CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-13 20:52:54 +01:00
Code Issues Packages Projects Releases Wiki Activity

Setup Script - Added initial function logic

Browse Source
This commit is contained in:
Mike Reeves
2018-03-19 12:05:28 -04:00
parent c6c42a37c7
commit 6ea4d8f48e
1 changed files with 128 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files

200
so-setup-network.sh
View File

@@ -117,13 +117,131 @@ if (whiptail --title "Security Onion Setup" --yesno "Are you sure you want to in
# End Global Variable Section # End Global Variable Section
# Functions
es_heapsize () {
# Determine ES Heap Size
if [ $TOTAL_MEM -lt 8000 ] ; then
ES_HEAP_SIZE="600m"
elif [ $TOTAL_MEM -ge 124000 ]; then
# Set a max of 31GB for heap size
# https://www.elastic.co/guide/en/elasticsearch/guide/current/heap-sizing.html
ES_HEAP_SIZE="31000m"
else
# Set heap size to 25% of available memory
ES_HEAP_SIZE=$(($TOTAL_MEM / 4))"m"
fi
}
ls_heapsize () {
# Determine LS Heap Size
if [ $TOTAL_MEM -lt 8000 ] ; then
LS_HEAP_SIZE="1g"
else [ $TOTAL_MEM -ge 16000 ]; then
# Set a max of 31GB for heap size
# https://www.elastic.co/guide/en/elasticsearch/guide/current/heap-sizing.html
LS_HEAP_SIZE="4192m"
fi
}
configure_sensor () {
# Configure Sensor
touch /etc/salt/grains
echo "role: so-sensor" > /etc/salt/grains
# Master server
echo "master: $MASTER" > /etc/salt/minion
# Start the salt agent
service salt-minion start
# Do a checkin so the key gets there. Need to add some error checking here
salt-call state.highstate
# Create the pillar file for the sensor
touch /tmp/$HOSTNAME.sls
echo "sensors:" > /tmp/$HOSTNAME.sls
echo " interface: bond0" >> /tmp/$HOSTNAME.sls
echo " lbprocs: $LBPROCS" >> /tmp/$HOSTNAME.sls
}
copy_ssh_key () {
# Generate and copy SSH key
cat /dev/zero | ssh-keygen -t rsa -q -N ""
#Copy the key over to the master
ssh-copy-id socore@MASTERSRV
}
create_bond () {
# Create the bond interface
if [ $OS == 'centos' ]; then
alias bond0 bonding
mode=0
# Create Bond files
else
echo bonding >> /etc/modules
modprobe bonding
fi
}
disk_space () {
# Give me Disk Space
}
master_pillar () {
# Create the master pillar
touch /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
echo "master:" > /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
echo " esaccessip: 127.0.0.1" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
echo " esheap: $ES_HEAP_SIZE" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
echo " esclustername: {{ grains.host }}" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
if [ $INSTALLTYPE == 'EVALMODE' ]; then
echo " freq: 1" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
echo " domainstats: 1" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
else
echo " freq: 0" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
echo " domainstats: 0" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
fi
echo " lsheap: $LS_HEAP_SIZE" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
echo " lsaccessip: 127.0.0.1" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
if [ $INSTALLTYPE == 'BACKENDNODE' ]; then
echo " elastalert: 0" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
else
echo " elastalert: 1" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
fi
salt-call state.highstate
salt-key -qya $HOSTNAME
salt-call state.highstate
}
saltify_centos () {
# Install updates and Salt on CentOS
}
saltify () {
# Install updates and Salt
}
salt_directories () {
# Create salt directories
mkdir -p /opt/so/saltstack/salt
mkdir -p /opt/so/saltstack/pillar
cp -Rv pillar/* /opt/so/saltstack/pillar/
cp -Rv salt/* /opt/so/saltstack/salt/
}
update_sudoers () {
# Update Sudoers
echo "socore ALL=(ALL) NOPASSWD:/usr/bin/salt-key" | sudo tee -a /etc/sudoers
}
# End Functions
# Copy over the SSH key # Copy over the SSH key
if [ $INSTALLTYPE == 'SENSORONLY' ] || [ $INSTALLTYPE == 'BACKENDNODE' ]; then if [ $INSTALLTYPE == 'SENSORONLY' ] || [ $INSTALLTYPE == 'BACKENDNODE' ]; then
# Generate SSH Key
cat /dev/zero | ssh-keygen -t rsa -q -N ""
#Copy the key over to the master copy_ssh_key
ssh-copy-id socore@MASTERSRV
fi fi
# Detect Base OS # Detect Base OS
@@ -139,15 +257,7 @@ if (whiptail --title "Security Onion Setup" --yesno "Are you sure you want to in
# Create bond interface # Create bond interface
if [ $INSTALLTYPE != 'MASTERONLY' ] || [ $INSTALLTYPE != 'BACKENDNODE' ]; then if [ $INSTALLTYPE != 'MASTERONLY' ] || [ $INSTALLTYPE != 'BACKENDNODE' ]; then
echo "Setting up Bond" echo "Setting up Bond"
if [ $OS == 'centos' ]; then create_bond
alias bond0 bonding
mode=0
# Create Bond files
else
echo bonding >> /etc/modules
modprobe bonding
fi
fi fi
# Install Updates and the Salt Package # Install Updates and the Salt Package
@@ -193,10 +303,7 @@ if (whiptail --title "Security Onion Setup" --yesno "Are you sure you want to in
# Create the salt directories if this isn't a stadnalone sensor # Create the salt directories if this isn't a stadnalone sensor
if [ $INSTALLTYPE != 'SENSORONLY' ] || [ $INSTALLTYPE != 'BACKENDNODE' ]; then if [ $INSTALLTYPE != 'SENSORONLY' ] || [ $INSTALLTYPE != 'BACKENDNODE' ]; then
mkdir -p /opt/so/saltstack/salt salt_directories
mkdir -p /opt/so/saltstack/pillar
cp -Rv pillar/* /opt/so/saltstack/pillar/
cp -Rv salt/* /opt/so/saltstack/salt/
fi fi
# Add socore user to the system # Add socore user to the system
@@ -211,21 +318,6 @@ if (whiptail --title "Security Onion Setup" --yesno "Are you sure you want to in
if [ $INSTALLTYPE == 'SENSORONLY' ]; then if [ $INSTALLTYPE == 'SENSORONLY' ]; then
# Create the grains file for the sensor # Create the grains file for the sensor
touch /etc/salt/grains
echo "role: so-sensor" > /etc/salt/grains
# Master server
echo "master: $MASTER" > /etc/salt/minion
# Start the salt agent
service salt-minion start
# Do a checkin so the key gets there. Need to add some error checking here
salt-call state.highstate
# Create the pillar file for the sensor
touch /tmp/$HOSTNAME.sls
echo "sensors:" > /tmp/$HOSTNAME.sls
echo " interface: bond0" >> /tmp/$HOSTNAME.sls
echo " lbprocs: $LBPROCS" >> /tmp/$HOSTNAME.sls
# SCP the pillar file to the master # SCP the pillar file to the master
scp /tmp/$HOSTNAME.sls socore@$MASTERSRV:/opt/so/saltstack/pillar/sensors/ scp /tmp/$HOSTNAME.sls socore@$MASTERSRV:/opt/so/saltstack/pillar/sensors/
@@ -240,21 +332,6 @@ if (whiptail --title "Security Onion Setup" --yesno "Are you sure you want to in
# Do that same thing on all the others but drop em into the right place # Do that same thing on all the others but drop em into the right place
if [ $INSTALLTYPE != 'SENSORONLY' ]; then if [ $INSTALLTYPE != 'SENSORONLY' ]; then
# Do some math
# If total memory is less than 8GB, we keep the default of 600m for heap size
if [ $TOTAL_MEM -lt 8000 ] ; then
ES_HEAP_SIZE="600m"
LS_HEAP_SIZE="1g"
elif [ $TOTAL_MEM -ge 124000 ]; then
# Set a max of 31GB for heap size
# https://www.elastic.co/guide/en/elasticsearch/guide/current/heap-sizing.html
ES_HEAP_SIZE="31000m"
LS_HEAP_SIZE="$ES_HEAP_SIZE"
else
# Set heap size to 25% of available memory
ES_HEAP_SIZE=$(($TOTAL_MEM / 4))"m"
LS_HEAP_SIZE="$ES_HEAP_SIZE"
fi
# Create the grains file for the Master # Create the grains file for the Master
touch /etc/salt/grains touch /etc/salt/grains
@@ -273,32 +350,11 @@ if (whiptail --title "Security Onion Setup" --yesno "Are you sure you want to in
service salt-minion restart service salt-minion restart
# Sudoers # Sudoers
echo "socore ALL=(ALL) NOPASSWD:/usr/bin/salt-key" | sudo tee -a /etc/sudoers
# Create the pillar # Create the Master Pillar
touch /opt/so/saltstack/pillar/masters/$HOSTNAME.sls es_heapsize
echo "master:" > /opt/so/saltstack/pillar/masters/$HOSTNAME.sls ls_heapsize
echo " esaccessip: 127.0.0.1" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls master_pillar
echo " esheap: $ES_HEAP_SIZE" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
echo " esclustername: {{ grains.host }}" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
if [ $INSTALLTYPE == 'EVALMODE' ]; then
echo " freq: 1" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
echo " domainstats: 1" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
else
echo " freq: 0" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
echo " domainstats: 0" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
fi
echo " lsheap: $LS_HEAP_SIZE" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
echo " lsaccessip: 127.0.0.1" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
if [ $INSTALLTYPE == 'BACKENDNODE' ]; then
echo " elastalert: 0" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
else
echo " elastalert: 1" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
fi
salt-call state.highstate
salt-key -qya $HOSTNAME
salt-call state.highstate
# Determine Disk space # Determine Disk space
# Calculate half of available disk space for ELSA log_size_limit # Calculate half of available disk space for ELSA log_size_limit