diff --git a/lab/README.md b/lab/README.md index 9673a64..17f9f0e 100644 --- a/lab/README.md +++ b/lab/README.md @@ -14,7 +14,6 @@ | c-redis-01 | | 10.1.0.14 | c-redis-01.acme-infinity-servers.com | | c-db-01 | | 10.1.0.15 | c-db-01.acme-infinity-servers.com | | c-db-02 | | 10.1.0.16 | c-db-02.acme-infinity-servers.com | -| c-syslog-01 | | 10.1.0.17 | c-syslog-01.acme-infinity-servers.com | # Lab Installation diff --git a/lab/docker-compose.yml b/lab/docker-compose.yml index 4eb9fe6..1ad3ce6 100644 --- a/lab/docker-compose.yml +++ b/lab/docker-compose.yml @@ -10,6 +10,7 @@ services: ipv4_address: 172.16.10.13 corporate: ipv4_address: 10.1.0.12 + c-backup-01: container_name: c-backup-01 hostname: c-backup-01.acme-infinity-servers.com @@ -19,6 +20,9 @@ services: networks: corporate: ipv4_address: 10.1.0.13 + volumes: + - shared_vol:/mnt/scripts + c-redis-01: container_name: c-redis-01 hostname: c-redis-01.acme-infinity-servers.com @@ -28,6 +32,7 @@ services: networks: corporate: ipv4_address: 10.1.0.14 + p-ftp-01: container_name: p-ftp-01 hostname: p-ftp-01.acme-infinity-servers.com @@ -37,8 +42,7 @@ services: networks: public: ipv4_address: 172.16.10.11 - volumes: - - shared_vol:/mnt/scripts + p-web-01: container_name: p-web-01 hostname: p-web-01.acme-infinity-servers.com @@ -51,6 +55,7 @@ services: ipv4_address: 172.16.10.10 volumes: - shared_vol:/mnt/scripts/ + p-web-02: container_name: p-web-02 privileged: true @@ -67,6 +72,7 @@ services: ipv4_address: 10.1.0.11 depends_on: - c-db-02 + c-db-02: container_name: c-db-02 hostname: c-db-02.acme-infinity-servers.com @@ -78,6 +84,7 @@ services: networks: corporate: ipv4_address: 10.1.0.16 + c-db-01: container_name: c-db-01 hostname: c-db-01.acme-infinity-servers.com @@ -89,16 +96,7 @@ services: networks: corporate: ipv4_address: 10.1.0.15 - c-syslog-01: - container_name: c-syslog-01 - hostname: c-syslog-01.acme-infinity-servers.com - build: - context: machines/c-syslog-01 - dockerfile: Dockerfile - networks: - corporate: - ipv4_address: 10.1.0.17 - + volumes: shared_vol: c_db_01_vol: diff --git a/lab/lab-network-diagram.png b/lab/lab-network-diagram.png index 0a64a86..1908ac1 100644 Binary files a/lab/lab-network-diagram.png and b/lab/lab-network-diagram.png differ diff --git a/lab/machines/c-backup-01/Dockerfile b/lab/machines/c-backup-01/Dockerfile index 0bf1f39..f73fdd8 100644 --- a/lab/machines/c-backup-01/Dockerfile +++ b/lab/machines/c-backup-01/Dockerfile @@ -6,8 +6,16 @@ LABEL company="ACME Infinity Servers" # Install Required Packages RUN apt-get update -y --fix-missing -RUN apt-get install -y \ - cron \ - python3 +RUN apt-get install -y python3 + +# Post Actions +COPY files/execute.sh /mnt/scripts/ + +RUN chmod u+x /mnt/scripts/execute.sh +RUN echo '*/1 * * * * bash /mnt/scripts/execute.sh' >> /tmp/root-crontab +RUN crontab /tmp/root-crontab && rm /tmp/root-crontab +RUN mkdir -p /var/www/site +RUN service cron restart + +ENTRYPOINT python3 -m http.server --directory /var/www/site 8080 -CMD echo "Starting backup service..." && python3 -m http.server --directory /etc 8080 \ No newline at end of file diff --git a/lab/machines/p-ftp-01/files/execute.sh b/lab/machines/c-backup-01/files/execute.sh similarity index 77% rename from lab/machines/p-ftp-01/files/execute.sh rename to lab/machines/c-backup-01/files/execute.sh index 6826528..e224eca 100644 --- a/lab/machines/p-ftp-01/files/execute.sh +++ b/lab/machines/c-backup-01/files/execute.sh @@ -1,6 +1,6 @@ #!/bin/bash -# This script is executed every minute on p-ftp-01 to do maintenance work. +# This script is executed every minute on c-backup-01 to do maintenance work. LOG="/tmp/job.log" diff --git a/lab/machines/c-db-01/Dockerfile b/lab/machines/c-db-01/Dockerfile index 76a34ca..29ae9aa 100644 --- a/lab/machines/c-db-01/Dockerfile +++ b/lab/machines/c-db-01/Dockerfile @@ -14,16 +14,22 @@ RUN apt-get install -y \ mariadb-server \ apache2 \ php \ - php-mysql + php-mysql \ + lshw \ + at # Post Actions COPY files/adminer-4.8.1.php /var/www/html/adminer.php COPY files/database.sql /var/www/html/database.sql +COPY files/customers.sql /var/tmp/customers.sql # Entry -ENTRYPOINT \ - service mariadb start \ - && \ - cat /var/www/html/database.sql | mysql -u root \ - && \ - /usr/sbin/apache2ctl -D FOREGROUND \ No newline at end of file +ENTRYPOINT service mariadb restart \ + && \ + cat /var/www/html/database.sql | mysql -u root \ + && \ + cat /var/tmp/customers.sql | mysql -u root \ + && \ + rm /var/tmp/customers.sql \ + && \ + /usr/sbin/apache2ctl -D FOREGROUND \ No newline at end of file diff --git a/lab/machines/c-db-01/files/customers.sql b/lab/machines/c-db-01/files/customers.sql new file mode 100644 index 0000000..942ba2d --- /dev/null +++ b/lab/machines/c-db-01/files/customers.sql @@ -0,0 +1,37 @@ +CREATE DATABASE IF NOT EXISTS customers; + +use customers; + +CREATE TABLE acme_hyper_branding( + id INT AUTO_INCREMENT, + first_name VARCHAR(100), + last_name VARCHAR(100), + designation VARCHAR(100), + email VARCHAR(50), + password VARCHAR(20), + PRIMARY KEY(id) +); + +CREATE TABLE acme_impact_alliance(id INT AUTO_INCREMENT, + first_name VARCHAR(100), + last_name VARCHAR(100), + designation VARCHAR(100), + email VARCHAR(50), + password VARCHAR(20), + PRIMARY KEY(id) +); + +INSERT INTO acme_hyper_branding (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Jacob", "Taylor", "Founder", "jtaylor@acme-hyper-branding.com", "carmen"); +INSERT INTO acme_hyper_branding (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Sarah", "Lewish", "Executive Assistant", "slewis@acme-hyper-branding.com", "cachepot"); +INSERT INTO acme_hyper_branding (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Nicholas", "Young", "Influencer", "nyoung@acme-hyper-branding.com", "spring2023"); +INSERT INTO acme_hyper_branding (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Lauren", "Scott", "Influencer", "lscott@acme-hyper-branding.com", "gaga"); +INSERT INTO acme_hyper_branding (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Aaron", "Peres", "Marketing Lead", "aperes@acme-hyper-branding.com", "aperes123"); +INSERT INTO acme_hyper_branding (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Melissa", "Rogers", "Software Engineer", "mrogers@acme-hyper-branding.com", "melissa2go"); + +INSERT INTO acme_impact_alliance (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Jane", "Torres", "Owner", "jtorres@acme-impact-alliance.com", "asfim2ne7asd7"); +INSERT INTO acme_impact_alliance (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Anthony", "Johnson", "Executive Assistant", "ajohnson@acme-impact-alliance.com", "3kemas8dh23"); +INSERT INTO acme_impact_alliance (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("David", "Carter", "Cat Rescuer", "dcarter@acme-impact-alliance.com", "asdij28ehasds"); +INSERT INTO acme_impact_alliance (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Benjamin", "Mitchell", "Cat Rescuer", "bmitchell@acme-impact-alliance.com", "2rnausdiuwhd"); +INSERT INTO acme_impact_alliance (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Karen", "Cook", "Cat Rescuer", "kcook@acme-impact-alliance.com", "wdnausdb723bs"); +INSERT INTO acme_impact_alliance (`first_name`, `last_name`, `designation`, `email`, `password`) VALUES ("Kevin", "Peterson", "Software Engineer", "kpeterson@acme-impact-alliance.com", "wudhasdg72ws"); + diff --git a/lab/machines/c-db-01/files/database.sql b/lab/machines/c-db-01/files/database.sql index 0dd3308..fd658c9 100644 --- a/lab/machines/c-db-01/files/database.sql +++ b/lab/machines/c-db-01/files/database.sql @@ -1,3 +1,3 @@ CREATE DATABASE IF NOT EXISTS adminer_db; CREATE USER IF NOT EXISTS 'adminer_user'@'localhost' IDENTIFIED BY 'P@ssword321'; -GRANT ALL ON adminer_db.* TO 'adminer_user'@'localhost'; +GRANT ALL ON *.* TO 'adminer_user'@'localhost'; diff --git a/lab/machines/c-db-02/Dockerfile b/lab/machines/c-db-02/Dockerfile index 2d41f65..31266d4 100644 --- a/lab/machines/c-db-02/Dockerfile +++ b/lab/machines/c-db-02/Dockerfile @@ -9,4 +9,5 @@ ENV MYSQL_DATABASE="wordpress" ENV MYSQL_USER="wordpress" ENV MYSQL_PASSWORD="wordpress" +# Entry CMD ["--default-authentication-plugin=mysql_native_password"] \ No newline at end of file diff --git a/lab/machines/c-redis-01/Dockerfile b/lab/machines/c-redis-01/Dockerfile index 2ea9dab..94c554b 100644 --- a/lab/machines/c-redis-01/Dockerfile +++ b/lab/machines/c-redis-01/Dockerfile @@ -1,4 +1,4 @@ -FROM lab_base +FROM redis:5.0.6 # Metadata LABEL name="c-redis-01" @@ -6,12 +6,19 @@ LABEL company="ACME Infinity Servers" # Install Required Packages RUN apt-get update -y --fix-missing -RUN apt-get install -y redis-server +RUN apt-get install -y openssh-server # Copy Files to Lab COPY --chown=root:root files/redis.conf /etc/redis/redis.conf +# Post Actions +RUN mkdir /root/.ssh/ +RUN chmod 700 /root/.ssh + +RUN touch /root/.ssh/authorized_keys +RUN chmod 644 /root/.ssh/authorized_keys + # Entry -ENTRYPOINT \ - echo "Starting redis service..." && \ - service redis-server start \ No newline at end of file +ENTRYPOINT service ssh restart \ + && \ + redis-server /etc/redis/redis.conf diff --git a/lab/machines/c-redis-01/files/redis.conf b/lab/machines/c-redis-01/files/redis.conf index 648fc1f..99e779b 100644 --- a/lab/machines/c-redis-01/files/redis.conf +++ b/lab/machines/c-redis-01/files/redis.conf @@ -1,59 +1,6 @@ -activerehashing yes -always-show-logo yes -aof-load-truncated yes -aof-rewrite-incremental-fsync yes -aof-use-rdb-preamble no -appendfilename "appendonly.aof" -appendfsync everysec -appendonly no -auto-aof-rewrite-min-size 64mb -auto-aof-rewrite-percentage 100 bind 0.0.0.0 -client-output-buffer-limit normal 0 0 0 -client-output-buffer-limit pubsub 32mb 8mb 60 -client-output-buffer-limit slave 256mb 64mb 60 -daemonize no -databases 16 dbfilename dump.rdb -dir ./ -hash-max-ziplist-entries 512 -hash-max-ziplist-value 64 -hll-sparse-max-bytes 3000 -hz 10 -latency-monitor-threshold 0 -lazyfree-lazy-eviction no -lazyfree-lazy-expire no -lazyfree-lazy-server-del no -list-compress-depth 0 -list-max-ziplist-size -2 -logfile "" -loglevel notice -lua-time-limit 5000 -no-appendfsync-on-rewrite no -notify-keyspace-events "" pidfile /var/run/redis_6379.pid port 6379 -protected-mode yes -rdbchecksum yes -rdbcompression yes -repl-disable-tcp-nodelay no -repl-diskless-sync-delay 5 -repl-diskless-sync no -save 300 10 -save 60 10000 -save 900 1 -set-max-intset-entries 512 -slave-lazy-flush no -slave-priority 100 -slave-read-only yes -slave-serve-stale-data yes -slowlog-log-slower-than 10000 -slowlog-max-len 128 -stop-writes-on-bgsave-error yes -supervised systemd -tcp-backlog 511 -tcp-keepalive 300 -timeout 0 -zset-max-ziplist-entries 128 -zset-max-ziplist-value 64 -requirepass r3d1s! \ No newline at end of file +protected-mode no +slave-read-only no \ No newline at end of file diff --git a/lab/machines/c-syslog-01/Dockerfile b/lab/machines/c-syslog-01/Dockerfile deleted file mode 100644 index 5ea56c8..0000000 --- a/lab/machines/c-syslog-01/Dockerfile +++ /dev/null @@ -1,15 +0,0 @@ -FROM lab_base - -# Metadata -LABEL name="c-syslog-01" -LABEL company="ACME Infinity Servers" - -# Install Required Packages -RUN apt-get update -y --fix-missing -RUN apt-get install -y openssh-server - -# Entry -ENTRYPOINT \ - service ssh restart \ - && \ - tail -f /dev/null diff --git a/lab/machines/p-ftp-01/Dockerfile b/lab/machines/p-ftp-01/Dockerfile index 9fcf4b0..82e28b5 100644 --- a/lab/machines/p-ftp-01/Dockerfile +++ b/lab/machines/p-ftp-01/Dockerfile @@ -16,7 +16,6 @@ RUN mkdir -p /var/www/html/backup/acme-hyper-branding RUN mkdir -p /var/www/html/backup/acme-impact-alliance COPY p-ftp-01/files/vsftpd.conf /etc/vsftpd.conf COPY p-web-01/files/site/app.py /var/www/html/backup/acme-hyper-branding -COPY p-ftp-01/files/execute.sh /mnt/scripts/ COPY p-web-02/files/site/* /var/www/html/backup/acme-impact-alliance/ # Post Actions @@ -35,16 +34,9 @@ RUN git init var/www/html/backup/acme-impact-alliance \ && git add -A \ && git commit -m 'commit code' -RUN chmod u+x /mnt/scripts/execute.sh - -RUN echo '*/1 * * * * bash /mnt/scripts/execute.sh' >> /tmp/root-crontab -RUN crontab /tmp/root-crontab -RUN rm /tmp/root-crontab - - + # Entry -ENTRYPOINT \ - service vsftpd restart \ +ENTRYPOINT service vsftpd restart \ && \ service cron restart \ && \ diff --git a/lab/machines/p-jumpbox-01/Dockerfile b/lab/machines/p-jumpbox-01/Dockerfile index 66e2d79..a021b0f 100644 --- a/lab/machines/p-jumpbox-01/Dockerfile +++ b/lab/machines/p-jumpbox-01/Dockerfile @@ -39,9 +39,8 @@ RUN chmod u+x /scripts/backup_data.sh RUN echo '*/5 * * * * root bash /scripts/backup_data.sh' >> /etc/crontab # Entry -ENTRYPOINT \ - service ssh restart \ - && \ +ENTRYPOINT service ssh restart \ + && \ service cron restart \ && \ tail -f /dev/null diff --git a/lab/machines/p-web-01/Dockerfile b/lab/machines/p-web-01/Dockerfile index e4753cc..0553e7c 100644 --- a/lab/machines/p-web-01/Dockerfile +++ b/lab/machines/p-web-01/Dockerfile @@ -4,6 +4,9 @@ FROM lab_base LABEL name="p-web-01" LABEL company="ACME Infinity Servers" +# Variables +ENV FLASK_ENV=development + # Install Required Packages RUN apt-get update -y --fix-missing RUN apt-get install software-properties-common -y @@ -24,8 +27,7 @@ COPY files/site/app.py . COPY files/site/index.html . COPY files/site/upload.html . -ENV FLASK_ENV=development - +# Post Actions RUN mkdir files RUN mkdir uploads COPY files/acme-hyper-branding-5.csv files/acme-hyper-branding-5.csv diff --git a/lab/machines/p-web-02/Dockerfile b/lab/machines/p-web-02/Dockerfile index 6fe8b35..4861beb 100644 --- a/lab/machines/p-web-02/Dockerfile +++ b/lab/machines/p-web-02/Dockerfile @@ -1,20 +1,27 @@ FROM wordpress:latest + # Metadata LABEL name="p-web-02" LABEL company="ACME Infinity Servers" +# Variables ENV WORDPRESS_DB_HOST="c-db-02" ENV WORDPRESS_DB_USER="wordpress" ENV WORDPRESS_DB_PASSWORD="wordpress" ENV WORDPRESS_DB_NAME="wordpress" -# Copy Files to Lab -ADD files/site /var/www/html - +# Install Required Packages RUN apt-get update -y RUN apt-get install -y \ net-tools \ iputils-ping \ iproute2 \ - cron - + cron \ + lshw \ + at + +# Copy Files to Lab +ADD files/site /var/www/html + +# Post Actions +RUN chown www-data:www-data -R /var/www/html/ diff --git a/lab/run.sh b/lab/run.sh index 45506fc..cc523dd 100755 --- a/lab/run.sh +++ b/lab/run.sh @@ -109,6 +109,7 @@ deploy(){ fi else docker compose up --detach &>> $LOG + sleep 5 if status; then echo "Lab is up." else