CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

refactor airgap playbook to eliminate dupe code and shrink ISO

Browse Source
This commit is contained in:
Jason Ertel
2025-06-24 09:34:57 -04:00
parent 6fc7c930a6
commit b052a75e64
4 changed files with 13 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
salt/common/tools/sbin/so-common
View File

@@ -99,6 +99,17 @@ add_interface_bond0() {
fi fi
} }
airgap_playbooks() {
SRC_DIR=$1
# Copy playbooks if using airgap
mkdir -p /nsm/airgap-resources
# Purge old airgap playbooks to ensure SO only uses the latest released playbooks
rm -fr /nsm/airgap-resources/playbooks
logCmd "tar xf $SRC_DIR/airgap-resources/playbooks.tgz -C /nsm/airgap-resources/"
logCmd "chown -R socore:socore /nsm/airgap-resources/playbooks"
logCmd "git config --global --add safe.directory /nsm/airgap-resources/playbooks"
}
check_container() { check_container() {
docker ps | grep "$1:" > /dev/null 2>&1 docker ps | grep "$1:" > /dev/null 2>&1
return $? return $?

9
salt/manager/tools/sbin/soup
View File

@@ -1069,13 +1069,6 @@ update_airgap_rules() {
rsync -a $UPDATE_DIR/agrules/securityonion-resources/* /nsm/securityonion-resources/ rsync -a $UPDATE_DIR/agrules/securityonion-resources/* /nsm/securityonion-resources/
} }
update_airgap_playbooks() {
# Copy the playbooks over to update them for airgap.
mkdir -p /nsm/airgap-resources/playbooks
chown -R socore:socore /nsm/airgap-resources/playbooks
rsync -a --delete --chown=socore:socore $UPDATE_DIR/airgap-resources/playbooks/ /nsm/airgap-resources/playbooks/
}
update_airgap_repo() { update_airgap_repo() {
# Update the files in the repo # Update the files in the repo
echo "Syncing new updates to /nsm/repo" echo "Syncing new updates to /nsm/repo"
@@ -1426,7 +1419,7 @@ main() {
echo "Updating Rule Files to the Latest." echo "Updating Rule Files to the Latest."
update_airgap_rules update_airgap_rules
echo "Updating Playbooks to the Latest." echo "Updating Playbooks to the Latest."
update_airgap_playbooks airgap_playbooks "$UPDATE_DIR"
fi fi
# since we don't run the backup.config_backup state on import we wont snapshot previous version states and pillars # since we don't run the backup.config_backup state on import we wont snapshot previous version states and pillars

6
setup/so-functions
View File

@@ -56,12 +56,6 @@ airgap_detection_summaries() {
logCmd "git config --global --add safe.directory /opt/so/conf/soc/ai_summary_repos/securityonion-resources" logCmd "git config --global --add safe.directory /opt/so/conf/soc/ai_summary_repos/securityonion-resources"
logCmd "git -C /opt/so/conf/soc/ai_summary_repos/securityonion-resources checkout generated-summaries-published" logCmd "git -C /opt/so/conf/soc/ai_summary_repos/securityonion-resources checkout generated-summaries-published"
} }
airgap_playbooks() {
# Copy playbooks if using airgap
mkdir -p /nsm/airgap-resources/playbooks
logCmd "rsync -av --chown=socore:socore /root/SecurityOnion/airgap-resources/playbooks/ /nsm/airgap-resources/playbooks/"
logCmd "git config --global --add safe.directory /nsm/airgap-resources/playbooks"
}
add_admin_user() { add_admin_user() {
title "Adding $ADMINUSER to the system with sudo rights" title "Adding $ADMINUSER to the system with sudo rights"

2
setup/so-setup
View File

@@ -771,7 +771,7 @@ if ! [[ -f $install_opt_file ]]; then
fi fi
if [[ $is_airgap ]]; then if [[ $is_airgap ]]; then
title "Syncing Playbooks" title "Syncing Playbooks"
airgap_playbooks airgap_playbooks /root/SecurityOnion
fi fi
title "Setting up Kibana Default Space" title "Setting up Kibana Default Space"
logCmd "so-kibana-space-defaults" logCmd "so-kibana-space-defaults"