-
Notifications
You must be signed in to change notification settings - Fork 63
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
1 parent
8425841
commit 0c795fa
Showing
21 changed files
with
541 additions
and
154 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
Built on [nginx](https://hub.docker.com/_/nginx/), this image provides an SSL proxy for the [ACE Web Application](https://github.com/Invoke-IR/ACE/tree/master/ACE-WebService). | ||
|
||
ACE relies on SSL for two important features: | ||
* Encryption - Data sent to and from the ACE Web Application is encrypted | ||
* Authentication - Certificate pinning is used to provide server side authentication to avoid Man-in-the-Middle attacks. | ||
|
||
## Using this Image | ||
The ACE Nginx can be run in a couple different ways. | ||
### Standalone | ||
If you are running ACE in a test/development/standalone deployment, then you can simply run the container as shown below. | ||
``` | ||
docker run --name ace-nginx -p 80:80 -p 443:443 -d specterops/ace-nginx | ||
``` | ||
### Clustered/Redundant | ||
If you plan on running ACE in a Kubernetes cluster with replication, you want to maintain the same SSL certificates in all instances of the specterops/ace-nginx image. This can be achieved through the use of Volumes. | ||
|
||
Simply create a docker volume (it can be named "certs" or whatever you choose). | ||
``` | ||
docker volume create --name certs | ||
``` | ||
|
||
Then run your container(s) with the -v flag, linking your newly created volume to "/etc/nginx/certs". The volume will ensure a consistent SSL certificate across all ace-nginx instances. | ||
``` | ||
docker run --name ace-nginx -v certs:/etc/nginx/certs -p 80:80 -p 443:443 -d specterops/ace-nginx | ||
``` | ||
|
||
### Get SSL Certificate Thumbprint | ||
The .NET WebClient does not trust self-signed SSL Certificates by default. The ACE PowerShell module bypasses this limitation by using certificate pinning, where the PowerShell script compares the user supplied SSL Thumbprint to that returned by the target server. If the Thumbprints match, then the server is authenticated and the request is allowed. The SSL Thumbprint is output at container runtime and can be found with the following command: | ||
``` | ||
docker logs ace-nginx | ||
################################################################ | ||
# ACE SSL Thumbprint: 3179CC1A0A0E20477260BFB8D559F35240297E6B # | ||
################################################################ | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
Built on [RabbitMQ](https://hub.docker.com/_/rabbitmq/), this images provides the backend database used by the [ACE RabbitMQ Server](https://github.com/Invoke-IR/ACE/tree/master/ACE-RabbitMQ). | ||
|
||
## Requirements | ||
* This image requires Docker Engine 1.8+ in any of their supported platforms. | ||
* Requires the following environment flags | ||
* RABBITMQ_DEFAULT_USER=<username> | ||
* RABBITMQ_DEFAULT_PASS=<your_strong_password> | ||
* APIKEY=<virustotal_apikey> | ||
|
||
## Using this Image | ||
### Run | ||
``` | ||
docker run --name ace-rabbitmq -e 'RABBITMQ_DEFAULT_USER=yourUsername' -e 'RABBITMQ_DEFAULT_PASS=yourPassword' -e 'APIKEY=yourVirusTotalPublicAPIKey' -p 5672:5672 -p 15672:15672 -d specterops/ace-rabbitmq | ||
``` | ||
# For Persistence | ||
If you desire your RabbitMQ data and setting to persist between containers, you need to create a docker volume ```docker volume create rabbitmq``` then add ```-v rabbitmq:/var/lib/rabbitmq``` to the docker run command | ||
|
||
### Environment Variables | ||
* **RABBITMQ_DEFAULT_USER** Username for RabbitMQ server. Will be used to connect to server and log into management interface. | ||
* **RABBITMQ_DEFAULT_PASS** Password for RabbitMQ server. Will be used to connect to server and log into management interface. | ||
* **APIKEY** Public VirusTotal API key. Allows for lookups of hashes on VirusTotal |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,125 @@ | ||
#!/usr/bin/env python | ||
import json | ||
import sys | ||
import pika | ||
import requests | ||
from argparse import ArgumentParser | ||
from json import dumps | ||
|
||
# Our local cache of hashes. Each of the consumers checks this dictionary first | ||
# before doing a lookup against VirusTotal to save time and API queries | ||
cachedEntries = {} | ||
|
||
class CachedConsumer(object): | ||
"""A consumer that receives hashes and queries the VirusTotal api | ||
to find if VirusTotal has any matching hashes, and how many positive | ||
(malicious) results for that hash. | ||
""" | ||
EXCHANGE = 'ace_exchange' | ||
EXCHANGE_TYPE = 'topic' | ||
|
||
def __init__(self, connection): | ||
"""Create a new instance of LookupConsumer, passing in the API key to use. | ||
:param connection connection: A pika connection object. | ||
""" | ||
self._connection = connection | ||
self._channel = None | ||
|
||
def consume_message(self, channel, method, properties, body): | ||
"""Consume a message from channel. This function is passed as a callback | ||
to basic_consume. After checking the body of the message, the consumer checks the | ||
cache and either publish the cached entry, or perform a lookup and add the result | ||
to the cache. | ||
""" | ||
self._channel = channel | ||
message = json.loads(body) # parse the JSON results from the message | ||
newRoutingKey = "" | ||
if 'SHA256Hash' in message and message['SHA256Hash'] is not None: | ||
sha256hash = message['SHA256Hash'] # assign the value temporarily instead of doing a lookup each time | ||
if sha256hash in cachedEntries: #hash is cached | ||
print "Hash is cached" | ||
message[u"VTRecordExists"] = cachedEntries[sha256hash][u"VTRecordExists"] | ||
if u"VTPositives" in cachedEntries[sha256hash]: | ||
message[u"VTPositives"] = cachedEntries[sha256hash][u"VTPositives"] | ||
enrichment,newRoutingKey = method.routing_key.split(".",1) | ||
self.publish_message(method, message, newRoutingKey) | ||
elif u'VTRecordExists' in message: #needs to be cached | ||
print "Adding hash to cache" | ||
cachedEntries[sha256hash] = {} | ||
cachedEntries[sha256hash][u"VTRecordExists"] = message[u"VTRecordExists"] | ||
if u'VTPositives' in message: | ||
cachedEntries[sha256hash][u'VTPositives'] = message[u'VTPositives'] | ||
enrichment,newRoutingKey = method.routing_key.split(".",1) | ||
self.publish_message(method, message, newRoutingKey) | ||
else: #send for lookup | ||
print "sending to VT" | ||
newRoutingKey = "lookup." + method.routing_key | ||
self.publish_message(method, message, newRoutingKey) | ||
self._connection.sleep(1) | ||
elif message['SHA256Hash'] is None: | ||
print "Hash is null" | ||
enrichment,newRoutingKey = method.routing_key.split(".",1) | ||
self.publish_message(method, message, newRoutingKey) | ||
|
||
def publish_message(self, method, message, routingKey): | ||
"""Publish a message to the channel with the new routing key after enrichment. | ||
""" | ||
body = json.dumps(message) | ||
channel = self._channel | ||
channel.basic_ack(delivery_tag = method.delivery_tag) | ||
channel.basic_publish(exchange=self.EXCHANGE, routing_key=routingKey,body=body, properties=pika.BasicProperties(delivery_mode = 2,)) | ||
|
||
def main(): | ||
parser = ArgumentParser() | ||
parser.add_argument( | ||
'-s', '--Server', dest='rabbitmq_server', default='', | ||
help='[MANDATORY] RabbitMQ server hostname or IP address') | ||
parser.add_argument( | ||
'-u', '--User', dest='rabbitmq_user', default='', | ||
help='[OPTIONAL] RabbitMQ username') | ||
parser.add_argument( | ||
'-p', '--Password', dest='rabbitmq_password', default='', | ||
help='[OPTIONAL] RabbitMQ password') | ||
|
||
args = parser.parse_args() | ||
try: | ||
if (args.rabbitmq_password != '' and args.rabbitmq_user != ''): | ||
creds = pika.PlainCredentials(args.rabbitmq_user, args.rabbitmq_password) | ||
connection = pika.BlockingConnection(pika.ConnectionParameters(host=args.rabbitmq_server, | ||
credentials=creds)) | ||
elif (args.rabbitmq_server != ''): | ||
connection = pika.BlockingConnection(pika.ConnectionParameters(host=args.rabbitmq_server)) | ||
else: | ||
print("Must provide command line parameters, run 'python ACE_RabbitMQ.py -h' for help") | ||
return | ||
channel = connection.channel() | ||
except: | ||
print("Issue connecting to RabbitMQ,") | ||
|
||
channel.exchange_declare(exchange='ace_exchange',exchange_type='topic', durable=True) | ||
|
||
channel.queue_declare(queue='siem', durable=True) | ||
channel.queue_declare(queue='cached_hash', durable=True) | ||
channel.queue_declare(queue='lookup', durable=True) | ||
channel.queue_declare(queue='status', durable=True) | ||
|
||
channel.queue_bind(exchange='ace_exchange', queue='siem', routing_key='siem') | ||
channel.queue_bind(exchange='ace_exchange', queue='cached_hash', routing_key='hash.#') | ||
channel.queue_bind(exchange='ace_exchange', queue='lookup', routing_key='lookup.hash.#') | ||
channel.queue_bind(exchange='ace_exchange', queue='status', routing_key='status') | ||
channel.basic_qos(prefetch_count=1) | ||
|
||
|
||
print("Waiting for messages") | ||
|
||
cacheConsume = CachedConsumer(connection) | ||
|
||
channel.basic_consume(cacheConsume.consume_message, queue='cached_hash') | ||
|
||
channel.start_consuming() | ||
|
||
connection.close() | ||
|
||
if __name__ == '__main__': | ||
main() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
#!/bin/bash | ||
python /root/ace-lookup.py -s 127.0.0.1 -u $RABBITMQ_DEFAULT_USER -p $RABBITMQ_DEFAULT_PASS -k $APIKEY & | ||
python /root/ace-cache.py -s 127.0.0.1 -u $RABBITMQ_DEFAULT_USER -p $RABBITMQ_DEFAULT_PASS & | ||
|
||
echo "\"RabbitMQUserName\": \"$RABBITMQ_DEFAULT_USER\"," | ||
echo "\"RabbitMQPassword\": \"$RABBITMQ_DEFAULT_PASS\"," | ||
|
||
while true; do :; sleep 600; done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,135 @@ | ||
#!/usr/bin/env python | ||
import json | ||
import sys | ||
import pika | ||
import requests | ||
from argparse import ArgumentParser | ||
from json import dumps | ||
|
||
class VTConsumer(object): | ||
"""A consumer that receives hashes and queries the VirusTotal api | ||
to find if VirusTotal has any matching hashes, and how many positive | ||
(malicious) results for that hash. | ||
""" | ||
EXCHANGE = 'ace_exchange' | ||
EXCHANGE_TYPE = 'topic' | ||
|
||
def __init__(self, api_key, connection): | ||
"""Create a new instance of VTConsumer, passing in the API key to use. | ||
:param str api_key: The VirusTotal API key to use. | ||
:param connection connection: A pika connection object. | ||
""" | ||
self._apikey = api_key | ||
self._connection = connection | ||
self._channel = None | ||
|
||
def consume_message(self, channel, method, properties, body): | ||
"""Consume a message from channel. This function is passed as a callback | ||
to basic_consume. After checking the body of the message, the consumer checks the | ||
cache and either publish the cached entry, or perform a lookup and add the result | ||
to the cache. | ||
""" | ||
self._channel = channel | ||
message = json.loads(body) # parse the JSON results from the message | ||
entry = {} | ||
sha256hash = message['SHA256Hash'] | ||
entry = self.lookup_hash(sha256hash) | ||
print entry | ||
if u'VTRecordExists' in entry: | ||
message[u"VTRecordExists"] = entry[u"VTRecordExists"] | ||
if u'VTPositives' in entry: | ||
message[u'VTPositives'] = entry[u'VTPositives'] | ||
self.publish_message(method, message) | ||
|
||
def lookup_hash(self, sha256hash): | ||
"""Perform a lookup against VirusTotal for a given hash. | ||
:param str vt_hash: A SHA256Hash to check against the VirusTotal API. | ||
""" | ||
params = { 'apikey': self._apikey, 'resource': sha256hash } | ||
headers = {"Accept-Encoding": "gzip, deflate", "User-Agent" : "gzip, VirusTotal ACE Enrichment Consumer v0.1"} | ||
response = requests.get('https://www.virustotal.com/vtapi/v2/file/report', params=params, headers=headers) | ||
if response.status_code == 204: | ||
self._connection.sleep(60) | ||
response = requests.get('https://www.virustotal.com/vtapi/v2/file/report', params=params, headers=headers) | ||
json_response = response.json() | ||
if json_response['response_code'] == 1: | ||
new_record = {} | ||
new_record[u"VTRecordExists"] = u"True" | ||
new_record[u"VTPositives"] = json_response['positives'] | ||
elif json_response['response_code'] == 0: | ||
new_record = {} | ||
new_record[u"VTRecordExists"] = u"False" | ||
elif json_response['response_code'] == -2: | ||
new_record = {} | ||
new_record[u"VTRecordExists"] = u"False" | ||
return new_record | ||
|
||
def publish_message(self, method, message): | ||
"""Publish a message to the channel with the new routing key after enrichment. | ||
""" | ||
enrichment,newRoutingKey = method.routing_key.split(".",1) | ||
body = json.dumps(message) | ||
channel = self._channel | ||
channel.basic_ack(delivery_tag = method.delivery_tag) | ||
channel.basic_publish(exchange=self.EXCHANGE, routing_key=newRoutingKey,body=body, properties=pika.BasicProperties(delivery_mode = 2,)) | ||
|
||
def main(): | ||
parser = ArgumentParser() | ||
parser.add_argument( | ||
'-s', '--Server', dest='rabbitmq_server', default='', | ||
help='[MANDATORY] RabbitMQ server hostname or IP address') | ||
parser.add_argument( | ||
'-u', '--User', dest='rabbitmq_user', default='', | ||
help='[OPTIONAL] RabbitMQ username') | ||
parser.add_argument( | ||
'-p', '--Password', dest='rabbitmq_password', default='', | ||
help='[OPTIONAL] RabbitMQ password') | ||
parser.add_argument( | ||
'-k', '--APIKey', dest='VTAPIKey', default='', | ||
help='[MANDATORY] VirusTotal API Key') | ||
|
||
args = parser.parse_args() | ||
try: | ||
if (args.VTAPIKey == ''): | ||
print("Must provide command line parameters, run 'python ACE_RabbitMQ.py -h' for help") | ||
return | ||
if (args.rabbitmq_password != '' and args.rabbitmq_user != ''): | ||
creds = pika.PlainCredentials(args.rabbitmq_user, args.rabbitmq_password) | ||
connection = pika.BlockingConnection(pika.ConnectionParameters(host=args.rabbitmq_server, | ||
credentials=creds)) | ||
elif (args.rabbitmq_server != ''): | ||
connection = pika.BlockingConnection(pika.ConnectionParameters(host=args.rabbitmq_server)) | ||
else: | ||
print("Must provide command line parameters, run 'python ACE_RabbitMQ.py -h' for help") | ||
return | ||
channel = connection.channel() | ||
except: | ||
print("Issue connecting to RabbitMQ,") | ||
|
||
channel.exchange_declare(exchange='ace_exchange',exchange_type='topic', durable=True) | ||
|
||
channel.queue_declare(queue='siem', durable=True) | ||
channel.queue_declare(queue='cached_hash', durable=True) | ||
channel.queue_declare(queue='lookup', durable=True) | ||
channel.queue_declare(queue='status', durable=True) | ||
|
||
channel.queue_bind(exchange='ace_exchange', queue='siem', routing_key='siem') | ||
channel.queue_bind(exchange='ace_exchange', queue='cached_hash', routing_key='hash.#') | ||
channel.queue_bind(exchange='ace_exchange', queue='lookup', routing_key='lookup.hash.#') | ||
channel.queue_bind(exchange='ace_exchange', queue='status', routing_key='status') | ||
channel.basic_qos(prefetch_count=1) | ||
|
||
|
||
print("Waiting for messages") | ||
|
||
consumer = VTConsumer(args.VTAPIKey, connection) | ||
channel.basic_consume(consumer.consume_message, queue='lookup') | ||
|
||
channel.start_consuming() | ||
|
||
connection.close() | ||
|
||
if __name__ == '__main__': | ||
main() |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,13 +1,18 @@ | ||
FROM rabbitmq:3-management | ||
MAINTAINER Jared Atkinson <jared@invoke-ir.com> | ||
ADD ace-entrypoint.sh /root/ace-entrypoint.sh | ||
ADD ace-cache.py /root/ace-cache.py | ||
ADD ace-lookup.py /root/ace-lookup.py | ||
RUN \ | ||
apt-get update -y \ | ||
chmod +x /root/ace-entrypoint.sh \ | ||
&& chmod +x /root/ace-cache.py \ | ||
&& chmod +x /root/ace-lookup.py \ | ||
&& apt-get update -y \ | ||
&& apt-get upgrade -y \ | ||
&& apt-get dist-upgrade -y \ | ||
&& apt-get install -y python2.7 python-pip \ | ||
&& pip install pika requests | ||
ADD ace.py /root/ace.py | ||
CMD \ | ||
/usr/local/bin/docker-entrypoint.sh rabbitmq-server & \ | ||
/usr/local/bin/docker-entrypoint.sh rabbitmq-server > /dev/null & \ | ||
sleep 30 \ | ||
&& python /root/ace.py -s 127.0.0.1 -u $RABBITMQ_DEFAULT_USER -p $RABBITMQ_DEFAULT_PASS | ||
&& /root/ace-entrypoint.sh |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
Built on [microsoft/mssql-server-linux](https://hub.docker.com/r/microsoft/mssql-server-linux/), this images provides the backend database used by the [ACE Web Application](https://github.com/Invoke-IR/ACE/tree/master/ACE-WebService). | ||
|
||
## Requirements | ||
* This image requires Docker Engine 1.8+ in any of their supported platforms. | ||
* At least 3.25 GB of RAM. Make sure to assign enough memory to the Docker VM if you're running on Docker for Mac or Windows. | ||
* Requires the following environment flags | ||
* SA_PASSWORD=<your_strong_password> | ||
* A strong system administrator (SA) password: At least 8 characters including uppercase, lowercase letters, base-10 digits and/or non-alphanumeric symbols. | ||
|
||
## Using this Image | ||
### Run | ||
``` | ||
docker run --name ace-sql -e 'SA_PASSWORD=yourStrong(!)Password' -p 1433:1433 -d specterops/ace-sql | ||
``` | ||
### Environment Variables | ||
* **SA_PASSWORD** is the database system administrator (userid = 'sa') password used to connect to SQL Server once the container is running. Important note: This password needs to include at least 8 characters of at least three of these four categories: uppercase letters, lowercase letters, numbers and non-alphanumeric symbols. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
/opt/mssql/bin/sqlservr > /dev/null & | ||
|
||
#wait for the SQL Server to come up | ||
sleep 45s | ||
|
||
# Create Unique API Key | ||
apikey=$(cat /proc/sys/kernel/random/uuid) | ||
startacesweep=$(cat /proc/sys/kernel/random/uuid) | ||
downloadacefile=$(cat /proc/sys/kernel/random/uuid) | ||
sed -i -e 's/\[APIKEY\]/'"$apikey"'/g' /usr/src/ace/ace.sql | ||
|
||
#run the setup script to create the DB and the schema in the DB | ||
/opt/mssql-tools/bin/sqlcmd -S localhost -U sa -P $SA_PASSWORD -Q "CREATE DATABASE ACEWebService" > /dev/null | ||
/opt/mssql-tools/bin/sqlcmd -S localhost -U sa -P $SA_PASSWORD -d ACEWebService -i /usr/src/ace/ace.sql > /dev/null | ||
|
||
echo "\"ApiKey\": \"$apikey\"," | ||
echo "\"StartAceSweep\": \"$startacesweep\"," | ||
echo "\"DownloadAceFile\": \"$downloadacefile\"" | ||
echo "\"DefaultConnection\": \"Server=sql.ace.local;Database=ACEWebService;User Id=sa;Password=$SA_PASSWORD;MultipleActiveResultSets=true\"" | ||
|
||
while true; do | ||
sleep 300 | ||
done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,5 @@ | ||
ACCEPT_EULA=Y | ||
SA_PASSWORD=P@ssw0rd! | ||
RABBITMQ_DEFAULT_USER=ace | ||
RABBITMQ_DEFAULT_PASS=P@ssw0rd! | ||
RABBITMQ_DEFAULT_PASS=P@ssw0rd! | ||
APIKEY=YOURAPIKEYHERE | ||
WEBSERVICE_IP=192.168.92.152 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
# Get IP Address | ||
unameOut="$(uname -s)" | ||
case "${unameOut}" in | ||
Linux*) ip=$(/sbin/ifconfig eth0 | grep 'inet addr:' | cut -d: -f2 | awk '{print $1}');; | ||
Darwin*) ip=$(ifconfig en0 | grep inet | grep -v inet6 | cut -d ' ' -f2);; | ||
CYGWIN*) ip=Cygwin;; | ||
MINGW*) ip=MinGw;; | ||
*) ip="UNKNOWN:${unameOut}" | ||
esac | ||
|
||
# Write appsettings.Production.json to screen | ||
clear | ||
echo "" | ||
echo "" | ||
echo "==========================================================" | ||
echo "| appsettings.Production.json |" | ||
echo "==========================================================" | ||
echo "" | ||
echo "{" | ||
echo " \"Logging\": {" | ||
echo " \"IncludeScopes\": false," | ||
echo " \"LogLevel\": {" | ||
echo " \"Default\": \"Debug\"," | ||
echo " \"System\": \"Information\"," | ||
echo " \"Microsoft\": \"Information\"" | ||
echo " }" | ||
echo " }," | ||
echo "" | ||
echo " \"AppSettings\": {" | ||
echo " \"RabbitMQServer\": \"$ip\"," | ||
echo " $(docker logs ace-rabbitmq | grep UserName)" | ||
echo " $(docker logs ace-rabbitmq | grep Password)" | ||
echo " $(docker logs ace-nginx | grep Thumbprint)" | ||
echo " $(docker logs ace-sql | grep ApiKey)" | ||
echo " $(docker logs ace-sql | grep StartAceSweep)" | ||
echo " $(docker logs ace-sql | grep DownloadAceFile)" | ||
echo " }," | ||
echo "" | ||
echo " \"ConnectionStrings\": {" | ||
echo " $(docker logs ace-sql | grep DefaultConnection | sed s/sql.ace.local/$ip/)" | ||
echo " }" | ||
echo "}" | ||
echo "" | ||
echo "==========================================================" | ||
echo "" | ||
echo "" | ||
|
||
echo "===============================================================" | ||
echo "| Thank you for provisioning ACE with Docker!! |" | ||
echo "| Please use the following information to interact with ACE |" | ||
echo "===============================================================" | ||
echo "" | ||
echo " \$settings = @{" | ||
echo " Uri = 'https://$ip'" | ||
IFS='"' read -r -a array <<< "$(docker logs ace-sql | grep Api)" | ||
echo " ApiKey = '${array[3]}'" | ||
IFS='"' read -r -a array <<< "$(docker logs ace-nginx)" | ||
echo " Thumbprint = '${array[3]}'" | ||
echo " }" | ||
echo "" | ||
echo "==============================================================" | ||
echo "" | ||
echo "" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,74 @@ | ||
# Get directory of script and change to it | ||
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" | ||
cd $DIR | ||
|
||
# Build Docker Images and Start Containers | ||
docker-compose build | ||
docker-compose up -d | ||
|
||
# Get IP Address | ||
unameOut="$(uname -s)" | ||
case "${unameOut}" in | ||
Linux*) ip=$(/sbin/ifconfig eth0 | grep 'inet addr:' | cut -d: -f2 | awk '{print $1}');; | ||
Darwin*) ip=$(ifconfig en0 | grep inet | grep -v inet6 | cut -d ' ' -f2);; | ||
CYGWIN*) ip=Cygwin;; | ||
MINGW*) ip=MinGw;; | ||
*) ip="UNKNOWN:${unameOut}" | ||
esac | ||
|
||
sleep 60 | ||
|
||
# Write appsettings.Production.json to screen | ||
clear | ||
echo "" | ||
echo "" | ||
echo "==========================================================" | ||
echo "| appsettings.Production.json |" | ||
echo "==========================================================" | ||
echo "" | ||
echo "{" | ||
echo " \"Logging\": {" | ||
echo " \"IncludeScopes\": false," | ||
echo " \"LogLevel\": {" | ||
echo " \"Default\": \"Debug\"," | ||
echo " \"System\": \"Information\"," | ||
echo " \"Microsoft\": \"Information\"" | ||
echo " }" | ||
echo " }," | ||
echo "" | ||
echo " \"AppSettings\": {" | ||
echo " \"RabbitMQServer\": \"$ip\"," | ||
echo " $(docker logs ace-rabbitmq | grep UserName)" | ||
echo " $(docker logs ace-rabbitmq | grep Password)" | ||
echo " $(docker logs ace-nginx | grep Thumbprint)" | ||
echo " $(docker logs ace-sql | grep ApiKey)" | ||
echo " $(docker logs ace-sql | grep StartAceSweep)" | ||
echo " $(docker logs ace-sql | grep DownloadAceFile)" | ||
echo " }," | ||
echo "" | ||
echo " \"ConnectionStrings\": {" | ||
echo " $(docker logs ace-sql | grep DefaultConnection | sed s/sql.ace.local/$ip/)" | ||
echo " }" | ||
echo "}" | ||
echo "" | ||
echo "==========================================================" | ||
echo "" | ||
echo "" | ||
|
||
# Provide configuration details for PowerShell Module | ||
echo "===============================================================" | ||
echo "| Thank you for provisioning ACE with Docker!! |" | ||
echo "| Please use the following information to interact with ACE |" | ||
echo "===============================================================" | ||
echo "" | ||
echo " \$settings = @{" | ||
echo " Uri = 'https://$ip'" | ||
IFS='"' read -r -a array <<< "$(docker logs ace-sql | grep Api)" | ||
echo " ApiKey = '${array[3]}'" | ||
IFS='"' read -r -a array <<< "$(docker logs ace-nginx | grep Thumbprint)" | ||
echo " Thumbprint = '${array[3]}'" | ||
echo " }" | ||
echo "" | ||
echo "==============================================================" | ||
echo "" | ||
echo "" |