CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

change perms on mysql

Browse Source
This commit is contained in:
m0duspwnens
2021-10-25 15:37:23 -04:00
parent ee7e714f43
commit 9a78d13bee
2 changed files with 18 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
salt/mysql/etc/mypass
View File

@@ -1,2 +1 @@
{%- set MYSQLPASS = salt['pillar.get']('secrets:mysql', None) -%}
{{ MYSQLPASS }}

24
salt/mysql/init.sls
View File

@@ -45,14 +45,24 @@ mysqlpiddir:
- group: 939
- makedirs: True
mysqletc:
file.recurse:
- name: /opt/so/conf/mysql/etc
- source: salt://mysql/etc
mysqlcnf:
file.managed:
- name: /opt/so/conf/mysql/etc/my.cnf
- source: salt://mysql/etc/my.cnf
- user: 939
- group: 939
- file_mode: 640
mysqlpass:
file.managed:
- name: /opt/so/conf/mysql/etc/mypass
- source: salt://mysql/etc/mypass
- user: 939
- group: 939
- template: jinja
- file_mode: 640
- defaults:
MYSQLPASS: {{ MYSQLPASS }}
mysqllogdir:
file.directory:
@@ -89,13 +99,15 @@ so-mysql:
- MYSQL_ROOT_HOST={{ MAINIP }}
- MYSQL_ROOT_PASSWORD=/etc/mypass
- binds:
- /opt/so/conf/mysql/etc/:/etc/:ro
- /opt/so/conf/mysql/etc/my.cnf:/etc/my.cnf:ro
- /opt/so/conf/mysql/etc/mypass:/etc/mypass
- /nsm/mysql:/var/lib/mysql:rw
- /opt/so/log/mysql:/var/log/mysql:rw
- watch:
- /opt/so/conf/mysql/etc
- require:
- file: mysqletc
- file: mysqlcnf
- file: mysqlpass
cmd.run:
- name: until nc -z {{ MAINIP }} 3306; do sleep 1; done
- timeout: 600