Add some manager logic

salt/common/init.sls

@@ -3,6 +3,7 @@
 
 {% set role = grains.id.split('_') | last %}
 {% set managerupdates = salt['pillar.get']('global:managerupdate', '0') %}
+{% set ISAIRGAP = salt['pillar.get']('global:airgap', False) %}
 
 # Remove variables.txt from /tmp - This is temp
 rmvariablesfile:
@@ -125,6 +126,7 @@ crwazrepo:
   file.absent:
     - name: /etc/yum.repos.d/wazuh.repo
 
+{% if not ISAIRGAP %}
 crsecurityonionrepo:
   file.managed:
     {% if role in ['eval', 'standalone', 'import', 'manager', 'managersearch'] or managerupdates == 0 %}
@@ -137,6 +139,7 @@ crsecurityonionrepo:
     - mode: 644
 
 {% endif %}
+{% endif %}
 
 # Install common packages
 {% if grains['os'] != 'CentOS' %}     

setup/so-functions

@@ -48,7 +48,11 @@ airgap_repo() {
 	# Remove all the repo files
 	rm -rf /etc/yum.repos.d/*
 	echo "[airgap_repo]" > /etc/yum./repos.d/airgap_repo.repo
-    echo "baseurl=https://$MSRV/repo" >> /etc/yum.repos.d/airgap_repo.repo
+	if $is_manager; then
+	    echo "baseurl=https://$HOSTNAME/repo" >> /etc/yum.repos.d/airgap_repo.repo
+	else
+        echo "baseurl=https://$MSRV/repo" >> /etc/yum.repos.d/airgap_repo.repo
+	fi
     echo "gpgcheck=1" >> /etc/yum.repos.d/airgap_repo.repo
     echo "sslverify=0" >> /etc/yum.repos.d/airgap_repo.repo
     echo "name=Airgap Repo" >> /etc/yum.repos.d/airgap_repo.repo