diff --git a/salt/common/tools/sbin_jinja/so-desktop-install b/salt/common/tools/sbin_jinja/so-desktop-install index 448421f8e..6275bb3b6 100755 --- a/salt/common/tools/sbin_jinja/so-desktop-install +++ b/salt/common/tools/sbin_jinja/so-desktop-install @@ -5,15 +5,15 @@ # https://securityonion.net/license; you may not use this file except in compliance with the # Elastic License 2.0. +source /usr/sbin/so-common +doc_desktop_url="$DOC_BASE_URL/desktop.html" -{# we only want the script to install the desktop if it is Rocky -#} -{% if grains.os == 'Rocky' -%} +{# we only want the script to install the desktop if it is OEL -#} +{% if grains.os == 'OEL' -%} {# if this is a manager -#} {% if grains.master == grains.id.split('_')|first -%} -source /usr/sbin/so-common -doc_desktop_url="$DOC_BASE_URL/desktop.html" -pillar_file="/opt/so/saltstack/local/pillar/minions/{{grains.id}}.sls" +pillar_file="/opt/so/saltstack/local/pillar/minions/adv_{{grains.id}}.sls" if [ -f "$pillar_file" ]; then if ! grep -q "^desktop:$" "$pillar_file"; then @@ -65,7 +65,7 @@ if [ -f "$pillar_file" ]; then fi else # desktop is already added echo "The desktop pillar already exists in $pillar_file." - echo "To enable/disable the gui, set 'desktop:gui:enabled' to true or false in $pillar_file." + echo "To enable/disable the gui, set 'desktop:gui:enabled' to true or false in $pillar_file. Alternatively, this can be set in the SOC UI under advanced." echo "Additional documentation can be found at $doc_desktop_url." fi else # if the pillar file doesn't exist @@ -75,17 +75,22 @@ fi {#- if this is not a manager #} {% else -%} -echo "Since this is not a manager, the pillar values to enable Security Onion Desktop must be set manually. Please view the documentation at $doc_desktop_url." +echo "Since this is not a manager, the pillar values to enable Security Onion Desktop must be set manually. This can be enabled in the SOC UI under advanced by adding the following:" +echo "desktop:" +echo " gui:" +echo " enabled: true" +echo "" +echo "Please view the documentation at $doc_desktop_url." {#- endif if this is a manager #} {% endif -%} -{#- if not Rocky #} +{#- if not OEL #} {%- else %} -echo "The Security Onion Desktop can only be installed on Rocky Linux. Please view the documentation at $doc_desktop_url." +echo "The Security Onion Desktop can only be installed on Oracle Linux. Please view the documentation at $doc_desktop_url." -{#- endif grains.os == Rocky #} +{#- endif grains.os == OEL #} {% endif -%} exit 0 diff --git a/salt/desktop/packages.sls b/salt/desktop/packages.sls index 5c0121e7b..524c2c266 100644 --- a/salt/desktop/packages.sls +++ b/salt/desktop/packages.sls @@ -3,7 +3,6 @@ {# we only want this state to run it is CentOS #} {% if GLOBALS.os == 'OEL' %} - desktop_packages: pkg.installed: - pkgs: diff --git a/salt/desktop/trusted-ca.sls b/salt/desktop/trusted-ca.sls index b9bde5ae5..87fc70ef9 100644 --- a/salt/desktop/trusted-ca.sls +++ b/salt/desktop/trusted-ca.sls @@ -31,6 +31,6 @@ update_ca_certs: desktop_trusted-ca_os_fail: test.fail_without_changes: - - comment: 'SO Desktop can only be installed on CentOS' + - comment: 'SO Desktop can only be installed on Oracle Linux' {% endif %} diff --git a/salt/firewall/defaults.yaml b/salt/firewall/defaults.yaml index 9b8325a34..ff127c419 100644 --- a/salt/firewall/defaults.yaml +++ b/salt/firewall/defaults.yaml @@ -20,13 +20,12 @@ firewall: managersearch: [] receiver: [] searchnode: [] - securityonion_desktop: [] self: [] sensor: [] standalone: [] strelka_frontend: [] syslog: [] - workstation: [] + desktop: [] customhostgroup0: [] customhostgroup1: [] customhostgroup2: [] @@ -462,7 +461,7 @@ firewall: endgame: portgroups: - endgame - workstation: + desktop: portgroups: - yum customhostgroup0: @@ -514,7 +513,7 @@ firewall: receiver: portgroups: - salt_manager - workstation: + desktop: portgroups: - salt_manager self: @@ -650,7 +649,7 @@ firewall: endgame: portgroups: - endgame - workstation: + desktop: portgroups: - yum customhostgroup0: @@ -702,7 +701,7 @@ firewall: receiver: portgroups: - salt_manager - workstation: + desktop: portgroups: - salt_manager self: @@ -846,7 +845,7 @@ firewall: strelka_frontend: portgroups: - strelka_frontend - workstation: + desktop: portgroups: - yum customhostgroup0: @@ -901,7 +900,7 @@ firewall: receiver: portgroups: - salt_manager - workstation: + desktop: portgroups: - salt_manager self: @@ -1200,7 +1199,7 @@ firewall: analyst: portgroups: - nginx - workstation: + desktop: portgroups: - yum customhostgroup0: diff --git a/salt/firewall/soc_firewall.yaml b/salt/firewall/soc_firewall.yaml index 8f8dbb69d..209484b6e 100644 --- a/salt/firewall/soc_firewall.yaml +++ b/salt/firewall/soc_firewall.yaml @@ -39,13 +39,12 @@ firewall: managersearch: *hostgroupsettings receiver: *hostgroupsettings searchnode: *hostgroupsettings - securityonion_desktop: *hostgroupsettings self: *ROhostgroupsettingsadv sensor: *hostgroupsettings standalone: *hostgroupsettings strelka_frontend: *hostgroupsettings syslog: *hostgroupsettings - workstation: *hostgroupsettings + desktop: *hostgroupsettings customhostgroup0: &customhostgroupsettings description: List of IP or CIDR blocks to allow to this hostgroup. forcedType: "[]string" @@ -216,7 +215,7 @@ firewall: portgroups: *portgroupsdocker analyst: portgroups: *portgroupsdocker - workstation: + desktop: portgroups: *portgroupsdocker customhostgroup0: portgroups: *portgroupsdocker @@ -366,7 +365,7 @@ firewall: portgroups: *portgroupsdocker analyst: portgroups: *portgroupsdocker - workstation: + desktop: portgroups: *portgroupsdocker customhostgroup0: portgroups: *portgroupsdocker @@ -404,7 +403,7 @@ firewall: portgroups: *portgroupshost heavynode: portgroups: *portgroupshost - workstation: + desktop: portgroups: *portgroupshost customhostgroup0: portgroups: *portgroupshost @@ -457,7 +456,7 @@ firewall: portgroups: *portgroupsdocker analyst: portgroups: *portgroupsdocker - workstation: + desktop: portgroups: *portgroupsdocker customhostgroup0: portgroups: *portgroupsdocker @@ -495,7 +494,7 @@ firewall: portgroups: *portgroupshost heavynode: portgroups: *portgroupshost - workstation: + desktop: portgroups: *portgroupshost customhostgroup0: portgroups: *portgroupshost @@ -554,7 +553,7 @@ firewall: portgroups: *portgroupsdocker analyst: portgroups: *portgroupsdocker - workstation: + desktop: portgroups: *portgroupsdocker customhostgroup0: portgroups: *portgroupsdocker @@ -596,7 +595,7 @@ firewall: portgroups: *portgroupshost heavynode: portgroups: *portgroupshost - workstation: + desktop: portgroups: *portgroupshost customhostgroup0: portgroups: *portgroupshost @@ -822,7 +821,7 @@ firewall: portgroups: *portgroupsdocker analyst: portgroups: *portgroupsdocker - workstation: + desktop: portgroups: *portgroupsdocker customhostgroup0: portgroups: *portgroupsdocker diff --git a/salt/manager/tools/sbin/so-firewall-minion b/salt/manager/tools/sbin/so-firewall-minion index d3bbb3eeb..66a0afcea 100755 --- a/salt/manager/tools/sbin/so-firewall-minion +++ b/salt/manager/tools/sbin/so-firewall-minion @@ -79,7 +79,7 @@ fi 'RECEIVER') so-firewall includehost receiver "$IP" --apply ;; - 'WORKSTATION') - so-firewall includehost workstation "$IP" --apply + 'DESKTOP') + so-firewall includehost desktop "$IP" --apply ;; esac diff --git a/salt/top.sls b/salt/top.sls index bc51c2db1..2323731a1 100644 --- a/salt/top.sls +++ b/salt/top.sls @@ -277,10 +277,10 @@ base: - schedule - docker_clean - 'J@desktop:gui:enabled:^[Tt][Rr][Uu][Ee]$ and ( G@saltversion:{{saltversion}} and G@os:Rocky )': + 'J@desktop:gui:enabled:^[Tt][Rr][Uu][Ee]$ and ( G@saltversion:{{saltversion}} and G@os:OEL )': - match: compound - desktop - 'J@desktop:gui:enabled:^[Ff][Aa][Ll][Ss][Ee]$ and ( G@saltversion:{{saltversion}} and G@os:Rocky )': + 'J@desktop:gui:enabled:^[Ff][Aa][Ll][Ss][Ee]$ and ( G@saltversion:{{saltversion}} and G@os:OEL )': - match: compound - desktop.remove_gui diff --git a/setup/so-functions b/setup/so-functions index 0f73a11a6..d138d97df 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -117,7 +117,7 @@ desktop_pillar() { " mainint: '$MNIC'"\ "desktop:"\ " gui:"\ - " enabled: true" >> "$pillar_file"\ + " enabled: true"\ "sensoroni:"\ " config:"\ " node_description: '${NODE_DESCRIPTION//\'/''}'" > $pillar_file