IDH - setup tweaks

setup/so-functions

@@ -450,11 +450,21 @@ collect_hostname_validate() {
 collect_idh_services() {
 	whiptail_idh_services
 
-	if [ $idh_services == "Custom"; ] then
-		whiptail_idh_services_custom
-	fi
-
-	echo $idh_services
+	case "$idh_services" in
+		'Linux Webserver')
+			idh_services=("HTTP" "FTP" "SSH")
+		;;
+		'MySQL Server')
+			idh_services=("MYSQL" "SSH")
+		;;
+		'MSSQL Server')
+			idh_services=("MSSQL" "VNC")
+		;;
+		'Custom')
+			whiptail_idh_services_custom
+			echo $idh_services
+		;;
+	esac
 }
 
 collect_int_ip_mask() {
@@ -2839,6 +2849,16 @@ wait_for_salt_minion() {
 	retry 60 5 "journalctl -u salt-minion.service | grep 'Minion is ready to receive requests'" >> "$setup_log" 2>&1 || exit 1
 }
 
+write_out_idh_services() {
+	printf '%s\n'\
+	"idh:"\
+	"  opencanary:"\
+	"    config:" >> "$minion_config"
+	for service in ${idh_services[@]}; do
+      echo "      - $service" >> "$minion_config"
+    done
+}
+
 # Enable Zeek Logs
 zeek_logs_enabled() {
 	echo "Enabling Zeek Logs" >> "$setup_log" 2>&1

setup/so-setup

@@ -271,6 +271,10 @@ if [[ $is_manager || $is_import ]]; then
 	check_elastic_license
 fi
 
+if [[ $is_idh ]]; then
+	collect_idh_services
+fi
+
 if ! [[ -f $install_opt_file ]]; then
 	if [[ $is_manager && $is_sensor ]]; then
 		check_requirements "standalone"
@@ -914,8 +918,9 @@ echo "1" > /root/accept_changes
 
 	fi
 
-	if [[ "$IDH" = 1 ]]; then
-		collect_idh_services()
+	if [[ $is_idh ]]; then
+		# Write out services to minion pillar file
+		write_out_idh_services
 
 		set_progress_str 79 "$(print_salt_state_apply 'idh')"
 		salt-call state.apply -l info idh >> $setup_log 2>&1

setup/so-whiptail

@@ -723,7 +723,7 @@ whiptail_idh_services() {
 	[ -n "$TESTING" ] && return
 
 	idh_services=$(whiptail --title "$whiptail_title" --radiolist \
-		"\nThe IDH node can mimic several services.\n\nChoose one of the common options along with their default ports (TCP) or select the Custom option to build a customized set of services." 20 75 5 \
+		"\nThe IDH node can mimic many different services.\n\nChoose one of the common options along with their default ports (TCP) or select the Custom option to build a customized set of services." 20 75 5 \
 		"Linux Webserver" "Apache (80), FTP (21), SSH (22)" ON \
 		"MySQL Server" "MySQL (3306), SSH (22)" OFF \
 		"MSSQL Server" "Microsoft SQL (1433), VNC (5900)" OFF \
@@ -739,20 +739,20 @@ whiptail_idh_services_custom() {
 	[ -n "$TESTING" ] && return
 
 	idh_services=$(whiptail --title "$whiptail_title" --checklist \
-		"\nThe IDH node can mimic many different services.\n\nChoose one or more of the following services along with their default ports (TCP). Some services have additional configuration options, please consult the documentation for further information." 20 75 6 \
-		"FTP       " "TCP/21,   Additional Configuration Available   " OFF \
-		"Git       " "TCP/9418                                       " OFF \
-		"HTTP      " "TCP/80,   Additional Configuration Available   " OFF \
-		"HTTPPROXY " "TCP/8080, Additional Configuration Available   " OFF \
-		"MSSQL     " "TCP/22                                         " OFF \
-		"MySQL     " "TCP/3306, Additional Configuration Available   " OFF \
-		"NTP       " "TCP/123                                        " OFF \
-		"REDIS     " "TCP/6379                                       " OFF \
-		"SNMP      " "TCP/161                                        " OFF \
-		"SSH       " "TCP/22,   Additional Configuration Available   " OFF \
-		"TELNET    " "TCP/23,   Additional Configuration Available   " OFF \
-		"TFTP      " "TCP/69                                         " OFF \
-		"VNC       " "TCP/22                                         " OFF 3>&1 1>&2 2>&3 )
+		"\nThe IDH node can mimic many different services.\n\nChoose one or more of the following services along with their default ports (TCP). Some services have additional configuration options, please consult the documentation for further information." 25 75 8 \
+		"FTP" "  TCP/21,   Additional Configuration Available   " OFF \
+		"Git" "  TCP/9418                                       " OFF \
+		"HTTP" "  TCP/80,   Additional Configuration Available   " OFF \
+		"HTTPPROXY" "  TCP/8080, Additional Configuration Available   " OFF \
+		"MSSQL" "  TCP/22                                         " OFF \
+		"MySQL" "  TCP/3306, Additional Configuration Available   " OFF \
+		"NTP" "  TCP/123                                        " OFF \
+		"REDIS" "  TCP/6379                                       " OFF \
+		"SNMP" "  TCP/161                                        " OFF \
+		"SSH" "  TCP/22,   Additional Configuration Available   " OFF \
+		"TELNET" "  TCP/23,   Additional Configuration Available   " OFF \
+		"TFTP" "  TCP/69                                         " OFF \
+		"VNC" "  TCP/22                                         " OFF 3>&1 1>&2 2>&3 )
 
 	local exitstatus=$?
 	whiptail_check_exitstatus $exitstatus