[IntelMQ-dev] Intelmq + intelmq-manager from package distribution + own bots & confs

Tue Mar 9 14:59:34 CET 2021

Hi Mika,

I'll try to response to both e-mails here. If I missed an aspect of the
question(s), please forgive me :)

I see some options:

* Bring your code upstream (if'd like to get advice on that, let us
know). Install the upstream version.
or
* Maintain your fork: Clone the certtools/intelmq Repo, using either
master or maintenance branch as base. Add your non-publishable code
there. Merge from upstream when a new version is ready. Install with
`pip3 install -e path`.
or
* Do it manually, similar to how Intevation does it for the
certbund-contact:
https://github.com/Intevation/intelmq-certbund-contact/ (look at the
postinst file in debian/):
  * Install the bots in the right place. That can be done with creating
your own setup.py, which maps the executables to the modules, and
installs the modules with the same directory structure as the upstream
IntelMQ.
  * Add your bots to BOTS, so that they are visible in the IntelMQ Manager

You can have a look at https://github.com/jhemp/intelmq-tools but I
don't know it's status and about the compatibility with 2.3.0 and 3.0.0

In IntelMQ 3.0 / the develop branch it's a bit easier, as you don't need
to hassle with BOTS (once #1751 is merged). You still need to create the
Python modules. As always, contributions are welcome :)

kind regards
Sebastian

#1751: https://github.com/certtools/intelmq/pull/1751

On 3/9/21 9:18 AM, Mika Silander wrote:
> Hi Bernhard,
>
>  Thanks for the advice. I also thought 2.3.0 may be a safer choice for me at the time being but I wanted to hear yours and Sebastian's opinions on this first. Still, my small problem remains: how to add my own bots and libraries to the production setup installed from the package management (in this case Ubuntu 20.04). I suppose there are again several bad ways of achieving this and a few good ones. Conf files are easy but having my own bots and libraries in use alongside the ones coming from package management e.g. subdirectories /usr/bin/ , /usr/lib/python3/dist-packages etc is a bit more complicated. I'd like to find an easy solution for this. The elegant (but tedious) option
> would be to include my bots and libraries into the process generating the intelmq packages but at the moment it feels like overkill. Anyway, happy to hear suggestions and ideas related to this.
>
> Best regards, Mika
On 3/8/21 2:13 PM, Mika Silander wrote:
> Hi Sebastian,
>
>  If it is not too much trouble, I'd like to hear the answer for both 2.3.0 and 3.0.0 alpha.
> A lot of effort has gone into my development, time flies, and I'd need to find an installation
> path to a reasonably stable production system for us. If you have to choose between the
> above two versions, provide the answer for stabler one, please.
>
> Best regards, Mika 
>
>
> ----- Original Message -----
> From: "Sebastian Wagner" <wagner at cert.at>
> To: "Mika Silander" <mika.silander at csc.fi>, "intelmq-dev" <intelmq-dev at lists.cert.at>
> Sent: Monday, 8 March, 2021 15:07:13
> Subject: Re: [IntelMQ-dev] Intelmq + intelmq-manager from package distribution + own bots & confs
>
> Hi,
>
> On 3/8/21 1:59 PM, Mika Silander wrote:
>>  Sorry to bother again with something which is probably evident. Now that 3.0.0 is out I'd like
> As it has an impact on the answer: Do you mean 2.3.0 or 3.0.0 alpha
> (develop branch)?
>
> Sebastian
>
-- 
// Sebastian Wagner <wagner at cert.at> - T: +43 1 5056416 7201
// CERT Austria - https://www.cert.at/
// Eine Initiative der nic.at GmbH - https://www.nic.at/
// Firmenbuchnummer 172568b, LG Salzburg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/intelmq-dev/attachments/20210309/86e2cdd3/attachment-0001.sig>