From 4f15e14cc2ba15ebfe2a3ae9266f43321ec08bd1 Mon Sep 17 00:00:00 2001
From: Wes Lambert <wlambertts@gmail.com>
Date: Thu, 28 Mar 2019 14:24:17 +0000
Subject: [PATCH] TheHive: Add initial user

---
 salt/hive/thehive/files/hive_init.sh | 37 ++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100755 salt/hive/thehive/files/hive_init.sh

diff --git a/salt/hive/thehive/files/hive_init.sh b/salt/hive/thehive/files/hive_init.sh
new file mode 100755
index 000000000..d1893e200
--- /dev/null
+++ b/salt/hive/thehive/files/hive_init.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+{%- set MASTERIP = salt['pillar.get']('static:masterip', '') %}
+{%- set HIVEUSER = salt['pillar.get']('static:hiveuser', '') %}
+{%- set HIVEPASSWORD = salt['pillar.get']('static:hivepassword', '') %}
+{%- set HIVEKEY = salt['pillar.get']('static:hivekey', '') %}
+
+hive_init(){
+
+    HIVE_IP="{{MASTERIP}}"
+    HIVE_USER="{{HIVEUSER}}"
+    HIVE_PASSWORD="{{HIVEPASSWORD}}"
+    SOCTOPUS_CONFIG="/opt/so/saltstack/salt/soctopus/files/SOCtopus.conf"
+
+    # Migrate DB
+    curl -v -k -XPOST "https://$HIVE_IP:/thehive/api/maintenance/migrate"
+
+    # Generate unique ID for apikey
+    HIVE_KEY="{{HIVEKEY}}"
+    
+    # Create intial TheHive user
+    curl -v -k "https://$HIVE_IP/thehive/api/user" -H "Content-Type: application/json" -d "{\"login\" : \"$HIVE_$USER\",\"name\" : \"$HIVE_USER\",\"roles\" : [\"read\",\"write\",\"admin\"],\"preferences\" : \"{}\",\"password\" : \"$HIVE_PASSWORD\", \"key\": \"$HIVE_KEY\"}"
+
+    # Update SOCtopus config with apikey value
+    sed -i "s/hive_key = .*/hive_key = $HIVE_KEY/" $SOCTOPUS_CONFIG
+
+    # Check for correct authentication
+    #curl -v -k -H "Authorization: Bearer $HIVE_KEY" "https://$HIVE_IP/thehive/api/user/$USER"
+    
+    touch /opt/so/state/thehive.txt
+
+}
+
+if [ -f /opt/so/state/thehive.txt ]; then
+    exit 0
+else
+    hive_init
+fi