Tips-Of-Mine/soc-fortress
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
soc-fortress/iris-web/upgrades/upgrade_to_2.0.0.py
hcornet 506716e703
Some checks failed
Deployment Verification / deploy-and-test (push) Failing after 29s
Details
first sync
2025-03-04 07:59:21 +01:00

174 lines
6.4 KiB
Python
Raw Permalink Blame History

#!/usr/bin/env python3
#
# IRIS Source Code
# Copyright (C) 2023 - DFIR-IRS
# contact@dfir-iris.org
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 3 of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program; if not, write to the Free Software Foundation,
# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
import argparse
import logging as log
from pathlib import Path
root_dir = Path(__file__).parent.parent
LOG_FORMAT = '%(asctime)s :: %(levelname)s :: %(module)s :: %(funcName)s :: %(message)s'
LOG_TIME_FORMAT = '%Y-%m-%d %H:%M:%S'
log.basicConfig(level=log.INFO, format=LOG_FORMAT, datefmt=LOG_TIME_FORMAT)
env_upgrade_map = {
"DB_USER": "POSTGRES_ADMIN_USER",
"DB_PASS": "POSTGRES_ADMIN_PASSWORD",
"DB_HOST": "POSTGRES_SERVER",
"DB_PORT": "POSTGRES_PORT",
"SECRET_KEY": "IRIS_SECRET_KEY",
"SECURITY_PASSWORD_SALT": "IRIS_SECURITY_PASSWORD_SALT",
"APP_HOST": "IRIS_UPSTREAM_SERVER",
"APP_PORT": "IRIS_UPSTREAM_PORT",
"IRIS_WORKER": "#IRIS_WORKER"
}
class IrisUpgrade200:
@staticmethod
def handle_ports(content):
if 'INTERFACE_HTTPS_PORT' not in content:
log.info('What port do you want to use for HTTPS?')
port = input()
content += f"\n\n#IRIS Ports\nINTERFACE_HTTPS_PORT={port}"
return content
def handle_env(self, dry_run=False):
with open(root_dir / '.env', "r") as f:
content = f.read()
for old, new in env_upgrade_map.items():
if f"{old}=" not in content:
continue
if f"{new}=" in content:
log.info(f'{new} already set. Skipping')
continue
if dry_run:
log.info(f'Would have replaced {old} with {new}')
else:
log.info(f'Replacing {old} with {new}')
content = content.replace(f"{old}=", f"{new}=")
if "IRIS_WORKER=1" in content:
if dry_run:
log.info('Would have disabled old IRIS_WORKER')
else:
log.info('Old IRIS_WORKER is set. Disabling')
content = content.replace("IRIS_WORKER=1", "#IRIS_WORKER=0")
if "IRIS_AUTHENTICATION_METHOD=" not in content:
if dry_run:
log.info('Would have added IRIS_AUTHENTICATION_METHOD to .env file')
else:
log.info('Adding IRIS_AUTHENTICATION_METHOD to .env file')
content += f"\n\n#IRIS Authentication\nIRIS_AUTHENTICATION_METHOD=local"
log.warning('IRIS v2.0.0 changed the default listening port from 4433 to 443.')
log.info('Do you want to change the port? (y/n)')
answer = input()
if answer.lower() == "y":
content = self.handle_ports(content)
log.info("IRIS v2.0.0 comes with new features. The following is optional.")
log.info("Do you want to set the organization name? (y/n)")
answer = input()
if answer.lower() == "y":
log.info("Please enter the organization name:")
organization_name = input()
if "IRIS_ORGANIZATION_NAME=" in content:
log.info("IRIS_ORGANIZATION_NAME already set. Replacing it.")
content = content.replace(f"IRIS_ORGANIZATION_NAME=", "#IRIS_ORGANIZATION_NAME=")
content += f"\n\n#IRIS Organization\nIRIS_ORGANIZATION_NAME={organization_name}"
if not dry_run:
log.info('Writing new .env file')
with open(root_dir / '.env', "w") as f:
f.write(content)
else:
log.info('Dry run: would have written new .env file')
print('>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\n')
print(content)
print('\n<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<')
def upgrade(self, dry_run=False):
"""
Upgrade IRIS to 2.0.0
"""
if not self.check(silent=True):
log.info('Upgrade aborted')
return False
log.info('Checking .env file')
self.handle_env(dry_run=dry_run)
log.info('Upgrade done. Please check the changes. ')
log.info('You can now rebuild the dockers with `docker compose build --no-cache`')
log.info('And start them with `docker compose up`')
@staticmethod
def check(silent=False):
"""
Check if upgrade looks doable
"""
if not (root_dir / '.env').exists():
log.error(f'No .env file found in {root_dir}')
log.info('You can create one with the following command: cp .env.model .env')
log.info('Then edit it to match your criteria')
log.info('You do not need to run this script to upgrade to 2.0.0')
return False
with open(root_dir / '.env', "r") as f:
content = f.read()
if 'POSTGRES_USER' not in content:
log.error('No POSTGRES_USER found in .env file')
log.info('You can edit it to match your criteria')
log.info('You do not need to run this script to upgrade to 2.0.0')
return False
log.info('It looks like you are coming from a previous version of IRIS')
if not silent:
log.info('You can run this script to upgrade to 2.0.0')
return True
if __name__ == "__main__":
parser = argparse.ArgumentParser(description="IRIS 2.0.0 upgrade script")
parser.add_argument("-i", "--install", help="Install upgrade", action="store_true", required=False)
parser.add_argument("-r", "--dry-run", help="Dry run upgrade and see changes", action="store_true",
required=False)
parser.add_argument("-c", "--check", help="Check if upgrade looks doable",
action="store_true", required=False)
args = parser.parse_args()
iu = IrisUpgrade200()
if args.install:
iu.upgrade(args.dry_run)
if args.check:
iu.check()
Reference in New Issue View Git Blame Copy Permalink