mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-07 09:42:46 +01:00
merge 2.4/dev
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
This commit is contained in:
reyesj2
@@ -531,7 +531,8 @@ configure_minion() {
|
||||
" x509_v2: true"\
|
||||
"log_level: info"\
|
||||
"log_level_logfile: info"\
|
||||
"log_file: /opt/so/log/salt/minion" >> "$minion_config"
|
||||
"log_file: /opt/so/log/salt/minion"\
|
||||
"#startup_states: highstate" >> "$minion_config"
|
||||
|
||||
info "Running: salt-call state.apply salt.mine_functions --local --file-root=../salt/ -l info pillar='{"host": {"mainint": "$MNIC"}}'"
|
||||
salt-call state.apply salt.mine_functions --local --file-root=../salt/ -l info pillar="{'host': {'mainint': $MNIC}}"
|
||||
@@ -545,8 +546,8 @@ configure_minion() {
|
||||
checkin_at_boot() {
|
||||
local minion_config=/etc/salt/minion
|
||||
|
||||
info "Enabling checkin at boot"
|
||||
echo "startup_states: highstate" >> "$minion_config"
|
||||
info "Enabling checkin at boot"
|
||||
sed -i 's/#startup_states: highstate/startup_states: highstate/' "$minion_config"
|
||||
}
|
||||
|
||||
check_requirements() {
|
||||
@@ -1413,7 +1414,7 @@ make_some_dirs() {
|
||||
mkdir -p $local_salt_dir/salt/firewall/portgroups
|
||||
mkdir -p $local_salt_dir/salt/firewall/ports
|
||||
|
||||
for THEDIR in bpf pcap elasticsearch ntp firewall redis backup influxdb strelka sensoroni curator soc soctopus docker zeek suricata nginx telegraf logstash soc manager kratos idstools idh elastalert global;do
|
||||
for THEDIR in bpf pcap elasticsearch ntp firewall redis backup influxdb strelka sensoroni soc soctopus docker zeek suricata nginx telegraf logstash soc manager kratos idstools idh elastalert stig global;do
|
||||
mkdir -p $local_salt_dir/pillar/$THEDIR
|
||||
touch $local_salt_dir/pillar/$THEDIR/adv_$THEDIR.sls
|
||||
touch $local_salt_dir/pillar/$THEDIR/soc_$THEDIR.sls
|
||||
@@ -1558,7 +1559,6 @@ reserve_group_ids() {
|
||||
logCmd "groupadd -g 931 logstash"
|
||||
logCmd "groupadd -g 932 kibana"
|
||||
logCmd "groupadd -g 933 elastalert"
|
||||
logCmd "groupadd -g 934 curator"
|
||||
logCmd "groupadd -g 937 zeek"
|
||||
logCmd "groupadd -g 940 suricata"
|
||||
logCmd "groupadd -g 941 stenographer"
|
||||
@@ -1603,6 +1603,9 @@ reinstall_init() {
|
||||
salt-call -l info saltutil.kill_all_jobs --local
|
||||
fi
|
||||
|
||||
logCmd "salt-call state.apply ca.remove -linfo --local --file-root=../salt"
|
||||
logCmd "salt-call state.apply ssl.remove -linfo --local --file-root=../salt"
|
||||
|
||||
# Kill any salt processes (safely)
|
||||
for service in "${salt_services[@]}"; do
|
||||
# Stop the service in the background so we can exit after a certain amount of time
|
||||
@@ -1624,9 +1627,6 @@ reinstall_init() {
|
||||
done
|
||||
done
|
||||
|
||||
logCmd "salt-call state.apply ca.remove -linfo --local --file-root=../salt"
|
||||
logCmd "salt-call state.apply ssl.remove -linfo --local --file-root=../salt"
|
||||
|
||||
# Remove all salt configs
|
||||
rm -rf /etc/salt/engines/* /etc/salt/grains /etc/salt/master /etc/salt/master.d/* /etc/salt/minion /etc/salt/minion.d/* /etc/salt/pki/* /etc/salt/proxy /etc/salt/proxy.d/* /var/cache/salt/
|
||||
|
||||
@@ -1651,8 +1651,8 @@ reinstall_init() {
|
||||
backup_dir /nsm/kratos "$date_string"
|
||||
backup_dir /nsm/influxdb "$date_string"
|
||||
|
||||
# Remove the old launcher package in case the config changes
|
||||
remove_package launcher-final
|
||||
# Uninstall local Elastic Agent, if installed
|
||||
logCmd "elastic-agent uninstall -f"
|
||||
|
||||
if [[ $is_deb ]]; then
|
||||
info "Unholding previously held packages."
|
||||
@@ -1815,7 +1815,7 @@ repo_sync_local() {
|
||||
mkdir -p /nsm/repo
|
||||
mkdir -p /opt/so/conf/reposync/cache
|
||||
echo "https://repo.securityonion.net/file/so-repo/prod/2.4/oracle/9" > /opt/so/conf/reposync/mirror.txt
|
||||
echo "https://so-repo-east.s3.us-east-005.backblazeb2.com/prod/2.4/oracle/9" >> /opt/so/conf/reposync/mirror.txt
|
||||
echo "https://repo-alt.securityonion.net/prod/2.4/oracle/9" >> /opt/so/conf/reposync/mirror.txt
|
||||
echo "[main]" > /opt/so/conf/reposync/repodownload.conf
|
||||
echo "gpgcheck=1" >> /opt/so/conf/reposync/repodownload.conf
|
||||
echo "installonly_limit=3" >> /opt/so/conf/reposync/repodownload.conf
|
||||
@@ -1936,7 +1936,11 @@ saltify() {
|
||||
logCmd "dnf -y install salt-$SALTVERSION salt-master-$SALTVERSION salt-minion-$SALTVERSION"
|
||||
else
|
||||
# We just need the minion
|
||||
logCmd "dnf -y install salt-$SALTVERSION salt-minion-$SALTVERSION"
|
||||
if [[ $is_airgap ]]; then
|
||||
logCmd "dnf -y install salt salt-minion"
|
||||
else
|
||||
logCmd "dnf -y install salt-$SALTVERSION salt-minion-$SALTVERSION"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
@@ -2152,11 +2156,12 @@ set_default_log_size() {
|
||||
esac
|
||||
|
||||
local disk_dir="/"
|
||||
if [ -d /nsm ]; then
|
||||
if mountpoint -q /nsm; then
|
||||
disk_dir="/nsm"
|
||||
fi
|
||||
if [ -d /nsm/elasticsearch ]; then
|
||||
if mountpoint -q /nsm/elasticsearch; then
|
||||
disk_dir="/nsm/elasticsearch"
|
||||
percentage=80
|
||||
fi
|
||||
|
||||
local disk_size_1k
|
||||
@@ -2336,6 +2341,8 @@ verify_setup() {
|
||||
result=$?
|
||||
set +o pipefail
|
||||
if [[ $result -eq 0 ]]; then
|
||||
# Remove ISO sudoers entry if present
|
||||
sed -i '/so-setup/d' /etc/sudoers
|
||||
whiptail_setup_complete
|
||||
else
|
||||
whiptail_setup_failed
|
||||
|
||||
Reference in New Issue
Block a user