: 1
poll: 0
ignore_errors: True #If unable to reboot (as ansible refuses to do if installing to localhost) we leave the error at the end of the output but don't treat it as a failure.
tags:
- packages
- linux
Expand Down