Initial Oracle support

2025-12-08 10:12:53 +01:00 · 2023-07-13 10:04:55 -04:00
parent 68f5c9965a
commit a0b6e1076f
2 changed files with 79 additions and 0 deletions
--- a/salt/repo/client/files/oracle/yum.conf.jinja
+++ b/salt/repo/client/files/oracle/yum.conf.jinja
@@ -0,0 +1,17 @@
+{% set proxy = salt['pillar.get']('manager:proxy') -%}
+[main]
+cachedir=/var/cache/yum/$basearch/$releasever
+keepcache=0
+debuglevel=2
+logfile=/var/log/yum.log
+exactarch=1
+obsoletes=1
+gpgcheck=1
+plugins=1
+installonly_limit={{ salt['pillar.get']('yum:config:installonly_limit', 2) }}
+bugtracker_url=http://bugs.centos.org/set_project.php?project_id=23&ref=http://bugs.centos.org/bug_report_page.php?category=yum
+distroverpkg=oraclelinux-release
+clean_requirements_on_remove=1
+{%- if proxy %}
+proxy={{ proxy }}
+{%- endif %}
--- a/salt/repo/client/oracle.sls
+++ b/salt/repo/client/oracle.sls
@@ -0,0 +1,62 @@
+# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
+# or more contributor license agreements. Licensed under the Elastic License 2.0; you may not use
+# this file except in compliance with the Elastic License 2.0.
+
+{% from 'repo/client/map.jinja' import ABSENTFILES with context %}
+{% from 'repo/client/map.jinja' import REPOPATH with context %}
+{% from 'vars/globals.map.jinja' import GLOBALS %}
+
+{% set role = grains.id.split('_') | last %}
+{% set MANAGER = salt['grains.get']('master') %}
+{% if grains['os'] == 'OEL' %}
+
+{% if ABSENTFILES|length > 0%}
+  {% for file in ABSENTFILES  %}
+{{ file }}:
+  file.absent:
+    - name: {{ REPOPATH }}{{ file }}
+    - onchanges_in:
+      - cmd: cleandnf
+  {% endfor %}
+{% endif %}
+
+cleandnf:
+  cmd.run:
+    - name: 'dnf clean all'
+    - onchanges:
+      - so_repo
+      
+yumconf:
+  file.managed:
+    - name: /etc/yum.conf
+    - source: salt://repo/client/files/oracle/yum.conf.jinja
+    - mode: 644
+    - template: jinja
+    - show_changes: False
+
+repair_yumdb:
+  cmd.run:
+    - name: 'mv -f /var/lib/rpm/__db* /tmp && yum clean all'
+    - onlyif:
+      - 'yum check-update 2>&1 | grep "Error: rpmdb open failed"'
+
+crsynckeys:
+  file.recurse:
+    - name: /etc/pki/rpm-gpg
+    - source: salt://repo/client/files/oracle/keys/
+
+so_repo:
+  pkgrepo.managed:
+    - name: securityonion
+    - humanname: Security Onion Repo
+  {% if GLOBALS.role in ['so-eval', 'so-standalone', 'so-import', 'so-manager', 'so-managersearch'] %}
+    - baseurl: file:///nsm/repo/
+  {% else %}
+    - baseurl: https://{{ GLOBALS.repo_host }}/repo
+  {% endif %}
+    - enabled: 1
+    - gpgcheck: 1
+
+{% endif %}
+  
+# TODO: Add a pillar entry for custom repos