CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-20 07:53:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

use port_bindings from docker defaults in docker states

Browse Source
This commit is contained in:
m0duspwnens
2023-01-13 10:15:10 -05:00
parent a69b0951d3
commit 6033e9a0de
17 changed files with 56 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
salt/elastic-fleet-package-registry/init.sls
View File

@@ -34,7 +34,9 @@ so-elastic-fleet-package-registry:
- extra_hosts:
- {{ GLOBALS.hostname }}:{{ GLOBALS.node_ip }}
- port_bindings:
- 0.0.0.0:8080:8080
{% for BINDING in DOCKER.containers['so-elastic-fleet-package-registry'].port_bindings %}
- {{ BINDING }}
{% endfor %}
append_so-elastic-fleet-package-registry_so-status.conf:
file.append:

4
salt/elastic-fleet/init.sls
View File

@@ -54,7 +54,9 @@ so-elastic-fleet:
- extra_hosts:
- {{ GLOBALS.hostname }}:{{ GLOBALS.node_ip }}
- port_bindings:
- 0.0.0.0:8220:8220
{% for BINDING in DOCKER.containers['so-elastic-fleet'].port_bindings %}
- {{ BINDING }}
{% endfor %}
- binds:
- /opt/so/conf/elastic-fleet/certs:/etc/pki:ro
- /opt/so/conf/elastic-fleet/state:/usr/share/elastic-agent/state:rw

5
salt/elasticsearch/init.sls
View File

@@ -304,8 +304,9 @@ so-elasticsearch:
- nofile=65536:65536
- nproc=4096
- port_bindings:
- 0.0.0.0:9200:9200
- 0.0.0.0:9300:9300
{% for BINDING in DOCKER.containers['so-elasticsearch'].port_bindings %}
- {{ BINDING }}
{% endfor %}
- binds:
- /opt/so/conf/elasticsearch/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml:ro
- /opt/so/conf/elasticsearch/log4j2.properties:/usr/share/elasticsearch/config/log4j2.properties:ro

6
salt/filebeat/init.sls
View File

@@ -116,9 +116,9 @@ so-filebeat:
- /etc/ssl/certs/intca.crt:/usr/share/filebeat/intraca.crt:ro
- /opt/so/log:/logs:ro
- port_bindings:
- 0.0.0.0:514:514/udp
- 0.0.0.0:514:514/tcp
- 0.0.0.0:5066:5066/tcp
{% for BINDING in DOCKER.containers['so-filebeat'].port_bindings %}
- {{ BINDING }}
{% endfor %}
{% for module in MODULESMERGED.modules.keys() %}
{% for submodule in MODULESMERGED.modules[module] %}
{% if MODULESMERGED.modules[module][submodule].enabled and MODULESMERGED.modules[module][submodule]["var.syslog_port"] is defined %}

4
salt/grafana/init.sls
View File

@@ -138,7 +138,9 @@ so-grafana:
- environment:
- GF_SECURITY_ADMIN_PASSWORD={{ ADMINPASS }}
- port_bindings:
- 0.0.0.0:3000:3000
{% for BINDING in DOCKER.containers['so-grafana'].port_bindings %}
- {{ BINDING }}
{% endfor %}
- watch:
- file: /opt/so/conf/grafana/*
- require:

4
salt/influxdb/init.sls
View File

@@ -60,7 +60,9 @@ so-influxdb:
- /etc/pki/influxdb.crt:/etc/ssl/influxdb.crt:ro
- /etc/pki/influxdb.key:/etc/ssl/influxdb.key:ro
- port_bindings:
- 0.0.0.0:8086:8086
{% for BINDING in DOCKER.containers['so-influxdb'].port_bindings %}
- {{ BINDING }}
{% endfor %}
- watch:
- file: influxdbconf
- require:

4
salt/kibana/init.sls
View File

@@ -95,7 +95,9 @@ so-kibana:
- /opt/so/conf/kibana/customdashboards:/usr/share/kibana/custdashboards:ro
- /sys/fs/cgroup:/sys/fs/cgroup:ro
- port_bindings:
- 0.0.0.0:5601:5601
{% for BINDING in DOCKER.containers['so-kibana'].port_bindings %}
- {{ BINDING }}
{% endfor %}
- watch:
- file: kibanaconfig

5
salt/kratos/init.sls
View File

@@ -77,8 +77,9 @@ so-kratos:
- /opt/so/log/kratos/:/kratos-log:rw
- /nsm/kratos/db:/kratos-data:rw
- port_bindings:
- 0.0.0.0:4433:4433
- 0.0.0.0:4434:4434
{% for BINDING in DOCKER.containers['so-kratos'].port_bindings %}
- {{ BINDING }}
{% endfor %}
- restart_policy: unless-stopped
- watch:
- file: kratosschema

2
salt/logstash/init.sls
View File

@@ -147,7 +147,7 @@ so-logstash:
- environment:
- LS_JAVA_OPTS=-Xms{{ lsheap }} -Xmx{{ lsheap }}
- port_bindings:
{% for BINDING in DOCKER_OPTIONS.port_bindings %}
{% for BINDING in DOCKER.containers['so-logstash'].port_bindings %}
- {{ BINDING }}
{% endfor %}
- binds:

4
salt/mysql/init.sls
View File

@@ -88,7 +88,9 @@ so-mysql:
- sosbridge:
- ipv4_address: {{ DOCKER.containers['so-mysql'].ip }}
- port_bindings:
- 0.0.0.0:3306:3306
{% for BINDING in DOCKER.containers['so-mysql'].port_bindings %}
- {{ BINDING }}
{% endfor %}
- environment:
- MYSQL_ROOT_HOST={{ GLOBALS.manager_ip }}
- MYSQL_ROOT_PASSWORD=/etc/mypass

5
salt/nginx/init.sls
View File

@@ -106,8 +106,9 @@ so-nginx:
{% endif %}
- cap_add: NET_BIND_SERVICE
- port_bindings:
- 80:80
- 443:443
{% for BINDING in DOCKER.containers['so-nginx'].port_bindings %}
- {{ BINDING }}
{% endfor %}
- watch:
- file: nginxconf
- file: nginxconfdir

4
salt/playbook/init.sls
View File

@@ -91,7 +91,9 @@ so-playbook:
- REDMINE_DB_USERNAME=playbookdbuser
- REDMINE_DB_PASSWORD={{ PLAYBOOKPASS }}
- port_bindings:
- 0.0.0.0:3200:3000
{% for BINDING in DOCKER.containers['so-playbook'].port_bindings %}
- {{ BINDING }}
{% endfor %}
append_so-playbook_so-status.conf:
file.append:

5
salt/redis/init.sls
View File

@@ -50,8 +50,9 @@ so-redis:
- sosbridge:
- ipv4_address: {{ DOCKER.containers['so-redis'].ip }}
- port_bindings:
- 0.0.0.0:6379:6379
- 0.0.0.0:9696:9696
{% for BINDING in DOCKER.containers['so-redis'].port_bindings %}
- {{ BINDING }}
{% endfor %}
- binds:
- /opt/so/log/redis:/var/log/redis:rw
- /opt/so/conf/redis/etc/redis.conf:/usr/local/etc/redis/redis.conf:ro

4
salt/registry/init.sls
View File

@@ -43,7 +43,9 @@ so-dockerregistry:
- ipv4_address: {{ DOCKER.containers['so-dockerregistry'].ip }}
- restart_policy: always
- port_bindings:
- 0.0.0.0:5000:5000
{% for BINDING in DOCKER.containers['so-dockerregistry'].port_bindings %}
- {{ BINDING }}
{% endfor %}
- binds:
- /opt/so/conf/docker-registry/etc/config.yml:/etc/docker/registry/config.yml:ro
- /opt/so/conf/docker-registry:/var/lib/registry:rw

4
salt/soc/init.sls
View File

@@ -117,7 +117,9 @@ so-soc:
{%- endfor %}
{%- endif %}
- port_bindings:
- 0.0.0.0:9822:9822
{% for BINDING in DOCKER.containers['so-soc'].port_bindings %}
- {{ BINDING }}
{% endfor %}
- watch:
- file: /opt/so/conf/soc/*
- require:

4
salt/soctopus/init.sls
View File

@@ -76,7 +76,9 @@ so-soctopus:
- /nsm/repo/rules/sigma:/soctopus/sigma
{% endif %}
- port_bindings:
- 0.0.0.0:7000:7000
{% for BINDING in DOCKER.containers['so-soctopus'].port_bindings %}
- {{ BINDING }}
{% endfor %}
- extra_hosts:
- {{GLOBALS.url_base}}:{{GLOBALS.manager_ip}}
- require:

12
salt/strelka/init.sls
View File

@@ -173,7 +173,9 @@ strelka_coordinator:
- ipv4_address: {{ DOCKER.containers['so-strelka-coordinator'].ip }}
- entrypoint: redis-server --save "" --appendonly no
- port_bindings:
- 0.0.0.0:6380:6379
{% for BINDING in DOCKER.containers['so-strelka-cordinator'].port_bindings %}
- {{ BINDING }}
{% endfor %}
append_so-strelka-coordinator_so-status.conf:
file.append:
@@ -189,7 +191,9 @@ strelka_gatekeeper:
- ipv4_address: {{ DOCKER.containers['so-strelka-gatekeeper'].ip }}
- entrypoint: redis-server --save "" --appendonly no --maxmemory-policy allkeys-lru
- port_bindings:
- 0.0.0.0:6381:6379
{% for BINDING in DOCKER.containers['so-strelka-gatekeeper'].port_bindings %}
- {{ BINDING }}
{% endfor %}
append_so-strelka-gatekeeper_so-status.conf:
file.append:
@@ -209,7 +213,9 @@ strelka_frontend:
- ipv4_address: {{ DOCKER.containers['so-strelka-frontend'].ip }}
- command: strelka-frontend
- port_bindings:
- 0.0.0.0:57314:57314
{% for BINDING in DOCKER.containers['so-strelka-frontend'].port_bindings %}
- {{ BINDING }}
{% endfor %}
append_so-strelka-frontend_so-status.conf:
file.append: