CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

[refactor] Changes to storage requirements

Browse Source 
See #1047
This commit is contained in:
William Wernert
2020-07-21 15:35:13 -04:00
parent d2df405cf0
commit d6f7dcb630
3 changed files with 56 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
setup/so-functions
View File

@@ -411,15 +411,28 @@ check_requirements() {
req_mem=12 req_mem=12
req_cores=4 req_cores=4
req_nics=2 req_nics=2
req_storage=100
elif [[ "$standalone_or_dist" == 'dist' ]]; then elif [[ "$standalone_or_dist" == 'dist' ]]; then
req_mem=8 req_mem=8
req_cores=4 req_cores=4
req_storage=40
if [[ "$node_type" == 'sensor' ]]; then req_nics=2; else req_nics=1; fi if [[ "$node_type" == 'sensor' ]]; then req_nics=2; else req_nics=1; fi
if [[ "$node_type" == 'fleet' ]]; then req_mem=4; fi if [[ "$node_type" == 'fleet' ]]; then req_mem=4; fi
fi fi
if [[ -n $nsm_mount ]]; then
req_storage=100
if (( $(echo "$free_space_root < $req_storage" | bc -l) )); then
whiptail_storage_requirements "/" "${free_space_root} GB" "${req_storage} GB"
fi
if (( $(echo "$free_space_nsm < $req_storage" | bc -l) )); then
whiptail_storage_requirements "/nsm" "${free_space_nsm} GB" "${req_storage} GB"
fi
else
req_storage=200
if (( $(echo "$free_space_root < $req_storage" | bc -l) )); then
whiptail_storage_requirements "/" "${free_space_root} GB" "${req_storage} GB"
fi
fi
if (( $(echo "$free_space_root < $req_storage" | bc -l) )); then if (( $(echo "$free_space_root < $req_storage" | bc -l) )); then
whiptail_requirements_error "disk space" "${free_space_root} GB" "${req_storage} GB" whiptail_requirements_error "disk space" "${free_space_root} GB" "${req_storage} GB"
fi fi

17
setup/so-variables
View File

@@ -28,9 +28,24 @@ mkdir -p /nsm
filesystem_nsm=$(df /nsm | awk '$3 ~ /[0-9]+/ { print $2 * 1000 }') filesystem_nsm=$(df /nsm | awk '$3 ~ /[0-9]+/ { print $2 * 1000 }')
export filesystem_nsm export filesystem_nsm
free_space_root=$(df -Pk /nsm | sed 1d | grep -v used | awk '{ print $4 / 1048576 }' | awk '{ printf("%.0f", $1) }') free_space_nsm=$(df -Pk /nsm | sed 1d | grep -v used | awk '{ print $4 / 1048576 }' | awk '{ printf("%.0f", $1) }')
export free_space_nsm
free_space_root=$(df -Pk / | sed 1d | grep -v used | awk '{ print $4 / 1048576 }' | awk '{ printf("%.0f", $1) }')
export free_space_root export free_space_root
readarray -t mountpoints <<< "$(lsblk -nlo MOUNTPOINT)"
readarray -t partitions <<< "$(lsblk -nlo NAME)"
index=0
for item in "${mountpoints[@]}"; do
if [[ $item == '/' ]]; then export root_part="${partitions[$index]}"
elif [[ $item == '/nsm' ]]; then
export nsm_mount=1
export nsm_part="${partitions[$index]}"
fi
((index++))
done
mkdir -p /root/installtmp/pillar/minions mkdir -p /root/installtmp/pillar/minions
export temp_install_dir=/root/installtmp export temp_install_dir=/root/installtmp

29
setup/so-whiptail
View File

@@ -315,6 +315,27 @@ whiptail_requirements_error() {
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
} }
whiptail_storage_requirements() {
local mount=$1
local current_val=$2
local needed_val=$3
read -r -d '' message <<- EOM
Free space on mount point '${mount}' is currently ${current_val}.
You need ${needed_val} to meet minimum requirements.
Visit https://docs.securityonion.net/en/2.0/hardware.html for more information.
Press YES to continue anyway, or press NO to cancel.
EOM
whiptail \
--title "Security Onion Setup" \
--yesno "$message" \
14 75
}
whiptail_invalid_pass_warning() { whiptail_invalid_pass_warning() {
[ -n "$TESTING" ] && return [ -n "$TESTING" ] && return
@@ -1109,13 +1130,13 @@ whiptail_gauge_post_setup() {
whiptail_strelka_rules() { whiptail_strelka_rules() {
[ -n "$TESTING" ] && return [ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --yesno "Do you want to enable the default YARA rules for Strelka?" 8 75 whiptail --title "Security Onion Setup" --yesno "Do you want to enable the default YARA rules for Strelka?" 8 75
local exitstatus=$? local exitstatus=$?
if [[ $exitstatus == 0 ]]; then export STRELKARULES=1; fi if [[ $exitstatus == 0 ]]; then export STRELKARULES=1; fi
} }
whiptail_suricata_pins() { whiptail_suricata_pins() {