Initial update

Cyr1s-dev · Dec 22, 2024 · ad428c8 · ad428c8
1 parent be8e9dc
commit ad428c8
Show file tree

Hide file tree

Showing 4 changed files with 352 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -1,2 +1,69 @@
-# GZCTF-QUICK-DEPLOY
-Bash script for GZCTF platform deployment
+<h1 align="center">GZCTF-QUICK-DEPLOY</h4>
+
+<h4 align="center">Bash script for GZCTF platform deployment</h4>
+
+<p align="center">
+    <img src="https://img.shields.io/badge/platform-linux-00CC66">
+    <img src="https://img.shields.io/badge/Ubuntu-20.xx%20%7C%2022.xx-0099FF">
+    <img src="https://img.shields.io/badge/Docker-Required-E4A5B3">
+    <img src="https://img.shields.io/badge/Category-automation-9933FF">
+</p>
+
+An automated deployment script for GZCTF platform on Ubuntu systems. This script streamlines the installation process of the GZCTF platform.
+
+
+
+## Features
+
+- Automated dependency installation (Docker, Docker Compose, PostgreSQL client)
+
+- Creates server config in unified format
+
+
+
+## Prerequisites
+
+- Ubuntu 20.xx/22.xx LTS
+
+- Root privileges
+
+- Stable internet connection
+
+- Minimum 2GB RAM
+
+- 10GB available disk space
+
+
+
+## Usage
+
+```bash
+bash ./deploy.sh
+```
+
+
+
+## Configuration
+
+- ### Default Ports
+
+  - Web Interface: 80 (mapped to container port 8080)
+  - PostgreSQL: 5432 (internal container access)
+
+
+
+## Contributing
+
+Contributions are welcome! Please feel free to submit issues and pull requests.
+
+
+
+## Author
+
+- [Cyr1s](https://cyr1s-dev.github.io/about/)
+
+
+
+## Acknowledgments
+
+Special thanks to the [GZCTF](https://github.com/GZTimeWalker/GZCTF) team for their excellent platform.
diff --git a/appsettings.json b/appsettings.json
@@ -0,0 +1,49 @@
+{
+  "AllowedHosts": "*",
+  "ConnectionStrings": {
+    "Database": "Host=db:5432;Database=gzctf;Username=postgres;Password=Admin123" // Modify password
+  },
+  "EmailConfig": {
+    "SendMailAddress": "a@a.com",
+    "UserName": "",
+    "Password": "",
+    "Smtp": {
+      "Host": "localhost",
+      "Port": 587
+    }
+  },
+  "XorKey": "D0g3",
+  "ContainerProvider": {
+    "Type": "Docker", // or "Kubernetes"
+    "PortMappingType": "Default", // or "PlatformProxy"
+    "EnableTrafficCapture": false,
+    "PublicEntry": "127.0.0.1", // or "xxx.xxx.xxx.xxx"
+    // optional
+    "DockerConfig": {
+      "SwarmMode": false,
+      "Uri": "unix:///var/run/docker.sock"
+    }
+  },
+  "RequestLogging": false,
+  "DisableRateLimit": true,
+  "RegistryConfig": {
+    "UserName": "",
+    "Password": "",
+    "ServerAddress": ""
+  },
+  "CaptchaConfig": {
+    "Provider": "None", // or "CloudflareTurnstile" or "GoogleRecaptcha"
+    "SiteKey": "<Your SITE_KEY>",
+    "SecretKey": "<Your SECRET_KEY>",
+    // optional
+    "GoogleRecaptcha": {
+      "VerifyAPIAddress": "https://www.recaptcha.net/recaptcha/api/siteverify",
+      "RecaptchaThreshold": "0.5"
+    }
+  },
+  "ForwardedOptions": {
+    "ForwardedHeaders": 5,
+    "ForwardLimit": 1,
+    "TrustedNetworks": ["192.168.12.0/8"]
+  }
+}
diff --git a/deploy.sh b/deploy.sh
@@ -0,0 +1,207 @@
+#!/bin/bash
+# Express setup of GZCTF
+# for Ubuntu 2x.xx LTS
+# by Cyr1s https://github.com/Cyr1s-dev
+# 
+# Version 0.1 (2024-12-19)
+# 
+# Usage: just run deploy.sh :)
+# 
+
+# get user name
+BASE_USER="$(who am i | awk '{print $1}')"
+if [ -z "$BASE_USER" ]; then
+    BASE_USER="root"
+fi
+
+# check for root
+IAM=$(whoami)
+if [ ${IAM} != "root" ]; then
+    echo "You must be root to use this script"
+    exit 1
+fi
+
+# check for updates
+echo "Updating system packages..."
+apt-get update
+if [ $? -ne 0 ]; then
+    echo "System update failed"
+    exit 1
+fi
+
+apt-get upgrade -y
+if [ $? -ne 0 ]; then
+    echo "System upgrade failed"
+    exit 1
+fi
+
+# Check network connectivity
+echo "Checking network connectivity..."
+ping -c 4 8.8.8.8
+if [ $? -ne 0 ]; then
+    echo "Network is not reachable."
+    exit 1
+fi
+
+echo "Checking Docker website connectivity..."
+curl -I https://www.docker.com
+if [ $? -ne 0 ]; then
+    echo "Cannot connect to Docker website."
+    exit 1
+fi
+
+# Install Docker
+echo "Installing Docker..."
+apt install docker.io docker-compose -y
+if [ $? -ne 0 ]; then
+    echo "Docker installation failed"
+    exit 1
+fi
+
+echo "Docker installed successfully!"
+docker --version
+docker-compose --version
+
+# Set GZCTF installation directory
+echo -n "Please enter installation directory (default /home/$BASE_USER/GZCTF): "
+read install_dir
+
+if [ -z "$install_dir" ]; then
+    install_dir="/home/$BASE_USER/GZCTF"
+fi
+
+# Create installation directory
+echo "Creating directory: $install_dir"
+mkdir -p "$install_dir"
+if [ $? -ne 0 ]; then
+    echo "Directory creation failed"
+    exit 1
+fi
+
+original_dir="$(pwd)"
+
+# Copy appsettings.json and docker-compose.yml to the installation directory
+cp "$original_dir/appsettings.json" "$install_dir"
+cp "$original_dir/docker-compose.yml" "$install_dir"
+
+cd "$install_dir"
+echo "Switched to directory: $(pwd)"
+
+# Get user input for PostgreSQL password, GZCTF public entry, and admin password
+echo -n "Please enter PostgreSQL password (default: Admin123): "
+read -s postgres_password
+echo
+if [ -z "$postgres_password" ]; then
+    postgres_password="Admin123"
+fi
+
+# Export PostgreSQL password to avoid manual input
+export PGPASSWORD="$postgres_password"
+
+# Automatically detect server IP
+public_entry=$(hostname -I | awk '{print $1}')
+if [ -z "$public_entry" ]; then
+    echo "Failed to detect server IP. Please enter manually."
+    while true; do
+        echo -n "Please enter GZCTF server ip: "
+        read public_entry
+        # Regex match for IPv4 address
+        if [[ "$public_entry" =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}$ ]]; then
+            # Check if each segment is between 0 and 255
+            IFS='.' read -r -a octets <<< "$public_entry"
+            valid=true
+            for octet in "${octets[@]}"; do
+                if (( octet < 0 || octet > 255 )); then
+                    valid=false
+                    break
+                fi
+            done
+            if $valid; then
+                break
+            else
+                echo "Invalid IP address. Each octet must be between 0 and 255. Please try again."
+            fi
+        else
+            echo "Invalid IP address format. Please enter in the format X.X.X.X where X is between 0 and 255."
+        fi
+    done
+else
+    echo "Detected server IP: $public_entry"
+fi
+
+while true; do
+    echo -n "Please enter GZCTF admin password (must contain uppercase, lowercase letters, and numbers): "
+    read -s gzctf_admin_password
+    echo
+    if [[ ${#gzctf_admin_password} -ge 8 && "$gzctf_admin_password" =~ [A-Z] && "$gzctf_admin_password" =~ [a-z] && "$gzctf_admin_password" =~ [0-9] ]]; then
+        break
+    else
+        echo "Password does not meet the requirements. Please try again."
+    fi
+done
+
+# Update appsettings.json with user input
+sed -i "s/\"Password\": \"Admin123\"/\"Password\": \"$postgres_password\"/" "$install_dir/appsettings.json"
+sed -i "s/\"PublicEntry\": \"127.0.0.1\"/\"PublicEntry\": \"$public_entry\"/" "$install_dir/appsettings.json"
+
+# Update docker-compose.yml with user input
+sed -i "s/POSTGRES_PASSWORD=Admin123/POSTGRES_PASSWORD=$postgres_password/" "$install_dir/docker-compose.yml"
+sed -i "s/GZCTF_ADMIN_PASSWORD=Admin123/GZCTF_ADMIN_PASSWORD=$gzctf_admin_password/" "$install_dir/docker-compose.yml"
+
+echo "Configuration updated successfully!"
+
+# Switch to installation directory and execute docker-compose
+cd "$install_dir"
+sudo docker-compose up -d
+
+# Get PostgreSQL container IP
+db_ip=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' gzctf_db_1)
+if [ -z "$db_ip" ]; then
+    echo "Failed to retrieve PostgreSQL container IP"
+    exit 1
+fi
+echo "PostgreSQL container IP: $db_ip"
+
+# Install PostgreSQL client
+echo "Installing PostgreSQL client..."
+sudo apt install postgresql-client -y
+if [ $? -ne 0 ]; then
+    echo "PostgreSQL client installation failed"
+    exit 1
+fi
+
+# Add multiple log checks before waiting
+echo "Checking PostgreSQL container logs for startup confirmation..."
+docker logs gzctf_db_1 --tail 20
+
+# Wait for PostgreSQL database to be ready
+echo "Waiting for PostgreSQL database to be ready..."
+until psql -h "$db_ip" -p 5432 -U postgres -d gzctf -c "\q" > /dev/null 2>&1; do
+    echo "PostgreSQL is not ready yet. Waiting..."
+    sleep 5
+    # Add a log check
+    docker logs gzctf_db_1 --tail 5
+done
+echo "PostgreSQL database is ready."
+
+# Connect to PostgreSQL database
+echo "Connecting to PostgreSQL database..."
+psql -h "$db_ip" -p 5432 -U postgres -d gzctf -c "\q"
+if [ $? -ne 0 ]; then
+    echo "Failed to connect to PostgreSQL database"
+    exit 1
+fi
+echo "Successfully connected to PostgreSQL database."
+
+# Update AspNetUsers role
+echo "Updating AspNetUsers role in PostgreSQL database..."
+psql -h "$db_ip" -p 5432 -U postgres -d gzctf -c "UPDATE \"AspNetUsers\" SET \"Role\"=3 WHERE \"UserName\"='admin';"
+if [ $? -ne 0 ]; then
+    echo "Failed to update AspNetUsers role in PostgreSQL database"
+    exit 1
+fi
+echo "AspNetUsers role updated successfully."
+
+# information
+echo "PostgreSQL password: $postgres_password"
+echo "GZCTF admin password: $gzctf_admin_password"
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -0,0 +1,27 @@
+version: "3.0"
+services:
+  gzctf:
+    image: gztime/gzctf:latest
+    restart: always
+    environment:
+      # Modify password
+      - "GZCTF_ADMIN_PASSWORD=Admin123"
+      # Switch language `en_US` / `zh_CN` / `ja_JP`
+      - "LC_ALL=zh_CN.UTF-8"
+    ports:
+      - "80:8080"
+    volumes:
+      - "./data/files:/app/files"
+      - "./appsettings.json:/app/appsettings.json:ro"
+      # - "./kube-config.yaml:/app/kube-config.yaml:ro" # this is required for k8s deployment
+      - "/var/run/docker.sock:/var/run/docker.sock" # this is required for docker deployment
+    depends_on:
+      - db
+
+  db:
+    image: postgres:alpine
+    restart: always
+    environment:
+      - "POSTGRES_PASSWORD=Admin123"
+    volumes:
+      - "./data/db:/var/lib/postgresql/data"