Merge pull request #6142 from Security-Onion-Solutions/foxtrot

Whiptail changes

setup/so-functions

@@ -475,10 +475,15 @@ collect_mngr_hostname() {
 		whiptail_management_server "$MSRV"
 	done
 
+	while [[ $MSRV == "$HOSTNAME" ]]; do 
+		whiptail_invalid_hostname 0
+		whiptail_management_server "$MSRV"
+	done
+
 	if ! getent hosts "$MSRV"; then
 		whiptail_manager_ip
 
-		while ! valid_ip4 "$MSRVIP"; do
+		while ! valid_ip4 "$MSRVIP" || [[ $MSRVIP == "$MAINIP" || $MSRVIP == "127.0.0.1" ]]; do
 			whiptail_invalid_input
 			whiptail_manager_ip "$MSRVIP"
 		done

setup/so-whiptail

@@ -735,7 +735,7 @@ whiptail_install_type() {
 
 	# What kind of install are we doing?
 	install_type=$(whiptail --title "$whiptail_title" --radiolist \
-	"Choose install type:" 12 65 5 \
+	"Choose install type. See https://docs.securityonion.net/architecture for details." 12 65 5 \
 		"EVAL" "Evaluation mode (not for production) " ON \
 		"STANDALONE" "Standalone production install " OFF \
 		"DISTRIBUTED" "Distributed install submenu " OFF \
@@ -749,6 +749,11 @@ whiptail_install_type() {
 
 	if [[ $install_type == "DISTRIBUTED" ]]; then
 		whiptail_install_type_dist
+		if [[ $dist_option == "NEWDEPLOYMENT" ]]; then
+			whiptail_install_type_dist_new
+		else
+			whiptail_install_type_dist_existing
+		fi
 	elif [[ $install_type == "OTHER" ]]; then
 		whiptail_install_type_other
 	fi
@@ -759,13 +764,55 @@ whiptail_install_type() {
 whiptail_install_type_dist() {
 
 	[ -n "$TESTING" ] && return
+
+	dist_option=$(whiptail --title "$whiptail_title" --menu "Do you want to start a new deployment or join this box to \nan existing deployment?" 11 75 2 \
+		"New Deployment         " "Create a new Security Onion deployment" \
+		"Existing Deployment    " "Join to an exisiting Security Onion deployment " \
+		 3>&1 1>&2 2>&3
+	)
+	local exitstatus=$?
+	whiptail_check_exitstatus $exitstatus
+
+	dist_option=$(echo "${dist_option^^}" | tr -d ' ')
+}
+
+whiptail_install_type_dist_new() {
+	[ -n "$TESTING" ] && return
+
+	local mngr_msg
+	read -r -d '' mngr_msg <<- EOM
+	Choose a distributed manager type to start a new grid.
 	
-	install_type=$(whiptail --title "$whiptail_title" --radiolist \
-	"Choose distributed node type:" 13 60 6 \
-		"MANAGER" "Start a new grid " ON \
-		"SENSOR" "Create a forward only sensor " OFF \
+	See https://docs.securityonion.net/architecture for details.
+
+	Note: MANAGER is the recommended option for most users. MANAGERSEARCH should only be used in very specific situations.
+	EOM
+	
+	install_type=$(whiptail --title "$whiptail_title" --radiolist "$mngr_msg" 15 75 2 \
+		"MANAGER" "New grid, requires separate search node(s) " ON \
+		"MANAGERSEARCH" "New grid, separate search node(s) are optional " OFF \
+		3>&1 1>&2 2>&3
+	)
+
+	local exitstatus=$?
+	whiptail_check_exitstatus $exitstatus
+}
+
+whiptail_install_type_dist_existing() {
+	[ -n "$TESTING" ] && return
+
+	local node_msg
+	read -r -d '' node_msg <<- EOM
+	Choose a distributed node type to join to an existing grid.
+	
+	See https://docs.securityonion.net/architecture for details.
+
+	Note: Heavy nodes (HEAVYNODE) are NOT recommended for most users.
+	EOM
+	
+	install_type=$(whiptail --title "$whiptail_title" --radiolist "$node_msg" 17 57 4 \
+		"SENSOR" "Create a forward only sensor " ON \
 		"SEARCHNODE" "Add a search node with parsing " OFF \
-		"MANAGERSEARCH" "Manager + search node " OFF \
 		"FLEET" "Dedicated Fleet Osquery Node " OFF \
 		"HEAVYNODE" "Sensor + Search Node " OFF \
 		3>&1 1>&2 2>&3
@@ -777,8 +824,6 @@ whiptail_install_type_dist() {
 
 	local exitstatus=$?
 	whiptail_check_exitstatus $exitstatus
-
-	export install_type
 }
 
 whiptail_install_type_other() {
@@ -812,7 +857,6 @@ whiptail_invalid_input() { # TODO: This should accept a list of arguments to spe
 	[ -n "$TESTING" ] && return
 	
 	whiptail --title "$whiptail_title" --msgbox "  Invalid input, please try again." 7 40
-
 }
 
 whiptail_invalid_proxy() {
@@ -859,10 +903,21 @@ whiptail_invalid_user_warning() {
 whiptail_invalid_hostname() {
 	[ -n "$TESTING" ] && return
 
+	local is_manager_hostname
+	is_manager_hostname="$1"
+
 	local error_message
-	error_message=$(echo "Please choose a valid hostname. It cannot be localhost; and must contain only \
-		the ASCII letters 'A-Z' and 'a-z' (case-sensitive), the digits '0' through '9', \
-		and hyphen ('-')" | tr -d '\t')
+	read -r -d '' error_message <<- EOM
+	Please choose a valid hostname. It cannot be localhost. It must contain only the ASCII letters 'A-Z' and 'a-z' (case-sensitive), the digits '0' through '9', and hyphen ('-').
+	EOM
+
+	if [[ $is_manager_hostname = 0 ]]; then
+		local error_message
+		read -r -d '' error_message <<- EOM
+		Please enter a valid hostname. The manager hostname cannot be localhost or the chosen hostname for this machine. 
+		EOM
+
+	fi
 
 	whiptail --title "$whiptail_title" \
 	--msgbox "$error_message" 10 75
@@ -907,6 +962,7 @@ whiptail_first_menu_iso() {
 
 	option=$(echo "${option^^}" | tr -d ' ')
 }
+
 whiptail_make_changes() {
 
 	[ -n "$TESTING" ] && return