From b69dfd9b25031f067dc8448959f676b697385da0 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Wed, 5 Feb 2020 11:27:19 -0500 Subject: [PATCH] Helix fix dockers --- salt/top.sls | 1 + setup/so-functions | 81 +++++++++++++++++++++++++++------------------- setup/so-setup | 3 ++ 3 files changed, 51 insertions(+), 34 deletions(-) diff --git a/salt/top.sls b/salt/top.sls index b1ef40ae6..1a5c30e60 100644 --- a/salt/top.sls +++ b/salt/top.sls @@ -15,6 +15,7 @@ base: 'G@role:so-helix': - ca - ssl + - registry - common - firewall - idstools diff --git a/setup/so-functions b/setup/so-functions index 3693ee1e7..83f323b0b 100644 --- a/setup/so-functions +++ b/setup/so-functions @@ -453,42 +453,55 @@ docker_registry() { echo "Docker Registry Setup - Complete" >> $SETUPLOG 2>&1 } - docker_seed_registry() { VERSION="HH1.1.4" - TRUSTED_CONTAINERS=( \ - "so-acng:$VERSION" \ - "so-auth-api:$VERSION" \ - "so-auth-ui:$VERSION" \ - "so-core:$VERSION" \ - "so-thehive-cortex:$VERSION" \ - "so-curator:$VERSION" \ - "so-domainstats:$VERSION" \ - "so-elastalert:$VERSION" \ - "so-elasticsearch:$VERSION" \ - "so-filebeat:$VERSION" \ - "so-fleet:$VERSION" \ - "so-fleet-launcher:$VERSION" \ - "so-freqserver:$VERSION" \ - "so-grafana:$VERSION" \ - "so-idstools:$VERSION" \ - "so-influxdb:$VERSION" \ - "so-kibana:$VERSION" \ - "so-logstash:$VERSION" \ - "so-mysql:$VERSION" \ - "so-navigator:$VERSION" \ - "so-playbook:$VERSION" \ - "so-redis:$VERSION" \ - "so-sensoroni:$VERSION" \ - "so-soctopus:$VERSION" \ - "so-steno:$VERSION" \ - #"so-strelka:$VERSION" \ - "so-suricata:$VERSION" \ - "so-telegraf:$VERSION" \ - "so-thehive:$VERSION" \ - "so-thehive-es:$VERSION" \ - "so-wazuh:$VERSION" \ - "so-zeek:$VERSION" ) + if [ $INSTALLTYPE != 'HELIXSENSOR' ]; then + TRUSTED_CONTAINERS=( \ + "so-acng:$VERSION" \ + "so-auth-api:$VERSION" \ + "so-auth-ui:$VERSION" \ + "so-core:$VERSION" \ + "so-thehive-cortex:$VERSION" \ + "so-curator:$VERSION" \ + "so-domainstats:$VERSION" \ + "so-elastalert:$VERSION" \ + "so-elasticsearch:$VERSION" \ + "so-filebeat:$VERSION" \ + "so-fleet:$VERSION" \ + "so-fleet-launcher:$VERSION" \ + "so-freqserver:$VERSION" \ + "so-grafana:$VERSION" \ + "so-idstools:$VERSION" \ + "so-influxdb:$VERSION" \ + "so-kibana:$VERSION" \ + "so-logstash:$VERSION" \ + "so-mysql:$VERSION" \ + "so-navigator:$VERSION" \ + "so-playbook:$VERSION" \ + "so-redis:$VERSION" \ + "so-sensoroni:$VERSION" \ + "so-soctopus:$VERSION" \ + "so-steno:$VERSION" \ + #"so-strelka:$VERSION" \ + "so-suricata:$VERSION" \ + "so-telegraf:$VERSION" \ + "so-thehive:$VERSION" \ + "so-thehive-es:$VERSION" \ + "so-wazuh:$VERSION" \ + "so-zeek:$VERSION" ) + else + TRUSTED_CONTAINERS=( \ + "so-core:$VERSION" \ + "so-filebeat:$VERSION" \ + "so-idstools:$VERSION" \ + "so-logstash:$VERSION" \ + "so-redis:$VERSION" \ + "so-sensoroni:$VERSION" \ + "so-steno:$VERSION" \ + "so-suricata:$VERSION" \ + "so-telegraf:$VERSION" \ + "so-zeek:$VERSION" ) + fi if [ ! -f /nsm/docker-registry/docker/so-dockers-$VERSION.tar ]; then # Download the container from the interwebs diff --git a/setup/so-setup b/setup/so-setup index 755e21c62..addfbdd3c 100644 --- a/setup/so-setup +++ b/setup/so-setup @@ -213,6 +213,9 @@ if (whiptail_you_sure) ; then salt_checkin >> $SETUPLOG 2>&1 salt-call state.apply ca >> $SETUPLOG 2>&1 salt-call state.apply ssl >> $SETUPLOG 2>&1 + echo -e "XXX\n42\nDownloading Containers from the Internet... \nXXX" + salt-call state.apply registry >> $SETUPLOG 2>&1 + docker_seed_registry >> $SETUPLOG 2>&1 echo -e "XXX\n43\nInstalling Common Components... \nXXX" salt-call state.apply common >> $SETUPLOG 2>&1 echo -e "XXX\n45\nApplying firewall rules... \nXXX"