From 1ef63f3a23ed69a539c012031be1f61b16997912 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Wed, 8 Dec 2021 09:08:46 -0500
Subject: [PATCH] ssl things for so-receiver

---
 salt/logstash/init.sls | 4 ++++
 salt/ssl/init.sls      | 4 ++--
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/salt/logstash/init.sls b/salt/logstash/init.sls
index 069b2f7bd..5160e6607 100644
--- a/salt/logstash/init.sls
+++ b/salt/logstash/init.sls
@@ -46,7 +46,9 @@
 
 include:
   - ssl
+{% if grains.role not in ['so-receiver'] %}
   - elasticsearch
+{% endif %}
 
 # Create the logstash group
 logstashgroup:
@@ -210,8 +212,10 @@ so-logstash:
   {% else %}
       - x509: pki_public_ca_crt
   {% endif %}
+  {% if grains.role not in ['so-receiver'] %}
       - file: cacertz
       - file: capemz
+  {% endif %}
 
 append_so-logstash_so-status.conf:
   file.append:
diff --git a/salt/ssl/init.sls b/salt/ssl/init.sls
index 43d789e75..7d485a895 100644
--- a/salt/ssl/init.sls
+++ b/salt/ssl/init.sls
@@ -115,7 +115,7 @@ influxkeyperms:
     - mode: 640
     - group: 939
 
-{% if grains['role'] in ['so-manager', 'so-eval', 'so-helix', 'so-managersearch', 'so-standalone', 'so-import', 'so-heavynode', 'so-fleet'] %}
+{% if grains['role'] in ['so-manager', 'so-eval', 'so-helix', 'so-managersearch', 'so-standalone', 'so-import', 'so-heavynode', 'so-fleet', 'so-receiver'] %}
 # Create a cert for Redis encryption
 redis_key:
   x509.private_key_managed:
@@ -484,7 +484,7 @@ fleetkeyperms:
     - group: 939
 
 {% endif %}
-{% if grains['role'] in ['so-sensor', 'so-manager', 'so-node', 'so-eval', 'so-helix', 'so-managersearch', 'so-heavynode', 'so-fleet', 'so-standalone', 'so-import'] %}
+{% if grains['role'] in ['so-sensor', 'so-manager', 'so-node', 'so-eval', 'so-helix', 'so-managersearch', 'so-heavynode', 'so-fleet', 'so-standalone', 'so-import', 'so-receiver'] %}
    
 fbcertdir:
   file.directory: