#!/bin/bash # This script installs the AppSentinels Sniffer service on Ubuntu, Amazon Linux and RHEL/CentOS. # It checks for the presence of Docker and Podman, installs Docker if necessary (removes podman), # and creates a systemd service for the AppSentinels Sniffer. # Copyright (c) AppSentinels. All rights reserved. echo "Installing AppSentinels Sniffer..." # Define mandatory environment variables REMOTE_CONTROLLER_SERVER_NAME="" #input needed here TAP_INTERFACE="default" #input needed here TAP_FILTER="" #input needed here TAP_PROFILE="low" #input needed here (low|medium|high) INSTANCE_NAME="default" #input needed here for visibility RELAY_PROTOCOL="http" #input needed here for logging protool (http|https) HTTPS_INSECURE_SKIP_VERIFY="true" #input needed here to skip verify for https (set to true if using self-signed certs) # Function to install Docker install_docker() { echo "Docker not found. Installing Docker..." case $1 in ubuntu|debian) apt-get update apt-get install -y docker.io ;; rhel|centos) # Later versions need podman, need to confirm yum remove podman -y yum install -y yum-utils yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo yum install docker-ce docker-ce-cli containerd.io -y systemctl start docker systemctl enable docker ;; amzn) yum update -y amazon-linux-extras install docker -y systemctl start docker systemctl enable docker ;; *) echo "Unsupported OS: $1" exit 1 ;; esac } # Detect the Linux distribution if [ -f /etc/os-release ]; then . /etc/os-release OS=$ID else echo "Cannot detect OS. Exiting." exit 1 fi # Install Docker if not already installed if ! command -v docker &> /dev/null; then install_docker $OS else # Check if Podman is also installed, its symlink to docker usually on redhat if command -v podman &> /dev/null; then echo "Podman is installed. Removing and reinstalling Docker..." install_docker $OS else echo "Docker is already installed." fi fi CONTAINER_NAME="appsentinels-sniffer-sensor" REMOTE_CONTROLLER_SERVER_PORT="9004" HOSTNAME=$(hostname) if [ "$TAP_PROFILE" == "low" ]; then MAX_SAAS_QUEUE_HOLDING_CAP="4096" SAAS_CONNECTOR_LIMIT="10" CPU_SHARES="0.25" MEMORY="256m" elif [ "$TAP_PROFILE" == "medium" ]; then MAX_SAAS_QUEUE_HOLDING_CAP="8192" SAAS_CONNECTOR_LIMIT="25" CPU_SHARES="0.50" MEMORY="512m" else MAX_SAAS_QUEUE_HOLDING_CAP="16384" SAAS_CONNECTOR_LIMIT="50" CPU_SHARES="1.00" MEMORY="1024m" fi IMAGE_NAME="appsentinels/ng-controller" IMAGE_TAG="latest" ARCH=`uname -m` if [ "$ARCH" == "aarch64" ]; then IMAGE_TAG="aarch-latest" fi # Check if the service file exists if [ -f /etc/systemd/system/appsentinels-sniffer.service ]; then echo "AppSentinels Sniffer service file already exists." else # Create systemd service file tee /etc/systemd/system/appsentinels-sniffer.service > /dev/null << EOF [Unit] Description=AppSentinels Sniffer Service After=docker.service Requires=docker.service [Service] Restart=always RestartSec=10 ExecStartPre=/bin/sh -c '/usr/bin/docker stop $CONTAINER_NAME || true' ExecStartPre=/bin/sh -c '/usr/bin/docker rm $CONTAINER_NAME || true' ExecStart=/usr/bin/docker run --name $CONTAINER_NAME --hostname $HOSTNAME \ --env REMOTE_CONTROLLER_SERVER_NAME=$REMOTE_CONTROLLER_SERVER_NAME \ --env REMOTE_CONTROLLER_SERVER_PORT=$REMOTE_CONTROLLER_SERVER_PORT \ --env TAP_INTERFACE=$TAP_INTERFACE \ --env TAP_FILTER=$TAP_FILTER \ --env TAP_PROFILE=$TAP_PROFILE \ --env MAX_SAAS_QUEUE_HOLDING_CAP=$MAX_SAAS_QUEUE_HOLDING_CAP \ --env SAAS_CONNECTOR_LIMIT=$SAAS_CONNECTOR_LIMIT \ --env RELAY_PROTOCOL=$RELAY_PROTOCOL \ --env DP_SERVER_PORT=$DP_SERVER_PORT \ --env SNIFFER_SENSOR_INSTANCE=$INSTANCE_NAME \ --env HTTPS_INSECURE_SKIP_VERIFY=$HTTPS_INSECURE_SKIP_VERIFY \ --network host \ --cpus=$CPU_SHARES \ --memory=$MEMORY \ $IMAGE_NAME:$IMAGE_TAG ExecStop=/usr/bin/docker stop $CONTAINER_NAME ExecStop=/usr/bin/docker rm $CONTAINER_NAME [Install] WantedBy=multi-user.target EOF echo "AppSentinels Sniffer service file created." fi # Reload systemd daemon systemctl daemon-reload # Enable and start the service systemctl enable appsentinels-sniffer systemctl start appsentinels-sniffer echo "AppSentinels Sniffer service installed and started successfully."