CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

influx upgrade

Browse Source
This commit is contained in:
Jason Ertel
2023-02-13 14:56:51 -05:00
parent 7b3acd53a1
commit 1fa8294ee6
3 changed files with 70 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
salt/common/tools/sbin/so-influxdb-manage
View File

@@ -18,6 +18,8 @@ usage() {
echo " userenable Enables a user, requires: <email>"
echo " userdisable Disables a user, requires: <email>"
echo " userpass Updates a user's password, requires: <email>"
echo " userpromote Promotes a user to admin: <email>"
echo " userdemote Demotes a user from admin: <email>"
echo ""
echo "If required, the password will be read from STDIN."
exit 1
@@ -27,13 +29,14 @@ if [ $# -lt 1 ]; then
usage
fi
COMMAND=$(basename $0)
OP=$1
shift
set -eo pipefail
log() {
echo -e "$(date) | InfluxDB | $@" >&2
echo -e "$(date) | $COMMAND | $@" >&2
}
check_response() {
@@ -61,17 +64,6 @@ lookup_user_id() {
echo "$uid"
}
lookup_org_id() {
response=$(request orgs?limit=100)
check_response "$response"
oid=$(echo "$response" | jq -r ".orgs[] | select(.name == \"Security Onion\").id")
if [[ -z "$oid" ]]; then
log "Organization not found"
exit 1
fi
echo "$oid"
}
lookup_stack_id() {
oid=$1
@@ -86,15 +78,6 @@ lookup_stack_id() {
echo "$stackid"
}
add_user_to_org() {
uid=$1
oid=$2
log "Adding new user to organization"
response=$(request orgs/$oid/members -X POST -d "{\"id\":\"$uid\"}")
check_response "$response"
}
change_password() {
uid=$1
@@ -137,6 +120,30 @@ setup_bucket() {
check_response "$response"
}
lookup_org_id_with_wait() {
max_attempts=30
attempts=0
wait=10
while [[ $attempts -lt $max_attempts ]]; do
response=$(request orgs?org=Security+Onion)
check_response "$response"
oid=$(echo "$response" | jq -r ".orgs[] | select(.name == \"Security Onion\").id")
if [[ -z $oid ]]; then
attempts=$((attempts+1))
log "Server does not appear to be running or fully initialized - will try again in $wait seconds ($attempts / $max_attempts)"
sleep $wait
else
echo "$oid"
return
fi
done
log "Server has not started after $max_attempts attempts - aborting"
exit 1
}
oid=$(lookup_org_id_with_wait)
case "$OP" in
setup)
@@ -146,7 +153,6 @@ case "$OP" in
newest=$(ls -1t /opt/so/conf/influxdb/templates/ | head -1)
if [ /opt/so/conf/influxdb/templates/$newest -nt /opt/so/conf/influxdb/last_template_setup ]; then
log "Updating templates"
oid=$(lookup_org_id)
stackid=$(lookup_stack_id "$oid")
for file in /opt/so/conf/influxdb/templates/*; do
if [[ "$templates_array" != "" ]]; then
@@ -164,7 +170,6 @@ case "$OP" in
# Setup buckets and retention periods if at least one has been modified since the last setup
if [ /opt/so/conf/influxdb/buckets.json -nt /opt/so/conf/influxdb/last_bucket_setup ]; then
log "Updating buckets and retention periods"
oid=$(lookup_org_id)
for rp in so_short_term so_long_term; do
bucket=telegraf/$rp
log "Ensuring bucket is created and configured; bucket=$bucket"
@@ -189,11 +194,14 @@ case "$OP" in
[ $# -ne 1 ] && usage
email=$1
log "Adding new user; email=$email"
oid=$(lookup_org_id)
response=$(request users -X POST -d "{\"name\":\"$email\"}")
check_response "$response"
uid=$(echo "$response" | jq -r .id)
add_user_to_org "$uid" "$oid"
log "Adding new user to organization"
response=$(request orgs/$oid/members -X POST -d "{\"id\":\"$uid\"}")
check_response "$response"
change_password "$uid"
;;
@@ -232,6 +240,26 @@ case "$OP" in
check_response "$response"
;;
userpromote)
[ $# -ne 1 ] && usage
email=$1
log "Promoting user to admin; email=$email"
uid=$(lookup_user_id "$email")
response=$(request orgs/$oid/members/$uid -X DELETE)
response=$(request orgs/$oid/owners -X POST -d "{\"id\":\"$uid\"}")
check_response "$response"
;;
userdemote)
[ $# -ne 1 ] && usage
email=$1
log "Demoting user from admin; email=$email"
uid=$(lookup_user_id "$email")
response=$(request orgs/$oid/owners/$uid -X DELETE)
response=$(request orgs/$oid/members -X POST -d "{\"id\":\"$uid\"}")
check_response "$response"
;;
*)
usage
;;

9
salt/common/tools/sbin/so-user
View File

@@ -588,6 +588,9 @@ case "${operation}" in
syncAll
echo "Successfully added new user to SOC"
echo "$password" | so-influxdb-manage useradd "$email"
if [[ "$role" == "superuser" ]]; then
echo "$password" | so-influxdb-manage userpromote "$email"
fi
;;
"list")
@@ -605,6 +608,9 @@ case "${operation}" in
if addUserRole "$email" "$role"; then
syncElastic
echo "Successfully added role to user"
if [[ "$role" == "superuser" ]]; then
echo "$password" | so-influxdb-manage userpromote "$email"
fi
fi
;;
@@ -618,6 +624,9 @@ case "${operation}" in
deleteUserRole "$email" "$role"
syncElastic
echo "Successfully removed role from user"
if [[ "$role" == "superuser" ]]; then
echo "$password" | so-influxdb-manage userdemote "$email"
fi
;;
"password")

12
salt/influxdb/init.sls
View File

@@ -71,10 +71,6 @@ influxdb_curl_config:
- show_changes: False
- makedirs: True
influxdb-setup:
cmd.run:
- name: /usr/sbin/so-influxdb-manage setup &>> /opt/so/log/influxdb/setup.log
so-influxdb:
docker_container.running:
- image: {{ GLOBALS.registry_host }}:5000/{{ GLOBALS.image_repo }}/so-influxdb:{{ GLOBALS.so_version }}
@@ -113,6 +109,14 @@ append_so-influxdb_so-status.conf:
- name: /opt/so/conf/so-status/so-status.conf
- text: so-influxdb
influxdb-setup:
cmd.run:
- name: /usr/sbin/so-influxdb-manage setup &>> /opt/so/log/influxdb/setup.log
- require:
- file: influxdbbucketsconf
- file: influxdb_curl_conf
- docker_container: so-influxdb
# Install cron job to determine size of influxdb for telegraf
get_influxdb_size:
cron.present: