CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1863 from Security-Onion-Solutions/issue/1857

Browse Source 
Issue/1857
This commit is contained in:
Josh Patterson
2020-11-09 17:54:25 -05:00
committed by GitHub
parent f647a06239 ae5bc297dd
commit 64199c81e1
3 changed files with 14 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
salt/fleet/event_enable-fleet.sls
View File

@@ -1,4 +1,10 @@
{% set ENROLLSECRET = salt['cmd.run']('docker exec so-fleet fleetctl get enroll-secret default') %}
{% set FLEETMANAGER = salt['pillar.get']('global:fleet_manager', False) %}
{% set FLEETNODE = salt['pillar.get']('global:fleet_node', False) %}
{% if FLEETNODE or FLEETMANAGER %}
{% set ENROLLSECRET = salt['cmd.run']('docker exec so-fleet fleetctl get enroll-secret default') %}
{% else %}
{% set ENROLLSECRET = '' %}
{% endif %}
{% set MAININT = salt['pillar.get']('host:mainint') %}
{% set MAINIP = salt['grains.get']('ip_interfaces').get(MAININT)[0] %}

11
salt/reactor/fleet.sls
View File

@@ -31,16 +31,17 @@ def run():
print(line)
# Update the enroll secret in the secrets pillar
for line in fileinput.input(SECRETSFILE, inplace=True):
line = re.sub(r'fleet_enroll-secret: \S*', f"fleet_enroll-secret: {ESECRET}", line.rstrip())
print(line)
if ESECRET != "":
for line in fileinput.input(SECRETSFILE, inplace=True):
line = re.sub(r'fleet_enroll-secret: \S*', f"fleet_enroll-secret: {ESECRET}", line.rstrip())
print(line)
# Update the Fleet host in the static pillar
# Update the Fleet host in the static pillar
for line in fileinput.input(STATICFILE, inplace=True):
line = re.sub(r'fleet_hostname: \S*', f"fleet_hostname: '{HOSTNAME}'", line.rstrip())
print(line)
# Update the Fleet IP in the static pillar
# Update the Fleet IP in the static pillar
for line in fileinput.input(STATICFILE, inplace=True):
line = re.sub(r'fleet_ip: \S*', f"fleet_ip: '{MAINIP}'", line.rstrip())
print(line)

5
setup/so-setup
View File

@@ -684,12 +684,9 @@ fi
fi
if [[ "$OSQUERY" = 1 ]]; then
if [[ "$PLAYBOOK" != 1 ]]; then
set_progress_str 74 "$(print_salt_state_apply 'mysql')"
salt-call state.apply -l info mysql >> $setup_log 2>&1
fi
set_progress_str 75 "$(print_salt_state_apply 'fleet')"
salt-call state.apply fleet.event_enable-fleet # enable fleet in the global pillar
salt-call state.apply -l info fleet >> $setup_log 2>&1
set_progress_str 76 "$(print_salt_state_apply 'redis')"