diff --git a/salt/common/tools/sbin/so-common b/salt/common/tools/sbin/so-common index 7fb17092f..341f9a55a 100755 --- a/salt/common/tools/sbin/so-common +++ b/salt/common/tools/sbin/so-common @@ -88,19 +88,6 @@ add_interface_bond0() { fi } -check_airgap() { - # See if this is an airgap install - AIRGAP=$(cat /opt/so/saltstack/local/pillar/global.sls | grep airgap: | awk '{print $2}') - if [[ "$AIRGAP" == "True" ]]; then - is_airgap=0 - UPDATE_DIR=/tmp/soagupdate/SecurityOnion - AGDOCKER=/tmp/soagupdate/docker - AGREPO=/tmp/soagupdate/Packages - else - is_airgap=1 - fi -} - check_container() { docker ps | grep "$1:" > /dev/null 2>&1 return $? diff --git a/salt/common/tools/sbin/soup b/salt/common/tools/sbin/soup index c1e25b208..c2f5a7f08 100755 --- a/salt/common/tools/sbin/soup +++ b/salt/common/tools/sbin/soup @@ -18,6 +18,7 @@ . /usr/sbin/so-common UPDATE_DIR=/tmp/sogh/securityonion +DEFAULT_SALT_DIR=/opt/so/saltstack/default INSTALLEDVERSION=$(cat /etc/soversion) POSTVERSION=$INSTALLEDVERSION INSTALLEDSALTVERSION=$(salt --versions-report | grep Salt: | awk '{print $2}') @@ -168,6 +169,19 @@ update_registry() { salt-call state.apply registry queue=True } +check_airgap() { + # See if this is an airgap install + AIRGAP=$(cat /opt/so/saltstack/local/pillar/global.sls | grep airgap: | awk '{print $2}') + if [[ "$AIRGAP" == "True" ]]; then + is_airgap=0 + UPDATE_DIR=/tmp/soagupdate/SecurityOnion + AGDOCKER=/tmp/soagupdate/docker + AGREPO=/tmp/soagupdate/Packages + else + is_airgap=1 + fi +} + check_sudoers() { if grep -q "so-setup" /etc/sudoers; then echo "There is an entry for so-setup in the sudoers file, this can be safely deleted using \"visudo\"." @@ -275,9 +289,7 @@ clone_to_tmp() { if [ -n "$BRANCH" ]; then SOUP_BRANCH="-b $BRANCH" fi - set +e - run_check_net_err "git clone $SOUP_BRANCH https://github.com/Security-Onion-Solutions/securityonion.git" "Could not clone repo, please ensure network access to https://github.com" - set -e + git clone $SOUP_BRANCH https://github.com/Security-Onion-Solutions/securityonion.git cd /tmp if [ ! -f $UPDATE_DIR/VERSION ]; then echo "Update was unable to pull from github. Please check your internet." @@ -732,6 +744,7 @@ verify_latest_update_script() { main() { set -e + set +e trap 'check_err $?' EXIT echo "### Preparing soup at $(date) ###" @@ -760,24 +773,25 @@ main() { check_airgap echo "Found that Security Onion $INSTALLEDVERSION is currently installed." echo "" - set_os - set_palette - check_elastic_license - echo "" if [[ $is_airgap -eq 0 ]]; then # Let's mount the ISO since this is airgap + echo "This is airgap. Ask for a location." airgap_mounted else echo "Cloning Security Onion github repo into $UPDATE_DIR." echo "Removing previous upgrade sources." rm -rf $UPDATE_DIR + echo "Cloning the Security Onion Repo." clone_to_tmp fi - check_os_updates - echo "" echo "Verifying we have the latest soup script." verify_latest_update_script echo "" + set_os + set_palette + check_elastic_license + echo "" + check_os_updates echo "Generating new repo archive" generate_and_clean_tarballs @@ -793,7 +807,7 @@ main() { echo "Checking for Salt Master and Minion updates." upgrade_check_salt - + set -e if [ "$is_hotfix" == "true" ]; then echo "Applying $HOTFIXVERSION"