From 3de980e4a1d0b9fd41aab9e87edf1293d5ba7fb6 Mon Sep 17 00:00:00 2001
From: William Wernert <william.wernert@securityonionsolutions.com>
Date: Wed, 31 Mar 2021 16:00:37 -0400
Subject: [PATCH 1/4] Move function call to run after Network Manager is
 installed

---
 setup/so-setup | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/setup/so-setup b/setup/so-setup
index e2c866964..4a19b1b50 100755
--- a/setup/so-setup
+++ b/setup/so-setup
@@ -168,10 +168,8 @@ set_ssh_cmds $automated
 local_sbin="$(pwd)/../salt/common/tools/sbin"
 export PATH=$PATH:$local_sbin
 
-set_network_dev_status_list
 set_palette >> $setup_log 2>&1
 
-
 # Kernel messages can overwrite whiptail screen #812
 # https://github.com/Security-Onion-Solutions/securityonion/issues/812
 dmesg -D
@@ -434,6 +432,7 @@ if [[ $is_helix ]]; then
 fi
 
 if [[ $is_helix || $is_sensor ]]; then
+	set_network_dev_status_list
 	whiptail_sensor_nics
 fi
 

From fc886341591d6d34cbdf1d4057f63aada1363ceb Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Mon, 5 Apr 2021 15:01:21 -0400
Subject: [PATCH 2/4] Set the Repo for airgap during install

---
 setup/so-functions | 11 +++++++++++
 setup/so-setup     |  2 ++
 2 files changed, 13 insertions(+)

diff --git a/setup/so-functions b/setup/so-functions
index c9f0925ec..47d75f1c0 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -44,6 +44,17 @@ logCmd() {
 }
 ### End Logging Section ###
 
+airgap_repo() {
+	# Remove all the repo files
+	rm -rf /etc/yum.repos.d/*
+	echo "[airgap_repo]" > /etc/yum./repos.d/airgap_repo.repo
+    echo "baseurl=https://$MSRV/repo" >> /etc/yum.repos.d/airgap_repo.repo
+    echo "gpgcheck=1" >> /etc/yum.repos.d/airgap_repo.repo
+    echo "sslverify=0" >> /etc/yum.repos.d/airgap_repo.repo
+    echo "name=Airgap Repo" >> /etc/yum.repos.d/airgap_repo.repo
+    echo "enabled=1" >> /etc/yum.repos.d/airgap_repo.repo
+}
+
 airgap_rules() {
 	# Copy the rules for suricata if using Airgap
 	mkdir -p /nsm/repo/rules
diff --git a/setup/so-setup b/setup/so-setup
index 0aa78aa10..d3ef48ba6 100755
--- a/setup/so-setup
+++ b/setup/so-setup
@@ -648,6 +648,8 @@ set_redirect >> $setup_log 2>&1
 	if [[ ! $is_airgap ]]; then
 	    securityonion_repo >> $setup_log 2>&1
 	    update_packages >> $setup_log 2>&1
+	else
+	    airgap_repo >> $setup_log 2>&1
 	fi
 
 	if [[ $is_sensor || $is_helix || $is_import ]]; then

From a38015bd989e0101ecafa3eb9c4285bf94c35750 Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Mon, 5 Apr 2021 17:28:04 -0400
Subject: [PATCH 3/4] Add some manager logic

---
 salt/common/init.sls | 3 +++
 setup/so-functions   | 6 +++++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/salt/common/init.sls b/salt/common/init.sls
index 5fe3d9081..0ada77e1a 100644
--- a/salt/common/init.sls
+++ b/salt/common/init.sls
@@ -3,6 +3,7 @@
 
 {% set role = grains.id.split('_') | last %}
 {% set managerupdates = salt['pillar.get']('global:managerupdate', '0') %}
+{% set ISAIRGAP = salt['pillar.get']('global:airgap', False) %}
 
 # Remove variables.txt from /tmp - This is temp
 rmvariablesfile:
@@ -125,6 +126,7 @@ crwazrepo:
   file.absent:
     - name: /etc/yum.repos.d/wazuh.repo
 
+{% if not ISAIRGAP %}
 crsecurityonionrepo:
   file.managed:
     {% if role in ['eval', 'standalone', 'import', 'manager', 'managersearch'] or managerupdates == 0 %}
@@ -137,6 +139,7 @@ crsecurityonionrepo:
     - mode: 644
 
 {% endif %}
+{% endif %}
 
 # Install common packages
 {% if grains['os'] != 'CentOS' %}     
diff --git a/setup/so-functions b/setup/so-functions
index 47d75f1c0..55cd9290d 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -48,7 +48,11 @@ airgap_repo() {
 	# Remove all the repo files
 	rm -rf /etc/yum.repos.d/*
 	echo "[airgap_repo]" > /etc/yum./repos.d/airgap_repo.repo
-    echo "baseurl=https://$MSRV/repo" >> /etc/yum.repos.d/airgap_repo.repo
+	if $is_manager; then
+	    echo "baseurl=https://$HOSTNAME/repo" >> /etc/yum.repos.d/airgap_repo.repo
+	else
+        echo "baseurl=https://$MSRV/repo" >> /etc/yum.repos.d/airgap_repo.repo
+	fi
     echo "gpgcheck=1" >> /etc/yum.repos.d/airgap_repo.repo
     echo "sslverify=0" >> /etc/yum.repos.d/airgap_repo.repo
     echo "name=Airgap Repo" >> /etc/yum.repos.d/airgap_repo.repo

From 168d0bcaf4c1bbee023868651d7cebd9a36cc0fd Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Mon, 5 Apr 2021 18:30:07 -0400
Subject: [PATCH 4/4] Fix Spelling issue

---
 setup/so-functions | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/setup/so-functions b/setup/so-functions
index 55cd9290d..2e5e9ee7c 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -47,7 +47,7 @@ logCmd() {
 airgap_repo() {
 	# Remove all the repo files
 	rm -rf /etc/yum.repos.d/*
-	echo "[airgap_repo]" > /etc/yum./repos.d/airgap_repo.repo
+	echo "[airgap_repo]" > /etc/yum.repos.d/airgap_repo.repo
 	if $is_manager; then
 	    echo "baseurl=https://$HOSTNAME/repo" >> /etc/yum.repos.d/airgap_repo.repo
 	else