Merge pull request #40 from Honeybrain/reconfig

Reconfig
Honeybrain · Mar 21, 2024 · 49931e1 · 49931e1
2 parents c03a2b8 + 7a4fa9b
commit 49931e1
Show file tree

Hide file tree

Showing 8 changed files with 750 additions and 0 deletions.
diff --git a/config/generator/docker-compose-ips-template.yml b/config/generator/docker-compose-ips-template.yml
@@ -0,0 +1,36 @@
+version: '3'
+services:
+  fail2ban:
+    image: adrienroco/hb_services_fail2ban:latest
+    container_name: fail2ban
+    restart: "unless-stopped"
+    network_mode: host
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock"
+      - "./honeypot/logs/suricata/fast.log:/var/log/suricata.log"
+      - "./honeypot/logs/fail2ban:/var/log/fail2ban"
+      - "./honeypot/config/fail2ban:/data"
+      - "/var/lib/docker/containers/:/container-logs/:ro"
+      - "./honeypot/config/nginx/block.conf:/etc/nginx/block.conf"
+      - "./honeypot/config/nginx/nginx.conf:/etc/nginx/nginx.conf"
+    env_file:
+      - "./honeypot/fail2ban.env"
+    depends_on:
+      - suricata
+
+  suricata:
+    image: jasonish/suricata:latest
+    container_name: suricata
+    network_mode: host
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+      - SYS_NICE
+    volumes:
+      - "./honeypot/logs/suricata/fast.log:/var/log/suricata/fast.log"
+      - "./honeypot/config/suricata/suricata.yaml:/etc/suricata/suricata.yaml"
+      - "./honeypot/config/suricata/suricata.rules:/var/lib/suricata/rules/suricata.rules"
+    command: -i ${NETWORK_INTERFACE:-null}
diff --git a/config/generator/docker-compose-template.yml b/config/generator/docker-compose-template.yml
@@ -0,0 +1,122 @@
+version: '3'
+services:
+  reverse_proxy:
+    image: nginx:latest
+    container_name: reverse_proxy
+    volumes:
+      - "./honeypot/config/nginx/nginx.conf:/etc/nginx/nginx.conf"
+      - "./honeypot/config/nginx/block.conf:/etc/nginx/block.conf"
+      - "./honeypot/logs/nginx:/var/log/nginx"
+    ports:
+      - "80:80"
+    networks:
+      - services_network
+    depends_on:
+      - shop
+
+  shop:
+    image: shop_image
+    container_name: shop
+    build:
+      context: {{ dockerfile }}
+    networks:
+      - services_network
+      - honeypot_network
+{% if num_dummy_pc is not none %}
+  {% include 'dummy_pc_template.yml' %}
+{% endif %}
+{% if ftp_ip_address is not none %}
+  {% include 'ftp_server_template.yml' %}
+{% endif %}
+
+  mongo:
+    container_name: mongo
+    image: mongo:latest
+    networks:
+      - dashboard_network
+
+  backend:
+    image: adrienroco/hb_dashboard_back:latest
+    container_name: backend
+    environment:
+      - NODE_ENV=production
+      - GRPC_URL=backend:50051
+      - SMTP_HOST=smtp.zoho.eu
+      - SMTP_PORT=465
+      - [email protected]
+      - [email protected]
+      - SMTP_PASSWORD=H!2HQwusWch-:xc
+    networks:
+      - dashboard_network
+    volumes:
+      - "./honeypot/config/wireguard/peer1:/app/honeypot/peer1"
+      - "./honeypot/logs/suricata/fast.log:/app/honeypot/fast.log"
+      - "./honeypot/config/nginx/block.conf:/app/honeypot/block.conf"
+      - "./honeypot/config/suricata/suricata.rules:/app/honeypot/suricata.rules"
+      - "./honeypot/config/fail2ban/filter.d/nginx-honeypot.conf:/app/honeypot/nginx-honeypot.conf"
+      - "./honeypot/config/fail2ban/action.d/geohostsdeny.conf:/app/honeypot/geohostsdeny.conf"
+      - "/var/run/docker.sock:/var/run/docker.sock"
+    healthcheck:
+      test: ["CMD", "nc", "-zv", "localhost", "50051"]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+    depends_on:
+      - mongo
+
+  frontend:
+    image: adrienroco/hb_dashboard_front:latest
+    container_name: frontend
+    environment:
+      - NODE_ENV=production
+    ports:
+      - "3000:3000"
+    networks:
+      - dashboard_network
+    healthcheck:
+      test: ["CMD", "curl", "--fail", "http://localhost:3000/"]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+
+  envoy:
+    image: adrienroco/hb_dashboard_envoy:latest
+    container_name: envoy
+    ports:
+      - "8080:8080"
+    networks:
+      - dashboard_network
+    depends_on:
+      - backend
+
+  wireguard:
+    image: linuxserver/wireguard
+    container_name: wireguard
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Europe/Paris
+      - SERVERURL=176.166.54.11
+      - SERVERPORT=51820
+      - PEERS=1
+    ports:
+      - "51820:51820/udp"
+    sysctls:
+      - net.ipv4.conf.all.src_valid_mark=1
+    networks:
+      - dashboard_network
+    restart: unless-stopped
+
+networks:
+  honeypot_network:
+    name: honeypot_network
+    ipam:
+      config:
+        - subnet: {{ subnet }}
+  services_network:
+    name: services_network
+  dashboard_network:
+    name: dashboard_network
diff --git a/config/generator/ftp_server_template.yml b/config/generator/ftp_server_template.yml
@@ -0,0 +1,8 @@
+ftp:
+    image: adrienroco/hb_modules_ftp:latest
+    container_name: honeypot_ftp
+    ports:
+      - "{{ ftp_port }}:21"
+    networks:
+      honeypot_network:{% if ftp_ip_address is not none %}
+        ipv4_address: {{ ftp_ip_address }}{% endif %}
diff --git a/docker/compose/docker-compose.yml b/docker/compose/docker-compose.yml
@@ -82,6 +82,8 @@ services:
       - [email protected]
       - [email protected]
       - SMTP_PASSWORD=H!2HQwusWch-:xc
+      - [email protected]
+      - CREATE_ADMIN_PASSWORD=k6d=Ha2#~fW25OwrAffe
     networks:
       - dashboard_network
     volumes:
@@ -91,6 +93,7 @@ services:
       - "../../config/fail2ban/filter.d/nginx-honeypot.conf:/app/honeypot/nginx-honeypot.conf"
       - "../../config/fail2ban/action.d/geohostsdeny.conf:/app/honeypot/geohostsdeny.conf"
       - "../../config/nginx/block.conf:/app/honeypot/block.conf"
+      - ../../config/generator:/app/honeypot/generator
       - "/var/run/docker.sock:/var/run/docker.sock"
     healthcheck:
       test: ["CMD", "nc", "-zv", "localhost", "50051"]
@@ -163,6 +166,15 @@ services:
       - dashboard_network
     restart: unless-stopped
 
+  generator:
+    image: alpine:latest
+    container_name: generator
+    build:
+      context: ../dockerfile/generator
+      dockerfile: Dockerfile
+    volumes:
+      - ../../config/generator:/config
+
 networks:
   honeypot_network:
     name: honeypot_network

diff --git a/docker/dockerfile/generator/Dockerfile b/docker/dockerfile/generator/Dockerfile
@@ -0,0 +1,9 @@
+FROM alpine:latest
+
+RUN apk update && apk add --no-cache python3 py3-pip
+
+RUN pip install jinja2 --break-system-packages
+
+COPY generator.py /generator.py
+
+CMD ["sleep", "infinity"]
diff --git a/docker/dockerfile/generator/generator.py b/docker/dockerfile/generator/generator.py
@@ -0,0 +1,84 @@
+import os
+import json
+import subprocess
+from jinja2 import Environment, FileSystemLoader
+
+def main():
+    try:
+        print("[INFO] Parsing config...")
+        # Open the config file
+        with open("/config/config.json", "r") as f:
+            config = json.load(f)
+
+        # Parameters
+        num_dummy_pc = (
+            config["dummy_pc"]["num_services"] if "dummy_pc" in config else None
+        )
+        ip_addresses_dummy_pc = (
+            config["dummy_pc"]["ip_addresses"] if "dummy_pc" in config else None
+        )
+        ftp_port = config["ftp"]["port"] if "ftp" in config else None
+        ftp_ip_address = config["ftp"]["ip_address"] if "ftp" in config else None
+        subnet = config["subnet"]
+        dockerfile = config["dockerfile"]
+
+        # Load the template file
+        file_loader = FileSystemLoader("/config")
+        env = Environment(loader=file_loader)
+        print("[ OK ] Config parsed.")
+    except Exception as e:
+        print("[ERROR] Could not parse config: " + e.__cause__)
+        return
+
+    try:
+        print("[INFO] Generating docker compose...")
+        # Load the main template
+        template = env.get_template("docker-compose-template.yml")
+
+        # Render the main template with the number of services and the IP addresses
+        output = template.render(
+            num_dummy_pc=num_dummy_pc,
+            ip_addresses_dummy_pc=ip_addresses_dummy_pc,
+            ftp_port=ftp_port,
+            ftp_ip_address=ftp_ip_address,
+            subnet=subnet,
+            dockerfile=dockerfile,
+        )
+
+        template_ips = env.get_template("docker-compose-ips-template.yml")
+
+        output_ips = template_ips.render()
+
+        print("[ OK ] Docker compose generated.")
+    except Exception as e:
+        print("[ERROR] Could not generate docker compose: " + e.__cause__)
+        return
+
+    try:
+        print("[INFO] Checking Honeypot...")
+
+        # Write the output to a file
+        with open("/config/docker-compose.yml", "w") as f:
+            f.write(output)
+
+        # Write the output to a file
+        with open("/config/docker-compose-ips.yml", "w") as f:
+            f.write(output_ips)
+
+        print("[ OK ] Files copied.")
+    except Exception as e:
+        print("[ERROR] Could not copy honeybrain files: " + e.__cause__)
+        return
+
+    print(
+        "All services are now started! You can access the dashboard using http://localhost:3000."
+    )
+
+    print('(Tip: You can see your services using "docker ps" in a terminal)')
+    print("")
+    print("")
+    print("")
+    print("")
+
+if __name__ == "__main__":
+    main()