Fleet Module - Added auto install of launcher if osq enabled

2025-12-06 17:22:49 +01:00 · 2019-04-30 09:35:29 -04:00
parent 44e2dbdc60
commit 85f7137901
6 changed files with 51 additions and 6 deletions
--- a/pillar/data/addtotab.sh
+++ b/pillar/data/addtotab.sh
@@ -11,6 +11,8 @@ MANINT=$6
 ROOTFS=$7
 NSM=$8
 MONINT=$9
+#NODETYPE=$10
+#HOTNAME=$11

 echo "Seeing if this host is already in here. If so delete it"
 if grep -q $NAME "/opt/so/saltstack/pillar/data/$TYPE.sls"; then
@@ -49,3 +51,7 @@ if [ $TYPE == 'evaltab' ]; then
  salt-call state.apply common queue=True
  salt-call state.apply utility queue=True
 fi
+#if [ $TYPE == 'nodestab' ]; then
+#  echo "    nodetype: $NODETYPE" >> /opt/so/saltstack/pillar/data/$TYPE.sls
+#  echo "    hotname: $HOTNAME" >> /opt/so/saltstack/pillar/data/$TYPE.sls
+#fi
--- a/salt/fleet/so-fleet-setup.sh
+++ b/salt/fleet/so-fleet-setup.sh
@@ -29,16 +29,21 @@ docker run \
  --mount type=bind,source=/etc/pki/launcher.crt,target=/var/launcher/launcher.crt \
  soshybridhunter/so-fleet-launcher:HH1.0.8 "$esecret" "$1":8080

+cp /opt/so/conf/fleet/packages/launcher.* /opt/so/saltstack/salt/launcher/packages/
 #Update timestamp on packages webpage
 sed -i "s@.*Generated.*@Generated: $(date '+%m%d%Y')@g" /opt/so/conf/fleet/packages/index.html
 sed -i "s@.*Generated.*@Generated: $(date '+%m%d%Y')@g" /opt/so/saltstack/salt/fleet/osquery-packages.html

-#Install osquery locally
-if cat /etc/os-release | grep -q 'debian'; then
-   dpkg -i /opt/so/conf/fleet/packages/launcher.deb
-else
-   rpm -i /opt/so/conf/fleet/packages/launcher.rpm
-fi
+# Enable Fleet on all the other parts of the infrastructure
+sed -i 's/fleetsetup: 0/fleetsetup: 1/g' /opt/so/salt/saltstack/pillar/static.sls

+# Install osquery locally
+#if cat /etc/os-release | grep -q 'debian'; then
+#   dpkg -i /opt/so/conf/fleet/packages/launcher.deb
+#else
+#   rpm -i /opt/so/conf/fleet/packages/launcher.rpm
+#fi
+echo "Installing launcher via salt"
+salt-call state.apply launcher queue=True > /root/launcher.log
 echo "Fleet Setup Complete - Login here: https://$1"
 echo "Your username is $2 and your password is $initpw"
--- a/salt/launcher/init.sls
+++ b/salt/launcher/init.sls
@@ -0,0 +1,12 @@
+{%- set FLEETSETUP = salt['pillar.get']('static:fleetsetup', '0') -%}
+
+{%- if FLEETSETUP != 0 %}
+launcherpkg:
+  pkg.installed:
+    - sources:
+      {% if grains['os'] == 'CentOS' %}
+      - launcher: salt://launcher/packages/launcher.rpm
+      {% elif grains['os'] == 'Ubuntu' %}
+      - launcher: salt://launcher/packages/launcher.deb
+      {% endif %}
+{%- endif %}
--- a/salt/launcher/packages/info.txt
+++ b/salt/launcher/packages/info.txt
@@ -0,0 +1 @@
+Fleet Packages will be copied to this folder
--- a/salt/top.sls
+++ b/salt/top.sls
@@ -16,6 +16,9 @@ base:
    {%- endif %}
    - wazuh
    - filebeat
+    {%- if OSQUERY != 0 %}
+    - launcher
+    {%- endif %}
    - schedule

  'G@role:so-eval':
@@ -39,6 +42,7 @@ base:
    {%- if OSQUERY != 0 %}
    - fleet
    - redis
+    - launcher
    {%- endif %}
    {%- if WAZUH != 0 %}
    - wazuh
@@ -75,6 +79,7 @@ base:
    - schedule
    {%- if OSQUERY != 0 %}
    - fleet
+    - launcher
    {%- endif %}
    - soctopus
    {%- if THEHIVE != 0 %}
@@ -89,6 +94,9 @@ base:
    - common
    - firewall
    - logstash
+    {%- if OSQUERY != 0 %}
+    - launcher
+    {%- endif %}
    - schedule

  'G@role:so-node and I@node:node_type:hot':
@@ -98,6 +106,9 @@ base:
    - logstash
    - elasticsearch
    - curator
+    {%- if OSQUERY != 0 %}
+    - launcher
+    {%- endif %}
    - schedule

  'G@role:so-node and I@node:node_type:warm':
@@ -105,6 +116,9 @@ base:
    - common
    - firewall
    - elasticsearch
+    {%- if OSQUERY != 0 %}
+    - launcher
+    {%- endif %}
    - schedule

  'G@role:so-node and I@node:node_type:storage':
@@ -118,6 +132,9 @@ base:
    - curator
    - wazuh
    - filebeat
+    {%- if OSQUERY != 0 %}
+    - launcher
+    {%- endif %}
    - schedule

  'G@role:mastersensor':
@@ -125,4 +142,7 @@ base:
    - firewall
    - sensor
    - master
+    {%- if OSQUERY != 0 %}
+    - launcher
+    {%- endif %}
    - schedule
--- a/so-setup-network.sh
+++ b/so-setup-network.sh
@@ -582,6 +582,7 @@ master_static() {
  echo "  hiveuser: hiveadmin" >> /opt/so/saltstack/pillar/static.sls
  echo "  hivepassword: hivechangeme" >> /opt/so/saltstack/pillar/static.sls
  echo "  hivekey: $HIVEKEY" >> /opt/so/saltstack/pillar/static.sls
+  echo "  fleetsetup: 0" >> /opt/so/salt/saltstack/pillar/static.sls
  if [[ $MASTERUPDATES == 'MASTER' ]]; then
    echo "  masterupdate: 1" >> /opt/so/saltstack/pillar/static.sls
  else
				`@@ -0,0 +1 @@`
				`Fleet Packages will be copied to this folder`