Fleet standalone fixes - firewall

salt/firewall/init.sls

@@ -6,7 +6,8 @@
 {% elif grains['role'] == 'so-sensor' %}
   {% set ip = salt['pillar.get']('sensor:mainip', '') %}
 {% elif grains['role'] == 'so-fleet' %}
-  {% set ip = salt['pillar.get']('node:mainip', '') %}
+  {% set MAININT = salt['pillar.get']('host:mainint') %}
+  {% set ip = salt['grains.get']('ip_interfaces').get(MAININT)[0] %}
 {% endif %}
 
 {% set FLEET_NODE = salt['pillar.get']('static:fleet_node') %}

setup/so-functions

@@ -398,6 +398,9 @@ check_requirements() {
 		req_mem=12
 		req_cores=4
 		req_nics=2
+	elif [[ "$eval_or_dist" == 'fleet' ]]; then
+		req_mem=4
+		req_cores=4
 	elif [[ "$eval_or_dist" == 'dist' ]]; then
 		req_mem=8
 		req_cores=4

setup/so-setup

@@ -138,6 +138,8 @@ if [[ $is_eval ]]; then
 	check_requirements "eval"
 elif [[ $is_distmaster || $is_minion ]]; then
 	check_requirements "dist"
+elif [[ $is_fleet_standalone ]]; then
+	check_requirements "fleet"
 elif [[ $is_sensor && ! $is_eval ]]; then
 	check_requirements "dist" "sensor"
 fi
@@ -284,7 +286,7 @@ if [[ $is_node && ! $is_eval ]]; then
 	fi
 fi
 
-if [ "$install_type" = 'FLEET' ]; then
+if [ "$install_type" == 'FLEET' ]; then
 	collect_fleetuser_inputs
 else
 	FLEETNODEUSER=$WEBUSER

setup/so-whiptail

@@ -178,7 +178,7 @@ whiptail_create_fleet_node_user_password1() {
 
 	[ -n "$TESTING" ] && return
 
-	FLEETNODEPASS1=$(whiptail --title "Security Onion Install" --passwordbox \
+	FLEETNODEPASSWD1=$(whiptail --title "Security Onion Install" --passwordbox \
 	"Enter a password for $FLEETNODEUSER" 10 60 3>&1 1>&2 2>&3)
 
 	local exitstatus=$?
@@ -189,7 +189,7 @@ whiptail_create_fleet_node_user_password2() {
 
 	[ -n "$TESTING" ] && return
 
-	FLEETNODEPASS2=$(whiptail --title "Security Onion Install" --passwordbox \
+	FLEETNODEPASSWD2=$(whiptail --title "Security Onion Install" --passwordbox \
 	"Re-enter a password for $FLEETNODEUSER" 10 60 3>&1 1>&2 2>&3)
 
 	local exitstatus=$?