CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix playbook mysql errors

Browse Source
This commit is contained in:
Josh Brower
2020-05-10 07:57:45 -04:00
parent e3a3a01ee1
commit 02160b12ee
3 changed files with 22 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
salt/playbook/init.sls
View File

@@ -52,6 +52,26 @@ query_updatepluginurls:
- connection_user: root - connection_user: root
- connection_pass: {{ MYSQLPASS }} - connection_pass: {{ MYSQLPASS }}
playbookdbuser:
mysql_user.present:
- host: 172.17.0.0/255.255.0.0
- password: {{ PLAYBOOKPASS }}
- connection_host: {{ MAINIP }}
- connection_port: 3306
- connection_user: root
- connection_pass: {{ MYSQLPASS }}
playbookdbdbpriv:
mysql_grants.present:
- grant: all privileges
- database: playbook.*
- user: playbookdbuser
- host: 172.17.0.0/255.255.0.0
- connection_host: {{ MAINIP }}
- connection_port: 3306
- connection_user: root
- connection_pass: {{ MYSQLPASS }}
{% if PLAYBOOKPASS == None %} {% if PLAYBOOKPASS == None %}
playbook_password_none: playbook_password_none:

2
salt/top.sls
View File

@@ -68,9 +68,7 @@ base:
- firewall - firewall
- idstools - idstools
- healthcheck - healthcheck
{%- if FLEETMASTER or FLEETNODE %}
- mysql - mysql
{%- endif %}
{%- if WAZUH != 0 %} {%- if WAZUH != 0 %}
- wazuh - wazuh
{%- endif %} {%- endif %}

2
setup/so-functions
View File

@@ -122,6 +122,7 @@ secrets_pillar(){
printf '%s\n'\ printf '%s\n'\
"secrets:"\ "secrets:"\
" mysql: $MYSQLPASS"\ " mysql: $MYSQLPASS"\
" playbook: $PLAYBOOKPASS"\
" fleet: $FLEETPASS"\ " fleet: $FLEETPASS"\
" fleet_jwt: $FLEETJWT"\ " fleet_jwt: $FLEETJWT"\
" fleet_enroll-secret: False" > /opt/so/saltstack/pillar/secrets.sls " fleet_enroll-secret: False" > /opt/so/saltstack/pillar/secrets.sls
@@ -736,6 +737,7 @@ fleet_pillar() {
generate_passwords(){ generate_passwords(){
# Generate Random Passwords for Things # Generate Random Passwords for Things
MYSQLPASS=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) MYSQLPASS=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1)
PLAYBOOKPASS=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1)
FLEETPASS=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) FLEETPASS=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1)
FLEETJWT=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) FLEETJWT=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1)
HIVEKEY=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1) HIVEKEY=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 20 | head -n 1)