mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2026-02-21 22:45:27 +01:00
Merge pull request #5374 from Security-Onion-Solutions/feature/soup-y
Add unattended soup flag, and iso location argument for air gap
This commit is contained in:
William Wernert
GitHub
@@ -17,4 +17,4 @@
|
|||||||
|
|
||||||
. /usr/sbin/so-common
|
. /usr/sbin/so-common
|
||||||
|
|
||||||
salt-call state.highstate -linfo
|
salt-call state.highstate -l info
|
||||||
|
|||||||
@@ -105,17 +105,20 @@ add_common() {
|
|||||||
|
|
||||||
airgap_mounted() {
|
airgap_mounted() {
|
||||||
# Let's see if the ISO is already mounted.
|
# Let's see if the ISO is already mounted.
|
||||||
if [ -f /tmp/soagupdate/SecurityOnion/VERSION ]; then
|
if [[ -f /tmp/soagupdate/SecurityOnion/VERSION ]]; then
|
||||||
echo "The ISO is already mounted"
|
echo "The ISO is already mounted"
|
||||||
else
|
else
|
||||||
echo ""
|
if [[ -z $ISOLOC ]]; then
|
||||||
cat << EOF
|
echo "This is airgap. Ask for a location."
|
||||||
|
echo ""
|
||||||
|
cat << EOF
|
||||||
In order for soup to proceed, the path to the downloaded Security Onion ISO file, or the path to the CD-ROM or equivalent device containing the ISO media must be provided.
|
In order for soup to proceed, the path to the downloaded Security Onion ISO file, or the path to the CD-ROM or equivalent device containing the ISO media must be provided.
|
||||||
For example, if you have copied the new Security Onion ISO file to your home directory, then the path might look like /home/myuser/securityonion-2.x.y.iso.
|
For example, if you have copied the new Security Onion ISO file to your home directory, then the path might look like /home/myuser/securityonion-2.x.y.iso.
|
||||||
Or, if you have burned the new ISO onto an optical disk then the path might look like /dev/cdrom.
|
Or, if you have burned the new ISO onto an optical disk then the path might look like /dev/cdrom.
|
||||||
|
|
||||||
EOF
|
EOF
|
||||||
read -rp 'Enter the path to the new Security Onion ISO content: ' ISOLOC
|
read -rp 'Enter the path to the new Security Onion ISO content: ' ISOLOC
|
||||||
|
fi
|
||||||
if [[ -f $ISOLOC ]]; then
|
if [[ -f $ISOLOC ]]; then
|
||||||
# Mounting the ISO image
|
# Mounting the ISO image
|
||||||
mkdir -p /tmp/soagupdate
|
mkdir -p /tmp/soagupdate
|
||||||
@@ -131,7 +134,7 @@ EOF
|
|||||||
elif [[ -f $ISOLOC/SecurityOnion/VERSION ]]; then
|
elif [[ -f $ISOLOC/SecurityOnion/VERSION ]]; then
|
||||||
ln -s $ISOLOC /tmp/soagupdate
|
ln -s $ISOLOC /tmp/soagupdate
|
||||||
echo "Found the update content"
|
echo "Found the update content"
|
||||||
else
|
elif [[ -b $ISOLOC ]]; then
|
||||||
mkdir -p /tmp/soagupdate
|
mkdir -p /tmp/soagupdate
|
||||||
mount $ISOLOC /tmp/soagupdate
|
mount $ISOLOC /tmp/soagupdate
|
||||||
if [ ! -f /tmp/soagupdate/SecurityOnion/VERSION ]; then
|
if [ ! -f /tmp/soagupdate/SecurityOnion/VERSION ]; then
|
||||||
@@ -141,6 +144,10 @@ EOF
|
|||||||
else
|
else
|
||||||
echo "Device has been mounted!"
|
echo "Device has been mounted!"
|
||||||
fi
|
fi
|
||||||
|
else
|
||||||
|
echo "Could not find Security Onion ISO content at ${ISOLOC}"
|
||||||
|
echo "Ensure the path you entered is correct, and that you verify the ISO that you downloaded."
|
||||||
|
exit 0
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
@@ -150,7 +157,7 @@ airgap_update_dockers() {
|
|||||||
# Let's copy the tarball
|
# Let's copy the tarball
|
||||||
if [[ ! -f $AGDOCKER/registry.tar ]]; then
|
if [[ ! -f $AGDOCKER/registry.tar ]]; then
|
||||||
echo "Unable to locate registry. Exiting"
|
echo "Unable to locate registry. Exiting"
|
||||||
exit 1
|
exit 0
|
||||||
else
|
else
|
||||||
echo "Stopping the registry docker"
|
echo "Stopping the registry docker"
|
||||||
docker stop so-dockerregistry
|
docker stop so-dockerregistry
|
||||||
@@ -624,7 +631,7 @@ upgrade_space() {
|
|||||||
clean_dockers
|
clean_dockers
|
||||||
if ! verify_upgradespace; then
|
if ! verify_upgradespace; then
|
||||||
echo "There is not enough space to perform the upgrade. Please free up space and try again"
|
echo "There is not enough space to perform the upgrade. Please free up space and try again"
|
||||||
exit 1
|
exit 0
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
echo "You have enough space for upgrade. Proceeding with soup."
|
echo "You have enough space for upgrade. Proceeding with soup."
|
||||||
@@ -774,39 +781,23 @@ verify_latest_update_script() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
main() {
|
main() {
|
||||||
set -e
|
|
||||||
set +e
|
|
||||||
trap 'check_err $?' EXIT
|
trap 'check_err $?' EXIT
|
||||||
|
|
||||||
echo "### Preparing soup at $(date) ###"
|
echo "Checking to see if this is an airgap install."
|
||||||
while getopts ":b" opt; do
|
echo ""
|
||||||
case "$opt" in
|
check_airgap
|
||||||
b ) # process option b
|
if [[ $is_airgap -eq 0 && $UNATTENDED == true && -z $ISOLOC ]]; then
|
||||||
shift
|
echo "Missing file argument for unattended airgap upgrade."
|
||||||
BATCHSIZE=$1
|
exit 0
|
||||||
if ! [[ "$BATCHSIZE" =~ ^[0-9]+$ ]]; then
|
fi
|
||||||
echo "Batch size must be a number greater than 0."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
;;
|
|
||||||
\? )
|
|
||||||
echo "Usage: cmd [-b]"
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
|
|
||||||
echo "Checking to see if this is a manager."
|
echo "Checking to see if this is a manager."
|
||||||
echo ""
|
echo ""
|
||||||
require_manager
|
require_manager
|
||||||
set_minionid
|
set_minionid
|
||||||
echo "Checking to see if this is an airgap install."
|
|
||||||
echo ""
|
|
||||||
check_airgap
|
|
||||||
echo "Found that Security Onion $INSTALLEDVERSION is currently installed."
|
echo "Found that Security Onion $INSTALLEDVERSION is currently installed."
|
||||||
echo ""
|
echo ""
|
||||||
if [[ $is_airgap -eq 0 ]]; then
|
if [[ $is_airgap -eq 0 ]]; then
|
||||||
# Let's mount the ISO since this is airgap
|
# Let's mount the ISO since this is airgap
|
||||||
echo "This is airgap. Ask for a location."
|
|
||||||
airgap_mounted
|
airgap_mounted
|
||||||
else
|
else
|
||||||
echo "Cloning Security Onion github repo into $UPDATE_DIR."
|
echo "Cloning Security Onion github repo into $UPDATE_DIR."
|
||||||
@@ -894,7 +885,7 @@ main() {
|
|||||||
echo "Once the issue is resolved, run soup again."
|
echo "Once the issue is resolved, run soup again."
|
||||||
echo "Exiting."
|
echo "Exiting."
|
||||||
echo ""
|
echo ""
|
||||||
exit 1
|
exit 0
|
||||||
else
|
else
|
||||||
echo "Salt upgrade success."
|
echo "Salt upgrade success."
|
||||||
echo ""
|
echo ""
|
||||||
@@ -1029,7 +1020,40 @@ EOF
|
|||||||
echo "### soup has been served at $(date) ###"
|
echo "### soup has been served at $(date) ###"
|
||||||
}
|
}
|
||||||
|
|
||||||
cat << EOF
|
while getopts ":b:f:y" opt; do
|
||||||
|
case ${opt} in
|
||||||
|
b )
|
||||||
|
BATCHSIZE="$OPTARG"
|
||||||
|
if ! [[ "$BATCHSIZE" =~ ^[1-9][0-9]*$ ]]; then
|
||||||
|
echo "Batch size must be a number greater than 0."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
y )
|
||||||
|
if [[ ! -f /opt/so/state/yeselastic.txt ]]; then
|
||||||
|
echo "Cannot run soup in unattended mode. You must run soup manually to accept the Elastic License."
|
||||||
|
exit 1
|
||||||
|
else
|
||||||
|
UNATTENDED=true
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
f )
|
||||||
|
ISOLOC="$OPTARG"
|
||||||
|
;;
|
||||||
|
\? )
|
||||||
|
echo "Usage: soup [-b] [-y] [-f <iso location>]"
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
: )
|
||||||
|
echo "Invalid option: $OPTARG requires an argument"
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
shift $((OPTIND - 1))
|
||||||
|
|
||||||
|
if [[ -z $UNATTENDED ]]; then
|
||||||
|
cat << EOF
|
||||||
|
|
||||||
SOUP - Security Onion UPdater
|
SOUP - Security Onion UPdater
|
||||||
|
|
||||||
@@ -1041,7 +1065,9 @@ Press Enter to continue or Ctrl-C to cancel.
|
|||||||
|
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
read -r input
|
read -r input
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "### Preparing soup at $(date) ###"
|
||||||
main "$@" | tee -a $SOUP_LOG
|
main "$@" | tee -a $SOUP_LOG
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user