#!/bin/bash echo "[+] Verification des droits d acces a ROOT" if [ "$EUID" -ne 0 ];then echo "Veuillez executer ce script en tant que ROOT" exit 1 fi echo "[+] Regler le redemarrage sur automatique pour eviter les pop ups de redemarrage" sed -i 's/#$nrconf{restart} = '"'"'i'"'"';/$nrconf{restart} = '"'"'a'"'"';/g' /etc/needrestart/needrestart.conf echo "[+] Verification des mises a jour" apt-get update apt-get full-upgrade -y echo "[+] Definition du nombre maximum de fichiers pour opensearch" sysctl -w vm.max_map_count=262144 echo 'vm.max_map_count=262144' >> /etc/sysctl.conf echo "[+] Installation des depenbdancies" apt install dirmngr lsb-release gnupg apt-transport-https ca-certificates software-properties-common -y apt install apt-transport-https uuid-runtime pwgen net-tools gnupg gnupg2 wgetcurl dirmngr -y echo "[+] Configuration NTP" timedatectl set-timezone Europe/Paris echo "[+] Installation de MongoDB" wget -qO - https://www.mongodb.org/static/pgp/server-6.0.asc | apt-key add - echo "deb http://repo.mongodb.org/apt/debian bullseye/mongodb-org/6.0 main" | tee /etc/apt/sources.list.d/mongodb-org-6.0.list apt update apt install -y mongodb-org wget http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2.23_amd64.deb dpkg -i libssl1.1_1.1.1f-1ubuntu2.23_amd64.deb apt install -y mongodb-org echo "[+] Demarrer de Mongod" systemctl daemon-reload systemctl enable mongod systemctl restart mongod systemctl --type=service --state=active | grep mongod echo "[+] Desactivation de la prise en charge des pages volumineuses" cat > /etc/systemd/system/disable-transparent-huge-pages.service < /dev/null' [Install] WantedBy=basic.target EOF echo "[+] Demarrer de Disable-transparent-huge-pages" systemctl daemon-reload systemctl enable disable-transparent-huge-pages.service systemctl start disable-transparent-huge-pages.service echo "[+] Creation utilisateur Opensearch" adduser --system --disabled-password --disabled-login --home /var/empty --no-create-home --quiet --force-badname --group opensearch echo "[+] Installion Opensearch" curl -o- https://artifacts.opensearch.org/publickeys/opensearch.pgp | apt-key add - echo "deb https://artifacts.opensearch.org/releases/bundle/opensearch/2.x/apt stable main" | tee -a /etc/apt/sources.list.d/opensearch-2.x.list apt update env OPENSEARCH_INITIAL_ADMIN_PASSWORD=IT-Connect2024! apt-get install opensearch apt install opensearch=2.5.0 ####################################### # Installation d'OpenSearch ####################################### curl -o- https://artifacts.opensearch.org/publickeys/opensearch.pgp | sudo gpg --dearmor --batch --yes -o /usr/share/keyrings/opensearch-keyring echo "deb [signed-by=/usr/share/keyrings/opensearch-keyring] https://artifacts.opensearch.org/releases/bundle/opensearch/2.x/apt stable main" | sudo tee /etc/apt/sources.list.d/opensearch-2.x.list apt update env OPENSEARCH_INITIAL_ADMIN_PASSWORD=IT-Connect2024! apt-get install opensearch nano /etc/opensearch/opensearch.yml cluster.name: graylog node.name: ${HOSTNAME} path.data: /var/lib/opensearch path.logs: /var/log/opensearch discovery.type: single-node network.host: 127.0.0.1 action.auto_create_index: false plugins.security.disabled: true ####################################### # Configurer Java (JVM) ####################################### nano /etc/opensearch/jvm.options -Xms1g -Xmx1g -Xms4g -Xmx4g cat /proc/sys/vm/max_map_count systemctl daemon-reload systemctl enable opensearch systemctl restart opensearch ####################################### # Installation de Graylog ####################################### wget https://packages.graylog2.org/repo/packages/graylog-6.1-repository_latest.deb dpkg -i graylog-6.1-repository_latest.deb apt update apt install graylog-server pwgen -N 1 -s 96 wVSGYwOmwBIDmtQvGzSuBevWoXe0MWpNWCzhorBfvMMhia2zIjHguTbfl4uXZJdHOA0EEb1sOXJTZKINhIIBm3V57vwfQV59 nano /etc/graylog/server/server.conf echo -n "PuitsDeLogs@" | shasum -a 256 6b297230efaa2905c9a746fb33a628f4d7aba4fa9d5c1b3daa6846c68e602d71 nano /etc/graylog/server/server.conf root_password_sha2 systemctl enable --now graylog-server tail -f /var/log/graylog-server/server.log