CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Master Module - Add certs for Docker Registry

Browse Source
This commit is contained in:
Mike Reeves
2018-06-04 11:11:17 -04:00
parent cf4d12e980
commit 5ee6f38980
2 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
salt/master/files/registry/config.yml
View File

@@ -11,6 +11,9 @@ http:
addr: :5000 addr: :5000
headers: headers:
X-Content-Type-Options: [nosniff] X-Content-Type-Options: [nosniff]
tls:
certificate: /etc/pki/registry.crt
key: /etc/pki/registry.key
health: health:
storagedriver: storagedriver:
enabled: true enabled: true

3
salt/ssl/init.sls
View File

@@ -7,6 +7,7 @@
x509.pem_managed: x509.pem_managed:
- text: {{ salt['mine.get'](master, 'x509.get_pem_entries')[master]['/etc/pki/ca.crt']|replace('\n', '') }} - text: {{ salt['mine.get'](master, 'x509.get_pem_entries')[master]['/etc/pki/ca.crt']|replace('\n', '') }}
{% if grains['role'] == 'so-master' %}
# Request a cert and drop it where it needs to go to be distributed # Request a cert and drop it where it needs to go to be distributed
/etc/pki/filebeat.crt: /etc/pki/filebeat.crt:
x509.certificate_managed: x509.certificate_managed:
@@ -36,3 +37,5 @@
name: /etc/pki/registry.key name: /etc/pki/registry.key
bits: 4096 bits: 4096
backup: True backup: True
{% endif %}