Create so-fleet-setup.sh

2025-12-06 17:22:49 +01:00 · 2019-03-27 08:40:35 -04:00
parent d19d541e32
commit b84b356c22
1 changed files with 27 additions and 0 deletions
--- a/salt/fleet/so-fleet-setup.sh
+++ b/salt/fleet/so-fleet-setup.sh
@@ -0,0 +1,27 @@
+#so-fleet-setup.sh $MasterIP $FleetEmail
+
+initpw=$(date +%s | sha256sum | base64 | head -c 16 ; echo)
+
+docker exec so-fleet fleetctl config set --address https://$1:443 --tls-skip-verify        
+docker exec so-fleet fleetctl setup --email $2 --password $initpw
+
+docker exec so-fleet fleetctl apply -f /packs/palantir/Fleet/Endpoints/options.yaml
+docker exec so-fleet fleetctl apply -f /packs/palantir/Fleet/Endpoints/MacOS/osquery.yaml
+docker exec so-fleet fleetctl apply -f /packs/palantir/Fleet/Endpoints/Windows/osquery.yaml
+docker exec so-fleet fleetctl apply -f /packs/hh/hhdefault.yml
+
+esecret=$(sudo docker exec so-fleet fleetctl get enroll-secret)
+
+#Concat fleet.crt & ca.crt  - this is required for launcher connectivity
+cat /etc/pki/fleet.crt /etc/pki/ca.crt > /etc/pki/fleet-launcher.crt
+
+#Create the output directory
+mkdir /opt/so/osquery
+
+docker run \
+  --mount type=bind,source=/opt/so/osquery,target=/output \
+  --mount type=bind,source=/etc/pki/fleet-launcher.crt,target=/var/launcher/fleet-launcher.crt \
+  defensivedepth/soq-launcher "$esecret" "$1"
+
+echo "Fleet Setup Complete - Login here: https://$1"
+echo "Your username is $2 and your password is $initpw"