Skip to content
Snippets Groups Projects
Commit fe59cfd5 authored by Arne Øslebø's avatar Arne Øslebø
Browse files

fully working MISP Keycloak integration

parent b95d6e0e
No related branches found
No related tags found
No related merge requests found
---
- name: Change password of default user
shell: "/var/www/MISP/app/Console/cake Password admin@admin.test {{ lookup('password', '/tmp/passwordfile') }}"
- name: Configure MISP
shell: '/var/www/MISP/app/Console/cake Admin setSetting {{item.var}} {{item.value}}'
with_items:
- {"var":"Plugin.CustomAuth_enable","value":"true"}
- {"var":"Plugin.CustomAuth_header","value":"X_REMOTE_USER"}
- {"var":"Plugin.CustomAuth_disable_logout","value":"true"}
- {"var":"MISP.external_baseurl","value":"https://{{dslproxy}}:6443"}
- {"var":"MISP.live","value":"true"}
- name: Init default user
shell: '/var/www/MISP/app/Console/cake user_init | /usr/bin/tail -n1'
register: command_output
ignore_errors: True
- name: Get API key
shell: '/var/www/MISP/app/Console/cake Admin getAuthkey "admin@admin.test" | /usr/bin/tail -n1'
shell: '/var/www/MISP/app/Console/cake Admin getAuthkey admin@admin.test | /usr/bin/tail -n1'
register: command_output
ignore_errors: True
when: '"initialised" in command_output.stdout'
- name: Set API key fact
set_fact:
misp_api_key: "{{ command_output.stdout }}"
- name: Change email of default admin
- name: add users
uri:
url: "https://{{dslproxy}}:6443/admin/users/edit/1"
url: "https://{{dslproxy}}:6443/admin/users/add/1"
method: POST
body_format: json
headers:
Authorization: "{{misp_api_key}}"
Accept: "application/json"
Content-type: "application/json"
body: '{"email": "{{soctools_users[0].email}}","external_auth_required":"true","change_pw":"false"}'
ignore_errors: yes #Temporary while debugging
\ No newline at end of file
body: '{"email": "{{item.email}}","org_id": "1","role_id": "1","external_auth_key":"{{item.email}}","external_auth_required":"1","change_pw": "0","external_auth_key":"{{item.email}}"}'
ignore_errors: yes #Ignore error when user already exists
with_items:
- "{{soctools_users}}"
- name: Enable feed
uri:
url: "https://{{dslproxy}}:6443/feeds/edit/1"
method: POST
body_format: json
headers:
Authorization: "{{misp_api_key}}"
Accept: "application/json"
Content-type: "application/json"
body: '{"enabled": true, "caching_enabled": true, "distribution": "1","publish": true}'
- name: Fetch feed
shell: '/var/www/MISP/app/Console/cake Server {{item}} 1 all&'
with_items:
- fetchFeed
- cacheFeed
---
#- name: Set php path
# copy:
# src: php_path.sh
# dest: /etc/profile.d/php_path.sh
- name: Set PHP symbolic link
file:
src: /opt/rh/rh-php72/root/bin/php
......@@ -47,10 +42,11 @@
src: database.php.j2
dest: /var/www/MISP/app/Config/database.php
- name: Configure MISP app
template:
src: config.php.j2
dest: /var/www/MISP/app/Config/config.php
- name: Configure salt
lineinfile:
path: /var/www/MISP/app/Config/config.php
regexp: "'salt'.*=>"
line: "'salt' => '{{misp_salt}}',"
- name: Configure MISP database initialization script
template:
......
<?php
$config = array (
'debug' => 0,
'MISP' =>
array (
'baseurl' => 'https://{{dslproxy}}:6443',
'footermidleft' => '',
'footermidright' => '',
'org' => 'ORGNAME',
'showorg' => true,
'threatlevel_in_email_subject' => true,
'email_subject_TLP_string' => 'tlp:amber',
'email_subject_tag' => 'tlp',
'email_subject_include_tag_name' => true,
'background_jobs' => true,
'cached_attachments' => true,
'email' => 'email@address.com',
'contact' => 'email@address.com',
'cveurl' => 'https://cve.circl.lu/cve/',
'cweurl' => 'https://cve.circl.lu/cwe/',
'disablerestalert' => false,
'default_event_distribution' => '1',
'default_attribute_distribution' => 'event',
'tagging' => true,
'full_tags_on_event_index' => true,
'attribute_tagging' => true,
'full_tags_on_attribute_index' => true,
'footer_logo' => '',
'take_ownership_xml_import' => false,
'unpublishedprivate' => false,
'disable_emailing' => false,
'manage_workers' => true,
'Attributes_Values_Filter_In_Event' => 'id, uuid, value, comment, type, category, Tag.name',
'uuid' => '6ec3e533-99f9-42ac-952d-002664d1500f',
'live' => true,
),
'GnuPG' =>
array (
'onlyencrypted' => false,
'email' => '',
'homedir' => '',
'password' => '',
'bodyonlyencrypted' => false,
'sign' => true,
'obscure_subject' => false,
),
'SMIME' =>
array (
'enabled' => false,
'email' => '',
'cert_public_sign' => '',
'key_sign' => '',
'password' => '',
),
'Proxy' =>
array (
'host' => '',
'port' => '',
'method' => '',
'user' => '',
'password' => '',
),
'SecureAuth' =>
array (
'amount' => 5,
'expire' => 300,
),
'Security' =>
array (
'level' => 'medium',
'salt' => '{{misp_salt}}',
'cipherSeed' => '',
),
'Session.defaults' => 'php',
'Session.timeout' => 60,
'Session.cookieTimeout' => 60,
'Session.autoRegenerate' => false,
'Session.checkAgent' => false,
'site_admin_debug' => NULL,
'Plugin' => NULL,
'CertAuth' => NULL,
'ApacheShibbAuth' => NULL,
'ApacheSecureAuth' => NULL,
);
......@@ -12,6 +12,8 @@ DirectoryIndex index.php
ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/var/www/MISP/app/webroot/$1
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
OIDCCryptoPassphrase {{misp_crypto_pass}}
OIDCProviderMetadataURL https://{{dslproxy}}:12443/auth/realms/{{openid_realm}}/.well-known/openid-configuration
OIDCRedirectURI https://{{dslproxy}}:6443/users/login/keycloak
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment