Enable airgap functions

setup/so-functions

@@ -480,72 +480,6 @@ check_requirements() {
 	fi
 }
 
-copy_salt_master_config() {
-
-	# Copy the Salt master config template to the proper directory
-	if [ "$setup_type" = 'iso' ]; then
-		cp /root/SecurityOnion/files/master /etc/salt/master >> "$setup_log" 2>&1
-	else
-		cp ../files/master /etc/salt/master >> "$setup_log" 2>&1
-	fi
-
-	# Restart the service so it picks up the changes
-	systemctl restart salt-master >> "$setup_log" 2>&1
-}
-
-copy_minion_tmp_files() {
-	case "$install_type" in
-		'MANAGER' | 'EVAL' | 'HELIXSENSOR' | 'MANAGERSEARCH' | 'STANDALONE' | 'IMPORT')
-			echo "Copying pillar and salt files in $temp_install_dir to $local_salt_dir"
-			cp -Rv "$temp_install_dir"/pillar/ $local_salt_dir/ >> "$setup_log" 2>&1
-			if [ -d "$temp_install_dir"/salt ] ; then
-				cp -Rv "$temp_install_dir"/salt/ $local_salt_dir/ >> "$setup_log" 2>&1
-			fi
-			;;
-		*)
-			{
-				echo "scp pillar and salt files in $temp_install_dir to manager $local_salt_dir";
-				ssh -i /root/.ssh/so.key soremote@"$MSRV" mkdir -p /tmp/"$MINION_ID"/pillar;
-				ssh -i /root/.ssh/so.key soremote@"$MSRV" mkdir -p /tmp/"$MINION_ID"/schedules;
-				scp -prv -i /root/.ssh/so.key "$temp_install_dir"/pillar/minions/* soremote@"$MSRV":/tmp/"$MINION_ID"/pillar/;
-				if [ -d $temp_install_dir/salt/patch/os/schedules/ ]; then
-					if [ "$(ls -A $temp_install_dir/salt/patch/os/schedules/)" ]; then
-						scp -prv -i /root/.ssh/so.key $temp_install_dir/salt/patch/os/schedules/* soremote@$MSRV:/tmp/$MINION_ID/schedules;
-					fi
-				fi
-				ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/salt/manager/files/add_minion.sh "$MINION_ID";
-			} >> "$setup_log" 2>&1
-			;;
-	esac
-}
-
-copy_ssh_key() {
-
-	echo "Generating SSH key"
-	# Generate SSH key
-	mkdir -p /root/.ssh
-	ssh-keygen -f /root/.ssh/so.key -t rsa -q -N "" < /dev/zero
-	chown -R "$SUDO_USER":"$SUDO_USER" /root/.ssh
-	echo "Copying the SSH key to the manager"
-	#Copy the key over to the manager
-	ssh-copy-id -f -i /root/.ssh/so.key soremote@"$MSRV"
-}
-
-create_local_directories() {
-	echo "Creating local pillar and salt directories"
-	PILLARSALTDIR=${SCRIPTDIR::-5}
-	for i in "pillar" "salt"; do
-		for d in $(find $PILLARSALTDIR/$i -type d); do
-			suffixdir=${d//$PILLARSALTDIR/}
-			if [ ! -d "$local_salt_dir/$suffixdir" ]; then
-				mkdir -v "$local_salt_dir$suffixdir" >> "$setup_log" 2>&1
-			fi
-		done
-		chown -R socore:socore "$local_salt_dir/$i"
-	done
-
-}
-
 configure_network_sensor() {
 	echo "Setting up sensor interface" >> "$setup_log" 2>&1
 	local nic_error=0
@@ -630,6 +564,77 @@ configure_network_sensor() {
 	fi
 }
 
+copy_salt_master_config() {
+
+	# Copy the Salt master config template to the proper directory
+	if [ "$setup_type" = 'iso' ]; then
+		cp /root/SecurityOnion/files/master /etc/salt/master >> "$setup_log" 2>&1
+	else
+		cp ../files/master /etc/salt/master >> "$setup_log" 2>&1
+	fi
+
+	# Restart the service so it picks up the changes
+	systemctl restart salt-master >> "$setup_log" 2>&1
+}
+
+copy_minion_tmp_files() {
+	case "$install_type" in
+		'MANAGER' | 'EVAL' | 'HELIXSENSOR' | 'MANAGERSEARCH' | 'STANDALONE' | 'IMPORT')
+			echo "Copying pillar and salt files in $temp_install_dir to $local_salt_dir"
+			cp -Rv "$temp_install_dir"/pillar/ $local_salt_dir/ >> "$setup_log" 2>&1
+			if [ -d "$temp_install_dir"/salt ] ; then
+				cp -Rv "$temp_install_dir"/salt/ $local_salt_dir/ >> "$setup_log" 2>&1
+			fi
+			;;
+		*)
+			{
+				echo "scp pillar and salt files in $temp_install_dir to manager $local_salt_dir";
+				ssh -i /root/.ssh/so.key soremote@"$MSRV" mkdir -p /tmp/"$MINION_ID"/pillar;
+				ssh -i /root/.ssh/so.key soremote@"$MSRV" mkdir -p /tmp/"$MINION_ID"/schedules;
+				scp -prv -i /root/.ssh/so.key "$temp_install_dir"/pillar/minions/* soremote@"$MSRV":/tmp/"$MINION_ID"/pillar/;
+				if [ -d $temp_install_dir/salt/patch/os/schedules/ ]; then
+					if [ "$(ls -A $temp_install_dir/salt/patch/os/schedules/)" ]; then
+						scp -prv -i /root/.ssh/so.key $temp_install_dir/salt/patch/os/schedules/* soremote@$MSRV:/tmp/$MINION_ID/schedules;
+					fi
+				fi
+				ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo $default_salt_dir/salt/manager/files/add_minion.sh "$MINION_ID";
+			} >> "$setup_log" 2>&1
+			;;
+	esac
+}
+
+copy_ssh_key() {
+
+	echo "Generating SSH key"
+	# Generate SSH key
+	mkdir -p /root/.ssh
+	ssh-keygen -f /root/.ssh/so.key -t rsa -q -N "" < /dev/zero
+	chown -R "$SUDO_USER":"$SUDO_USER" /root/.ssh
+	echo "Copying the SSH key to the manager"
+	#Copy the key over to the manager
+	ssh-copy-id -f -i /root/.ssh/so.key soremote@"$MSRV"
+}
+
+create_local_directories() {
+	echo "Creating local pillar and salt directories"
+	PILLARSALTDIR=${SCRIPTDIR::-5}
+	for i in "pillar" "salt"; do
+		for d in $(find $PILLARSALTDIR/$i -type d); do
+			suffixdir=${d//$PILLARSALTDIR/}
+			if [ ! -d "$local_salt_dir/$suffixdir" ]; then
+				mkdir -v "$local_salt_dir$suffixdir" >> "$setup_log" 2>&1
+			fi
+		done
+		chown -R socore:socore "$local_salt_dir/$i"
+	done
+
+}
+
+create_repo() {
+	# Create the repo for airgap
+	createrepo /nsm/repo
+}
+
 detect_cloud() {
   echo "Testing if setup is running on a cloud instance..." >> "$setup_log" 2>&1
   if ( curl --fail -s -m 5 http://169.254.169.254/latest/meta-data/instance-id > /dev/null ) || ( dmidecode -s bios-vendor | grep -q Google > /dev/null); then export is_cloud="true"; fi
@@ -1097,6 +1102,14 @@ manager_global() {
 				"  url_base: $REDIRECTIT"\
                 "  managerip: $MAINIP" > "$global_pillar"
 		
+        if [[ $is_airgap ]]; then
+		        printf '%s\n'\
+                        "  airgap: True"\ >> "$global_pillar"
+		else 
+		        printf '%s\n'\
+                        "  airgap: False"\ >> "$global_pillar"
+		fi
+		        
         # Check if TheHive is enabled.  If so, add creds and other details
         if [[ "$THEHIVE" == "1" ]]; then
                 printf '%s\n'\

setup/so-setup

@@ -411,6 +411,8 @@ if [[ $is_manager || $is_import ]]; then whiptail_so_allow; fi
 
 whiptail_make_changes
 
+# From here on changes will be made.
+
 if [[ -n "$TURBO" ]]; then
 	use_turbo_proxy
 fi