CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

use generate_ca and generate_ssl functions and move them up

Browse Source
This commit is contained in:
m0duspwnens
2023-10-18 16:35:33 -04:00
parent ac28e1b967
commit a52ee063e5
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
setup/so-setup
View File

@@ -718,7 +718,7 @@ if ! [[ -f $install_opt_file ]]; then
# this is done before the salt.master state puts the checkmine engine in place and starts # this is done before the salt.master state puts the checkmine engine in place and starts
# checking for a valid ca in the mine for the manager # checking for a valid ca in the mine for the manager
# the minion ip will already be in the mine from configure_minion function in so-functions # the minion ip will already be in the mine from configure_minion function in so-functions
logCmd "salt-call state.apply ca" generate_ca
# this will apply the salt.minion state first since salt.master includes salt.minion # this will apply the salt.minion state first since salt.master includes salt.minion
logCmd "salt-call state.apply salt.master" logCmd "salt-call state.apply salt.master"
# wait here until we get a response from the salt-master since it may have just restarted # wait here until we get a response from the salt-master since it may have just restarted
@@ -727,6 +727,7 @@ if ! [[ -f $install_opt_file ]]; then
# this will also call the ssl state since docker requires the intca # this will also call the ssl state since docker requires the intca
# the salt-minion service will need to be up on the manager to sign requests # the salt-minion service will need to be up on the manager to sign requests
generate_ssl
logCmd "salt-call state.apply docker" logCmd "salt-call state.apply docker"
firewall_generate_templates firewall_generate_templates
set_initial_firewall_policy set_initial_firewall_policy
@@ -734,8 +735,6 @@ if ! [[ -f $install_opt_file ]]; then
title "Downloading Elastic Agent Artifacts" title "Downloading Elastic Agent Artifacts"
download_elastic_agent_artifacts download_elastic_agent_artifacts
generate_ca
generate_ssl
logCmd "salt-call state.apply -l info firewall" logCmd "salt-call state.apply -l info firewall"
# create these so the registry state can add so-registry to /opt/so/conf/so-status/so-status.conf # create these so the registry state can add so-registry to /opt/so/conf/so-status/so-status.conf