marco/ids.alfacom.it
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
24b907e17b
ids.alfacom.it/GUIDA_INSTALLAZIONE.md
marco370 f356181ada Add comprehensive installation and configuration guides for the IDS system 
Create detailed Markdown documentation for IDS installation, including quick start, step-by-step, and configuration details.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 7a657272-55ba-4a79-9a2e-f1ed9bc7a528
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Event-Id: e8ff5164-9660-4159-93ac-0d6cae981bb0
Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/449cf7c4-c97a-45ae-8234-e5c5b8d6a84f/7a657272-55ba-4a79-9a2e-f1ed9bc7a528/c9ITWqD
2025-11-17 15:19:13 +00:00

285 lines
6.1 KiB
Markdown
Raw Blame History

# 🚀 IDS - Guida Rapida Installazione
Installazione completa sistema IDS su AlmaLinux 9 con aggiornamenti da git.alfacom.it
---
## 📖 Documenti Disponibili
1. **`deployment/INSTALLAZIONE_STEP_BY_STEP.md`** ← **SEGUI QUESTA GUIDA**
- 📋 Guida completa passo-passo
- ✅ 25 step con comandi esatti
- 🔍 Checklist completa
- 🐛 Troubleshooting
2. **`deployment/COMANDI_RAPIDI.md`**
- ⚡ Riferimento veloce comandi
- 🔄 Operazioni comuni
- 📊 Monitoring e debug
3. **`deployment/README_DEPLOYMENT.md`**
- 📚 Documentazione tecnica completa
- 🏗️ Architettura sistema
- ⚙️ Configurazione avanzata
4. **`deployment/CONFIGURAZIONE_ROUTER_MIKROTIK.md`**
- 📡 Setup router MikroTik
- 🔧 Configurazione syslog
- ✅ Verifica connessione
---
## ⚡ Quick Start (3 minuti)
### 1. Prerequisiti
- ✅ Server AlmaLinux 9
- ✅ Accesso root SSH
- ✅ Credenziali git.alfacom.it (username + token)
### 2. Installazione Base
```bash
# Connetti al server
ssh root@<IP_SERVER>
# Clone repository temporaneo
cd /tmp
git clone https://<USER>:<TOKEN>@git.alfacom.it/<OWNER>/ids.git
cd ids
# Esegui setup
chmod +x deployment/setup_almalinux.sh
./deployment/setup_almalinux.sh
```
### 3. Setup Definitivo
```bash
# Clone in posizione finale
cd /opt/ids
sudo -u ids git clone https://<USER>:<TOKEN>@git.alfacom.it/<OWNER>/ids.git .
# Configura git.env
sudo -u ids cp git.env.example git.env
sudo -u ids nano git.env # Inserisci credenziali git
# Configura .env
sudo -u ids cp .env.example .env
sudo -u ids nano .env # Inserisci password (vedi sotto)
```
### 4. Genera Password Sicure
```bash
# Password database
openssl rand -base64 32
# Session secret
openssl rand -base64 32
# Copia gli output in .env
```
### 5. Installa Dipendenze
```bash
cd /opt/ids
sudo -u ids npm install
cd python_ml && sudo -u ids pip3.11 install -r requirements.txt
cd /opt/ids && sudo -u ids npm run db:push
```
### 6. Configura Syslog e Avvia
```bash
# Syslog per router
./deployment/setup_syslog_server.sh
# Avvia tutto
./deployment/setup_crontab.sh
```
### 7. Verifica
```bash
# Processi attivi
ps aux | grep -E 'python|node|syslog'
# API funzionante
curl http://localhost:8000/health
curl http://localhost:5000
# Dashboard web
http://<IP_SERVER>:5000
```
---
## 🔧 File di Configurazione
### git.env (Credenziali Git)
```bash
GITLAB_USER=tuo-username
GITLAB_TOKEN=glpat-abc123xyz
GITLAB_REPO=https://git.alfacom.it/owner/ids.git
GITLAB_BRANCH=main
```
> **Token**: git.alfacom.it → Settings → Access Tokens
> Permessi: `api`, `read_repository`, `write_repository`
### .env (Secrets Applicazione)
```bash
PGHOST=localhost
PGPORT=5432
PGDATABASE=ids_database
PGUSER=ids_user
PGPASSWORD=<openssl rand -base64 32>
SESSION_SECRET=<openssl rand -base64 32>
VITE_PYTHON_API_URL=http://localhost:8000
NODE_ENV=production
```
> **IMPORTANTE**: `.env` e `git.env` NON vanno su git (sono in `.gitignore`)
---
## 📡 Configurazione Router MikroTik
Su **OGNI router**:
```mikrotik
/system logging action
add name=ids-server target=remote remote=<IP_SERVER> remote-port=514
/system logging
add action=ids-server topics=firewall,info
/ip firewall filter
add chain=forward action=accept log=yes log-prefix="ACCEPT: "
add chain=forward action=drop log=yes log-prefix="DROP: "
```
Verifica log sul server:
```bash
tail -f /var/log/mikrotik/raw.log
```
---
## 🔄 Aggiornamenti da Git
```bash
cd /opt/ids
sudo -u ids ./deployment/update_from_git.sh
```
Questo fa:
1. Backup `.env`
2. `git pull` da git.alfacom.it
3. Ripristina `.env`
4. Aggiorna dipendenze
5. Sync database
6. Restart servizi
---
## 🎯 Primo Training ML
Dopo **24 ore** di raccolta log (almeno 10.000 log):
```bash
# Verifica log raccolti
psql -U ids_user -d ids_database -c "SELECT COUNT(*) FROM network_logs;"
# Training
curl -X POST http://localhost:8000/train \
-H "Content-Type: application/json" \
-d '{"max_records": 10000, "hours_back": 24}'
# Detection (già automatica ogni 5min)
curl -X POST http://localhost:8000/detect \
-H "Content-Type: application/json" \
-d '{"max_records": 5000, "auto_block": true, "risk_threshold": 75}'
```
---
## 📊 Monitoring
### Log Principali
```bash
tail -f /var/log/ids/backend.log # Backend Python
tail -f /var/log/ids/frontend.log # Frontend Node
tail -f /var/log/ids/syslog_parser.log # Parser log router
tail -f /var/log/ids/training.log # Training ML
tail -f /var/log/ids/detect.log # Detection
tail -f /var/log/mikrotik/raw.log # Log router in arrivo
```
### Comandi Utili
```bash
# Restart completo
/opt/ids/deployment/restart_all.sh
# Stato processi
ps aux | grep -E 'python|node|syslog'
# Database
psql -U ids_user -d ids_database
# Crontab
crontab -u ids -l
```
---
## 🐛 Problemi Comuni
| Problema | Soluzione |
|----------|-----------|
| Log non arrivano | `systemctl restart rsyslog` + verifica firewall |
| Database vuoto | Verifica `syslog_parser.py` attivo |
| Backend non risponde | `/opt/ids/deployment/check_backend.sh` |
| Frontend non carica | `/opt/ids/deployment/check_frontend.sh` |
---
## 📚 Documentazione Completa
- **Installazione**: `deployment/INSTALLAZIONE_STEP_BY_STEP.md`
- **Comandi**: `deployment/COMANDI_RAPIDI.md`
- **Deployment**: `deployment/README_DEPLOYMENT.md`
- **Router**: `deployment/CONFIGURAZIONE_ROUTER_MIKROTIK.md`
- **Risposte FAQ**: `RISPOSTA_DEPLOYMENT.md`
---
## ✅ Checklist Rapida
- [ ] Server AlmaLinux 9 pronto
- [ ] `setup_almalinux.sh` eseguito
- [ ] `git.env` configurato
- [ ] `.env` configurato con password sicure
- [ ] Dipendenze installate (`npm install`, `pip install`)
- [ ] Database schema sincronizzato (`npm run db:push`)
- [ ] Syslog configurato (`setup_syslog_server.sh`)
- [ ] Router MikroTik configurati
- [ ] Sistema avviato (`setup_crontab.sh`)
- [ ] Processi attivi (python, node, syslog_parser)
- [ ] API funzionanti (curl localhost:8000/health)
- [ ] Dashboard accessibile (http://IP:5000)
- [ ] Log arrivano (`tail -f /var/log/mikrotik/raw.log`)
- [ ] Database si popola (SELECT COUNT(*) FROM network_logs)
- [ ] Training eseguito (dopo 24h)
---
**Sistema pronto! 🛡️**
Per dettagli: `cat deployment/INSTALLAZIONE_STEP_BY_STEP.md`
Reference in New Issue View Git Blame Copy Permalink