CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

combine client repo management into 1 state

Browse Source
This commit is contained in:
m0duspwnens
2021-04-12 14:31:41 -04:00
parent ecda46c04b
commit 9240d376f3
15 changed files with 104 additions and 180 deletions
Download Patch File Download Diff File Expand all files Collapse all files

83
salt/common/init.sls
View File

@@ -2,8 +2,6 @@
{% if sls in allowed_states %}
{% set role = grains.id.split('_') | last %}
{% set managerupdates = salt['pillar.get']('global:managerupdate', '0') %}
{% set ISAIRGAP = salt['pillar.get']('global:airgap', False) %}
# Remove variables.txt from /tmp - This is temp
rmvariablesfile:
@@ -66,87 +64,6 @@ salttmp:
- group: 939
- makedirs: True
# Remove default Repos
{% if grains['os'] == 'CentOS' %}
repair_yumdb:
cmd.run:
- name: 'mv -f /var/lib/rpm/__db* /tmp && yum clean all'
- onlyif:
- 'yum check-update 2>&1 | grep "Error: rpmdb open failed"'
crsynckeys:
file.recurse:
- name: /etc/pki/rpm_gpg
- source: salt://common/keys/
crbase:
file.absent:
- name: /etc/yum.repos.d/CentOS-Base.repo
crcr:
file.absent:
- name: /etc/yum.repos.d/CentOS-CR.repo
crdebug:
file.absent:
- name: /etc/yum.repos.d/CentOS-Debuginfo.repo
crdockerce:
file.absent:
- name: /etc/yum.repos.d/docker-ce.repo
crfasttrack:
file.absent:
- name: /etc/yum.repos.d/CentOS-fasttrack.repo
crmedia:
file.absent:
- name: /etc/yum.repos.d/CentOS-Media.repo
crsources:
file.absent:
- name: /etc/yum.repos.d/CentOS-Sources.repo
crvault:
file.absent:
- name: /etc/yum.repos.d/CentOS-Vault.repo
crkernel:
file.absent:
- name: /etc/yum.repos.d/CentOS-x86_64-kernel.repo
crepel:
file.absent:
- name: /etc/yum.repos.d/epel.repo
crtesting:
file.absent:
- name: /etc/yum.repos.d/epel-testing.repo
crssrepo:
file.absent:
- name: /etc/yum.repos.d/saltstack.repo
crwazrepo:
file.absent:
- name: /etc/yum.repos.d/wazuh.repo
{% if not ISAIRGAP %}
crsecurityonionrepo:
file.managed:
{% if role in ['eval', 'standalone', 'import', 'manager', 'managersearch'] or managerupdates == 0 %}
- name: /etc/yum.repos.d/securityonion.repo
- source: salt://common/yum_repos/securityonion.repo
{% else %}
- name: /etc/yum.repos.d/securityonioncache.repo
- source: salt://common/yum_repos/securityonioncache.repo
{% endif %}
- mode: 644
{% endif %}
{% endif %}
# Install common packages
{% if grains['os'] != 'CentOS' %}
commonpkgs: