CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-15 21:52:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Firewall fixup

Browse Source
This commit is contained in:
Josh Brower
2023-04-15 18:33:44 -04:00
parent 92a6eac976
commit a7d282b412
4 changed files with 131 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
salt/elasticfleet/init.sls
View File

@@ -76,18 +76,18 @@ so-elastic-fleet:
- {{ BINDING }}
{% endfor %}
- binds:
- /opt/so/conf/elastic-fleet/certs:/etc/pki:ro
- /opt/so/conf/elastic-fleet/state:/usr/share/elastic-agent/state:rw
- /etc/pki:/etc/pki:ro
#- /opt/so/conf/elastic-fleet/state:/usr/share/elastic-agent/state:rw
- environment:
- FLEET_SERVER_ENABLE=true
- FLEET_URL=https://{{ GLOBALS.node_ip }}:8220
- FLEET_SERVER_ELASTICSEARCH_HOST=https://{{ GLOBALS.manager }}:9200
- FLEET_SERVER_SERVICE_TOKEN={{ SERVICETOKEN }}
- FLEET_SERVER_POLICY_ID=FleetServer_{{ GLOBALS.hostname }}
- FLEET_SERVER_ELASTICSEARCH_CA=/etc/pki/intca.crt
- FLEET_SERVER_ELASTICSEARCH_CA=/etc/pki/tls/certs/intca.crt
- FLEET_SERVER_CERT=/etc/pki/elasticfleet.crt
- FLEET_SERVER_CERT_KEY=/etc/pki/elasticfleet.key
- FLEET_CA=/etc/pki/intca.crt
- FLEET_CA=/etc/pki/tls/certs/intca.crt
{% endif %}
append_so-elastic-fleet_so-status.conf: