mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-06 09:12:45 +01:00
exclude elasticsearch and managerssl keys and certs from receiver
This commit is contained in:
m0duspwnens
@@ -210,7 +210,6 @@ etc_filebeat_crt:
|
|||||||
- onchanges:
|
- onchanges:
|
||||||
- x509: etc_filebeat_key
|
- x509: etc_filebeat_key
|
||||||
|
|
||||||
|
|
||||||
fbperms:
|
fbperms:
|
||||||
file.managed:
|
file.managed:
|
||||||
- replace: False
|
- replace: False
|
||||||
@@ -226,7 +225,7 @@ chownilogstashfilebeatp8:
|
|||||||
- user: 931
|
- user: 931
|
||||||
- group: 939
|
- group: 939
|
||||||
|
|
||||||
{% if grains.role not in ['so-heavynode', 'so-receiver']%}
|
{% if grains.role not in ['so-heavynode', 'so-receiver'] %}
|
||||||
# Create Symlinks to the keys so I can distribute it to all the things
|
# Create Symlinks to the keys so I can distribute it to all the things
|
||||||
filebeatdir:
|
filebeatdir:
|
||||||
file.directory:
|
file.directory:
|
||||||
@@ -294,7 +293,7 @@ regkeyperms:
|
|||||||
- group: 939
|
- group: 939
|
||||||
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
{% if grains.role not in ['so-receiver'] %}
|
||||||
# Create a cert for elasticsearch
|
# Create a cert for elasticsearch
|
||||||
/etc/pki/elasticsearch.key:
|
/etc/pki/elasticsearch.key:
|
||||||
x509.private_key_managed:
|
x509.private_key_managed:
|
||||||
@@ -338,7 +337,7 @@ regkeyperms:
|
|||||||
- onchanges:
|
- onchanges:
|
||||||
- x509: /etc/pki/elasticsearch.key
|
- x509: /etc/pki/elasticsearch.key
|
||||||
|
|
||||||
ealstickeyperms:
|
elastickeyperms:
|
||||||
file.managed:
|
file.managed:
|
||||||
- replace: False
|
- replace: False
|
||||||
- name: /etc/pki/elasticsearch.key
|
- name: /etc/pki/elasticsearch.key
|
||||||
@@ -398,6 +397,8 @@ msslkeyperms:
|
|||||||
- mode: 640
|
- mode: 640
|
||||||
- group: 939
|
- group: 939
|
||||||
|
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
# Create a private key and cert for OSQuery
|
# Create a private key and cert for OSQuery
|
||||||
fleet_key:
|
fleet_key:
|
||||||
x509.private_key_managed:
|
x509.private_key_managed:
|
||||||
@@ -443,6 +444,7 @@ fleetkeyperms:
|
|||||||
- group: 939
|
- group: 939
|
||||||
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% if grains['role'] in ['so-sensor', 'so-manager', 'so-node', 'so-eval', 'so-helix', 'so-managersearch', 'so-heavynode', 'so-fleet', 'so-standalone', 'so-import', 'so-receiver'] %}
|
{% if grains['role'] in ['so-sensor', 'so-manager', 'so-node', 'so-eval', 'so-helix', 'so-managersearch', 'so-heavynode', 'so-fleet', 'so-standalone', 'so-import', 'so-receiver'] %}
|
||||||
|
|
||||||
fbcertdir:
|
fbcertdir:
|
||||||
|
|||||||
@@ -477,7 +477,6 @@ base:
|
|||||||
|
|
||||||
'*_receiver and G@saltversion:{{saltversion}}':
|
'*_receiver and G@saltversion:{{saltversion}}':
|
||||||
- match: compound
|
- match: compound
|
||||||
- ca
|
|
||||||
- ssl
|
- ssl
|
||||||
- telegraf
|
- telegraf
|
||||||
- firewall
|
- firewall
|
||||||
|
|||||||
Reference in New Issue
Block a user