## Introduction

BeSLab is an open source security lab blueprint dedicated to fortifying open source projects, models, training dataset against potential vulnerabilities. Designed to operate efficiently even in low-resource settings, BeSLab provides a comprehensive solution that grants complete control and transparency to application security and security operations teams.

#### Types of BeSLab
1. Private Lab - Lab hosted privately inside an organization’s private code collaboration platform
2. Public Lab - Lab hosted in a community namespace of a public code collaboration platform like GitHub
3. Personal Lab - Lab hosted privately within an individual’s laptop or a virtual machine

#### Seed a Private Lab
This playbook outlines the steps for seeding a Private Lab in a single Linux machine. At the end of this playbook exectution, you are going to get a BeSLab instance provisioned with below set of components.
1. A Code Collaboration Platform (For Instance, GitLab CE)
2. BeSLighthouse
3. BLIman
4. BeSman
5. NPM
6. NodeJS

#### Prerequisites
1. Ubuntu VM - Minimum 4vCPU, 8GB RAM, 16GB Disk Space
2. Python
3. Bash
4. PIP
5. Jupyter Notebook:
<br>If you want to run this playbook. Alternatively, you can set up the lab by manually running all the commands listed in this playbook in the same order.
6. AWS Specific Configurations:
<br>AWS VM installed with Ubuntu 22.04 does contains some aws specific packages which are installed with older versions so system pop warning messages for those packages and kernel being old version. These pop ups does hamper the non-interactive installation of BeSLab. So to suppress these warning during installation follow the below steps.

    1. Open file “/etc/needrestart/needrestart.conf”
    2. Change following parameters and save the changes.
    <br>Uncomment and set `$nrconf{restart} = 'a'`
    <br>Uncomment and set `$nrconf{kernelhints} = -1;`
    3. Save and exit the file.

#### Steps to install Jupyter (If not present already):

If Jupyter Notebook is not installed on the system already follow below steps to get it installed.
1. Update and upgrade the system. Execute following commands.
   <br>`sudo apt-get update && sudo apt-get -y upgrade`
2. Install PIP (if not installed already)
   <br>`sudo apt-get -y install python3-pip`
3. Install Jupyter
   <br>`sudo python3 -m pip install jupyter`
4. Generate Jupyter Notebook configuration.
   <br>`jupyter notebook --generate-config`
5. Open Jupyter Notebook configuration at `$HOME/`
   <br>`vi $HOME/.jupyter/jupyter_notebook_config.py`
6. Change following and save
   <br>`c.ServerApp.ip = 'localhost'` to `c.ServerApp.ip = '0.0.0.0'`
   <br>Uncomment `c.ServerApp.open_browser = False`
7. Save and close the file.
 
#### Executing Jupyter Notebook

To execute the jupyter playbook we need to start the jupyter notebook via terminal and upload the notebook to the Jupyter Notebook.
1. Start Jupyter Notebook:
2. cd to /opt folder.
3. Execute <i>`jupyter notebook –allow-root`</i>. Notedown the port number and token displayed on screen.
5. Open the browser and and enter “<machine IP>:<port captured above>”. It will open the Jupyter notenook UI.
6. Enter the token captured above into the input field shown and click on Sign In button. This will open the Jupyter Notebook page.
7. Upload this notebook using the Upload button.

## Private Lab Seeding Playbook Steps

 #### 1. Download bliman setup script

In [None]:
!curl -o bliman_setup.sh https://raw.githubusercontent.com/Be-Secure/BLIman/main/bliman_setup.sh; chmod +x bliman_setup.sh;

#### 2. Execute BLIman setup

In [None]:
!./bliman_setup.sh install --version <bliman version>

- bliman version is the version number e.g 0.4.1. For developers who wants to test the code in develop branch, give the version as "dev".

#### 3. Verify the installation of BLIman

In [None]:
!source /root/.bliman/bin/bliman-init.sh; bli help

#### 4. Load the genesis file
Modify the genesis file as required or use the default one.

In [None]:
!source /root/.bliman/bin/bliman-init.sh; bli load

#### 6. Initialize lite mode
Verify whether lite mode is set at the end this command execution result.

In [None]:
!source /root/.bliman/bin/bliman-init.sh; bli initmode lite

#### 7. Verify BeSman is installed

In [None]:
!source /root/.bliman/bin/bliman-init.sh; source /root/.besman/bin/besman-init.sh; bes help

#### 8. Launch the lab installation

In [None]:
!source /root/.bliman/bin/bliman-init.sh; source /root/.besman/bin/besman-init.sh; bli launchlab;

#### 9. Verify the lab installation
1. Open GitLab. Go to browser and enter `http://gitlab-server-IP`. (Give the actual IP or domain name). Login with the default credentials (Lab name configured in genesis.yaml / Welc0me@123). Change the default password upon login.
2. Open BeSLighthouse. Go to browser and enter `http://BeSLighthouse-IP:3000`. (Give the actual IP or domain name). BeSLighthouse UI should open up. Click the "Projects Of Interest" tab and verify that it shows an empty list.