From 9980d0284473eee7bc8d51c74c8f0fae791e6785 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Wed, 12 Aug 2020 15:38:19 -0400 Subject: [PATCH] Elastic Transport TLSgit add . --- salt/elasticsearch/files/sotls.yaml | 2 +- salt/elasticsearch/init.sls | 12 ++++++++++-- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/salt/elasticsearch/files/sotls.yaml b/salt/elasticsearch/files/sotls.yaml index 1b6353856..6fee1e8e2 100644 --- a/salt/elasticsearch/files/sotls.yaml +++ b/salt/elasticsearch/files/sotls.yaml @@ -1,4 +1,4 @@ -keystore.path: /etc/pki/ca-trust/extracted/java/sokeys +keystore.path: /usr/share/elasticsearch/config/sokeys keystore.password: changeit keystore.algorithm: SunX509 truststore.path: /etc/pki/ca-trust/extracted/java/cacerts diff --git a/salt/elasticsearch/init.sls b/salt/elasticsearch/init.sls index 5bc9ddbb6..7cb887b05 100644 --- a/salt/elasticsearch/init.sls +++ b/salt/elasticsearch/init.sls @@ -139,6 +139,13 @@ esyml: - group: 939 - template: jinja +sotls: + file.managed: + - name: /opt/so/conf/elasticsearch/sotls.yml + - source: salt://elasticsearch/files/sotls.yml + - user: 930 + - group: 939 + #sync templates to /opt/so/conf/elasticsearch/templates {% for TEMPLATE in TEMPLATES %} es_template_{{TEMPLATE.split('.')[0] | replace("/","_") }}: @@ -200,8 +207,9 @@ so-elasticsearch: - /opt/so/log/elasticsearch:/var/log/elasticsearch:rw - /opt/so/conf/ca/cacerts:/etc/pki/ca-trust/extracted/java/cacerts:ro - /etc/pki/ca.crt:/usr/share/elasticsearch/config/ca.crt:ro - - /etc/pki/elasticsearch.key:/usr/share/elasticsearch/config/elasticsearch.key:ro - - /etc/pki/elasticsearch.crt:/usr/share/elasticsearch/config/elasticsearch.crt:ro + - /etc/pki/elasticsearch.p12:/usr/share/elasticsearch/config/elasticsearch.p12:ro + - /opt/so/conf/elasticsearch/sotls.yml:/usr/share/elasticsearch/config/sotls.yml:ro + - watch: - file: cacertz