From f1c91e91b1dbff2f5bd21b3835d478299503cc04 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 5 May 2023 15:10:21 -0400 Subject: [PATCH 1/4] Remove port bindings from logstash config section --- salt/logstash/defaults.yaml | 12 ------------ salt/logstash/soc_logstash.yaml | 6 ------ 2 files changed, 18 deletions(-) diff --git a/salt/logstash/defaults.yaml b/salt/logstash/defaults.yaml index d253a6b51..28a7f8896 100644 --- a/salt/logstash/defaults.yaml +++ b/salt/logstash/defaults.yaml @@ -39,18 +39,6 @@ logstash: custom2: [] custom3: [] custom4: [] - docker_options: - port_bindings: - - 0.0.0.0:3765:3765 - - 0.0.0.0:5044:5044 - - 0.0.0.0:5055:5055 - - 0.0.0.0:5056:5056 - - 0.0.0.0:5644:5644 - - 0.0.0.0:6050:6050 - - 0.0.0.0:6051:6051 - - 0.0.0.0:6052:6052 - - 0.0.0.0:6053:6053 - - 0.0.0.0:9600:9600 settings: lsheap: 500m config: diff --git a/salt/logstash/soc_logstash.yaml b/salt/logstash/soc_logstash.yaml index e41ff000f..f32ac7459 100644 --- a/salt/logstash/soc_logstash.yaml +++ b/salt/logstash/soc_logstash.yaml @@ -57,12 +57,6 @@ logstash: helpLink: logstash.html readonly: True advanced: True - docker_options: - port_bindings: - description: List of ports to open to the logstash docker container. Firewall ports will still need to be added to the firewall configuration. - helpLink: logstash.html - advanced: True - multiline: True dmz_nodes: description: "List of receiver nodes in DMZs. Prevents sensors from sending to these receivers. Primarily used for external Elastic agents." helpLink: logstash.html From 2418d9a096e6467446498f5f1687534619940782 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 5 May 2023 16:01:23 -0400 Subject: [PATCH 2/4] Add volume mounts --- salt/docker/defaults.yaml | 26 +++++++++++++++++++++++++- salt/docker/soc_docker.yaml | 6 ++++++ 2 files changed, 31 insertions(+), 1 deletion(-) diff --git a/salt/docker/defaults.yaml b/salt/docker/defaults.yaml index 19dda3d35..bea5f1511 100644 --- a/salt/docker/defaults.yaml +++ b/salt/docker/defaults.yaml @@ -8,30 +8,37 @@ docker: final_octet: 20 port_bindings: - 0.0.0.0:5000:5000 + custom_bind_mounts: [] 'so-elastic-fleet': final_octet: 21 port_bindings: - 0.0.0.0:8220:8220/tcp + custom_bind_mounts: [] 'so-elasticsearch': final_octet: 22 port_bindings: - 0.0.0.0:9200:9200/tcp - 0.0.0.0:9300:9300/tcp + custom_bind_mounts: [] 'so-idstools': final_octet: 25 + custom_bind_mounts: [] 'so-influxdb': final_octet: 26 port_bindings: - 0.0.0.0:8086:8086 + custom_bind_mounts: [] 'so-kibana': final_octet: 27 port_bindings: - 0.0.0.0:5601:5601 + custom_bind_mounts: [] 'so-kratos': final_octet: 28 port_bindings: - 0.0.0.0:4433:4433 - 0.0.0.0:4434:4434 + custom_bind_mounts: [] 'so-logstash': final_octet: 29 port_bindings: @@ -45,58 +52,75 @@ docker: - 0.0.0.0:6052:6052 - 0.0.0.0:6053:6053 - 0.0.0.0:9600:9600 + custom_bind_mounts: [] 'so-mysql': final_octet: 30 port_bindings: - 0.0.0.0:3306:3306 + custom_bind_mounts: [] 'so-nginx': final_octet: 31 port_bindings: - 80:80 - 443:443 - 8443:8443 + custom_bind_mounts: [] 'so-playbook': final_octet: 32 port_bindings: - 0.0.0.0:3000:3000 + custom_bind_mounts: [] 'so-redis': final_octet: 33 port_bindings: - 0.0.0.0:6379:6379 - 0.0.0.0:9696:9696 + custom_bind_mounts: [] 'so-soc': final_octet: 34 port_bindings: - 0.0.0.0:9822:9822 + custom_bind_mounts: [] 'so-soctopus': final_octet: 35 port_bindings: - 0.0.0.0:7000:7000 + custom_bind_mounts: [] 'so-strelka-backend': final_octet: 36 + custom_bind_mounts: [] 'so-strelka-filestream': final_octet: 37 + custom_bind_mounts: [] 'so-strelka-frontend': final_octet: 38 port_bindings: - 0.0.0.0:57314:57314 + custom_bind_mounts: [] 'so-strelka-manager': final_octet: 39 + custom_bind_mounts: [] 'so-strelka-gatekeeper': final_octet: 40 port_bindings: - 0.0.0.0:6381:6379 + custom_bind_mounts: [] 'so-strelka-coordinator': final_octet: 41 port_bindings: - 0.0.0.0:6380:6379 + custom_bind_mounts: [] 'so-elastalert': final_octet: 42 + custom_bind_mounts: [] 'so-curator': final_octet: 43 + custom_bind_mounts: [] 'so-elastic-fleet-package-registry': final_octet: 44 port_bindings: - 0.0.0.0:8080:8080/tcp + custom_bind_mounts: [] 'so-idh': - final_octet: 45 \ No newline at end of file + final_octet: 45 + custom_bind_mounts: [] \ No newline at end of file diff --git a/salt/docker/soc_docker.yaml b/salt/docker/soc_docker.yaml index ba0f053fa..477b2aa26 100644 --- a/salt/docker/soc_docker.yaml +++ b/salt/docker/soc_docker.yaml @@ -28,6 +28,12 @@ docker: helpLink: docker.html advanced: True multiline: True + custom_bind_mounts: + description: List of custom local volume bindings. + advanced: True + helpLink: docker.html + multiline: True + forcedType: []string so-dockerregistry: *dockerOptions so-elastalert: *dockerOptions so-elastic-fleet-package-registry: *dockerOptions From e3cb0a9953cb0e4dad189f8f71bcfff20d72fe52 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 8 May 2023 09:35:07 -0400 Subject: [PATCH 3/4] Fix string entry --- salt/docker/soc_docker.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/salt/docker/soc_docker.yaml b/salt/docker/soc_docker.yaml index 477b2aa26..ef27bcc26 100644 --- a/salt/docker/soc_docker.yaml +++ b/salt/docker/soc_docker.yaml @@ -33,7 +33,7 @@ docker: advanced: True helpLink: docker.html multiline: True - forcedType: []string + forcedType: "[]string" so-dockerregistry: *dockerOptions so-elastalert: *dockerOptions so-elastic-fleet-package-registry: *dockerOptions From 789eafa8c2a9861c2a6c84413d16b5b3bcd7dd65 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Mon, 8 May 2023 09:45:08 -0400 Subject: [PATCH 4/4] Fix string entry --- salt/docker/defaults.yaml | 26 +++++++++++++++++++++++++- salt/docker/soc_docker.yaml | 6 ++++++ 2 files changed, 31 insertions(+), 1 deletion(-) diff --git a/salt/docker/defaults.yaml b/salt/docker/defaults.yaml index bea5f1511..55dfc5db5 100644 --- a/salt/docker/defaults.yaml +++ b/salt/docker/defaults.yaml @@ -9,36 +9,43 @@ docker: port_bindings: - 0.0.0.0:5000:5000 custom_bind_mounts: [] + extra_hosts: [] 'so-elastic-fleet': final_octet: 21 port_bindings: - 0.0.0.0:8220:8220/tcp custom_bind_mounts: [] + extra_hosts: [] 'so-elasticsearch': final_octet: 22 port_bindings: - 0.0.0.0:9200:9200/tcp - 0.0.0.0:9300:9300/tcp custom_bind_mounts: [] + extra_hosts: [] 'so-idstools': final_octet: 25 custom_bind_mounts: [] + extra_hosts: [] 'so-influxdb': final_octet: 26 port_bindings: - 0.0.0.0:8086:8086 custom_bind_mounts: [] + extra_hosts: [] 'so-kibana': final_octet: 27 port_bindings: - 0.0.0.0:5601:5601 custom_bind_mounts: [] + extra_hosts: [] 'so-kratos': final_octet: 28 port_bindings: - 0.0.0.0:4433:4433 - 0.0.0.0:4434:4434 custom_bind_mounts: [] + extra_hosts: [] 'so-logstash': final_octet: 29 port_bindings: @@ -53,11 +60,13 @@ docker: - 0.0.0.0:6053:6053 - 0.0.0.0:9600:9600 custom_bind_mounts: [] + extra_hosts: [] 'so-mysql': final_octet: 30 port_bindings: - 0.0.0.0:3306:3306 custom_bind_mounts: [] + extra_hosts: [] 'so-nginx': final_octet: 31 port_bindings: @@ -65,62 +74,77 @@ docker: - 443:443 - 8443:8443 custom_bind_mounts: [] + extra_hosts: [] 'so-playbook': final_octet: 32 port_bindings: - 0.0.0.0:3000:3000 custom_bind_mounts: [] + extra_hosts: [] 'so-redis': final_octet: 33 port_bindings: - 0.0.0.0:6379:6379 - 0.0.0.0:9696:9696 custom_bind_mounts: [] + extra_hosts: [] 'so-soc': final_octet: 34 port_bindings: - 0.0.0.0:9822:9822 custom_bind_mounts: [] + extra_hosts: [] 'so-soctopus': final_octet: 35 port_bindings: - 0.0.0.0:7000:7000 custom_bind_mounts: [] + extra_hosts: [] 'so-strelka-backend': final_octet: 36 custom_bind_mounts: [] + extra_hosts: [] 'so-strelka-filestream': final_octet: 37 custom_bind_mounts: [] + extra_hosts: [] 'so-strelka-frontend': final_octet: 38 port_bindings: - 0.0.0.0:57314:57314 custom_bind_mounts: [] + extra_hosts: [] 'so-strelka-manager': final_octet: 39 custom_bind_mounts: [] + extra_hosts: [] 'so-strelka-gatekeeper': final_octet: 40 port_bindings: - 0.0.0.0:6381:6379 custom_bind_mounts: [] + extra_hosts: [] 'so-strelka-coordinator': final_octet: 41 port_bindings: - 0.0.0.0:6380:6379 custom_bind_mounts: [] + extra_hosts: [] 'so-elastalert': final_octet: 42 custom_bind_mounts: [] + extra_hosts: [] 'so-curator': final_octet: 43 custom_bind_mounts: [] + extra_hosts: [] 'so-elastic-fleet-package-registry': final_octet: 44 port_bindings: - 0.0.0.0:8080:8080/tcp custom_bind_mounts: [] + extra_hosts: [] 'so-idh': final_octet: 45 - custom_bind_mounts: [] \ No newline at end of file + custom_bind_mounts: [] + extra_hosts: [] \ No newline at end of file diff --git a/salt/docker/soc_docker.yaml b/salt/docker/soc_docker.yaml index ef27bcc26..c8d18abde 100644 --- a/salt/docker/soc_docker.yaml +++ b/salt/docker/soc_docker.yaml @@ -34,6 +34,12 @@ docker: helpLink: docker.html multiline: True forcedType: "[]string" + extra_hosts: + description: List of additional host entries for the container. + advanced: True + helpLink: docker.html + multiline: True + forcedType: "[]string" so-dockerregistry: *dockerOptions so-elastalert: *dockerOptions so-elastic-fleet-package-registry: *dockerOptions