CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

[feat] Add TESTING flag to whiptail menus for automated setup script testing

Browse Source
This commit is contained in:
William Wernert
2020-04-28 14:11:08 -04:00
parent 8b76b30266
commit f22cb9aac1
2 changed files with 139 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
setup/so-functions
View File

@@ -44,6 +44,9 @@ add_admin_user() {
}
add_master_hostfile() {
[ -n "$TESTING" ] && return
echo "Checking if I can resolve master. If not add to hosts file" >> $SETUPLOG 2>&1
# Pop up an input to get the IP address
MSRVIP=$(whiptail --title "Security Onion Setup" --inputbox \

136
setup/so-whiptail
View File

@@ -17,6 +17,8 @@
whiptail_basic_bro() {
[ -n "$TESTING" ] && return
BASICBRO=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter the number of bro processes:" 10 75 $LBPROCS 3>&1 1>&2 2>&3)
@@ -27,6 +29,8 @@ whiptail_basic_bro() {
whiptail_basic_suri() {
[ -n "$TESTING" ] && return
BASICSURI=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter the number of Suricata Processes:" 10 75 $LBPROCS 3>&1 1>&2 2>&3)
@@ -37,6 +41,8 @@ whiptail_basic_suri() {
whiptail_bro_pins() {
[ -n "$TESTING" ] && return
BROPINS=$(whiptail --noitem --title "Pin Bro CPUS" --checklist "Please Select $LBPROCS cores to pin Bro to:" 20 75 12 ${LISTCORES[@]} 3>&1 1>&2 2>&3 )
local exitstatus=$?
@@ -46,6 +52,8 @@ whiptail_bro_pins() {
whiptail_bro_version() {
[ -n "$TESTING" ] && return
BROVERSION=$(whiptail --title "Security Onion Setup" --radiolist "What tool would you like to use to generate meta data?" 20 75 4 "ZEEK" "Install Zeek (aka Bro)" ON \
"SURICATA" "SUPER EXPERIMENTAL" OFF 3>&1 1>&2 2>&3)
@@ -56,6 +64,8 @@ whiptail_bro_version() {
whiptail_bond_nics() {
[ -n "$TESTING" ] && return
local nic_list=()
for FNIC in ${FNICS[@]}; do
nic_list+=($FNIC "Interface" "OFF")
@@ -76,6 +86,8 @@ whiptail_bond_nics() {
whiptail_bond_nics_mtu() {
[ -n "$TESTING" ] && return
# Set the MTU on the monitor interface
MTU=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter the MTU for the monitor NICs" 10 75 1500 3>&1 1>&2 2>&3)
@@ -87,6 +99,8 @@ whiptail_bond_nics_mtu() {
whiptail_cancel() {
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --msgbox "Cancelling Setup. No changes have been made." 8 75
if [ -d "/root/installtmp" ]; then
echo "/root/installtmp exists" >> $SETUPLOG 2>&1
@@ -99,6 +113,8 @@ whiptail_cancel() {
whiptail_check_exitstatus() {
[ -n "$TESTING" ] && return
if [ $1 == '1' ]; then
echo "They hit cancel"
whiptail_cancel
@@ -108,6 +124,8 @@ whiptail_check_exitstatus() {
whiptail_create_admin_user() {
[ -n "$TESTING" ] && return
ADMINUSER=$(whiptail --title "Security Onion Install" --inputbox \
"Please enter a username for your new admin user. The onion account will be disabled during this install" 10 60 3>&1 1>&2 2>&3)
@@ -115,6 +133,8 @@ whiptail_create_admin_user() {
whiptail_create_admin_user_password1() {
[ -n "$TESTING" ] && return
ADMINPASS1=$(whiptail --title "Security Onion Install" --passwordbox \
"Enter a password for $ADMINUSER" 10 60 3>&1 1>&2 2>&3)
@@ -124,6 +144,8 @@ whiptail_create_admin_user_password1() {
whiptail_create_admin_user_password2() {
[ -n "$TESTING" ] && return
ADMINPASS2=$(whiptail --title "Security Onion Install" --passwordbox \
"Re-enter a password for $ADMINUSER" 10 60 3>&1 1>&2 2>&3)
@@ -134,12 +156,16 @@ whiptail_create_admin_user_password2() {
whiptail_create_soremote_user() {
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --msgbox "Set a password for the soremote user. This account is used for adding sensors remotely." 8 75
}
whiptail_create_soremote_user_password1() {
[ -n "$TESTING" ] && return
SOREMOTEPASS1=$(whiptail --title "Security Onion Install" --passwordbox \
"Enter a password for user soremote" 10 75 3>&1 1>&2 2>&3)
@@ -150,6 +176,8 @@ whiptail_create_soremote_user_password1() {
whiptail_create_soremote_user_password2() {
[ -n "$TESTING" ] && return
SOREMOTEPASS2=$(whiptail --title "Security Onion Install" --passwordbox \
"Re-enter a password for user soremote" 10 75 3>&1 1>&2 2>&3)
@@ -160,6 +188,8 @@ whiptail_create_soremote_user_password2() {
whiptail_create_web_user() {
[ -n "$TESTING" ] && return
WEBUSER=$(whiptail --title "Security Onion Install" --inputbox \
"Please enter an email address to create an administrator account for the web interface." 10 60 3>&1 1>&2 2>&3)
@@ -168,11 +198,15 @@ whiptail_create_web_user() {
}
whiptail_invalid_user_warning() {
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --msgbox "Please enter a valid email address." 8 75
}
whiptail_create_web_user_password1() {
[ -n "$TESTING" ] && return
WEBPASSWD1=$(whiptail --title "Security Onion Install" --passwordbox \
"Enter a password for $WEBUSER" 10 60 3>&1 1>&2 2>&3)
@@ -182,6 +216,8 @@ whiptail_create_web_user_password1() {
whiptail_create_web_user_password2() {
[ -n "$TESTING" ] && return
WEBPASSWD2=$(whiptail --title "Security Onion Install" --passwordbox \
"Re-enter a password for $WEBUSER" 10 60 3>&1 1>&2 2>&3)
@@ -191,11 +227,15 @@ whiptail_create_web_user_password2() {
}
whiptail_invalid_pass_warning() {
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --msgbox "Please choose a more secure password." 8 75
}
whiptail_cur_close_days() {
[ -n "$TESTING" ] && return
CURCLOSEDAYS=$(whiptail --title "Security Onion Setup" --inputbox \
"Please specify the threshold (in days) at which Elasticsearch indices will be closed" 10 75 $CURCLOSEDAYS 3>&1 1>&2 2>&3)
@@ -206,6 +246,8 @@ whiptail_cur_close_days() {
whiptail_dhcp_or_static() {
[ -n "$TESTING" ] && return
ADDRESSTYPE=$(whiptail --title "Security Onion Setup" --radiolist \
"Choose how to set up your management interface:" 20 78 4 \
"STATIC" "Set a static IPv4 address" ON \
@@ -216,6 +258,8 @@ whiptail_dhcp_or_static() {
}
whiptail_enable_components() {
[ -n "$TESTING" ] && return
COMPONENTS=$(whiptail --title "Security Onion Setup" --checklist \
"Select Components to install" 20 75 8 \
"GRAFANA" "Enable Grafana for system monitoring" ON \
@@ -231,6 +275,8 @@ whiptail_enable_components() {
}
whiptail_eval_adv() {
[ -n "$TESTING" ] && return
EVALADVANCED=$(whiptail --title "Security Onion Setup" --radiolist \
"Choose your eval install:" 20 75 4 \
"BASIC" "Install basic components for evaluation" ON \
@@ -241,10 +287,14 @@ whiptail_eval_adv() {
}
whiptail_eval_adv_warning() {
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --msgbox "Please keep in mind the more services that you enable the more RAM that is required." 8 75
}
whiptail_helix_apikey() {
[ -n "$TESTING" ] && return
HELIXAPIKEY=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your Helix API Key: \n \nThis can be set later using so-helix-apikey" 10 75 3>&1 1>&2 2>&3)
@@ -255,6 +305,8 @@ whiptail_helix_apikey() {
whiptail_homenet_master() {
[ -n "$TESTING" ] && return
# Ask for the HOME_NET on the master
HNMASTER=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your HOME_NET separated by ," 10 75 10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 3>&1 1>&2 2>&3)
@@ -266,6 +318,8 @@ whiptail_homenet_master() {
whiptail_homenet_sensor() {
[ -n "$TESTING" ] && return
# Ask to inherit from master
whiptail --title "Security Onion Setup" --yesno "Do you want to inherit the HOME_NET from the Master?" 8 75
@@ -283,6 +337,8 @@ whiptail_homenet_sensor() {
whiptail_install_type() {
[ -n "$TESTING" ] && return
# What kind of install are we doing?
INSTALLTYPE=$(whiptail --title "Security Onion Setup" --radiolist \
"Choose Install Type:" 20 75 13 \
@@ -307,6 +363,8 @@ whiptail_install_type() {
whiptail_log_size_limit() {
[ -n "$TESTING" ] && return
LOG_SIZE_LIMIT=$(whiptail --title "Security Onion Setup" --inputbox \
"Please specify the amount of disk space (in GB) you would like to allocate for Elasticsearch data storage. \
By default, this is set to 80% of the disk space allotted for /nsm." 10 75 $LOG_SIZE_LIMIT 3>&1 1>&2 2>&3)
@@ -318,6 +376,8 @@ whiptail_log_size_limit() {
whiptail_management_interface_dns() {
[ -n "$TESTING" ] && return
MDNS=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your DNS server using space between multiple" 10 60 8.8.8.8 8.8.4.4 3>&1 1>&2 2>&3)
@@ -325,6 +385,8 @@ whiptail_management_interface_dns() {
whiptail_management_interface_dns_search() {
[ -n "$TESTING" ] && return
MSEARCH=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your DNS search domain" 10 60 searchdomain.local 3>&1 1>&2 2>&3)
@@ -332,6 +394,8 @@ whiptail_management_interface_dns_search() {
whiptail_management_interface_gateway() {
[ -n "$TESTING" ] && return
MGATEWAY=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your gateway" 10 60 X.X.X.X 3>&1 1>&2 2>&3)
@@ -339,6 +403,8 @@ whiptail_management_interface_gateway() {
whiptail_management_interface_ip() {
[ -n "$TESTING" ] && return
MIP=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your IP address" 10 60 X.X.X.X 3>&1 1>&2 2>&3)
@@ -346,6 +412,8 @@ whiptail_management_interface_ip() {
whiptail_management_interface_mask() {
[ -n "$TESTING" ] && return
MMASK=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter the bit mask for your subnet" 10 60 24 3>&1 1>&2 2>&3)
@@ -353,6 +421,8 @@ whiptail_management_interface_mask() {
whiptail_management_nic() {
[ -n "$TESTING" ] && return
MNIC=$(whiptail --title "NIC Setup" --radiolist "Please select your management NIC" 20 75 12 ${NICS[@]} 3>&1 1>&2 2>&3 )
local exitstatus=$?
whiptail_check_exitstatus $exitstatus
@@ -368,6 +438,8 @@ whiptail_management_nic() {
whiptail_nids() {
[ -n "$TESTING" ] && return
NIDS=$(whiptail --title "Security Onion Setup" --radiolist \
"Choose which IDS to run:" 20 75 4 \
"Suricata" "Suricata 4.X" ON \
@@ -380,6 +452,8 @@ whiptail_nids() {
whiptail_oinkcode() {
[ -n "$TESTING" ] && return
OINKCODE=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your oinkcode" 10 75 XXXXXXX 3>&1 1>&2 2>&3)
@@ -390,6 +464,8 @@ whiptail_oinkcode() {
whiptail_make_changes() {
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --yesno "We are going to set this machine up as a $INSTALLTYPE. Please hit YES to make changes or NO to cancel." 8 75
local exitstatus=$?
@@ -399,6 +475,8 @@ whiptail_make_changes() {
whiptail_management_server() {
[ -n "$TESTING" ] && return
MSRV=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your Master Server HOSTNAME. It is CASE SENSITIVE!" 10 75 XXXX 3>&1 1>&2 2>&3)
@@ -417,6 +495,8 @@ whiptail_management_server() {
# Ask if you want to do advanced setup of the Master
whiptail_master_adv() {
[ -n "$TESTING" ] && return
MASTERADV=$(whiptail --title "Security Onion Setup" --radiolist \
"Choose what type of master install:" 20 75 4 \
"BASIC" "Install master with recommended settings" ON \
@@ -430,6 +510,8 @@ whiptail_master_adv() {
# Ask which additional components to install
whiptail_master_adv_service_brologs() {
[ -n "$TESTING" ] && return
BLOGS=$(whiptail --title "Security Onion Setup" --checklist "Please Select Logs to Send:" 24 75 12 \
"conn" "Connection Logging" ON \
"dce_rpc" "RPC Logs" ON \
@@ -477,6 +559,8 @@ whiptail_master_adv_service_brologs() {
whiptail_network_notice() {
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --yesno "Since this is a network install we assume the management interface, DNS, Hostname, etc are already set up. Hit YES to continue." 8 75
local exitstatus=$?
@@ -486,6 +570,8 @@ whiptail_network_notice() {
whiptail_node_advanced() {
[ -n "$TESTING" ] && return
NODESETUP=$(whiptail --title "Security Onion Setup" --radiolist \
"What type of config would you like to use?:" 20 75 4 \
"NODEBASIC" "Install Search Node with recommended settings" ON \
@@ -498,6 +584,8 @@ whiptail_node_advanced() {
whiptail_node_es_heap() {
[ -n "$TESTING" ] && return
es_heapsize
NODE_ES_HEAP_SIZE=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter ES Heap Size: \n \n(Recommended value is pre-populated)" 10 75 $ES_HEAP_SIZE 3>&1 1>&2 2>&3)
@@ -509,6 +597,8 @@ whiptail_node_es_heap() {
whiptail_node_ls_heap() {
[ -n "$TESTING" ] && return
ls_heapsize
NODE_LS_HEAP_SIZE=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter LogStash Heap Size: \n \n(Recommended value is pre-populated)" 10 75 $LS_HEAP_SIZE 3>&1 1>&2 2>&3)
@@ -520,6 +610,8 @@ whiptail_node_ls_heap() {
whiptail_node_ls_pipeline_worker() {
[ -n "$TESTING" ] && return
LSPIPELINEWORKERS=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter LogStash Pipeline Workers: \n \n(Recommended value is pre-populated)" 10 75 $CPUCORES 3>&1 1>&2 2>&3)
@@ -530,6 +622,8 @@ whiptail_node_ls_pipeline_worker() {
whiptail_node_ls_pipline_batchsize() {
[ -n "$TESTING" ] && return
LSPIPELINEBATCH=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter LogStash Pipeline Batch Size: \n \n(Default value is pre-populated)" 10 75 125 3>&1 1>&2 2>&3)
@@ -540,6 +634,8 @@ whiptail_node_ls_pipline_batchsize() {
whiptail_node_ls_input_threads() {
[ -n "$TESTING" ] && return
LSINPUTTHREADS=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter LogStash Input Threads: \n \n(Default value is pre-populated)" 10 75 1 3>&1 1>&2 2>&3)
@@ -550,6 +646,8 @@ whiptail_node_ls_input_threads() {
whiptail_node_ls_input_batch_count() {
[ -n "$TESTING" ] && return
LSINPUTBATCHCOUNT=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter LogStash Input Batch Count: \n \n(Default value is pre-populated)" 10 75 125 3>&1 1>&2 2>&3)
@@ -560,12 +658,16 @@ whiptail_node_ls_input_batch_count() {
whiptail_passwords_dont_match() {
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --msgbox "Passwords don't match. Please re-enter." 8 75
}
whiptail_patch_name_new_schedule() {
[ -n "$TESTING" ] && return
PATCHSCHEDULENAME=$(whiptail --title "Security Onion Setup" --inputbox \
"What name do you want to give this OS patch schedule? This schedule needs to be named uniquely. Available schedules can be found on the master under /opt/so/salt/patch/os/schedules/<schedulename>.yml" 10 75 3>&1 1>&2 2>&3)
@@ -585,6 +687,8 @@ whiptail_patch_name_new_schedule() {
whiptail_patch_schedule() {
[ -n "$TESTING" ] && return
# What kind of patch schedule are we doing?
PATCHSCHEDULE=$(whiptail --title "Security Onion Setup" --radiolist \
"Choose OS patch schedule. This will NOT update Security Onion related tools such as Zeek, Elasticsearch, Kibana, SaltStack, etc." 15 75 5 \
@@ -600,6 +704,8 @@ whiptail_patch_schedule() {
whiptail_patch_schedule_import() {
[ -n "$TESTING" ] && return
unset PATCHSCHEDULENAME
PATCHSCHEDULENAME=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter the name of the OS patch schedule you want to inherit. Available schedules can be found on the master under /opt/so/salt/patch/os/schedules/<schedulename>.yml" 10 75 3>&1 1>&2 2>&3)
@@ -619,6 +725,8 @@ whiptail_patch_schedule_import() {
}
whiptail_patch_schedule_select_days() {
[ -n "$TESTING" ] && return
# Select the days to patch
PATCHSCHEDULEDAYS=($(whiptail --title "Security Onion Setup" --checklist \
"Which days do you want to apply OS patches?" 15 75 8 \
@@ -635,6 +743,8 @@ whiptail_patch_schedule_select_days() {
}
whiptail_patch_schedule_select_hours() {
[ -n "$TESTING" ] && return
# Select the hours to patch
PATCHSCHEDULEHOURS=($(whiptail --title "Security Onion Setup" --checklist \
"At which time, UTC, do you want to apply OS patches on the selected days? Hours 12 through 23 can be selected on the next screen." 22 75 13 \
@@ -676,6 +786,8 @@ whiptail_patch_schedule_select_hours() {
whiptail_rule_setup() {
[ -n "$TESTING" ] && return
# Get pulled pork info
RULESETUP=$(whiptail --title "Security Onion Setup" --radiolist \
"Which IDS ruleset would you like to use?\n\nThis master server is responsible for downloading the IDS ruleset from the Internet.\n\nSensors then pull a copy of this ruleset from the master server.\n\nIf you select a commercial ruleset, it is your responsibility to purchase enough licenses for all of your sensors in compliance with your vendor's policies." 20 75 4 \
@@ -692,6 +804,8 @@ whiptail_rule_setup() {
whiptail_sensor_config() {
[ -n "$TESTING" ] && return
NSMSETUP=$(whiptail --title "Security Onion Setup" --radiolist \
"What type of configuration would you like to use?:" 20 75 4 \
"BASIC" "Install NSM components with recommended settings" ON \
@@ -704,6 +818,8 @@ whiptail_sensor_config() {
whiptail_set_hostname() {
[ -n "$TESTING" ] && return
HOSTNAME=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter the Hostname you would like to set." 10 75 $HOSTNAME 3>&1 1>&2 2>&3)
@@ -721,6 +837,8 @@ whiptail_set_hostname() {
}
whiptail_set_redirect() {
[ -n "$TESTING" ] && return
REDIRECTINFO=$(whiptail --title "Security Onion Setup" --radiolist \
"Choose the access method for the web interface:" 20 75 4 \
"IP" "Use IP to access the web interface" ON \
@@ -731,6 +849,8 @@ whiptail_set_redirect() {
}
whiptail_set_redirect_host() {
[ -n "$TESTING" ] && return
REDIRECTHOST=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter the Hostname or IP you would like to use for the web interface." 10 75 $HOSTNAME 3>&1 1>&2 2>&3)
local exitstatus=$?
@@ -738,12 +858,16 @@ whiptail_set_redirect_host() {
}
whiptail_set_redirect_info() {
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --msgbox "The following selection refers to accessing the web interface. \n
For security reasons, we use strict cookie enforcement." 10 75
}
whiptail_setup_complete() {
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --msgbox "Finished installing this as an $INSTALLTYPE. Press Enter to reboot." 8 75
install_cleanup >> $SETUPLOG 2>&1
@@ -751,6 +875,8 @@ whiptail_setup_complete() {
whiptail_setup_failed() {
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --msgbox "Install had a problem. Please see $SETUPLOG for details. Press Enter to reboot." 8 75
install_cleanup >> $SETUPLOG 2>&1
@@ -758,6 +884,8 @@ whiptail_setup_failed() {
whiptail_shard_count() {
[ -n "$TESTING" ] && return
SHARDCOUNT=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter ES Shard Count: \n \n(Default value is pre-populated)" 10 75 125 3>&1 1>&2 2>&3)
@@ -768,6 +896,8 @@ whiptail_shard_count() {
whiptail_suricata_pins() {
[ -n "$TESTING" ] && return
FILTEREDCORES=$(echo ${LISTCORES[@]} ${BROPINS[@]} | tr -d '"' | tr ' ' '\n' | sort | uniq -u | awk '{print $1 " \"" "core" "\""}')
SURIPINS=$(whiptail --noitem --title "Pin Suricata CPUS" --checklist "Please Select $LBPROCS cores to pin Suricata to:" 20 75 12 ${FILTEREDCORES[@]} 3>&1 1>&2 2>&3 )
@@ -778,6 +908,8 @@ whiptail_suricata_pins() {
whiptail_master_updates() {
[ -n "$TESTING" ] && return
MASTERUPDATES=$(whiptail --title "Security Onion Setup" --radiolist \
"How would you like to download updates for your grid?:" 20 75 4 \
"MASTER" "Master node is proxy for OS/Docker updates." ON \
@@ -790,6 +922,8 @@ whiptail_master_updates() {
whiptail_node_updates() {
[ -n "$TESTING" ] && return
NODEUPDATES=$(whiptail --title "Security Onion Setup" --radiolist \
"How would you like to download updates for this node?:" 20 75 4 \
"MASTER" "Download OS/Docker updates from the Master." ON \
@@ -802,6 +936,8 @@ whiptail_node_updates() {
whiptail_you_sure() {
[ -n "$TESTING" ] && return
echo "whiptail_you_sure called" >> $SETUPLOG 2>&1
whiptail --title "Security Onion Setup" --yesno "Are you sure you want to install Security Onion over the internet?" 8 75