Dockernet Modifications

2026-01-27 10:23:33 +01:00 · 2020-10-27 15:08:34 -04:00
parent d4dd4aa416
commit 697bc53aec
5 changed files with 16 additions and 9 deletions
--- a/salt/firewall/hostgroups.yaml
+++ b/salt/firewall/hostgroups.yaml
@@ -1,3 +1,4 @@
+{%- set DNET = salt['pillar.get']('global:dockernet', '172.17.0.0') %}
 firewall:
  hostgroups:
    anywhere:
@@ -9,7 +10,7 @@ firewall:
      ips:
        delete:
        insert:
-          - 172.17.0.0/24
+          - {{ DNET }}/24
    localhost:
      ips:
        delete:
--- a/salt/fleet/init.sls
+++ b/salt/fleet/init.sls
@@ -12,6 +12,8 @@
 {% else %}
  {% set MAINIP = salt['pillar.get']('global:managerip') %}
 {% endif %}
+{% set DNET = salt['pillar.get']('global:dockernet', '172.17.0.0') %}
+

 include:
  - mysql
@@ -71,7 +73,7 @@ fleetdb:

 fleetdbuser:
  mysql_user.present:
-    - host: 172.17.0.0/255.255.0.0
+    - host: {{ DNET }}/255.255.0.0
    - password: {{ FLEETPASS }}
    - connection_host: {{ MAINIP }}
    - connection_port: 3306
@@ -85,7 +87,7 @@ fleetdbpriv:
    - grant: all privileges
    - database: fleet.*
    - user: fleetdbuser
-    - host: 172.17.0.0/255.255.0.0
+    - host: {{ DNET }}/255.255.0.0
    - connection_host: {{ MAINIP }}
    - connection_port: 3306
    - connection_user: root
--- a/salt/playbook/init.sls
+++ b/salt/playbook/init.sls
@@ -10,6 +10,8 @@
 {% set MAINIP = salt['grains.get']('ip_interfaces').get(salt['pillar.get']('sensor:mainint', salt['pillar.get']('manager:mainint', salt['pillar.get']('elasticsearch:mainint', salt['pillar.get']('host:mainint')))))[0] %}
 {%- set MYSQLPASS = salt['pillar.get']('secrets:mysql', None) -%}
 {%- set PLAYBOOKPASS = salt['pillar.get']('secrets:playbook_db', None) -%}
+{%- set DNET = salt['pillar.get']('global:dockernet', '172.17.0.0') %}
+

 include:
  - mysql
@@ -19,7 +21,7 @@ create_playbookdbuser:
    - mysql.user_create:
      - user: playbookdbuser
      - password: {{ PLAYBOOKPASS }}
-      - host: 172.17.0.0/255.255.0.0
+      - host: {{ DNET }}/255.255.255.0
      - connection_host: {{ MAINIP }}
      - connection_port: 3306
      - connection_user: root
@@ -28,7 +30,7 @@ create_playbookdbuser:
 query_playbookdbuser_grants:
  mysql_query.run:
    - database: playbook
-    - query:    "GRANT ALL ON playbook.* TO 'playbookdbuser'@'172.17.0.0/255.255.0.0';"
+    - query:    "GRANT ALL ON playbook.* TO 'playbookdbuser'@'{{ DNET }}/255.255.255.0';"
    - connection_host: {{ MAINIP }}
    - connection_port: 3306
    - connection_user: root
--- a/salt/soc/files/soc/soc.json
+++ b/salt/soc/files/soc/soc.json
@@ -9,6 +9,8 @@
 {%- import_json "soc/files/soc/hunt.queries.json" as hunt_queries %}
 {%- import_json "soc/files/soc/hunt.actions.json" as hunt_actions %}
 {%- import_json "soc/files/soc/hunt.eventfields.json" as hunt_eventfields %}
+{%- set DNET = salt['pillar.get']('global:dockernet', '172.17.0.0') %}
+
 {
  "logFilename": "/opt/sensoroni/logs/sensoroni-server.log",
  "server": {
@@ -49,7 +51,7 @@
      },
 {% endif %}
      "statickeyauth": {
-        "anonymousCidr": "172.17.0.0/24",
+        "anonymousCidr": "{{ DNET }}/24",
        "apiKey": "{{ SENSORONIKEY }}"
      }
    },