From 5b9e07fb2458d516237fe29ecd3ab146d8fb22cd Mon Sep 17 00:00:00 2001
From: Steven Foerster <sfoerster@gmail.com>
Date: Mon, 3 May 2021 02:56:05 +0000
Subject: [PATCH] Resolve "Wazuh is not Starting"

---
 extra/bitwarden.yml                    |  2 +-
 extra/jitsi-meet.yml                   |  4 ++--
 extra/syncthing.yml                    |  4 ++--
 extra/tor.yml                          |  2 +-
 scripts/install.sh                     |  7 +++++--
 scripts/services/Mistborn-base.service |  1 +
 scripts/services/wazuh/agent.sh        |  8 ++++++--
 scripts/subinstallers/check_updates.sh | 10 ++++++++++
 scripts/subinstallers/extra/wazuh.sh   |  4 ++--
 9 files changed, 30 insertions(+), 12 deletions(-)
 create mode 100755 scripts/subinstallers/check_updates.sh

diff --git a/extra/bitwarden.yml b/extra/bitwarden.yml
index 377b4b8..cd66424 100644
--- a/extra/bitwarden.yml
+++ b/extra/bitwarden.yml
@@ -19,7 +19,7 @@ services:
       - "traefik.http.routers.bitwarden-https.tls.certresolver=basic"
       - "traefik.http.services.bitwarden-service.loadbalancer.server.port=80"
     ports:
-      - 3012:3012/tcp
+      - "${MISTBORN_BIND_IP}:3012:3012/tcp"
     restart: unless-stopped
 
 networks:
diff --git a/extra/jitsi-meet.yml b/extra/jitsi-meet.yml
index 421f2a3..4a92b8e 100644
--- a/extra/jitsi-meet.yml
+++ b/extra/jitsi-meet.yml
@@ -216,8 +216,8 @@ services:
         image: jitsi/jvb:latest
         restart: unless-stopped
         ports:
-            - '${JVB_PORT}:${JVB_PORT}/udp'
-            - '${JVB_TCP_PORT}:${JVB_TCP_PORT}'
+            - "${MISTBORN_BIND_IP}:${JVB_PORT}:${JVB_PORT}/udp"
+            - "${MISTBORN_BIND_IP}:${JVB_TCP_PORT}:${JVB_TCP_PORT}"
         volumes:
             - ${CONFIG}/jvb:/config:Z
         env_file:
diff --git a/extra/syncthing.yml b/extra/syncthing.yml
index 6083393..f66bd73 100644
--- a/extra/syncthing.yml
+++ b/extra/syncthing.yml
@@ -15,8 +15,8 @@ services:
       - ../../mistborn_volumes/extra/syncthing/data2:/data2
     ports:
       #- 8384:8384
-      - 22000:22000/tcp # listening port
-      - 21027:21027/udp # protocol discovery
+      - "${MISTBORN_BIND_IP}:22000:22000/tcp" # listening port
+      - "${MISTBORN_BIND_IP}:21027:21027/udp" # protocol discovery
     labels:
       - "traefik.enable=true"
       - "traefik.http.routers.syncthing-http.rule=Host(`syncthing.mistborn`)"
diff --git a/extra/tor.yml b/extra/tor.yml
index f8c4141..6b06975 100644
--- a/extra/tor.yml
+++ b/extra/tor.yml
@@ -8,7 +8,7 @@ services:
     image: mistborn_production_tor
     container_name: mistborn_production_tor
     ports:
-      - 9150:9150/tcp
+      - "${MISTBORN_BIND_IP}:9150:9150/tcp"
 
 networks:
   default:
diff --git a/scripts/install.sh b/scripts/install.sh
index a142ad9..0924e86 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -69,6 +69,10 @@ pushd .
 cd /opt/mistborn
 git submodule update --init --recursive
 
+# Check updates
+echo "Checking updates"
+source ./scripts/subinstallers/check_updates.sh
+
 # MISTBORN_DEFAULT_PASSWORD
 source ./scripts/subinstallers/passwd.sh
 
@@ -90,8 +94,7 @@ else
     echo "SSH key exists for $USER"
 fi
 
-# initial load update package list
-sudo apt-get update
+# initial load update package list during check_updates.sh
 
 # install figlet
 sudo -E apt-get install -y figlet
diff --git a/scripts/services/Mistborn-base.service b/scripts/services/Mistborn-base.service
index 9f82b72..46e513c 100644
--- a/scripts/services/Mistborn-base.service
+++ b/scripts/services/Mistborn-base.service
@@ -7,6 +7,7 @@ After=netfilter-persistent.service
 
 [Service]
 Restart=always
+RestartSec=15
 User=root
 Group=docker
 PermissionsStartOnly=true
diff --git a/scripts/services/wazuh/agent.sh b/scripts/services/wazuh/agent.sh
index 222d664..7735fc1 100755
--- a/scripts/services/wazuh/agent.sh
+++ b/scripts/services/wazuh/agent.sh
@@ -6,10 +6,14 @@ if dpkg -s wazuh-agent &> /dev/null; then
     exit 0
 fi
 
+# install curl
+echo "install curl"
+sudo -E apt-get install -y curl
+
 # prepare repo
 echo "Adding Wazuh Repository"
-curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add -
-echo "deb https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list
+curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | sudo -E apt-key add -
+echo "deb https://packages.wazuh.com/4.x/apt/ stable main" | sudo -E tee /etc/apt/sources.list.d/wazuh.list
 
 apt-get update
 
diff --git a/scripts/subinstallers/check_updates.sh b/scripts/subinstallers/check_updates.sh
new file mode 100755
index 0000000..286db0d
--- /dev/null
+++ b/scripts/subinstallers/check_updates.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+sudo apt-get update
+
+UPDATES=$(sudo apt-get dist-upgrade -s --quiet=2 | grep ^Inst | wc -l)
+
+if [[ "$UPDATES" -ne "0" ]]; then
+    echo "Please run updates and reboot before installing Mistborn: sudo apt-get update && sudo apt-get -y dist-upgrade"
+    exit 1;
+fi
\ No newline at end of file
diff --git a/scripts/subinstallers/extra/wazuh.sh b/scripts/subinstallers/extra/wazuh.sh
index 2959629..83dcb79 100755
--- a/scripts/subinstallers/extra/wazuh.sh
+++ b/scripts/subinstallers/extra/wazuh.sh
@@ -23,14 +23,14 @@ import secrets
 import random
 import string
 
-random_pass = ([secrets.choice("@$!*?-_"),
+random_pass = ([secrets.choice("@$!*?-"),
                            secrets.choice(string.digits),
                            secrets.choice(string.ascii_lowercase),
                            secrets.choice(string.ascii_uppercase),
                            ]
                           + [secrets.choice(string.ascii_lowercase
                                            + string.ascii_uppercase
-                                           + "@$!*?-_"
+                                           + "@$!*?-"
                                            + string.digits) for i in range(12)])
 
 random.shuffle(random_pass)