Fix lint errors, update packer files
This commit is contained in:
Chris Long
1
.github/workflows/linter.yml
vendored
1
.github/workflows/linter.yml
vendored
@@ -43,3 +43,4 @@ jobs:
|
||||
uses: docker://github/super-linter:v2.1.1
|
||||
env:
|
||||
VALIDATE_ALL_CODEBASE: true
|
||||
VALIDATE_MARKDOWN: false
|
||||
|
||||
3
.gitignore
vendored
3
.gitignore
vendored
@@ -8,5 +8,4 @@ Boxes/*
|
||||
*.tfstate
|
||||
*.tfstate.*
|
||||
*.tfvars
|
||||
Azure/Ansible/inventory.yml
|
||||
Azure/Ansible/inventory.yml.bak
|
||||
inventory.yml
|
||||
|
||||
@@ -6,18 +6,18 @@ esac
|
||||
|
||||
# Whiteout root
|
||||
count=$(df --sync -kP / | tail -n1 | awk -F ' ' '{print $4}')
|
||||
count=$(($count-1))
|
||||
count=$((count-1))
|
||||
dd if=/dev/zero of=/tmp/whitespace bs=1M count=$count || echo "dd exit code $? is suppressed";
|
||||
rm /tmp/whitespace
|
||||
|
||||
# Whiteout /boot
|
||||
count=$(df --sync -kP /boot | tail -n1 | awk -F ' ' '{print $4}')
|
||||
count=$(($count-1))
|
||||
count=$((count-1))
|
||||
dd if=/dev/zero of=/boot/whitespace bs=1M count=$count || echo "dd exit code $? is suppressed";
|
||||
rm /boot/whitespace
|
||||
|
||||
set +e
|
||||
swapuuid="`/sbin/blkid -o value -l -s UUID -t TYPE=swap`";
|
||||
swapuuid="$(/sbin/blkid -o value -l -s UUID -t TYPE=swap)";
|
||||
case "$?" in
|
||||
2|0) ;;
|
||||
*) exit 1 ;;
|
||||
@@ -27,7 +27,7 @@ set -e
|
||||
if [ "x${swapuuid}" != "x" ]; then
|
||||
# Whiteout the swap partition to reduce box size
|
||||
# Swap is disabled till reboot
|
||||
swappart="`readlink -f /dev/disk/by-uuid/$swapuuid`";
|
||||
swappart="$(readlink -f /dev/disk/by-uuid/"$swapuuid")";
|
||||
/sbin/swapoff "$swappart";
|
||||
dd if=/dev/zero of="$swappart" bs=1M || echo "dd exit code $? is suppressed";
|
||||
/sbin/mkswap -U "$swapuuid" "$swappart";
|
||||
|
||||
@@ -3,6 +3,7 @@
|
||||
SSHD_CONFIG="/etc/ssh/sshd_config"
|
||||
|
||||
# ensure that there is a trailing newline before attempting to concatenate
|
||||
# shellcheck disable=SC1003
|
||||
sed -i -e '$a\' "$SSHD_CONFIG"
|
||||
|
||||
USEDNS="UseDNS no"
|
||||
|
||||
@@ -12,15 +12,15 @@ vmware-iso|vmware-vmx)
|
||||
|
||||
mkdir -p /tmp/vmware;
|
||||
mkdir -p /tmp/vmware-archive;
|
||||
mount -o loop $HOME_DIR/linux.iso /tmp/vmware;
|
||||
mount -o loop "$HOME_DIR"/linux.iso /tmp/vmware;
|
||||
|
||||
TOOLS_PATH="`ls /tmp/vmware/VMwareTools-*.tar.gz`";
|
||||
VER="`echo "${TOOLS_PATH}" | cut -f2 -d'-'`";
|
||||
MAJ_VER="`echo ${VER} | cut -d '.' -f 1`";
|
||||
TOOLS_PATH="$(ls /tmp/vmware/VMwareTools-*.tar.gz)";
|
||||
VER="$(echo "${TOOLS_PATH}" | cut -f2 -d'-')";
|
||||
MAJ_VER="$(echo "${VER}" | cut -d '.' -f 1)";
|
||||
|
||||
echo "VMware Tools Version: $VER";
|
||||
|
||||
tar xzf ${TOOLS_PATH} -C /tmp/vmware-archive;
|
||||
tar xzf "${TOOLS_PATH}" -C /tmp/vmware-archive;
|
||||
if [ "${MAJ_VER}" -lt "10" ]; then
|
||||
/tmp/vmware-archive/vmware-tools-distrib/vmware-install.pl --default;
|
||||
else
|
||||
@@ -29,6 +29,6 @@ vmware-iso|vmware-vmx)
|
||||
umount /tmp/vmware;
|
||||
rm -rf /tmp/vmware;
|
||||
rm -rf /tmp/vmware-archive;
|
||||
rm -f $HOME_DIR/*.iso;
|
||||
rm -f "$HOME_DIR"/*.iso;
|
||||
;;
|
||||
esac
|
||||
|
||||
@@ -12,7 +12,7 @@ dpkg --list \
|
||||
dpkg --list \
|
||||
| awk '{ print $2 }' \
|
||||
| grep 'linux-image-.*-generic' \
|
||||
| grep -v `uname -r` \
|
||||
| grep -v "$(uname -r)" \
|
||||
| xargs apt-get -y purge;
|
||||
|
||||
# Delete Linux source
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
#!/bin/sh -eux
|
||||
|
||||
ubuntu_version="`lsb_release -r | awk '{print $2}'`";
|
||||
major_version="`echo $ubuntu_version | awk -F. '{print $1}'`";
|
||||
ubuntu_version="$(lsb_release -r | awk '{print $2}')";
|
||||
major_version="$(echo "$ubuntu_version" | awk -F. '{print $1}')";
|
||||
|
||||
if [ "$major_version" -ge "18" ]; then
|
||||
echo "Create netplan config for eth0"
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
#!/bin/sh -eux
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
ubuntu_version="`lsb_release -r | awk '{print $2}'`";
|
||||
major_version="`echo $ubuntu_version | awk -F. '{print $1}'`";
|
||||
ubuntu_version="$(lsb_release -r | awk '{print $2}')";
|
||||
major_version="$(echo "$ubuntu_version" | awk -F. '{print $1}')";
|
||||
|
||||
# Disable release-upgrades
|
||||
sed -i.bak 's/^Prompt=.*$/Prompt=never/' /etc/update-manager/release-upgrades;
|
||||
|
||||
@@ -1,14 +1,14 @@
|
||||
#!/bin/bash -eux
|
||||
|
||||
pubkey_url="https://raw.githubusercontent.com/mitchellh/vagrant/master/keys/vagrant.pub";
|
||||
mkdir -p $HOME_DIR/.ssh;
|
||||
mkdir -p "$HOME_DIR"/.ssh;
|
||||
if command -v wget >/dev/null 2>&1; then
|
||||
wget --no-check-certificate "$pubkey_url" -O $HOME_DIR/.ssh/authorized_keys;
|
||||
wget --no-check-certificate "$pubkey_url" -O "$HOME_DIR"/.ssh/authorized_keys;
|
||||
elif command -v curl >/dev/null 2>&1; then
|
||||
curl --insecure --location "$pubkey_url" > $HOME_DIR/.ssh/authorized_keys;
|
||||
curl --insecure --location "$pubkey_url" > "$HOME_DIR"/.ssh/authorized_keys;
|
||||
else
|
||||
echo "Cannot download vagrant public key";
|
||||
exit 1;
|
||||
fi
|
||||
chown -R vagrant $HOME_DIR/.ssh;
|
||||
chmod -R go-rwsx $HOME_DIR/.ssh;
|
||||
chown -R vagrant "$HOME_DIR"/.ssh;
|
||||
chmod -R go-rwsx "$HOME_DIR"/.ssh;
|
||||
|
||||
@@ -92,8 +92,7 @@
|
||||
"esxi_host": "",
|
||||
"esxi_username": "",
|
||||
"esxi_password": "",
|
||||
"iso_checksum": "ab4862ba7d1644c27f27516d24cb21e6b39234eb3301e5f1fb365a78b22f79b3",
|
||||
"iso_checksum_type": "sha256",
|
||||
"iso_checksum": "sha256:ab4862ba7d1644c27f27516d24cb21e6b39234eb3301e5f1fb365a78b22f79b3",
|
||||
"iso_url": "https://software-download.microsoft.com/download/pr/18362.30.190401-1528.19h1_release_svc_refresh_CLIENTENTERPRISEEVAL_OEMRET_x64FRE_en-us.iso",
|
||||
"autounattend": "../../Packer/answer_files/10/Autounattend.xml",
|
||||
"disk_size": "61440"
|
||||
|
||||
@@ -80,8 +80,7 @@
|
||||
"esxi_username": "",
|
||||
"esxi_password": "",
|
||||
"iso_url": "https://software-download.microsoft.com/download/pr/Windows_Server_2016_Datacenter_EVAL_en-us_14393_refresh.ISO",
|
||||
"iso_checksum_type": "md5",
|
||||
"iso_checksum": "70721288BBCDFE3239D8F8C0FAE55F1F",
|
||||
"iso_checksum": "md5:70721288BBCDFE3239D8F8C0FAE55F1F",
|
||||
"autounattend": "../../Packer/answer_files/2016/Autounattend.xml"
|
||||
}
|
||||
}
|
||||
|
||||
@@ -188,8 +188,7 @@
|
||||
}
|
||||
],
|
||||
"variables": {
|
||||
"iso_checksum": "9ef81b6a101afd57b2dbfa44d5c8f7bc94ff45b51b82c5a1f9267ce2e63e9f53",
|
||||
"iso_checksum_type": "sha256",
|
||||
"iso_checksum": "sha256:9ef81b6a101afd57b2dbfa44d5c8f7bc94ff45b51b82c5a1f9267ce2e63e9f53",
|
||||
"iso_url": "https://software-download.microsoft.com/download/pr/18363.418.191007-0143.19h2_release_svc_refresh_CLIENTENTERPRISEEVAL_OEMRET_x64FRE_en-us.iso",
|
||||
"autounattend": "./answer_files/10/Autounattend.xml",
|
||||
"disk_size": "61440",
|
||||
|
||||
@@ -173,8 +173,7 @@
|
||||
],
|
||||
"variables": {
|
||||
"iso_url": "https://software-download.microsoft.com/download/pr/Windows_Server_2016_Datacenter_EVAL_en-us_14393_refresh.ISO",
|
||||
"iso_checksum_type": "md5",
|
||||
"iso_checksum": "70721288BBCDFE3239D8F8C0FAE55F1F",
|
||||
"iso_checksum": "md5:70721288BBCDFE3239D8F8C0FAE55F1F",
|
||||
"disk_size": "61440",
|
||||
"autounattend": "./answer_files/2016/Autounattend.xml",
|
||||
"virtio_win_iso": "./virtio-win.iso",
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
|
||||
# Detection Lab
|
||||
|
||||
|
||||
DetectionLab is tested weekly on Saturdays via a scheduled CircleCI workflow to ensure that builds are passing.
|
||||
|
||||
[](https://circleci.com/gh/clong/DetectionLab/tree/master)
|
||||
@@ -37,15 +38,15 @@ NOTE: This lab has not been hardened in any way and runs with default vagrant cr
|
||||
## Requirements for VMware or Virtualbox
|
||||
* 55GB+ of free disk space
|
||||
* 16GB+ of RAM
|
||||
* Packer 1.3.2 or newer
|
||||
* Vagrant 2.2.7 or newer
|
||||
* Packer 1.6.0 or newer
|
||||
* Vagrant 2.2.9 or newer
|
||||
* Virtualbox or VMWare Fusion/Workstation
|
||||
|
||||
---
|
||||
|
||||
## Building Detection Lab
|
||||
|
||||
Please view the quickstart guides based on the operating system you are using. The AWS/Terraform DetectionLab can be launched from any operating system.
|
||||
Please view the quickstart guides based on the operating system you are using. The AWS and Azure deployment options for DetectionLab can be launched from any operating system.
|
||||
|
||||
* [AWS via Terraform](https://github.com/clong/DetectionLab/wiki/Quickstart---AWS-(Terraform))
|
||||
* [Azure via Terraform & Ansible](https://github.com/clong/DetectionLab/tree/master/Azure)
|
||||
|
||||
@@ -10,7 +10,7 @@ sed -i 's/nameserver 127.0.0.53/nameserver 8.8.8.8/g' /etc/resolv.conf && chattr
|
||||
# Get a free Maxmind license here: https://www.maxmind.com/en/geolite2/signup
|
||||
# Required for the ASNgen app to work: https://splunkbase.splunk.com/app/3531/
|
||||
export MAXMIND_LICENSE=
|
||||
if [ -z "$MAXMIND_LICENSE" ]; then
|
||||
if [ -n "$MAXMIND_LICENSE" ]; then
|
||||
echo "Note: You have not entered a MaxMind license key on line 5 of bootstrap.sh, so the ASNgen Splunk app may not work correctly."
|
||||
echo "However, it is not required and everything else should function correctly."
|
||||
fi
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
Reference in New Issue
Block a user