Move In Day

2025-12-21 16:33:08 +01:00 · 2022-09-07 09:06:25 -04:00
parent dcb7b49dbe
commit 2bd9dd80e2
611 changed files with 8015 additions and 16211 deletions
--- a/salt/playbook/OLD_db_init.sls
+++ b/salt/playbook/OLD_db_init.sls
@@ -1,14 +0,0 @@
-
-# This state will import the initial default playbook database. 
-# If there is an existing playbook database, it will be overwritten - no backups are made.
-
-include:
-  - mysql
-
-salt://playbook/files/OLD_playbook_db_init.sh:
-  cmd.script:
-    - cwd: /root
-    - template: jinja
-
-'sleep 5':
-  cmd.run
--- a/salt/playbook/automation_user_create.sls
+++ b/salt/playbook/automation_user_create.sls
@@ -1,4 +1,4 @@
-{% set MAINIP = salt['pillar.get']('global:managerip') %}
+{% from 'vars/globals.map.jinja' import GLOBALS %}

 # This state will create the SecOps Automation user within Playbook

@@ -7,7 +7,7 @@ include:
  
 wait_for_playbook:
  cmd.run:
-    - name: until nc -z {{ MAINIP }} 3200; do sleep 1; done
+    - name: until nc -z {{ GLOBALS.manager_ip }} 3200; do sleep 1; done
    - timeout: 300

 create_user:
--- a/salt/playbook/files/OLD_playbook_db_init.sh
+++ b/salt/playbook/files/OLD_playbook_db_init.sh
@@ -1,8 +0,0 @@
-#!/bin/sh
-
-# {%- set MYSQLPASS = salt['pillar.get']('secrets:mysql', None) %}
-
-default_salt_dir=/opt/so/saltstack/default
-
-docker cp $default_salt_dir/salt/playbook/files/OLD_playbook_db_init.sql so-mysql:/tmp/playbook_db_init.sql
-docker exec so-mysql /bin/bash -c "/usr/bin/mysql -b  -uroot -p{{MYSQLPASS}}  < /tmp/playbook_db_init.sql"
--- a/salt/playbook/files/OLD_playbook_db_init.sql
+++ b/salt/playbook/files/OLD_playbook_db_init.sql
--- a/salt/playbook/files/automation_user_create.sh
+++ b/salt/playbook/files/automation_user_create.sh
@@ -37,15 +37,8 @@ while [[ $try_count -le 6 ]]; do
                \"user_id\" : ${automation_user_id}
            }"

-        # Search for the needed keys in the global pillar file, if missing then add them
-        if (grep -Pzq 'playbook:\n  api_key:.*' $local_salt_dir/pillar/global.sls); then
-            sed -e '1h;2,$H;$!d;g' -e "s/playbook:\n  api_key:.*/playbook:\n  api_key: ${automation_api_key}/m" -i $local_salt_dir/pillar/global.sls
-        else
-            {
-                echo "playbook:"
-                echo "  api_key: ${automation_api_key}" 
-            } >> $local_salt_dir/pillar/global.sls
-        fi
+        # Update the Automation API key in the secrets pillar
+        sed "s/playbook_automation_api_key:/playbook_automation_api_key: ${automation_api_key}/g" -i $local_salt_dir/pillar/secrets.sls 
        exit 0
    fi
    ((try_count++))
--- a/salt/playbook/init.sls
+++ b/salt/playbook/init.sls
@@ -1,14 +1,14 @@
+# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
+# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
+# https://securityonion.net/license; you may not use this file except in compliance with the
+# Elastic License 2.0.
+
 {% from 'allowed_states.map.jinja' import allowed_states %}
 {% if sls in allowed_states %}
+{% from 'vars/globals.map.jinja' import GLOBALS %}

-{% set MANAGERIP = salt['pillar.get']('manager:mainip', '') %}
-{% set VERSION = salt['pillar.get']('global:soversion', 'HH1.2.2') %}
-{% set IMAGEREPO = salt['pillar.get']('global:imagerepo') %}
-{% set MANAGER = salt['grains.get']('master') %}
-{% set MAINIP = salt['grains.get']('ip_interfaces').get(salt['pillar.get']('sensor:mainint', salt['pillar.get']('manager:mainint', salt['pillar.get']('elasticsearch:mainint', salt['pillar.get']('host:mainint')))))[0] %}
-{%- set MYSQLPASS = salt['pillar.get']('secrets:mysql', None) -%}
-{%- set PLAYBOOKPASS = salt['pillar.get']('secrets:playbook_db', None) -%}
-{%- set DNET = salt['pillar.get']('global:dockernet', '172.17.0.0') %}
+{%- set MYSQLPASS = salt['pillar.get']('secrets:mysql') -%}
+{%- set PLAYBOOKPASS = salt['pillar.get']('secrets:playbook_db') -%}


 include:
@@ -18,8 +18,8 @@ create_playbookdbuser:
  mysql_user.present:
    - name: playbookdbuser
    - password: {{ PLAYBOOKPASS }}
-    - host: {{ DNET }}/255.255.255.0
-    - connection_host: {{ MAINIP }}
+    - host: "{{ GLOBALS.docker_range.split('/')[0] }}/255.255.255.0"
+    - connection_host: {{ GLOBALS.manager_ip }}
    - connection_port: 3306
    - connection_user: root
    - connection_pass: {{ MYSQLPASS }}
@@ -27,8 +27,8 @@ create_playbookdbuser:
 query_playbookdbuser_grants:
  mysql_query.run:
    - database: playbook
-    - query:    "GRANT ALL ON playbook.* TO 'playbookdbuser'@'{{ DNET }}/255.255.255.0';"
-    - connection_host: {{ MAINIP }}
+    - query:    "GRANT ALL ON playbook.* TO 'playbookdbuser'@'{{ GLOBALS.docker_range.split('/')[0] }}/255.255.255.0';"
+    - connection_host: {{ GLOBALS.manager_ip }}
    - connection_port: 3306
    - connection_user: root
    - connection_pass: {{ MYSQLPASS }}
@@ -36,21 +36,12 @@ query_playbookdbuser_grants:
 query_updatwebhooks:
  mysql_query.run:
    - database: playbook
-    - query:    "update webhooks set url = 'http://{{MANAGERIP}}:7000/playbook/webhook' where project_id = 1"
-    - connection_host: {{ MAINIP }}
+    - query:    "update webhooks set url = 'http://{{ GLOBALS.manager_ip }}:7000/playbook/webhook' where project_id = 1"
+    - connection_host: {{ GLOBALS.manager_ip }}
    - connection_port: 3306
    - connection_user: root
    - connection_pass: {{ MYSQLPASS }}

-query_updatename:
-  mysql_query.run:
-    - database: playbook
-    - query:    "update custom_fields set name = 'Custom Filter' where id = 21;"
-    - connection_host: {{ MAINIP }}
-    - connection_port: 3306
-    - connection_user: root
-    - connection_pass: {{ MYSQLPASS }}   
-
 query_updatepluginurls:
  mysql_query.run:
    - database: playbook
@@ -58,10 +49,10 @@ query_updatepluginurls:
        update settings set value = 
        "--- !ruby/hash:ActiveSupport::HashWithIndifferentAccess
        project: '1'
-        convert_url: http://{{MANAGERIP}}:7000/playbook/sigmac
-        create_url: http://{{MANAGERIP}}:7000/playbook/play"
+        convert_url: http://{{ GLOBALS.manager_ip }}:7000/playbook/sigmac
+        create_url: http://{{ GLOBALS.manager_ip }}:7000/playbook/play"
        where id  = 43
-    - connection_host: {{ MAINIP }}
+    - connection_host: {{ GLOBALS.manager_ip }}
    - connection_port: 3306
    - connection_user: root
    - connection_pass: {{ MYSQLPASS }}
@@ -86,13 +77,13 @@ playbook_password_none:

 so-playbook:
  docker_container.running:
-    - image: {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-playbook:{{ VERSION }}
+    - image: {{ GLOBALS.registry_host }}:5000/{{ GLOBALS.image_repo }}/so-playbook:{{ GLOBALS.so_version }}
    - hostname: playbook
    - name: so-playbook
    - binds:
      - /opt/so/log/playbook:/playbook/log:rw
    - environment:
-      - REDMINE_DB_MYSQL={{ MANAGERIP }}
+      - REDMINE_DB_MYSQL={{ GLOBALS.manager_ip }}
      - REDMINE_DB_DATABASE=playbook
      - REDMINE_DB_USERNAME=playbookdbuser
      - REDMINE_DB_PASSWORD={{ PLAYBOOKPASS }}