CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 09:42:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add workstation to the salt config

Browse Source
This commit is contained in:
Mike Reeves
2022-03-30 14:03:52 -04:00
parent f43a6757e0
commit a049e458c6
2 changed files with 43 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
setup/so-functions
View File

@@ -155,7 +155,8 @@ analyst_workstation_pillar() {
"workstation:"\ "workstation:"\
" gui:"\ " gui:"\
" enabled: true" >> "$pillar_file" " enabled: true" >> "$pillar_file"
"sensoroni:"\
" node_description: '${NODE_DESCRIPTION//\'/''}'"
} }
calculate_useable_cores() { calculate_useable_cores() {
@@ -786,6 +787,9 @@ collect_zeek() {
configure_minion() { configure_minion() {
local minion_type=$1 local minion_type=$1
if [[ $is_analyst ]]; then
minion_type=workstation
fi
echo "Configuring minion type as $minion_type" >> "$setup_log" 2>&1 echo "Configuring minion type as $minion_type" >> "$setup_log" 2>&1
echo "role: so-$minion_type" > /etc/salt/grains echo "role: so-$minion_type" > /etc/salt/grains
@@ -794,6 +798,9 @@ configure_minion() {
echo "id: '$MINION_ID'" > "$minion_config" echo "id: '$MINION_ID'" > "$minion_config"
case "$minion_type" in case "$minion_type" in
'workstation')
echo "master: '$HOSTNAME'" >> "$minion_config"
;;
'helix') 'helix')
cp -f ../salt/ca/files/signing_policies.conf /etc/salt/minion.d/signing_policies.conf cp -f ../salt/ca/files/signing_policies.conf /etc/salt/minion.d/signing_policies.conf
echo "master: '$HOSTNAME'" >> "$minion_config" echo "master: '$HOSTNAME'" >> "$minion_config"
@@ -2249,11 +2256,13 @@ remove_package() {
saltify() { saltify() {
# Install updates and Salt # Install updates and Salt
if [ $OS = 'centos' ]; then if [[ $is_centos ]]; then
set_progress_str 6 'Installing various dependencies' set_progress_str 6 'Installing various dependencies'
if [[ ! $is_iso ]]; then if [[ ! ( $is_iso || $is_analyst_iso ) ]]; then
logCmd "yum -y install wget nmap-ncat" logCmd "yum -y install wget nmap-ncat"
fi fi
if [[ ! is_analyst ]]; then
case "$install_type" in case "$install_type" in
'MANAGER' | 'EVAL' | 'MANAGERSEARCH' | 'FLEET' | 'HELIXSENSOR' | 'STANDALONE'| 'IMPORT') 'MANAGER' | 'EVAL' | 'MANAGERSEARCH' | 'FLEET' | 'HELIXSENSOR' | 'STANDALONE'| 'IMPORT')
reserve_group_ids reserve_group_ids
@@ -2276,11 +2285,12 @@ saltify() {
*) *)
;; ;;
esac esac
fi
if [[ ! $is_airgap ]]; then if [[ ! $is_airgap ]]; then
logCmd "yum clean expire-cache" logCmd "yum clean expire-cache"
fi fi
set_progress_str 8 'Installing salt-minion & python modules' set_progress_str 8 'Installing salt-minion & python modules'
if [[ ! $is_iso ]]; then if [[ ! ( $is_iso || $is_analyst_iso ) ]]; then
logCmd "yum -y install salt-minion-3004 httpd-tools python3 python36-docker python36-dateutil python36-m2crypto python36-mysql python36-packaging python36-lxml yum-utils device-mapper-persistent-data lvm2 openssl jq" logCmd "yum -y install salt-minion-3004 httpd-tools python3 python36-docker python36-dateutil python36-m2crypto python36-mysql python36-packaging python36-lxml yum-utils device-mapper-persistent-data lvm2 openssl jq"
logCmd "yum -y update --exclude=salt*" logCmd "yum -y update --exclude=salt*"
fi fi

5
setup/so-setup
View File

@@ -461,7 +461,12 @@ detect_cloud
short_name=$(echo "$HOSTNAME" | awk -F. '{print $1}') short_name=$(echo "$HOSTNAME" | awk -F. '{print $1}')
if [[ $is_analyst ]]; then
MINION_ID=$(echo "${short_name}_workstation" | tr '[:upper:]' '[:lower:]')
fi
if [[ ! $is_analyst ]]; then
MINION_ID=$(echo "${short_name}_${install_type}" | tr '[:upper:]' '[:lower:]') MINION_ID=$(echo "${short_name}_${install_type}" | tr '[:upper:]' '[:lower:]')
fi
export MINION_ID export MINION_ID
echo "MINION_ID = $MINION_ID" >> $setup_log 2>&1 echo "MINION_ID = $MINION_ID" >> $setup_log 2>&1