diff --git a/salt/common/init.sls b/salt/common/init.sls index e34431a46..74256dabb 100644 --- a/salt/common/init.sls +++ b/salt/common/init.sls @@ -214,7 +214,7 @@ so-telegraf: - /opt/so/conf/telegraf/etc/telegraf.conf - /opt/so/conf/telegraf/scripts -# If its a master or eval lets install the back end for now +# If its a master or eval lets install the back end for now {% if grains['role'] == 'so-master' or grains['role'] == 'so-eval' and GRAFANA == 1 %} # Influx DB @@ -303,7 +303,7 @@ grafanadashfndir: grafanadashsndir: file.directory: - - name: /opt/so/conf/grafana/grafana_dashboards/storage_nodes + - name: /opt/so/conf/grafana/grafana_dashboards/search_nodes - user: 939 - group: 939 - makedirs: True @@ -362,11 +362,11 @@ dashboard-{{ SN }}: {%- for SN, SNDATA in salt['pillar.get']('nodestab', {}).items() %} dashboard-{{ SN }}: file.managed: - - name: /opt/so/conf/grafana/grafana_dashboards/storage_nodes/{{ SN }}-Node.json + - name: /opt/so/conf/grafana/grafana_dashboards/search_nodes/{{ SN }}-Node.json - user: 939 - group: 939 - template: jinja - - source: salt://common/grafana/grafana_dashboards/storage_nodes/storage.json + - source: salt://common/grafana/grafana_dashboards/search_nodes/searchnode.json - defaults: SERVERNAME: {{ SN }} MANINT: {{ SNDATA.manint }} diff --git a/salt/common/tools/sbin/so-elastic-download b/salt/common/tools/sbin/so-elastic-download new file mode 100644 index 000000000..8155af414 --- /dev/null +++ b/salt/common/tools/sbin/so-elastic-download @@ -0,0 +1,40 @@ +#!/bin/bash +MASTER={{ MASTER }} +VERSION="HH1.1.4" +TRUSTED_CONTAINERS=( \ +"so-auth-api:$VERSION" \ +"so-auth-ui:$VERSION" \ +"so-bro:$VERSION" \ +"so-core:$VERSION" \ +"so-cortex:$VERSION" \ +"so-curator:VERSION" \ +"so-cyberchef:VERSION" \ +"so-elastalert:$VERSION" \ +"so-elasticsearch:$VERSION" \ +"so-filebeat:$VERSION" \ +"so-fleet:$VERSION" \ +"so-grafana:$VERSION" \ +"so-idstools:$VERSION" \ +"so-influxdb:$VERSION" \ +"so-kibana:$VERSION" \ +"so-mysql:$VERSION" \ +"so-navigator:$VERSION" \ +"so-playbook:$VERSION" \ +"so-redis:$VERSION" \ +"so-sensoroni:$VERSION" \ +"so-soctopus:$VERSION" \ +"so-steno:$VERSION" \ +"so-suricata:$VERSION" \ +"so-telegraf:$VERSION" \ +"so-thehive:$VERSION" \ +"so-thehive-es:$VERSION" \ +"so-wazuh:$VERSION" ) + +for i in "${TRUSTED_CONTAINERS[@]}" +do + # Pull down the trusted docker image + docker pull --disable-content-trust=false docker.io/soshybridhunter/$i + # Tag it with the new registry destination + docker tag soshybridhunter/$i $MASTER:5000/soshybridhunter/$i + docker push $MASTER:5000/soshybridhunter/$i +done diff --git a/setup/functions.sh b/setup/functions.sh index 6ebcd7a89..98e2a1d81 100644 --- a/setup/functions.sh +++ b/setup/functions.sh @@ -409,9 +409,10 @@ docker_install() { yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo yum -y update yum -y install docker-ce python36-docker - if [ $INSTALLTYPE != 'EVALMODE' ]; then - docker_registry - fi +# if [ $INSTALLTYPE != 'EVALMODE' ]; then +# docker_registry +# fi + docker_registry echo "Restarting Docker" >> $SETUPLOG 2>&1 systemctl restart docker systemctl enable docker @@ -420,9 +421,10 @@ docker_install() { if [ $INSTALLTYPE == 'MASTERONLY' ] || [ $INSTALLTYPE == 'EVALMODE' ]; then apt-get update >> $SETUPLOG 2>&1 apt-get -y install docker-ce python3-docker >> $SETUPLOG 2>&1 - if [ $INSTALLTYPE != 'EVALMODE' ]; then - docker_registry >> $SETUPLOG 2>&1 - fi +# if [ $INSTALLTYPE != 'EVALMODE' ]; then +# docker_registry >> $SETUPLOG 2>&1 +# fi + docker_registry echo "Restarting Docker" >> $SETUPLOG 2>&1 systemctl restart docker >> $SETUPLOG 2>&1 else