mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-06 17:22:49 +01:00
Merge pull request #6585 from Security-Onion-Solutions/unhotfix
Unhotfix
This commit is contained in:
Mike Reeves
GitHub
@@ -24,9 +24,9 @@ set -e
|
|||||||
|
|
||||||
# Check to see if we have extracted the ca cert.
|
# Check to see if we have extracted the ca cert.
|
||||||
if [ ! -f /opt/so/saltstack/local/salt/common/cacerts ]; then
|
if [ ! -f /opt/so/saltstack/local/salt/common/cacerts ]; then
|
||||||
docker run -v /etc/pki/ca.crt:/etc/pki/ca.crt --name so-elasticsearchca --user root --entrypoint jdk/bin/keytool {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-elasticsearch:{{ VERSION }} -keystore /etc/pki/ca-trust/extracted/java/cacerts -alias SOSCA -import -file /etc/pki/ca.crt -storepass changeit -noprompt
|
docker run -v /etc/pki/ca.crt:/etc/ssl/ca.crt --name so-elasticsearchca --user root --entrypoint jdk/bin/keytool {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-elasticsearch:{{ VERSION }} -keystore /etc/ssl/certs/java/cacerts -alias SOSCA -import -file /etc/ssl/ca.crt -storepass changeit -noprompt
|
||||||
docker cp so-elasticsearchca:/etc/pki/ca-trust/extracted/java/cacerts /opt/so/saltstack/local/salt/common/cacerts
|
docker cp so-elasticsearchca:/etc/ssl/certs/java/cacerts /opt/so/saltstack/local/salt/common/cacerts
|
||||||
docker cp so-elasticsearchca:/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem /opt/so/saltstack/local/salt/common/tls-ca-bundle.pem
|
docker cp so-elasticsearchca:/etc/ssl/certs/ca-certificates.crt /opt/so/saltstack/local/salt/common/tls-ca-bundle.pem
|
||||||
docker rm so-elasticsearchca
|
docker rm so-elasticsearchca
|
||||||
echo "" >> /opt/so/saltstack/local/salt/common/tls-ca-bundle.pem
|
echo "" >> /opt/so/saltstack/local/salt/common/tls-ca-bundle.pem
|
||||||
echo "sosca" >> /opt/so/saltstack/local/salt/common/tls-ca-bundle.pem
|
echo "sosca" >> /opt/so/saltstack/local/salt/common/tls-ca-bundle.pem
|
||||||
|
|||||||
@@ -275,7 +275,7 @@ so-elasticsearch:
|
|||||||
- /opt/so/conf/elasticsearch/log4j2.properties:/usr/share/elasticsearch/config/log4j2.properties:ro
|
- /opt/so/conf/elasticsearch/log4j2.properties:/usr/share/elasticsearch/config/log4j2.properties:ro
|
||||||
- /nsm/elasticsearch:/usr/share/elasticsearch/data:rw
|
- /nsm/elasticsearch:/usr/share/elasticsearch/data:rw
|
||||||
- /opt/so/log/elasticsearch:/var/log/elasticsearch:rw
|
- /opt/so/log/elasticsearch:/var/log/elasticsearch:rw
|
||||||
- /opt/so/conf/ca/cacerts:/etc/pki/ca-trust/extracted/java/cacerts:ro
|
- /opt/so/conf/ca/cacerts:/etc/ssl/certs/java/cacerts:ro
|
||||||
{% if ismanager %}
|
{% if ismanager %}
|
||||||
- /etc/pki/ca.crt:/usr/share/elasticsearch/config/ca.crt:ro
|
- /etc/pki/ca.crt:/usr/share/elasticsearch/config/ca.crt:ro
|
||||||
{% else %}
|
{% else %}
|
||||||
|
|||||||
Reference in New Issue
Block a user