diff --git a/CHANGELOG b/CHANGELOG index 2f13dbd30..30e7b706d 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -6,6 +6,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +### Changed +- [REPUTATION_CTX] Allow to configure if custom Reputation Context DBs should be downloaded every hour +- [REPUTATION_CTX] Set back update crontab to download Reputation Context files every hour ## [2.33.0] - 2025-10-24 diff --git a/vulture_os/applications/fixtures/reputation_ctx.json b/vulture_os/applications/fixtures/reputation_ctx.json index 990e68340..abffc25a4 100644 --- a/vulture_os/applications/fixtures/reputation_ctx.json +++ b/vulture_os/applications/fixtures/reputation_ctx.json @@ -5,14 +5,17 @@ "name": "Geolite2 Country", "db_type": "GeoIP", "method": "GET", - "url": "https://barricade.vultureproject.org/ipsets/GeoLite2-Country.mmdb", + "url": "https://download.maxmind.com/geoip/databases/GeoLite2-Country/download?suffix=tar.gz", + "auth_type": "basic", + "user": "YOURACCOUNTID", + "password": "YOURLICENSEKEY", "verify_cert": true, "filename": "GeoLite2-Country.mmdb", - "description": "Maxmind DBs Geoip country database", + "description": "Maxmind DBs Geoip country database.\nPLEASE FILL-IN YOUR PERSONAL ACCOUNDID AND LICENSEKEY TO USE THOSE DBS", "nb_netset": 0, "nb_unique": 0, - "internal": true, - "enable_hour_download": true + "internal": false, + "enable_hour_download": false } }, { @@ -21,14 +24,17 @@ "name": "Geolite2 City", "db_type": "GeoIP", "method": "GET", - "url": "https://barricade.vultureproject.org/ipsets/GeoLite2-City.mmdb", + "url": "https://download.maxmind.com/geoip/databases/GeoLite2-City/download?suffix=tar.gz", + "auth_type": "basic", + "user": "YOURACCOUNTID", + "password": "YOURLICENSEKEY", "verify_cert": true, "filename": "GeoLite2-City.mmdb", - "description": "Maxmind DBs Geoip city database", + "description": "Maxmind DBs Geoip city database.\nPLEASE FILL-IN YOUR PERSONAL ACCOUNDID AND LICENSEKEY TO USE THOSE DBS", "nb_netset": 0, "nb_unique": 0, - "internal": true, - "enable_hour_download": true + "internal": false, + "enable_hour_download": false } } ] \ No newline at end of file diff --git a/vulture_os/applications/reputation_ctx/form.py b/vulture_os/applications/reputation_ctx/form.py index 532a1aed4..ef89058da 100644 --- a/vulture_os/applications/reputation_ctx/form.py +++ b/vulture_os/applications/reputation_ctx/form.py @@ -48,7 +48,7 @@ class ReputationContextForm(ModelForm): class Meta: model = ReputationContext fields = ('name', 'description', 'db_type', 'method', 'url', 'verify_cert', 'post_data', 'auth_type', 'user', - 'password', 'tags') + 'password', 'tags', 'enable_hour_download') widgets = { 'name': TextInput(attrs={'class': 'form-control'}), @@ -57,11 +57,12 @@ class Meta: 'method': Select(choices=HTTP_METHOD_CHOICES, attrs={'class': 'form-control select2'}), 'url': TextInput(attrs={'class': 'form-control'}), 'verify_cert': CheckboxInput(attrs={'class': "form-control js-switch"}), + 'enable_hour_download': CheckboxInput(attrs={'class': "form-control js-switch"}), 'post_data': TextInput(attrs={'class': 'form-control'}), 'auth_type': Select(choices=HTTP_AUTH_TYPE_CHOICES, attrs={'class': 'form-control select2'}), 'user': TextInput(attrs={'class': 'form-control'}), - 'password': TextInput(attrs={'class': 'form-control'}), - 'tags': TextInput(attrs={'class': 'form-control', 'data-role': "tagsinput"}) + 'password': TextInput(attrs={'type':'password', 'class': 'form-control'}), + 'tags': TextInput(attrs={'class': 'form-control', 'data-role': "tagsinput"}), } def __init__(self, *args, **kwargs): @@ -70,7 +71,7 @@ def __init__(self, *args, **kwargs): for field_name in ['auth_type', 'verify_cert', 'post_data', 'user', 'password', 'tags']: self.fields[field_name].required = False # Set readonly if internal reputation context - if kwargs.get('instance') and kwargs.get('instance').internal: + if kwargs.get('instance') and kwargs['instance'].internal: for field in self.fields: self.fields[field].widget.attrs['readonly'] = True self.initial['tags'] = ','.join(self.initial.get('tags', []) or self.fields['tags'].initial) diff --git a/vulture_os/applications/reputation_ctx/models.py b/vulture_os/applications/reputation_ctx/models.py index c0a36ccb1..747391f47 100644 --- a/vulture_os/applications/reputation_ctx/models.py +++ b/vulture_os/applications/reputation_ctx/models.py @@ -159,7 +159,12 @@ class ReputationContext(models.Model): nb_netset = models.IntegerField(default=0) nb_unique = models.IntegerField(default=0) internal = models.BooleanField(default=False) - enable_hour_download = models.BooleanField(default=True) + enable_hour_download = models.BooleanField( + default=True, + verbose_name=_("Automatically download file every hour"), + help_text=_("If activated, Vulture will download and save the file, and will automatically" + " restart the service(s) using it") + ) """ Use DjongoManager to use mongo_find() & Co """ objects = models.DjongoManager() diff --git a/vulture_os/applications/templates/apps/reputation_ctx_edit.html b/vulture_os/applications/templates/apps/reputation_ctx_edit.html index 9a68d4156..8c02ca029 100644 --- a/vulture_os/applications/templates/apps/reputation_ctx_edit.html +++ b/vulture_os/applications/templates/apps/reputation_ctx_edit.html @@ -111,6 +111,17 @@

{% translate "Form errors" %}

+
+
+
+ +
+ {{form.enable_hour_download}} + {{form.enable_hour_download.errors|safe}} +
+
+
+
diff --git a/vulture_os/toolkit/updates/v2.32.0/0_update_default_geolite_reputation_ctx.py b/vulture_os/toolkit/updates/v2.32.0/0_update_default_geolite_reputation_ctx.py new file mode 100644 index 000000000..1b4f83c65 --- /dev/null +++ b/vulture_os/toolkit/updates/v2.32.0/0_update_default_geolite_reputation_ctx.py @@ -0,0 +1,75 @@ +#!/home/vlt-os/env/bin/python + +"""This file is part of Vulture 4. + +Vulture 4 is free software: you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +Vulture 4 is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with Vulture 4. If not, see http://www.gnu.org/licenses/. +""" +__author__ = "Theo Bertin" +__credits__ = [] +__license__ = "GPLv3" +__version__ = "4.0.0" +__maintainer__ = "Vulture Project" +__email__ = "contact@vultureproject.org" +__doc__ = "Update GeoLite default databases to make them editable" + +import sys +import os + +# Django setup part +sys.path.append('/home/vlt-os/vulture_os') +os.environ.setdefault("DJANGO_SETTINGS_MODULE", 'vulture_os.settings') + +import django +django.setup() + +from system.cluster.models import Cluster +from applications.reputation_ctx.models import ReputationContext + +if not Cluster.is_node_bootstrapped(): + sys.exit(0) + +if __name__ == "__main__": + + node = Cluster.get_current_node() + if not node: + print("Current node not found. Maybe the cluster has not been initialised yet.") + else: + try: + if db := ReputationContext.objects.filter(name="Geolite2 Country", internal=True).first(): + print("Modifying GeoLite Country default DB...") + db.url = "https://download.maxmind.com/geoip/databases/GeoLite2-Country/download?suffix=tar.gz" + db.auth_type = "basic" + db.user = "YOURACCOUNTID" + db.password = "YOURLICENSEKEY" + db.description = "Maxmind DBs Geoip country database.\n" \ + "PLEASE FILL-IN YOUR PERSONAL ACCOUNDID AND LICENSEKEY TO USE THOSE DBS" + db.enable_hour_download = False + db.internal = False + db.save() + if db := ReputationContext.objects.filter(name="Geolite2 City", internal=True).first(): + print("Modifying GeoLite City default DB...") + db.url = "https://download.maxmind.com/geoip/databases/GeoLite2-City/download?suffix=tar.gz" + db.auth_type = "basic" + db.user = "YOURACCOUNTID" + db.password = "YOURLICENSEKEY" + db.description = "Maxmind DBs Geoip city database.\n" \ + "PLEASE FILL-IN YOUR PERSONAL ACCOUNDID AND LICENSEKEY TO USE THOSE DBS" + db.enable_hour_download = False + db.internal = False + db.save() + except Exception as e: + print(f"Failed to update Reputation Contexts: {e}") + print("Please relaunch this script after solving the issue.") + + print("Done.") diff --git a/vulture_os/vulture_os/settings.py b/vulture_os/vulture_os/settings.py index 3c15671ee..fe1cb2f04 100644 --- a/vulture_os/vulture_os/settings.py +++ b/vulture_os/vulture_os/settings.py @@ -105,7 +105,7 @@ ("8 22 * * *", "gui.crontab.pki.update_crl"), # Every day at 22:08 ("7 22 * * *", "gui.crontab.pki.update_acme"), # Every day at 22:07 ("0 23 * * *", "gui.crontab.feed.security_update"), # Every day at 23:00 - ("25 19 * * wed,sat", "gui.crontab.feed.update_reputation_ctx"), # Every wednesday and saturday at 06:00 + ("0 * * * *", "gui.crontab.feed.update_reputation_ctx"), # Every hour ("0 1 * * *", "gui.crontab.check_internal_tasks.check_internal_tasks"), # Every day at 01:00 ("15 10 1 * *", "gui.crontab.generate_tzdbs.generate_timezone_dbs"), # Every first day of the month at 10:15 ]