CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Setup Script - Fix function syntax

Browse Source
This commit is contained in:
Mike Reeves
2018-03-22 13:27:38 -04:00
parent e42ece2c93
commit 23ef8bccf9
1 changed files with 29 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
so-setup-network.sh
View File

@@ -25,10 +25,10 @@ CPUCORES=$(cat /proc/cpuinfo | grep processor | wc -l)
# Functions # Functions
bro_calculate_lbprocs () { bro_calculate_lbprocs() {
#Calculate total lbprocs for basic install #Calculate total lbprocs for basic install
} }
configure_minion () { configure_minion() {
local TYPE=$1 local TYPE=$1
touch /etc/salt/grains touch /etc/salt/grains
@@ -36,7 +36,7 @@ configure_minion () {
echo "master: $MASTER" > /etc/salt/minion echo "master: $MASTER" > /etc/salt/minion
service salt-minion start service salt-minion start
} }
copy_pillar () { copy_pillar() {
local TYPE=$1 local TYPE=$1
if [ $TYPE = 'STORAGENODE' ]; then if [ $TYPE = 'STORAGENODE' ]; then
@@ -54,7 +54,7 @@ copy_pillar () {
# Accept the key # Accept the key
ssh socore@$MASTERSRV 'sudo salt-key -ya $HOSTNAME' ssh socore@$MASTERSRV 'sudo salt-key -ya $HOSTNAME'
} }
configure_sensor () { configure_sensor() {
# Create the pillar file for the sensor # Create the pillar file for the sensor
touch /tmp/$HOSTNAME.sls touch /tmp/$HOSTNAME.sls
@@ -65,14 +65,14 @@ configure_sensor () {
} }
copy_ssh_key () { copy_ssh_key() {
# Generate and copy SSH key # Generate and copy SSH key
cat /dev/zero | ssh-keygen -t rsa -q -N "" cat /dev/zero | ssh-keygen -t rsa -q -N ""
#Copy the key over to the master #Copy the key over to the master
ssh-copy-id socore@$MASTER ssh-copy-id socore@$MASTER
} }
create_bond () { create_bond() {
# Create the bond interface # Create the bond interface
echo "Setting up Bond" echo "Setting up Bond"
if [ $OS == 'centos' ]; then if [ $OS == 'centos' ]; then
@@ -86,11 +86,11 @@ create_bond () {
fi fi
} }
create_socore_password () { create_socore_password() {
# Enter a password for socore # Enter a password for socore
} }
detect_os () { detect_os() {
# Detect Base OS # Detect Base OS
if [ -f /etc/redhat-release ]; then if [ -f /etc/redhat-release ]; then
OS=centos OS=centos
@@ -102,11 +102,11 @@ detect_os () {
fi fi
} }
disk_space () { disk_space() {
# Give me Disk Space # Give me Disk Space
} }
es_heapsize () { es_heapsize() {
# Determine ES Heap Size # Determine ES Heap Size
if [ $TOTAL_MEM -lt 8000 ] ; then if [ $TOTAL_MEM -lt 8000 ] ; then
ES_HEAP_SIZE="600m" ES_HEAP_SIZE="600m"
@@ -120,22 +120,22 @@ es_heapsize () {
fi fi
} }
filter_nics () { filter_nics() {
FNICS=$(ip link | grep -vw $MNIC | awk -F: '$0 !~ "lo|vir|veth|br|docker|wl|^[^0-9]"{print $2 " \"" "Interface" "\"" " OFF"}') FNICS=$(ip link | grep -vw $MNIC | awk -F: '$0 !~ "lo|vir|veth|br|docker|wl|^[^0-9]"{print $2 " \"" "Interface" "\"" " OFF"}')
} }
got_root () { got_root() {
if [ "$(id -u)" -ne 0 ]; then if [ "$(id -u)" -ne 0 ]; then
echo "This script must be run using sudo!" echo "This script must be run using sudo!"
exit 1 exit 1
fi fi
} }
install_master () { install_master() {
yum -y install salt-master yum -y install salt-master
} }
ls_heapsize () { ls_heapsize() {
# Determine LS Heap Size # Determine LS Heap Size
if [ $TOTAL_MEM -ge 16000 ] ; then if [ $TOTAL_MEM -ge 16000 ] ; then
LS_HEAP_SIZE="4192m" LS_HEAP_SIZE="4192m"
@@ -145,7 +145,7 @@ ls_heapsize () {
fi fi
} }
master_pillar () { master_pillar() {
# Create the master pillar # Create the master pillar
touch /opt/so/saltstack/pillar/masters/$HOSTNAME.sls touch /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
echo "master:" > /opt/so/saltstack/pillar/masters/$HOSTNAME.sls echo "master:" > /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
@@ -172,7 +172,7 @@ master_pillar () {
salt-key -qya $HOSTNAME salt-key -qya $HOSTNAME
salt-call state.highstate salt-call state.highstate
node_pillar () { node_pillar() {
# Create the node pillar # Create the node pillar
touch /tmp/$HOSTNAME.sls touch /tmp/$HOSTNAME.sls
echo "node:" > /tmp/$HOSTNAME.sls echo "node:" > /tmp/$HOSTNAME.sls
@@ -190,7 +190,7 @@ node_pillar () {
} }
saltify () { saltify() {
# Install updates and Salt # Install updates and Salt
if [ $OS == 'centos' ]; then if [ $OS == 'centos' ]; then
ADDUSER=adduser ADDUSER=adduser
@@ -222,7 +222,7 @@ saltify () {
fi fi
} }
salt_master_directories () { salt_master_directories() {
# Create salt directories # Create salt directories
mkdir -p /opt/so/saltstack/salt mkdir -p /opt/so/saltstack/salt
mkdir -p /opt/so/saltstack/pillar mkdir -p /opt/so/saltstack/pillar
@@ -230,23 +230,23 @@ salt_master_directories () {
cp -Rv salt/* /opt/so/saltstack/salt/ cp -Rv salt/* /opt/so/saltstack/salt/
} }
update_sudoers () { update_sudoers() {
# Update Sudoers # Update Sudoers
echo "socore ALL=(ALL) NOPASSWD:/usr/bin/salt-key" | sudo tee -a /etc/sudoers echo "socore ALL=(ALL) NOPASSWD:/usr/bin/salt-key" | sudo tee -a /etc/sudoers
} }
whiptail_bro_pins () { whiptail_bro_pins() {
} }
whiptail_bond_nics () { whiptail_bond_nics() {
BNICS=$(whiptail --title "NIC Setup" --checklist "Please add NICs to the Monitor Interface" 20 78 12 ${FNICS[@]} 3>&1 1>&2 2>&3 ) BNICS=$(whiptail --title "NIC Setup" --checklist "Please add NICs to the Monitor Interface" 20 78 12 ${FNICS[@]} 3>&1 1>&2 2>&3 )
} }
whiptail_install_type () { whiptail_install_type() {
# What kind of install are we doing? # What kind of install are we doing?
INSTALLTYPE=$(whiptail --title "Security Onion Setup" --radiolist \ INSTALLTYPE=$(whiptail --title "Security Onion Setup" --radiolist \
@@ -258,13 +258,13 @@ whiptail_install_type () {
} }
whiptail_management_nic () { whiptail_management_nic() {
MNIC=$(whiptail --title "NIC Setup" --radiolist "Please select your management NIC" 20 78 12 ${NICS[@]} 3>&1 1>&2 2>&3 ) MNIC=$(whiptail --title "NIC Setup" --radiolist "Please select your management NIC" 20 78 12 ${NICS[@]} 3>&1 1>&2 2>&3 )
} }
whiptail_nids () { whiptail_nids() {
NIDS=$(whiptail --title "Security Onion Setup" --radiolist \ NIDS=$(whiptail --title "Security Onion Setup" --radiolist \
"Choose which IDS to run:" 20 78 4 \ "Choose which IDS to run:" 20 78 4 \
@@ -272,26 +272,26 @@ whiptail_nids () {
} }
whiptail_oinkcode () { whiptail_oinkcode() {
OINKCODE=$(whiptail --title "Security Onion Setup" --inputbox \ OINKCODE=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your oinkcode" 10 60 XXXXXXX 3>&1 1>&2 2>&3) "Enter your oinkcode" 10 60 XXXXXXX 3>&1 1>&2 2>&3)
} }
whiptail_management_server () { whiptail_management_server() {
MASTERSRV=$(whiptail --title "Enter your Master Server IP Address" --inputbox 10 60 1.2.3.4 3>&1 1>&2 2>&3) MASTERSRV=$(whiptail --title "Enter your Master Server IP Address" --inputbox 10 60 1.2.3.4 3>&1 1>&2 2>&3)
} }
whiptail_network_notice () { whiptail_network_notice() {
whiptail --title "Security Onion Setup" --msgbox "Since this is a network install we assume the management interface, DNS, Hostname, etc are already set up. You must hit OK to continue." 8 78 whiptail --title "Security Onion Setup" --msgbox "Since this is a network install we assume the management interface, DNS, Hostname, etc are already set up. You must hit OK to continue." 8 78
} }
whiptail_rule_setup () { whiptail_rule_setup() {
# Get pulled pork info # Get pulled pork info
RULESETUP=$(whiptail --title "Security Onion Setup" --radiolist \ RULESETUP=$(whiptail --title "Security Onion Setup" --radiolist \
@@ -303,7 +303,7 @@ whiptail_rule_setup () {
} }
whiptail_sensor_config () { whiptail_sensor_config() {
NSMSETUP=$(whiptail --title "Security Onion Setup" --radiolist \ NSMSETUP=$(whiptail --title "Security Onion Setup" --radiolist \
"What type of config would you like to use?:" 20 78 4 \ "What type of config would you like to use?:" 20 78 4 \