OwlH Installer¶
What is OwlH Installer?¶
OwlH Installer is a helper tool that will help you to keep your software up-to-date to the latest version. It will take care of the new versions for OwlH Master, OwlH UI and OwlH Node and will update them as needed.
Download and prepare OwlH Installer¶
| OS version | URL |
|---|---|
| CentOS 7 | wget http://repo.owlh.net/current-centos/owlhinstaller.tar.gz |
| Ubuntu | wget http://repo.owlh.net/current-debian/owlhinstaller.tar.gz |
| Raspbian | wget http://repo.owlh.net/current-arm/owlhinstaller.tar.gz |
Now let’s install it.
# mkdir /tmp/owlhinstaller
# tar -C /tmp/owlhinstaller -xvf owlhinstaller.tar.gz
We are almost done. In order to allow OwlH installer to do its work, we need to tell it what is/are out target/s for this box. A target is an OwlH component that must be installed or updated. All this info is provided in the config.json file included in the owlhinstaller folder
Prepare your OwlH Installer¶
You need to configure and prepare your OwlH Installer, all information needed is provided in the config.json file.
{
"versionfile":"current.version",
Current.version is the file that stores your actual local version and compares it with the one OwlH provides from our repository. if your local file does not exists, or version is lower than the one provided by OwlH then the action defined will be taken, update or install. Current.version file is stored in conf folder on each component.
"masterbinpath":"/root/workspace/src/owlhmaster/",
"masterconfpath":"/root/workspace/src/owlhmaster/conf/",
"mastertarfile":"owlhmaster.tar.gz",
"nodebinpath":"/root/workspace/src/owlhnode/",
"nodeconfpath":"/root/workspace/src/owlhnode/conf/",
"nodetarfile":"owlhnode.tar.gz",
"uipath":"/var/www/owlh/",
"uiconfpath":"/var/www/owlh/conf/",
"uitarfile":"owlhui.tar.gz",
"tmpfolder":"/tmp/",
Those are the diferent paths and packet names we use locally to install or update your local OwlH system. them can be modified. If you are not familiar with the way them work, please keep default configuration. If you prefer to modify them because some policy but you want to be sure, let us know and we will help you.
"action": "install",
Right now there are two possible actions: “install” and “update”.
| Install: | Install will create all directories if they do not exists. Will copy all default files or overwrite them if they exists. Any configuration files will be written back |
|---|---|
| update: | Update will copy the new component binary, will include any new key in the configuration files and will keep the current ones without modify or remove. It will also include new tables and table fields on each db, again it will not overwrite any current data in your configuration DBs. |
"repourl":"https://repo.owlh.net/current-xxxxxxx/",
There will be different repositories depending on your OS.
Current repositories depending on your OS based system, are:
| centos: | https://repo.owlh.net/current-centos/ |
|---|---|
| debian: | https://repo.owlh.net/current-debian/ |
| arm: | https://repo.owlh.net/current-arm/ |
"target": [
"owlhmaster",
"owlhui"
],
Target is were you define what components should be installed on your system.
Current possible targets are : owlhmaster, owlhnode, owlhui
Usually owlhmaster and owlhui are installed together.
"masterfiles":[
"main.conf",
"app.conf"
],
"nodefiles":[
"main.conf",
"stap-defaults.json",
"app.conf"
],
"uifiles":[
"ui.conf"
],
"masterdb":[
"group.db",
"node.db",
"ruleset.db"
],
"nodedb":[
"plugins.db",
"servers.db"
]
}
Files to take into account to update. This files are verified and compared between new version and current deployment when you are running and update action. update process does not overwrite current files or DB, it just add the new default fields or database reference. you don’t need to take care of those files, but if you don’t wont a file or db to be updated by installer you can remove it from here.
Coming Capabilities¶
| Auto update: | OwlH Installer will recognize there is a new version and will update itself before running. |
|---|---|
| Off-line or blind update: | |
| Downloaded packets for Node, Master and UI will be used instead of access internet to download them. | |
| Deployment scripts: | |
| will Include and execute scripts like Suricata and Zeek deployments, Httpd daemon configuration, OwlH interface for STAP, etc. | |