#!/bin/bash # TarPit.pro Installation Script # Usage: curl -fsSL https://get.tarpit.pro | sudo bash # With registration token: curl -fsSL https://get.tarpit.pro | sudo bash -s -- --init "" # # This script installs the TarPit.pro agent binary and optionally # registers the server with your account using a registration token. set -e # Colors for output RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' NC='\033[0m' # No Color # Configuration BINARY_NAME="tarpit-pro" INSTALL_DIR="/usr/local/bin" CONFIG_DIR="/etc/tarpit-pro" DATA_DIR="/var/lib/tarpit-pro" LOG_DIR="/var/log/tarpit-pro" DOWNLOAD_BASE="https://releases.tarpit.pro" API_URL="https://api.tarpit.pro" VERSION="latest" # Parse arguments INIT_TOKEN="" while [[ $# -gt 0 ]]; do case $1 in --init) INIT_TOKEN="$2" shift 2 ;; --version) VERSION="$2" shift 2 ;; --help|-h) echo "TarPit.pro Installation Script" echo "" echo "Usage: curl -fsSL https://get.tarpit.pro | sudo bash -s -- [OPTIONS]" echo "" echo "Options:" echo " --init Registration token to automatically register this server" echo " --version Install specific version (default: latest)" echo " --help Show this help message" echo "" echo "Examples:" echo " # Install latest version" echo " curl -fsSL https://get.tarpit.pro | sudo bash" echo "" echo " # Install and register with token" echo " curl -fsSL https://get.tarpit.pro | sudo bash -s -- --init \"trp_reg_xxx...\"" exit 0 ;; *) echo -e "${RED}Unknown option: $1${NC}" exit 1 ;; esac done # Functions log_info() { echo -e "${BLUE}[INFO]${NC} $1" } log_success() { echo -e "${GREEN}[OK]${NC} $1" } log_warn() { echo -e "${YELLOW}[WARN]${NC} $1" } log_error() { echo -e "${RED}[ERROR]${NC} $1" } # Check if running as root check_root() { if [[ $EUID -ne 0 ]]; then log_error "This script must be run as root (use sudo)" exit 1 fi } # Detect OS and architecture detect_platform() { OS=$(uname -s | tr '[:upper:]' '[:lower:]') ARCH=$(uname -m) case "$OS" in linux) OS="linux" ;; darwin) OS="darwin" ;; mingw*|msys*|cygwin*) OS="windows" ;; *) log_error "Unsupported operating system: $OS" exit 1 ;; esac case "$ARCH" in x86_64|amd64) ARCH="amd64" ;; aarch64|arm64) ARCH="arm64" ;; armv7l|armv6l) ARCH="arm" ;; *) log_error "Unsupported architecture: $ARCH" exit 1 ;; esac PLATFORM="${OS}-${ARCH}" log_info "Detected platform: $PLATFORM" } # Get the download URL for the binary get_download_url() { if [[ "$VERSION" == "latest" ]]; then # Get latest version from API LATEST_VERSION=$(curl -fsSL "${API_URL}/v1/agent/version" 2>/dev/null | grep -o '"version":"[^"]*"' | cut -d'"' -f4 || echo "") if [[ -z "$LATEST_VERSION" ]]; then # Fallback to releases endpoint LATEST_VERSION=$(curl -fsSL "${DOWNLOAD_BASE}/latest/version.txt" 2>/dev/null || echo "1.0.0") fi VERSION="$LATEST_VERSION" fi if [[ "$OS" == "windows" ]]; then BINARY_FILE="${BINARY_NAME}-${PLATFORM}.exe" else BINARY_FILE="${BINARY_NAME}-${PLATFORM}" fi DOWNLOAD_URL="${DOWNLOAD_BASE}/v${VERSION}/${BINARY_FILE}" log_info "Download URL: $DOWNLOAD_URL" } # Check for existing installation check_existing() { if command -v $BINARY_NAME &> /dev/null; then EXISTING_VERSION=$($BINARY_NAME version 2>/dev/null | grep -o 'v[0-9.]*' | head -1 || echo "unknown") log_warn "TarPit.pro is already installed (version: $EXISTING_VERSION)" log_info "Upgrading to version $VERSION..." # Stop existing service if running if systemctl is-active --quiet tarpit-pro 2>/dev/null; then log_info "Stopping existing service..." systemctl stop tarpit-pro || true fi fi } # Download and install binary install_binary() { log_info "Downloading TarPit.pro $VERSION..." TMP_DIR=$(mktemp -d) TMP_FILE="${TMP_DIR}/${BINARY_NAME}" # Download binary if ! curl -fsSL "$DOWNLOAD_URL" -o "$TMP_FILE"; then log_error "Failed to download binary from $DOWNLOAD_URL" rm -rf "$TMP_DIR" exit 1 fi # Verify download (check it's not an error page) if file "$TMP_FILE" | grep -q "text"; then log_error "Downloaded file appears to be text (possibly an error page)" cat "$TMP_FILE" rm -rf "$TMP_DIR" exit 1 fi # Make executable chmod +x "$TMP_FILE" # Install to system directory log_info "Installing to $INSTALL_DIR..." mv "$TMP_FILE" "${INSTALL_DIR}/${BINARY_NAME}" # Clean up rm -rf "$TMP_DIR" log_success "Binary installed successfully" } # Create necessary directories create_directories() { log_info "Creating directories..." mkdir -p "$CONFIG_DIR" mkdir -p "$DATA_DIR" mkdir -p "$LOG_DIR" # Set permissions chmod 755 "$CONFIG_DIR" chmod 755 "$DATA_DIR" chmod 755 "$LOG_DIR" log_success "Directories created" } # Create default configuration if it doesn't exist create_config() { CONFIG_FILE="${CONFIG_DIR}/config.yaml" if [[ -f "$CONFIG_FILE" ]]; then log_info "Configuration file already exists, preserving..." return fi log_info "Creating default configuration..." cat > "$CONFIG_FILE" << 'EOF' # TarPit.pro Configuration # Documentation: https://tarpit.pro/docs # Ports to monitor (honeypot services) ports: - 21 # FTP - 22 # SSH - 23 # Telnet - 3306 # MySQL - 5432 # PostgreSQL - 6379 # Redis # Tarpit settings tarpit: enabled: true delay: 3s max_response_bytes: 1024 # Cloud sync (configured automatically with --init) cloud: enabled: false api_url: https://api.tarpit.pro # token: # Local storage storage: db_path: /var/lib/tarpit-pro/attacks.db max_attacks: 10000 # Logging logging: level: info file: /var/log/tarpit-pro/tarpit-pro.log EOF chmod 644 "$CONFIG_FILE" log_success "Configuration created at $CONFIG_FILE" } # Install systemd service (Linux only) install_service_linux() { if [[ "$OS" != "linux" ]]; then return fi if ! command -v systemctl &> /dev/null; then log_warn "systemd not found, skipping service installation" return fi log_info "Installing systemd service..." cat > /etc/systemd/system/tarpit-pro.service << EOF [Unit] Description=TarPit.pro Honeypot Agent Documentation=https://tarpit.pro/docs After=network-online.target Wants=network-online.target [Service] Type=simple ExecStart=${INSTALL_DIR}/${BINARY_NAME} start Restart=always RestartSec=5 User=root LimitNOFILE=65536 # Security hardening NoNewPrivileges=true ProtectSystem=strict ProtectHome=true ReadWritePaths=${DATA_DIR} ${LOG_DIR} ${CONFIG_DIR} PrivateTmp=true [Install] WantedBy=multi-user.target EOF systemctl daemon-reload log_success "Systemd service installed" } # Install launchd service (macOS only) install_service_darwin() { if [[ "$OS" != "darwin" ]]; then return fi log_info "Installing launchd service..." PLIST_FILE="/Library/LaunchDaemons/pro.tarpit.agent.plist" cat > "$PLIST_FILE" << EOF Label pro.tarpit.agent ProgramArguments ${INSTALL_DIR}/${BINARY_NAME} start RunAtLoad KeepAlive StandardOutPath ${LOG_DIR}/tarpit-pro.log StandardErrorPath ${LOG_DIR}/tarpit-pro.error.log EOF chmod 644 "$PLIST_FILE" log_success "Launchd service installed" } # Detect public IP detect_public_ip() { PUBLIC_IP="" # Try multiple services for service in "https://api.ipify.org" "https://ifconfig.me/ip" "https://icanhazip.com"; do PUBLIC_IP=$(curl -fsSL --connect-timeout 5 "$service" 2>/dev/null | tr -d '\n' || echo "") if [[ -n "$PUBLIC_IP" ]] && [[ "$PUBLIC_IP" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then break fi done if [[ -z "$PUBLIC_IP" ]]; then log_warn "Could not detect public IP address" else log_info "Detected public IP: $PUBLIC_IP" fi } # Detect internal IP detect_internal_ip() { INTERNAL_IP="" if [[ "$OS" == "linux" ]]; then INTERNAL_IP=$(ip route get 1 2>/dev/null | awk '{print $7; exit}' || hostname -I 2>/dev/null | awk '{print $1}' || echo "") elif [[ "$OS" == "darwin" ]]; then INTERNAL_IP=$(ipconfig getifaddr en0 2>/dev/null || ipconfig getifaddr en1 2>/dev/null || echo "") fi if [[ -n "$INTERNAL_IP" ]]; then log_info "Detected internal IP: $INTERNAL_IP" fi } # Register server with token register_server() { if [[ -z "$INIT_TOKEN" ]]; then return fi log_info "Registering server with TarPit.pro..." detect_public_ip detect_internal_ip HOSTNAME=$(hostname) OS_INFO=$(uname -s) ARCH_INFO=$(uname -m) # Build registration request REGISTER_DATA=$(cat << EOF { "registration_token": "$INIT_TOKEN", "hostname": "$HOSTNAME", "public_ip": "$PUBLIC_IP", "internal_ip": "$INTERNAL_IP", "os": "$OS_INFO", "arch": "$ARCH_INFO", "version": "$VERSION" } EOF ) # Send registration request RESPONSE=$(curl -fsSL -X POST "${API_URL}/v1/agent/register-server" \ -H "Content-Type: application/json" \ -d "$REGISTER_DATA" 2>&1) || { log_error "Failed to register server" echo "$RESPONSE" log_warn "You can manually register later with: tarpit-pro init --token \"$INIT_TOKEN\"" return 1 } # Parse response SERVER_ID=$(echo "$RESPONSE" | grep -o '"server_id":"[^"]*"' | cut -d'"' -f4 || echo "") AGENT_TOKEN=$(echo "$RESPONSE" | grep -o '"token":"[^"]*"' | cut -d'"' -f4 || echo "") TIER=$(echo "$RESPONSE" | grep -o '"tier":"[^"]*"' | cut -d'"' -f4 || echo "free") if [[ -z "$SERVER_ID" ]] || [[ -z "$AGENT_TOKEN" ]]; then log_error "Invalid response from server" echo "$RESPONSE" return 1 fi # Update configuration with token CONFIG_FILE="${CONFIG_DIR}/config.yaml" if [[ -f "$CONFIG_FILE" ]]; then # Update existing config sed -i.bak "s/^ enabled: false/ enabled: true/" "$CONFIG_FILE" 2>/dev/null || true # Add token if not present if ! grep -q "token:" "$CONFIG_FILE"; then sed -i.bak "/api_url:/a\\ token: $AGENT_TOKEN" "$CONFIG_FILE" 2>/dev/null || { # Fallback: append to cloud section echo " token: $AGENT_TOKEN" >> "$CONFIG_FILE" } else sed -i.bak "s/^ token:.*/ token: $AGENT_TOKEN/" "$CONFIG_FILE" 2>/dev/null || true fi rm -f "${CONFIG_FILE}.bak" 2>/dev/null || true fi log_success "Server registered successfully!" log_info "Server ID: $SERVER_ID" log_info "Tier: $TIER" } # Start the service start_service() { if [[ "$OS" == "linux" ]] && command -v systemctl &> /dev/null; then log_info "Starting TarPit.pro service..." systemctl enable tarpit-pro systemctl start tarpit-pro sleep 2 if systemctl is-active --quiet tarpit-pro; then log_success "Service started successfully" else log_error "Service failed to start. Check logs with: journalctl -u tarpit-pro -f" fi elif [[ "$OS" == "darwin" ]]; then log_info "Starting TarPit.pro service..." launchctl load /Library/LaunchDaemons/pro.tarpit.agent.plist 2>/dev/null || true log_success "Service started" else log_warn "Please start the service manually: tarpit-pro start" fi } # Print success message print_success() { echo "" echo -e "${GREEN}╔══════════════════════════════════════════════════════════════╗${NC}" echo -e "${GREEN}║ ║${NC}" echo -e "${GREEN}║ TarPit.pro installed successfully! ║${NC}" echo -e "${GREEN}║ ║${NC}" echo -e "${GREEN}╚══════════════════════════════════════════════════════════════╝${NC}" echo "" echo -e "Binary: ${BLUE}${INSTALL_DIR}/${BINARY_NAME}${NC}" echo -e "Config: ${BLUE}${CONFIG_DIR}/config.yaml${NC}" echo -e "Logs: ${BLUE}${LOG_DIR}/${NC}" echo -e "Version: ${BLUE}${VERSION}${NC}" echo "" if [[ -n "$INIT_TOKEN" ]] && [[ -n "$SERVER_ID" ]]; then echo -e "Server ID: ${GREEN}${SERVER_ID}${NC}" echo -e "Tier: ${GREEN}${TIER}${NC}" echo "" fi echo "Useful commands:" echo -e " ${BLUE}tarpit-pro status${NC} - Check status" echo -e " ${BLUE}tarpit-pro port list${NC} - List monitored ports" echo -e " ${BLUE}tarpit-pro attacks list${NC} - View recent attacks" echo "" if [[ -z "$INIT_TOKEN" ]]; then echo -e "${YELLOW}Note: This server is not connected to TarPit.pro cloud.${NC}" echo -e "To enable cloud features, run: ${BLUE}tarpit-pro init --token ${NC}" echo "" fi echo "Documentation: https://tarpit.pro/docs" echo "Support: https://tarpit.pro/support" } # Main installation flow main() { echo "" echo -e "${BLUE}╔══════════════════════════════════════════════════════════════╗${NC}" echo -e "${BLUE}║ ║${NC}" echo -e "${BLUE}║ TarPit.pro Installation Script ║${NC}" echo -e "${BLUE}║ \"Waste Their Time, Protect Yours\" ║${NC}" echo -e "${BLUE}║ ║${NC}" echo -e "${BLUE}╚══════════════════════════════════════════════════════════════╝${NC}" echo "" check_root detect_platform get_download_url check_existing install_binary create_directories create_config if [[ "$OS" == "linux" ]]; then install_service_linux elif [[ "$OS" == "darwin" ]]; then install_service_darwin fi # Register server if token provided if [[ -n "$INIT_TOKEN" ]]; then register_server fi # Start service if registration was successful or no token needed if [[ -z "$INIT_TOKEN" ]] || [[ -n "$SERVER_ID" ]]; then start_service fi print_success } # Run main main "$@"