CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 09:42:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

influx upgrade

Browse Source
This commit is contained in:
Jason Ertel
2023-02-13 14:56:51 -05:00
parent 7b3acd53a1
commit 1fa8294ee6
3 changed files with 70 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
salt/common/tools/sbin/so-influxdb-manage
View File

@@ -18,6 +18,8 @@ usage() {
echo " userenable Enables a user, requires: <email>" echo " userenable Enables a user, requires: <email>"
echo " userdisable Disables a user, requires: <email>" echo " userdisable Disables a user, requires: <email>"
echo " userpass Updates a user's password, requires: <email>" echo " userpass Updates a user's password, requires: <email>"
echo " userpromote Promotes a user to admin: <email>"
echo " userdemote Demotes a user from admin: <email>"
echo "" echo ""
echo "If required, the password will be read from STDIN." echo "If required, the password will be read from STDIN."
exit 1 exit 1
@@ -27,13 +29,14 @@ if [ $# -lt 1 ]; then
usage usage
fi fi
COMMAND=$(basename $0)
OP=$1 OP=$1
shift shift
set -eo pipefail set -eo pipefail
log() { log() {
echo -e "$(date) | InfluxDB | $@" >&2 echo -e "$(date) | $COMMAND | $@" >&2
} }
check_response() { check_response() {
@@ -61,17 +64,6 @@ lookup_user_id() {
echo "$uid" echo "$uid"
} }
lookup_org_id() {
response=$(request orgs?limit=100)
check_response "$response"
oid=$(echo "$response" | jq -r ".orgs[] | select(.name == \"Security Onion\").id")
if [[ -z "$oid" ]]; then
log "Organization not found"
exit 1
fi
echo "$oid"
}
lookup_stack_id() { lookup_stack_id() {
oid=$1 oid=$1
@@ -86,15 +78,6 @@ lookup_stack_id() {
echo "$stackid" echo "$stackid"
} }
add_user_to_org() {
uid=$1
oid=$2
log "Adding new user to organization"
response=$(request orgs/$oid/members -X POST -d "{\"id\":\"$uid\"}")
check_response "$response"
}
change_password() { change_password() {
uid=$1 uid=$1
@@ -137,6 +120,30 @@ setup_bucket() {
check_response "$response" check_response "$response"
} }
lookup_org_id_with_wait() {
max_attempts=30
attempts=0
wait=10
while [[ $attempts -lt $max_attempts ]]; do
response=$(request orgs?org=Security+Onion)
check_response "$response"
oid=$(echo "$response" | jq -r ".orgs[] | select(.name == \"Security Onion\").id")
if [[ -z $oid ]]; then
attempts=$((attempts+1))
log "Server does not appear to be running or fully initialized - will try again in $wait seconds ($attempts / $max_attempts)"
sleep $wait
else
echo "$oid"
return
fi
done
log "Server has not started after $max_attempts attempts - aborting"
exit 1
}
oid=$(lookup_org_id_with_wait)
case "$OP" in case "$OP" in
setup) setup)
@@ -146,7 +153,6 @@ case "$OP" in
newest=$(ls -1t /opt/so/conf/influxdb/templates/ | head -1) newest=$(ls -1t /opt/so/conf/influxdb/templates/ | head -1)
if [ /opt/so/conf/influxdb/templates/$newest -nt /opt/so/conf/influxdb/last_template_setup ]; then if [ /opt/so/conf/influxdb/templates/$newest -nt /opt/so/conf/influxdb/last_template_setup ]; then
log "Updating templates" log "Updating templates"
oid=$(lookup_org_id)
stackid=$(lookup_stack_id "$oid") stackid=$(lookup_stack_id "$oid")
for file in /opt/so/conf/influxdb/templates/*; do for file in /opt/so/conf/influxdb/templates/*; do
if [[ "$templates_array" != "" ]]; then if [[ "$templates_array" != "" ]]; then
@@ -164,7 +170,6 @@ case "$OP" in
# Setup buckets and retention periods if at least one has been modified since the last setup # Setup buckets and retention periods if at least one has been modified since the last setup
if [ /opt/so/conf/influxdb/buckets.json -nt /opt/so/conf/influxdb/last_bucket_setup ]; then if [ /opt/so/conf/influxdb/buckets.json -nt /opt/so/conf/influxdb/last_bucket_setup ]; then
log "Updating buckets and retention periods" log "Updating buckets and retention periods"
oid=$(lookup_org_id)
for rp in so_short_term so_long_term; do for rp in so_short_term so_long_term; do
bucket=telegraf/$rp bucket=telegraf/$rp
log "Ensuring bucket is created and configured; bucket=$bucket" log "Ensuring bucket is created and configured; bucket=$bucket"
@@ -189,11 +194,14 @@ case "$OP" in
[ $# -ne 1 ] && usage [ $# -ne 1 ] && usage
email=$1 email=$1
log "Adding new user; email=$email" log "Adding new user; email=$email"
oid=$(lookup_org_id)
response=$(request users -X POST -d "{\"name\":\"$email\"}") response=$(request users -X POST -d "{\"name\":\"$email\"}")
check_response "$response" check_response "$response"
uid=$(echo "$response" | jq -r .id) uid=$(echo "$response" | jq -r .id)
add_user_to_org "$uid" "$oid"
log "Adding new user to organization"
response=$(request orgs/$oid/members -X POST -d "{\"id\":\"$uid\"}")
check_response "$response"
change_password "$uid" change_password "$uid"
;; ;;
@@ -232,6 +240,26 @@ case "$OP" in
check_response "$response" check_response "$response"
;; ;;
userpromote)
[ $# -ne 1 ] && usage
email=$1
log "Promoting user to admin; email=$email"
uid=$(lookup_user_id "$email")
response=$(request orgs/$oid/members/$uid -X DELETE)
response=$(request orgs/$oid/owners -X POST -d "{\"id\":\"$uid\"}")
check_response "$response"
;;
userdemote)
[ $# -ne 1 ] && usage
email=$1
log "Demoting user from admin; email=$email"
uid=$(lookup_user_id "$email")
response=$(request orgs/$oid/owners/$uid -X DELETE)
response=$(request orgs/$oid/members -X POST -d "{\"id\":\"$uid\"}")
check_response "$response"
;;
*) *)
usage usage
;; ;;

9
salt/common/tools/sbin/so-user
View File

@@ -588,6 +588,9 @@ case "${operation}" in
syncAll syncAll
echo "Successfully added new user to SOC" echo "Successfully added new user to SOC"
echo "$password" | so-influxdb-manage useradd "$email" echo "$password" | so-influxdb-manage useradd "$email"
if [[ "$role" == "superuser" ]]; then
echo "$password" | so-influxdb-manage userpromote "$email"
fi
;; ;;
"list") "list")
@@ -605,6 +608,9 @@ case "${operation}" in
if addUserRole "$email" "$role"; then if addUserRole "$email" "$role"; then
syncElastic syncElastic
echo "Successfully added role to user" echo "Successfully added role to user"
if [[ "$role" == "superuser" ]]; then
echo "$password" | so-influxdb-manage userpromote "$email"
fi
fi fi
;; ;;
@@ -618,6 +624,9 @@ case "${operation}" in
deleteUserRole "$email" "$role" deleteUserRole "$email" "$role"
syncElastic syncElastic
echo "Successfully removed role from user" echo "Successfully removed role from user"
if [[ "$role" == "superuser" ]]; then
echo "$password" | so-influxdb-manage userdemote "$email"
fi
;; ;;
"password") "password")

12
salt/influxdb/init.sls
View File

@@ -71,10 +71,6 @@ influxdb_curl_config:
- show_changes: False - show_changes: False
- makedirs: True - makedirs: True
influxdb-setup:
cmd.run:
- name: /usr/sbin/so-influxdb-manage setup &>> /opt/so/log/influxdb/setup.log
so-influxdb: so-influxdb:
docker_container.running: docker_container.running:
- image: {{ GLOBALS.registry_host }}:5000/{{ GLOBALS.image_repo }}/so-influxdb:{{ GLOBALS.so_version }} - image: {{ GLOBALS.registry_host }}:5000/{{ GLOBALS.image_repo }}/so-influxdb:{{ GLOBALS.so_version }}
@@ -113,6 +109,14 @@ append_so-influxdb_so-status.conf:
- name: /opt/so/conf/so-status/so-status.conf - name: /opt/so/conf/so-status/so-status.conf
- text: so-influxdb - text: so-influxdb
influxdb-setup:
cmd.run:
- name: /usr/sbin/so-influxdb-manage setup &>> /opt/so/log/influxdb/setup.log
- require:
- file: influxdbbucketsconf
- file: influxdb_curl_conf
- docker_container: so-influxdb
# Install cron job to determine size of influxdb for telegraf # Install cron job to determine size of influxdb for telegraf
get_influxdb_size: get_influxdb_size:
cron.present: cron.present: