CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

connect

Browse Source
This commit is contained in:
Jason Ertel
2024-10-24 08:47:52 -04:00
parent 5e6dd2e8b3
commit 7c405ff9d7
5 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
salt/manager/sync_es_users.sls
View File

@@ -16,12 +16,13 @@ sync_es_users:
- /opt/so/saltstack/local/salt/elasticsearch/files/users
- /opt/so/saltstack/local/salt/elasticsearch/files/users_roles
- /opt/so/conf/soc/soc_users_roles
- /opt/so/conf/soc/soc_client_roles
- /opt/so/conf/soc/soc_clients_roles
- show_changes: False
- require:
- docker_container: so-kratos
- http: wait_for_kratos
- file: so-user.lock # require so-user.lock file to be missing
- file: so-client.lock # require so-client.lock file to be missing
# we dont want this added too early in setup, so we add the onlyif to verify 'startup_states: highstate'
# is in the minion config. That line is added before the final highstate during setup

2
salt/manager/tools/sbin/so-user
View File

@@ -136,7 +136,7 @@ bcryptRounds=${BCRYPT_ROUNDS:-12}
elasticUsersFile=${ELASTIC_USERS_FILE:-/opt/so/saltstack/local/salt/elasticsearch/files/users}
elasticRolesFile=${ELASTIC_ROLES_FILE:-/opt/so/saltstack/local/salt/elasticsearch/files/users_roles}
socRolesFile=${SOC_ROLES_FILE:-/opt/so/conf/soc/soc_users_roles}
clientRolesFile=${SOC_ROLES_FILE:-/opt/so/conf/soc/soc_client_roles}
clientRolesFile=${SOC_ROLES_FILE:-/opt/so/conf/soc/soc_clients_roles}
esUID=${ELASTIC_UID:-930}
esGID=${ELASTIC_GID:-930}
soUID=${SOCORE_UID:-939}

6
salt/soc/config.sls
View File

@@ -176,6 +176,12 @@ socusersroles:
- require:
- sls: manager.sync_es_users
socclientsroles:
file.exists:
- name: /opt/so/conf/soc/soc_clients_roles
- require:
- sls: manager.sync_es_users
socuploaddir:
file.directory:
- name: /nsm/soc/uploads

1
salt/soc/defaults.yaml
View File

@@ -1403,6 +1403,7 @@ soc:
- rbac/custom_roles
userFiles:
- rbac/users_roles
- rbac/clients_roles
strelkaengine:
aiRepoUrl: https://github.com/Security-Onion-Solutions/securityonion-resources
aiRepoBranch: generated-summaries-published

3
salt/soc/enabled.sls
View File

@@ -44,7 +44,7 @@ so-soc:
- /opt/so/conf/soc/custom.js:/opt/sensoroni/html/js/custom.js:ro
- /opt/so/conf/soc/custom_roles:/opt/sensoroni/rbac/custom_roles:ro
- /opt/so/conf/soc/soc_users_roles:/opt/sensoroni/rbac/users_roles:rw
- /opt/so/conf/soc/soc_client_roles:/opt/sensoroni/rbac/client_roles:rw
- /opt/so/conf/soc/soc_clients_roles:/opt/sensoroni/rbac/clients_roles:rw
- /opt/so/conf/soc/queue:/opt/sensoroni/queue:rw
- /opt/so/saltstack:/opt/so/saltstack:rw
- /opt/so/conf/soc/migrations:/opt/so/conf/soc/migrations:rw
@@ -83,6 +83,7 @@ so-soc:
- file: soccustom
- file: soccustomroles
- file: socusersroles
- file: socclientroles
delete_so-soc_so-status.disabled:
file.uncomment: