CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

wait for the salt-minion service to be ready for requests prior to running ssl state

Browse Source
This commit is contained in:
m0duspwnens
2021-12-29 11:18:38 -05:00
parent 22afe99719
commit b027da6378
1 changed files with 12 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
setup/so-functions
View File

@@ -1033,6 +1033,7 @@ copy_minion_tmp_files() {
} >> "$setup_log" 2>&1 } >> "$setup_log" 2>&1
;; ;;
esac esac
salt-call saltutil.sync_modules >> "$setup_log" 2>&1
} }
copy_ssh_key() { copy_ssh_key() {
@@ -1443,9 +1444,13 @@ generate_ca() {
generate_ssl() { generate_ssl() {
{ {
# if the install type is a manager then we need to wait for the minion to be ready before trying
# to run the ssl state since we need the minion to sign the certs
if [[ "$install_type" =~ ^(EVAL|MANAGER|MANAGERSEARCH|STANDALONE|IMPORT|HELIXSENSOR)$ ]]; then
wait_for_salt_minion
fi
echo "Applying SSL state"; echo "Applying SSL state";
salt-call state.apply ssl; salt-call state.apply ssl;
salt-call saltutil.sync_modules;
} >> "$setup_log" 2>&1 } >> "$setup_log" 2>&1
} }
@@ -2787,6 +2792,12 @@ wait_for_file() {
return 1 return 1
} }
wait_for_salt_minion() {
retry 60 5 "journalctl -u salt-minion.service | grep 'Minion is ready to receive requests'" >> "$setup_log" 2>&1 || exit 1
}
# Enable Zeek Logs # Enable Zeek Logs
zeek_logs_enabled() { zeek_logs_enabled() {
echo "Enabling Zeek Logs" >> "$setup_log" 2>&1 echo "Enabling Zeek Logs" >> "$setup_log" 2>&1