Merge branch 'dev' of https://github.com/Security-Onion-Solutions/securityonion-saltstack into dev

pillar/firewall/analyst.sls

@@ -1,3 +0,0 @@
-analyst:
-  - 127.0.0.1
-  

pillar/firewall/beats_endpoint.sls

@@ -1,3 +0,0 @@
-beats_endpoint:
-  - 127.0.0.1
-  

pillar/firewall/forward_nodes.sls

@@ -1,3 +0,0 @@
-forward_nodes:
-  - 127.0.0.1
-  

pillar/firewall/masterfw.sls

@@ -1,2 +0,0 @@
-masterfw:
-  - 127.0.0.1

pillar/firewall/minions.sls

@@ -1,3 +0,0 @@
-minions:
-  - 127.0.0.1
-  

pillar/firewall/osquery_endpoint.sls

@@ -1,3 +0,0 @@
-osquery_endpoint:
-  - 127.0.0.1
-  

pillar/firewall/search_nodes.sls

@@ -1,2 +0,0 @@
-search_nodes:
-  - 127.0.0.1

pillar/firewall/wazuh_endpoint.sls

@@ -1,2 +0,0 @@
-wazuh_endpoint:
-  - 127.0.0.1

setup/so-functions

@@ -705,9 +705,20 @@ fireeye_pillar() {
 
 }
 
-# Run a salt command to generate the minion key
-salt_firstcheckin() {
-	salt-call state.show_top >> /dev/null # send output to /dev/null because we don't actually care about the ouput
+# Generate Firewall Templates
+firewall_generate_templates() {
+
+	local firewall_pillar_path=/opt/so/saltstack/pillar/firewall
+	mkdir -p "$firewall_pillar_path"
+
+	for i in analyst beats_endpoint forward_nodes masterfw minions osquery_endpoint search_nodes wazuh_endpoint
+	do
+	  printf '%s\n'\
+	  "$i:"\
+	  "  - 127.0.0.1"\
+	  "" > "$firewall_pillar_path"/$i.sls
+	  echo "Added $i Template"
+	done
 }
 
 fleet_pillar() {
@@ -734,10 +745,6 @@ generate_passwords(){
   KRATOSKEY=$(tr -dc 'a-zA-Z0-9' < /dev/urandom  | fold -w 20 | head -n 1)
 }
 
-set_main_ip() {
-	MAINIP=$(ip route get 1 | awk '{print $7;exit}')
-}
-
 get_redirect() {
 	whiptail_set_redirect_info
 	whiptail_set_redirect
@@ -755,15 +762,6 @@ got_root() {
 	fi
 }
 
-install_cleanup() {
-	echo "Installer removing the following files:"
-	ls -lR "$temp_install_dir"
-
-	# Clean up after ourselves
-	rm -rf "$temp_install_dir"
-
-}
-
 get_minion_type() {
 	local minion_type
 	case "$install_type" in
@@ -780,9 +778,13 @@ get_minion_type() {
 	echo "$minion_type"
 }
 
-set_base_heapsizes() {
-	es_heapsize
-	ls_heapsize
+install_cleanup() {
+	echo "Installer removing the following files:"
+	ls -lR "$temp_install_dir"
+
+	# Clean up after ourselves
+	rm -rf "$temp_install_dir"
+
 }
 
 master_pillar() {
@@ -1173,6 +1175,20 @@ salt_checkin() {
 	} >> "$setup_log" 2>&1
 }
 
+# Run a salt command to generate the minion key
+salt_firstcheckin() {
+	salt-call state.show_top >> /dev/null # send output to /dev/null because we don't actually care about the ouput
+}
+
+set_base_heapsizes() {
+	es_heapsize
+	ls_heapsize
+}
+
+set_main_ip() {
+	MAINIP=$(ip route get 1 | awk '{print $7;exit}')
+}
+
 setup_salt_master_dirs() {
 	# Create salt paster directories
 	mkdir -p /opt/so/saltstack/salt

setup/so-setup

@@ -62,6 +62,11 @@ if [ "$install_type" = 'EVAL' ]; then
 	is_master=true
 	is_sensor=true
 	is_eval=true
+elif [ "$install_type" = 'PROD' ]; then
+	is_master=true
+	is_distmaster=true
+	is_node=true
+	is_sensor=true
 elif [ "$install_type" = 'MASTERSEARCH' ]; then
 	is_master=true
 	is_distmaster=true
@@ -73,7 +78,7 @@ elif [ "$install_type" = 'SENSOR' ]; then
 	is_sensor=true
 	is_minion=true
 	STRELKA=1
-elif [[ "$install_type" =~ ^('SEARCHNODE'|'PARSINGNODE'|'HOTNODE'|'WARMNODE')$ ]]; then
+elif [[ "$install_type" =~ ^('SEARCHNODE'|'HOTNODE'|'WARMNODE')$ ]]; then
 	is_node=true
 	is_minion=true
 elif [ "$install_type" = 'HEAVYNODE' ]; then
@@ -294,6 +299,7 @@ export percentage=0
 		set_progress_str 10 'Configuring Salt master'
 		copy_master_config 2>> "$setup_log"
 		setup_salt_master_dirs 2>> "$setup_log"
+		firewall_generate_templates 2>> "$setup_log"
 		
 		set_progress_str 11 'Updating sudoers file for soremote user'
 		update_sudoers 2>> "$setup_log"

setup/so-whiptail

@@ -390,15 +390,15 @@ whiptail_install_type() {
 	"SEARCHNODE" "Add a Search Node with parsing" OFF \
 	"MASTER" "Start a new grid" OFF \
 	"EVAL" "Evaluate all the things" OFF \
+	"PROD" "Standalone full install of everything" OFF \
 	"MASTERSEARCH" "Master + Search Node" OFF \
 	"HEAVYNODE" "Sensor + Search Node" OFF \
 	"HELIXSENSOR" "Connect this sensor to FireEye Helix" OFF \
 	"FLEET" "Dedicated Fleet Osquery Node" OFF \
-	"HOTNODE" "TODO Add Hot Node (Search Node without Parsing)" OFF \
+	"HOTNODE" "TODO Add Hot Node (Uses Elastic Clustering)" OFF \
 	"WARMNODE" "TODO Add Warm Node to existing Hot or Search node" OFF \
-	"WAZUH" "TODO Stand Alone Wazuh Node" OFF \
-	"STRELKA" "TODO Stand Alone Strelka Node" OFF \
-	"PARSINGNODE" "TODO Add a dedicated Parsing Node" OFF 3>&1 1>&2 2>&3 )
+	"WAZUH" "TODO Stand Alone Wazuh Server" OFF \
+	"STRELKA" "TODO Stand Alone Strelka Node" OFF 3>&1 1>&2 2>&3 )
 
 	local exitstatus=$?
 	whiptail_check_exitstatus $exitstatus