[refactor] Start using case statements and local vars

2025-12-09 10:42:54 +01:00 · 2020-04-18 18:29:57 -04:00
parent f801cbe376
commit b57b1b6689
1 changed files with 118 additions and 118 deletions
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -130,12 +130,15 @@ secrets_pillar(){
 bro_logs_enabled() {
 	echo "Enabling Bro Logs" >> "$SETUPLOG" 2>&1

-	echo "brologs:" > pillar/brologs.sls
-	echo "  enabled:" >> pillar/brologs.sls
+	local brologs_pillar="$SCRIPTDIR/pillar/brologs.sls"
+
+	printf '%s\n'\
+		"brologs:"\
+		"  enabled:" > "$brologs_pillar"

 	if [ "$MASTERADV" = 'ADVANCED' ]; then
 		for BLOG in "${BLOGS[@]}"; do
-			echo "    - $BLOG" | tr -d '"' >> pillar/brologs.sls
+			echo "    - $BLOG" | tr -d '"' >> "$brologs_pillar"
 		done
 	else
 		printf '%s\n'\
@@ -176,7 +179,7 @@ bro_logs_enabled() {
 			"    - weird"\
 			"    - mysql"\
 			"    - socks"\
-			"    - x509" >> pillar/brologs.sls
+			"    - x509" >> "$brologs_pillar"
 	fi
 }

@@ -307,40 +310,41 @@ collect_webuser_inputs() {
 	done
 }

+# $1 => install type
 configure_minion() {
-
-  # You have to pass the TYPE to this function so it knows if its a master or not
 	local TYPE=$1
 	echo "Configuring minion type as $TYPE" >> "$SETUPLOG" 2>&1
-  touch /etc/salt/grains
 	echo "role: so-$TYPE" > /etc/salt/grains
-  if [ "$TYPE" == 'master' ] || [ "$TYPE" == 'eval' ] || [ "$TYPE" == 'mastersearch' ]; then
-	echo "master: $HOSTNAME" > /etc/salt/minion
+
+	local minion_config=/etc/salt/minion
+
+	echo "id: $MINION_ID" > "$minion_config"
+
+	case "$TYPE" in
+		'helix')
+			echo "master: $HOSTNAME" >> "$minion_config"
+			;;
+		'master' | 'eval' | 'mastersearch')
 			printf '%s\n'\
-		"id: $MINION_ID"\
+				"master: $HOSTNAME"\
 				"mysql.host: '$MAINIP'"\
 				"mysql.port: 3306"\
-		"mysql.user: 'root'" >> /etc/salt/minion
+				"mysql.user: 'root'" >> "$minion_config"
 			if [ ! -f /opt/so/saltstack/pillar/secrets.sls ]; then
-	  echo "mysql.pass: '$MYSQLPASS'" >> /etc/salt/minion
+				echo "mysql.pass: '$MYSQLPASS'" >> "$minion_config"
 			else
 				OLDPASS=$(grep "mysql" /opt/so/saltstack/pillar/secrets.sls | awk '{print $2}')
-	  echo "mysql.pass: '$OLDPASS'" >> /etc/salt/minion
+				echo "mysql.pass: '$OLDPASS'" >> "$minion_config"
 			fi
-  elif [ "$TYPE" == 'helix' ]; then
-	echo "master: $HOSTNAME" > /etc/salt/minion
-	echo "id: $MINION_ID" >> /etc/salt/minion
-  elif [ $"TYPE" == 'fleet' ]; then
-	echo "master: $MSRV" > /etc/salt/minion
-	echo "id: $MINION_ID" >> /etc/salt/minion
-  else
-	echo "master: $MSRV" > /etc/salt/minion
-	echo "id: $MINION_ID" >> /etc/salt/minion
+			;;
+		*)
+			echo "master: $MSRV" >> "$minion_config"
+			;;
+	esac

-  fi
-
-  echo "use_superseded:" >> /etc/salt/minion
-  echo "  - module.run" >> /etc/salt/minion
+	printf '%s\n'\
+		"use_superseded:"\
+		"  - module.run" >> /etc/salt/minion

 	service salt-minion restart

@@ -361,14 +365,15 @@ copy_master_config() {
 }

 copy_minion_tmp_files() {
-
-	if [ "$INSTALLTYPE" == 'MASTER' ] || [ "$INSTALLTYPE" == 'EVAL' ] || [ "$INSTALLTYPE" == 'HELIXSENSOR' ] || [ "$INSTALLTYPE" == 'MASTERSEARCH' ]; then
+	case "$INSTALLTYPE" in
+		'MASTER' | 'EVAL' | 'HELIXSENSOR' | 'MASTERSEARCH')
 			echo "Copying pillar and salt files in $TMP to /opt/so/saltstack"
 			cp -Rv "$TMP"/pillar/ /opt/so/saltstack/ >> "$SETUPLOG" 2>&1
 			if [ -d "$TMP"/salt ] ; then
 				cp -Rv "$TMP"/salt/ /opt/so/saltstack/ >> "$SETUPLOG" 2>&1
 			fi
-	else
+			;;
+		*)
 			{
 				echo "scp pillar and salt files in $TMP to master /opt/so/saltstack";
 				ssh -i /root/.ssh/so.key soremote@"$MSRV" mkdir -p /tmp/"$MINION_ID"/pillar;
@@ -377,8 +382,8 @@ copy_minion_tmp_files() {
 				scp -prv -i /root/.ssh/so.key "$TMP"/salt/patch/os/schedules/* soremote@"$MSRV":/tmp/"$MINION_ID"/schedules;
 				ssh -i /root/.ssh/so.key soremote@"$MSRV" sudo /opt/so/saltstack/salt/master/files/add_minion.sh "$MINION_ID";
 			} >> "$SETUPLOG" 2>&1
-	fi
-
+			;;
+	esac
 }

 copy_ssh_key() {
@@ -529,19 +534,18 @@ docker_install() {
 		yum -y update
 		yum -y install docker-ce
 	else
-		if [ "$INSTALLTYPE" == 'MASTER' ] || [ "$INSTALLTYPE" == 'EVAL' ]; then
+		case "$INSTALLTYPE" in
+			'MASTER' | 'EVAL')
 				apt-get update >> "$SETUPLOG" 2>&1
-			if [ $OSVER != "xenial" ]; then
-				apt-get -y install docker-ce python3-docker >> "$SETUPLOG" 2>&1
-			else
-				apt-get -y install docker-ce python-docker >> "$SETUPLOG" 2>&1
-			fi
-		else
+				;;
+			*)
 				{
 					apt-key add "$TMP"/gpg/docker.pub;
 					add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable";
 					apt-get update;
 				} >> "$SETUPLOG" 2>&1
+				;;
+		esac 
 		
 		if [ $OSVER != "xenial" ]; then
 			apt-get -y install docker-ce python3-docker >> "$SETUPLOG" 2>&1
@@ -549,7 +553,6 @@ docker_install() {
 			apt-get -y install docker-ce python-docker >> "$SETUPLOG" 2>&1
 		fi
 	fi
-	fi
 	docker_registry
 	{
 		echo "Restarting Docker";
@@ -571,8 +574,10 @@ docker_registry() {

 }
 docker_seed_registry() {
-	VERSION="HH$SOVERSION"
-	TRUSTED_CONTAINERS=(\
+	local VERSION="HH$SOVERSION"
+
+	if [ ! -f /nsm/docker-registry/docker/so-dockers-"$VERSION".tar ]; then
+		local TRUSTED_CONTAINERS=(\
 			"so-core:$VERSION" \
 			"so-filebeat:$VERSION" \
 			"so-logstash:$VERSION" \
@@ -608,8 +613,6 @@ docker_seed_registry() {
 				"so-wazuh:$VERSION" \
 			)
 		fi
-
-	if [ ! -f /nsm/docker-registry/docker/so-dockers-"$VERSION".tar ]; then
 		for i in "${TRUSTED_CONTAINERS[@]}"; do
 			# Pull down the trusted docker image
 			echo "Downloading $i"
@@ -645,7 +648,7 @@ es_heapsize() {

 filter_unused_nics() {
 	# Set the main NIC as the default grep search string
-	grep_string=$MNIC
+	local grep_string="$MNIC"

 	# If we call this function and NICs have already been assigned to the bond interface then add them to the grep search string
 	if [[ $BNICS ]]; then
@@ -660,7 +663,7 @@ filter_unused_nics() {

 fireeye_pillar() {

-	FIREEYEPILLARPATH=/opt/so/saltstack/pillar/fireeye
+	local FIREEYEPILLARPATH=/opt/so/saltstack/pillar/fireeye
 	mkdir -p "$FIREEYEPILLARPATH"

 	printf '%s\n'\
@@ -673,7 +676,7 @@ fireeye_pillar() {

 fleet_pillar() {

-	PILLARFILE="$TMP"/pillar/minions/"$MINION_ID".sls
+	local PILLARFILE="$TMP"/pillar/minions/"$MINION_ID".sls

 	# Create the fleet pillar
 	printf '%s\n'\
@@ -701,7 +704,7 @@ get_filesystem_nsm(){

 get_log_size_limit() {

-	DISK_DIR="/"
+	local DISK_DIR="/"
 	if [ -d /nsm ]; then
 		DISK_DIR="/nsm"
 	fi
@@ -766,6 +769,7 @@ install_prep() {

 }

+# TODO: figure out if this is necessary
 install_master() {

 	# Install the salt master package
@@ -984,7 +988,6 @@ patch_schedule_os_new() {
 }

 reserve_group_ids() {
-
 	# This is a hack to fix CentOS from taking group IDs that we need
 	groupadd -g 928 kratos
 	groupadd -g 930 elasticsearch
@@ -993,13 +996,10 @@ reserve_group_ids() {
 	groupadd -g 933 elastalert
 	groupadd -g 934 curator
 	groupadd -g 937 zeek
-	groupadd -g 939 socore
 	groupadd -g 940 suricata
 	groupadd -g 941 stenographer
 	groupadd -g 945 ossec
 	groupadd -g 946 cyberchef
-	groupadd -g 947 soremote
-
 }

 saltify() {