Fleet: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 107: | Zeile 107: | ||
* cp ca.crt /usr/local/share/ca-certificates/fleet-ca.crt | * cp ca.crt /usr/local/share/ca-certificates/fleet-ca.crt | ||
* update-ca-certificates | * update-ca-certificates | ||
| − | + | ===Der erste Host ist drin=== | |
| + | [[Datei:Fleet-1.png]] | ||
[[Kategorie:Cybersecurity]] | [[Kategorie:Cybersecurity]] | ||
[[Kategorie:Hacking]] | [[Kategorie:Hacking]] | ||
Version vom 20. April 2025, 08:19 Uhr
FleetDM Docker-Installation
Docker & Tools installieren
- apt install -y docker.io docker-compose curl
Zertifikate und Keys vorbereiten
- mkdir -p /mnt/docker/fleet
- cd /mnt/docker/fleet
- wget https://web.samogo.de/certs/ca.crt
- wget https://web.samogo.de/certs/star.it113.int.crt
- wget https://web.samogo.de/certs/star.it113.int.key
- cat star.it113.int.crt ca.crt > certs/fullchain.pem
- mv star.it113.int.key certs/privkey.pem
Docker Compose-Konfiguration
- vi docker-compose.yaml
version: '3.8'
services:
mysql:
image: mysql:8.0.36
container_name: mysql
environment:
MYSQL_ROOT_PASSWORD: rootpw
MYSQL_DATABASE: fleet
MYSQL_USER: fleet
MYSQL_PASSWORD: changeme
volumes:
- ./mysql-data:/var/lib/mysql
healthcheck:
test: ["CMD", "mysqladmin", "ping", "-pfleet"]
interval: 10s
timeout: 5s
retries: 10
redis:
image: redis:7
container_name: redis
volumes:
- ./redis-data:/data
fleet-init:
image: fleetdm/fleet:v4.49.1
container_name: fleet-init
depends_on:
mysql:
condition: service_healthy
redis:
condition: service_started
environment:
FLEET_MYSQL_ADDRESS: mysql:3306
FLEET_MYSQL_DATABASE: fleet
FLEET_MYSQL_USERNAME: fleet
FLEET_MYSQL_PASSWORD: changeme
FLEET_REDIS_ADDRESS: redis:6379
command: fleet prepare db --no-prompt
restart: "no"
fleet:
image: fleetdm/fleet:v4.49.1
container_name: fleet
ports:
- "8080:8080"
depends_on:
fleet-init:
condition: service_completed_successfully
environment:
FLEET_MYSQL_ADDRESS: mysql:3306
FLEET_MYSQL_DATABASE: fleet
FLEET_MYSQL_USERNAME: fleet
FLEET_MYSQL_PASSWORD: changeme
FLEET_REDIS_ADDRESS: redis:6379
FLEET_SERVER_TLS: "true"
FLEET_SERVER_CERT: /certs/fullchain.pem
FLEET_SERVER_KEY: /certs/privkey.pem
volumes:
- ./certs:/certs
command: fleet serve
- docker-compose up -d
fleetctl besorgen (auf dem Server)
- wget https://github.com/fleetdm/fleet/releases/download/fleet-v4.66.0/fleetctl_v4.66.0_linux_amd64.tar.gz
- tar -xvzf fleetctl_v4.66.0_linux_amd64.tar.gz
- cp fleetctl_v4.66.0_linux_amd64/fleetctl /usr/local/sbin/
- fleetctl --version
Paket für die Clients bauen (insecure-Variante)
- Die Enroll-Secret gibt’s in der Web-Oberfläche unter
- Hosts → Add Host → Linux (DEB)
- fleetctl package --type=deb --enable-scripts \
--fleet-url=https://fleet.it113.int:8080 \ --enroll-secret=gYpHjdyHvQb3/JD1K2NSdnJg4aAqgSH8 \ --insecure
Erzeugt wird z. B.:
- fleet-osquery_1.41.0_amd64.deb
Debian Paket auf den Clients installieren
- dpkg -i fleet-osquery_1.41.0_amd64.deb
- systemctl status orbit.service
CA auf dem Client einspielen
- cp ca.crt /usr/local/share/ca-certificates/fleet-ca.crt
- update-ca-certificates
Der erste Host ist drin
