diff --git a/salt/common/tools/sbin/so-salt-emit-vm-deployment-status-event b/salt/common/tools/sbin_jinja/so-salt-emit-vm-deployment-status-event similarity index 84% rename from salt/common/tools/sbin/so-salt-emit-vm-deployment-status-event rename to salt/common/tools/sbin_jinja/so-salt-emit-vm-deployment-status-event index 454e1ba9b..61f071130 100644 --- a/salt/common/tools/sbin/so-salt-emit-vm-deployment-status-event +++ b/salt/common/tools/sbin_jinja/so-salt-emit-vm-deployment-status-event @@ -4,6 +4,14 @@ # or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at # https://securityonion.net/license; you may not use this file except in compliance with the # Elastic License 2.0. +# +# Note: Per the Elastic License 2.0, the second limitation states: +# +# "You may not move, change, disable, or circumvent the license key functionality +# in the software, and you may not remove or obscure any functionality in the +# software that is protected by the license key." + +{% if 'hvn' in salt['pillar.get']('features', []) -%} """ Script for emitting VM deployment status events to the Salt event bus. @@ -113,4 +121,12 @@ def main(): sys.exit(1) if __name__ == '__main__': - main() \ No newline at end of file + main() + +{%- else -%} + +echo "Hypervisor nodes are a feature supported only for customers with a valid license. \ + Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com \ + for more information about purchasing a license to enable this feature." + +{% endif -%} diff --git a/salt/hypervisor/init.sls b/salt/hypervisor/init.sls index 7bec6f25c..677ab8642 100644 --- a/salt/hypervisor/init.sls +++ b/salt/hypervisor/init.sls @@ -23,6 +23,13 @@ hypervisor_sbin: - source: salt://hypervisor/tools/sbin - file_mode: 744 +hypervisor_sbin_jinja: + file.recurse: + - name: /usr/sbin + - source: salt://hypervisor/tools/sbin_jinja + - template: jinja + - file_mode: 744 + {% else %} {{sls}}_no_license_detected: test.fail_without_changes: diff --git a/salt/hypervisor/map.jinja b/salt/hypervisor/map.jinja index cf323f51d..a9a76e557 100644 --- a/salt/hypervisor/map.jinja +++ b/salt/hypervisor/map.jinja @@ -1,3 +1,16 @@ +{# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one + or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at + https://securityonion.net/license; you may not use this file except in compliance with the + Elastic License 2.0. + + Note: Per the Elastic License 2.0, the second limitation states: + + "You may not move, change, disable, or circumvent the license key functionality + in the software, and you may not remove or obscure any functionality in the + software that is protected by the license key." #} + +{% if 'hvn' in salt['pillar.get']('features', []) %} + {# Import defaults.yaml for model hardware capabilities #} {% import_yaml 'hypervisor/defaults.yaml' as DEFAULTS %} @@ -82,4 +95,14 @@ } }) %} {% endfor %} -{% endfor %} \ No newline at end of file +{% endfor %} + +{% else %} + +{% do salt.log.error( + 'Hypervisor nodes are a feature supported only for customers with a valid license.' + 'Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com' + 'for more information about purchasing a license to enable this feature.' +) %} + +{% endif %} diff --git a/salt/hypervisor/tools/sbin/so-kvm-modify-hardware b/salt/hypervisor/tools/sbin_jinja/so-kvm-modify-hardware similarity index 95% rename from salt/hypervisor/tools/sbin/so-kvm-modify-hardware rename to salt/hypervisor/tools/sbin_jinja/so-kvm-modify-hardware index 3d80ebaeb..25506a0ae 100644 --- a/salt/hypervisor/tools/sbin/so-kvm-modify-hardware +++ b/salt/hypervisor/tools/sbin_jinja/so-kvm-modify-hardware @@ -4,6 +4,14 @@ # or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at # https://securityonion.net/license; you may not use this file except in compliance with the # Elastic License 2.0. +# +# Note: Per the Elastic License 2.0, the second limitation states: +# +# "You may not move, change, disable, or circumvent the license key functionality +# in the software, and you may not remove or obscure any functionality in the +# software that is protected by the license key." + +{% if 'hvn' in salt['pillar.get']('features', []) %} """ Script for managing hardware configurations of KVM virtual machines. This script provides @@ -347,3 +355,11 @@ def main(): if __name__ == '__main__': main() + +{%- else -%} + +echo "Hypervisor nodes are a feature supported only for customers with a valid license. \ + Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com \ + for more information about purchasing a license to enable this feature." + +{% endif -%} diff --git a/salt/hypervisor/tools/sbin/so-qcow2-modify-network b/salt/hypervisor/tools/sbin_jinja/so-qcow2-modify-network similarity index 97% rename from salt/hypervisor/tools/sbin/so-qcow2-modify-network rename to salt/hypervisor/tools/sbin_jinja/so-qcow2-modify-network index b2651a9c7..cd7869fd8 100644 --- a/salt/hypervisor/tools/sbin/so-qcow2-modify-network +++ b/salt/hypervisor/tools/sbin_jinja/so-qcow2-modify-network @@ -4,6 +4,14 @@ # or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at # https://securityonion.net/license; you may not use this file except in compliance with the # Elastic License 2.0. +# +# Note: Per the Elastic License 2.0, the second limitation states: +# +# "You may not move, change, disable, or circumvent the license key functionality +# in the software, and you may not remove or obscure any functionality in the +# software that is protected by the license key." + +{% if 'hvn' in salt['pillar.get']('features', []) -%} """ Script for modifying network configurations within QCOW2 virtual machine images. This script provides @@ -513,3 +521,11 @@ def main(): if __name__ == '__main__': main() + +{%- else -%} + +echo "Hypervisor nodes are a feature supported only for customers with a valid license. \ + Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com \ + for more information about purchasing a license to enable this feature." + +{% endif -%} diff --git a/salt/manager/tools/sbin/so-salt-cloud b/salt/manager/tools/sbin_jinja/so-salt-cloud similarity index 97% rename from salt/manager/tools/sbin/so-salt-cloud rename to salt/manager/tools/sbin_jinja/so-salt-cloud index 0d5f5c81c..cddcbb474 100644 --- a/salt/manager/tools/sbin/so-salt-cloud +++ b/salt/manager/tools/sbin_jinja/so-salt-cloud @@ -4,6 +4,14 @@ # or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at # https://securityonion.net/license; you may not use this file except in compliance with the # Elastic License 2.0. +# +# Note: Per the Elastic License 2.0, the second limitation states: +# +# "You may not move, change, disable, or circumvent the license key functionality +# in the software, and you may not remove or obscure any functionality in the +# software that is protected by the license key." + +{% if 'hvn' in salt['pillar.get']('features', []) -%} """ Script for automated virtual machine provisioning and configuration in Security Onion's virtualization infrastructure. @@ -601,3 +609,11 @@ def main(): if __name__ == "__main__": main() + +{%- else -%} + +echo "Hypervisor nodes are a feature supported only for customers with a valid license. \ + Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com \ + for more information about purchasing a license to enable this feature." + +{% endif -%} diff --git a/salt/orch/dyanno_hypervisor.sls b/salt/orch/dyanno_hypervisor.sls index 0e2d91e7c..9bac12a6b 100644 --- a/salt/orch/dyanno_hypervisor.sls +++ b/salt/orch/dyanno_hypervisor.sls @@ -1,3 +1,16 @@ +# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one +# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at +# https://securityonion.net/license; you may not use this file except in compliance with the +# Elastic License 2.0. +# +# Note: Per the Elastic License 2.0, the second limitation states: +# +# "You may not move, change, disable, or circumvent the license key functionality +# in the software, and you may not remove or obscure any functionality in the +# software that is protected by the license key." + +{% if 'hvn' in salt['pillar.get']('features', []) %} + {% do salt.log.info('dyanno_hypervisor_orch: Running') %} {% set event_data = pillar.get('event_data', {}) %} {% set event_tag = pillar.get('event_tag', '') %} @@ -70,7 +83,7 @@ write_vm_status: {% endif %} #} -{# +{# We will need to populate hypervisor:hosts in this orch and pass to state to run as runner update_hypervisor_status: salt.runner: - name: state.orchestrate @@ -94,4 +107,14 @@ update_hypervisor_annotation: - salt: write_vm_status {% endif %#} -{% do salt.log.info('dyanno_hypervisor_orch: Completed') %} \ No newline at end of file +{% do salt.log.info('dyanno_hypervisor_orch: Completed') %} + +{% else %} + +{% do salt.log.error( + 'Hypervisor nodes are a feature supported only for customers with a valid license.' + 'Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com' + 'for more information about purchasing a license to enable this feature.' +) %} + +{% endif %} diff --git a/salt/reactor/vm_status.sls b/salt/reactor/vm_status.sls index 5dc0c0f6d..5e32ac18f 100644 --- a/salt/reactor/vm_status.sls +++ b/salt/reactor/vm_status.sls @@ -1,3 +1,8 @@ +# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one +# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at +# https://securityonion.net/license; you may not use this file except in compliance with the +# Elastic License 2.0. + {% do salt.log.debug('vm_status_reactor: Running') %} {% do salt.log.debug('vm_status_reactor: tag: ' ~ tag | string) %} @@ -114,4 +119,4 @@ update_hypervisor: event_tag: {{ tag }} event_data: {{ data }} -{% do salt.log.debug('vm_status_reactor: Completed') %} \ No newline at end of file +{% do salt.log.debug('vm_status_reactor: Completed') %} diff --git a/salt/salt/engines/master/virtual_node_manager.py b/salt/salt/engines/master/virtual_node_manager.py index 9e59b3d9a..98a4eb572 100644 --- a/salt/salt/engines/master/virtual_node_manager.py +++ b/salt/salt/engines/master/virtual_node_manager.py @@ -4,6 +4,12 @@ # or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at # https://securityonion.net/license; you may not use this file except in compliance with the # Elastic License 2.0. +# +# Note: Per the Elastic License 2.0, the second limitation states: +# +# "You may not move, change, disable, or circumvent the license key functionality +# in the software, and you may not remove or obscure any functionality in the +# software that is protected by the license key." """ Salt Engine for Virtual Node Management diff --git a/salt/soc/dyanno/hypervisor/init.sls b/salt/soc/dyanno/hypervisor/init.sls index 5914cdf5b..f29ef0367 100644 --- a/salt/soc/dyanno/hypervisor/init.sls +++ b/salt/soc/dyanno/hypervisor/init.sls @@ -1,4 +1,17 @@ -{% from 'hypervisor/map.jinja' import HYPERVISORS %} +# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one +# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at +# https://securityonion.net/license; you may not use this file except in compliance with the +# Elastic License 2.0. +# +# Note: Per the Elastic License 2.0, the second limitation states: +# +# "You may not move, change, disable, or circumvent the license key functionality +# in the software, and you may not remove or obscure any functionality in the +# software that is protected by the license key." + +{% if 'hvn' in salt['pillar.get']('features', []) %} + +{% from 'hypervisor/map.jinja' import HYPERVISORS %} hypervisor_annotation: file.managed: @@ -10,8 +23,8 @@ hypervisor_annotation: - defaults: HYPERVISORS: {{ HYPERVISORS }} -{% for role in HYPERVISORS %} -{% for hypervisor in HYPERVISORS[role].keys() %} +{% for role in HYPERVISORS %} +{% for hypervisor in HYPERVISORS[role].keys() %} hypervisor_host_directory_{{hypervisor}}: file.directory: - name: /opt/so/saltstack/local/salt/hypervisor/hosts/{{hypervisor}} @@ -21,5 +34,17 @@ hypervisor_host_directory_{{hypervisor}}: - recurse: - user - group +{% endfor %} {% endfor %} -{% endfor %} + +{% else %} + +{{sls}}_no_license_detected: + test.fail_without_changes: + - name: {{sls}}_no_license_detected + - comment: + - "Hypervisor nodes are a feature supported only for customers with a valid license. + Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com + for more information about purchasing a license to enable this feature." + +{% endif %} diff --git a/salt/soc/dyanno/hypervisor/soc_hypervisor.yaml.jinja b/salt/soc/dyanno/hypervisor/soc_hypervisor.yaml.jinja index f24ca69da..453aa436c 100644 --- a/salt/soc/dyanno/hypervisor/soc_hypervisor.yaml.jinja +++ b/salt/soc/dyanno/hypervisor/soc_hypervisor.yaml.jinja @@ -1,3 +1,16 @@ +{# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one + or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at + https://securityonion.net/license; you may not use this file except in compliance with the + Elastic License 2.0. + + Note: Per the Elastic License 2.0, the second limitation states: + + "You may not move, change, disable, or circumvent the license key functionality + in the software, and you may not remove or obscure any functionality in the + software that is protected by the license key." #} + +{%- if 'hvn' in salt['pillar.get']('features', []) -%} + {%- import_yaml 'soc/dyanno/hypervisor/hypervisor.yaml' as ANNOTATION -%} {%- from 'hypervisor/map.jinja' import HYPERVISORS -%} @@ -119,3 +132,13 @@ No Virtual Machines Found {%- endfor -%} {{- ANNOTATION | yaml(False) -}} + +{%- else -%} + +{%- do salt.log.error( + 'Hypervisor nodes are a feature supported only for customers with a valid license.' + 'Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com' + 'for more information about purchasing a license to enable this feature.' +) -%} + +{%- endif -%} diff --git a/salt/soc/dyanno/hypervisor/write_status.sls b/salt/soc/dyanno/hypervisor/write_status.sls index 96dcf7e9f..4babf7687 100644 --- a/salt/soc/dyanno/hypervisor/write_status.sls +++ b/salt/soc/dyanno/hypervisor/write_status.sls @@ -1,3 +1,16 @@ +# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one +# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at +# https://securityonion.net/license; you may not use this file except in compliance with the +# Elastic License 2.0. +# +# Note: Per the Elastic License 2.0, the second limitation states: +# +# "You may not move, change, disable, or circumvent the license key functionality +# in the software, and you may not remove or obscure any functionality in the +# software that is protected by the license key." + +{% if 'hvn' in salt['pillar.get']('features', []) %} + {% do salt.log.info('soc/dyanno/hypervisor/write_status: Running') %} {% set vm_name = pillar.get('vm_name') %} {% set hypervisor = pillar.get('hypervisor') %} @@ -64,6 +77,19 @@ write_status_file: - require: - file: ensure_status_dir {% else %} + {% do salt.log.debug('soc/dyanno/hypervisor/write_status: File not written. ' ~ process_steps[new_index] ~ ' cannot overwrite ' ~ process_steps[current_index] ~ '.' ) %} + {% endif %} + {% do salt.log.info('soc/dyanno/hypervisor/write_status: Completed') %} + +{% else %} + +{% do salt.log.error( + 'Hypervisor nodes are a feature supported only for customers with a valid license.' + 'Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com' + 'for more information about purchasing a license to enable this feature.' +) %} + +{% endif %} diff --git a/salt/vm_status/init.sls b/salt/vm_status/init.sls index ba2b21968..c6b39c12e 100644 --- a/salt/vm_status/init.sls +++ b/salt/vm_status/init.sls @@ -1,3 +1,16 @@ +# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one +# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at +# https://securityonion.net/license; you may not use this file except in compliance with the +# Elastic License 2.0. +# +# Note: Per the Elastic License 2.0, the second limitation states: +# +# "You may not move, change, disable, or circumvent the license key functionality +# in the software, and you may not remove or obscure any functionality in the +# software that is protected by the license key." + +{% if 'hvn' in salt['pillar.get']('features', []) %} + # Send highstate trigger event for VM deployment status tracking # so-salt-emit-vm-deployment-status sets event_tag = f'soc/dyanno/hypervisor/{status.lower()}' vm_highstate_trigger: @@ -7,4 +20,16 @@ vm_highstate_trigger: status: Highstate Triggered vm_name: {{ grains.id }} hypervisor: {{ salt['grains.get']('salt-cloud:profile', '').split('-')[1] }} - - order: 1 # Ensure this runs early in the highstate process \ No newline at end of file + - order: 1 # Ensure this runs early in the highstate process + +{% else %} + +{{sls}}_no_license_detected: + test.fail_without_changes: + - name: {{sls}}_no_license_detected + - comment: + - "Hypervisor nodes are a feature supported only for customers with a valid license. + Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com + for more information about purchasing a license to enable this feature." + +{% endif %}