From fd87e7bc1d553dda0e1604e63434707f95ae0e1b Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Tue, 21 Apr 2020 13:01:56 -0400
Subject: [PATCH 1/7] breakout common state -
 https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/587

---
 salt/common/init.sls                          | 363 +-----------------
 salt/docker/init.sls                          |   8 +
 .../dashboards}/eval/eval.json                |   0
 .../dashboards}/master/master.json            |   0
 .../dashboards}/search_nodes/searchnode.json  |   0
 .../dashboards}/sensor_nodes/sensor.json      |   0
 .../grafana/etc/dashboards/dashboard.yml      |   0
 .../grafana/etc/datasources/influxdb.yaml     |   0
 salt/{common => }/grafana/etc/grafana.ini     |   0
 salt/grafana/init.sls                         | 175 +++++++++
 salt/{common => }/influxdb/etc/influxdb.conf  |   0
 salt/influxdb/init.sls                        |  43 +++
 .../nginx => nginx/etc}/nginx.conf.so-eval    |   0
 .../nginx => nginx/etc}/nginx.conf.so-fleet   |   0
 .../etc}/nginx.conf.so-heavynode              |   0
 .../nginx => nginx/etc}/nginx.conf.so-helix   |   0
 .../nginx => nginx/etc}/nginx.conf.so-master  |   0
 .../etc}/nginx.conf.so-mastersearch           |   0
 .../nginx => nginx/etc}/nginx.conf.so-node    |   0
 .../nginx => nginx/etc}/nginx.conf.so-sensor  |   0
 salt/nginx/init.sls                           |  58 +++
 salt/salt/init.sls                            |  25 ++
 salt/{common => }/telegraf/etc/telegraf.conf  |   0
 salt/telegraf/init.sls                        |  70 ++++
 salt/{common => }/telegraf/scripts/broloss.sh |   0
 .../telegraf/scripts/checkfiles.sh            |   0
 .../{common => }/telegraf/scripts/helixeps.sh |   0
 .../telegraf/scripts/influxdbsize.sh          |   0
 salt/{common => }/telegraf/scripts/oldpcap.sh |   0
 salt/{common => }/telegraf/scripts/redis.sh   |   0
 .../telegraf/scripts/stenoloss.sh             |   0
 .../{common => }/telegraf/scripts/suriloss.sh |   0
 salt/top.sls                                  |  29 +-
 33 files changed, 408 insertions(+), 363 deletions(-)
 create mode 100644 salt/docker/init.sls
 rename salt/{common/grafana/grafana_dashboards => grafana/dashboards}/eval/eval.json (100%)
 rename salt/{common/grafana/grafana_dashboards => grafana/dashboards}/master/master.json (100%)
 rename salt/{common/grafana/grafana_dashboards => grafana/dashboards}/search_nodes/searchnode.json (100%)
 rename salt/{common/grafana/grafana_dashboards => grafana/dashboards}/sensor_nodes/sensor.json (100%)
 rename salt/{common => }/grafana/etc/dashboards/dashboard.yml (100%)
 rename salt/{common => }/grafana/etc/datasources/influxdb.yaml (100%)
 rename salt/{common => }/grafana/etc/grafana.ini (100%)
 create mode 100644 salt/grafana/init.sls
 rename salt/{common => }/influxdb/etc/influxdb.conf (100%)
 create mode 100644 salt/influxdb/init.sls
 rename salt/{common/nginx => nginx/etc}/nginx.conf.so-eval (100%)
 rename salt/{common/nginx => nginx/etc}/nginx.conf.so-fleet (100%)
 rename salt/{common/nginx => nginx/etc}/nginx.conf.so-heavynode (100%)
 rename salt/{common/nginx => nginx/etc}/nginx.conf.so-helix (100%)
 rename salt/{common/nginx => nginx/etc}/nginx.conf.so-master (100%)
 rename salt/{common/nginx => nginx/etc}/nginx.conf.so-mastersearch (100%)
 rename salt/{common/nginx => nginx/etc}/nginx.conf.so-node (100%)
 rename salt/{common/nginx => nginx/etc}/nginx.conf.so-sensor (100%)
 create mode 100644 salt/nginx/init.sls
 rename salt/{common => }/telegraf/etc/telegraf.conf (100%)
 create mode 100644 salt/telegraf/init.sls
 rename salt/{common => }/telegraf/scripts/broloss.sh (100%)
 rename salt/{common => }/telegraf/scripts/checkfiles.sh (100%)
 rename salt/{common => }/telegraf/scripts/helixeps.sh (100%)
 rename salt/{common => }/telegraf/scripts/influxdbsize.sh (100%)
 rename salt/{common => }/telegraf/scripts/oldpcap.sh (100%)
 rename salt/{common => }/telegraf/scripts/redis.sh (100%)
 rename salt/{common => }/telegraf/scripts/stenoloss.sh (100%)
 rename salt/{common => }/telegraf/scripts/suriloss.sh (100%)

diff --git a/salt/common/init.sls b/salt/common/init.sls
index df3e1bcc3..e9f5c2dd8 100644
--- a/salt/common/init.sls
+++ b/salt/common/init.sls
@@ -1,8 +1,3 @@
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
-{% set MASTER = salt['grains.get']('master') %}
-{% set GRAFANA = salt['pillar.get']('master:grafana', '0') %}
-{% set FLEETMASTER = salt['pillar.get']('static:fleet_master', False) %}
-{% set FLEETNODE = salt['pillar.get']('static:fleet_node', False) %}
 # Add socore Group
 socoregroup:
   group.present:
@@ -18,34 +13,15 @@ socore:
     - createhome: True
     - shell: /bin/bash
 
-# Create a state directory
-
-statedir:
-  file.directory:
-    - name: /opt/so/state
-    - user: 939
-    - group: 939
-    - makedirs: True
-
-salttmp:
-  file.directory:
-    - name: /opt/so/tmp
-    - user: 939
-    - group: 939
-    - makedirs: True
 
 # Install packages needed for the sensor
-
 sensorpkgs:
   pkg.installed:
     - skip_suggestions: False
     - pkgs:
-      - docker-ce
       - wget
       - jq
       {% if grains['os'] != 'CentOS' %}
-      - python-docker
-      - python-m2crypto
       - apache2-utils
       {% else %}
       - net-tools
@@ -64,7 +40,6 @@ alwaysupdated:
     - skip_suggestions: True
 
 # Set time to UTC
-
 Etc/UTC:
   timezone.system
 
@@ -76,340 +51,4 @@ utilsyncscripts:
     - group: 0
     - file_mode: 755
     - template: jinja
-    - source: salt://common/tools/sbin
-
-# Make sure Docker is running!
-docker:
-  service.running:
-    - enable: True
-
-# Drop the correct nginx config based on role
-
-nginxconfdir:
-  file.directory:
-    - name: /opt/so/conf/nginx
-    - user: 939
-    - group: 939
-    - makedirs: True
-
-nginxconf:
-  file.managed:
-    - name: /opt/so/conf/nginx/nginx.conf
-    - user: 939
-    - group: 939
-    - template: jinja
-    - source: salt://common/nginx/nginx.conf.{{ grains.role }}
-
-nginxlogdir:
-  file.directory:
-    - name: /opt/so/log/nginx/
-    - user: 939
-    - group: 939
-    - makedirs: True
-
-nginxtmp:
-  file.directory:
-    - name: /opt/so/tmp/nginx/tmp
-    - user: 939
-    - group: 939
-    - makedirs: True
-
-so-core:
-  docker_container.running:
-    - image: {{ MASTER }}:5000/soshybridhunter/so-core:{{ VERSION }}
-    - hostname: so-core
-    - user: socore
-    - binds:
-      - /opt/so:/opt/so:rw
-      - /opt/so/conf/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
-      - /opt/so/log/nginx/:/var/log/nginx:rw
-      - /opt/so/tmp/nginx/:/var/lib/nginx:rw
-      - /opt/so/tmp/nginx/:/run:rw
-      - /etc/pki/masterssl.crt:/etc/pki/nginx/server.crt:ro
-      - /etc/pki/masterssl.key:/etc/pki/nginx/server.key:ro
-      - /opt/so/conf/fleet/packages:/opt/socore/html/packages
-    - cap_add: NET_BIND_SERVICE
-    - port_bindings:
-      - 80:80
-      - 443:443
-    {%- if FLEETMASTER or FLEETNODE %}
-      - 8090:8090
-    {%- endif %}
-    - watch:
-      - file: /opt/so/conf/nginx/nginx.conf
-
-# Add Telegraf to monitor all the things.
-tgraflogdir:
-  file.directory:
-    - name: /opt/so/log/telegraf
-    - makedirs: True
-
-tgrafetcdir:
-  file.directory:
-    - name: /opt/so/conf/telegraf/etc
-    - makedirs: True
-
-tgrafetsdir:
-  file.directory:
-    - name: /opt/so/conf/telegraf/scripts
-    - makedirs: True
-
-tgrafsyncscripts:
-  file.recurse:
-    - name: /opt/so/conf/telegraf/scripts
-    - user: 939
-    - group: 939
-    - file_mode: 755
-    - template: jinja
-    - source: salt://common/telegraf/scripts
-
-tgrafconf:
-  file.managed:
-    - name: /opt/so/conf/telegraf/etc/telegraf.conf
-    - user: 939
-    - group: 939
-    - template: jinja
-    - source: salt://common/telegraf/etc/telegraf.conf
-
-so-telegraf:
-  docker_container.running:
-    - image: {{ MASTER }}:5000/soshybridhunter/so-telegraf:{{ VERSION }}
-    - environment:
-      - HOST_PROC=/host/proc
-      - HOST_ETC=/host/etc
-      - HOST_SYS=/host/sys
-      - HOST_MOUNT_PREFIX=/host
-    - network_mode: host
-    - port_bindings:
-      - 127.0.0.1:8094:8094
-    - binds:
-      - /opt/so/log/telegraf:/var/log/telegraf:rw
-      - /opt/so/conf/telegraf/etc/telegraf.conf:/etc/telegraf/telegraf.conf:ro
-      - /var/run/utmp:/var/run/utmp:ro
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-      - /:/host/root:ro
-      - /sys:/host/sys:ro
-      - /proc:/host/proc:ro
-      - /nsm:/host/nsm:ro
-      - /etc:/host/etc:ro
-      {% if grains['role'] == 'so-master' or grains['role'] == 'so-eval' or grains['role'] == 'so-mastersearch' %}
-      - /etc/pki/ca.crt:/etc/telegraf/ca.crt:ro
-      {% else %}
-      - /etc/ssl/certs/intca.crt:/etc/telegraf/ca.crt:ro
-      {% endif %}
-      - /etc/pki/influxdb.crt:/etc/telegraf/telegraf.crt:ro
-      - /etc/pki/influxdb.key:/etc/telegraf/telegraf.key:ro
-      - /opt/so/conf/telegraf/scripts:/scripts:ro
-      - /opt/so/log/stenographer:/var/log/stenographer:ro
-      - /opt/so/log/suricata:/var/log/suricata:ro
-    - watch:
-      - /opt/so/conf/telegraf/etc/telegraf.conf
-      - /opt/so/conf/telegraf/scripts
-
-# If its a master or eval lets install the back end for now
-{% if grains['role'] in ['so-master', 'so-mastersearch', 'so-eval'] and GRAFANA == 1 %}
-
-# Influx DB
-influxconfdir:
-  file.directory:
-    - name: /opt/so/conf/influxdb/etc
-    - makedirs: True
-
-influxdbdir:
-  file.directory:
-    - name: /nsm/influxdb
-    - makedirs: True
-
-influxdbconf:
-  file.managed:
-    - name: /opt/so/conf/influxdb/etc/influxdb.conf
-    - user: 939
-    - group: 939
-    - template: jinja
-    - source: salt://common/influxdb/etc/influxdb.conf
-
-so-influxdb:
-  docker_container.running:
-    - image: {{ MASTER }}:5000/soshybridhunter/so-influxdb:{{ VERSION }}
-    - hostname: influxdb
-    - environment:
-      - INFLUXDB_HTTP_LOG_ENABLED=false
-    - binds:
-      - /opt/so/conf/influxdb/etc/influxdb.conf:/etc/influxdb/influxdb.conf:ro
-      - /nsm/influxdb:/var/lib/influxdb:rw
-      - /etc/pki/influxdb.crt:/etc/ssl/influxdb.crt:ro
-      - /etc/pki/influxdb.key:/etc/ssl/influxdb.key:ro
-    - port_bindings:
-      - 0.0.0.0:8086:8086
-    - watch:
-      - file: /opt/so/conf/influxdb/etc/influxdb.conf
-
-# Grafana all the things
-grafanadir:
-  file.directory:
-    - name: /nsm/grafana
-    - user: 939
-    - group: 939
-    - makedirs: True
-
-grafanaconfdir:
-  file.directory:
-    - name: /opt/so/conf/grafana/etc
-    - user: 939
-    - group: 939
-    - makedirs: True
-
-grafanadashdir:
-  file.directory:
-    - name: /opt/so/conf/grafana/grafana_dashboards
-    - user: 939
-    - group: 939
-    - makedirs: True
-
-grafanadashmdir:
-  file.directory:
-    - name: /opt/so/conf/grafana/grafana_dashboards/master
-    - user: 939
-    - group: 939
-    - makedirs: True
-
-grafanadashevaldir:
-  file.directory:
-    - name: /opt/so/conf/grafana/grafana_dashboards/eval
-    - user: 939
-    - group: 939
-    - makedirs: True
-
-grafanadashfndir:
-  file.directory:
-    - name: /opt/so/conf/grafana/grafana_dashboards/sensor_nodes
-    - user: 939
-    - group: 939
-    - makedirs: True
-
-grafanadashsndir:
-  file.directory:
-    - name: /opt/so/conf/grafana/grafana_dashboards/search_nodes
-    - user: 939
-    - group: 939
-    - makedirs: True
-
-grafanaconf:
-  file.recurse:
-    - name: /opt/so/conf/grafana/etc
-    - user: 939
-    - group: 939
-    - template: jinja
-    - source: salt://common/grafana/etc
-
-{% if salt['pillar.get']('mastertab', False) %}
-{% for SN, SNDATA in salt['pillar.get']('mastertab', {}).items() %}
-{% set NODETYPE = SN.split('_')|last %}
-{% set SN = SN | regex_replace('_' ~ NODETYPE, '') %}
-dashboard-master:
-  file.managed:
-    - name: /opt/so/conf/grafana/grafana_dashboards/master/{{ SN }}-Master.json
-    - user: 939
-    - group: 939
-    - template: jinja
-    - source: salt://common/grafana/grafana_dashboards/master/master.json
-    - defaults:
-      SERVERNAME: {{ SN }}
-      MANINT: {{ SNDATA.manint }}
-      MONINT: {{ SNDATA.manint }}
-      CPUS: {{ SNDATA.totalcpus }}
-      UID: {{ SNDATA.guid }}
-      ROOTFS: {{ SNDATA.rootfs }}
-      NSMFS: {{ SNDATA.nsmfs }}
-
-{% endfor %}
-{% endif %}
-
-{% if salt['pillar.get']('sensorstab', False) %}
-{% for SN, SNDATA in salt['pillar.get']('sensorstab', {}).items() %}
-{% set NODETYPE = SN.split('_')|last %}
-{% set SN = SN | regex_replace('_' ~ NODETYPE, '') %}
-dashboard-{{ SN }}:
-  file.managed:
-    - name: /opt/so/conf/grafana/grafana_dashboards/sensor_nodes/{{ SN }}-Sensor.json
-    - user: 939
-    - group: 939
-    - template: jinja
-    - source: salt://common/grafana/grafana_dashboards/sensor_nodes/sensor.json
-    - defaults:
-      SERVERNAME: {{ SN }}
-      MONINT: {{ SNDATA.monint }}
-      MANINT: {{ SNDATA.manint }}
-      CPUS: {{ SNDATA.totalcpus }}
-      UID: {{ SNDATA.guid }}
-      ROOTFS: {{ SNDATA.rootfs }}
-      NSMFS: {{ SNDATA.nsmfs }}
-
-{% endfor %}
-{% endif %}
-
-{% if salt['pillar.get']('nodestab', False) %}
-{% for SN, SNDATA in salt['pillar.get']('nodestab', {}).items() %}
-{% set NODETYPE = SN.split('_')|last %}
-{% set SN = SN | regex_replace('_' ~ NODETYPE, '') %}
-dashboardsearch-{{ SN }}:
-  file.managed:
-    - name: /opt/so/conf/grafana/grafana_dashboards/search_nodes/{{ SN }}-Node.json
-    - user: 939
-    - group: 939
-    - template: jinja
-    - source: salt://common/grafana/grafana_dashboards/search_nodes/searchnode.json
-    - defaults:
-      SERVERNAME: {{ SN }}
-      MANINT: {{ SNDATA.manint }}
-      MONINT: {{ SNDATA.manint }}
-      CPUS: {{ SNDATA.totalcpus }}
-      UID: {{ SNDATA.guid }}
-      ROOTFS: {{ SNDATA.rootfs }}
-      NSMFS: {{ SNDATA.nsmfs }}
-
-{% endfor %}
-{% endif %}
-
-{% if salt['pillar.get']('evaltab', False) %}
-{% for SN, SNDATA in salt['pillar.get']('evaltab', {}).items() %}
-{% set NODETYPE = SN.split('_')|last %}
-{% set SN = SN | regex_replace('_' ~ NODETYPE, '') %}
-dashboard-{{ SN }}:
-  file.managed:
-    - name: /opt/so/conf/grafana/grafana_dashboards/eval/{{ SN }}-Node.json
-    - user: 939
-    - group: 939
-    - template: jinja
-    - source: salt://common/grafana/grafana_dashboards/eval/eval.json
-    - defaults:
-      SERVERNAME: {{ SN }}
-      MANINT: {{ SNDATA.manint }}
-      MONINT: {{ SNDATA.monint }}
-      CPUS: {{ SNDATA.totalcpus }}
-      UID: {{ SNDATA.guid }}
-      ROOTFS: {{ SNDATA.rootfs }}
-      NSMFS: {{ SNDATA.nsmfs }}
-
-{% endfor %}
-{% endif %}
-
-so-grafana:
-  docker_container.running:
-    - image: {{ MASTER }}:5000/soshybridhunter/so-grafana:{{ VERSION }}
-    - hostname: grafana
-    - user: socore
-    - binds:
-      - /nsm/grafana:/var/lib/grafana:rw
-      - /opt/so/conf/grafana/etc/grafana.ini:/etc/grafana/grafana.ini:ro
-      - /opt/so/conf/grafana/etc/datasources:/etc/grafana/provisioning/datasources:rw
-      - /opt/so/conf/grafana/etc/dashboards:/etc/grafana/provisioning/dashboards:rw
-      - /opt/so/conf/grafana/grafana_dashboards:/etc/grafana/grafana_dashboards:rw
-    - environment:
-      - GF_SECURITY_ADMIN_PASSWORD=augusta
-    - port_bindings:
-      - 0.0.0.0:3000:3000
-    - watch:
-      - file: /opt/so/conf/grafana/*
-
-{% endif %}
+    - source: salt://common/tools/sbin
\ No newline at end of file
diff --git a/salt/docker/init.sls b/salt/docker/init.sls
new file mode 100644
index 000000000..3021552ab
--- /dev/null
+++ b/salt/docker/init.sls
@@ -0,0 +1,8 @@
+installdocker:
+  pkg.installed:
+    - name: docker-ce
+
+# Make sure Docker is running!
+docker:
+  service.running:
+    - enable: True
\ No newline at end of file
diff --git a/salt/common/grafana/grafana_dashboards/eval/eval.json b/salt/grafana/dashboards/eval/eval.json
similarity index 100%
rename from salt/common/grafana/grafana_dashboards/eval/eval.json
rename to salt/grafana/dashboards/eval/eval.json
diff --git a/salt/common/grafana/grafana_dashboards/master/master.json b/salt/grafana/dashboards/master/master.json
similarity index 100%
rename from salt/common/grafana/grafana_dashboards/master/master.json
rename to salt/grafana/dashboards/master/master.json
diff --git a/salt/common/grafana/grafana_dashboards/search_nodes/searchnode.json b/salt/grafana/dashboards/search_nodes/searchnode.json
similarity index 100%
rename from salt/common/grafana/grafana_dashboards/search_nodes/searchnode.json
rename to salt/grafana/dashboards/search_nodes/searchnode.json
diff --git a/salt/common/grafana/grafana_dashboards/sensor_nodes/sensor.json b/salt/grafana/dashboards/sensor_nodes/sensor.json
similarity index 100%
rename from salt/common/grafana/grafana_dashboards/sensor_nodes/sensor.json
rename to salt/grafana/dashboards/sensor_nodes/sensor.json
diff --git a/salt/common/grafana/etc/dashboards/dashboard.yml b/salt/grafana/etc/dashboards/dashboard.yml
similarity index 100%
rename from salt/common/grafana/etc/dashboards/dashboard.yml
rename to salt/grafana/etc/dashboards/dashboard.yml
diff --git a/salt/common/grafana/etc/datasources/influxdb.yaml b/salt/grafana/etc/datasources/influxdb.yaml
similarity index 100%
rename from salt/common/grafana/etc/datasources/influxdb.yaml
rename to salt/grafana/etc/datasources/influxdb.yaml
diff --git a/salt/common/grafana/etc/grafana.ini b/salt/grafana/etc/grafana.ini
similarity index 100%
rename from salt/common/grafana/etc/grafana.ini
rename to salt/grafana/etc/grafana.ini
diff --git a/salt/grafana/init.sls b/salt/grafana/init.sls
new file mode 100644
index 000000000..666ce9caf
--- /dev/null
+++ b/salt/grafana/init.sls
@@ -0,0 +1,175 @@
+{% set GRAFANA = salt['pillar.get']('master:grafana', '0') %}
+{% set MASTER = salt['grains.get']('master') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+
+{% if grains['role'] in ['so-master', 'so-mastersearch', 'so-eval'] and GRAFANA == 1 %}
+
+# Grafana all the things
+grafanadir:
+  file.directory:
+    - name: /nsm/grafana
+    - user: 939
+    - group: 939
+    - makedirs: True
+
+grafanaconfdir:
+  file.directory:
+    - name: /opt/so/conf/grafana/etc
+    - user: 939
+    - group: 939
+    - makedirs: True
+
+grafanadashdir:
+  file.directory:
+    - name: /opt/so/conf/grafana/grafana_dashboards
+    - user: 939
+    - group: 939
+    - makedirs: True
+
+grafanadashmdir:
+  file.directory:
+    - name: /opt/so/conf/grafana/grafana_dashboards/master
+    - user: 939
+    - group: 939
+    - makedirs: True
+
+grafanadashevaldir:
+  file.directory:
+    - name: /opt/so/conf/grafana/grafana_dashboards/eval
+    - user: 939
+    - group: 939
+    - makedirs: True
+
+grafanadashfndir:
+  file.directory:
+    - name: /opt/so/conf/grafana/grafana_dashboards/sensor_nodes
+    - user: 939
+    - group: 939
+    - makedirs: True
+
+grafanadashsndir:
+  file.directory:
+    - name: /opt/so/conf/grafana/grafana_dashboards/search_nodes
+    - user: 939
+    - group: 939
+    - makedirs: True
+
+grafanaconf:
+  file.recurse:
+    - name: /opt/so/conf/grafana/etc
+    - user: 939
+    - group: 939
+    - template: jinja
+    - source: salt://grafana/etc
+
+{% if salt['pillar.get']('mastertab', False) %}
+{% for SN, SNDATA in salt['pillar.get']('mastertab', {}).items() %}
+{% set NODETYPE = SN.split('_')|last %}
+{% set SN = SN | regex_replace('_' ~ NODETYPE, '') %}
+dashboard-master:
+  file.managed:
+    - name: /opt/so/conf/grafana/grafana_dashboards/master/{{ SN }}-Master.json
+    - user: 939
+    - group: 939
+    - template: jinja
+    - source: salt://grafana/dashboards/master/master.json
+    - defaults:
+      SERVERNAME: {{ SN }}
+      MANINT: {{ SNDATA.manint }}
+      MONINT: {{ SNDATA.manint }}
+      CPUS: {{ SNDATA.totalcpus }}
+      UID: {{ SNDATA.guid }}
+      ROOTFS: {{ SNDATA.rootfs }}
+      NSMFS: {{ SNDATA.nsmfs }}
+
+{% endfor %}
+{% endif %}
+
+{% if salt['pillar.get']('sensorstab', False) %}
+{% for SN, SNDATA in salt['pillar.get']('sensorstab', {}).items() %}
+{% set NODETYPE = SN.split('_')|last %}
+{% set SN = SN | regex_replace('_' ~ NODETYPE, '') %}
+dashboard-{{ SN }}:
+  file.managed:
+    - name: /opt/so/conf/grafana/grafana_dashboards/sensor_nodes/{{ SN }}-Sensor.json
+    - user: 939
+    - group: 939
+    - template: jinja
+    - source: salt://grafana/dashboards/sensor_nodes/sensor.json
+    - defaults:
+      SERVERNAME: {{ SN }}
+      MONINT: {{ SNDATA.monint }}
+      MANINT: {{ SNDATA.manint }}
+      CPUS: {{ SNDATA.totalcpus }}
+      UID: {{ SNDATA.guid }}
+      ROOTFS: {{ SNDATA.rootfs }}
+      NSMFS: {{ SNDATA.nsmfs }}
+
+{% endfor %}
+{% endif %}
+
+{% if salt['pillar.get']('nodestab', False) %}
+{% for SN, SNDATA in salt['pillar.get']('nodestab', {}).items() %}
+{% set NODETYPE = SN.split('_')|last %}
+{% set SN = SN | regex_replace('_' ~ NODETYPE, '') %}
+dashboardsearch-{{ SN }}:
+  file.managed:
+    - name: /opt/so/conf/grafana/grafana_dashboards/search_nodes/{{ SN }}-Node.json
+    - user: 939
+    - group: 939
+    - template: jinja
+    - source: salt://grafana/dashboards/search_nodes/searchnode.json
+    - defaults:
+      SERVERNAME: {{ SN }}
+      MANINT: {{ SNDATA.manint }}
+      MONINT: {{ SNDATA.manint }}
+      CPUS: {{ SNDATA.totalcpus }}
+      UID: {{ SNDATA.guid }}
+      ROOTFS: {{ SNDATA.rootfs }}
+      NSMFS: {{ SNDATA.nsmfs }}
+
+{% endfor %}
+{% endif %}
+
+{% if salt['pillar.get']('evaltab', False) %}
+{% for SN, SNDATA in salt['pillar.get']('evaltab', {}).items() %}
+{% set NODETYPE = SN.split('_')|last %}
+{% set SN = SN | regex_replace('_' ~ NODETYPE, '') %}
+dashboard-{{ SN }}:
+  file.managed:
+    - name: /opt/so/conf/grafana/grafana_dashboards/eval/{{ SN }}-Node.json
+    - user: 939
+    - group: 939
+    - template: jinja
+    - source: salt://grafana/dashboards/eval/eval.json
+    - defaults:
+      SERVERNAME: {{ SN }}
+      MANINT: {{ SNDATA.manint }}
+      MONINT: {{ SNDATA.monint }}
+      CPUS: {{ SNDATA.totalcpus }}
+      UID: {{ SNDATA.guid }}
+      ROOTFS: {{ SNDATA.rootfs }}
+      NSMFS: {{ SNDATA.nsmfs }}
+
+{% endfor %}
+{% endif %}
+
+so-grafana:
+  docker_container.running:
+    - image: {{ MASTER }}:5000/soshybridhunter/so-grafana:{{ VERSION }}
+    - hostname: grafana
+    - user: socore
+    - binds:
+      - /nsm/grafana:/var/lib/grafana:rw
+      - /opt/so/conf/grafana/etc/grafana.ini:/etc/grafana/grafana.ini:ro
+      - /opt/so/conf/grafana/etc/datasources:/etc/grafana/provisioning/datasources:rw
+      - /opt/so/conf/grafana/etc/dashboards:/etc/grafana/provisioning/dashboards:rw
+      - /opt/so/conf/grafana/grafana_dashboards:/etc/grafana/grafana_dashboards:rw
+    - environment:
+      - GF_SECURITY_ADMIN_PASSWORD=augusta
+    - port_bindings:
+      - 0.0.0.0:3000:3000
+    - watch:
+      - file: /opt/so/conf/grafana/*
+
+{% endif %}
\ No newline at end of file
diff --git a/salt/common/influxdb/etc/influxdb.conf b/salt/influxdb/etc/influxdb.conf
similarity index 100%
rename from salt/common/influxdb/etc/influxdb.conf
rename to salt/influxdb/etc/influxdb.conf
diff --git a/salt/influxdb/init.sls b/salt/influxdb/init.sls
new file mode 100644
index 000000000..d9305320d
--- /dev/null
+++ b/salt/influxdb/init.sls
@@ -0,0 +1,43 @@
+{% set GRAFANA = salt['pillar.get']('master:grafana', '0') %}
+{% set MASTER = salt['grains.get']('master') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+
+
+{% if grains['role'] in ['so-master', 'so-mastersearch', 'so-eval'] and GRAFANA == 1 %}
+
+# Influx DB
+influxconfdir:
+  file.directory:
+    - name: /opt/so/conf/influxdb/etc
+    - makedirs: True
+
+influxdbdir:
+  file.directory:
+    - name: /nsm/influxdb
+    - makedirs: True
+
+influxdbconf:
+  file.managed:
+    - name: /opt/so/conf/influxdb/etc/influxdb.conf
+    - user: 939
+    - group: 939
+    - template: jinja
+    - source: salt://influxdb/etc/influxdb.conf
+
+so-influxdb:
+  docker_container.running:
+    - image: {{ MASTER }}:5000/soshybridhunter/so-influxdb:{{ VERSION }}
+    - hostname: influxdb
+    - environment:
+      - INFLUXDB_HTTP_LOG_ENABLED=false
+    - binds:
+      - /opt/so/conf/influxdb/etc/influxdb.conf:/etc/influxdb/influxdb.conf:ro
+      - /nsm/influxdb:/var/lib/influxdb:rw
+      - /etc/pki/influxdb.crt:/etc/ssl/influxdb.crt:ro
+      - /etc/pki/influxdb.key:/etc/ssl/influxdb.key:ro
+    - port_bindings:
+      - 0.0.0.0:8086:8086
+    - watch:
+      - file: influxdbconf
+
+{% endif %}
\ No newline at end of file
diff --git a/salt/common/nginx/nginx.conf.so-eval b/salt/nginx/etc/nginx.conf.so-eval
similarity index 100%
rename from salt/common/nginx/nginx.conf.so-eval
rename to salt/nginx/etc/nginx.conf.so-eval
diff --git a/salt/common/nginx/nginx.conf.so-fleet b/salt/nginx/etc/nginx.conf.so-fleet
similarity index 100%
rename from salt/common/nginx/nginx.conf.so-fleet
rename to salt/nginx/etc/nginx.conf.so-fleet
diff --git a/salt/common/nginx/nginx.conf.so-heavynode b/salt/nginx/etc/nginx.conf.so-heavynode
similarity index 100%
rename from salt/common/nginx/nginx.conf.so-heavynode
rename to salt/nginx/etc/nginx.conf.so-heavynode
diff --git a/salt/common/nginx/nginx.conf.so-helix b/salt/nginx/etc/nginx.conf.so-helix
similarity index 100%
rename from salt/common/nginx/nginx.conf.so-helix
rename to salt/nginx/etc/nginx.conf.so-helix
diff --git a/salt/common/nginx/nginx.conf.so-master b/salt/nginx/etc/nginx.conf.so-master
similarity index 100%
rename from salt/common/nginx/nginx.conf.so-master
rename to salt/nginx/etc/nginx.conf.so-master
diff --git a/salt/common/nginx/nginx.conf.so-mastersearch b/salt/nginx/etc/nginx.conf.so-mastersearch
similarity index 100%
rename from salt/common/nginx/nginx.conf.so-mastersearch
rename to salt/nginx/etc/nginx.conf.so-mastersearch
diff --git a/salt/common/nginx/nginx.conf.so-node b/salt/nginx/etc/nginx.conf.so-node
similarity index 100%
rename from salt/common/nginx/nginx.conf.so-node
rename to salt/nginx/etc/nginx.conf.so-node
diff --git a/salt/common/nginx/nginx.conf.so-sensor b/salt/nginx/etc/nginx.conf.so-sensor
similarity index 100%
rename from salt/common/nginx/nginx.conf.so-sensor
rename to salt/nginx/etc/nginx.conf.so-sensor
diff --git a/salt/nginx/init.sls b/salt/nginx/init.sls
new file mode 100644
index 000000000..24bc86057
--- /dev/null
+++ b/salt/nginx/init.sls
@@ -0,0 +1,58 @@
+{% set FLEETMASTER = salt['pillar.get']('static:fleet_master', False) %}
+{% set FLEETNODE = salt['pillar.get']('static:fleet_node', False) %}
+{% set MASTER = salt['grains.get']('master') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+
+# Drop the correct nginx config based on role
+nginxconfdir:
+  file.directory:
+    - name: /opt/so/conf/nginx
+    - user: 939
+    - group: 939
+    - makedirs: True
+
+nginxconf:
+  file.managed:
+    - name: /opt/so/conf/nginx/nginx.conf
+    - user: 939
+    - group: 939
+    - template: jinja
+    - source: salt://nginx/etc/nginx.conf.{{ grains.role }}
+
+nginxlogdir:
+  file.directory:
+    - name: /opt/so/log/nginx/
+    - user: 939
+    - group: 939
+    - makedirs: True
+
+nginxtmp:
+  file.directory:
+    - name: /opt/so/tmp/nginx/tmp
+    - user: 939
+    - group: 939
+    - makedirs: True
+
+so-core:
+  docker_container.running:
+    - image: {{ MASTER }}:5000/soshybridhunter/so-core:{{ VERSION }}
+    - hostname: so-core
+    - user: socore
+    - binds:
+      - /opt/so:/opt/so:rw
+      - /opt/so/conf/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
+      - /opt/so/log/nginx/:/var/log/nginx:rw
+      - /opt/so/tmp/nginx/:/var/lib/nginx:rw
+      - /opt/so/tmp/nginx/:/run:rw
+      - /etc/pki/masterssl.crt:/etc/pki/nginx/server.crt:ro
+      - /etc/pki/masterssl.key:/etc/pki/nginx/server.key:ro
+      - /opt/so/conf/fleet/packages:/opt/socore/html/packages
+    - cap_add: NET_BIND_SERVICE
+    - port_bindings:
+      - 80:80
+      - 443:443
+    {%- if FLEETMASTER or FLEETNODE %}
+      - 8090:8090
+    {%- endif %}
+    - watch:
+      - file: nginxconf
\ No newline at end of file
diff --git a/salt/salt/init.sls b/salt/salt/init.sls
index 32aaaa47e..22ecddfb3 100644
--- a/salt/salt/init.sls
+++ b/salt/salt/init.sls
@@ -1,3 +1,28 @@
+# Create a state directory
+
+statedir:
+  file.directory:
+    - name: /opt/so/state
+    - user: 939
+    - group: 939
+    - makedirs: True
+
+salttmp:
+  file.directory:
+    - name: /opt/so/tmp
+    - user: 939
+    - group: 939
+    - makedirs: True
+
+{% if grains['os'] != 'CentOS' %}    
+saltpymodules:
+  pkg.installed:
+    - pkgs:
+      - python-docker
+      - python-m2crypto
+  {% endif %}
+
+
 salt_minion_service:
   service.running:
     - name: salt-minion
diff --git a/salt/common/telegraf/etc/telegraf.conf b/salt/telegraf/etc/telegraf.conf
similarity index 100%
rename from salt/common/telegraf/etc/telegraf.conf
rename to salt/telegraf/etc/telegraf.conf
diff --git a/salt/telegraf/init.sls b/salt/telegraf/init.sls
new file mode 100644
index 000000000..44a5686d9
--- /dev/null
+++ b/salt/telegraf/init.sls
@@ -0,0 +1,70 @@
+{% set MASTER = salt['grains.get']('master') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+
+# Add Telegraf to monitor all the things.
+tgraflogdir:
+  file.directory:
+    - name: /opt/so/log/telegraf
+    - makedirs: True
+
+tgrafetcdir:
+  file.directory:
+    - name: /opt/so/conf/telegraf/etc
+    - makedirs: True
+
+tgrafetsdir:
+  file.directory:
+    - name: /opt/so/conf/telegraf/scripts
+    - makedirs: True
+
+tgrafsyncscripts:
+  file.recurse:
+    - name: /opt/so/conf/telegraf/scripts
+    - user: 939
+    - group: 939
+    - file_mode: 755
+    - template: jinja
+    - source: salt://telegraf/scripts
+
+tgrafconf:
+  file.managed:
+    - name: /opt/so/conf/telegraf/etc/telegraf.conf
+    - user: 939
+    - group: 939
+    - template: jinja
+    - source: salt://telegraf/etc/telegraf.conf
+
+so-telegraf:
+  docker_container.running:
+    - image: {{ MASTER }}:5000/soshybridhunter/so-telegraf:{{ VERSION }}
+    - environment:
+      - HOST_PROC=/host/proc
+      - HOST_ETC=/host/etc
+      - HOST_SYS=/host/sys
+      - HOST_MOUNT_PREFIX=/host
+    - network_mode: host
+    - port_bindings:
+      - 127.0.0.1:8094:8094
+    - binds:
+      - /opt/so/log/telegraf:/var/log/telegraf:rw
+      - /opt/so/conf/telegraf/etc/telegraf.conf:/etc/telegraf/telegraf.conf:ro
+      - /var/run/utmp:/var/run/utmp:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - /:/host/root:ro
+      - /sys:/host/sys:ro
+      - /proc:/host/proc:ro
+      - /nsm:/host/nsm:ro
+      - /etc:/host/etc:ro
+      {% if grains['role'] == 'so-master' or grains['role'] == 'so-eval' or grains['role'] == 'so-mastersearch' %}
+      - /etc/pki/ca.crt:/etc/telegraf/ca.crt:ro
+      {% else %}
+      - /etc/ssl/certs/intca.crt:/etc/telegraf/ca.crt:ro
+      {% endif %}
+      - /etc/pki/influxdb.crt:/etc/telegraf/telegraf.crt:ro
+      - /etc/pki/influxdb.key:/etc/telegraf/telegraf.key:ro
+      - /opt/so/conf/telegraf/scripts:/scripts:ro
+      - /opt/so/log/stenographer:/var/log/stenographer:ro
+      - /opt/so/log/suricata:/var/log/suricata:ro
+    - watch:
+      - file: tgrafconf
+      - file: tgrafsyncscripts
\ No newline at end of file
diff --git a/salt/common/telegraf/scripts/broloss.sh b/salt/telegraf/scripts/broloss.sh
similarity index 100%
rename from salt/common/telegraf/scripts/broloss.sh
rename to salt/telegraf/scripts/broloss.sh
diff --git a/salt/common/telegraf/scripts/checkfiles.sh b/salt/telegraf/scripts/checkfiles.sh
similarity index 100%
rename from salt/common/telegraf/scripts/checkfiles.sh
rename to salt/telegraf/scripts/checkfiles.sh
diff --git a/salt/common/telegraf/scripts/helixeps.sh b/salt/telegraf/scripts/helixeps.sh
similarity index 100%
rename from salt/common/telegraf/scripts/helixeps.sh
rename to salt/telegraf/scripts/helixeps.sh
diff --git a/salt/common/telegraf/scripts/influxdbsize.sh b/salt/telegraf/scripts/influxdbsize.sh
similarity index 100%
rename from salt/common/telegraf/scripts/influxdbsize.sh
rename to salt/telegraf/scripts/influxdbsize.sh
diff --git a/salt/common/telegraf/scripts/oldpcap.sh b/salt/telegraf/scripts/oldpcap.sh
similarity index 100%
rename from salt/common/telegraf/scripts/oldpcap.sh
rename to salt/telegraf/scripts/oldpcap.sh
diff --git a/salt/common/telegraf/scripts/redis.sh b/salt/telegraf/scripts/redis.sh
similarity index 100%
rename from salt/common/telegraf/scripts/redis.sh
rename to salt/telegraf/scripts/redis.sh
diff --git a/salt/common/telegraf/scripts/stenoloss.sh b/salt/telegraf/scripts/stenoloss.sh
similarity index 100%
rename from salt/common/telegraf/scripts/stenoloss.sh
rename to salt/telegraf/scripts/stenoloss.sh
diff --git a/salt/common/telegraf/scripts/suriloss.sh b/salt/telegraf/scripts/suriloss.sh
similarity index 100%
rename from salt/common/telegraf/scripts/suriloss.sh
rename to salt/telegraf/scripts/suriloss.sh
diff --git a/salt/top.sls b/salt/top.sls
index a03c2e1e2..3d0c70c53 100644
--- a/salt/top.sls
+++ b/salt/top.sls
@@ -11,15 +11,18 @@
 
 base:
   '*':
+    - salt
+    - docker
     - patch.os.schedule
     - motd
-    - salt
 
   '*_helix':
     - ca
     - ssl
     - registry
     - common
+    - nginx
+    - telegraf
     - firewall
     - idstools
     - pcap
@@ -34,6 +37,8 @@ base:
     - ca
     - ssl
     - common
+    - nginx
+    - telegraf
     - firewall
     - pcap
     - suricata
@@ -57,6 +62,10 @@ base:
     - registry
     - master
     - common
+    - nginx
+    - telegraf
+    - influxdb
+    - grafana
     - soc
     - firewall
     - idstools
@@ -105,6 +114,10 @@ base:
     - ssl
     - registry
     - common
+    - nginx
+    - telegraf
+    - influxdb
+    - grafana
     - soc
     - firewall
     - master
@@ -179,6 +192,8 @@ base:
     - ca
     - ssl
     - common
+    - nginx
+    - telegraf
     - firewall
     {%- if WAZUH != 0 %}
     - wazuh
@@ -194,6 +209,10 @@ base:
 
   '*_mastersensor':
     - common
+    - nginx
+    - telegraf
+    - influxdb
+    - grafana
     - firewall
     - sensor
     - master
@@ -207,6 +226,10 @@ base:
     - ssl
     - registry
     - common
+    - nginx
+    - telegraf
+    - influxdb
+    - grafana
     - soc
     - firewall
     - master
@@ -248,6 +271,8 @@ base:
     - ca
     - ssl
     - common
+    - nginx
+    - telegraf
     - firewall
     - redis
     {%- if WAZUH != 0 %}
@@ -272,6 +297,8 @@ base:
     - ca
     - ssl
     - common
+    - nginx
+    - telegraf
     - firewall
     - mysql
     - redis

From 7e34595f9969e6ca7483d11f0aa207fe06cebfda Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Tue, 21 Apr 2020 15:16:08 -0400
Subject: [PATCH 2/7] rename docker container so-core to so-nginx -
 https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/587

---
 pillar/docker/config.sls                      | 22 +++++++++----------
 salt/common/tools/sbin/so-elastic-download    |  2 +-
 salt/fleet/files/scripts/so-fleet-setup       |  2 +-
 .../files/registry/scripts/so-docker-download |  2 +-
 salt/nginx/init.sls                           |  6 ++---
 setup/so-functions                            |  4 ++--
 upgrade/so-update-functions                   |  4 ++--
 7 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/pillar/docker/config.sls b/pillar/docker/config.sls
index a9eebaf2b..3c90b710a 100644
--- a/pillar/docker/config.sls
+++ b/pillar/docker/config.sls
@@ -10,7 +10,7 @@
 
 eval:
   containers:
-    - so-core
+    - so-nginx
     - so-telegraf
     {% if  GRAFANA == '1' %}
     - so-influxdb
@@ -54,7 +54,7 @@ eval:
     {% endif %}
 heavy_node:
   containers:
-    - so-core
+    - so-nginx
     - so-telegraf
     - so-redis
     - so-logstash
@@ -69,7 +69,7 @@ heavy_node:
     {% endif %}
 helix:
   containers:
-    - so-core
+    - so-nginx
     - so-telegraf
     - so-idstools
     - so-steno
@@ -79,14 +79,14 @@ helix:
     - so-filebeat
 hot_node:
   containers:
-    - so-core
+    - so-nginx
     - so-telegraf
     - so-logstash
     - so-elasticsearch
     - so-curator
 master_search:
   containers:
-    - so-core
+    - so-nginx
     - so-telegraf
     - so-soc
     - so-kratos
@@ -127,7 +127,7 @@ master_search:
 master:
   containers:
     - so-dockerregistry
-    - so-core
+    - so-nginx
     - so-telegraf
     {% if  GRAFANA == '1' %}
     - so-influxdb
@@ -169,12 +169,12 @@ master:
     {% endif %}
 parser_node:
   containers:
-    - so-core
+    - so-nginx
     - so-telegraf
     - so-logstash
 search_node:
   containers:
-    - so-core
+    - so-nginx
     - so-telegraf
     - so-logstash
     - so-elasticsearch
@@ -185,7 +185,7 @@ search_node:
     {% endif %}
 sensor:
   containers:
-    - so-core
+    - so-nginx
     - so-telegraf
     - so-steno
     - so-suricata
@@ -196,7 +196,7 @@ sensor:
     - so-filebeat
 warm_node:
   containers:
-    - so-core
+    - so-nginx
     - so-telegraf
     - so-elasticsearch
 fleet:
@@ -206,6 +206,6 @@ fleet:
     - so-fleet
     - so-redis
     - so-filebeat
-    - so-core
+    - so-nginx
     - so-telegraf
     {% endif %}
\ No newline at end of file
diff --git a/salt/common/tools/sbin/so-elastic-download b/salt/common/tools/sbin/so-elastic-download
index 9e2c56719..216f51410 100755
--- a/salt/common/tools/sbin/so-elastic-download
+++ b/salt/common/tools/sbin/so-elastic-download
@@ -2,7 +2,7 @@
 MASTER=MASTER
 VERSION="HH1.1.4"
 TRUSTED_CONTAINERS=( \
-"so-core:$VERSION" \
+"so-nginx:$VERSION" \
 "so-thehive-cortex:$VERSION" \
 "so-curator:$VERSION" \
 "so-domainstats:$VERSION" \
diff --git a/salt/fleet/files/scripts/so-fleet-setup b/salt/fleet/files/scripts/so-fleet-setup
index 3489ea86f..6b49dee03 100644
--- a/salt/fleet/files/scripts/so-fleet-setup
+++ b/salt/fleet/files/scripts/so-fleet-setup
@@ -41,7 +41,7 @@ sleep 120
 echo "Installing launcher via salt..."
 salt-call state.apply fleet.install_package queue=True >> /root/fleet-setup.log
 salt-call state.apply filebeat queue=True >> /root/fleet-setup.log
-docker stop so-core
+docker stop so-nginx
 salt-call state.apply common queue=True >> /root/fleet-setup.log
 
 echo "Fleet Setup Complete - Login here: https://{{ MAIN_HOSTNAME }}"
diff --git a/salt/master/files/registry/scripts/so-docker-download b/salt/master/files/registry/scripts/so-docker-download
index f6ca8f4e1..3f9faceb6 100644
--- a/salt/master/files/registry/scripts/so-docker-download
+++ b/salt/master/files/registry/scripts/so-docker-download
@@ -3,7 +3,7 @@
 MASTER={{ MASTER }}
 VERSION="HH1.2.1"
 TRUSTED_CONTAINERS=( \
-"so-core:$VERSION" \
+"so-nginx:$VERSION" \
 "so-cyberchef:$VERSION" \
 "so-acng:$VERSION" \
 "so-soc:$VERSION" \
diff --git a/salt/nginx/init.sls b/salt/nginx/init.sls
index 24bc86057..c630f1097 100644
--- a/salt/nginx/init.sls
+++ b/salt/nginx/init.sls
@@ -33,10 +33,10 @@ nginxtmp:
     - group: 939
     - makedirs: True
 
-so-core:
+so-nginx:
   docker_container.running:
-    - image: {{ MASTER }}:5000/soshybridhunter/so-core:{{ VERSION }}
-    - hostname: so-core
+    - image: {{ MASTER }}:5000/soshybridhunter/so-nginx:{{ VERSION }}
+    - hostname: so-nginx
     - user: socore
     - binds:
       - /opt/so:/opt/so:rw
diff --git a/setup/so-functions b/setup/so-functions
index 3402dd6b1..a3339653d 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -579,7 +579,7 @@ docker_seed_registry() {
   if [ $INSTALLTYPE != 'HELIXSENSOR' ]; then
     TRUSTED_CONTAINERS=( \
     "so-acng:$VERSION" \
-    "so-core:$VERSION" \
+    "so-nginx:$VERSION" \
     "so-thehive-cortex:$VERSION" \
     "so-curator:$VERSION" \
     "so-domainstats:$VERSION" \
@@ -614,7 +614,7 @@ docker_seed_registry() {
     "so-zeek:$VERSION" )
   else
     TRUSTED_CONTAINERS=( \
-    "so-core:$VERSION" \
+    "so-nginx:$VERSION" \
     "so-filebeat:$VERSION" \
     "so-idstools:$VERSION" \
     "so-logstash:$VERSION" \
diff --git a/upgrade/so-update-functions b/upgrade/so-update-functions
index 4f0e48f66..373072a03 100644
--- a/upgrade/so-update-functions
+++ b/upgrade/so-update-functions
@@ -35,7 +35,6 @@ HOSTNAME=$(hostname)
 if [ $MASTERCHECK != 'so-helix' ]; then
     TRUSTED_CONTAINERS=( \
     "so-acng:$BUILD$UPDATEVERSION" \
-    "so-core:$BUILD$UPDATEVERSION" \
     "so-thehive-cortex:$BUILD$UPDATEVERSION" \
     "so-curator:$BUILD$UPDATEVERSION" \
     "so-domainstats:$BUILD$UPDATEVERSION" \
@@ -53,6 +52,7 @@ if [ $MASTERCHECK != 'so-helix' ]; then
     "so-logstash:$BUILD$UPDATEVERSION" \
     "so-mysql:$BUILD$UPDATEVERSION" \
     "so-navigator:$BUILD$UPDATEVERSION" \
+    "so-nginx:$BUILD$UPDATEVERSION" \
     "so-playbook:$BUILD$UPDATEVERSION" \
     "so-redis:$BUILD$UPDATEVERSION" \
     "so-soc:$BUILD$UPDATEVERSION" \
@@ -67,10 +67,10 @@ if [ $MASTERCHECK != 'so-helix' ]; then
     "so-zeek:$BUILD$UPDATEVERSION" )
   else
     TRUSTED_CONTAINERS=( \
-    "so-core:$BUILD$UPDATEVERSION" \
     "so-filebeat:$BUILD$UPDATEVERSION" \
     "so-idstools:$BUILD$UPDATEVERSION" \
     "so-logstash:$BUILD$UPDATEVERSION" \
+    "so-nginx:$BUILD$UPDATEVERSION" \
     "so-redis:$BUILD$UPDATEVERSION" \
     "so-steno:$BUILD$UPDATEVERSION" \
     "so-suricata:$BUILD$UPDATEVERSION" \

From 766b56a944225349e3be85d06a26392622f01f53 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Thu, 23 Apr 2020 10:11:26 -0400
Subject: [PATCH 3/7] update dockers to 1.2.2

---
 VERSION                                               |  2 +-
 salt/curator/init.sls                                 |  2 +-
 salt/elastalert/init.sls                              |  2 +-
 salt/elasticsearch/init.sls                           |  2 +-
 salt/filebeat/init.sls                                |  2 +-
 salt/fleet/init.sls                                   |  2 +-
 salt/grafana/init.sls                                 |  2 +-
 salt/hive/init.sls                                    |  2 +-
 salt/idstools/init.sls                                |  2 +-
 salt/influxdb/init.sls                                |  2 +-
 salt/kibana/init.sls                                  |  2 +-
 salt/logstash/init.sls                                |  2 +-
 salt/master/files/registry/scripts/so-docker-download |  2 +-
 salt/master/init.sls                                  |  2 +-
 salt/mysql/init.sls                                   |  2 +-
 salt/nginx/init.sls                                   |  3 +--
 salt/nodered/init.sls                                 |  2 +-
 salt/pcap/init.sls                                    |  2 +-
 salt/playbook/init.sls                                |  2 +-
 salt/reactor/fleet.sls                                |  2 +-
 salt/redis/init.sls                                   |  2 +-
 salt/sensoroni/init.sls                               |  2 +-
 salt/soc/init.sls                                     |  2 +-
 salt/soctopus/init.sls                                |  2 +-
 salt/strelka/init.sls                                 | 10 +++++-----
 salt/suricata/init.sls                                |  2 +-
 salt/tcpreplay/init.sls                               |  2 +-
 salt/telegraf/init.sls                                |  2 +-
 salt/wazuh/init.sls                                   |  2 +-
 salt/zeek/init.sls                                    |  2 +-
 setup/so-functions                                    |  2 +-
 upgrade/so-update-functions                           |  2 +-
 32 files changed, 36 insertions(+), 37 deletions(-)

diff --git a/VERSION b/VERSION
index 6085e9465..23aa83906 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-1.2.1
+1.2.2
diff --git a/salt/curator/init.sls b/salt/curator/init.sls
index 7912dfffa..b97f7090d 100644
--- a/salt/curator/init.sls
+++ b/salt/curator/init.sls
@@ -1,4 +1,4 @@
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 {% if grains['role'] == 'so-node' or grains['role'] == 'so-eval' %}
 # Curator
diff --git a/salt/elastalert/init.sls b/salt/elastalert/init.sls
index 9d6e0f001..0952689e2 100644
--- a/salt/elastalert/init.sls
+++ b/salt/elastalert/init.sls
@@ -12,7 +12,7 @@
 #
 #    You should have received a copy of the GNU General Public License
 #    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 {% if grains['role'] == 'so-master' %}
 
diff --git a/salt/elasticsearch/init.sls b/salt/elasticsearch/init.sls
index f0127a651..35676ed6d 100644
--- a/salt/elasticsearch/init.sls
+++ b/salt/elasticsearch/init.sls
@@ -12,7 +12,7 @@
 #
 #    You should have received a copy of the GNU General Public License
 #    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 {% set FEATURES = salt['pillar.get']('elastic:features', False) %}
 {% if FEATURES %}
diff --git a/salt/filebeat/init.sls b/salt/filebeat/init.sls
index 3dd90338f..409594b2d 100644
--- a/salt/filebeat/init.sls
+++ b/salt/filebeat/init.sls
@@ -11,7 +11,7 @@
 #
 #    You should have received a copy of the GNU General Public License
 #    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 {% set MASTERIP = salt['pillar.get']('static:masterip', '') %}
 {% set FEATURES = salt['pillar.get']('elastic:features', False) %}
diff --git a/salt/fleet/init.sls b/salt/fleet/init.sls
index 5dcc7e202..66720b85a 100644
--- a/salt/fleet/init.sls
+++ b/salt/fleet/init.sls
@@ -1,7 +1,7 @@
 {%- set MYSQLPASS = salt['pillar.get']('secrets:mysql', None) -%}
 {%- set FLEETPASS = salt['pillar.get']('secrets:fleet', None) -%}
 {%- set FLEETJWT = salt['pillar.get']('secrets:fleet_jwt', None) -%}
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 {% set MAINIP = salt['pillar.get']('node:mainip') %}
 {% set FLEETARCH = salt['grains.get']('role') %}
diff --git a/salt/grafana/init.sls b/salt/grafana/init.sls
index 666ce9caf..deaabf4e5 100644
--- a/salt/grafana/init.sls
+++ b/salt/grafana/init.sls
@@ -1,6 +1,6 @@
 {% set GRAFANA = salt['pillar.get']('master:grafana', '0') %}
 {% set MASTER = salt['grains.get']('master') %}
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 
 {% if grains['role'] in ['so-master', 'so-mastersearch', 'so-eval'] and GRAFANA == 1 %}
 
diff --git a/salt/hive/init.sls b/salt/hive/init.sls
index 179ac5e1a..2be2f7480 100644
--- a/salt/hive/init.sls
+++ b/salt/hive/init.sls
@@ -1,5 +1,5 @@
 {% set MASTERIP = salt['pillar.get']('master:mainip', '') %}
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 hiveconfdir:
   file.directory:
diff --git a/salt/idstools/init.sls b/salt/idstools/init.sls
index f7ffacd6b..eba5cfd26 100644
--- a/salt/idstools/init.sls
+++ b/salt/idstools/init.sls
@@ -12,7 +12,7 @@
 #
 #    You should have received a copy of the GNU General Public License
 #    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 # IDSTools Setup
 idstoolsdir:
diff --git a/salt/influxdb/init.sls b/salt/influxdb/init.sls
index d9305320d..49470cfc9 100644
--- a/salt/influxdb/init.sls
+++ b/salt/influxdb/init.sls
@@ -1,6 +1,6 @@
 {% set GRAFANA = salt['pillar.get']('master:grafana', '0') %}
 {% set MASTER = salt['grains.get']('master') %}
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 
 
 {% if grains['role'] in ['so-master', 'so-mastersearch', 'so-eval'] and GRAFANA == 1 %}
diff --git a/salt/kibana/init.sls b/salt/kibana/init.sls
index 0f0fa987e..975ec800e 100644
--- a/salt/kibana/init.sls
+++ b/salt/kibana/init.sls
@@ -1,4 +1,4 @@
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 {% set FEATURES = salt['pillar.get']('elastic:features', False) %}
 {% if FEATURES %}
diff --git a/salt/logstash/init.sls b/salt/logstash/init.sls
index 6488828e0..7b7ffe60b 100644
--- a/salt/logstash/init.sls
+++ b/salt/logstash/init.sls
@@ -12,7 +12,7 @@
 #
 #    You should have received a copy of the GNU General Public License
 #    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 {% set FEATURES = salt['pillar.get']('elastic:features', False) %}
 {% if FEATURES %}
diff --git a/salt/master/files/registry/scripts/so-docker-download b/salt/master/files/registry/scripts/so-docker-download
index 3f9faceb6..2670acf26 100644
--- a/salt/master/files/registry/scripts/so-docker-download
+++ b/salt/master/files/registry/scripts/so-docker-download
@@ -1,7 +1,7 @@
 #!/bin/bash
 
 MASTER={{ MASTER }}
-VERSION="HH1.2.1"
+VERSION="HH1.2.2"
 TRUSTED_CONTAINERS=( \
 "so-nginx:$VERSION" \
 "so-cyberchef:$VERSION" \
diff --git a/salt/master/init.sls b/salt/master/init.sls
index 7752311f8..4dab12a68 100644
--- a/salt/master/init.sls
+++ b/salt/master/init.sls
@@ -12,7 +12,7 @@
 #
 #    You should have received a copy of the GNU General Public License
 #    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 {% set masterproxy = salt['pillar.get']('static:masterupdate', '0') %}
 
diff --git a/salt/mysql/init.sls b/salt/mysql/init.sls
index a8e47ca5b..894bebaea 100644
--- a/salt/mysql/init.sls
+++ b/salt/mysql/init.sls
@@ -1,6 +1,6 @@
 {%- set MYSQLPASS = salt['pillar.get']('secrets:mysql', None) %}
 {%- set MASTERIP = salt['pillar.get']('static:masterip', '') %}
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 {% set MAINIP = salt['pillar.get']('node:mainip') %}
 {% set FLEETARCH = salt['grains.get']('role') %}
diff --git a/salt/nginx/init.sls b/salt/nginx/init.sls
index c630f1097..189b1d875 100644
--- a/salt/nginx/init.sls
+++ b/salt/nginx/init.sls
@@ -1,7 +1,7 @@
 {% set FLEETMASTER = salt['pillar.get']('static:fleet_master', False) %}
 {% set FLEETNODE = salt['pillar.get']('static:fleet_node', False) %}
 {% set MASTER = salt['grains.get']('master') %}
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 
 # Drop the correct nginx config based on role
 nginxconfdir:
@@ -37,7 +37,6 @@ so-nginx:
   docker_container.running:
     - image: {{ MASTER }}:5000/soshybridhunter/so-nginx:{{ VERSION }}
     - hostname: so-nginx
-    - user: socore
     - binds:
       - /opt/so:/opt/so:rw
       - /opt/so/conf/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
diff --git a/salt/nodered/init.sls b/salt/nodered/init.sls
index af58ab866..cb1068d30 100644
--- a/salt/nodered/init.sls
+++ b/salt/nodered/init.sls
@@ -61,7 +61,7 @@ noderedlog:
 
 so-nodered:
   docker_container.running:
-    - image: soshybridhunter/so-nodered:HH1.2.1
+    - image: soshybridhunter/so-nodered:HH1.2.2
     - interactive: True
     - binds:
       - /opt/so/conf/nodered/:/data:rw
diff --git a/salt/pcap/init.sls b/salt/pcap/init.sls
index 8f4f7d59a..93203ca5b 100644
--- a/salt/pcap/init.sls
+++ b/salt/pcap/init.sls
@@ -12,7 +12,7 @@
 #
 #    You should have received a copy of the GNU General Public License
 #    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 {% set INTERFACE = salt['pillar.get']('sensor:interface', 'bond0') %}
 {% set BPF_STENO = salt['pillar.get']('steno:bpf', None) %}
diff --git a/salt/playbook/init.sls b/salt/playbook/init.sls
index cb9c56d32..aed297eca 100644
--- a/salt/playbook/init.sls
+++ b/salt/playbook/init.sls
@@ -1,5 +1,5 @@
 {% set MASTERIP = salt['pillar.get']('master:mainip', '') %}
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 
 playbookdb:
diff --git a/salt/reactor/fleet.sls b/salt/reactor/fleet.sls
index fb2a71dec..215d69942 100644
--- a/salt/reactor/fleet.sls
+++ b/salt/reactor/fleet.sls
@@ -55,7 +55,7 @@ def run():
 
       # Run Docker container that will build the packages
       gen_packages = subprocess.run(["docker", "run","--rm", "--mount", "type=bind,source=/opt/so/saltstack/salt/fleet/packages,target=/output", \
-         "--mount", "type=bind,source=/etc/ssl/certs/intca.crt,target=/var/launcher/launcher.crt", f"{ MASTER }:5000/soshybridhunter/so-fleet-launcher:HH1.2.1", \
+         "--mount", "type=bind,source=/etc/ssl/certs/intca.crt,target=/var/launcher/launcher.crt", f"{ MASTER }:5000/soshybridhunter/so-fleet-launcher:HH1.2.2", \
          f"{ESECRET}", f"{HOSTNAME}:8090", f"{PACKAGEVERSION}.1.1"], stdout=subprocess.PIPE, encoding='ascii')  
       
       # Update the 'packages-built' timestamp on the webpage (stored in the static pillar)
diff --git a/salt/redis/init.sls b/salt/redis/init.sls
index c22838d7a..3b2f662f3 100644
--- a/salt/redis/init.sls
+++ b/salt/redis/init.sls
@@ -13,7 +13,7 @@
 #    You should have received a copy of the GNU General Public License
 #    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 {% set lsaccessip = salt['pillar.get']('master:lsaccessip', '') %}
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 
 # Redis Setup
diff --git a/salt/sensoroni/init.sls b/salt/sensoroni/init.sls
index 174687926..441394df6 100644
--- a/salt/sensoroni/init.sls
+++ b/salt/sensoroni/init.sls
@@ -1,4 +1,4 @@
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 
 sensoronidir:
diff --git a/salt/soc/init.sls b/salt/soc/init.sls
index bf133c36f..cc2c9dfd6 100644
--- a/salt/soc/init.sls
+++ b/salt/soc/init.sls
@@ -1,4 +1,4 @@
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 
 socdir:
diff --git a/salt/soctopus/init.sls b/salt/soctopus/init.sls
index 8ed4a514f..a4eb27f78 100644
--- a/salt/soctopus/init.sls
+++ b/salt/soctopus/init.sls
@@ -1,4 +1,4 @@
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 
 soctopusdir:
diff --git a/salt/strelka/init.sls b/salt/strelka/init.sls
index b9efef638..662144ca7 100644
--- a/salt/strelka/init.sls
+++ b/salt/strelka/init.sls
@@ -14,7 +14,7 @@
 #    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 {%- set MASTER = grains['master'] %}
 {%- set MASTERIP = salt['pillar.get']('static:masterip', '') %}
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 
 # Strelka config
 strelkaconfdir:
@@ -72,7 +72,7 @@ strelka_gatekeeper:
 
 strelka_frontend:
   docker_container.running:
-    - image: {{ MASTER }}:5000/soshybridhunter/so-strelka-frontend:HH1.2.1
+    - image: {{ MASTER }}:5000/soshybridhunter/so-strelka-frontend:HH1.2.2
     - binds:
       - /opt/so/conf/strelka/frontend/:/etc/strelka/:ro
       - /nsm/strelka/log/:/var/log/strelka/:rw
@@ -84,7 +84,7 @@ strelka_frontend:
 
 strelka_backend:
   docker_container.running:
-    - image: {{ MASTER }}:5000/soshybridhunter/so-strelka-backend:HH1.2.1
+    - image: {{ MASTER }}:5000/soshybridhunter/so-strelka-backend:HH1.2.2
     - binds:
       - /opt/so/conf/strelka/backend/:/etc/strelka/:ro
       - /opt/so/conf/strelka/backend/yara:/etc/yara/:ro
@@ -94,7 +94,7 @@ strelka_backend:
 
 strelka_manager:
   docker_container.running:
-    - image: {{ MASTER }}:5000/soshybridhunter/so-strelka-manager:HH1.2.1
+    - image: {{ MASTER }}:5000/soshybridhunter/so-strelka-manager:HH1.2.2
     - binds:
       - /opt/so/conf/strelka/manager/:/etc/strelka/:ro
     - name: so-strelka-manager
@@ -102,7 +102,7 @@ strelka_manager:
 
 strelka_filestream:
   docker_container.running:
-    - image: {{ MASTER }}:5000/soshybridhunter/so-strelka-filestream:HH1.2.1
+    - image: {{ MASTER }}:5000/soshybridhunter/so-strelka-filestream:HH1.2.2
     - binds:
       - /opt/so/conf/strelka/filestream/:/etc/strelka/:ro
       - /nsm/strelka:/nsm/strelka
diff --git a/salt/suricata/init.sls b/salt/suricata/init.sls
index f0b0f37c4..39f419ad0 100644
--- a/salt/suricata/init.sls
+++ b/salt/suricata/init.sls
@@ -15,7 +15,7 @@
 
 {% set interface = salt['pillar.get']('sensor:interface', 'bond0') %}
 {% set BROVER = salt['pillar.get']('static:broversion', '') %}
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 {% set BPF_NIDS = salt['pillar.get']('nids:bpf') %}
 {% set BPF_STATUS = 0  %}
diff --git a/salt/tcpreplay/init.sls b/salt/tcpreplay/init.sls
index d2e76aa8d..5a054bf5d 100644
--- a/salt/tcpreplay/init.sls
+++ b/salt/tcpreplay/init.sls
@@ -1,5 +1,5 @@
 {% if grains['role'] == 'so-sensor' or grains['role'] == 'so-eval' %}
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 
 so-tcpreplay:
diff --git a/salt/telegraf/init.sls b/salt/telegraf/init.sls
index 44a5686d9..834f77bf1 100644
--- a/salt/telegraf/init.sls
+++ b/salt/telegraf/init.sls
@@ -1,5 +1,5 @@
 {% set MASTER = salt['grains.get']('master') %}
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 
 # Add Telegraf to monitor all the things.
 tgraflogdir:
diff --git a/salt/wazuh/init.sls b/salt/wazuh/init.sls
index 83c7cbc9a..52c37c791 100644
--- a/salt/wazuh/init.sls
+++ b/salt/wazuh/init.sls
@@ -1,5 +1,5 @@
 {%- set HOSTNAME = salt['grains.get']('host', '') %}
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 # Add ossec group
 ossecgroup:
diff --git a/salt/zeek/init.sls b/salt/zeek/init.sls
index 16085fc3c..ea238a162 100644
--- a/salt/zeek/init.sls
+++ b/salt/zeek/init.sls
@@ -1,4 +1,4 @@
-{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.1') %}
+{% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 {% set MASTER = salt['grains.get']('master') %}
 {% set BPF_ZEEK = salt['pillar.get']('zeek:bpf', {}) %}
 {% set BPF_STATUS = 0  %}
diff --git a/setup/so-functions b/setup/so-functions
index a3339653d..d40cbc160 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -17,7 +17,7 @@
 
 SCRIPTDIR=$(dirname "$0")
 source $SCRIPTDIR/so-whiptail
-SOVERSION=1.2.1
+SOVERSION=1.2.2
 
 accept_salt_key_local() {
 	echo "Accept the key locally on the master" >> $SETUPLOG 2>&1
diff --git a/upgrade/so-update-functions b/upgrade/so-update-functions
index 373072a03..c5ba05a47 100644
--- a/upgrade/so-update-functions
+++ b/upgrade/so-update-functions
@@ -17,7 +17,7 @@
 
 # Set the new SO Version
 
-UPDATEVERSION=1.2.1
+UPDATEVERSION=1.2.2
 BUILD=HH
 
 #Determine the current install version

From 09abd723d1b07dfd580a94a0bf3a384eb0c7dd9c Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Fri, 24 Apr 2020 13:42:08 -0400
Subject: [PATCH 4/7] Add favicons back

---
 salt/nginx/html/favicon-16x16.png | Bin 0 -> 948 bytes
 salt/nginx/html/favicon-32x32.png | Bin 0 -> 3070 bytes
 salt/nginx/html/favicon.ico       | Bin 0 -> 5430 bytes
 salt/nginx/html/index.html        | 126 ++++++++++++++++++++++++++++++
 4 files changed, 126 insertions(+)
 create mode 100644 salt/nginx/html/favicon-16x16.png
 create mode 100644 salt/nginx/html/favicon-32x32.png
 create mode 100644 salt/nginx/html/favicon.ico
 create mode 100644 salt/nginx/html/index.html

diff --git a/salt/nginx/html/favicon-16x16.png b/salt/nginx/html/favicon-16x16.png
new file mode 100644
index 0000000000000000000000000000000000000000..a0a818d20901837cdd71a7e387140c4b27151e5a
GIT binary patch
literal 948
zcmV;l155mgP)<h;3K|Lk000e1NJLTq000mG000mO1^@s6AM^iV00009a7bBm000ie
z000ie0hKEb8vp<UW=TXrR5*=YlSxcm1ptP>x4#)4!)y%9P+(?=Mobx|N;Pp10$2{M
z-k@%=rg-p1(k7bJs~Qj0)Oav4F{TIYxh85nco5sDjg}PXV#UNTQ(!2wym_-R+k0Nb
zgWvW4zvCzHKW0)1x2CGk4Gs<@HC5}b)~dxqp?DYg@$2t@HqX9%@=}-EwN$Iuue95p
z3&No|n@Wn|NZ-<9k3RB2JRS>5qJSt$G@DI!ceZ)Bzkg6Fm9MI*GA~J@|KOlOtJVHN
z0GN9=DGm<}U3%g9lgpt{2;1(^>DZWN5lNIdGC0WQpZB?O<5%kS0~(Dc?M~ZP6y*~U
zV0dWo;)|yjmfP(X^;!*CR?sw!SS(JcuaDK$n;-}*ES^S^WU93qs;Ykc`Iq0ElTV#^
zdSY&N=6tb`CmM@$@9rHWS;lc3Y}=+(Dlt0xII5zsdUKUCub<)KhaX|vjvqiAiAUe^
z`+S5W18l6XF_sud*EBR$Ll6W~sY$Ap3R~$dj*gA7x%n4!v$K>e>y>veycrT>(b#;Y
zS|OX=B{81l`n79BV{yilNsb?XinX;{$clnt7_?d~a=9F-RElb?t~w6$vZiUeuIZFY
zCinli$K>QBD=RDb1Aa`?Wa7yQ);Bhoo}OZ5<tL)iDD74Y!!W2+Yhz-iQcjDKh_1VE
zfLuODVmyJWs!UByv$np@cp^b|H%qr+pzAsv+eVQUL{Zemy=?Y($94d4xm@&kdZ<=w
z6pJR7Wg!Xz!C;W0X`(0!;c!3se2#&E2tJ>0Uu-lQ-<to9!9b7)+uN9?Nnd|I>2#Vv
zFhJ%(21QY*)$8b*PCj2CIy}TkJa${wH1%r9Dm^s1jnHm3OTh2PFbsl$0J=-ZvdW~>
zX~N-t6h$GOPSe}li)C4MmtowJe);WoD=`{P`vbv6pU+FlvgqpSB9qBbESlK1O)M5=
zXM2Zkj|aEg&EDP~j$^;Q_}cP!62SEvYj=(v9dW!q|BT1uA)n8q>pHS5(dpO}3I&FS
zhbWiJ<nuWcS$g%Qv*$hokPl<(@p#_LZ2hf;BS+qGyWQxTh9C-nfa5sq@8?iem1eW~
z#lq70D~H~HH6C*L)A#4=2aPwpUhfl{rg;TXv>n?iG#ZT^kH_;>B+`HR*fXc>!~Z|R
WiDZX=O+ys`0000<MNUMnLSTYM9mgjC

literal 0
HcmV?d00001

diff --git a/salt/nginx/html/favicon-32x32.png b/salt/nginx/html/favicon-32x32.png
new file mode 100644
index 0000000000000000000000000000000000000000..b1b38d711cde98302b4271df15aad86150665bb9
GIT binary patch
literal 3070
zcmV<a3jy?rP)<h;3K|Lk000e1NJLTq001BW001Be1^@s6b9#F800009a7bBm000ie
z000ie0hKEb8vp<cut`KgR9J<TmwRwj=Xu6|=j=JVXLrx)vbqaN))fg!)*WO($U;K0
zTZFIyb7?BiIO!ir>dB-7^(512r<pV*#Z5g8?o2(!G%-m)V2g_Y195B_BZ-SuVq08Y
zgKP=VWp}l^lJ<Ho{X>}AA#Rgz=9@Wl=9}|8?|a_wdEQsxk6g`5t3+85RRKW}MGORC
z?o9uGMZW6%#<i=`Wm!6{C`x%O78@}P<L9C%?)g>kZ$bdV9|F31Wz}Lq5H{QG_O`Ut
zluD=5;g%&?Gz^_cG^&L|;fdL~x$C;24~l|#8o|7H^vxj+;F)#Jo3b)94ymdWEv_*)
zKhOMpXw-zSy>{^Q;QvXWwW+$?YPIfsw4%JTvZ7qf$Vfxib>guY@p%0HUU-g0V|Zs~
zn4b3F_05dNVzJ$#D4r5TVP|$`MwcjvXu5``>1dipEEbOlg3$JR3AC=P5fRL9FDYI8
zVpUb8;;=g~OoLb~hH09}l8nRQK(<-|h(y9nO->RF_>m-ucs$OGKR_rHLQ!m3EEY6P
zN7wZQ0=kB-8(3xejP$$UZB5mZAPPTO{#fI8Dl00euCB)EbbjfK`T4&yO%N7hFin%G
zsVN2r2DmdmhSe%#5mhu@BNmH41TF{yl121=DFbb*Y80zg{$<mO<r}K1s;I86=E{{T
zcs(9W(?k#jOv4}?4l_MHO&}0Jk}SC0DHIkJQ&UreBuU)7d4n^jPZJ7-9s)KD9lN50
zWLbV$5ctsp0&UH;lFcd~YH4nIs-a;ig@uK@+uzU3jF0q;Ol&qAx~^mBI*Q#+N=gcL
zyPetDS;oi4xOVL-0PXD^6craUH#f)O!@b=4<QAH~kbYg)Q4||ahkf14ul62?FWiET
zmioV2xxDcQZEbC&rl!*W&O2yYoYuBAxLmF;CLYr?(c*F9nuek%h@wb59%pc1fT5v5
zYU}D))3yc#fs-dsFfcHPrY&S3H6{73Y_;U>{*PV*KmvHOwV|va|B=60y0n4h<YZ2t
zdJ~r`fsQAhScs(e4T6CHf+!+M60@_j`2BuN)5LDKQ&zTwrd6wWyrqSb#U;Fc=ymRl
z-(l;vt#o#-BNmHs_PulHx{e8|&1z2qd;k`JvXZ>rD;gWCS2i{A)~`>Kl$=a!Ya3%@
zW1K$qCU%E|y7~qRi;74~Pp7=Rg68JOsjICcDJhw2*RFEz+<T;?q)<>$NL6(;S4Kv-
zbnz0^H8qr$mMzqhZw5`%ZD}dV!E+Zrcn`qR+1^-~mz(p->eg0aY;25RAV7P22Uo6)
zaJK(#N=ui}-qAryN(xCyNu;Hvk&uu;EEdDzbh2pCB5G^v5JZ7v$Bv=J<18*Ip`x;q
z;o)H>Cnu<^tRy2njlrSw%!k6HBquF-V)bJ$zdLwYmqbx~E-yD%%*)H;(7_&BR=0BJ
z&NxGZ12nCAobvK=#>d7ucI+sAzaK?Wh(@DmnuZ_<R8&^d(cZy|6)VZh&EvIwuMvqx
zSi829EnBwm(n~MVxU7-l;u5MKt>nU`VWxdE*=~1o2XNd{SG9Q8>Xyf|{WE?vO{2QH
zhBr^1ps2W*hK2@)hu`PqiQ^O%74!6lja1jvu&l9>=H_Pd^YgiO?Hc{>_LG~NLtfq^
zloXfn#^GM_a&yVe%OesFbNRQwrM|wNq{Kwd4Gs~F#wd6sH}spcm-<Af(^;I9>}GuY
zGm48#xPJXQ;ZTUj9$U`GH*eDa_S>|ywDPBGJ8`*OsH%#?VaG5`3JZ&P?zykixNI4F
z_PomN+qcNf%A$SE8jc=2hOX;0H#hUity}p0GvpWK<4#T@8jBH$Mw<X6Q4kz9n+>nm
zM@!2h&YU?-MdhOig1}pE{hFG(I_m1{86O|#jn@wmoSg+A9*<K|Q9)N%7cHw>F-_>{
zImq_y+gZMR1#iF8&*<oFii(QJ&B<YUYMR87B;4*~rafLF(OB`n{`dulXc&ek8i^oD
z5~9Vz{QNvw+1dQ}#~%}kL}+SSg~v0^&wuux<mBe^-S7StJ9hjv&p-b>q4^N6{QE0J
zA`w<KH)EP6BO@PSv)OpGvXZ-Z?g9dCw;RJW01yQcK@f<=<B}}NZc)?q@jxIzVqzk*
z!60^r1H)J_o{akn*x%nzW@Z*oKfM9FT_GNik(!!D_p{GpktEKaA40N7G&Iz6XZ#KT
ziHV8)uU!ZT_dP=tMKBk{%;8WJ5z`!*o}MNpH5HH7gWK)KKQn{d?Is)v1E9q<%F4<R
zMUnmc5AY8^`bUl)IfBI^(X?^}<M%;bE*F}vVVYpG*@#A?0H{tUp->1x5J*T&00CrK
z285Vsku1Y^?%p9YBa_LANis9Dn3%XnT6#J@uMfj8$j;8j=kwi<KtQrsxIH=wn51W9
zET|$T*;(0my*>m1a&vN+nw~}wAn%bpCMPEW$ji+I6I7?uu!t7FC|N9LCnqLINloSM
zy}RV*<S;fij@4=<Au)le$w?NMF6PSBtHfe4)~{brV`C$mH$Q_Q2m}HF?%lhGrfH<6
zrQz{R6OYHq%*w*&^I{mr0-32P0E!9=FfmC?Oq}Tc=J$i5j&Rj9&C$<3`xJ{PB8Vcg
zEE5O>sH&>w()*Xl$jGF$w3OEm9l~LEuzvk|a&mI<`MmV@9_BB;@eO2ICK&MJ@%jjd
zLnw;E{QNxg^K+=K1cJdJnx>JNnT4V#WTdBk2q5lx?WiHk^1+dhKBBy$f{~FC>gww`
zfBro6_4R!6$t^}lN9pS7LN^S4ylWSG_wHr)?%llj;!mipsiB~-kg3T@_8;hB+tw|(
zTnWs~`0)A`3`-CMW@qP!#iH13Hd0gEIGxUs2W}`ymRE1zzP+PuO}p6FcZ_Y@{)~$k
zFW~Wb=<e=j@7}#U+uhBUEnB#8<2s@!lHf`}b*UsIB%<p&eaHLgTGvTYaS6ddfP)7Q
zv1RinT&@Jh$H$0k8dj^7Kp=pss>rf@<AECvT^jMOZmM76o0+Mst*zt34?m!zql2EF
zgVfYiQ&CaD{sRZd&dQ>ou#oihbR146U=r}paICM7a5zGHdk22MpMCrG@znbDEG{d<
z=ks#-@KLsH-9kcQBBxHBA!kw6oIAz+m-`MJnSaob{O$Iy=Y%8C57xAIxF;tkNlQ&7
zBQulU-d?)9yYWm<v;RO3x~?J1GO{EgTV)i*PFh+jt*cv6T`o?ZJVE)Aa`FobxN+kK
zmoHzYv$GRbRT&r<V0830jmwrk*Shx4fA*!02;hg`|7O?ReCY6ojhn>b;bF?k%1~96
zGiT1QapOjuPA7(;1HuDw`CMQ$O=DnSfR9E-`1ZHH#cVLhvA#aGZrut%-|^$<nr773
z)@+Yz#!oxeea(1?0Kl%l|IUu!?EH%xH$B79&>+>-H5i7$fu0^RGcw4^TBu^fFo;AV
zghC-gp)i4fAFIvA*3Fx7B_we2<Vlt<Uru6TBER^>FDb~+^W^2_bg$~zdg_aK54Gij
zB>hWjN^;84BZt5D)YBWdaN#_qrKRlHz8$aELm&`9({v<B!fsb^I-DqW1*_GH#Ui0;
z8pltZAQp|1oSe+fn>VrB6$<k6*REKz>Ec6pzxx7U_dk74lqAbeuP^XIS63H<LqkkV
zOpue4Lw0sHE>*>1v0#`6k#K~$`FUpN=9moz`SjCIS+ZmaEiEm~&CPM(Ko3to(SD$*
z{h4jQ59=#OvpqlkfhdZ?PLFryg_6akl$Vz?8w}#{dhhr91{RBm-EPO}bfT&%s;XkO
zS`h?+YuB#v{`<qMYFcqtRn>L%O`X9%iooaVS9^9n8Hq%H=$r93SZy{GML|_vIGqk;
z*@~{~M59r{;V_X%<Uwturly9Ll$HLoAh5G`#oDi&p8uff_??6QCI&PrMN#aKBui~5
z9L<ZxV{QS#YOz=}MNvYks`^ybIVFmgyP_!G5Jd4v?eahI{D0s6A4l;G_H~)2=l}o!
M07*qoM6N<$g729J8UO$Q

literal 0
HcmV?d00001

diff --git a/salt/nginx/html/favicon.ico b/salt/nginx/html/favicon.ico
new file mode 100644
index 0000000000000000000000000000000000000000..41e85a10878ce0eb2f92ae2db57af1eeb47c0acb
GIT binary patch
literal 5430
zcmbtYX-rjT8a~oyZ2ZwSlg3}o)J!H#(@ferQ@hz(MFkWPQ1*Sf?7M)h!e!rA;ev2M
z)(f(UB7%U(qNs?rwrZ`Najf-6W17a9G{!Wf?>x_UduN>5X>3aJalUiz`QH6~-uFG4
zwo0?oo_}7$b)6RRw5GkRY1+DV=KDT8ufnre@C;kLVSbLw6a5t$+HJC{8vCl+dT%!L
z4Bu<)J@U1oXZU(`Tkmx1;8^h3;zw3LM<}iIfK^ISO+jt@VL8}0BJD>eq~qvG>BQ<7
znUF)nC#2{2v{bd3j6ZiiDzhNl&@-got!^_3_f4QfTHKE=Tm;Q=sqY>XL+^<9qcr^E
z)7*Kc4LoYw`=smGq*S%`NPX9U;yZrsBWdU!lHL<DGIIKy9O&$qlBV`#((sB(TC=~h
z;cN2Z8OlvQqw^PK>f)y|eCn*!9O{+6iCJkI8iNj}lpcAt2Ul8$$Jgx%iSe#z>4uy~
z#WXgfc$PM`gWrIZ9qf?Wj>FP5I;Hd|YG{>(Prgv}vMU>;wsX+gJ1VK$IB*>22Bi*i
z9ho_&-rZkOFMZ>uCA-ofvmf11bm0RfQz!Hbj7yOOeQDO-ys{gukc;O_!LJ>*CcjGP
za^mbIA)UdgGtxae4S711ZTQ?~kGBNGr`6<C86LFsk4iaoD8=u`7nUWZpi+t(4@qiq
zwG2!yK!ygHUcRcXE&a!2;@row#mP<lV)vD#6<2?I0CuLH$L20bT5%0*w*;9#lbK7`
zq@dm?JVU?H|CwcVatgFIY~3N@X?eaL;c<P3hR3D<<ecQywaD0+Wzgz}jr!;#$a4|?
zA69$5LqEgzvdPi)VR(A}+PAmcze&GU<Nc$v=cUMSNXnW!l`W`4T1kzH!QK<6VT%S8
zN1L78#la_}%@RY7KEV}?Q|duGF-Ev1FI-VN6~b@IH+bfzi<K?Tp5o{iT46c=#s^!i
zcKHO?H1!@)@iH*AAcqkzj49f70`W(k5NqNR6eafFA!6$hu;SpWtNIU(jn-DSZa%u0
z%=~-wT^01<8Tut5w_JQ;QXcH`3o{|!zHtkSmtFqhvePSg(sJH%eQo2GHE(XQ+vVgR
zn(eNODYN$u%6QMt$r+1qpzZVussfGsJH3Mqw(kDVKYU5kZm%}4*{3v3zskG-F8}@G
z{>SJ1eHOR(v3~fc8E4jEzZr{o^jrQK`cGRmm_}Y}>^qj+Jb0q}K-b`WWt-_Lu?V)f
ze(><I<({#b$&tCG?$L$ivaz$5b;#`(ehW{_*)pTaF2BBQDJj1~G7zJAb<HZ)4jw+L
zFvK`8iku#lik2=ZIMAYEFr&1VnDHIt&;u8rvC#T8*W5azRbG8tNn&o9Fn;E*e6Dhk
znAvC=mIlNmuf(K*$$1%HybKJvDHm?smZi_XRCpPeRRDaNn>~K!(zCyYH!(Z2vauv4
zvjDOFiR9KaNo1N{3X!wKYv%s&sYMx_Hsc4exYF1qzzhkDPZi=E<zPOCC1=UN)EU#0
z^50ufZk1eAQxu-6my_o|mR#gCG4}jt|B&OrfS$2aDsN4=4$my&ohvd2+nmGi7jNE?
zbJuT)zS<z^$Zy^gTlN)JLe|B%o<xQ?eOYoyQkKfiZ0JLrA4J}|>7oTWsBBPa?3Qw1
zNj_qMd=j#Yl-}X{_Cx1uiZ5+OoS+@(hYDlQy}ro>yI+zaB0YbXe_ZMc@shS=T_R@2
z;yiJa`kV(ni;sD~{KZ#l(LR(bC?Qq(fBNE8iHBUY2UliUt)v!Jt@Mu1CG?C=K31!P
zllH&p6P^4G<BRpFZRmum6S|~Knfv&LsugY_(c%&qA?~5E;vKmcbs|+FQgb8=wPfbf
zbtRu3diS54SNm?%o20xlIeppu8|!6!PO)^4%>@3`4t{ZIrp)pKsFkNwjX8xH5tNXo
z>I?nu8=a)+E?)b)(x2DUunF>A67?lQIcblnrB5UvZXa;^JnV8uCJ;lqy&0$h7u4^W
z$W49C!GE<Mom^{?0r>l}TWH)0&&KXARQ3voUi1TF&?78P<sNymmtZYr{7>S2`hqJ0
z`O!N*t9-#22mw#xJY`~>ItPTQ7^OU}!I5Gd8rNC)yNAV>>?^8PbeZeyCx|8FN4=Tf
z<UxP#!P%(vT&1Ipt1n``N%0&zb4h%n_6l){JjrL<ZZDx7dDa!aW1h@kxhZz;egZ5l
zBY!7<ofT@&E%pW}g;jFq(=Q}CBVVS`<FFrM4v-$}bE3W!w7yjQ7<VTT-_8Ny$}hY>
zhTh29#Z&Pl2D$2DWCp%xYzD%YyiP5BDsQ32SG4w?Ab-@WKkp8XR``~bU#{c}OUYI|
zb-)hxTkP>Dzs2Y5U5=pUk|%pf)GOsPVkCJo-nnOdQjSURjDzj?e&?|%K`lfNQ*)R6
z?R`R`qB8Q7KP!zrD*o7SoW1%t#Ce=L&*$v7cs>EKX5;3E_)k<aj-a<7=Fvt&(`OY<
z^1Z_obFw$LRGneWu;1Zx;==12tr0J|E5%J+&)Rte8Vl=N#Q-et23E1gvo~PB$C%=o
zq`Y#~_i)b`*b2X9l-9{Ic%t@60&;5k=2xmuVGi**v7i_|5BH3b7St)8*Cl1h>+f5m
zM@x|cL;D|gcm|$t1`X=W{*C8}cj)Przj=oJUIg%%wj|Cnrnsj+nQP^!edJ$cXajCF
zDn9IKt6EKpe@a1x!fo0Jy@%4@Ga^Cq4eft&@X_6+tyo{_U)DQfZWsLI1&pB|*rz)M
zM5vyPSi(9thF&!)Jr6OTq+*t`><NyNX7rRw=AtSyf5@MVxT0;z-xcpre=qniv%>Hq
zdZ&l%594!6R1cnoUXVRA=>;WbsQ!}l*!KY+(O-qBwZkh&lA+f;Wa01Zp&6r$J<5#!
zO4Y54_$@dwUCjXGzdI;G#UF6~`+X&~YaD%b-?D$rh5h@0AM7{7Q*#v^&JFHi32KJm
zSqts6uoE$v&*+D;<}QIBr5`v!S?CYX@OYK?#AO>dUo{^rLbfgFajCy9CFeTh-`d4%
zsR=U*d+q!KMn#W4z&xgC5yLzp5+w&Q#Ck?NBsNfQ)@8;hbB?_Lc{5*aJ^Yovyl3pO
zMsQDk)^FM-8?1LobXIXQ`M+zsD=z`Ir*4>A6y_2yLz4F^TksrnAuu6boC71p6SA;Z
zcJ!kk!c|YkImq&!OHd?aZB({lPsCicU_bpp-DwZhS_krfd%MFQ5jQLB%h}8AN1oHB
z%-N9SZ1j4)iWY6nMLxVT4k<J5`99|y^zAC=mOj6uVwt$Wo{{gEP|M%iwo~cv5uSKA
zBsu4I<j=o%Y#dBk<@L&6S>R9qkq7fI3RrBZi@aw|Wqy!9doyB1DDV<BM9nDV#r$Ay
z1jeVSSY%$ghsG%WA3C~<e|&m|nX~!-o7Q%(psqZm&YaECN@}I3p-t(>nwSo(iOMLD
zn5;tOBlbs_6@<9WoG3utFdoVKC~Br(ObT!?SJfNp!CC8l``z-cofGmn{65b7{!#wi
z|8=uXHtX6D;)t{uH<_>r^(0;95wB_wnv2)W7*E^t8GXTdn=%n=&wpmF%dB79_V~zV
zClA@=;7T01yE`=YvHoZMrmauIKf{=tRo}&$S=!XWI-&Y~ersSo<owBgm%iXk%2~V|
z`A4ka;yh`I5B3tA>FhiLWIJj#a!rUEyF+4B?ETaRm=~YH{5u$jbBsmOVSi7($fE+7
z&Rox}ZC1X(oGpRiN$lh-KpXH3v5vpdN6Z;V-%!Pub#fczaPSTN4mnif5*+>5T=4q)
zTc1Xb*07hYLrh!zYO%ffYRQBD^$G34y5tv|D!$<F6`3TQN$C^fH?UspfK$v#%Hk9d
z`LlDu8<=^Kr!nX^AF%(Y?)-+4&-n^HH|rX|CsAiEVio;_?*_n?A_)V2dW0t^jBrH_
zCw{qNJ|}Jf?*%ii@(JuR@lzi>dJh?1-C%7u5)hlR!dPg-H=q{OMa-g7(=j0BMw1ja
zc8I>tC>iAjiA1iVk7T^v+T`fA7cuwh78lPEPt-B*sAO@6O!NtDff@Y)V&lC>`Tf5=
z`jwX<OV&Hv?Pu)00`FlKS@A~wWM7KD@_So1zdIXuI8VM~>!`;(|K7VhobaX3{0BK)
zDHG$wH)fx*fvtPME!h8wcw6XLuCHy_WQ90=cKrw2)~^51=7qm(w)w^R_5=GpYw=y=
zGV0UAt-HOKv5&)bjfI}vUoE27<Ofa5S<$o)ADY)o_>S=0ZB1J}t7%Vh>G2ui(WR*`
k5B&P@*y6ifJiGe#j|=oxfwl%dnrKh0lH1Sai%9jq0koW!qyPW_

literal 0
HcmV?d00001

diff --git a/salt/nginx/html/index.html b/salt/nginx/html/index.html
new file mode 100644
index 000000000..92c89f536
--- /dev/null
+++ b/salt/nginx/html/index.html
@@ -0,0 +1,126 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<title>Security Onion - Hybrid Hunter</title>
+<meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1">
+<link rel="icon" type="image/png" href="favicon-32x32.png" sizes="32x32" />
+<link rel="icon" type="image/png" href="favicon-16x16.png" sizes="16x16" />
+<style>
+* {
+  box-sizing: border-box;
+  font-family: Arial, Helvetica, sans-serif;
+	padding-left: 30px;
+	padding-right: 30px;
+}
+
+body {
+  font-family: Arial, Helvetica, sans-serif;
+	background-color: #2a2a2a;
+
+}
+a {
+	color: #f2f2f2;
+	text-align: left;
+	padding: 0px;
+}
+
+.center {
+	margin: 0 auto;
+}
+
+/* Style the top navigation bar */
+.topnav {
+  overflow: hidden;
+  background-color: #333;
+	width: 1080px;
+}
+
+/* Style the topnav links */
+.topnav a {
+  float: left;
+  display: block;
+  color: #f2f2f2;
+  text-align: center;
+  padding: 14px 16px;
+  text-decoration: none;
+}
+
+/* Change color on hover */
+.topnav a:hover {
+  background-color: #ddd;
+  color: black;
+}
+
+/* Style the content */
+.content {
+  background-color: #2a2a2a;
+  padding: 10px;
+	padding-top: 20px;
+	padding-left: 60px;
+	color: #E3DBCC;
+	width: 1080px;
+}
+
+/* Style the footer */
+.footer {
+  background-color: #2a2a2a;
+  padding: 60px;
+	color: #E3DBCC;
+	width: 1080px;
+}
+</style>
+</head>
+<body>
+	<div class="center">
+		<div class="topnav center">
+			<a href="/kibana/" target="_blank">Kibana</a>
+			<a href="/grafana/" target="_blank">Grafana</a>
+			<a href="/sensoroni/" target="_blank">Sensoroni</a>
+      <a href="/playbook/" target="_blank">Playbook</a>
+			<a href="/fleet/" target="_blank">Fleet</a>
+			<a href="/thehive/" target="_blank">TheHive</a>
+			<a href="/packages/" target="_blank">Osquery Packages</a>
+			<a href="https://github.com/Security-Onion-Solutions/securityonion-saltstack/wiki/FAQ" target="_blank">FAQ</a>
+			<a href="https://www.securityonionsolutions.com" target="_blank">Security Onion Solutions</a>
+			<a href="https://blog.securityonion.net" target="_blank">Blog</a>
+		</div>
+
+		<div class="content center">
+			<center><a href="https://securityonion.net"><img STYLE="border: none;" src="alpha_logo.jpg" alt="Security Onion" align="center" target="_blank"></img></a><br></center>
+
+			<p><center><h1>Hybrid Hunter Alpha v1.1.2 Release Notes</h1></center><br>
+				<h2>Changes:</h2>
+				<ul>
+          <li>Alpha 2 is here!</li>
+          <li>Suricata 4.1.5.</li>
+          <li>Bro/Zeek 2.6.4.</li>
+          <li>TheHive 3.4.0 (Includes ES 6.8.3 for TheHive only).</li>
+          <li>Fixed Bro/Zeek packet loss calculation for Grafana.</li>
+          <li>Updated to latest Sensoroni for websockets to enable job status updates without refreshing.</li>
+          <li>NIDS and HIDS dashboard updates.</li>
+          <li>Playbook and ATT&CK Navigator features are now included.</li>
+          <li>Filebeat now logs to a file, instead of stdout.</li>
+          <li>Elastalert has been updated to use Python 3 and allow for use of custom alerters.</li>
+          <li>Elasticsearch Ingest is now used to consume Zeek logs and Suricata alerts (instead of the traditional Logstash pipeline). This reduces the memory footprint of Logstash dramatically!</li>
+          <li>Several changes to the setup script have been made to improve stability of the setup process:</li>
+              <ul>
+                  <li>Setup now modifies your hosts file so that the install works better in environments without DNS.</li>
+                  <li>You are now prompted for setting a password for the socore user.</li>
+                  <li>The install now forces a reboot at the end of the install. This fixes an issue with some of the Docker containers being in the wrong state from a manual reboot. Manual reboots are fine after the initial reboot.</li>
+              </ul>
+          <li>Check out the <a href="https://github.com/Security-Onion-Solutions/securityonion-saltstack/wiki/Hybrid-Hunter-Quick-Start-Guide" target="_blank">Hybrid Hunter Quick Start Guide</a>.</li>
+        </ul>
+      </p>
+		</div>
+
+		<div class="footer center">
+		<b>Disclaimer of Warranty</b><br>
+			<small>THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM .AS IS. WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.</small><br>
+			<br>
+			<b>Limitation of Liability</b><br>
+			<small>IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.</small><br>
+		</div>
+	</div>
+</body>
+</html>

From 3136affc9114f2f175ba0b811bfaabb988e2874d Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Fri, 24 Apr 2020 14:24:33 -0400
Subject: [PATCH 5/7] updating nginx index.html - issue/587

---
 salt/nginx/html/index.html | 115 +------------------------------------
 salt/nginx/init.sls        |  14 ++++-
 2 files changed, 12 insertions(+), 117 deletions(-)

diff --git a/salt/nginx/html/index.html b/salt/nginx/html/index.html
index 92c89f536..70d1ddfb0 100644
--- a/salt/nginx/html/index.html
+++ b/salt/nginx/html/index.html
@@ -6,121 +6,8 @@
 <meta name="viewport" content="width=device-width, initial-scale=1">
 <link rel="icon" type="image/png" href="favicon-32x32.png" sizes="32x32" />
 <link rel="icon" type="image/png" href="favicon-16x16.png" sizes="16x16" />
-<style>
-* {
-  box-sizing: border-box;
-  font-family: Arial, Helvetica, sans-serif;
-	padding-left: 30px;
-	padding-right: 30px;
-}
-
-body {
-  font-family: Arial, Helvetica, sans-serif;
-	background-color: #2a2a2a;
-
-}
-a {
-	color: #f2f2f2;
-	text-align: left;
-	padding: 0px;
-}
-
-.center {
-	margin: 0 auto;
-}
-
-/* Style the top navigation bar */
-.topnav {
-  overflow: hidden;
-  background-color: #333;
-	width: 1080px;
-}
-
-/* Style the topnav links */
-.topnav a {
-  float: left;
-  display: block;
-  color: #f2f2f2;
-  text-align: center;
-  padding: 14px 16px;
-  text-decoration: none;
-}
-
-/* Change color on hover */
-.topnav a:hover {
-  background-color: #ddd;
-  color: black;
-}
-
-/* Style the content */
-.content {
-  background-color: #2a2a2a;
-  padding: 10px;
-	padding-top: 20px;
-	padding-left: 60px;
-	color: #E3DBCC;
-	width: 1080px;
-}
-
-/* Style the footer */
-.footer {
-  background-color: #2a2a2a;
-  padding: 60px;
-	color: #E3DBCC;
-	width: 1080px;
-}
-</style>
 </head>
 <body>
-	<div class="center">
-		<div class="topnav center">
-			<a href="/kibana/" target="_blank">Kibana</a>
-			<a href="/grafana/" target="_blank">Grafana</a>
-			<a href="/sensoroni/" target="_blank">Sensoroni</a>
-      <a href="/playbook/" target="_blank">Playbook</a>
-			<a href="/fleet/" target="_blank">Fleet</a>
-			<a href="/thehive/" target="_blank">TheHive</a>
-			<a href="/packages/" target="_blank">Osquery Packages</a>
-			<a href="https://github.com/Security-Onion-Solutions/securityonion-saltstack/wiki/FAQ" target="_blank">FAQ</a>
-			<a href="https://www.securityonionsolutions.com" target="_blank">Security Onion Solutions</a>
-			<a href="https://blog.securityonion.net" target="_blank">Blog</a>
-		</div>
-
-		<div class="content center">
-			<center><a href="https://securityonion.net"><img STYLE="border: none;" src="alpha_logo.jpg" alt="Security Onion" align="center" target="_blank"></img></a><br></center>
-
-			<p><center><h1>Hybrid Hunter Alpha v1.1.2 Release Notes</h1></center><br>
-				<h2>Changes:</h2>
-				<ul>
-          <li>Alpha 2 is here!</li>
-          <li>Suricata 4.1.5.</li>
-          <li>Bro/Zeek 2.6.4.</li>
-          <li>TheHive 3.4.0 (Includes ES 6.8.3 for TheHive only).</li>
-          <li>Fixed Bro/Zeek packet loss calculation for Grafana.</li>
-          <li>Updated to latest Sensoroni for websockets to enable job status updates without refreshing.</li>
-          <li>NIDS and HIDS dashboard updates.</li>
-          <li>Playbook and ATT&CK Navigator features are now included.</li>
-          <li>Filebeat now logs to a file, instead of stdout.</li>
-          <li>Elastalert has been updated to use Python 3 and allow for use of custom alerters.</li>
-          <li>Elasticsearch Ingest is now used to consume Zeek logs and Suricata alerts (instead of the traditional Logstash pipeline). This reduces the memory footprint of Logstash dramatically!</li>
-          <li>Several changes to the setup script have been made to improve stability of the setup process:</li>
-              <ul>
-                  <li>Setup now modifies your hosts file so that the install works better in environments without DNS.</li>
-                  <li>You are now prompted for setting a password for the socore user.</li>
-                  <li>The install now forces a reboot at the end of the install. This fixes an issue with some of the Docker containers being in the wrong state from a manual reboot. Manual reboots are fine after the initial reboot.</li>
-              </ul>
-          <li>Check out the <a href="https://github.com/Security-Onion-Solutions/securityonion-saltstack/wiki/Hybrid-Hunter-Quick-Start-Guide" target="_blank">Hybrid Hunter Quick Start Guide</a>.</li>
-        </ul>
-      </p>
-		</div>
-
-		<div class="footer center">
-		<b>Disclaimer of Warranty</b><br>
-			<small>THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM .AS IS. WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.</small><br>
-			<br>
-			<b>Limitation of Liability</b><br>
-			<small>IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.</small><br>
-		</div>
-	</div>
+Security Onion
 </body>
 </html>
diff --git a/salt/nginx/init.sls b/salt/nginx/init.sls
index 189b1d875..41a4c094d 100644
--- a/salt/nginx/init.sls
+++ b/salt/nginx/init.sls
@@ -6,11 +6,18 @@
 # Drop the correct nginx config based on role
 nginxconfdir:
   file.directory:
-    - name: /opt/so/conf/nginx
+    - name: /opt/so/conf/nginx/html
     - user: 939
     - group: 939
     - makedirs: True
 
+nginxhtml:
+  file.recurse:
+    - name: /opt/so/conf/nginx/html
+    - source: salt://nginx/html/
+    - user: 939
+    - group: 939
+
 nginxconf:
   file.managed:
     - name: /opt/so/conf/nginx/nginx.conf
@@ -38,7 +45,7 @@ so-nginx:
     - image: {{ MASTER }}:5000/soshybridhunter/so-nginx:{{ VERSION }}
     - hostname: so-nginx
     - binds:
-      - /opt/so:/opt/so:rw
+      - /opt/so/conf/nginx/html:/opt/socore/html:ro
       - /opt/so/conf/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
       - /opt/so/log/nginx/:/var/log/nginx:rw
       - /opt/so/tmp/nginx/:/var/lib/nginx:rw
@@ -54,4 +61,5 @@ so-nginx:
       - 8090:8090
     {%- endif %}
     - watch:
-      - file: nginxconf
\ No newline at end of file
+      - file: nginxconf
+      - file: nginxconfdir

From d69551492954325d6672e9b01a67dd0c54280a94 Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Fri, 24 Apr 2020 14:28:23 -0400
Subject: [PATCH 6/7] Fix Error locations

---
 salt/nginx/etc/nginx.conf.so-eval         | 8 ++++----
 salt/nginx/etc/nginx.conf.so-fleet        | 8 ++++----
 salt/nginx/etc/nginx.conf.so-heavynode    | 8 ++++----
 salt/nginx/etc/nginx.conf.so-helix        | 8 ++++----
 salt/nginx/etc/nginx.conf.so-master       | 8 ++++----
 salt/nginx/etc/nginx.conf.so-mastersearch | 8 ++++----
 salt/nginx/etc/nginx.conf.so-node         | 8 ++++----
 salt/nginx/etc/nginx.conf.so-sensor       | 8 ++++----
 8 files changed, 32 insertions(+), 32 deletions(-)

diff --git a/salt/nginx/etc/nginx.conf.so-eval b/salt/nginx/etc/nginx.conf.so-eval
index e2615808f..61d91ba20 100644
--- a/salt/nginx/etc/nginx.conf.so-eval
+++ b/salt/nginx/etc/nginx.conf.so-eval
@@ -299,12 +299,12 @@ http {
           return        302 /auth/self-service/browser/flows/login;
         }
 
-        error_page 404 /404.html;
-            location = /40x.html {
-        }
+        #error_page 404 /404.html;
+        #    location = /usr/share/nginx/html/40x.html {
+        #}
 
         error_page 500 502 503 504 /50x.html;
-            location = /50x.html {
+            location = /usr/share/nginx/html/50x.html {
         }
     }
 
diff --git a/salt/nginx/etc/nginx.conf.so-fleet b/salt/nginx/etc/nginx.conf.so-fleet
index a97b85e78..28372f448 100644
--- a/salt/nginx/etc/nginx.conf.so-fleet
+++ b/salt/nginx/etc/nginx.conf.so-fleet
@@ -86,12 +86,12 @@ http {
 
         }
 
-        error_page 404 /404.html;
-            location = /40x.html {
-        }
+        #error_page 404 /404.html;
+        #    location = /40x.html {
+        #}
 
         error_page 500 502 503 504 /50x.html;
-            location = /50x.html {
+            location = /usr/share/nginx/html/50x.html {
         }
     }
 
diff --git a/salt/nginx/etc/nginx.conf.so-heavynode b/salt/nginx/etc/nginx.conf.so-heavynode
index 39688f3df..f3fc913de 100644
--- a/salt/nginx/etc/nginx.conf.so-heavynode
+++ b/salt/nginx/etc/nginx.conf.so-heavynode
@@ -77,12 +77,12 @@ http {
 #        location / {
 #        }
 #
-#        error_page 404 /404.html;
-#            location = /40x.html {
-#        }
+#        #error_page 404 /404.html;
+#        #    location = /40x.html {
+#        #}
 #
 #        error_page 500 502 503 504 /50x.html;
-#            location = /50x.html {
+#            location = /usr/share/nginx/html/50x.html {
 #        }
 #    }
 
diff --git a/salt/nginx/etc/nginx.conf.so-helix b/salt/nginx/etc/nginx.conf.so-helix
index 39688f3df..e5a68c09d 100644
--- a/salt/nginx/etc/nginx.conf.so-helix
+++ b/salt/nginx/etc/nginx.conf.so-helix
@@ -47,12 +47,12 @@ http {
         location / {
         }
 
-        error_page 404 /404.html;
-            location = /40x.html {
-        }
+        #error_page 404 /404.html;
+        #    location = /40x.html {
+        #}
 
         error_page 500 502 503 504 /50x.html;
-            location = /50x.html {
+            location = /usr/share/nginx/html/50x.html {
         }
     }
 
diff --git a/salt/nginx/etc/nginx.conf.so-master b/salt/nginx/etc/nginx.conf.so-master
index e2615808f..46e910a17 100644
--- a/salt/nginx/etc/nginx.conf.so-master
+++ b/salt/nginx/etc/nginx.conf.so-master
@@ -299,12 +299,12 @@ http {
           return        302 /auth/self-service/browser/flows/login;
         }
 
-        error_page 404 /404.html;
-            location = /40x.html {
-        }
+        #error_page 404 /404.html;
+        #    location = /40x.html {
+        #}
 
         error_page 500 502 503 504 /50x.html;
-            location = /50x.html {
+            location = /usr/share/nginx/html/50x.html {
         }
     }
 
diff --git a/salt/nginx/etc/nginx.conf.so-mastersearch b/salt/nginx/etc/nginx.conf.so-mastersearch
index e2615808f..46e910a17 100644
--- a/salt/nginx/etc/nginx.conf.so-mastersearch
+++ b/salt/nginx/etc/nginx.conf.so-mastersearch
@@ -299,12 +299,12 @@ http {
           return        302 /auth/self-service/browser/flows/login;
         }
 
-        error_page 404 /404.html;
-            location = /40x.html {
-        }
+        #error_page 404 /404.html;
+        #    location = /40x.html {
+        #}
 
         error_page 500 502 503 504 /50x.html;
-            location = /50x.html {
+            location = /usr/share/nginx/html/50x.html {
         }
     }
 
diff --git a/salt/nginx/etc/nginx.conf.so-node b/salt/nginx/etc/nginx.conf.so-node
index 39688f3df..e5a68c09d 100644
--- a/salt/nginx/etc/nginx.conf.so-node
+++ b/salt/nginx/etc/nginx.conf.so-node
@@ -47,12 +47,12 @@ http {
         location / {
         }
 
-        error_page 404 /404.html;
-            location = /40x.html {
-        }
+        #error_page 404 /404.html;
+        #    location = /40x.html {
+        #}
 
         error_page 500 502 503 504 /50x.html;
-            location = /50x.html {
+            location = /usr/share/nginx/html/50x.html {
         }
     }
 
diff --git a/salt/nginx/etc/nginx.conf.so-sensor b/salt/nginx/etc/nginx.conf.so-sensor
index 39688f3df..e5a68c09d 100644
--- a/salt/nginx/etc/nginx.conf.so-sensor
+++ b/salt/nginx/etc/nginx.conf.so-sensor
@@ -47,12 +47,12 @@ http {
         location / {
         }
 
-        error_page 404 /404.html;
-            location = /40x.html {
-        }
+        #error_page 404 /404.html;
+        #    location = /40x.html {
+        #}
 
         error_page 500 502 503 504 /50x.html;
-            location = /50x.html {
+            location = /usr/share/nginx/html/50x.html {
         }
     }
 

From 8a64ba727ff7531614679e21f350cd259292d6c9 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Fri, 24 Apr 2020 16:18:55 -0400
Subject: [PATCH 7/7] remote html bind for nginx

---
 salt/nginx/init.sls | 1 -
 1 file changed, 1 deletion(-)

diff --git a/salt/nginx/init.sls b/salt/nginx/init.sls
index 41a4c094d..296774a02 100644
--- a/salt/nginx/init.sls
+++ b/salt/nginx/init.sls
@@ -45,7 +45,6 @@ so-nginx:
     - image: {{ MASTER }}:5000/soshybridhunter/so-nginx:{{ VERSION }}
     - hostname: so-nginx
     - binds:
-      - /opt/so/conf/nginx/html:/opt/socore/html:ro
       - /opt/so/conf/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
       - /opt/so/log/nginx/:/var/log/nginx:rw
       - /opt/so/tmp/nginx/:/var/lib/nginx:rw