-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathgraylog_build.py
executable file
·214 lines (157 loc) · 9.56 KB
/
graylog_build.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
#!/usr/bin/env python3
import codecs
import hashlib
import sys
import os
import subprocess
import shutil
import socket
####################################################################################################################################################
# Variables!
graylogRepoUrl = "https://packages.graylog2.org/repo/packages/graylog-3.2-repository_latest.deb"
graylogArchiveName = "graylog-3.2-repository_latest.deb"
####################################################################################################################################################
####################################################################################################################################################
# Quick and dirty way to get the IP address of the host
def getIpAddress():
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.connect(("8.8.8.8", 80))
return s.getsockname()[0]
####################################################################################################################################################
def configureDB(myIP):
print ("### Configuring your Graylog Database Server now")
# make a copy before any changes
shutil.copyfile('/etc/elasticsearch/elasticsearch.yml','/etc/elasticsearch/orig.elasticsearch.yml')
# Read in the file
with open('/etc/elasticsearch/elasticsearch.yml', 'r', encoding='utf-8', errors='ignore') as file:
filedata = file.read()
# Replace the target string
filedata = filedata.replace('#cluster.name: my-application','cluster.name: graylog')
# Replace the target string
myNetworkHost = getIpAddress()
myNetworkHostInsert = 'network.host: {0}'.format(myNetworkHost)
filedata = filedata.replace('#network.host: 192.168.0.1', myNetworkHostInsert)
filedata = filedata.encode('ascii',errors='ignore')
filedata = filedata.decode('ascii')
with open('/etc/elasticsearch/elasticsearch.yml', 'w') as file:
file.write(str(filedata))
print ('### Configuring system memory')
subprocess.call('sysctl -w vm.max_map_count=262144',shell=True)
subprocess.call('echo "vm.max_map_count=262144" >> /etc/sysctl.conf',shell=True)
print ('### Setting up Elasticsearch to start on boot')
subprocess.call('systemctl daemon-reload',shell=True)
subprocess.call('systemctl enable elasticsearch.service',shell=True)
subprocess.call('systemctl restart elasticsearch.service',shell=True)
####################################################################################################################################################
def installDB(myIP):
print ("### Setting up Database Server. Application server is {0}. If this is incorrect, hit CTRL+C now. Otherwise, hit ENTER".format(myIP))
input()
aptGetUpdate = subprocess.call('apt-get update', shell=True)
if aptGetUpdate !=0:
sys.exit("### apt-get update failed! Check out the errors above!")
aptGetInstallPackages = subprocess.call('apt-get install apt-transport-https openjdk-8-jre-headless uuid-runtime -y', shell=True)
if aptGetInstallPackages !=0:
sys.exit("### apt-get install packages failed! Check out the errors above!")
print ("### Setting up Elasticsearch...")
# Elasticsearch 6 Install
subprocess.call('wget -q https://artifacts.elastic.co/GPG-KEY-elasticsearch -O myKey',shell=True)
subprocess.call('apt-key add myKey',shell=True)
subprocess.call('echo "deb https://artifacts.elastic.co/packages/oss-6.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-6.x.list',shell=True)
subprocess.call('apt-get update && sudo apt-get install elasticsearch-oss',shell=True)
subprocess.call('systemctl daemon-reload',shell=True)
subprocess.call('systemctl enable elasticsearch.service',shell=True)
configureDB(myIP)
####################################################################################################################################################
def configureApp(myIP,myPass):
print ("### Configuring your Graylog Application Server now")
# make a copy before any changes
shutil.copyfile('/etc/graylog/server/server.conf','/etc/graylog/server/orig.server.conf')
# Read in the file
with open('/etc/graylog/server/server.conf', 'r', encoding='utf-8', errors='ignore') as file:
filedata = file.read()
# Replace the target string
myPasswordSecret = subprocess.check_output(['/usr/bin/pwgen', '-N', '1', '-s', '96']).decode("utf-8")
myPasswordSecretInsert = 'password_secret = {0}'.format(myPasswordSecret)
filedata = filedata.replace('password_secret =', myPasswordSecretInsert)
# Replace the target string
myRootPasswordSha2 = hashlib.sha256(str(myPass).encode('utf-8')).hexdigest()
myRootPasswordSha2Insert = 'root_password_sha2 = {0}'.format(myRootPasswordSha2)
filedata = filedata.replace('root_password_sha2 =', myRootPasswordSha2Insert)
# Replace the target string
myHttpBindAddress = getIpAddress()
myHttpBindAddressInsert = 'http_bind_address = {0}:9000'.format(myHttpBindAddress)
filedata = filedata.replace('#http_bind_address = 127.0.0.1:9000', myHttpBindAddressInsert)
# Replace the target string
filedata = filedata.replace('elasticsearch_shards = 4','elasticsearch_shards = 1')
# Replace the target string
myElasticsearchServer = myIP
myElasticsearchServerInsert = 'elasticsearch_hosts = http://{0}:9200'.format(myElasticsearchServer)
filedata = filedata.replace('#elasticsearch_hosts = http://node1:9200,http://user:password@node2:19200', myElasticsearchServerInsert)
filedata = filedata.encode('ascii',errors='ignore')
filedata = filedata.decode('ascii')
with open('/etc/graylog/server/server.conf', 'w') as file:
file.write(str(filedata))
print ('### Setting up Graylog-Server to start on boot')
subprocess.call('systemctl enable graylog-server',shell=True)
####################################################################################################################################################
def installApp(myIP,myPass):
print ("### Setting up Application Server. Database server is {0}. If this is incorrect, hit CTRL+C now. Otherwise, hit ENTER".format(myIP))
input()
# OK
aptAddUniverseRepoResult = subprocess.call('add-apt-repository universe -y', shell=True)
if aptAddUniverseRepoResult !=0:
sys.exit("### Install failed! Check out the errors above!")
# OK
aptGetUpdateResult = subprocess.call('apt-get update', shell=True)
if aptGetUpdateResult !=0:
sys.exit("### Install failed! Check out the errors above!")
aptGetPrerequisites = subprocess.call('apt-get install apt-transport-https openjdk-8-jre-headless uuid-runtime pwgen -y', shell=True)
if aptGetUpdateResult !=0:
sys.exit("### Install failed! Check out the errors above!")
repoWgetDownloadBuild = "wget {0} -O /tmp/{1}".format(graylogRepoUrl,graylogArchiveName)
repoWgetDownload = subprocess.call( repoWgetDownloadBuild, shell=True)
if repoWgetDownload !=0:
sys.exit("### Download failed! Check out the errors above!")
dpkgInstallBuild = "dpkg -i /tmp/{0}".format(graylogArchiveName)
dpkgInstall = subprocess.call(dpkgInstallBuild, shell=True)
if dpkgInstall !=0:
sys.exit("### Graylog package install failed! Check out the errors above!")
###
# MongoDB 4.0 Install and setup
print ("### Setting up MongoDB...")
subprocess.call('apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 9DA31620334BD75D9DCB49F368818C72E52529D4', shell=True)
subprocess.call('echo "deb [ arch=amd64 ] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.0 multiverse" | tee /etc/apt/sources.list.d/mongodb-org-4.0.list',shell=True)
subprocess.call('apt-get update', shell=True)
subprocess.call('apt-get install -y mongodb-org', shell=True)
subprocess.call('systemctl daemon-reload', shell=True)
subprocess.call('systemctl enable mongod.service', shell=True)
subprocess.call('systemctl restart mongod.service', shell=True)
print ("### MongoDB setup complete!")
###
aptGetInstallRequirements = subprocess.call('apt-get install openjdk-8-jre-headless pwgen -y', shell=True)
if aptGetInstallRequirements !=0:
sys.exit("### install requirements failed! Check out the errors above!")
aptInstallGraylog = subprocess.call('apt-get install graylog-server -y', shell=True)
if aptInstallGraylog !=0:
sys.exit("### install of Graylog failed! Check out the errors above!")
configureApp(myIP,myPass)
####################################################################################################################################################
###
# Argument check
###
if (len(sys.argv) < 3):
print ("### ./graylog_build (app|db) <remote.ip> <password>")
print ("### app: You wish to install Graylog application server and MongoDB on the local system")
print ("### db: You wish to install Elasticsearch on the local system")
print ("### <remote.ip>: IP address of the other device to connect with (database or application)")
print ("### <password>: will set the default admin password to the <password> you enter here (application only)")
sys.exit()
if not os.geteuid() == 0:
sys.exit('Sorry. Script must be run as root')
if sys.argv[1] == "app":
myIP = sys.argv[2]
myPass = sys.argv[3]
installApp(myIP, myPass)
if sys.argv[1] == "db":
myIP = sys.argv[2]
installDB(myIP)