Cloud C2 on Alpine Linux

I recently purchased some products from Hak5, some of which integrate with their self-hosted service for monitoring your equipment called the Cloud C2. I decided to run it on one of my servers which runs one of my favourite Linux distributions, Alpine Linux.

You have the option to purchase the community edition for free from their shop, after which you'll receive a product registration code via email. This email will also contain a link to download the Cloud C2 software, which are distributed as (mostly) statically linked go binaries for several platforms all bundled together in a zip folder.

One of the interesting thing I found was that despite my server being 64-bit x86, c2_community-linux-64 wouldn't work on Alpine Linux. It's dynamically linked to /lib64/, which doesn't exist on musl libc machines. The c2_community-linux-32 binary is completely statically linked however, so it runs fine.

Their website provides a small tutorial for installing C2 on a systemd-based system, unfortunately it doesn't help me since Alpine uses the OpenRC init system.

It's possible to run cloudc2 in something like a tmux session, which would work, except it provides no way to reliably restart the service should it go down, and no way to integrate it with the rest of the init system.

To remedy this I wrote an OpenRC script and config file, which I've put on github here. I've decided to place the cloudc2 binary in /opt/cloudc2 because it's not controlled by the package manager, with the logs at /var/log/cloudc2.log, and the database at /var/opt/cloudc2.db.

The repository contains a readme which goes over how to install the files and configure your instance. Here's the gist:

  • Download and extract the Cloud C2 zip file
  • Create a new folder called /opt/cloudc2
  • Copy c2_community-linux-32 into /opt/cloudc2
  • Copy <repo>/init.d/cloudc2 into your system's /etc/init.d/
  • Copy <repo>/conf.d/cloudc2 into your system's /etc/conf.d/
  • Edit /etc/conf.d/cloudc2 and fill out the variables as desired

    • NOTE: You must fill out C2_HOSTNAME or the service will fail to launch
    • If you want to place Cloud C2 behind a reverse proxy, you'll have to fill out the C2_OPT variable with the correct options

      C2_OPTS="-reverseProxy -reverseProxyPort XXX"

      Where XXX is the port that the reverse proxy will be serving on.

  • Start the daemon using

    rc-service cloudc2 start
  • Enable it at boot

    rc-update add cloudc2
  • Check /var/log/cloud2c.log for your installation token (it may take a minute for it to appear)
  • Open the web UI and fill out the installation token from the previous step, and your registration code from the email
  • Done!

After that Cloud 2C should restart if it crashed, courtesy of supervise-daemon, and launch at boot.