From 0d8c0e1fa669d74b9c14c15a6ab225dc47bc7786 Mon Sep 17 00:00:00 2001
From: Josh Brower <Josh@Defensivedepth.com>
Date: Thu, 28 May 2020 16:27:18 -0400
Subject: [PATCH] Fleet standalone fixes

---
 setup/so-functions | 28 ++++++++++++++++++++++++++++
 setup/so-setup     | 11 +++++++++--
 setup/so-whiptail  | 32 ++++++++++++++++++++++++++++++++
 3 files changed, 69 insertions(+), 2 deletions(-)

diff --git a/setup/so-functions b/setup/so-functions
index 612b0147b..462d3b64c 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -246,6 +246,10 @@ check_soremote_pass() {
 	check_pass_match "$SOREMOTEPASS1" "$SOREMOTEPASS2" "SCMATCH"
 }
 
+check_fleet_node_pass() {
+	check_pass_match "$FLEETNODEPASSWD1" "$FLEETNODEPASSWD2" "fpMATCH"
+}
+
 check_web_pass() {
 	check_pass_match "$WEBPASSWD1" "$WEBPASSWD2" "WPMATCH"
 }
@@ -283,6 +287,30 @@ collect_adminuser_inputs() {
 	done
 }
 
+collect_fleetuser_inputs() {
+	# Get a username & password for the Fleet admin user
+	local valid_user=no
+	while [[ $valid_user != yes ]]; do
+		whiptail_create_fleet_node_user		
+		if so-user valemail "$FLEETNODEUSER" >> "$setup_log" 2>&1; then
+			valid_user=yes
+		else
+			whiptail_invalid_user_warning
+		fi
+	done
+
+	FPMATCH=no
+	while [[ $FPMATCH != yes ]]; do
+		whiptail_create_fleet_node_user_password1
+		if echo "$FLEETNODEPASSWD1" | so-user valpass >> "$setup_log" 2>&1; then
+			whiptail_create_fleet_node_user_password2
+			check_fleet_node_pass
+		else
+			whiptail_invalid_pass_warning
+		fi
+	done
+}
+
 
 collect_webuser_inputs() {
 	# Get a password for the web admin user
diff --git a/setup/so-setup b/setup/so-setup
index fc934e8a3..69f46184d 100755
--- a/setup/so-setup
+++ b/setup/so-setup
@@ -481,9 +481,16 @@ fi
 
 		set_progress_str 73 "$(print_salt_state_apply 'redis')"
 		salt-call state.apply -l info redis >> $setup_log 2>&1
+	
+		if [ "$install_type" = 'FLEET' ]; then
+			collect_fleetuser_inputs
+			set_progress_str 74 "$(print_salt_state_apply 'so-fleet-setup')"	
+			so-fleet-setup $FLEETNODEUSER $FLEETNODEPASSWD1 >> $setup_log 2>&1
+		else
+			set_progress_str 74 "$(print_salt_state_apply 'so-fleet-setup')"	
+			so-fleet-setup $WEBUSER $WEBPASSWD1 >> $setup_log 2>&1
+		fi
 
-		set_progress_str 74 "$(print_salt_state_apply 'so-fleet-setup')"		
-		so-fleet-setup $WEBUSER $WEBPASSWD1 >> $setup_log 2>&1
 	fi
 
 	if [[ "$WAZUH" = 1 ]]; then
diff --git a/setup/so-whiptail b/setup/so-whiptail
index 31a0c05ec..e9f691b55 100755
--- a/setup/so-whiptail
+++ b/setup/so-whiptail
@@ -165,6 +165,38 @@ whiptail_create_admin_user_password2() {
 
 }
 
+whiptail_create_fleet_node_user() {
+
+	[ -n "$TESTING" ] && return
+
+	FLEETNODEUSER=$(whiptail --title "Security Onion Install" --inputbox \
+	"Please enter an email as the username for the Fleet admin user." 10 60 3>&1 1>&2 2>&3)
+
+}
+
+whiptail_create_fleet_node_user_password1() {
+
+	[ -n "$TESTING" ] && return
+
+	FLEETNODEPASS1=$(whiptail --title "Security Onion Install" --passwordbox \
+	"Enter a password for $FLEETNODEUSER" 10 60 3>&1 1>&2 2>&3)
+
+	local exitstatus=$?
+	whiptail_check_exitstatus $exitstatus
+}
+
+whiptail_create_fleet_node_user_password2() {
+
+	[ -n "$TESTING" ] && return
+
+	FLEETNODEPASS2=$(whiptail --title "Security Onion Install" --passwordbox \
+	"Re-enter a password for $FLEETNODEUSER" 10 60 3>&1 1>&2 2>&3)
+
+	local exitstatus=$?
+	whiptail_check_exitstatus $exitstatus
+
+}
+
 whiptail_create_soremote_user() {
 
 	[ -n "$TESTING" ] && return