mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-22 17:03:07 +01:00
Josh Patterson
GitHub
@@ -2,6 +2,7 @@
|
||||
{% if sls in allowed_states %}
|
||||
|
||||
{% set role = grains.id.split('_') | last %}
|
||||
{% set managerupdates = salt['pillar.get']('global:managerupdate', '0') %}
|
||||
|
||||
# Remove variables.txt from /tmp - This is temp
|
||||
rmvariablesfile:
|
||||
@@ -64,7 +65,7 @@ salttmp:
|
||||
- group: 939
|
||||
- makedirs: True
|
||||
|
||||
# Install epel
|
||||
# Remove default Repos
|
||||
{% if grains['os'] == 'CentOS' %}
|
||||
repair_yumdb:
|
||||
cmd.run:
|
||||
@@ -72,6 +73,69 @@ repair_yumdb:
|
||||
- onlyif:
|
||||
- 'yum check-update 2>&1 | grep "Error: rpmdb open failed"'
|
||||
|
||||
crbase:
|
||||
file.absent:
|
||||
- name: /etc/yum.repos.d/CentOS-Base.repo
|
||||
|
||||
crcr:
|
||||
file.absent:
|
||||
- name: /etc/yum.repos.d/CentOS-CR.repo
|
||||
|
||||
crdebug:
|
||||
file.absent:
|
||||
- name: /etc/yum.repos.d/CentOS-Debuginfo.repo
|
||||
|
||||
crdockerce:
|
||||
file.absent:
|
||||
- name: /etc/yum.repos.d/docker-ce.repo
|
||||
|
||||
crfasttrack:
|
||||
file.absent:
|
||||
- name: /etc/yum.repos.d/CentOS-fasttrack.repo
|
||||
|
||||
crmedia:
|
||||
file.absent:
|
||||
- name: /etc/yum.repos.d/CentOS-Media.repo
|
||||
|
||||
crsources:
|
||||
file.absent:
|
||||
- name: /etc/yum.repos.d/CentOS-Sources.repo
|
||||
|
||||
crvault:
|
||||
file.absent:
|
||||
- name: /etc/yum.repos.d/CentOS-Vault.repo
|
||||
|
||||
crkernel:
|
||||
file.absent:
|
||||
- name: /etc/yum.repos.d/CentOS-x86_64-kernel.repo
|
||||
|
||||
crepel:
|
||||
file.absent:
|
||||
- name: /etc/yum.repos.d/epel.repo
|
||||
|
||||
crtesting:
|
||||
file.absent:
|
||||
- name: /etc/yum.repos.d/epel-testing.repo
|
||||
|
||||
crssrepo:
|
||||
file.absent:
|
||||
- name: /etc/yum.repos.d/saltstack.repo
|
||||
|
||||
crwazrepo:
|
||||
file.absent:
|
||||
- name: /etc/yum.repos.d/wazuh.repo
|
||||
|
||||
crsecurityonionrepo:
|
||||
file.managed:
|
||||
{% if role in ['eval', 'standalone', 'import', 'manager', 'managersearch'] or managerupdates == 0 %}
|
||||
- name: /etc/yum.repos.d/securityonion.repo
|
||||
- source: salt://common/yum_repos/securityonion.repo
|
||||
{% else %}
|
||||
- name: /etc/yum.repos.d/securityonioncache.repo
|
||||
- source: salt://common/yum_repos/securityonioncache.repo
|
||||
{% endif %}
|
||||
- mode: 644
|
||||
|
||||
{% endif %}
|
||||
|
||||
# Install common packages
|
||||
|
||||
64
salt/common/yum_repos/securityonion.repo
Normal file
64
salt/common/yum_repos/securityonion.repo
Normal file
@@ -0,0 +1,64 @@
|
||||
[base]
|
||||
name=CentOS-$releasever - Base
|
||||
baseurl=https://repo.securityonion.net/file/securityonion-repo/base/
|
||||
gpgcheck=1
|
||||
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
|
||||
|
||||
#released updates
|
||||
[updates]
|
||||
name=CentOS-$releasever - Updates
|
||||
baseurl=https://repo.securityonion.net/file/securityonion-repo/updates/
|
||||
gpgcheck=1
|
||||
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
|
||||
|
||||
#additional packages that may be useful
|
||||
[extras]
|
||||
name=CentOS-$releasever - Extras
|
||||
baseurl=https://repo.securityonion.net/file/securityonion-repo/extras/
|
||||
gpgcheck=1
|
||||
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
|
||||
|
||||
#additional packages that extend functionality of existing packages
|
||||
[centosplus]
|
||||
name=CentOS-$releasever - Plus
|
||||
baseurl=https://repo.securityonion.net/file/securityonion-repo/centosplus/
|
||||
gpgcheck=1
|
||||
enabled=0
|
||||
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
|
||||
|
||||
[epel]
|
||||
name=Extra Packages for Enterprise Linux 7 - $basearch
|
||||
baseurl=https://repo.securityonion.net/file/securityonion-repo/epel/
|
||||
enabled=1
|
||||
gpgcheck=1
|
||||
gpgkey=https://repo.securityonion.net/file/securityonion-repo/keys/RPM-GPG-KEY-EPEL-7
|
||||
|
||||
[docker-ce-stable]
|
||||
name=Docker CE Stable - $basearch
|
||||
baseurl=https://repo.securityonion.net/file/securityonion-repo/docker-ce-stable
|
||||
enabled=1
|
||||
gpgcheck=1
|
||||
gpgkey=https://repo.securityonion.net/file/securityonion-repo/keys/docker.pub
|
||||
|
||||
[saltstack]
|
||||
name=SaltStack repo for RHEL/CentOS $releasever PY3
|
||||
baseurl=https://repo.securityonion.net/file/securityonion-repo/saltstack/
|
||||
enabled=1
|
||||
gpgcheck=1
|
||||
gpgkey=https://repo.securityonion.net/file/securityonion-repo/keys/SALTSTACK-GPG-KEY.pub
|
||||
|
||||
[wazuh_repo]
|
||||
gpgcheck=1
|
||||
gpgkey=https://repo.securityonion.net/file/securityonion-repo/keys/GPG-KEY-WAZUH
|
||||
enabled=1
|
||||
name=Wazuh repository
|
||||
baseurl=https://repo.securityonion.net/file/securityonion-repo/wazuh_repo/
|
||||
protect=1
|
||||
|
||||
[wazuh4_repo]
|
||||
gpgcheck=1
|
||||
gpgkey=https://repo.securityonion.net/file/securityonion-repo/keys/GPG-KEY-WAZUH
|
||||
enabled=1
|
||||
name=Wazuh repository
|
||||
baseurl=https://repo.securityonion.net/file/securityonion-repo/wazuh4_repo/
|
||||
protect=1
|
||||
64
salt/common/yum_repos/securityonioncache.repo
Normal file
64
salt/common/yum_repos/securityonioncache.repo
Normal file
@@ -0,0 +1,64 @@
|
||||
[base]
|
||||
name=CentOS-$releasever - Base
|
||||
baseurl=http://repocache.securityonion.net/file/securityonion-repo/base/
|
||||
gpgcheck=1
|
||||
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
|
||||
|
||||
#released updates
|
||||
[updates]
|
||||
name=CentOS-$releasever - Updates
|
||||
baseurl=http://repocache.securityonion.net/file/securityonion-repo/updates/
|
||||
gpgcheck=1
|
||||
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
|
||||
|
||||
#additional packages that may be useful
|
||||
[extras]
|
||||
name=CentOS-$releasever - Extras
|
||||
baseurl=http://repocache.securityonion.net/file/securityonion-repo/extras/
|
||||
gpgcheck=1
|
||||
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
|
||||
|
||||
#additional packages that extend functionality of existing packages
|
||||
[centosplus]
|
||||
name=CentOS-$releasever - Plus
|
||||
baseurl=http://repocache.securityonion.net/file/securityonion-repo/centosplus/
|
||||
gpgcheck=1
|
||||
enabled=0
|
||||
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
|
||||
|
||||
[epel]
|
||||
name=Extra Packages for Enterprise Linux 7 - $basearch
|
||||
baseurl=http://repocache.securityonion.net/file/securityonion-repo/epel/
|
||||
enabled=1
|
||||
gpgcheck=1
|
||||
gpgkey=https://repo.securityonion.net/file/securityonion-repo/keys/RPM-GPG-KEY-EPEL-7
|
||||
|
||||
[docker-ce-stable]
|
||||
name=Docker CE Stable - $basearch
|
||||
baseurl=http://repocache.securityonion.net/file/securityonion-repo/docker-ce-stable
|
||||
enabled=1
|
||||
gpgcheck=1
|
||||
gpgkey=https://repo.securityonion.net/file/securityonion-repo/keys/docker.pub
|
||||
|
||||
[saltstack]
|
||||
name=SaltStack repo for RHEL/CentOS $releasever PY3
|
||||
baseurl=http://repocache.securityonion.net/file/securityonion-repo/saltstack/
|
||||
enabled=1
|
||||
gpgcheck=1
|
||||
gpgkey=https://repo.securityonion.net/file/securityonion-repo/keys/SALTSTACK-GPG-KEY.pub
|
||||
|
||||
[wazuh_repo]
|
||||
gpgcheck=1
|
||||
gpgkey=https://repo.securityonion.net/file/securityonion-repo/keys/GPG-KEY-WAZUH
|
||||
enabled=1
|
||||
name=Wazuh repository
|
||||
baseurl=http://repocache.securityonion.net/file/securityonion-repo/wazuh_repo/
|
||||
protect=1
|
||||
|
||||
[wazuh4_repo]
|
||||
gpgcheck=1
|
||||
gpgkey=https://repo.securityonion.net/file/securityonion-repo/keys/GPG-KEY-WAZUH
|
||||
enabled=1
|
||||
name=Wazuh repository
|
||||
baseurl=https://repo.securityonion.net/file/securityonion-repo/wazuh4_repo/
|
||||
protect=1
|
||||
Reference in New Issue
Block a user