From 6a4f3a526f22ec02460e78219241972ba45f6bcb Mon Sep 17 00:00:00 2001
From: William Wernert <william.wernert@securityonionsolutions.com>
Date: Mon, 4 May 2020 09:43:36 -0400
Subject: [PATCH] [fix] Fix so-setup ordering

Run all salt commands after accepting salt key, and apply firewall state after all pillars generated
---
 setup/so-setup | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/setup/so-setup b/setup/so-setup
index e060b9292..d80272795 100755
--- a/setup/so-setup
+++ b/setup/so-setup
@@ -302,9 +302,6 @@ export percentage=0
 	set_progress_str 14 'Configuring firewall'
 	set_initial_firewall_policy 2>> "$setup_log"
 
-	set_progress_str 15 "$(print_salt_state_apply 'firewall')"
-	salt-call state.apply -l info firewall >> $setup_log 2>&1
-
 	set_progress_str 16 'Running first Salt checkin'
 	salt_firstcheckin 2>> "$setup_log"
 
@@ -313,39 +310,42 @@ export percentage=0
 		fireeye_pillar 2>> "$setup_log"
 	fi
 	
-	set_progress_str 18 "$(print_salt_state_apply 'schedule')"
-	salt-call state.apply -l info schedule >> $setup_log 2>&1
-
-	set_progress_str 19 'Copying minion pillars to master'
-	copy_minion_tmp_files 2>> "$setup_log"
-
 	if [[ $is_node ]]; then
-		set_progress_str 20 'Setting node type'
+		set_progress_str 18 'Setting node type'
 		set_node_type 2>> "$setup_log"
 
-		set_progress_str 21 'Generating search node pillar'
+		set_progress_str 19 'Generating search node pillar'
 		node_pillar 2>> "$setup_log"
 	fi
 
 	if [[ $is_minion ]]; then
-		set_progress_str 22 'Accepting Salt key on master'
+		set_progress_str 20 'Accepting Salt key on master'
 		accept_salt_key_remote 2>> "$setup_log"
 	fi
 
 	if [[ $is_master ]]; then
-		set_progress_str 23 'Accepting Salt key'
+		set_progress_str 21 'Accepting Salt key'
 		salt-key -ya "$MINION_ID" >> "$setup_log" 2>&1
 	fi
 
-	set_progress_str 24 'Generating CA and checking in'
+	set_progress_str 22 'Generating CA and checking in'
 	salt_checkin 2>> "$setup_log"
 
+	set_progress_str 23 "$(print_salt_state_apply 'schedule')"
+	salt-call state.apply -l info schedule >> $setup_log 2>&1
+
+	set_progress_str 24 'Copying minion pillars to master'
+	copy_minion_tmp_files 2>> "$setup_log"
+
 	if [[ $is_master || $is_helix ]]; then
 		set_progress_str 25 'Downloading containers from the internet'
 		salt-call state.apply -l info registry >> "$setup_log" 2>&1
 		docker_seed_registry 2>> "$setup_log" # ~ 60% when finished
 	fi
 
+	set_progress_str 61 "$(print_salt_state_apply 'firewall')"
+	salt-call state.apply -l info firewall >> $setup_log 2>&1
+
 	set_progress_str 63 "$(print_salt_state_apply 'common')"
 	salt-call state.apply -l info common >> $setup_log 2>&1