securityonion/salt/common/tools/sbin/so-fleet-setup

#!/bin/bash

#so-fleet-setup $FleetEmail $FleetPassword 

. /usr/sbin/so-common

if [[ $# -ne 2 ]] ; then
      echo "Username or Password was not set - exiting now."
      exit 1
fi

USER_EMAIL=$1
USER_PW=$2

# Checking to see if required containers are started...
if [ ! "$(docker ps -q -f name=so-fleet)" ]; then
        echo "Starting Docker Containers..."
        salt-call state.apply mysql queue=True >> /root/fleet-setup.log
        salt-call state.apply fleet queue=True >> /root/fleet-setup.log
        salt-call state.apply redis queue=True >> /root/fleet-setup.log
fi

docker exec so-fleet fleetctl config set --address https://127.0.0.1:8080 --tls-skip-verify --url-prefix /fleet
docker exec so-fleet bash -c 'while [[ "$(curl -s -o /dev/null --insecure -w ''%{http_code}'' https://127.0.0.1:8080/fleet)" != "301" ]]; do sleep 5; done'

# Create Security Onion Fleet Service Account + Setup Fleet
FLEET_SA_EMAIL=$(lookup_pillar_secret fleet_sa_email)
FLEET_SA_PW=$(lookup_pillar_secret fleet_sa_password)
docker exec so-fleet fleetctl setup --email $FLEET_SA_EMAIL --password $FLEET_SA_PW --name SO_ServiceAccount --org-name SO

# Create User Account
echo "$USER_PW" | so-fleet-user-add "$USER_EMAIL"

# Import Packs & Configs
docker exec so-fleet fleetctl apply -f /packs/palantir/Fleet/Endpoints/MacOS/osquery.yaml
docker exec so-fleet fleetctl apply -f /packs/palantir/Fleet/Endpoints/Windows/osquery.yaml
docker exec so-fleet fleetctl apply -f /packs/so/so-default.yml
docker exec so-fleet /bin/sh -c 'for pack in /packs/palantir/Fleet/Endpoints/packs/*.yaml; do fleetctl apply -f "$pack"; done'
docker exec so-fleet fleetctl apply -f /packs/osquery-config.conf


# Update the Enroll Secret
echo "Updating the Enroll Secret..."
salt-call state.apply fleet.event_update-enroll-secret queue=True >> /root/fleet-setup.log
salt-call state.apply nginx queue=True >> /root/fleet-setup.log

# Generate osquery install packages
echo "Generating osquery install packages - this will take some time..."
salt-call state.apply fleet.event_gen-packages queue=True >> /root/fleet-setup.log
sleep 120

echo "Installing launcher via salt..."
salt-call state.apply fleet.install_package queue=True >> /root/fleet-setup.log
salt-call state.apply filebeat queue=True >> /root/fleet-setup.log
docker stop so-nginx
salt-call state.apply nginx queue=True >> /root/fleet-setup.log

echo "Fleet Setup Complete - Login with the username and password you ran the script with."