Skip to content

Commit

Permalink
fix rclone installation on almalinux
Browse files Browse the repository at this point in the history
  • Loading branch information
@josephgodwinkimani
josephgodwinkimani committed Jan 8, 2025
1 parent afe6f15 commit 24d7d85
Show file tree
Hide file tree
Showing 2 changed files with 145 additions and 135 deletions.
15 changes: 6 additions & 9 deletions CONTRIBUTING.md
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,11 @@
Branches

1.Stable-> Stable branch
2.vX.X.X-> vX.X.X Stable branch
3.vX.X.X-dev-> v.X.X.X Dev branch
1.Main-> Main branch
2.vX.X.X-> vX.X.X branch
3.develop-> Dev branch

Development Lifecycle

vX.X.X-dev will be default(master) branch. All contributors must push to latest vX.X.X-dev branch. Once development
is complete(believed to be stable) new vX.X.X Stable branch will be created from Dev branch. Then vX.X.X Stable will
be merged into Stable branch. After that a new vX.X.X-dev branch will be created and it will be default(master)
branch. Old dev branch will be deleted at this stage(to save space) and no development will happen on old stable or
dev(if not deleted) branch. All development will only take place in latest dev branch. You must not create pull
request for any other branches other than latest dev branch.
1. Contributors commit changes to the develop branch.
2. Pull requests (PRs) are made from develop to vX.X.X branch for stabilization.
3. If the changes in vX.X.X branch are deemed stable, they are then merged into the main branch.
265 changes: 139 additions & 126 deletions install/install.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -127,6 +127,7 @@ class preFlightsChecks:
cyberPanelMirror = "mirror.cyberpanel.net/pip"
cdn = 'cyberpanel.sh'
SnappyVersion = '2.38.2'
RCloneVersion = '1.68.2'

def __init__(self, rootPath, ip, path, cwd, cyberPanelPath, distro, remotemysql=None, mysqlhost=None, mysqldb=None,
mysqluser=None, mysqlpassword=None, mysqlport=None):
Expand Down Expand Up @@ -960,21 +961,21 @@ def download_and_install_rclone(self):
if os.path.exists("/usr/bin/rclone"):
return 0

if self.distro == centos: # Install centos7 and clone distros
command = "wget https://downloads.rclone.org/v1.68.2/rclone-v1.60.1-linux-amd64.rpm"
if self.distro == ubuntu: # Install ubuntu
command = 'wget https://downloads.rclone.org/v%s/rclone-v%s-linux-amd64.deb' % (preFlightsChecks.RCloneVersion, preFlightsChecks.RCloneVersion)
preFlightsChecks.call(
command, self.distro, command, command, 1, 0, os.EX_OSERR
)
command = "yum localinstall rclone-v1.68.2-linux-amd64.rpm -y"
command = "DEBIAN_FRONTEND=noninteractive apt-get -y install ./rclone-v%s-linux-amd64.deb" % (preFlightsChecks.RCloneVersion, preFlightsChecks.RCloneVersion)
preFlightsChecks.call(
command, self.distro, command, command, 1, 0, os.EX_OSERR
)
else: # Install ubuntu
command = "wget https://downloads.rclone.org/v1.68.2/rclone-v1.60.1-linux-amd64.deb"
else: # Install centos7 and clone distros
command = "wget https://downloads.rclone.org/v%s/rclone-v%s-linux-amd64.rpm" % (preFlightsChecks.RCloneVersion, preFlightsChecks.RCloneVersion)
preFlightsChecks.call(
command, self.distro, command, command, 1, 0, os.EX_OSERR
)
command = "apt-get -y install ./rclone-v1.68.2-linux-amd64.deb"
command = "yum localinstall rclone-v%s-linux-amd64.rpm -y" % (preFlightsChecks.RCloneVersion, preFlightsChecks.RCloneVersion)
preFlightsChecks.call(
command, self.distro, command, command, 1, 0, os.EX_OSERR
)
Expand All @@ -987,6 +988,8 @@ def download_and_install_rclone(self):
logging.InstallLog.writeToFile(
"[ERROR] " + str(msg) + " [download_and_install_rclone]"
)

###
def download_install_phpmyadmin(self):
try:

Expand Down Expand Up @@ -1820,125 +1823,6 @@ def install_fail2ban(self):
except BaseException as msg:
logging.InstallLog.writeToFile('[ERROR] ' + str(msg) + " [install_fail2ban]")

def install_crowdsec(self):
self.stdOut("Install CrowdSec")

try:
# Download and run the CrowdSec installation script
command = "curl -s https://install.crowdsec.net | sudo sh"
preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)

# Install CrowdSec based on the distribution
if self.distro == ubuntu:
command = "DEBIAN_FRONTEND=noninteractive apt -y install crowdsec"
else: # For Centos7/8
command = "yum -y install crowdsec"

preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)

# Enable and start CrowdSec service
for action in ["enable", "start"]:
command = f"systemctl {action} crowdsec"
preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)

# Install Firewall Bouncer
if self.distro == ubuntu:
command = "DEBIAN_FRONTEND=noninteractive apt -y install crowdsec-firewall-bouncer-iptables"
else: # For Centos7/8
command = "yum -y install crowdsec-firewall-bouncer-iptables"

preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)

# Enable and start Firewall Bouncer service
for action in ["enable", "start"]:
command = f"systemctl {action} crowdsec-firewall-bouncer"
preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)

# Setup collections
collections = [
"crowdsecurity/iptables",
"crowdsecurity/linux",
"crowdsecurity/sshd",
"crowdsecurity/postfix",
"crowdsecurity/mariadb",
"crowdsecurity/modsecurity",
"crowdsecurity/linux-lpe",
"crowdsecurity/litespeed",
"crowdsecurity/dovecot",
"crowdsecurity/exchange",
"crowdsecurity/vsftpd",
"fulljackz/pureftpd",
"crowdsecurity/wordpress"
]

for collection in collections:
command = f"cscli collections install {collection}"
preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)

# Setup scenarios
scenarios = [
"crowdsecurity/litespeed-admin-bf",
"crowdsecurity/iptables-scan-multi_ports",
"crowdsecurity/CVE-2021-4034",
"crowdsecurity/CVE-2022-35914",
"crowdsecurity/dovecot-spam",
# Add more scenarios as needed...
]

for scenario in scenarios:
command = f"cscli scenarios install {scenario}"
preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)

# Setup parsers
parsers = [
"crowdsecurity/litespeed-logs",
"crowdsecurity/dovecot-logs",
"crowdsecurity/exchange-imap-logs",
"crowdsecurity/exchange-pop-logs",
"crowdsecurity/exchange-smtp-logs",
"crowdsecurity/iptables-logs",
"crowdsecurity/mariadb-logs",
"crowdsecurity/postfix-logs",
"crowdsecurity/sshd-logs"
]

for parser in parsers:
command = f"cscli parsers install {parser}"
preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)

# Restart CrowdSec service
command = "systemctl restart crowdsec"
preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)

# Add additional logs for CrowdSec configuration
acquis_file_path = "/etc/crowdsec/acquis.yaml"

with open(acquis_file_path + ".tmp", 'w') as temp_file:
temp_file.write("""\
# Additional log sources for CrowdSec
source: file
filenames:
- /home/cyberpanel/error-logs.txt
- /usr/local/lsws/logs/error.log
- /var/log/maillog
- /var/log/messages
- /var/log/mysql/error.log
labels:
type: syslog
# Uncomment to acquire logs from journalctl files.
# source: journalctl
# journalctl_filter:
# - "_SYSTEMD_UNIT=ssh.service"
# labels:
# type: journald
""")

# Move temporary file to actual configuration file path
os.rename(acquis_file_path + ".tmp", acquis_file_path)

except BaseException as msg:
logging.InstallLog.writeToFile(f"[ERROR] {msg} [install_crowdsec]")

## from here

def installLSCPD(self):
Expand Down Expand Up @@ -2261,6 +2145,135 @@ def setupPHPSessions(self):
except:
return 0

def install_crowdsec(self):
self.stdOut('Install CrowdSec')

try:
# Download and run the CrowdSec installation script

# First, download the installation script to a temporary file.
command = 'curl -s -o install_crowdsec.sh https://install.crowdsec.net'
preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)

# Execute the downloaded script
command = 'sudo bash install_crowdsec.sh'
subprocess.call(shlex.split(command))

# Install CrowdSec based on the distribution
if self.distro == ubuntu:
command = 'DEBIAN_FRONTEND=noninteractive apt -y install crowdsec'
else: # For Centos7/8
command = 'yum -y install crowdsec'

preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)

# Enable and start CrowdSec service
command = 'systemctl enable crowdsec'
preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)

command = 'systemctl start crowdsec'
preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)

# Install Firewall Bouncer
if self.distro == ubuntu:
command = 'DEBIAN_FRONTEND=noninteractive apt -y install crowdsec-firewall-bouncer-iptables'
else: # For Centos7/8
command = 'yum -y install crowdsec-firewall-bouncer-iptables'

preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)

# Enable and start Firewall Bouncer service
command = 'systemctl enable crowdsec-firewall-bouncer'
preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)

command = 'systemctl start crowdsec-firewall-bouncer'
preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)

# Setup collections
collections = [
'crowdsecurity/iptables',
'crowdsecurity/linux',
'crowdsecurity/sshd',
'crowdsecurity/postfix',
'crowdsecurity/mariadb',
'crowdsecurity/modsecurity',
'crowdsecurity/linux-lpe',
'crowdsecurity/litespeed',
'crowdsecurity/dovecot',
'crowdsecurity/exchange',
'crowdsecurity/vsftpd',
'fulljackz/pureftpd',
'crowdsecurity/wordpress'
]

for collection in collections:
command = f"cscli collections install {collection}"
preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)

# Setup scenarios
scenarios = [
'crowdsecurity/litespeed-admin-bf',
'crowdsecurity/iptables-scan-multi_ports',
'crowdsecurity/CVE-2021-4034',
'crowdsecurity/CVE-2022-35914',
'crowdsecurity/dovecot-spam',
# Add more scenarios as needed...
]

for scenario in scenarios:
command = f"cscli scenarios install {scenario}"
preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)

# Setup parsers
parsers = [
'crowdsecurity/litespeed-logs',
'crowdsecurity/dovecot-logs',
'crowdsecurity/exchange-imap-logs',
'crowdsecurity/exchange-pop-logs',
'crowdsecurity/exchange-smtp-logs',
'crowdsecurity/iptables-logs',
'crowdsecurity/mariadb-logs',
'crowdsecurity/postfix-logs',
'crowdsecurity/sshd-logs'
]

for parser in parsers:
command = f"cscli parsers install {parser}"
preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)

# Restart CrowdSec service
command = 'systemctl restart crowdsec'
preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)

# Add additional logs for CrowdSec configuration
acquis_file_path = '/etc/crowdsec/acquis.yaml'

with open(acquis_file_path + ".tmp", 'w') as temp_file:
temp_file.write("""\
# Additional log sources for CrowdSec
source: file
filenames:
- /home/cyberpanel/error-logs.txt
- /usr/local/lsws/logs/error.log
- /var/log/maillog
- /var/log/messages
- /var/log/mysql/error.log
labels:
type: syslog
# Uncomment to acquire logs from journalctl files.
# source: journalctl
# journalctl_filter:
# - "_SYSTEMD_UNIT=ssh.service"
# labels:
# type: journald
""")

# Move temporary file to actual configuration file path
os.rename(acquis_file_path + '.tmp', acquis_file_path)

except BaseException as msg:
logging.InstallLog.writeToFile(f"[ERROR] {msg} [install_crowdsec]")

def setup_cron(self):

try:
Expand Down Expand Up @@ -2946,7 +2959,6 @@ def main():

checks.installFirewalld()
checks.install_fail2ban()
checks.install_crowdsec()
checks.install_default_keys()

checks.download_install_CyberPanel(installCyberPanel.InstallCyberPanel.mysqlPassword, mysql)
Expand All @@ -2955,6 +2967,7 @@ def main():
checks.setupCLI()
# https://raw.githubusercontent.com/josephgodwinkimani/cyberpanel-mods/main/cyberpanel_sessions.sh
checks.setupPHPSessions()
checks.install_crowdsec()
checks.setup_cron()
checks.installRestic()
checks.installAcme()
Expand Down

0 comments on commit 24d7d85

Please sign in to comment.