CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9949 from Security-Onion-Solutions/guifixes

Browse Source 
Change the salt dir for elastic fleet
This commit is contained in:
Mike Reeves
2023-03-20 08:59:09 -04:00
committed by GitHub
parent 542eb19cdc da3fa31439
commit 1a70a6eb30
9 changed files with 26 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
salt/allowed_states.map.jinja
View File

@@ -34,7 +34,7 @@
'influxdb',
'soc',
'kratos',
'elastic-fleet',
'elasticfleet',
'firewall',
'idstools',
'suricata.manager',
@@ -105,7 +105,7 @@
'schedule',
'tcpreplay',
'docker_clean',
'elastic-fleet'
'elasticfleet'
],
'so-manager': [
'salt.master',
@@ -118,7 +118,7 @@
'influxdb',
'soc',
'kratos',
'elastic-fleet',
'elasticfleet',
'firewall',
'idstools',
'suricata.manager',
@@ -137,7 +137,7 @@
'influxdb',
'soc',
'kratos',
'elastic-fleet',
'elasticfleet',
'firewall',
'manager',
'idstools',
@@ -166,7 +166,7 @@
'influxdb',
'soc',
'kratos',
'elastic-fleet',
'elasticfleet',
'firewall',
'idstools',
'suricata.manager',

4
salt/common/tools/sbin/so-elastic-agent-gen-installers
View File

@@ -24,11 +24,11 @@ mkdir -p /tmp/elastic-agent-workspace
for OS in "${CONTAINERGOOS[@]}"
do
printf "\n\nGenerating $OS Installer..."
cp /opt/so/saltstack/default/salt/elastic-fleet/files/elastic-agent/so-elastic-agent-*-$OS-x86_64.tar.gz /tmp/elastic-agent-workspace/$OS.tar.gz
cp /opt/so/saltstack/default/salt/elasticfleet/files/elastic-agent/so-elastic-agent-*-$OS-x86_64.tar.gz /tmp/elastic-agent-workspace/$OS.tar.gz
docker run -e CGO_ENABLED=0 -e GOOS=$OS \
--mount type=bind,source=/etc/ssl/certs/,target=/workspace/files/cert/ \
--mount type=bind,source=/tmp/elastic-agent-workspace/,target=/workspace/files/elastic-agent/ \
--mount type=bind,source=/opt/so/saltstack/local/salt/elastic-fleet/files/so_agent-installers/,target=/output/ \
--mount type=bind,source=/opt/so/saltstack/local/salt/elasticfleet/files/so_agent-installers/,target=/output/ \
{{ GLOBALS.registry_host }}:5000/{{ GLOBALS.image_repo }}/so-elastic-agent-builder:{{ GLOBALS.so_version }} go build -ldflags "-X main.fleetHost=$FLEETHOST -X main.enrollmentToken=$ENROLLMENTOKEN" -o /output/so-elastic-agent_$OS
printf "\n $OS Installer Generated..."
done

10
salt/common/tools/sbin/so-elastic-fleet-setup
View File

@@ -91,19 +91,19 @@ printf '%s\n'\
"" >> "$global_pillar_file"
# Call Elastic-Fleet Salt State
salt-call state.apply elastic-fleet queue=True
salt-call state.apply elasticfleet queue=True
# Load Elastic Fleet integrations
/usr/sbin/so-elastic-fleet-integration-policy-load
# Temp
wget --progress=bar:force:noscroll -P /opt/so/saltstack/default/salt/elastic-fleet/files/elastic-agent/ https://github.com/Security-Onion-Solutions/securityonion-docker-rpm/releases/download/so_elastic-agent-8.4.1/so-elastic-agent-8.4.1-darwin-x86_64.tar.gz
wget --progress=bar:force:noscroll -P /opt/so/saltstack/default/salt/elastic-fleet/files/elastic-agent/ https://github.com/Security-Onion-Solutions/securityonion-docker-rpm/releases/download/so_elastic-agent-8.4.1/so-elastic-agent-8.4.1-linux-x86_64.tar.gz
wget --progress=bar:force:noscroll -P /opt/so/saltstack/default/salt/elastic-fleet/files/elastic-agent/ https://github.com/Security-Onion-Solutions/securityonion-docker-rpm/releases/download/so_elastic-agent-8.4.1/so-elastic-agent-8.4.1-windows-x86_64.tar.gz
wget --progress=bar:force:noscroll -P /opt/so/saltstack/default/salt/elasticfleet/files/elastic-agent/ https://github.com/Security-Onion-Solutions/securityonion-docker-rpm/releases/download/so_elastic-agent-8.4.1/so-elastic-agent-8.4.1-darwin-x86_64.tar.gz
wget --progress=bar:force:noscroll -P /opt/so/saltstack/default/salt/elasticfleet/files/elastic-agent/ https://github.com/Security-Onion-Solutions/securityonion-docker-rpm/releases/download/so_elastic-agent-8.4.1/so-elastic-agent-8.4.1-linux-x86_64.tar.gz
wget --progress=bar:force:noscroll -P /opt/so/saltstack/default/salt/elasticfleet/files/elastic-agent/ https://github.com/Security-Onion-Solutions/securityonion-docker-rpm/releases/download/so_elastic-agent-8.4.1/so-elastic-agent-8.4.1-windows-x86_64.tar.gz
#git clone -b 2.4-so-elastic-agent https://github.com/Security-Onion-Solutions/securityonion-image.git
#cd securityonion-image/so-elastic-agent-builder
#docker build -t so-elastic-agent-builder .
so-elastic-agent-gen-installers
salt-call state.apply elastic-fleet.install_agent_grid queue=True
salt-call state.apply elasticfleet.install_agent_grid queue=True

0
salt/elastic-fleet/files/so_agent-installers/readme → salt/elasticfleet/files/so_agent-installers/readme
View File

0
salt/elastic-fleet/init.sls → salt/elasticfleet/init.sls
View File

2
salt/elastic-fleet/install_agent_grid.sls → salt/elasticfleet/install_agent_grid.sls
View File

@@ -9,7 +9,7 @@
run_installer:
cmd.script:
- name: salt://elastic-fleet/files/so_agent-installers/so-elastic-agent_linux
- name: salt://elasticfleet/files/so_agent-installers/so-elastic-agent_linux
- args: -token={{ GRIDNODETOKEN }}
{% endif %}

2
salt/nginx/init.sls
View File

@@ -95,7 +95,7 @@ so-nginx:
- /opt/so/log/nginx/:/var/log/nginx:rw
- /opt/so/tmp/nginx/:/var/lib/nginx:rw
- /opt/so/tmp/nginx/:/run:rw
- /opt/so/saltstack/local/salt/elastic-fleet/files/so_agent-installers/:/opt/socore/html/packages
- /opt/so/saltstack/local/salt/elasticfleet/files/so_agent-installers/:/opt/socore/html/packages
{% if grains.role in ['so-manager', 'so-managersearch', 'so-eval', 'so-standalone', 'so-import'] %}
- /etc/pki/managerssl.crt:/etc/pki/nginx/server.crt:ro
- /etc/pki/managerssl.key:/etc/pki/nginx/server.key:ro

6
salt/ssl/init.sls
View File

@@ -210,19 +210,19 @@ chownilogstashelasticfleetp8:
# Create Symlinks to the keys so I can distribute it to all the things
elasticfleetdircerts:
file.directory:
- name: /opt/so/saltstack/local/salt/elastic-fleet/files/certs
- name: /opt/so/saltstack/local/salt/elasticfleet/files/certs
- makedirs: True
efkeylink:
file.symlink:
- name: /opt/so/saltstack/local/salt/elastic-fleet/files/certs/elasticfleet.p8
- name: /opt/so/saltstack/local/salt/elasticfleet/files/certs/elasticfleet.p8
- target: /etc/pki/elasticfleet.p8
- user: socore
- group: socore
efcrtlink:
file.symlink:
- name: /opt/so/saltstack/local/salt/elastic-fleet/files/certs/elasticfleet.crt
- name: /opt/so/saltstack/local/salt/elasticfleet/files/certs/elasticfleet.crt
- target: /etc/pki/elasticfleet.crt
- user: socore
- group: socore

18
salt/top.sls
View File

@@ -59,7 +59,7 @@ base:
{%- endif %}
- schedule
- docker_clean
- elastic-fleet.install_agent_grid
- elasticfleet.install_agent_grid
'*_eval and G@saltversion:{{saltversion}}':
- match: compound
@@ -147,7 +147,7 @@ base:
- schedule
- soctopus
- playbook
- elastic-fleet
- elasticfleet
- docker_clean
'*_standalone and G@saltversion:{{saltversion}}':
@@ -198,7 +198,7 @@ base:
- schedule
- soctopus
- playbook
- elastic-fleet
- elasticfleet
- docker_clean
'*_searchnode and G@saltversion:{{saltversion}}':
@@ -215,7 +215,7 @@ base:
- logstash
{%- endif %}
- schedule
- elastic-fleet.install_agent_grid
- elasticfleet.install_agent_grid
- docker_clean
'*_managersearch and G@saltversion:{{saltversion}}':
@@ -257,7 +257,7 @@ base:
- schedule
- soctopus
- playbook
- elastic-fleet
- elasticfleet
- docker_clean
'*_heavynode and G@saltversion:{{saltversion}}':
@@ -286,7 +286,7 @@ base:
- zeek
{%- endif %}
- schedule
- elastic-fleet.install_agent_grid
- elasticfleet.install_agent_grid
- docker_clean
'*_import and G@saltversion:{{saltversion}}':
@@ -317,7 +317,7 @@ base:
- suricata
- zeek
- schedule
- elastic-fleet
- elasticfleet
- docker_clean
'*_receiver and G@saltversion:{{saltversion}}':
@@ -333,7 +333,7 @@ base:
- redis
{%- endif %}
- schedule
- elastic-fleet.install_agent_grid
- elasticfleet.install_agent_grid
- docker_clean
'*_idh and G@saltversion:{{saltversion}}':
@@ -343,7 +343,7 @@ base:
- telegraf
- firewall
- schedule
- elastic-fleet.install_agent_grid
- elasticfleet.install_agent_grid
- docker_clean
- idh