CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-09 18:52:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Move In Day

Browse Source
This commit is contained in:
Mike Reeves
2022-09-07 09:06:25 -04:00
parent dcb7b49dbe
commit 2bd9dd80e2
611 changed files with 8015 additions and 16211 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
salt/playbook/init.sls
View File

@@ -1,14 +1,14 @@
# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
# https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0.
{% from 'allowed_states.map.jinja' import allowed_states %}
{% if sls in allowed_states %}
{% from 'vars/globals.map.jinja' import GLOBALS %}
{% set MANAGERIP = salt['pillar.get']('manager:mainip', '') %}
{% set VERSION = salt['pillar.get']('global:soversion', 'HH1.2.2') %}
{% set IMAGEREPO = salt['pillar.get']('global:imagerepo') %}
{% set MANAGER = salt['grains.get']('master') %}
{% set MAINIP = salt['grains.get']('ip_interfaces').get(salt['pillar.get']('sensor:mainint', salt['pillar.get']('manager:mainint', salt['pillar.get']('elasticsearch:mainint', salt['pillar.get']('host:mainint')))))[0] %}
{%- set MYSQLPASS = salt['pillar.get']('secrets:mysql', None) -%}
{%- set PLAYBOOKPASS = salt['pillar.get']('secrets:playbook_db', None) -%}
{%- set DNET = salt['pillar.get']('global:dockernet', '172.17.0.0') %}
{%- set MYSQLPASS = salt['pillar.get']('secrets:mysql') -%}
{%- set PLAYBOOKPASS = salt['pillar.get']('secrets:playbook_db') -%}
include:
@@ -18,8 +18,8 @@ create_playbookdbuser:
mysql_user.present:
- name: playbookdbuser
- password: {{ PLAYBOOKPASS }}
- host: {{ DNET }}/255.255.255.0
- connection_host: {{ MAINIP }}
- host: "{{ GLOBALS.docker_range.split('/')[0] }}/255.255.255.0"
- connection_host: {{ GLOBALS.manager_ip }}
- connection_port: 3306
- connection_user: root
- connection_pass: {{ MYSQLPASS }}
@@ -27,8 +27,8 @@ create_playbookdbuser:
query_playbookdbuser_grants:
mysql_query.run:
- database: playbook
- query: "GRANT ALL ON playbook.* TO 'playbookdbuser'@'{{ DNET }}/255.255.255.0';"
- connection_host: {{ MAINIP }}
- query: "GRANT ALL ON playbook.* TO 'playbookdbuser'@'{{ GLOBALS.docker_range.split('/')[0] }}/255.255.255.0';"
- connection_host: {{ GLOBALS.manager_ip }}
- connection_port: 3306
- connection_user: root
- connection_pass: {{ MYSQLPASS }}
@@ -36,21 +36,12 @@ query_playbookdbuser_grants:
query_updatwebhooks:
mysql_query.run:
- database: playbook
- query: "update webhooks set url = 'http://{{MANAGERIP}}:7000/playbook/webhook' where project_id = 1"
- connection_host: {{ MAINIP }}
- query: "update webhooks set url = 'http://{{ GLOBALS.manager_ip }}:7000/playbook/webhook' where project_id = 1"
- connection_host: {{ GLOBALS.manager_ip }}
- connection_port: 3306
- connection_user: root
- connection_pass: {{ MYSQLPASS }}
query_updatename:
mysql_query.run:
- database: playbook
- query: "update custom_fields set name = 'Custom Filter' where id = 21;"
- connection_host: {{ MAINIP }}
- connection_port: 3306
- connection_user: root
- connection_pass: {{ MYSQLPASS }}
query_updatepluginurls:
mysql_query.run:
- database: playbook
@@ -58,10 +49,10 @@ query_updatepluginurls:
update settings set value =
"--- !ruby/hash:ActiveSupport::HashWithIndifferentAccess
project: '1'
convert_url: http://{{MANAGERIP}}:7000/playbook/sigmac
create_url: http://{{MANAGERIP}}:7000/playbook/play"
convert_url: http://{{ GLOBALS.manager_ip }}:7000/playbook/sigmac
create_url: http://{{ GLOBALS.manager_ip }}:7000/playbook/play"
where id = 43
- connection_host: {{ MAINIP }}
- connection_host: {{ GLOBALS.manager_ip }}
- connection_port: 3306
- connection_user: root
- connection_pass: {{ MYSQLPASS }}
@@ -86,13 +77,13 @@ playbook_password_none:
so-playbook:
docker_container.running:
- image: {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-playbook:{{ VERSION }}
- image: {{ GLOBALS.registry_host }}:5000/{{ GLOBALS.image_repo }}/so-playbook:{{ GLOBALS.so_version }}
- hostname: playbook
- name: so-playbook
- binds:
- /opt/so/log/playbook:/playbook/log:rw
- environment:
- REDMINE_DB_MYSQL={{ MANAGERIP }}
- REDMINE_DB_MYSQL={{ GLOBALS.manager_ip }}
- REDMINE_DB_DATABASE=playbook
- REDMINE_DB_USERNAME=playbookdbuser
- REDMINE_DB_PASSWORD={{ PLAYBOOKPASS }}