CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-06-22 02:08:07 +02:00
Code Issues Packages Projects Releases Wiki Activity

requires and ordering for socusersroles state

Browse Source
This commit is contained in:
m0duspwnens
2022-01-10 14:39:00 -05:00
parent beb9a33628
commit 716c98ec61
4 changed files with 39 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/manager/sync_es_users.sls
+31
View File
@@ -0,0 +1,31 @@
include:
- elasticsearch.auth
- kratos
so-user.lock:
file.missing:
- name: /var/tmp/so-user.lock
# Must run before elasticsearch docker container is started!
sync_es_users:
cmd.run:
- name: so-user sync
- env:
- SKIP_STATE_APPLY: 'true'
- creates:
- /opt/so/saltstack/local/salt/elasticsearch/files/users
- /opt/so/saltstack/local/salt/elasticsearch/files/users_roles
- /opt/so/conf/soc/soc_users_roles
- show_changes: False
- require:
- docker_container: so-kratos
- http: wait_for_kratos
- file: so-user.lock # require so-user.lock file to be missing
# we dont want this added too early in setup, so we add the onlyif to verify 'startup_states: highstate'
# is in the minion config. That line is added before the final highstate during setup
sosyncusers:
cron.present:
- user: root
- name: 'PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin /usr/sbin/so-user sync &>> /opt/so/log/soc/sync.log'
- onlyif: "grep 'startup_states: highstate' /etc/salt/minion"