CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

podman and remove filebeat

Browse Source
This commit is contained in:
m0duspwnens
2023-02-17 14:59:07 -05:00
parent 6fd68351ec
commit 160ed46d96
3 changed files with 20 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
salt/podman/init.sls
View File

@@ -1,3 +1,5 @@
{% from 'docker/docker.map.jinja' import DOCKER %}
Podman pkg: Podman pkg:
pkg.installed: pkg.installed:
- name: podman - name: podman
@@ -7,15 +9,18 @@ Podman service:
file.managed: file.managed:
- name: /usr/lib/systemd/system/podman.service - name: /usr/lib/systemd/system/podman.service
- source: salt://podman/podman.service - source: salt://podman/podman.service
#}
Podman socket: Podman socket:
{#
file.managed: file.managed:
- name: /usr/lib/systemd/system/podman.socket - name: /usr/lib/systemd/system/podman.socket
- source: salt://podman/podman.socket - source: salt://podman/podman.socket
#}
service.running: service.running:
- name: podman.socket - name: podman.socket
- enable: true - enable: true
#}
Docker socket: Docker socket:
file.symlink: file.symlink:
@@ -26,3 +31,16 @@ podman_docker_symlink:
file.symlink: file.symlink:
- name: /usr/bin/docker - name: /usr/bin/docker
- target: /usr/local/bin/podman - target: /usr/local/bin/podman
sos_docker_net:
docker_network.present:
- name: sobridge
- subnet: {{ DOCKER.sorange }}
- gateway: {{ DOCKER.sobip }}
- options:
com.docker.network.bridge.name: 'sobridge'
com.docker.network.driver.mtu: '1500'
com.docker.network.bridge.enable_ip_masquerade: 'true'
com.docker.network.bridge.enable_icc: 'true'
com.docker.network.bridge.host_binding_ipv4: '0.0.0.0'
- unless: 'docker network ls | grep sobridge'

34
salt/top.sls
View File

@@ -8,7 +8,6 @@
{% set PLAYBOOK = salt['pillar.get']('manager:playbook', '0') %} {% set PLAYBOOK = salt['pillar.get']('manager:playbook', '0') %}
{% set ELASTALERT = salt['pillar.get']('elastalert:enabled', True) %} {% set ELASTALERT = salt['pillar.get']('elastalert:enabled', True) %}
{% set ELASTICSEARCH = salt['pillar.get']('elasticsearch:enabled', True) %} {% set ELASTICSEARCH = salt['pillar.get']('elasticsearch:enabled', True) %}
{% set FILEBEAT = salt['pillar.get']('filebeat:enabled', False) %}
{% set KIBANA = salt['pillar.get']('kibana:enabled', True) %} {% set KIBANA = salt['pillar.get']('kibana:enabled', True) %}
{% set LOGSTASH = salt['pillar.get']('logstash:enabled', True) %} {% set LOGSTASH = salt['pillar.get']('logstash:enabled', True) %}
{% set REDIS = salt['pillar.get']('redis:enabled', True) %} {% set REDIS = salt['pillar.get']('redis:enabled', True) %}
@@ -62,9 +61,6 @@ base:
{%- if STRELKA %} {%- if STRELKA %}
- strelka - strelka
{%- endif %} {%- endif %}
{%- if FILEBEAT %}
- filebeat
{%- endif %}
- schedule - schedule
- docker_clean - docker_clean
@@ -102,9 +98,6 @@ base:
{%- if STRELKA %} {%- if STRELKA %}
- strelka - strelka
{%- endif %} {%- endif %}
{%- if FILEBEAT %}
- filebeat
{%- endif %}
- curator - curator
{%- if ELASTALERT %} {%- if ELASTALERT %}
- elastalert - elastalert
@@ -153,9 +146,6 @@ base:
{%- if ELASTALERT %} {%- if ELASTALERT %}
- elastalert - elastalert
{%- endif %} {%- endif %}
{%- if FILEBEAT %}
- filebeat
{%- endif %}
- utility - utility
- schedule - schedule
- soctopus - soctopus
@@ -202,9 +192,6 @@ base:
{%- if STRELKA %} {%- if STRELKA %}
- strelka - strelka
{%- endif %} {%- endif %}
{%- if FILEBEAT %}
- filebeat
{%- endif %}
- curator - curator
{%- if ELASTALERT %} {%- if ELASTALERT %}
- elastalert - elastalert
@@ -229,9 +216,6 @@ base:
{%- if LOGSTASH %} {%- if LOGSTASH %}
- logstash - logstash
{%- endif %} {%- endif %}
{%- if FILEBEAT %}
- filebeat
{%- endif %}
- schedule - schedule
- docker_clean - docker_clean
@@ -270,9 +254,6 @@ base:
{%- if ELASTALERT %} {%- if ELASTALERT %}
- elastalert - elastalert
{%- endif %} {%- endif %}
{%- if FILEBEAT %}
- filebeat
{%- endif %}
- utility - utility
- schedule - schedule
- soctopus - soctopus
@@ -296,9 +277,6 @@ base:
- redis - redis
{%- endif %} {%- endif %}
- curator - curator
{%- if FILEBEAT %}
- filebeat
{%- endif %}
{%- if STRELKA %} {%- if STRELKA %}
- strelka - strelka
{%- endif %} {%- endif %}
@@ -307,9 +285,6 @@ base:
{%- if ZEEKVER != 'SURICATA' %} {%- if ZEEKVER != 'SURICATA' %}
- zeek - zeek
{%- endif %} {%- endif %}
{%- if FILEBEAT %}
- filebeat
{%- endif %}
- schedule - schedule
- docker_clean - docker_clean
@@ -336,9 +311,6 @@ base:
{%- if KIBANA %} {%- if KIBANA %}
- kibana.so_savedobjects_defaults - kibana.so_savedobjects_defaults
{%- endif %} {%- endif %}
{%- if FILEBEAT %}
- filebeat
{%- endif %}
- utility - utility
- suricata - suricata
- zeek - zeek
@@ -358,9 +330,6 @@ base:
{%- if REDIS %} {%- if REDIS %}
- redis - redis
{%- endif %} {%- endif %}
{%- if FILEBEAT %}
- filebeat
{%- endif %}
- schedule - schedule
- docker_clean - docker_clean
@@ -372,9 +341,6 @@ base:
- firewall - firewall
- schedule - schedule
- docker_clean - docker_clean
{%- if FILEBEAT %}
- filebeat
{%- endif %}
- idh - idh
'J@workstation:gui:enabled:^[Tt][Rr][Uu][Ee]$ and ( G@saltversion:{{saltversion}} and G@os:Rocky )': 'J@workstation:gui:enabled:^[Tt][Rr][Uu][Ee]$ and ( G@saltversion:{{saltversion}} and G@os:Rocky )':

2
setup/so-setup
View File

@@ -579,7 +579,7 @@ if ! [[ -f $install_opt_file ]]; then
logCmd "salt-call state.apply common.packages" logCmd "salt-call state.apply common.packages"
logCmd "salt-call state.apply common" logCmd "salt-call state.apply common"
logCmd "salt-call state.apply docker" logCmd "salt-call state.apply podman"
firewall_generate_templates firewall_generate_templates
set_initial_firewall_policy set_initial_firewall_policy