[feat] Use setup user+pass for TheHive, Cortex, and Fleet as well

salt/thehive/scripts/cortex_init

@@ -1,11 +1,11 @@
 #!/bin/bash
-{% set MASTERIP = salt['pillar.get']('static:masterip', '') %}
+# {%- set MASTERIP = salt['pillar.get']('static:masterip', '') %}
-{%- set CORTEXUSER = salt['pillar.get']('static:cortexuser', '') %}
+# {%- set CORTEXUSER = salt['pillar.get']('static:cortexuser', '') %}
-{%- set CORTEXPASSWORD = salt['pillar.get']('static:cortexpassword', '') %}
+# {%- set CORTEXPASSWORD = salt['pillar.get']('static:cortexpassword', 'cortexchangeme') %}
-{%- set CORTEXKEY = salt['pillar.get']('static:cortexkey', '') %}
+# {%- set CORTEXKEY = salt['pillar.get']('static:cortexkey', '') %}
-{%- set CORTEXORGNAME = salt['pillar.get']('static:cortexorgname', '') %}
+# {%- set CORTEXORGNAME = salt['pillar.get']('static:cortexorgname', '') %}
-{%- set CORTEXORGUSER = salt['pillar.get']('static:cortexorguser', '') %}
+# {%- set CORTEXORGUSER = salt['pillar.get']('static:cortexorguser', '') %}
-{%- set CORTEXORGUSERKEY = salt['pillar.get']('static:cortexorguserkey', '') %}
+# {%- set CORTEXORGUSERKEY = salt['pillar.get']('static:cortexorguserkey', '') %}
 
 default_salt_dir=/opt/so/saltstack/default
 

salt/thehive/scripts/hive_init

@@ -1,8 +1,8 @@
 #!/bin/bash
-{% set MASTERIP = salt['pillar.get']('static:masterip', '') %}
+# {%- set MASTERIP = salt['pillar.get']('static:masterip', '') %}
-{%- set THEHIVEUSER = salt['pillar.get']('static:hiveuser', '') %}
+# {%- set THEHIVEUSER = salt['pillar.get']('static:hiveuser', '') %}
-{%- set THEHIVEPASSWORD = salt['pillar.get']('static:hivepassword', '') %}
+# {%- set THEHIVEPASSWORD = salt['pillar.get']('static:hivepassword', 'hivechangeme') %}
-{%- set THEHIVEKEY = salt['pillar.get']('static:hivekey', '') %}
+# {%- set THEHIVEKEY = salt['pillar.get']('static:hivekey', '') %}
 
 thehive_init(){
     sleep 120

setup/so-functions

@@ -979,15 +979,16 @@ master_static() {
 		"  broversion: $BROVERSION"\
 		"  ids: $NIDS"\
 		"  masterip: $MAINIP"\
-		"  hiveuser: hiveadmin"\
+		"  hiveuser: $WEBUSER"\
-		"  hivepassword: hivechangeme"\
+		"  hivepassword: $WEBPASSWD1"\
 		"  hivekey: $HIVEKEY"\
-		"  cortexuser: cortexadmin"\
+		"  cortexuser: $WEBUSER"\
-		"  cortexpassword: cortexchangeme"\
+		"  cortexpassword: $WEBPASSWD1"\
 		"  cortexkey: $CORTEXKEY"\
 		"  cortexorgname: SecurityOnion"\
-		"  cortexorguser: soadmin"\
+		"  cortexorguser: $WEBUSER"\
 		"  cortexorguserkey: $CORTEXORGUSERKEY"\
+		"  grafanapassword: $WEBPASSWD1"\
 		"  fleet_custom_hostname: "\
 		"  fleet_master: False"\
 		"  fleet_node: False"\

setup/so-whiptail

@@ -252,7 +252,8 @@ whiptail_create_web_user() {
 	[ -n "$TESTING" ] && return
 
 	WEBUSER=$(whiptail --title "Security Onion Install" --inputbox \
-	"Please enter an email address to create an administrator account for the web interface." 10 60 3>&1 1>&2 2>&3)
+	"Please enter an email address to create an administrator account for the web interface. \
+	This will also be used for TheHive, Cortex, and Fleet" 10 60 3>&1 1>&2 2>&3)
 
 	local exitstatus=$?
 	whiptail_check_exitstatus $exitstatus