diff --git a/setup/so-functions b/setup/so-functions index 89d0fdc7a..27b99ef0f 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -411,15 +411,28 @@ check_requirements() { req_mem=12 req_cores=4 req_nics=2 - req_storage=100 elif [[ "$standalone_or_dist" == 'dist' ]]; then req_mem=8 req_cores=4 - req_storage=40 if [[ "$node_type" == 'sensor' ]]; then req_nics=2; else req_nics=1; fi if [[ "$node_type" == 'fleet' ]]; then req_mem=4; fi fi + if [[ -n $nsm_mount ]]; then + req_storage=100 + if (( $(echo "$free_space_root < $req_storage" | bc -l) )); then + whiptail_storage_requirements "/" "${free_space_root} GB" "${req_storage} GB" + fi + if (( $(echo "$free_space_nsm < $req_storage" | bc -l) )); then + whiptail_storage_requirements "/nsm" "${free_space_nsm} GB" "${req_storage} GB" + fi + else + req_storage=200 + if (( $(echo "$free_space_root < $req_storage" | bc -l) )); then + whiptail_storage_requirements "/" "${free_space_root} GB" "${req_storage} GB" + fi + fi + if (( $(echo "$free_space_root < $req_storage" | bc -l) )); then whiptail_requirements_error "disk space" "${free_space_root} GB" "${req_storage} GB" fi diff --git a/setup/so-variables b/setup/so-variables index 07f7aa71b..057c67ff2 100644 --- a/setup/so-variables +++ b/setup/so-variables @@ -28,9 +28,24 @@ mkdir -p /nsm filesystem_nsm=$(df /nsm | awk '$3 ~ /[0-9]+/ { print $2 * 1000 }') export filesystem_nsm -free_space_root=$(df -Pk /nsm | sed 1d | grep -v used | awk '{ print $4 / 1048576 }' | awk '{ printf("%.0f", $1) }') +free_space_nsm=$(df -Pk /nsm | sed 1d | grep -v used | awk '{ print $4 / 1048576 }' | awk '{ printf("%.0f", $1) }') +export free_space_nsm + +free_space_root=$(df -Pk / | sed 1d | grep -v used | awk '{ print $4 / 1048576 }' | awk '{ printf("%.0f", $1) }') export free_space_root +readarray -t mountpoints <<< "$(lsblk -nlo MOUNTPOINT)" +readarray -t partitions <<< "$(lsblk -nlo NAME)" +index=0 +for item in "${mountpoints[@]}"; do + if [[ $item == '/' ]]; then export root_part="${partitions[$index]}" + elif [[ $item == '/nsm' ]]; then + export nsm_mount=1 + export nsm_part="${partitions[$index]}" + fi + ((index++)) +done + mkdir -p /root/installtmp/pillar/minions export temp_install_dir=/root/installtmp diff --git a/setup/so-whiptail b/setup/so-whiptail index faeb5f496..7c937ec4e 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -315,6 +315,27 @@ whiptail_requirements_error() { whiptail_check_exitstatus $exitstatus } +whiptail_storage_requirements() { + local mount=$1 + local current_val=$2 + local needed_val=$3 + + read -r -d '' message <<- EOM + Free space on mount point '${mount}' is currently ${current_val}. + + You need ${needed_val} to meet minimum requirements. + + Visit https://docs.securityonion.net/en/2.0/hardware.html for more information. + + Press YES to continue anyway, or press NO to cancel. + EOM + + whiptail \ + --title "Security Onion Setup" \ + --yesno "$message" \ + 14 75 +} + whiptail_invalid_pass_warning() { [ -n "$TESTING" ] && return @@ -1109,13 +1130,13 @@ whiptail_gauge_post_setup() { whiptail_strelka_rules() { - [ -n "$TESTING" ] && return + [ -n "$TESTING" ] && return - whiptail --title "Security Onion Setup" --yesno "Do you want to enable the default YARA rules for Strelka?" 8 75 + whiptail --title "Security Onion Setup" --yesno "Do you want to enable the default YARA rules for Strelka?" 8 75 - local exitstatus=$? + local exitstatus=$? - if [[ $exitstatus == 0 ]]; then export STRELKARULES=1; fi + if [[ $exitstatus == 0 ]]; then export STRELKARULES=1; fi } whiptail_suricata_pins() {