updates for chapter 11

dolevf · Nov 6, 2023 · d7c5bba · d7c5bba
1 parent b6abead
commit d7c5bba
Show file tree

Hide file tree

Showing 17 changed files with 110 additions and 121 deletions.
diff --git a/lab/README.md b/lab/README.md
@@ -14,7 +14,6 @@
 | c-redis-01 | | 10.1.0.14 | c-redis-01.acme-infinity-servers.com |
 | c-db-01 | | 10.1.0.15 | c-db-01.acme-infinity-servers.com |
 | c-db-02 | | 10.1.0.16 | c-db-02.acme-infinity-servers.com |
-| c-syslog-01 | | 10.1.0.17 | c-syslog-01.acme-infinity-servers.com |
 
 
 # Lab Installation

diff --git a/lab/docker-compose.yml b/lab/docker-compose.yml
@@ -10,6 +10,7 @@ services:
         ipv4_address: 172.16.10.13
       corporate:
         ipv4_address: 10.1.0.12
+
   c-backup-01:
     container_name: c-backup-01
     hostname: c-backup-01.acme-infinity-servers.com
@@ -19,6 +20,9 @@ services:
     networks:
       corporate:
         ipv4_address: 10.1.0.13
+    volumes:
+      - shared_vol:/mnt/scripts
+
   c-redis-01:
     container_name: c-redis-01
     hostname: c-redis-01.acme-infinity-servers.com
@@ -28,6 +32,7 @@ services:
     networks:
       corporate:
         ipv4_address: 10.1.0.14
+
   p-ftp-01:
     container_name: p-ftp-01
     hostname: p-ftp-01.acme-infinity-servers.com
@@ -37,8 +42,7 @@ services:
     networks:
       public:
         ipv4_address: 172.16.10.11
-    volumes:
-      - shared_vol:/mnt/scripts
+
   p-web-01:
     container_name: p-web-01
     hostname: p-web-01.acme-infinity-servers.com
@@ -51,6 +55,7 @@ services:
         ipv4_address: 172.16.10.10
     volumes:
       - shared_vol:/mnt/scripts/
+
   p-web-02:
     container_name: p-web-02
     privileged: true
@@ -67,6 +72,7 @@ services:
         ipv4_address: 10.1.0.11
     depends_on:
       - c-db-02
+
   c-db-02:
     container_name: c-db-02
     hostname: c-db-02.acme-infinity-servers.com
@@ -78,6 +84,7 @@ services:
     networks:
       corporate:
         ipv4_address: 10.1.0.16
+
   c-db-01:
     container_name: c-db-01
     hostname: c-db-01.acme-infinity-servers.com
@@ -89,16 +96,7 @@ services:
     networks:
       corporate:
         ipv4_address: 10.1.0.15
-  c-syslog-01:
-    container_name: c-syslog-01
-    hostname: c-syslog-01.acme-infinity-servers.com
-    build: 
-      context: machines/c-syslog-01
-      dockerfile: Dockerfile
-    networks:
-      corporate:
-        ipv4_address: 10.1.0.17
-
+
 volumes:
   shared_vol:
   c_db_01_vol:

diff --git a/lab/lab-network-diagram.png b/lab/lab-network-diagram.png
diff --git a/lab/machines/c-backup-01/Dockerfile b/lab/machines/c-backup-01/Dockerfile
@@ -6,8 +6,16 @@ LABEL company="ACME Infinity Servers"
 
 # Install Required Packages
 RUN apt-get update -y --fix-missing
-RUN apt-get install -y \
-                    cron \
-                    python3 
+RUN apt-get install -y python3 
+
+# Post Actions
+COPY files/execute.sh /mnt/scripts/
+
+RUN chmod u+x /mnt/scripts/execute.sh
+RUN echo '*/1 * * * * bash /mnt/scripts/execute.sh' >> /tmp/root-crontab
+RUN crontab /tmp/root-crontab && rm /tmp/root-crontab
+RUN mkdir -p /var/www/site
+RUN service cron restart
+
+ENTRYPOINT python3 -m http.server --directory /var/www/site 8080
 
-CMD echo "Starting backup service..." && python3 -m http.server --directory /etc 8080
diff --git a/lab/machines/p-ftp-01/files/execute.sh → lab/machines/c-backup-01/files/execute.sh b/lab/machines/p-ftp-01/files/execute.sh → lab/machines/c-backup-01/files/execute.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# This script is executed every minute on p-ftp-01 to do maintenance work.
+# This script is executed every minute on c-backup-01 to do maintenance work.
 
 LOG="/tmp/job.log"
 

diff --git a/lab/machines/c-db-01/Dockerfile b/lab/machines/c-db-01/Dockerfile
@@ -14,16 +14,22 @@ RUN apt-get install -y \
     mariadb-server \
     apache2 \
     php \
-    php-mysql 
+    php-mysql \
+    lshw \
+    at 
 
 # Post Actions
 COPY files/adminer-4.8.1.php /var/www/html/adminer.php
 COPY files/database.sql /var/www/html/database.sql
+COPY files/customers.sql /var/tmp/customers.sql
 
 # Entry
-ENTRYPOINT \
-            service mariadb start \ 
-            && \
-            cat /var/www/html/database.sql | mysql -u root \
-            && \
-            /usr/sbin/apache2ctl -D FOREGROUND
+ENTRYPOINT service mariadb restart \
+    && \
+    cat /var/www/html/database.sql | mysql -u root \
+    && \
+    cat /var/tmp/customers.sql | mysql -u root \
+    && \ 
+    rm /var/tmp/customers.sql \
+    && \
+    /usr/sbin/apache2ctl -D FOREGROUND
diff --git a/lab/machines/c-db-01/files/customers.sql b/lab/machines/c-db-01/files/customers.sql
@@ -0,0 +1,37 @@
+CREATE DATABASE IF NOT EXISTS customers;
+
+use customers;
+
+CREATE TABLE acme_hyper_branding(
+   id INT AUTO_INCREMENT,
+   first_name VARCHAR(100),
+   last_name VARCHAR(100),
+   designation VARCHAR(100),
+   email VARCHAR(50),
+   password VARCHAR(20),
+   PRIMARY KEY(id)
+);
+
+CREATE TABLE acme_impact_alliance(id INT AUTO_INCREMENT,
+   first_name VARCHAR(100),
+   last_name VARCHAR(100),
+   designation VARCHAR(100),
+   email VARCHAR(50),
+   password VARCHAR(20),
+   PRIMARY KEY(id)
+);
+
+INSERT INTO acme_hyper_branding (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Jacob", "Taylor", "Founder", "[email protected]", "carmen");
+INSERT INTO acme_hyper_branding (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Sarah", "Lewish", "Executive Assistant", "[email protected]", "cachepot");
+INSERT INTO acme_hyper_branding (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Nicholas", "Young", "Influencer", "[email protected]", "spring2023");
+INSERT INTO acme_hyper_branding (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Lauren", "Scott", "Influencer", "[email protected]", "gaga");
+INSERT INTO acme_hyper_branding (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Aaron", "Peres", "Marketing Lead", "[email protected]", "aperes123");
+INSERT INTO acme_hyper_branding (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Melissa", "Rogers", "Software Engineer", "[email protected]", "melissa2go");
+
+INSERT INTO acme_impact_alliance (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Jane", "Torres", "Owner", "[email protected]", "asfim2ne7asd7");
+INSERT INTO acme_impact_alliance (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Anthony", "Johnson", "Executive Assistant", "[email protected]", "3kemas8dh23");
+INSERT INTO acme_impact_alliance (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("David", "Carter", "Cat Rescuer", "[email protected]", "asdij28ehasds");
+INSERT INTO acme_impact_alliance (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Benjamin", "Mitchell", "Cat Rescuer", "[email protected]", "2rnausdiuwhd");
+INSERT INTO acme_impact_alliance (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Karen", "Cook", "Cat Rescuer", "[email protected]", "wdnausdb723bs");
+INSERT INTO acme_impact_alliance (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Kevin", "Peterson", "Software Engineer", "[email protected]", "wudhasdg72ws");
+
diff --git a/lab/machines/c-db-01/files/database.sql b/lab/machines/c-db-01/files/database.sql
@@ -1,3 +1,3 @@
 CREATE DATABASE IF NOT EXISTS adminer_db;
 CREATE USER IF NOT EXISTS 'adminer_user'@'localhost' IDENTIFIED BY 'P@ssword321';
-GRANT ALL ON adminer_db.* TO 'adminer_user'@'localhost';
+GRANT ALL ON *.* TO 'adminer_user'@'localhost';
diff --git a/lab/machines/c-db-02/Dockerfile b/lab/machines/c-db-02/Dockerfile
@@ -9,4 +9,5 @@ ENV MYSQL_DATABASE="wordpress"
 ENV MYSQL_USER="wordpress"
 ENV MYSQL_PASSWORD="wordpress"
 
+# Entry
 CMD ["--default-authentication-plugin=mysql_native_password"]
diff --git a/lab/machines/c-redis-01/Dockerfile b/lab/machines/c-redis-01/Dockerfile
@@ -1,17 +1,24 @@
-FROM lab_base
+FROM redis:5.0.6
 
 # Metadata
 LABEL name="c-redis-01"
 LABEL company="ACME Infinity Servers"
 
 # Install Required Packages
 RUN apt-get update -y --fix-missing
-RUN apt-get install -y redis-server 
+RUN apt-get install -y openssh-server
 
 # Copy Files to Lab
 COPY --chown=root:root files/redis.conf /etc/redis/redis.conf
 
+# Post Actions
+RUN mkdir /root/.ssh/
+RUN chmod 700 /root/.ssh
+
+RUN touch /root/.ssh/authorized_keys
+RUN chmod 644 /root/.ssh/authorized_keys
+
 # Entry
-ENTRYPOINT \
-    echo "Starting redis service..." && \
-    service redis-server start
+ENTRYPOINT service ssh restart \
+           && \
+           redis-server /etc/redis/redis.conf
diff --git a/lab/machines/c-redis-01/files/redis.conf b/lab/machines/c-redis-01/files/redis.conf
@@ -1,59 +1,6 @@
-activerehashing yes
-always-show-logo yes
-aof-load-truncated yes
-aof-rewrite-incremental-fsync yes
-aof-use-rdb-preamble no
-appendfilename "appendonly.aof"
-appendfsync everysec
-appendonly no
-auto-aof-rewrite-min-size 64mb
-auto-aof-rewrite-percentage 100
 bind 0.0.0.0
-client-output-buffer-limit normal 0 0 0
-client-output-buffer-limit pubsub 32mb 8mb 60
-client-output-buffer-limit slave 256mb 64mb 60
-daemonize no
-databases 16
 dbfilename dump.rdb
-dir ./
-hash-max-ziplist-entries 512
-hash-max-ziplist-value 64
-hll-sparse-max-bytes 3000
-hz 10
-latency-monitor-threshold 0
-lazyfree-lazy-eviction no
-lazyfree-lazy-expire no
-lazyfree-lazy-server-del no
-list-compress-depth 0
-list-max-ziplist-size -2
-logfile ""
-loglevel notice
-lua-time-limit 5000
-no-appendfsync-on-rewrite no
-notify-keyspace-events ""
 pidfile /var/run/redis_6379.pid
 port 6379
-protected-mode yes
-rdbchecksum yes
-rdbcompression yes
-repl-disable-tcp-nodelay no
-repl-diskless-sync-delay 5
-repl-diskless-sync no
-save 300 10
-save 60 10000
-save 900 1
-set-max-intset-entries 512
-slave-lazy-flush no
-slave-priority 100
-slave-read-only yes
-slave-serve-stale-data yes
-slowlog-log-slower-than 10000
-slowlog-max-len 128
-stop-writes-on-bgsave-error yes
-supervised systemd
-tcp-backlog 511
-tcp-keepalive 300
-timeout 0
-zset-max-ziplist-entries 128
-zset-max-ziplist-value 64
-requirepass r3d1s!
+protected-mode no
+slave-read-only no
diff --git a/lab/machines/c-syslog-01/Dockerfile b/lab/machines/c-syslog-01/Dockerfile
diff --git a/lab/machines/p-ftp-01/Dockerfile b/lab/machines/p-ftp-01/Dockerfile
@@ -16,7 +16,6 @@ RUN mkdir -p /var/www/html/backup/acme-hyper-branding
 RUN mkdir -p /var/www/html/backup/acme-impact-alliance
 COPY p-ftp-01/files/vsftpd.conf /etc/vsftpd.conf
 COPY p-web-01/files/site/app.py /var/www/html/backup/acme-hyper-branding
-COPY p-ftp-01/files/execute.sh /mnt/scripts/
 COPY p-web-02/files/site/* /var/www/html/backup/acme-impact-alliance/
 
 # Post Actions
@@ -35,16 +34,9 @@ RUN git init var/www/html/backup/acme-impact-alliance  \
     && git add -A \
     && git commit -m 'commit code'
 
-RUN chmod u+x /mnt/scripts/execute.sh
-
-RUN echo '*/1 * * * * bash /mnt/scripts/execute.sh' >> /tmp/root-crontab
-RUN crontab /tmp/root-crontab
-RUN rm /tmp/root-crontab
-
-
+
 # Entry
-ENTRYPOINT \
-    service vsftpd restart \
+ENTRYPOINT service vsftpd restart \
     && \
     service cron restart \
     && \

diff --git a/lab/machines/p-jumpbox-01/Dockerfile b/lab/machines/p-jumpbox-01/Dockerfile
@@ -39,9 +39,8 @@ RUN chmod u+x /scripts/backup_data.sh
 RUN echo '*/5 * * * * root bash /scripts/backup_data.sh' >> /etc/crontab
 
 # Entry
-ENTRYPOINT \
-    service ssh restart \
-    && \    
+ENTRYPOINT service ssh restart \
+    && \
     service cron restart \
     && \
     tail -f /dev/null

diff --git a/lab/machines/p-web-01/Dockerfile b/lab/machines/p-web-01/Dockerfile
@@ -4,6 +4,9 @@ FROM lab_base
 LABEL name="p-web-01"
 LABEL company="ACME Infinity Servers"
 
+# Variables
+ENV FLASK_ENV=development
+
 # Install Required Packages
 RUN apt-get update -y --fix-missing
 RUN apt-get install software-properties-common -y
@@ -24,8 +27,7 @@ COPY files/site/app.py .
 COPY files/site/index.html .
 COPY files/site/upload.html . 
 
-ENV FLASK_ENV=development
-
+# Post Actions
 RUN mkdir files 
 RUN mkdir uploads
 COPY files/acme-hyper-branding-5.csv files/acme-hyper-branding-5.csv