forked from DefectDojo/godojo
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathubuntu.go
277 lines (259 loc) · 8.76 KB
/
ubuntu.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
package main
import (
"bufio"
"fmt"
"os"
"strings"
"github.com/mtesauro/godojo/config"
)
// Commands to bootstrap Ubuntu for the installer
func ubuntuInitOSInst(id string, b *osCmds) {
switch id {
case "ubuntu:18.04":
b.id = "ubuntu:18.04"
b.cmds = []string{
fmt.Sprintf("curl -sS %s | apt-key add -", YarnGPG),
fmt.Sprintf("echo -n %s > /etc/apt/sources.list.d/yarn.list", YarnRepo),
"DEBIAN_FRONTEND=noninteractive apt-get update",
"DEBIAN_FRONTEND=noninteractive apt-get install -y apt-transport-https libjpeg-dev gcc libssl-dev python3-dev python3-pip python3-virtualenv nodejs yarn build-essential expect",
}
b.errmsg = []string{
"Unable to obtain the gpg key for Yarn",
"Unable to add yard repo as an apt source",
"Unable to update apt database",
"Installing OS packages with apt failed",
}
b.hard = []bool{
true,
true,
true,
true,
}
// Currently, only Ubuntu 18.04 is supported
}
return
}
// Commands to install SQLite on Ubuntu
func ubuntuInstSQLite(id string, b *osCmds) {
switch id {
case "ubuntu:18.04":
b.id = id
b.cmds = []string{
"DEBIAN_FRONTEND=noninteractive apt-get install -y sqlite3",
}
b.errmsg = []string{
"Unable to install SQLite",
}
b.hard = []bool{
true,
}
}
return
}
// Commands to install MariaDB on Ubuntu
func ubuntuInstMariaDB(id string, b *osCmds) {
switch id {
case "ubuntu:18.04":
b.id = id
b.cmds = []string{
"DEBIAN_FRONTEND=noninteractive apt-get install -y mariadb-server libmariadbclient-dev",
}
b.errmsg = []string{
"Unable to install MariaDB",
}
b.hard = []bool{
true,
}
}
return
}
// Commands to install MySQL on Ubuntu
func ubuntuInstMySQL(id string, b *osCmds) {
switch id {
case "ubuntu:18.04":
b.id = id
b.cmds = []string{
"DEBIAN_FRONTEND=noninteractive apt-get install -y mysql-server libmysqlclient-dev",
}
b.errmsg = []string{
"Unable to install MySQL",
}
b.hard = []bool{
true,
}
}
return
}
// Commands to install PostgreSQL on Ubuntu
func ubuntuInstPostgreSQL(id string, b *osCmds) {
switch id {
case "ubuntu:18.04":
b.id = id
b.cmds = []string{
"DEBIAN_FRONTEND=noninteractive apt-get install -y libpq-dev postgresql postgresql-contrib",
}
b.errmsg = []string{
"Unable to install PostgreSQL",
}
b.hard = []bool{
true,
}
}
return
}
// Determine the default creds for a database freshly installed in Ubuntu
func ubuntuDefaultDBCreds(db string, creds map[string]string) {
// Installer currently assumes the default DB passwrod handling won't change by release
// Switch on the DB type
switch db {
case "MySQL":
ubuntuDefaultMySQL(creds)
}
return
}
func ubuntuDefaultMySQL(c map[string]string) {
// Sent some intial values that ensure the connection will fail if the file read fails
c["user"] = "debian-sys-maint"
c["pass"] = "FAIL"
// Pull the debian-sys-maint creds from /etc/mysql/debian.cnf
f, err := os.Open("/etc/mysql/debian.cnf")
if err != nil {
// Exit with error code if we can't read the default creds file
errorMsg("Unable to read file with defautl credentials, cannot continue")
os.Exit(1)
}
// Create a new buffered reader
fr := bufio.NewReader(f)
// Create a scanner to run through the lines of the file
scanner := bufio.NewScanner(fr)
for scanner.Scan() {
line := scanner.Text()
if strings.Contains(line, "password") {
l := strings.Split(line, "=")
// Make sure there was a "=" in l
if len(l) > 1 {
c["pass"] = strings.Trim(l[1], " ")
break
}
}
}
if err = scanner.Err(); err != nil {
// Exit with error code if we can't scan the default creds file
errorMsg("Unable to scan file with defautl credentials, cannot continue")
os.Exit(1)
}
}
func ubuntuOSPrep(id string, inst *config.InstallConfig, b *osCmds) {
// Setup virutalenv, setup OS User, and chown DefectDojo app root to the dojo user
switch id {
case "ubuntu:18.04":
b.id = id
b.cmds = []string{
"python3 -m virtualenv --python=/usr/bin/python3 " + inst.Root,
inst.Root + "/bin/pip3 install -r " + inst.Root + "/django-DefectDojo/requirements.txt",
"mkdir " + inst.Root + "/logs",
"groupadd " + inst.OS.Group,
"useradd -s /bin/bash -m -g " + inst.OS.Group + " " + inst.OS.User,
"chown -R " + inst.OS.User + "." + inst.OS.Group + " " + inst.Root,
}
b.errmsg = []string{
"Unable to setup virtualenv for DefectDojo",
"Unable to install Python3 modules for DefectDojo",
"Unable to create a directory for logs",
"Unable to create a group for DefectDojo OS user",
"Unable to create an OS user for DefectDojo",
"Unable to change ownership of the DefectDojo app root directory",
}
b.hard = []bool{
true,
true,
true,
true,
true,
true,
}
}
return
}
func ubuntuSetupDDjango(id string, inst *config.InstallConfig, b *osCmds) {
// Django installs - migrations, create Django superuser
switch id {
case "ubuntu:18.04":
b.id = id
b.cmds = []string{
"cd " + inst.Root + "/django-DefectDojo && source ../bin/activate && python3 manage.py makemigrations --merge --noinput",
"cd " + inst.Root + "/django-DefectDojo && source ../bin/activate && python3 manage.py makemigrations dojo",
"cd " + inst.Root + "/django-DefectDojo && source ../bin/activate && python3 manage.py migrate",
"cd " + inst.Root + "/django-DefectDojo && source ../bin/activate && python3 manage.py createsuperuser --noinput --username=\"" +
inst.Admin.User + "\" --email=\"" + inst.Admin.Email + "\"",
"cd " + inst.Root + "/django-DefectDojo && source ../bin/activate && " +
inst.Root + "/django-DefectDojo/setup/scripts/common/setup-superuser.expect " + inst.Admin.User + " " + inst.Admin.Pass,
"cd " + inst.Root + "/django-DefectDojo && source ../bin/activate && python3 manage.py loaddata product_type",
"cd " + inst.Root + "/django-DefectDojo && source ../bin/activate && python3 manage.py loaddata test_type",
"cd " + inst.Root + "/django-DefectDojo && source ../bin/activate && python3 manage.py loaddata development_environment",
"cd " + inst.Root + "/django-DefectDojo && source ../bin/activate && python3 manage.py loaddata system_settings",
"cd " + inst.Root + "/django-DefectDojo && source ../bin/activate && python3 manage.py loaddata benchmark_type",
"cd " + inst.Root + "/django-DefectDojo && source ../bin/activate && python3 manage.py loaddata benchmark_category",
"cd " + inst.Root + "/django-DefectDojo && source ../bin/activate && python3 manage.py loaddata benchmark_requirement",
"cd " + inst.Root + "/django-DefectDojo && source ../bin/activate && python3 manage.py loaddata language_type",
"cd " + inst.Root + "/django-DefectDojo && source ../bin/activate && python3 manage.py loaddata objects_review",
"cd " + inst.Root + "/django-DefectDojo && source ../bin/activate && python3 manage.py loaddata regulation",
//"cd " + inst.Root + "/django-DefectDojo && source ../bin/activate && python3 manage.py import_surveys",
//"cd " + inst.Root + "/django-DefectDojo && source ../bin/activate && python3 manage.py loaddata initial_surveys",
"cd " + inst.Root + "/django-DefectDojo && source ../bin/activate && python3 manage.py buildwatson",
"cd " + inst.Root + "/django-DefectDojo && source ../bin/activate && python3 manage.py installwatson",
"cd " + inst.Root + "/django-DefectDojo/components && yarn",
"cd " + inst.Root + "/django-DefectDojo/ && source ../bin/activate && python3 manage.py collectstatic --noinput",
"chown -R " + inst.OS.User + "." + inst.OS.Group + " " + inst.Root,
}
b.errmsg = []string{
"Initial makemgrations failed",
"Failed during makemgration dojo",
"Failed during database migrate",
"Failed while creating DefectDojo superuser",
"Failed while setting the password for the DefectDojo superuser",
"Failed while the loading data for product_type",
"Failed while the loading data for test_type",
"Failed while the loading data for development_environment",
"Failed while the loading data for system_settings",
"Failed while the loading data for benchmark_type",
"Failed while the loading data for benchmark_category",
"Failed while the loading data for benchmark_requirement",
"Failed while the loading data for language_type",
"Failed while the loading data for objects_review",
"Failed while the loading data for regulation",
//"Failed while the running import_surveys",
//"Failed while the loading data for initial_surveys",
"Failed while the running buildwatson",
"Failed while the running installwatson",
"Failed while the running yarn",
"Failed while the running collectstatic",
"Unable to change ownership of the DefectDojo directory",
}
b.hard = []bool{
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
//true,
//true,
true,
true,
true,
true,
true,
}
}
return
}