From 9ee9a199b149ffec4a9c909be8ece46770903b7c Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Wed, 9 Sep 2020 12:50:22 -0400
Subject: [PATCH 1/7] predefine each component as 0 to fix issues with it being
 unset

---
 setup/so-whiptail | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/setup/so-whiptail b/setup/so-whiptail
index d760373af..52f60501a 100755
--- a/setup/so-whiptail
+++ b/setup/so-whiptail
@@ -412,6 +412,13 @@ whiptail_enable_components() {
 
 	[ -n "$TESTING" ] && return
 
+	GRAFANA=0
+	OSQUERY=0
+	WAZUH=0
+	THEHIVE=0
+	PLAYBOOK=0
+	STRELKA=0
+
 	COMPONENTS=$(whiptail --title "Security Onion Setup" --checklist \
 	"Select Components to install" 20 75 8 \
 	GRAFANA "Enable Grafana for system monitoring" ON \

From 3433b90029c5e5498c85d06d1402a9e6fc628972 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Wed, 9 Sep 2020 13:53:10 -0400
Subject: [PATCH 2/7] fix so-status for strelka and wazuh

---
 salt/common/maps/so-status.map.jinja | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/salt/common/maps/so-status.map.jinja b/salt/common/maps/so-status.map.jinja
index 21dd14ec9..448423d83 100644
--- a/salt/common/maps/so-status.map.jinja
+++ b/salt/common/maps/so-status.map.jinja
@@ -21,7 +21,7 @@
 {% if role in ['eval', 'managersearch', 'manager', 'standalone'] %}
   {{ append_containers('manager', 'grafana', 0) }}
   {{ append_containers('global', 'fleet_manager', 0) }}
-  {{ append_containers('manager', 'wazuh', 0) }}
+  {{ append_containers('global', 'wazuh', 0) }}
   {{ append_containers('manager', 'thehive', 0) }}
   {{ append_containers('manager', 'playbook', 0) }}
   {{ append_containers('manager', 'freq', 0) }}
@@ -29,7 +29,7 @@
 {% endif %}
 
 {% if role in ['eval', 'heavynode', 'sensor', 'standalone'] %}
-  {{ append_containers('global', 'strelka', 0) }}
+  {{ append_containers('global', 'strelka:enabled', 0) }}
 {% endif %}
 
 {% if role in ['heavynode', 'standalone'] %}

From 918d9cf00f0a6e9a7300be7be87218c2ccd6596b Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Wed, 9 Sep 2020 13:57:53 -0400
Subject: [PATCH 3/7] handle strelka

---
 salt/common/maps/so-status.map.jinja | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/salt/common/maps/so-status.map.jinja b/salt/common/maps/so-status.map.jinja
index 448423d83..560ea2546 100644
--- a/salt/common/maps/so-status.map.jinja
+++ b/salt/common/maps/so-status.map.jinja
@@ -5,6 +5,9 @@
 # to the list predefined by the role / minion id affix
 {% macro append_containers(pillar_name, k, compare )%}
   {% if salt['pillar.get'](pillar_name~':'~k, {}) != compare %}
+    {% if ':enabled' in k %}
+      {% set k = k.split(':') | first %}
+    {% endif %}
     {% from 'common/maps/'~k~'.map.jinja' import docker as d with context %}
     {% for li in d['containers'] %}
       {{ docker['containers'].append(li) }}

From 05d736d2dfafe831c107f32b4909393316b3408e Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Wed, 9 Sep 2020 14:00:58 -0400
Subject: [PATCH 4/7] handle strelka

---
 salt/common/maps/so-status.map.jinja | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/salt/common/maps/so-status.map.jinja b/salt/common/maps/so-status.map.jinja
index 560ea2546..2aea71c76 100644
--- a/salt/common/maps/so-status.map.jinja
+++ b/salt/common/maps/so-status.map.jinja
@@ -5,9 +5,6 @@
 # to the list predefined by the role / minion id affix
 {% macro append_containers(pillar_name, k, compare )%}
   {% if salt['pillar.get'](pillar_name~':'~k, {}) != compare %}
-    {% if ':enabled' in k %}
-      {% set k = k.split(':') | first %}
-    {% endif %}
     {% from 'common/maps/'~k~'.map.jinja' import docker as d with context %}
     {% for li in d['containers'] %}
       {{ docker['containers'].append(li) }}
@@ -32,7 +29,7 @@
 {% endif %}
 
 {% if role in ['eval', 'heavynode', 'sensor', 'standalone'] %}
-  {{ append_containers('global', 'strelka:enabled', 0) }}
+  {{ append_containers('strelka', 'enabled', 0) }}
 {% endif %}
 
 {% if role in ['heavynode', 'standalone'] %}

From 921262b9a5542aed81acd0475fca4c50b303e3d3 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Wed, 9 Sep 2020 14:07:38 -0400
Subject: [PATCH 5/7] prevent duplicate containers for so-stauts

---
 salt/common/tools/sbin/so-status | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/salt/common/tools/sbin/so-status b/salt/common/tools/sbin/so-status
index 7a7d6c783..85709501a 100755
--- a/salt/common/tools/sbin/so-status
+++ b/salt/common/tools/sbin/so-status
@@ -15,7 +15,7 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 {%- from 'common/maps/so-status.map.jinja' import docker with context %}
-{%- set container_list = docker['containers'] | sort %}
+{%- set container_list = docker['containers'] | sort | unique %}
 
 if ! [ "$(id -u)" = 0 ]; then
    echo "This command must be run as root"

From b0c526364fd6c86734ab70052343ddb55684341f Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Wed, 9 Sep 2020 14:55:54 -0400
Subject: [PATCH 6/7] handle strelka

---
 salt/common/maps/so-status.map.jinja | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/salt/common/maps/so-status.map.jinja b/salt/common/maps/so-status.map.jinja
index 2aea71c76..fb23e6708 100644
--- a/salt/common/maps/so-status.map.jinja
+++ b/salt/common/maps/so-status.map.jinja
@@ -5,6 +5,9 @@
 # to the list predefined by the role / minion id affix
 {% macro append_containers(pillar_name, k, compare )%}
   {% if salt['pillar.get'](pillar_name~':'~k, {}) != compare %}
+    {% if k == 'enabled' %}
+      {% set k = pillar_name %}
+    {% endif %}
     {% from 'common/maps/'~k~'.map.jinja' import docker as d with context %}
     {% for li in d['containers'] %}
       {{ docker['containers'].append(li) }}

From 39f200f5658b6bd5bb60c377a8071b8faee64b79 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Wed, 9 Sep 2020 14:59:21 -0400
Subject: [PATCH 7/7] fix whitespace

---
 salt/common/tools/sbin/so-status | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/salt/common/tools/sbin/so-status b/salt/common/tools/sbin/so-status
index 85709501a..8658f4757 100755
--- a/salt/common/tools/sbin/so-status
+++ b/salt/common/tools/sbin/so-status
@@ -71,9 +71,9 @@ compare_lists() {
 # {% endraw %}
 
 create_expected_container_list() {
-    {% for item in container_list%}
+    {% for item in container_list -%}
         expected_container_list+=("{{ item }}")
-    {% endfor %}
+    {% endfor -%}
 }
 
 populate_container_lists() {