[feat] Use setup user+pass for TheHive, Cortex, and Fleet as well

2025-12-06 09:12:45 +01:00 · 2020-07-10 14:40:04 -04:00
parent 67c8836cd6
commit f56811e745
4 changed files with 19 additions and 17 deletions
--- a/salt/thehive/scripts/cortex_init
+++ b/salt/thehive/scripts/cortex_init
@@ -1,11 +1,11 @@
 #!/bin/bash
-{% set MASTERIP = salt['pillar.get']('static:masterip', '') %}
-{%- set CORTEXUSER = salt['pillar.get']('static:cortexuser', '') %}
-{%- set CORTEXPASSWORD = salt['pillar.get']('static:cortexpassword', '') %}
-{%- set CORTEXKEY = salt['pillar.get']('static:cortexkey', '') %}
-{%- set CORTEXORGNAME = salt['pillar.get']('static:cortexorgname', '') %}
-{%- set CORTEXORGUSER = salt['pillar.get']('static:cortexorguser', '') %}
-{%- set CORTEXORGUSERKEY = salt['pillar.get']('static:cortexorguserkey', '') %}
+# {%- set MASTERIP = salt['pillar.get']('static:masterip', '') %}
+# {%- set CORTEXUSER = salt['pillar.get']('static:cortexuser', '') %}
+# {%- set CORTEXPASSWORD = salt['pillar.get']('static:cortexpassword', 'cortexchangeme') %}
+# {%- set CORTEXKEY = salt['pillar.get']('static:cortexkey', '') %}
+# {%- set CORTEXORGNAME = salt['pillar.get']('static:cortexorgname', '') %}
+# {%- set CORTEXORGUSER = salt['pillar.get']('static:cortexorguser', '') %}
+# {%- set CORTEXORGUSERKEY = salt['pillar.get']('static:cortexorguserkey', '') %}

 default_salt_dir=/opt/so/saltstack/default

--- a/salt/thehive/scripts/hive_init
+++ b/salt/thehive/scripts/hive_init
@@ -1,8 +1,8 @@
 #!/bin/bash
-{% set MASTERIP = salt['pillar.get']('static:masterip', '') %}
-{%- set THEHIVEUSER = salt['pillar.get']('static:hiveuser', '') %}
-{%- set THEHIVEPASSWORD = salt['pillar.get']('static:hivepassword', '') %}
-{%- set THEHIVEKEY = salt['pillar.get']('static:hivekey', '') %}
+# {%- set MASTERIP = salt['pillar.get']('static:masterip', '') %}
+# {%- set THEHIVEUSER = salt['pillar.get']('static:hiveuser', '') %}
+# {%- set THEHIVEPASSWORD = salt['pillar.get']('static:hivepassword', 'hivechangeme') %}
+# {%- set THEHIVEKEY = salt['pillar.get']('static:hivekey', '') %}

 thehive_init(){
    sleep 120
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -979,15 +979,16 @@ master_static() {
 		"  broversion: $BROVERSION"\
 		"  ids: $NIDS"\
 		"  masterip: $MAINIP"\
-		"  hiveuser: hiveadmin"\
-		"  hivepassword: hivechangeme"\
+		"  hiveuser: $WEBUSER"\
+		"  hivepassword: $WEBPASSWD1"\
 		"  hivekey: $HIVEKEY"\
-		"  cortexuser: cortexadmin"\
-		"  cortexpassword: cortexchangeme"\
+		"  cortexuser: $WEBUSER"\
+		"  cortexpassword: $WEBPASSWD1"\
 		"  cortexkey: $CORTEXKEY"\
 		"  cortexorgname: SecurityOnion"\
-		"  cortexorguser: soadmin"\
+		"  cortexorguser: $WEBUSER"\
 		"  cortexorguserkey: $CORTEXORGUSERKEY"\
+		"  grafanapassword: $WEBPASSWD1"\
 		"  fleet_custom_hostname: "\
 		"  fleet_master: False"\
 		"  fleet_node: False"\
--- a/setup/so-whiptail
+++ b/setup/so-whiptail
@@ -252,7 +252,8 @@ whiptail_create_web_user() {
 	[ -n "$TESTING" ] && return

 	WEBUSER=$(whiptail --title "Security Onion Install" --inputbox \
-	"Please enter an email address to create an administrator account for the web interface." 10 60 3>&1 1>&2 2>&3)
+	"Please enter an email address to create an administrator account for the web interface. \
+	This will also be used for TheHive, Cortex, and Fleet" 10 60 3>&1 1>&2 2>&3)

 	local exitstatus=$?
 	whiptail_check_exitstatus $exitstatus