Merge pull request #54 from tracelabs/tom-refresh-april-2024

Tom refresh april 2024
tracelabs · Apr 6, 2024 · 37976e6 · 37976e6
2 parents 4fe36c2 + c1cbb3c
commit 37976e6
Show file tree

Hide file tree

Showing 18 changed files with 70 additions and 177 deletions.
diff --git a/.github/workflows/push-to-main.yml b/.github/workflows/push-to-main.yml
@@ -0,0 +1,38 @@
+name: push-to-main
+# This action will trigger whenever main gets updated
+# success on this action would imply success when we push a release and files are generated
+# triggers on PRs or direct commits to main or dev branches
+on:
+  push:
+    branches:
+      - main
+      - dev  # Added the dev branch here
+  pull_request:
+    branches:
+      - main
+      - dev  # And here as well
+
+jobs:
+  run-docker:
+    # Specifies that the job runs on an Ubuntu environment
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v4
+
+    # Sets up Docker environment
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v1
+
+    # uses the build in container option to build the vm files
+    # this test only checks the default build but others should work
+    - name: Run Docker command
+      run:  |
+          sudo apt update
+          sudo apt -y install debos p7zip qemu-utils zerofree
+          cd $GITHUB_WORKSPACE
+          chmod +x scripts/tl/*.sh
+          chmod +x scripts/*.sh
+          chmod +x *.sh
+          docker build -t tlvm-builder .
+          docker run --rm --interactive --net host --privileged --group-add $(stat -c '%g' /dev/kvm) --volume $(pwd):/recipes -v $(pwd)/images/:/images --workdir /recipes tlvm-builder ./build.sh
diff --git a/.github/workflows/releases.yml b/.github/workflows/releases.yml
@@ -23,12 +23,12 @@ jobs:
           chmod +x scripts/tl/*.sh
           chmod +x scripts/*.sh
           chmod +x *.sh
-          sudo ./build-vbox.sh
-          sudo ./build-vmware.sh
+          docker build -t tlvm-builder .
+          docker run --rm --interactive --net host --privileged --group-add $(stat -c '%g' /dev/kvm) --volume $(pwd):/recipes -v $(pwd)/images/:/images --workdir /recipes tlvm-builder ./build.sh
 
       - name: Release with Notes
         uses: softprops/action-gh-release@v1
         with:
           files: "images/*.*"
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/Dockerfile b/Dockerfile
@@ -1,6 +1,5 @@
 FROM docker.io/kalilinux/kali-rolling
 
-RUN apt-get update \
- && apt-get install  -y \
-    bmap-tools debos linux-image-amd64 p7zip parted qemu-utils xz-utils zerofree user-mode-linux libslirp-helper \
- && apt-get clean
+RUN apt update \
+ && apt --quiet --yes install --no-install-recommends \
+    bmap-tools debos dosfstools linux-image-amd64 p7zip parted qemu-utils systemd-resolved xz-utils zerofree
diff --git a/README.md b/README.md
@@ -14,7 +14,6 @@ After you've downloaded the release that applies to you, it should be as simple
 
 https://github.com/tracelabs/tlosint-vm/releases
 
-
 ## Login Credntials
 `osint`
 `osint`
@@ -38,7 +37,6 @@ Locate the OVA in the images/ directory
 ```
 ## Applications
 
-
 The majority of OSINT tools no longer come pre-packaged with the VM. There is an option to download them via a script on the desktop though. This keeps the size of the release small enough to build and host on Github. If you want to install the tools in the script then: 
 - Open a terminal
 - Navigate to the `Desktop` folder

diff --git a/build-in-container.sh b/build-in-container.sh
@@ -1,5 +1,6 @@
 #!/bin/bash
-
+# checks for either Podman or Docker, then builds the container image and runs it
+# normal args can be passed to the build.sh script, e.g. --no-cache
 set -eu
 
 IMAGE=tlvm-builder
@@ -28,10 +29,10 @@ fi
 bold() { tput bold; echo "$@"; tput sgr0; }
 vrun() { bold "$" "$@"; "$@"; }
 vexec() { bold "$" "$@"; exec "$@"; }
-
+# build docker image if it doesn't exist
 if ! $PODMAN inspect --type image $IMAGE >/dev/null 2>&1; then
     vrun $PODMAN build -t $IMAGE .
     echo
 fi
-
+# run the build script inside a container
 vexec $PODMAN run "${OPTS[@]}" $IMAGE ./build.sh "$@"
diff --git a/build.sh b/build.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-
+# script that will set up the build environment and run debos
 set -eu
 
 WELL_KNOWN_CACHING_PROXIES="\
@@ -32,7 +32,7 @@ FORMAT=
 KEEP=false
 LOCALE=
 MIRROR=
-PACKAGES=
+PACKAGES=libfuse2
 PASSWORD=
 ROOTFS=
 SIZE=40
@@ -42,6 +42,7 @@ USERNAME=
 USERPASS=
 VARIANT=vmware
 VERSION=2023.03
+# output will be compressed by default
 ZIP=true
 OUTDIR=images
 
@@ -139,7 +140,7 @@ Build options:
   -s SIZE     Size of the disk image in GB, default: $(b $SIZE)
   -v VARIANT  Variant of image to build (see below for details), default: $(b $VARIANT)
               Supported values: $SUPPORTED_VARIANTS
-  -z          Zip images and metadata files after the build
+  -z          Do not zip images and metadata files after the build
 
 Customization options:
   -D DESKTOP  Desktop environment installed in the image, default: $(b $DEFAULT_DESKTOP)

diff --git a/overlays/tl-overlays/etc/live/config.conf.d/kali.conf b/overlays/tl-overlays/etc/live/config.conf.d/kali.conf
diff --git a/scripts/tl/install-obsidian.sh b/scripts/tl/install-obsidian.sh
@@ -1,6 +1,9 @@
 #!/bin/bash
-# Install Obsidian app image
+# Install Obsidian app image to desktop of user
 
-wget -O /home/osint/Obsidian.AppImage https://github.com/obsidianmd/obsidian-releases/releases/download/v1.4.14/Obsidian-1.4.14.AppImage 
-chmod +x /home/osint/Obsidian.AppImage
-chmod +x /home/osint/Desktop/obsidian.desktop
+# username set when launchine the build
+username=$1
+
+wget -O /home/$username/Obsidian.AppImage https://github.com/obsidianmd/obsidian-releases/releases/download/v1.5.12/Obsidian-1.5.12.AppImage
+chmod +x /home/$username/Obsidian.AppImage
+chmod +x /home/$username/Desktop/obsidian.desktop
diff --git a/scripts/tl/install-tooling-ci.sh b/scripts/tl/install-tooling-ci.sh
diff --git a/scripts/tl/install-tooling-py.sh b/scripts/tl/install-tooling-py.sh
diff --git a/scripts/tl/install-tooling.sh b/scripts/tl/install-tooling.sh
diff --git a/scripts/tl/tools/apt-tooling.txt b/scripts/tl/tools/apt-tooling.txt
diff --git a/scripts/tl/tools/custom-install/DumpsterDiver.sh b/scripts/tl/tools/custom-install/DumpsterDiver.sh
diff --git a/scripts/tl/tools/custom-install/Infoga.sh b/scripts/tl/tools/custom-install/Infoga.sh
diff --git a/scripts/tl/tools/custom-install/phoneinfoga.sh b/scripts/tl/tools/custom-install/phoneinfoga.sh
diff --git a/scripts/tl/tools/custom-install/spiderpig.sh b/scripts/tl/tools/custom-install/spiderpig.sh
diff --git a/scripts/tl/tools/custom-install/tjnull-OSINT-Notebook.sh b/scripts/tl/tools/custom-install/tjnull-OSINT-Notebook.sh
diff --git a/tlosint.yaml b/tlosint.yaml
@@ -1,3 +1,9 @@
+# playbook that dictates the installation of the TLOSINT VM
+# This playbook is based on the Kali Linux playbook from debos
+# each action is a step in the installation process
+# this playbook will create a bare bones kali linux installation
+# most of our additions will be happening in the overlay section of the playbook
+# in the overaly section we will add in browser bookmarks, custom scripts, and other customizations
 {{ $arch := .arch }}
 {{ $branch := .branch }}
 {{ $format := .format }}
@@ -62,7 +68,9 @@ actions:
     packages:
       - kali-linux-core
       - kali-desktop-xfce
-
+  # this action "layers" a lot of extra stuff on to the installed filesystem
+  # this is where we can add things to the desktop or other parts of the filesystem
+  # note: the user's home directory does not yet exist at this point
   - action: overlay
     source: overlays/tl-overlays
 
@@ -81,11 +89,11 @@ actions:
     action: run
     chroot: true
     script: scripts/create-user.sh {{ $username }} "{{ $password }}"
-
+  # pull down the Obsidian for note taking
   - description: "Install obsidian"
     action: run
     chroot: true
-    script: scripts/tl/install-obsidian.sh
+    script: scripts/tl/install-obsidian.sh {{ $username }}
 
   - description: "chmod +x files that need it"
     action: run