Merge pull request #10857 from Security-Onion-Solutions/ordesk

Oracle Desktop

setup/so-functions

@@ -1898,14 +1898,41 @@ securityonion_repo() {
 		logCmd "dnf -v clean all"
 		logCmd "mkdir -vp /root/oldrepos"
 		logCmd "mv -v /etc/yum.repos.d/* /root/oldrepos/"
-		if [[ ! $waitforstate ]]; then
+		if [[ $is_desktop_iso ]]; then
+			if [[ ! is_airgap ]]; then
+				echo "https://repo.securityonion.net/file/so-repo/prod/2.4/oracle/9" > /etc/yum/mirror.txt
+				echo "https://so-repo-east.s3.us-east-005.backblazeb2.com/prod/2.4/oracle/9" >> /etc/yum/mirror.txt
+				echo "[main]" > /etc/yum.repos.d/securityonion.repo
+				echo "gpgcheck=1" >> /etc/yum.repos.d/securityonion.repo
+				echo "installonly_limit=3" >> /etc/yum.repos.d/securityonion.repo
+				echo "clean_requirements_on_remove=True" >> /etc/yum.repos.d/securityonion.repo
+				echo "best=True" >> /etc/yum.repos.d/securityonion.repo
+				echo "skip_if_unavailable=False" >> /etc/yum.repos.d/securityonion.repo
+				echo "cachedir=/opt/so/conf/reposync/cache" >> /etc/yum.repos.d/securityonion.repo
+				echo "keepcache=0" >> /etc/yum.repos.d/securityonion.repo
+				echo "[securityonionsync]" >> /etc/yum.repos.d/securityonion.repo
+				echo "name=Security Onion Repo repo" >> /etc/yum.repos.d/securityonion.repo
+				echo "mirrorlist=file:///opt/so/conf/reposync/mirror.txt" >> /etc/yum.repos.d/securityonion.repo
+				echo "enabled=1" >> /etc/yum.repos.d/securityonion.repo
+				echo "gpgcheck=1" >> /etc/yum.repos.d/securityonion.repo
+				logCmd "dnf repolist"
+			else
+				echo "[securityonion]" > /etc/yum.repos.d/securityonion.repo
+				echo "name=Security Onion Repo" >> /etc/yum.repos.d/securityonion.repo
+				echo "baseurl=https://$MSRV/repo" >> /etc/yum.repos.d/securityonion.repo
+				echo "enabled=1" >> /etc/yum.repos.d/securityonion.repo
+				echo "gpgcheck=1" >> /etc/yum.repos.d/securityonion.repo
+				echo "sslverify=0" >> /etc/yum.repos.d/securityonion.repo
+				logCmd "dnf repolist"
+			fi
+		elif [[ ! $waitforstate ]]; then
 			echo "[securityonion]" > /etc/yum.repos.d/securityonion.repo
 			echo "name=Security Onion Repo" >> /etc/yum.repos.d/securityonion.repo
 			echo "baseurl=https://$MSRV/repo" >> /etc/yum.repos.d/securityonion.repo
 			echo "enabled=1" >> /etc/yum.repos.d/securityonion.repo
 			echo "gpgcheck=1" >> /etc/yum.repos.d/securityonion.repo
 			echo "sslverify=0" >> /etc/yum.repos.d/securityonion.repo		
-		else
+		elif [[ $waitforstate ]]; then
 			echo "[securityonion]" > /etc/yum.repos.d/securityonion.repo
 			echo "name=Security Onion Repo" >> /etc/yum.repos.d/securityonion.repo
 			echo "baseurl=file:///nsm/repo/" >> /etc/yum.repos.d/securityonion.repo

setup/so-setup

@@ -117,52 +117,6 @@ if [[ "$setup_type" == 'iso' ]]; then
 	fi
 fi
 
-# Check to see if this is an desktop install. If it is let's run things differently
-if [[ $is_desktop ]]; then
-	title "This is a desktop install"
-
-	# Make sure it's CentOS or Rocky Linux
-	if [[ $is_rpm ]]; then
-		info "Security Onion Desktop is supported on this OS."
-	else
-		info "Security Onion Desktop is not supported on this OS."
-		exit 1
-	fi
-
-	if ! whiptail_desktop_install; then
-		if [[ $is_desktop_iso ]]; then
-			if whiptail_desktop_nongrid_iso; then
-				# Remove setup from auto launching
-				parse_install_username
-				sed -i '$ d' /home/$INSTALLUSERNAME/.bash_profile >> "$setup_log" 2>&1
-				info "Enabling graphical interface and setting it to load at boot"
-				systemctl set-default graphical.target
-				startx
-				exit 0
-			else
-				# Abort!
-				exit 0
-			fi
-		else
-			if whiptail_desktop_nongrid_network; then
-				info ""
-				info ""
-				info "Kicking off the automated setup of the Security Onion Desktop. This can take a while depending on your network connection."
-				info ""
-				info ""
-				desktop_salt_local
-			else
-				# Abort!
-				exit 0
-			fi
-		fi
-	fi
-
-	# If you got this far then you want to join the grid
-	is_minion=true
-
-fi
-
 if ! [ -f $install_opt_file ] && [ -d /root/manager_setup/securityonion ] && [[ $(pwd) != /root/manager_setup/securityonion/setup ]]; then
 	exec bash /root/manager_setup/securityonion/setup/so-setup "${original_args[@]}"
 fi
@@ -366,6 +320,55 @@ fi
 # Process the install type
 process_installtype
 
+# Check to see if this is an desktop install. If it is let's run things differently
+if [[ $is_desktop ]]; then
+	title "This is a desktop install"
+
+	# Make sure it's oracle
+	if [[ $is_oracle ]]; then
+		info "Security Onion Desktop is supported on this OS."
+	else
+		info "Security Onion Desktop is not supported on this OS."
+		exit 1
+	fi
+
+#	if ! whiptail_desktop_install; then
+	if [[ $is_desktop_iso ]]; then
+		if whiptail_desktop_nongrid_iso; then
+			# Remove setup from auto launching
+			parse_install_username
+			sed -i '$ d' /home/$INSTALLUSERNAME/.bash_profile >> "$setup_log" 2>&1
+			securityonion_repo
+			info "Enabling graphical interface and setting it to load at boot"
+			systemctl set-default graphical.target
+			startx
+			exit 0
+		else
+			# Abort!
+			exit 0
+		fi
+	else
+		if whiptail_desktop_nongrid_network; then
+			info ""
+			info ""
+			info "Kicking off the automated setup of the Security Onion Desktop. This can take a while depending on your network connection."
+			info ""
+			info ""
+			desktop_salt_local
+		else
+			# Abort!
+			exit 0
+		fi
+	fi
+#	fi
+
+	# If you got this far then you want to join the grid
+	is_minion=true
+
+fi
+
+
+
 # If this is not an automated install prompt
 if ! [[ -f $install_opt_file ]]; then
 	# If you are a manager ask ALL the manager things here. I know there is code re-use but this makes it easier to add new roles