enabled/disable registry in ui

2026-01-30 11:54:13 +01:00 · 2023-05-12 15:49:13 -04:00
parent 0860b1501e
commit 277ad61920
8 changed files with 60 additions and 0 deletions
--- a/salt/manager/tools/sbin/so-minion
+++ b/salt/manager/tools/sbin/so-minion
@@ -324,6 +324,13 @@ function add_soc_to_minion() {
 	"  " >> $PILLARFILE
 }

+function add_registry_to_minion() {
+    printf '%s\n'\
+    "registry:"\
+    "  enabled: True"\
+	"  " >> $PILLARFILE
+}
+
 function create_fleet_policy() {

 	JSON_STRING=$( jq -n \
@@ -379,6 +386,7 @@ function createEVAL() {
 	add_nginx_to_minion
 	add_soctopus_to_minion
 	add_soc_to_minion
+	add_registry_to_minion
 }

 function createSTANDALONE() {
@@ -396,6 +404,7 @@ function createSTANDALONE() {
 	add_nginx_to_minion
 	add_soctopus_to_minion
 	add_soc_to_minion
+	add_registry_to_minion
 }

 function createMANAGER() {
@@ -411,6 +420,7 @@ function createMANAGER() {
 	add_nginx_to_minion
 	add_soctopus_to_minion
 	add_soc_to_minion
+	add_registry_to_minion
 }

 function createMANAGERSEARCH() {
@@ -426,6 +436,7 @@ function createMANAGERSEARCH() {
 	add_nginx_to_minion
 	add_soctopus_to_minion
 	add_soc_to_minion
+	add_registry_to_minion
 }

 function createIMPORT() {
@@ -436,6 +447,7 @@ function createIMPORT() {
 	add_influxdb_to_minion
 	add_nginx_to_minion
 	add_soc_to_minion
+	add_registry_to_minion
 }

 function createFLEET() {
--- a/salt/registry/config.sls
+++ b/salt/registry/config.sls
--- a/salt/registry/defaults.yaml
+++ b/salt/registry/defaults.yaml
--- a/salt/registry/disabled.sls
+++ b/salt/registry/disabled.sls
@@ -0,0 +1,27 @@
+# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
+# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
+# https://securityonion.net/license; you may not use this file except in compliance with the
+# Elastic License 2.0.
+
+{% from 'allowed_states.map.jinja' import allowed_states %}
+{% if sls.split('.')[0] in allowed_states %}
+
+include:
+  - registry.sostatus
+  
+so-registry:
+  docker_container.absent:
+    - force: True
+
+so-registry_so-status.disabled:
+  file.comment:
+    - name: /opt/so/conf/so-status/so-status.conf
+    - regex: ^so-registry$
+
+{% else %}
+
+{{sls}}_state_not_allowed:
+  test.fail_without_changes:
+    - name: {{sls}}_state_not_allowed
+
+{% endif %}
--- a/salt/registry/enabled.sls
+++ b/salt/registry/enabled.sls
--- a/salt/registry/map.jinja
+++ b/salt/registry/map.jinja
--- a/salt/registry/soc_registry.yaml
+++ b/salt/registry/soc_registry.yaml
--- a/salt/registry/sostatus.sls
+++ b/salt/registry/sostatus.sls
@@ -0,0 +1,21 @@
+# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
+# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
+# https://securityonion.net/license; you may not use this file except in compliance with the
+# Elastic License 2.0.
+
+{% from 'allowed_states.map.jinja' import allowed_states %}
+{% if sls.split('.')[0] in allowed_states %}
+
+append_so-registry_so-status.conf:
+  file.append:
+    - name: /opt/so/conf/so-status/so-status.conf
+    - text: so-registry
+    - unless: grep -q so-registry /opt/so/conf/so-status/so-status.conf
+
+{% else %}
+
+{{sls}}_state_not_allowed:
+  test.fail_without_changes:
+    - name: {{sls}}_state_not_allowed
+
+{% endif %}