Merge branch 'dev' of github.com:Security-Onion-Solutions/securityonion-saltstack into dev

salt/common/init.sls

@@ -13,6 +13,20 @@ socore:
     - createhome: True
     - shell: /bin/bash
 
+# Create a state directory
+statedir:
+  file.directory:
+    - name: /opt/so/state
+    - user: 939
+    - group: 939
+    - makedirs: True
+
+salttmp:
+  file.directory:
+    - name: /opt/so/tmp
+    - user: 939
+    - group: 939
+    - makedirs: True
 
 # Install packages needed for the sensor
 sensorpkgs:

salt/playbook/init.sls

@@ -17,21 +17,21 @@ salt://playbook/files/playbook_db_init.sh:
   cmd.run
 {% endif %}
 
-playbookdbuser:
+create_playbookdbuser:
-  mysql_user.present:
+  module.run:
-    - host: 172.17.0.0/255.255.0.0
+    - mysql.user_create:
-    - password: {{ PLAYBOOKPASS }}
+      - user: playbookdbuser
-    - connection_host: {{ MAINIP }}
+      - password: {{ PLAYBOOKPASS }}
-    - connection_port: 3306
+      - host: 172.17.0.0/255.255.0.0
-    - connection_user: root
+      - connection_host: {{ MAINIP }}
-    - connection_pass: {{ MYSQLPASS }}
+      - connection_port: 3306
+      - connection_user: root
+      - connection_pass: {{ MYSQLPASS }}
 
-playbookdbdbpriv:
+query_playbookdbuser_grants:
-  mysql_grants.present:
+  mysql_query.run:
-    - grant: all privileges
+    - database: playbook
-    - database: playbook.*
+    - query:    "GRANT ALL ON playbook.* TO 'playbookdbuser'@'172.17.0.0/255.255.0.0';"
-    - user: playbookdbuser
-    - host: 172.17.0.0/255.255.0.0
     - connection_host: {{ MAINIP }}
     - connection_port: 3306
     - connection_user: root

salt/salt/init.sls

@@ -1,18 +1,4 @@
-# Create a state directory
 
-statedir:
-  file.directory:
-    - name: /opt/so/state
-    - user: 939
-    - group: 939
-    - makedirs: True
-
-salttmp:
-  file.directory:
-    - name: /opt/so/tmp
-    - user: 939
-    - group: 939
-    - makedirs: True
 
 {% if grains['os'] != 'CentOS' %}    
 saltpymodules:

salt/soctopus/init.sls

@@ -63,7 +63,7 @@ so-soctopus:
     - hostname: soctopus
     - name: so-soctopus
     - binds:
-      - /opt/so/conf/soctopus/SOCtopus.conf:/SOCtopus.conf:ro
+      - /opt/so/conf/soctopus/SOCtopus.conf:/SOCtopus/SOCtopus.conf:ro
       - /opt/so/log/soctopus/:/var/log/SOCtopus/:rw
       - /opt/so/rules/elastalert/playbook:/etc/playbook-rules:rw
       - /opt/so/conf/navigator/nav_layer_playbook.json:/etc/playbook/nav_layer_playbook.json:rw

setup/so-setup

@@ -357,6 +357,13 @@ export percentage=0
 		set_progress_str 26 'Downloading containers from the internet'
 		salt-call state.apply -l info registry >> "$setup_log" 2>&1
 		docker_seed_registry 2>> "$setup_log" # ~ 60% when finished
+		
+		set_progress_str 27 "$(print_salt_state_apply 'master')"
+		salt-call state.apply -l info master >> $setup_log 2>&1
+
+		set_progress_str 28 "$(print_salt_state_apply 'idstools')"
+		salt-call state.apply -l info idstools >> $setup_log 2>&1
+
 	fi
 
 	set_progress_str 62 "$(print_salt_state_apply 'firewall')"
@@ -433,13 +440,7 @@ export percentage=0
 		salt-call state.apply -l info navigator >> $setup_log 2>&1
 	fi
 
-	if [[ $is_master || $is_helix ]]; then
+	if [[ $is_master || $is_helix ]]; then		
-		set_progress_str 79 "$(print_salt_state_apply 'master')"
-		salt-call state.apply -l info master >> $setup_log 2>&1
-
-		set_progress_str 80 "$(print_salt_state_apply 'idstools')"
-		salt-call state.apply -l info idstools >> $setup_log 2>&1
-
 		set_progress_str 81 "$(print_salt_state_apply 'utility')"
 		salt-call state.apply -l info utility >> $setup_log 2>&1
 	fi
@@ -478,4 +479,4 @@ if [[ "$success" = 0 ]]; then
 else
 	whiptail_setup_failed
 	shutdown -r now
-fi
+fi