From 928aed27c5ab7c4d8a2bd17d563c57269c067f2d Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Wed, 20 Oct 2021 17:04:02 -0400
Subject: [PATCH] require files before starting soc or kratos

---
 salt/soc/init.sls | 28 +++++++++++++++++++++++++++-
 1 file changed, 27 insertions(+), 1 deletion(-)

diff --git a/salt/soc/init.sls b/salt/soc/init.sls
index 1fbfe5de2..46449b15d 100644
--- a/salt/soc/init.sls
+++ b/salt/soc/init.sls
@@ -80,6 +80,10 @@ soccustomroles:
     - mode: 600
     - template: jinja
 
+socusersroles:
+  file.exists:
+    - name: /opt/so/conf/soc/soc_users_roles
+
 # we dont want this added too early in setup, so we add the onlyif to verify 'startup_states: highstate'
 # is in the minion config. That line is added before the final highstate during setup
 sosyncusers:
@@ -95,13 +99,13 @@ so-soc:
     - name: so-soc
     - binds:
       - /nsm/soc/jobs:/opt/sensoroni/jobs:rw
+      - /opt/so/log/soc/:/opt/sensoroni/logs/:rw
       - /opt/so/conf/soc/soc.json:/opt/sensoroni/sensoroni.json:ro
       - /opt/so/conf/soc/motd.md:/opt/sensoroni/html/motd.md:ro
       - /opt/so/conf/soc/banner.md:/opt/sensoroni/html/login/banner.md:ro
       - /opt/so/conf/soc/custom.js:/opt/sensoroni/html/js/custom.js:ro
       - /opt/so/conf/soc/custom_roles:/opt/sensoroni/rbac/custom_roles:ro
       - /opt/so/conf/soc/soc_users_roles:/opt/sensoroni/rbac/users_roles:rw
-      - /opt/so/log/soc/:/opt/sensoroni/logs/:rw
     {%- if salt['pillar.get']('nodestab', {}) %}
     - extra_hosts:
       {%- for SN, SNDATA in salt['pillar.get']('nodestab', {}).items() %}
@@ -112,6 +116,15 @@ so-soc:
       - 0.0.0.0:9822:9822
     - watch:
       - file: /opt/so/conf/soc/*
+    - require:
+      - file: socdatadir
+      - file: soclogdir
+      - file: socconfig
+      - file: socmotd
+      - file: socbanner
+      - file: soccustom
+      - file: soccustomroles
+      - file: socusersroles
 
 append_so-soc_so-status.conf:
   file.append:
@@ -154,6 +167,14 @@ kratossync:
     - file_mode: 600
     - template: jinja
 
+kratos_schema:
+  file.exists:
+    - name: /opt/so/conf/kratos/schema.json
+  
+kratos_yaml:
+  file.exists:
+    - name: /opt/so/conf/kratos/kratos.yaml
+
 so-kratos:
   docker_container.running:
     - image: {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-kratos:{{ VERSION }}
@@ -169,6 +190,11 @@ so-kratos:
       - 0.0.0.0:4434:4434
     - watch:
       - file: /opt/so/conf/kratos
+    - require:
+      - file: kratos_schema
+      - file: kratos_yaml
+      - file: kratoslogdir
+      - file: kratosdir
 
 append_so-kratos_so-status.conf:
   file.append: