mozilla
/
mig
зеркало из https://github.com/mozilla/mig.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

[doc] various fixes, thanks to @mvanotti

This commit is contained in:
Julien Vehent 2015-10-05 10:53:18 -04:00
Родитель 37a7c33cc8
Коммит 75161adc20
5 изменённых файлов: 32 добавлений и 12 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

2
doc/concepts.rst
Просмотреть файл

@ -41,7 +41,7 @@ Terminology:
* **Module**: single feature Go program that does stuff, like inspecting a file
system, listing connected IP addresses, creating user accounts or adding
firewall rules
* **Scheduler**: a messenging daemon that routes actions and commands to and from
* **Scheduler**: a messaging daemon that routes actions and commands to and from
agents.
* **Relay**: a RabbitMQ server that queues messages between schedulers and agents.
* **Database**: a storage backend used by the scheduler and the api

2
doc/concepts.rst.html
Просмотреть файл

@ -245,7 +245,7 @@ milliseconds.</p><p>Terminology:</p><ul><li><p><strong>Investigators</strong>: h
from the scheduler through the relays, execute those commands using modules,
and sends the results back to the relays.</p></li><li><p><strong>Module</strong>: single feature Go program that does stuff, like inspecting a file
system, listing connected IP addresses, creating user accounts or adding
firewall rules</p></li><li><p><strong>Scheduler</strong>: a messenging daemon that routes actions and commands to and from
firewall rules</p></li><li><p><strong>Scheduler</strong>: a messaging daemon that routes actions and commands to and from
agents.</p></li><li><p><strong>Relay</strong>: a RabbitMQ server that queues messages between schedulers and agents.</p></li><li><p><strong>Database</strong>: a storage backend used by the scheduler and the api</p></li><li><p><strong>API</strong>: a REST api that exposes the MIG platform to clients</p></li><li><p><strong>Client</strong>: a program used by an investigator to interface with MIG (like the
MIG Console, or the action generator)</p></li><li><p><strong>Worker</strong>: a worker is a small extension to the scheduler and api that
performs very specific tasks based on events received via the relay.</p></li></ul><p>An investigator uses a client (such as the MIG Console) to communicate with

14
doc/configuration.rst
Просмотреть файл

@ -73,6 +73,10 @@ commands:
Or just run `make` that will build everything and runs tests as well.
Note: running `make` will build everything including the mig-console which
requires **readline** to be installed (`readline-devel` on rhel/fedora or
`libreadline-dev` on debian/ubuntu).
.. code:: bash
$ make
@ -269,7 +273,10 @@ Start by copying the ca.crt, scheduler.key and scheduler.crt we generated in the
PKI into the /etc/mig/ folder.
Then edit the configuration file to replace the DB and RabbitMQ parameters with
the ones that we obtained in previous steps. For example:
the ones that we obtained in previous steps. The default configurations provided
for both Postgres and RabbitMQ are purposedly wrong and need to be replaced,
otherwise the scheduler will fail to connect. Below is an example configuration
that would work with the setup we have prepared.
.. code::
@ -620,8 +627,9 @@ investigations as well and manage investigators. We will use `mig-console` to
create our first investigator.
Here we will assume you already have GnuPG installed, and that you generate a
keypair for yourself. You should be able to access your PGP Fingerprint using
this command:
keypair for yourself (see the `doc on gnupg.org
<https://www.gnupg.org/gph/en/manual.html#AEN26>`_).
You should be able to access your PGP Fingerprint using this command:
.. code::

13
doc/configuration.rst.html
Просмотреть файл

@ -245,7 +245,9 @@ and workers into a single DEB package. Otherwise, use the following make
commands:</p><pre><code class="code bash"><span class="name variable">$ </span>make mig-scheduler
<span class="name variable">$ </span>make mig-api
<span class="name variable">$ </span>make worker-agent-intel
<span class="name variable">$ </span>make worker-compliance-item</code></pre><p>Or just run <cite>make</cite> that will build everything and runs tests as well.</p><pre><code class="code bash"><span class="name variable">$ </span>make</code></pre></section><section id="deploy-the-postgresql-database"><header><h2><a href="#id5">2   Deploy the Postgresql database</a></h2></header><p>Install postgres 9.3+ on a server and copy the scripts
<span class="name variable">$ </span>make worker-compliance-item</code></pre><p>Or just run <cite>make</cite> that will build everything and runs tests as well.</p><p>Note: running <cite>make</cite> will build everything including the mig-console which
requires <strong>readline</strong> to be installed (<cite>readline-devel</cite> on rhel/fedora or
<cite>libreadline-dev</cite> on debian/ubuntu).</p><pre><code class="code bash"><span class="name variable">$ </span>make</code></pre></section><section id="deploy-the-postgresql-database"><header><h2><a href="#id5">2   Deploy the Postgresql database</a></h2></header><p>Install postgres 9.3+ on a server and copy the scripts
<cite>database/createlocaldb.sh</cite> and <cite>database/schema.sql</cite>. Make sure you have sudo
access to the server and run the script (or run the commands from createlocaldb.sh
manually).</p><pre><code class="code bash"><span class="name variable">$ </span>./createlocaldb.sh
@ -348,7 +350,10 @@ a template configuration will be placed in /etc/mig/scheduler.cfg. Otherwise,
you can find one in <cite>conf/scheduler.cfg.inc</cite>.</p><p>If you use <cite>deb-server</cite>, simply <cite>dpkg -i</cite> the package and the scheduler will be
installed into /opt/mig/bin/mig-scheduler, its configuration kept in /etc/mig.</p><p>If you build your own binary, get one by running <cite>make mig-scheduler</cite>.</p><p>Start by copying the ca.crt, scheduler.key and scheduler.crt we generated in the
PKI into the /etc/mig/ folder.</p><p>Then edit the configuration file to replace the DB and RabbitMQ parameters with
the ones that we obtained in previous steps. For example:</p><pre><code class="code">[agent]
the ones that we obtained in previous steps. The default configurations provided
for both Postgres and RabbitMQ are purposedly wrong and need to be replaced,
otherwise the scheduler will fail to connect. Below is an example configuration
that would work with the setup we have prepared.</p><pre><code class="code">[agent]
; timeout controls the inactivity period after which
; agents are marked offline
timeout = "60m"
@ -635,8 +640,8 @@ command line tool that can run investigations quickly, and <cite>mig-console</ci
readline console that can also run investigations but browse through passed
investigations as well and manage investigators. We will use <cite>mig-console</cite> to
create our first investigator.</p><p>Here we will assume you already have GnuPG installed, and that you generate a
keypair for yourself. You should be able to access your PGP Fingerprint using
this command:</p><pre><code class="code">$ gpg --fingerprint myinvestigator@example.net
keypair for yourself (see the <a class="reference external" href="https://www.gnupg.org/gph/en/manual.html#AEN26">doc on gnupg.org</a>).
You should be able to access your PGP Fingerprint using this command:</p><pre><code class="code">$ gpg --fingerprint myinvestigator@example.net
pub 2048R/3B763E8F 2013-04-30
Key fingerprint = E608 92BB 9BD8 9A69 F759 A1A0 A3D6 5217 3B76 3E8F

13
tools/create_rabbitmq_config.sh
Просмотреть файл

@ -46,9 +46,16 @@ echo '[
{certfile, "/etc/rabbitmq/rabbitmq.crt"},
{keyfile, "/etc/rabbitmq/rabbitmq.key"},
{verify, verify_peer},
{fail_if_no_peer_cert, true}
]}
]}
{fail_if_no_peer_cert, true},
{versions, ['tlsv1.2', 'tlsv1.1']},
{ciphers, [{dhe_rsa,aes_256_cbc,sha256},
{dhe_rsa,aes_128_cbc,sha256},
{dhe_rsa,aes_256_cbc,sha},
{rsa,aes_256_cbc,sha256},
{rsa,aes_128_cbc,sha256},
{rsa,aes_256_cbc,sha}]}
]}
]}
].' > $mqconf
sudo mv $mqconf /etc/rabbitmq/rabbitmq.config