Initial support - integrated Fleet setup

salt/common/tools/sbin/so-fleet-setup

@@ -2,24 +2,24 @@
 {% set MAIN_HOSTNAME = salt['grains.get']('host') %}
 {% set MAIN_IP = salt['pillar.get']('node:mainip') %}
 
-#so-fleet-setup.sh $FleetEmail
+#so-fleet-setup.sh $FleetEmail $FleetPassword 
 
-# Enable Fleet
+if [[ $# -ne 2 ]] ; then
-echo "Starting Docker Containers..."
+      echo "Username or Password was not set - exiting now."
-salt-call state.apply mysql queue=True >> /root/fleet-setup.log
+      exit 1
-salt-call state.apply fleet queue=True >> /root/fleet-setup.log
-salt-call state.apply redis queue=True >> /root/fleet-setup.log
-
-if [ ! "$(docker ps -q -f name=so-fleet)" ]; then
-        echo "so-fleet container not running... Exiting..."
-        exit 1
 fi
 
-initpw=$(date +%s | sha256sum | base64 | head -c 16 ; echo)
+# Checking to see if required containers are started...
+if [ ! "$(docker ps -q -f name=so-fleet)" ]; then
+        echo "Starting Docker Containers..."
+        salt-call state.apply mysql queue=True >> /root/fleet-setup.log
+        salt-call state.apply fleet queue=True >> /root/fleet-setup.log
+        salt-call state.apply redis queue=True >> /root/fleet-setup.log
+fi
 
 docker exec so-fleet /bin/ash -c "echo {{ MAIN_IP }} {{ MAIN_HOSTNAME }} >>  /etc/hosts"
 docker exec so-fleet fleetctl config set --address https://{{ MAIN_HOSTNAME }}:443 --tls-skip-verify --url-prefix /fleet
-docker exec so-fleet fleetctl setup --email $1 --password $initpw
+docker exec so-fleet fleetctl setup --email $1 --password $2
 
 docker exec so-fleet fleetctl apply -f /packs/palantir/Fleet/Endpoints/MacOS/osquery.yaml
 docker exec so-fleet fleetctl apply -f /packs/palantir/Fleet/Endpoints/Windows/osquery.yaml
@@ -45,4 +45,4 @@ docker stop so-nginx
 salt-call state.apply nginx queue=True >> /root/fleet-setup.log
 
 echo "Fleet Setup Complete - Login here: https://{{ MAIN_HOSTNAME }}"
-echo "Your username is $2 and your password is $initpw"
+echo "Your username is $1 and your password is $2"

salt/fleet/event_gen-packages.sls

@@ -1,6 +1,7 @@
 {% set MASTER = salt['grains.get']('master') %}
 {% set ENROLLSECRET = salt['pillar.get']('secrets:fleet_enroll-secret') %}
 {% set CURRENTPACKAGEVERSION = salt['pillar.get']('static:fleet_packages-version') %}
+{% set VERSION = salt['pillar.get']('static:soversion') %}
 
 so/fleet:
   event.send:
@@ -12,4 +13,5 @@ so/fleet:
         enroll-secret: {{ ENROLLSECRET }}
         current-package-version: {{ CURRENTPACKAGEVERSION }}
         master: {{ MASTER }}
+        version: {{ VERSION }}
         

salt/fleet/files/scripts/so-fleet-packages

@@ -1,33 +0,0 @@
-#!/bin/bash
-{% set MAIN_HOSTNAME = salt['grains.get']('host') %}
-{% set MAIN_IP = salt['pillar.get']('node:mainip') %}
-
-
-#so-fleet-packages $FleetHostname/IP 
-
-#if [ ! "$(docker ps -q -f name=so-fleet)" ]; then
-#        echo "so-fleet container not running... Exiting..."
-#        exit 1
-#fi
-
-#docker exec so-fleet /bin/ash -c "echo {{ MAIN_IP }} {{ MAIN_HOSTNAME }} >>  /etc/hosts"
-#esecret=$(docker exec so-fleet fleetctl get enroll-secret)
-
-#Concat fleet.crt & ca.crt  - this is required for launcher connectivity
-#cat /etc/pki/fleet.crt /etc/pki/ca.crt > /etc/pki/launcher.crt
-#Actually only need to use /etc/ssl/certs/intca.crt
-
-#Create the output directory
-#mkdir /opt/so/conf/fleet/packages
-
-docker run \
-  --rm \
-  --mount type=bind,source=/opt/so/conf/fleet/packages,target=/output \
-  --mount type=bind,source=/etc/ssl/certs/intca.crt,target=/var/launcher/launcher.crt \
-  docker.io/soshybridhunter/so-fleet-launcher:HH1.1.0 "$esecret" "$1":8090
-
-cp /opt/so/conf/fleet/packages/launcher.* /opt/so/saltstack/salt/launcher/packages/
-
-#Update timestamp on packages webpage
-sed -i "s@.*Generated.*@Generated: $(date '+%m%d%Y')@g" /opt/so/conf/fleet/packages/index.html
-sed -i "s@.*Generated.*@Generated: $(date '+%m%d%Y')@g" /opt/so/saltstack/salt/fleet/files/dedicated-index.html

salt/fleet/init.sls

@@ -16,14 +16,6 @@
 include:
   - mysql
 
-#{% if grains.id.split('_')|last in ['master', 'eval', 'fleet'] %}
-#so/fleet:
-#  event.send:
-#    - data:
-#        action: 'enablefleet'
-#        hostname: {{ grains.host }}
-#{% endif %}
-
 # Fleet Setup
 fleetcdir:
   file.directory:
@@ -67,15 +59,6 @@ fleetlogdir:
     - group: 939
     - makedirs: True
 
-fleetsetupscripts:
-  file.recurse:
-    - name: /usr/sbin
-    - user: 0
-    - group: 0
-    - file_mode: 755
-    - template: jinja
-    - source: salt://fleet/files/scripts
-
 osquerypackageswebpage:
   file.managed:
     - name: /opt/so/conf/fleet/packages/index.html

salt/reactor/fleet.sls

@@ -13,11 +13,12 @@ def run():
   ROLE = data['data']['role']
   ESECRET = data['data']['enroll-secret']
   MAINIP = data['data']['mainip']
+  VERSION = data['data']['version']
 
   STATICFILE = '/opt/so/saltstack/pillar/static.sls'
   SECRETSFILE = '/opt/so/saltstack/pillar/secrets.sls'
 
-  if MINIONID.split('_')[-1] in ['master','eval','fleet','mastersearch']:
+  if MINIONID.split('_')[-1] in ['master','eval','fleet','mastersearch','standalone']:
     if ACTION == 'enablefleet':
       logging.info('so/fleet enablefleet reactor')
 
@@ -55,7 +56,7 @@ def run():
 
       # Run Docker container that will build the packages
       gen_packages = subprocess.run(["docker", "run","--rm", "--mount", "type=bind,source=/opt/so/saltstack/salt/fleet/packages,target=/output", \
-         "--mount", "type=bind,source=/etc/ssl/certs/intca.crt,target=/var/launcher/launcher.crt", f"{ MASTER }:5000/soshybridhunter/so-fleet-launcher:HH1.3.0", \
+         "--mount", "type=bind,source=/etc/ssl/certs/intca.crt,target=/var/launcher/launcher.crt", f"{ MASTER }:5000/soshybridhunter/so-fleet-launcher:{ VERSION }", \
          f"{ESECRET}", f"{HOSTNAME}:8090", f"{PACKAGEVERSION}.1.1"], stdout=subprocess.PIPE, encoding='ascii')  
       
       # Update the 'packages-built' timestamp on the webpage (stored in the static pillar)

setup/so-setup

@@ -473,11 +473,17 @@ fi
 	fi
 	
 	if [[ "$OSQUERY" = 1 ]]; then
+		set_progress_str 73 "$(print_salt_state_apply 'mysql')"
+		salt-call state.apply -l info mysql >> $setup_log 2>&1
+
 		set_progress_str 73 "$(print_salt_state_apply 'fleet')"
 		salt-call state.apply -l info fleet >> $setup_log 2>&1
 
-		set_progress_str 74 "$(print_salt_state_apply 'redis')"
+		set_progress_str 73 "$(print_salt_state_apply 'redis')"
 		salt-call state.apply -l info redis >> $setup_log 2>&1
+
+		set_progress_str 74 "$(print_salt_state_apply 'so-fleet-setup')"		
+		so-fleet-setup $WEBUSER $WEBPASSWD1 >> $setup_log 2>&1
 	fi
 
 	if [[ "$WAZUH" = 1 ]]; then