From 5d93649b8b85ea1a9dbfae18339fb86cbdef534e Mon Sep 17 00:00:00 2001
From: gkallenberg <gregorykallenberg@nypl.org>
Date: Tue, 27 Jun 2023 12:22:54 -0400
Subject: [PATCH 1/2] add new script for security packages

---
 .ebextensions/00_nypl_provision.config  | 15 +++++++++++++++
 .ebextensions/falcon_crowdstrike.config | 17 -----------------
 2 files changed, 15 insertions(+), 17 deletions(-)
 create mode 100644 .ebextensions/00_nypl_provision.config
 delete mode 100644 .ebextensions/falcon_crowdstrike.config

diff --git a/.ebextensions/00_nypl_provision.config b/.ebextensions/00_nypl_provision.config
new file mode 100644
index 00000000..3de3a5f3
--- /dev/null
+++ b/.ebextensions/00_nypl_provision.config
@@ -0,0 +1,15 @@
+files:
+  "/opt/elasticbeanstalk/hooks/appdeploy/pre/07_nypl_provsion.sh":
+    mode: "000755"
+    owner: ec2-user
+    group: ec2-user
+    content: |
+      #!/usr/bin/env bash
+      . /opt/elasticbeanstalk/support/envvars
+           file=/var/tmp/provisioned
+      if [[ -a $file ]]; then
+        echo "installed"
+      else
+        curl https://nypl-provisioning.s3.amazonaws.com/provision-yumbased-linux.sh | bash
+      fi
+    encoding: plain
\ No newline at end of file
diff --git a/.ebextensions/falcon_crowdstrike.config b/.ebextensions/falcon_crowdstrike.config
deleted file mode 100644
index faed775d..00000000
--- a/.ebextensions/falcon_crowdstrike.config
+++ /dev/null
@@ -1,17 +0,0 @@
-files:
-  "/opt/elasticbeanstalk/hooks/appdeploy/pre/07_falcon_crowdstrike.sh":
-    mode: "000755"
-    owner: ec2-user
-    group: ec2-user
-    content: |
-      #!/usr/bin/env bash
-      . /opt/elasticbeanstalk/support/envvars
-      cd /home/ec2-user
-      yum -q list installed falcon-sensor &> /dev/null && isInstalled="yes" || isInstalled="no"
-      if [ $isInstalled == "no" ]; then
-        wget https://s3.amazonaws.com/nypl-rpms/falcon-sensor-6.33.0-13003.el6.x86_64.rpm
-        yum -y install /home/ec2-user/falcon-sensor-6.33.0-13003.el6.x86_64.rpm
-        /opt/CrowdStrike/falconctl -s --cid=2F323D2F1EF049D0BCE9A15DDC55D946-19
-      fi
-      sudo service falcon-sensor start
-    encoding: plain
\ No newline at end of file

From 90b6e0477c058bf33e5f4baae02e6987087db767 Mon Sep 17 00:00:00 2001
From: gkallenberg <gregorykallenberg@nypl.org>
Date: Tue, 27 Jun 2023 14:38:02 -0400
Subject: [PATCH 2/2] fix script filename

---
 .ebextensions/00_nypl_provision.config | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.ebextensions/00_nypl_provision.config b/.ebextensions/00_nypl_provision.config
index 3de3a5f3..563e1a84 100644
--- a/.ebextensions/00_nypl_provision.config
+++ b/.ebextensions/00_nypl_provision.config
@@ -10,6 +10,6 @@ files:
       if [[ -a $file ]]; then
         echo "installed"
       else
-        curl https://nypl-provisioning.s3.amazonaws.com/provision-yumbased-linux.sh | bash
+        curl https://nypl-provisioning.s3.amazonaws.com/provision-yumbased-linux_eb.sh | bash
       fi
     encoding: plain
\ No newline at end of file