Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #INSTALL GRAYLOG2 AND NGINX AUTOMAGICALLY @bryptik 8/14/18
- #ADD LOGGING LATER
- #LOGFILE="/var/log/graylog2-install.log"
- INFO="\033[1;32m"
- RESET="\033[0m"
- echo "${INFO}Starting Graylog2 Installation${RESET}"
- #GET PASSWORDS FOR LATER
- read -p 'Username: ' nginxUsername
- read -p 'Password: ' passvar
- #DISABLE IPV6
- echo "${INFO}Disabling IPv6${RESET}"
- echo " net.ipv6.conf.all.disable_ipv6 = 1" >> /etc/sysctl.conf
- echo " net.ipv6.conf.default.disable_ipv6 = 1" >> /etc/sysctl.conf
- echo " net.ipv6.conf.lo.disable_ipv6 = 1" >> /etc/sysctl.conf
- #UPDATE AND GET JAVA
- echo "${INFO}Verifying system is up to date and installing initial dependencies${RESET}"
- apt-get update && apt-get upgrade -y
- apt-get install -y apt-transport-https uuid-runtime pwgen software-properties-common python-software-properties debconf-utils pwgen
- #ADD JAVA WEB REPO
- echo "${INFO}Installing JAVA 8 Dependency from Oracle${RESET}"
- add-apt-repository -y ppa:webupd8team/java
- echo "oracle-java8-installer shared/accepted-oracle-license-v1-1 select true" | sudo debconf-set-selections
- apt-get update
- apt-get install -y oracle-java8-installer
- #MONGODB INSTALL
- echo "${INFO}Installing MongoDB${RESET}"
- apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 2930ADAE8CAF5059EE73BB4B58712A2291FA4AD5
- echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.6 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.6.list
- apt-get update
- apt-get install -y mongodb-org
- #AUTOSTART MONGODB SERVICE
- echo "${INFO}Setting MongoDB Services${RESET}"
- systemctl daemon-reload
- systemctl enable mongod.service
- systemctl restart mongod.service
- #GET ELASTIC
- echo "${INFO}Installing Elastic Search 5x (Graylog2 is not compatible with 6x)${RESET}"
- wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
- echo "deb https://artifacts.elastic.co/packages/5.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-5.x.list
- apt-get update && sudo apt-get install elasticsearch
- #SET CLUSTER.NAME TO GRAYLOG
- echo "${INFO}Setting Elastic cluster.name to graylog${RESET}"
- sed -i 's/#cluster.name.*/cluster.name: graylog/g' /etc/elasticsearch/elasticsearch.yml
- #AUTOSTART ELASTICSEARCH SERVICE
- echo "${INFO}Setting ElasticSearch Services${RESET}"
- systemctl daemon-reload
- systemctl enable elasticsearch.service
- systemctl restart elasticsearch.service
- #DOWNLOAD AND INSTALL GRAYLOG SERVER
- echo "${INFO}Download and install Graylog2 DEB Latest${RESET}"
- wget https://packages.graylog2.org/repo/packages/graylog-2.4-repository_latest.deb
- sudo dpkg -i graylog-2.4-repository_latest.deb
- sudo apt-get update && sudo apt-get install graylog-server
- #MODIFY GRAYLOG2 CONFIGURATION
- echo "${INFO}Adjust Graylog2 Settings${RESET}"
- HOSTIPADDR=$(ifconfig | awk '/inet addr/{print substr($2,6)}'| head -n 1)
- SPASS=$(pwgen -N 1 -s 96)
- UPASS=$(echo -n $passvar | sha256sum | cut -c1-64) #DROP THAT -
- sed -i 's/#root_username.*/root_username = '$nginxUsername' /g' /etc/graylog/server/server.conf
- sed -i 's/password_secret.*/password_secret = '$SPASS' /g' /etc/graylog/server/server.conf
- sed -i 's/root_password_sha2.*/root_password_sha2 = '"$UPASS"' /g' /etc/graylog/server/server.conf
- sed -i 's/rest_listen_uri.*/rest_listen_uri = '"http:\/\/0.0.0.0:9000\/api\/"' /g' /etc/graylog/server/server.conf
- sed -i 's/#rest_transport_uri.*/rest_transport_uri = http:\/\/'"$HOSTIPADDR"':9000\/api\/ /g' /etc/graylog/server/server.conf
- sed -i 's/#web_listen_uri.*/web_listen_uri = http:\/\/0.0.0.0:9000\/ /g' /etc/graylog/server/server.conf
- #AUTOSTART GRAYLOG2 SERVICES
- echo "${INFO}Setting Graylog2 Services${RESET}"
- systemctl daemon-reload
- systemctl enable graylog-server.service
- systemctl restart graylog-server.service
- #CREATE SSL CERTIFICATES
- echo "${INFO}Generating SSL Certificates${RESET}"
- HOSTIPADDR=$(ifconfig | awk '/inet addr/{print substr($2,6)}'| head -n 1)
- sed -i '226s/.*/subjectAltName = IP: '"$HOSTIPADDR"'/' /etc/ssl/openssl.cnf
- mkdir -p /etc/pki/tls/certs
- mkdir /etc/pki/tls/private
- openssl req -config /etc/ssl/openssl.cnf -x509 -days 3650 -batch -nodes -newkey rsa:2048 -keyout /etc/pki/tls/private/Graylog2.key -out /etc/pki/tls/certs/Graylog2.crt
- #INSTALL NGINX PROXY
- echo "${INFO}Installing NGINX front end proxy for Graylog2${RESET}"
- apt-get install -y nginx apache2-utils
- #CREATE NGINX GRAYLOG2 SITE
- echo "${INFO}Creating new NGINX site${RESET}"
- cp /etc/nginx/sites-available/default /etc/nginx/sites-available/backup_default
- truncate -s 0 /etc/nginx/sites-available/default
- newDefault="
- server {
- listen 443 default ssl;
- ssl_certificate /etc/pki/tls/certs/Graylog2.crt;
- ssl_certificate_key /etc/pki/tls/private/Graylog2.key;
- ssl_session_cache shared:SSL:10m;
- server_name $HOSTIPADDR;
- access_log /var/log/nginx/graylog.access.log;
- location / {
- proxy_set_header Host \$host;
- proxy_set_header X-Forwarded-Host \$host;
- proxy_set_header X-Forwarded-Server \$host;
- proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
- proxy_set_header X-Graylog-Server-URL https://\$server_name/api;
- proxy_pass http://127.0.0.1:9000;
- }
- }
- "
- echo "$newDefault" >> /etc/nginx/sites-available/default
- echo "${INFO}Testing NGINX Config${RESET}"
- nginx -t
- systemctl restart nginx
- #SET NGINX SERVICES
- systemctl start nginx
- systemctl enable nginx
- #FINALE!
- echo "${INFO}Graylog2 has been installed${RESET}"
- echo "Browse to your server and sign-in @ "$HOSTIPADDR
- echo "Username: " $nginxUsername
- echo "Password: " $passvar
- echo "Additional Details:"
- echo "SSL cert: /etc/pki/tls/certs/Graylog2.crt"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement