diff --git a/setup/so-functions b/setup/so-functions index 45d04bba7..83897415e 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -114,17 +114,16 @@ add_web_user() { # Create an secrets pillar so that passwords survive re-install secrets_pillar(){ - if [ ! -f /opt/so/saltstack/pillar/secrets.sls ]; then echo "Creating Secrets Pillar" >> "$SETUPLOG" 2>&1 mkdir -p /opt/so/saltstack/pillar - echo "secrets:" >> /opt/so/saltstack/pillar/secrets.sls - echo " mysql: $MYSQLPASS" >> /opt/so/saltstack/pillar/secrets.sls - echo " fleet: $FLEETPASS" >> /opt/so/saltstack/pillar/secrets.sls - echo " fleet_jwt: $FLEETJWT" >> /opt/so/saltstack/pillar/secrets.sls - echo " fleet_enroll-secret: False" >> /opt/so/saltstack/pillar/secrets.sls + printf '%s\n'\ + "secrets:"\ + " mysql: $MYSQLPASS"\ + " fleet: $FLEETPASS"\ + " fleet_jwt: $FLEETJWT"\ + " fleet_enroll-secret: False" >> /opt/so/saltstack/pillar/secrets.sls fi - } # Enable Bro Logs @@ -139,44 +138,45 @@ bro_logs_enabled() { echo " - $BLOG" | tr -d '"' >> pillar/brologs.sls done else - echo " - conn" >> pillar/brologs.sls - echo " - dce_rpc" >> pillar/brologs.sls - echo " - dhcp" >> pillar/brologs.sls - echo " - dhcpv6" >> pillar/brologs.sls - echo " - dnp3" >> pillar/brologs.sls - echo " - dns" >> pillar/brologs.sls - echo " - dpd" >> pillar/brologs.sls - echo " - files" >> pillar/brologs.sls - echo " - ftp" >> pillar/brologs.sls - echo " - http" >> pillar/brologs.sls - echo " - intel" >> pillar/brologs.sls - echo " - irc" >> pillar/brologs.sls - echo " - kerberos" >> pillar/brologs.sls - echo " - modbus" >> pillar/brologs.sls - echo " - mqtt" >> pillar/brologs.sls - echo " - notice" >> pillar/brologs.sls - echo " - ntlm" >> pillar/brologs.sls - echo " - openvpn" >> pillar/brologs.sls - echo " - pe" >> pillar/brologs.sls - echo " - radius" >> pillar/brologs.sls - echo " - rfb" >> pillar/brologs.sls - echo " - rdp" >> pillar/brologs.sls - echo " - signatures" >> pillar/brologs.sls - echo " - sip" >> pillar/brologs.sls - echo " - smb_files" >> pillar/brologs.sls - echo " - smb_mapping" >> pillar/brologs.sls - echo " - smtp" >> pillar/brologs.sls - echo " - snmp" >> pillar/brologs.sls - echo " - software" >> pillar/brologs.sls - echo " - ssh" >> pillar/brologs.sls - echo " - ssl" >> pillar/brologs.sls - echo " - syslog" >> pillar/brologs.sls - echo " - telnet" >> pillar/brologs.sls - echo " - tunnel" >> pillar/brologs.sls - echo " - weird" >> pillar/brologs.sls - echo " - mysql" >> pillar/brologs.sls - echo " - socks" >> pillar/brologs.sls - echo " - x509" >> pillar/brologs.sls + printf '%s\n'\ + " - conn"\ + " - dce_rpc"\ + " - dhcp"\ + " - dhcpv6"\ + " - dnp3"\ + " - dns"\ + " - dpd"\ + " - files"\ + " - ftp"\ + " - http"\ + " - intel"\ + " - irc"\ + " - kerberos"\ + " - modbus"\ + " - mqtt"\ + " - notice"\ + " - ntlm"\ + " - openvpn"\ + " - pe"\ + " - radius"\ + " - rfb"\ + " - rdp"\ + " - signatures"\ + " - sip"\ + " - smb_files"\ + " - smb_mapping"\ + " - smtp"\ + " - snmp"\ + " - software"\ + " - ssh"\ + " - ssl"\ + " - syslog"\ + " - telnet"\ + " - tunnel"\ + " - weird"\ + " - mysql"\ + " - socks"\ + " - x509" >> pillar/brologs.sls fi } @@ -689,23 +689,24 @@ fireeye_pillar() { FIREEYEPILLARPATH=/opt/so/saltstack/pillar/fireeye mkdir -p "$FIREEYEPILLARPATH" - echo "" >> $FIREEYEPILLARPATH/init.sls - echo "fireeye:" >> $FIREEYEPILLARPATH/init.sls - echo " helix:" >> $FIREEYEPILLARPATH/init.sls - echo " api_key: $HELIXAPIKEY" >> $FIREEYEPILLARPATH/init.sls + printf '%s\n'\ + "fireeye:"\ + " helix:"\ + " api_key: $HELIXAPIKEY" + "" > "$FIREEYEPILLARPATH"/init.sls } fleet_pillar() { - PILLARFILE=$TMP/pillar/minions/$MINION_ID.sls + PILLARFILE="$TMP"/pillar/minions/"$MINION_ID".sls - # Create the fleet pillar - touch $PILLARFILE - echo "fleet:" >> $PILLARFILE - echo " mainip: $MAINIP" >> $PILLARFILE - echo " master: $MSRV" >> $PILLARFILE - echo "" >> $PILLARFILE + # Create the fleet pillar + printf '%s\n'\ + "fleet:"\ + " mainip: $MAINIP"\ + " master: $MSRV"\ + "" > "$PILLARFILE" } generate_passwords(){