chore: better script & ci

ADORSYS-GIS · Aug 15, 2024 · c58654a · c58654a
1 parent 38ce720
commit c58654a
Showing 1 changed file with 57 additions and 25 deletions.
diff --git a/scripts/install.sh b/scripts/install.sh
@@ -1,25 +1,28 @@
 #!/bin/sh
 
-# Check if we're running in bash; if not, exit or adjust behavior
+# Check if we're running in bash; if not, adjust behavior
 if [ -n "$BASH_VERSION" ]; then
     set -euo pipefail
 else
     set -eu
 fi
 
 LOG_LEVEL=${LOG_LEVEL:-INFO}
-YARA_RULES_URL="https://valhalla.nextron-systems.com/api/v1/get"
-YARA_RULES_APIKEY="1111111111111111111111111111111111111111111111111111111111111111"
 YARA_RULES_DIR="/var/ossec/ruleset/yara/rules"
-YARA_RULES_FILE="$YARA_RULES_DIR/yara_rules.yar"
 USER="root"
 GROUP="wazuh"
 
+# YARA rule sources
+RULES=(
+    "https://valhalla.nextron-systems.com/api/v1/get?apikey=1111111111111111111111111111111111111111111111111111111111111111&format=text yara_rules_valhalla.yar"
+    "https://example.com/other_rules.yar other_rules.yar"
+)
+
 # Function to handle logging
 log() {
-    local LEVEL="$1"
+    local LEVEL=$1
     shift
-    local MESSAGE="$*"
+    local MESSAGE=$*
     local TIMESTAMP=$(date +"%Y-%m-%d %H:%M:%S")
 
     if [ "$LEVEL" = "ERROR" ] || [ "$LEVEL" = "WARNING" -a "$LOG_LEVEL" != "ERROR" ] || [ "$LEVEL" = "INFO" -a "$LOG_LEVEL" = "INFO" ]; then
@@ -37,24 +40,38 @@ maybe_sudo() {
 }
 
 install_yara_ubuntu() {
-    log INFO "Installing YARA on Ubuntu..."
+    log INFO "Installing YARA on Ubuntu/Debian..."
     maybe_sudo apt update
-    maybe_sudo apt install -y yara
+    maybe_sudo apt install -y yara curl
 }
 
 install_yara_alpine() {
     log INFO "Installing YARA on Alpine Linux..."
     maybe_sudo apk update
-    maybe_sudo apk add yara
+    maybe_sudo apk add yara curl
 }
 
 install_yara_centos() {
     log INFO "Installing YARA on CentOS/RHEL..."
     maybe_sudo yum install -y epel-release
-    maybe_sudo yum install -y yara
+    maybe_sudo yum install -y yara curl
+}
+
+install_yara_fedora() {
+    log INFO "Installing YARA on Fedora..."
+    maybe_sudo dnf install -y yara curl
+}
+
+install_yara_suse() {
+    log INFO "Installing YARA on SUSE..."
+    maybe_sudo zypper install -y yara curl
+}
+
+install_yara_arch() {
+    log INFO "Installing YARA on Arch Linux..."
+    maybe_sudo pacman -Syu --noconfirm yara curl
 }
 
-# TODO: Implement BusyBox installation
 install_yara_busybox() {
     log INFO "Installing YARA on BusyBox..."
     log ERROR "BusyBox does not support direct package management for YARA. Consider cross-compiling or using a pre-built binary."
@@ -66,20 +83,29 @@ install_yara_macos() {
     brew install yara
 }
 
-download_yara_rules() {
-    log INFO "Downloading YARA rules..."
+download_yara_rule() {
+    local URL=$1
+    local FILENAME=$2
+    local OUTPUT_PATH="$YARA_RULES_DIR/$FILENAME"
+
+    log INFO "Downloading YARA rule from $URL..."
+    curl --progress-bar -L "$URL" -o "$OUTPUT_PATH"
+
+    if [ -s "$OUTPUT_PATH" ]; then
+        maybe_sudo chown "$USER":"$GROUP" "$OUTPUT_PATH"
+        log INFO "YARA rule downloaded successfully to $OUTPUT_PATH."
+    else
+        log ERROR "Failed to download YARA rule from $URL."
+    fi
+}
+
+download_all_yara_rules() {
     maybe_sudo mkdir -p "$YARA_RULES_DIR"
-    curl --progress-bar -L "$YARA_RULES_URL" \
-        -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' \
-        -H 'Accept-Language: en-US,en;q=0.5' \
-        --compressed \
-        -H 'Referer: https://valhalla.nextron-systems.com/' \
-        -H 'Content-Type: application/x-www-form-urlencoded' \
-        -H 'DNT: 1' -H 'Connection: keep-alive' -H 'Upgrade-Insecure-Requests: 1' \
-        --data "demo=demo&apikey=$YARA_RULES_APIKEY&format=text" \
-        -o "$YARA_RULES_FILE"
-    maybe_sudo chown -R "$USER":"$GROUP" "$YARA_RULES_DIR"
-    log INFO "YARA rules downloaded successfully to $YARA_RULES_FILE."
+
+    for rule in "${RULES[@]}"; do
+        IFS=' ' read -r URL FILENAME <<< "$rule"
+        download_yara_rule "$URL" "$FILENAME"
+    done
 }
 
 log INFO "Starting YARA installation script."
@@ -91,6 +117,12 @@ if [ "$(uname)" = "Linux" ]; then
         install_yara_alpine
     elif command -v yum > /dev/null 2>&1; then
         install_yara_centos
+    elif command -v dnf > /dev/null 2>&1; then
+        install_yara_fedora
+    elif command -v zypper > /dev/null 2>&1; then
+        install_yara_suse
+    elif command -v pacman > /dev/null 2>&1; then
+        install_yara_arch
     elif command -v busybox > /dev/null 2>&1; then
         install_yara_busybox
     else
@@ -104,6 +136,6 @@ else
     exit 1
 fi
 
-download_yara_rules
+download_all_yara_rules
 
 log INFO "YARA installation and configuration completed successfully."