[feat] Add message in setup and motd on where to access SOC

2025-12-06 09:12:45 +01:00 · 2020-07-10 14:38:03 -04:00
parent c5eff1d89e
commit 72aa91b763
4 changed files with 27 additions and 8 deletions
--- a/salt/motd/files/package_update_reboot_required.jinja
+++ b/salt/motd/files/package_update_reboot_required.jinja
@@ -1,4 +1,9 @@
 {% set needs_restarting_check = salt['mine.get']('*', 'needs_restarting.check', tgt_type='glob') -%}
+{% set url = salt['pillar.get']('master:url_base') -%}
+
+
+Access the Security Onion web interface at https://{{ url }}
+(You may need to run so-allow first if you haven't yet)

 {%- if needs_restarting_check %}
  {%- set minions_need_restarted = [] %}
--- a/salt/motd/init.sls
+++ b/salt/motd/init.sls
@@ -1,5 +1,5 @@
-package_update_reboot_required_motd:
+so_motd:
  file.managed:
    - name: /etc/motd
-    - source: salt://motd/files/package_update_reboot_required.jinja
+    - source: salt://motd/files/so_motd.jinja
    - template: jinja
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -926,13 +926,13 @@ master_pillar() {

 	case $REDIRECTINFO in
 		'IP')
-			REDIRECTIT="$MAINIP"
+			export REDIRECTIT="$MAINIP"
 			;;
 		'HOSTNAME')
-			REDIRECTIT=$HOSTNAME
+			export REDIRECTIT=$HOSTNAME
 			;;
 		*)
-			REDIRECTIT="$REDIRECTHOST"
+			export REDIRECTIT="$REDIRECTHOST"
 			;;
 	esac

--- a/setup/so-whiptail
+++ b/setup/so-whiptail
@@ -1033,7 +1033,21 @@ whiptail_setup_complete() {

 	[ -n "$TESTING" ] && return

-	whiptail --title "Security Onion Setup" --msgbox "Finished $install_type install. Press Ok to reboot." 8 75
+	if [[ -n $ALLOW_CIDR ]]; then
+		local sentence_prefix="Access"
+	else
+		local sentence_prefix="Run so-allow after reboot to access"
+	fi
+
+	read -r -d '' message <<- EOM
+		Finished ${install_type} install
+
+		${sentence_prefix} the web interface at https://${REDIRECTIT}
+
+		Press ENTER to reboot
+	EOM
+
+	whiptail --title "Security Onion Setup" --msgbox "$message" 12 75
 }

 whiptail_setup_failed() {
@@ -1068,7 +1082,7 @@ whiptail_so_allow() {
 	if [[ $exitstatus == 0 ]]; then
 		ALLOW_CIDR=$(whiptail --title "Security Onion Setup" \
 		--inputbox "Enter a single ip address or range (in CIDR notation) to allow" \
-		10 75 125 3>&1 1>&2 2>&3)
+		10 75 3>&1 1>&2 2>&3)
 		local exitstatus=$?
 		
 		export ALLOW_ROLE='a'
@@ -1125,7 +1139,7 @@ whiptail_master_updates() {
 	local update_string
 	update_string=$(whiptail --title "Security Onion Setup" --radiolist \
 	"How would you like to download OS package updates for your grid?:" 20 75 4 \
-	"MASTER" "Master node is proxy for updates." ON \
+	"MASTER" "Master node is proxy for updates" ON \
 	"OPEN" "Each node connects to the Internet for updates" OFF 3>&1 1>&2 2>&3 )
 	local exitstatus=$?
 	whiptail_check_exitstatus $exitstatus