Add systemd units for suricata-update

ctxis · Mar 6, 2019 · 7fb0c79 · 7fb0c79
1 parent d983c80
commit 7fb0c79
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 0 deletions.
diff --git a/requirements.txt b/requirements.txt
@@ -50,3 +50,4 @@ xmltodict
 pyyaml
 pyelftools
 gunicorn
+suricata-update
diff --git a/systemd/README.md b/systemd/README.md
@@ -51,12 +51,20 @@ These files help run all the various parts of CAPE as systemd services, so that
 
     ```bash
     sudo cp /opt/CAPE/systemd/*.service /opt/systemd/system
+    sudo cp /opt/CAPE/systemd/*.timer /opt/systemd/system
     sudo sudo systemctl daemon-reload
+    sudo systemctl enable suricata-update.service
+    sudo systemctl enable suricata-update.timer
+    sudo systemctl enable cuckoo-rooter.service
+    sudo systemctl enable cuckoo-processor.service
+    sudo systemctl enable cuckoo.service
+    sudo systemctl enable cuckoo-wsgi.service
     ```
 
 10. Start the services for the first time
 
     ```bash
+    sudo service suricata-update start
     sudo service cuckoo-rooter start
     sudo service cuckoo-processor start
     sudo service cuckoo start

diff --git a/systemd/suricata-update.service b/systemd/suricata-update.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=suricata-update
+
+[Service]
+User=root
+Group=root
+Type=oneshot
+ExecStart=/opt/CAPE/venv/bin/suricata-update
+
+[Install]
+WantedBy=multi-user.target
diff --git a/systemd/suricata-update.timer b/systemd/suricata-update.timer
@@ -0,0 +1,10 @@
+[Unit]
+Description=Run suricata-update hourly and at boot
+
+[Timer]
+OnBootSec=15min
+OnUnitActiveSec=1h
+unit=suricata-update.service
+
+[Install]
+WantedBy=timers.target