remove role logic

2025-12-09 02:32:46 +01:00 · 2022-01-26 10:26:52 -05:00
parent 8aa002b82e
commit a43fb293fc
3 changed files with 2 additions and 52 deletions
--- a/salt/ssl/remove.sls
+++ b/salt/ssl/remove.sls
@@ -1,23 +1,7 @@
-# Trust the CA
 trusttheca:
  file.absent:
    - name: /etc/ssl/certs/intca.crt

-removefbcertdir:
-  file.absent:
-    - name: /etc/pki/filebeat.crt 
-    - onlyif: "[ -d /etc/pki/filebeat.crt ]"
-
-removefbp8dir:
-  file.absent:
-    - name: /etc/pki/filebeat.p8 
-    - onlyif: "[ -d /etc/pki/filebeat.p8 ]"
-
-removeesp12dir:
-  file.absent:
-    - name: /etc/pki/elasticsearch.p12
-    - onlyif: "[ -d /etc/pki/elasticsearch.p12 ]"
-    
 influxdb_key:
  file.absent:
    - name: /etc/pki/influxdb.key
@@ -26,7 +10,6 @@ influxdb_crt:
  file.absent:
    - name: /etc/pki/influxdb.crt

-{% if grains['role'] in ['so-manager', 'so-eval', 'so-helix', 'so-managersearch', 'so-standalone', 'so-import', 'so-heavynode', 'so-fleet', 'so-receiver'] %}
 redis_key:
  file.absent:
    - name: /etc/pki/redis.key
@@ -34,9 +17,7 @@ redis_key:
 redis_crt:
  file.absent:
    - name: /etc/pki/redis.crt
-{% endif %}

-{% if grains['role'] in ['so-manager', 'so-eval', 'so-helix', 'so-managersearch', 'so-standalone', 'so-import', 'so-heavynode', 'so-receiver'] %}
 etc_filebeat_key:
  file.absent:
    - name: /etc/pki/filebeat.key
@@ -45,7 +26,6 @@ etc_filebeat_crt:
  file.absent:
    - name: /etc/pki/filebeat.crt

-  {% if grains.role not in ['so-heavynode', 'so-receiver'] %}
 filebeatdir:
  file.absent:
    - name: /opt/so/saltstack/local/salt/filebeat/files
@@ -58,9 +38,6 @@ registry_crt:
  file.absent:
    - name: /etc/pki/registry.crt

-  {% endif %}
-
-  {% if grains.role not in ['so-receiver'] %}
 /etc/pki/elasticsearch.key:
  file.absent: []

@@ -79,8 +56,6 @@ managerssl_crt:
  file.absent:
    - name: /etc/pki/managerssl.crt

-  {% endif %}
-
 fleet_key:
  file.absent:
    - name: /etc/pki/fleet.key
@@ -89,17 +64,9 @@ fleet_crt:
  file.absent:
    - name: /etc/pki/fleet.crt

-{% endif %}
-
-{% if grains['role'] in ['so-sensor', 'so-manager', 'so-node', 'so-eval', 'so-helix', 'so-managersearch', 'so-heavynode', 'so-fleet', 'so-standalone', 'so-import', 'so-receiver'] %}
-   
 fbcertdir:
  file.absent:
    - name: /opt/so/conf/filebeat/etc/pki
-    
-{% endif %}
-
-{% if grains['role'] == 'so-fleet' %}

 managerssl_key:
  file.absent:
@@ -117,10 +84,6 @@ fleet_crt:
  file.absent:
    - name: /etc/pki/fleet.crt

-{% endif %}
-
-{% if grains['role'] == 'so-node' %}
-
 /etc/pki/elasticsearch.key:
  file.absent: []

@@ -130,5 +93,3 @@ fleet_crt:
 remove_elastic.p12:
  file.absent:
    - name: /etc/pki/elasticsearch.p12
-
-{%- endif %}