CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-21 00:13:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

only allow ca.remove state to run if so-setup is running

Browse Source
This commit is contained in:
Josh Patterson
2025-12-17 10:08:00 -05:00
parent c0845e1612
commit 702ba2e0a4
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
salt/ca/remove.sls
View File

@@ -3,6 +3,10 @@
# https://securityonion.net/license; you may not use this file except in compliance with the # https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0. # Elastic License 2.0.
{% set setup_running = salt['cmd.retcode']('pgrep -x so-setup') == 0 %}
{% if setup_running%}
include: include:
- ssl.remove - ssl.remove
@@ -21,3 +25,11 @@ remove_trusttheca:
remove_pki_public_ca_crt_symlink: remove_pki_public_ca_crt_symlink:
file.absent: file.absent:
- name: /opt/so/saltstack/local/salt/ca/files/ca.crt - name: /opt/so/saltstack/local/salt/ca/files/ca.crt
{% else %}
so-setup_not_running:
test.show_notification:
- text: "This state is reserved for usage during so-setup."
{% endif %}