CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-21 16:33:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fleet standalone - custom hostnames

Browse Source
This commit is contained in:
Josh Brower
2020-06-03 15:52:18 -04:00
parent eaacb7b71e
commit 3d92145bb9
7 changed files with 63 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
salt/ssl/init.sls
View File

@@ -5,6 +5,7 @@
{% set global_ca_server = [] %}
{% set MAININT = salt['pillar.get']('host:mainint') %}
{% set MAINIP = salt['grains.get']('ip_interfaces').get(MAININT)[0] %}
{% set CUSTOM_FLEET_HOSTNAME = salt['pillar.get']('static:fleet_custom_hostname', None) %}
{% if grains.id.split('_')|last in ['master', 'eval', 'standalone'] %}
{% set trusttheca_text = salt['mine.get'](grains.id, 'x509.get_pem_entries')[grains.id]['/etc/pki/ca.crt']|replace('\n', '') %}
@@ -201,6 +202,7 @@ chownfilebeatp8:
- signing_policy: masterssl
- public_key: /etc/pki/masterssl.key
- CN: {{ HOSTNAME }}
- subjectAltName: DNS:{{ HOSTNAME }}, IP:{{ MAINIP }} {% if CUSTOM_FLEET_HOSTNAME != None %},DNS:{{ CUSTOM_FLEET_HOSTNAME }} {% endif %}
- days_remaining: 0
- days_valid: 820
- backup: True
@@ -223,7 +225,7 @@ chownfilebeatp8:
x509.certificate_managed:
- signing_private_key: /etc/pki/fleet.key
- CN: {{ HOSTNAME }}
- subjectAltName: DNS:{{ HOSTNAME }}, IP:{{ MAINIP }}
- subjectAltName: DNS:{{ HOSTNAME }}, IP:{{ MAINIP }} {% if CUSTOM_FLEET_HOSTNAME != None %},DNS:{{ CUSTOM_FLEET_HOSTNAME }} {% endif %}
- days_remaining: 0
- days_valid: 820
- backup: True