Idempodency fixes, bug fixes, make shellcheck happy

Vagrant/logger_bootstrap.sh

@@ -7,7 +7,10 @@ if ! curl -s 169.254.169.254 --connect-timeout 2 >/dev/null; then
   echo -e "    eth1:\n      dhcp4: true\n      nameservers:\n        addresses: [8.8.8.8,8.8.4.4]" >>/etc/netplan/01-netcfg.yaml
   netplan apply
 fi
-sed -i 's/nameserver 127.0.0.53/nameserver 8.8.8.8/g' /etc/resolv.conf && chattr +i /etc/resolv.conf
+
+if grep '127.0.0.53' /etc/resolv.conf; then
+  sed -i 's/nameserver 127.0.0.53/nameserver 8.8.8.8/g' /etc/resolv.conf && chattr +i /etc/resolv.conf
+fi
 
 # Source variables from logger_variables.sh
 # shellcheck disable=SC1091
@@ -24,7 +27,9 @@ export DEBIAN_FRONTEND=noninteractive
 echo "apt-fast apt-fast/maxdownloads string 10" | debconf-set-selections
 echo "apt-fast apt-fast/dlflag boolean true" | debconf-set-selections
 
-sed -i "2ideb mirror://mirrors.ubuntu.com/mirrors.txt bionic main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt bionic-updates main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt bionic-backports main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt bionic-security main restricted universe multiverse" /etc/apt/sources.list
+if ! grep 'mirrors.ubuntu.com/mirrors.txt' /etc/apt/sources.list; then
+  sed -i "2ideb mirror://mirrors.ubuntu.com/mirrors.txt bionic main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt bionic-updates main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt bionic-backports main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt bionic-security main restricted universe multiverse" /etc/apt/sources.list
+fi
 
 apt_install_prerequisites() {
   echo "[$(date +%H:%M:%S)]: Adding apt repositories..."
@@ -89,11 +94,14 @@ fix_eth1_static_ip() {
   fi
   # There's a fun issue where dhclient keeps messing with eth1 despite the fact
   # that eth1 has a static IP set. We workaround this by setting a static DHCP lease.
-  echo -e 'interface "eth1" {
-    send host-name = gethostname();
-    send dhcp-requested-address 192.168.38.105;
-  }' >>/etc/dhcp/dhclient.conf
-  netplan apply
+  if ! grep 'interface "eth1"' /etc/dhcp/dhclient.conf; then
+    echo -e 'interface "eth1" {
+      send host-name = gethostname();
+      send dhcp-requested-address 192.168.38.105;
+    }' >>/etc/dhcp/dhclient.conf
+    netplan apply
+  fi
+
   # Fix eth1 if the IP isn't set correctly
   ETH1_IP=$(ip -4 addr show eth1 | grep -oP '(?<=inet\s)\d+(\.\d+){3}' | head -1)
   if [ "$ETH1_IP" != "192.168.38.105" ]; then
@@ -264,8 +272,12 @@ install_fleet_import_osquery_config() {
     cd /opt || exit 1
 
     echo "[$(date +%H:%M:%S)]: Installing Fleet..."
-    echo -e "\n127.0.0.1       fleet" >>/etc/hosts
-    echo -e "\n127.0.0.1       logger" >>/etc/hosts
+    if ! grep 'fleet' /etc/hosts; then
+      echo -e "\n127.0.0.1       fleet" >>/etc/hosts
+    fi
+    if ! grep 'logger' /etc/hosts; then
+      echo -e "\n127.0.0.1       logger" >>/etc/hosts
+    fi
 
     # Set MySQL username and password, create fleet database
     mysql -uroot -e "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'fleet';"
@@ -284,11 +296,14 @@ install_fleet_import_osquery_config() {
     cp /vagrant/resources/fleet/server.* /opt/fleet/
     cp /vagrant/resources/fleet/fleet.service /etc/systemd/system/fleet.service
 
+    # Create directory for logs
     mkdir /var/log/fleet
 
+    # Install the service file
     /bin/systemctl enable fleet.service
     /bin/systemctl start fleet.service
 
+    # Start Fleet
     echo "[$(date +%H:%M:%S)]: Waiting for fleet service to start..."
     while true; do
       result=$(curl --silent -k https://127.0.0.1:8412)
@@ -340,7 +355,9 @@ install_zeek() {
   echo "[$(date +%H:%M:%S)]: Installing Zeek..."
   # Environment variables
   NODECFG=/opt/zeek/etc/node.cfg
-  sh -c "echo 'deb http://download.opensuse.org/repositories/security:/zeek/xUbuntu_18.04/ /' > /etc/apt/sources.list.d/security:zeek.list"
+  if ! grep 'zeek' /etc/apt/sources.list.d/security:zeek.list; then
+    sh -c "echo 'deb http://download.opensuse.org/repositories/security:/zeek/xUbuntu_18.04/ /' > /etc/apt/sources.list.d/security:zeek.list"
+  fi
   wget -nv https://download.opensuse.org/repositories/security:zeek/xUbuntu_18.04/Release.key -O /tmp/Release.key
   apt-key add - </tmp/Release.key &>/dev/null
   # Update APT repositories
@@ -501,6 +518,7 @@ install_suricata() {
     exit 1
   fi
 
+  # Configure a logrotate policy for Suricata
   cat >/etc/logrotate.d/suricata <<EOF
 /var/log/suricata/*.log /var/log/suricata/*.json
 {
@@ -591,8 +609,6 @@ configure_splunk_inputs() {
   # Ensure permissions are correct and restart splunk
   chown -R splunk:splunk /opt/splunk/etc/apps/Splunk_TA_bro
   /opt/splunk/bin/splunk restart
-
-
 }
 
 main() {
@@ -616,8 +632,8 @@ splunk_only() {
 }
 
 # Allow custom modes via CLI args
-if [ ! -z $1 ]; then
-  eval $1
+if [ -n "$1" ]; then
+  eval "$1"
 else
   main
 fi