From 71f2a3204e3688fd32e90cb3fe2fd12c4e5d2943 Mon Sep 17 00:00:00 2001 From: Phrozyn Date: Tue, 23 Aug 2016 10:28:04 -0500 Subject: [PATCH 1/5] Adding systemd files to MozDef. --- .sonar/.sonar_lock | 0 config/mongod.conf | 45 +++++++++++++++++++++++++++++++++++++ "systemdfiles/\\" | 17 ++++++++++++++ systemdfiles/kibana.service | 16 +++++++++++++ systemdfiles/mongod.service | 17 ++++++++++++++ 5 files changed, 95 insertions(+) create mode 100644 .sonar/.sonar_lock create mode 100644 config/mongod.conf create mode 100644 "systemdfiles/\\" create mode 100644 systemdfiles/kibana.service create mode 100644 systemdfiles/mongod.service diff --git a/.sonar/.sonar_lock b/.sonar/.sonar_lock new file mode 100644 index 000000000..e69de29bb diff --git a/config/mongod.conf b/config/mongod.conf new file mode 100644 index 000000000..b4fb05a7a --- /dev/null +++ b/config/mongod.conf @@ -0,0 +1,45 @@ +# mongod.conf + +# for documentation of all options, see: +# http://docs.mongodb.org/manual/reference/configuration-options/ + +# where to write logging data. +systemLog: + destination: file + logAppend: true + path: /opt/mozdef/envs/mozdef/logs/meteor-mongo.log + +# Where and how to store data. +storage: + dbPath: /opt/mozdef/envs/mongo/db + journal: + enabled: true + mmapv1: + smallFiles: true +# wiredTiger: + +# how the process runs +processManagement: + fork: true # fork and run in background + pidFilePath: /var/run/mozdefdb/mozdefdb.pid # location of pidfile + +# network interfaces +net: + port: 3002 + bindIp: 127.0.0.1 # Listen to local interface only, comment to listen on all interfaces. + + +#security: + +#operationProfiling: + +replication: + oplogSizeMB: 8 + +#sharding: + +## Enterprise-Only Options + +#auditLog: + +#snmp: diff --git "a/systemdfiles/\\" "b/systemdfiles/\\" new file mode 100644 index 000000000..a0633cec8 --- /dev/null +++ "b/systemdfiles/\\" @@ -0,0 +1,17 @@ +[Unit] +Description=MongoDB Database Service +After=network.target + +[Service] +Type=forking +PIDFile=/var/run/mozdefdb/mozdefdb.pid +ExecStart=/usr/bin/mongod --config /etc/mongod.conf +ExecReload=/bin/kill -HUP $MAINPID +#Restart=always +User=mozdef +Group=mozdef +StandardOutput=syslog +StandardError=syslog + +[Install] +WantedBy=multi-user.target diff --git a/systemdfiles/kibana.service b/systemdfiles/kibana.service new file mode 100644 index 000000000..e8be9689f --- /dev/null +++ b/systemdfiles/kibana.service @@ -0,0 +1,16 @@ +[Unit] +Description=Kibana +Requires=elasticsearch.service + +[Service] +ExecStart=/opt/mozdef/envs/kibana/bin/kibana +Restart=always +StandardOutput=syslog +StandardError=syslog +SyslogIdentifier=kibana4 +User=mozdef +Group=mozdef +SuccessExitStatus=143 + +[Install] +WantedBy=multi-user.target diff --git a/systemdfiles/mongod.service b/systemdfiles/mongod.service new file mode 100644 index 000000000..a0633cec8 --- /dev/null +++ b/systemdfiles/mongod.service @@ -0,0 +1,17 @@ +[Unit] +Description=MongoDB Database Service +After=network.target + +[Service] +Type=forking +PIDFile=/var/run/mozdefdb/mozdefdb.pid +ExecStart=/usr/bin/mongod --config /etc/mongod.conf +ExecReload=/bin/kill -HUP $MAINPID +#Restart=always +User=mozdef +Group=mozdef +StandardOutput=syslog +StandardError=syslog + +[Install] +WantedBy=multi-user.target From faf71d98f4228a24d2b1a2afb2c2b33dd614cb45 Mon Sep 17 00:00:00 2001 From: Phrozyn Date: Tue, 23 Aug 2016 10:58:18 -0500 Subject: [PATCH 2/5] Adding config and systemdfiles dir with mongod and kibana. --- config/mongod.conf | 45 +++++++++++++++++++++++++++++++++++++ "systemdfiles/\\" | 17 ++++++++++++++ systemdfiles/kibana.service | 16 +++++++++++++ systemdfiles/mongod.service | 17 ++++++++++++++ 4 files changed, 95 insertions(+) create mode 100644 config/mongod.conf create mode 100644 "systemdfiles/\\" create mode 100644 systemdfiles/kibana.service create mode 100644 systemdfiles/mongod.service diff --git a/config/mongod.conf b/config/mongod.conf new file mode 100644 index 000000000..b4fb05a7a --- /dev/null +++ b/config/mongod.conf @@ -0,0 +1,45 @@ +# mongod.conf + +# for documentation of all options, see: +# http://docs.mongodb.org/manual/reference/configuration-options/ + +# where to write logging data. +systemLog: + destination: file + logAppend: true + path: /opt/mozdef/envs/mozdef/logs/meteor-mongo.log + +# Where and how to store data. +storage: + dbPath: /opt/mozdef/envs/mongo/db + journal: + enabled: true + mmapv1: + smallFiles: true +# wiredTiger: + +# how the process runs +processManagement: + fork: true # fork and run in background + pidFilePath: /var/run/mozdefdb/mozdefdb.pid # location of pidfile + +# network interfaces +net: + port: 3002 + bindIp: 127.0.0.1 # Listen to local interface only, comment to listen on all interfaces. + + +#security: + +#operationProfiling: + +replication: + oplogSizeMB: 8 + +#sharding: + +## Enterprise-Only Options + +#auditLog: + +#snmp: diff --git "a/systemdfiles/\\" "b/systemdfiles/\\" new file mode 100644 index 000000000..a0633cec8 --- /dev/null +++ "b/systemdfiles/\\" @@ -0,0 +1,17 @@ +[Unit] +Description=MongoDB Database Service +After=network.target + +[Service] +Type=forking +PIDFile=/var/run/mozdefdb/mozdefdb.pid +ExecStart=/usr/bin/mongod --config /etc/mongod.conf +ExecReload=/bin/kill -HUP $MAINPID +#Restart=always +User=mozdef +Group=mozdef +StandardOutput=syslog +StandardError=syslog + +[Install] +WantedBy=multi-user.target diff --git a/systemdfiles/kibana.service b/systemdfiles/kibana.service new file mode 100644 index 000000000..e8be9689f --- /dev/null +++ b/systemdfiles/kibana.service @@ -0,0 +1,16 @@ +[Unit] +Description=Kibana +Requires=elasticsearch.service + +[Service] +ExecStart=/opt/mozdef/envs/kibana/bin/kibana +Restart=always +StandardOutput=syslog +StandardError=syslog +SyslogIdentifier=kibana4 +User=mozdef +Group=mozdef +SuccessExitStatus=143 + +[Install] +WantedBy=multi-user.target diff --git a/systemdfiles/mongod.service b/systemdfiles/mongod.service new file mode 100644 index 000000000..a0633cec8 --- /dev/null +++ b/systemdfiles/mongod.service @@ -0,0 +1,17 @@ +[Unit] +Description=MongoDB Database Service +After=network.target + +[Service] +Type=forking +PIDFile=/var/run/mozdefdb/mozdefdb.pid +ExecStart=/usr/bin/mongod --config /etc/mongod.conf +ExecReload=/bin/kill -HUP $MAINPID +#Restart=always +User=mozdef +Group=mozdef +StandardOutput=syslog +StandardError=syslog + +[Install] +WantedBy=multi-user.target From ed0e636a5559b6d641c5cb16725dcb511251fd39 Mon Sep 17 00:00:00 2001 From: Phrozyn Date: Tue, 29 Nov 2016 11:46:32 -0600 Subject: [PATCH 3/5] Adding systemd service files for all uwsgi processes and mongod. --- systemdfiles/mongod.service | 2 +- systemdfiles/mozdefalertplugins.service | 18 ++++++++++++++++++ systemdfiles/mozdefloginput.service | 18 ++++++++++++++++++ systemdfiles/mozdefmqwautoland.service | 18 ++++++++++++++++++ systemdfiles/mozdefmqwbrostage.service | 18 ++++++++++++++++++ systemdfiles/mozdefmqwfxastage.service | 18 ++++++++++++++++++ .../mozdefmqwinfosecsqsnonprod.service | 18 ++++++++++++++++++ systemdfiles/mozdefmqwnubisnonprod.service | 18 ++++++++++++++++++ systemdfiles/mozdefmqwrelengpapertrail.service | 18 ++++++++++++++++++ systemdfiles/mozdefmqwsyslog.service | 18 ++++++++++++++++++ systemdfiles/mozdefrestapi.service | 18 ++++++++++++++++++ 11 files changed, 181 insertions(+), 1 deletion(-) create mode 100644 systemdfiles/mozdefalertplugins.service create mode 100644 systemdfiles/mozdefloginput.service create mode 100644 systemdfiles/mozdefmqwautoland.service create mode 100644 systemdfiles/mozdefmqwbrostage.service create mode 100644 systemdfiles/mozdefmqwfxastage.service create mode 100644 systemdfiles/mozdefmqwinfosecsqsnonprod.service create mode 100644 systemdfiles/mozdefmqwnubisnonprod.service create mode 100644 systemdfiles/mozdefmqwrelengpapertrail.service create mode 100644 systemdfiles/mozdefmqwsyslog.service create mode 100644 systemdfiles/mozdefrestapi.service diff --git a/systemdfiles/mongod.service b/systemdfiles/mongod.service index a0633cec8..a32217a4e 100644 --- a/systemdfiles/mongod.service +++ b/systemdfiles/mongod.service @@ -7,7 +7,7 @@ Type=forking PIDFile=/var/run/mozdefdb/mozdefdb.pid ExecStart=/usr/bin/mongod --config /etc/mongod.conf ExecReload=/bin/kill -HUP $MAINPID -#Restart=always +Restart=always User=mozdef Group=mozdef StandardOutput=syslog diff --git a/systemdfiles/mozdefalertplugins.service b/systemdfiles/mozdefalertplugins.service new file mode 100644 index 000000000..51a2f4cd7 --- /dev/null +++ b/systemdfiles/mozdefalertplugins.service @@ -0,0 +1,18 @@ +[Unit] +Description=uWSGI mozdef Alert Plugins +After=syslog.target + +[Service] +# Requires systemd version 211 or newer +User=mozdef +Group=mozdef +ExecStart=/bin/bash -c 'cd /opt/mozdef/envs/mozdef/alerts; source /opt/mozdef/envs/mozdef/bin/activate; uwsgi --ini alertPlugins.ini' +Restart=always +KillSignal=SIGQUIT +Type=notify +StandardError=syslog +NotifyAccess=all + +[Install] +WantedBy=multi-user.target +Alias=alertPlugins diff --git a/systemdfiles/mozdefloginput.service b/systemdfiles/mozdefloginput.service new file mode 100644 index 000000000..7f4907fc2 --- /dev/null +++ b/systemdfiles/mozdefloginput.service @@ -0,0 +1,18 @@ +[Unit] +Description=uWSGI mozdefloginput +After=syslog.target + +[Service] +# Requires systemd version 211 or newer +User=mozdef +Group=mozdef +ExecStart=/bin/bash -c 'cd /opt/mozdef/envs/mozdef/loginput; source /opt/mozdef/envs/mozdef/bin/activate; uwsgi --ini loginput.ini' +Restart=always +KillSignal=SIGQUIT +Type=notify +StandardError=syslog +NotifyAccess=all + +[Install] +WantedBy=multi-user.target +Alias=loginput diff --git a/systemdfiles/mozdefmqwautoland.service b/systemdfiles/mozdefmqwautoland.service new file mode 100644 index 000000000..53c5900e0 --- /dev/null +++ b/systemdfiles/mozdefmqwautoland.service @@ -0,0 +1,18 @@ +[Unit] +Description=uWSGI mozdef mqwAutoland +After=syslog.target + +[Service] +# Requires systemd version 211 or newer +User=mozdef +Group=mozdef +ExecStart=/bin/bash -c 'cd /opt/mozdef/envs/mozdef/mq; source /opt/mozdef/envs/mozdef/bin/activate; uwsgi --ini mqwAutoland.ini' +Restart=always +KillSignal=SIGQUIT +Type=notify +StandardError=syslog +NotifyAccess=all + +[Install] +WantedBy=multi-user.target +Alias=mqwautoloand diff --git a/systemdfiles/mozdefmqwbrostage.service b/systemdfiles/mozdefmqwbrostage.service new file mode 100644 index 000000000..3823b658f --- /dev/null +++ b/systemdfiles/mozdefmqwbrostage.service @@ -0,0 +1,18 @@ +[Unit] +Description=uWSGI mozdef mqwBroStage +After=syslog.target + +[Service] +# Requires systemd version 211 or newer +User=mozdef +Group=mozdef +ExecStart=/bin/bash -c 'cd /opt/mozdef/envs/mozdef/mq; source /opt/mozdef/envs/mozdef/bin/activate; uwsgi --ini mqwBroStage.ini' +Restart=always +KillSignal=SIGQUIT +Type=notify +StandardError=syslog +NotifyAccess=all + +[Install] +WantedBy=multi-user.target +Alias=mqwbrostage diff --git a/systemdfiles/mozdefmqwfxastage.service b/systemdfiles/mozdefmqwfxastage.service new file mode 100644 index 000000000..32c77923b --- /dev/null +++ b/systemdfiles/mozdefmqwfxastage.service @@ -0,0 +1,18 @@ +[Unit] +Description=uWSGI mozdef mqwFXA Stage +After=syslog.target + +[Service] +# Requires systemd version 211 or newer +User=mozdef +Group=mozdef +ExecStart=/bin/bash -c 'cd /opt/mozdef/envs/mozdef/mq; source /opt/mozdef/envs/mozdef/bin/activate; uwsgi --ini mqwFxaStage.ini' +Restart=always +KillSignal=SIGQUIT +Type=notify +StandardError=syslog +NotifyAccess=all + +[Install] +WantedBy=multi-user.target +Alias=mqwfxastage diff --git a/systemdfiles/mozdefmqwinfosecsqsnonprod.service b/systemdfiles/mozdefmqwinfosecsqsnonprod.service new file mode 100644 index 000000000..57b43188d --- /dev/null +++ b/systemdfiles/mozdefmqwinfosecsqsnonprod.service @@ -0,0 +1,18 @@ +[Unit] +Description=uWSGI mozdef mqwInfosecSQSNonProd +After=syslog.target + +[Service] +# Requires systemd version 211 or newer +User=mozdef +Group=mozdef +ExecStart=/bin/bash -c 'cd /opt/mozdef/envs/mozdef/mq; source /opt/mozdef/envs/mozdef/bin/activate; uwsgi --ini mqwInfosecSQSNonProd.ini' +Restart=always +KillSignal=SIGQUIT +Type=notify +StandardError=syslog +NotifyAccess=all + +[Install] +WantedBy=multi-user.target +Alias=mqwinfosecsqsnonprod diff --git a/systemdfiles/mozdefmqwnubisnonprod.service b/systemdfiles/mozdefmqwnubisnonprod.service new file mode 100644 index 000000000..39497474d --- /dev/null +++ b/systemdfiles/mozdefmqwnubisnonprod.service @@ -0,0 +1,18 @@ +[Unit] +Description=uWSGI mozdef mqwNubisNonProd +After=syslog.target + +[Service] +# Requires systemd version 211 or newer +User=mozdef +Group=mozdef +ExecStart=/bin/bash -c 'cd /opt/mozdef/envs/mozdef/mq; source /opt/mozdef/envs/mozdef/bin/activate; uwsgi --ini mqwNubisNonProd.ini' +Restart=always +KillSignal=SIGQUIT +Type=notify +StandardError=syslog +NotifyAccess=all + +[Install] +WantedBy=multi-user.target +Alias=mqwnubisnonprod diff --git a/systemdfiles/mozdefmqwrelengpapertrail.service b/systemdfiles/mozdefmqwrelengpapertrail.service new file mode 100644 index 000000000..54ccaa31b --- /dev/null +++ b/systemdfiles/mozdefmqwrelengpapertrail.service @@ -0,0 +1,18 @@ +[Unit] +Description=uWSGI mozdef mqwRelengPapertrail +After=syslog.target + +[Service] +# Requires systemd version 211 or newer +User=mozdef +Group=mozdef +ExecStart=/bin/bash -c 'cd /opt/mozdef/envs/mozdef/mq; source /opt/mozdef/envs/mozdef/bin/activate; uwsgi --ini mqwRelengPapertrail.ini' +Restart=always +KillSignal=SIGQUIT +Type=notify +StandardError=syslog +NotifyAccess=all + +[Install] +WantedBy=multi-user.target +Alias=mqwrelengpapertrail diff --git a/systemdfiles/mozdefmqwsyslog.service b/systemdfiles/mozdefmqwsyslog.service new file mode 100644 index 000000000..6f0119892 --- /dev/null +++ b/systemdfiles/mozdefmqwsyslog.service @@ -0,0 +1,18 @@ +Unit] +Description=uWSGI mozdef mqwSyslog +After=syslog.target + +[Service] +# Requires systemd version 211 or newer +User=mozdef +Group=mozdef +ExecStart=/bin/bash -c 'cd /opt/mozdef/envs/mozdef/mq; source /opt/mozdef/envs/mozdef/bin/activate; uwsgi --ini mqwSyslog.ini' +Restart=always +KillSignal=SIGQUIT +Type=notify +StandardError=syslog +NotifyAccess=all + +[Install] +WantedBy=multi-user.target +Alias=mqwsyslog diff --git a/systemdfiles/mozdefrestapi.service b/systemdfiles/mozdefrestapi.service new file mode 100644 index 000000000..0ce971005 --- /dev/null +++ b/systemdfiles/mozdefrestapi.service @@ -0,0 +1,18 @@ +[Unit] +Description=uWSGI mozdef restapi +After=syslog.target + +[Service] +# Requires systemd version 211 or newer +User=mozdef +Group=mozdef +ExecStart=/bin/bash -c 'cd /opt/mozdef/envs/mozdef/rest; source /opt/mozdef/envs/mozdef/bin/activate; uwsgi --ini restapi.ini' +Restart=always +KillSignal=SIGQUIT +Type=notify +StandardError=syslog +NotifyAccess=all + +[Install] +WantedBy=multi-user.target +Alias=restapi From cc4a5c5c715384595ac9bd46eeb31aca0a5db3d0 Mon Sep 17 00:00:00 2001 From: A Smith Date: Tue, 29 Nov 2016 11:49:40 -0600 Subject: [PATCH 4/5] Delete \ misnamed file - typo in vi --- "systemdfiles/\\" | 17 ----------------- 1 file changed, 17 deletions(-) delete mode 100644 "systemdfiles/\\" diff --git "a/systemdfiles/\\" "b/systemdfiles/\\" deleted file mode 100644 index a0633cec8..000000000 --- "a/systemdfiles/\\" +++ /dev/null @@ -1,17 +0,0 @@ -[Unit] -Description=MongoDB Database Service -After=network.target - -[Service] -Type=forking -PIDFile=/var/run/mozdefdb/mozdefdb.pid -ExecStart=/usr/bin/mongod --config /etc/mongod.conf -ExecReload=/bin/kill -HUP $MAINPID -#Restart=always -User=mozdef -Group=mozdef -StandardOutput=syslog -StandardError=syslog - -[Install] -WantedBy=multi-user.target From 497edadf9ec2e2e2e454ef7eb5face8887a030ac Mon Sep 17 00:00:00 2001 From: A Smith Date: Tue, 29 Nov 2016 11:50:43 -0600 Subject: [PATCH 5/5] Delete \ Typo in vi created this --- "systemdfiles/\\" | 17 ----------------- 1 file changed, 17 deletions(-) delete mode 100644 "systemdfiles/\\" diff --git "a/systemdfiles/\\" "b/systemdfiles/\\" deleted file mode 100644 index a0633cec8..000000000 --- "a/systemdfiles/\\" +++ /dev/null @@ -1,17 +0,0 @@ -[Unit] -Description=MongoDB Database Service -After=network.target - -[Service] -Type=forking -PIDFile=/var/run/mozdefdb/mozdefdb.pid -ExecStart=/usr/bin/mongod --config /etc/mongod.conf -ExecReload=/bin/kill -HUP $MAINPID -#Restart=always -User=mozdef -Group=mozdef -StandardOutput=syslog -StandardError=syslog - -[Install] -WantedBy=multi-user.target