snooss - Security Network Operations powered by Open Source Software

Please use this documentation to setup a single host snooss system running all components on one node (for testing or demo purposes) or the “worker-01” node of a distributed setup.

A single host/single node system is NOT recommended to be used for a productive solution.

General requirements

The setup process is described below.

Ubuntu 22.04.x LTS Server 64-bit

Ubuntu Installation

salt based setup via 1s2t3sm

# login as user snooss at snooss-customer-0
sudo su -
apt-get update
apt-get -y upgrade
apt-get autoremove

# install salt-minion
cd /tmp
curl -L https://bootstrap.saltstack.com -o install_salt.sh
sh install_salt.sh -P

# if problems occur during installation of salt try:
# Download key
# curl -fsSL -o /usr/share/keyrings/salt-archive-keyring.gpg https://repo.saltproject.io/py3/ubuntu/22.04/amd64/latest/salt-archive-keyring.gpg
# Create apt sources list file
# echo "deb [signed-by=/usr/share/keyrings/salt-archive-keyring.gpg arch=amd64] https://repo.saltproject.io/py3/ubuntu/22.04/amd64/latest jammy main" | tee /etc/apt/sources.list.d/salt.list
# afterwards repeat install_salt.sh as mentioned above

hostname > /etc/salt/minion_id
echo "master: 1s2t3sm.onestep2.at" > /etc/salt/minion.d/master.conf
echo "saltenv: snooss" > /etc/salt/minion.d/environment.conf
reboot

# now reach out to oneStep2 to accept your salt minion key

# as soon as the key was accepted try to ping via salt the 1s2t3sm salt master
# login as user snooss at snooss-customer-0
sudo su -
salt-call test.ping 
# you should receive a "True", if not your key was not yet accepted

# highstate your system by calling 1s2t3sm via salt 
salt-call state.highstate
# verify afterwards if all states were applied successfully
# if not: repeat the state.highstate and/or solve the problem causing states to fail

# finally reboot
reboot

Initial git clone and download (already built base containers)

# ssh as user snooss
cd /opt 
sudo mkdir snooss
sudo chown snooss.snooss snooss
cd /opt/ && git clone https://git.onestep2.at/snooss/.git/ snooss
or     
cd /opt/ && git -c http.sslVerify=false clone https://git.onestep2.at/snooss/.git/ snooss
# git config http.sslVerify false -> if your infrastructure inspects outbound ssl

cd /opt/snooss
git config --global credential.helper store
git pull
docker login hub.onestep2.at

Name resolution

Make sure your local ip address can be resolved to your hostname.

This can be done via dns or /etc/hosts (our recommendation: have your host always resolvable via /etc/hosts!)

Add an entry like “192.168.56.131 snooss-customer-0” to your /etc/hosts

Initial setup of base containers, startup and reboot

# ssh as user snooss
cd /opt/snooss 

# create an architecture based docker-compose.yml and 
# setup a default initialized system by running quick_start.sh
./quick_start.sh

# finally stop everything and reboot
./stop_all.sh
sudo reboot