make influxdb token accessible to all nodes

2025-12-06 17:22:49 +01:00 · 2023-03-06 13:50:17 -05:00
parent e3f9b5297a
commit b6d55bedc8
6 changed files with 10 additions and 6 deletions
--- a/pillar/top.sls
+++ b/pillar/top.sls
@@ -10,6 +10,7 @@ base:
    - sensoroni.adv_sensoroni
    - telegraf.soc_telegraf
    - telegraf.adv_telegraf
    - influxdb.token
    - node_data.ips
  '* and not *_eval and not *_import':
--- a/salt/influxdb/curl.config.jinja
+++ b/salt/influxdb/curl.config.jinja
@@ -1 +1 @@
-header = "Authorization: Token {{ salt['pillar.get']('secrets:influx_token') }}"
+header = "Authorization: Token {{ salt['pillar.get']('influxdb:token') }}"
--- a/salt/influxdb/init.sls
+++ b/salt/influxdb/init.sls
@@ -6,7 +6,7 @@
 {% if grains['role'] in ['so-manager', 'so-managersearch', 'so-standalone', 'so-eval', 'so-import'] %}
 {% set PASSWORD = salt['pillar.get']('secrets:influx_pass') %}
-{% set TOKEN = salt['pillar.get']('secrets:influx_token') %}
+{% set TOKEN = salt['pillar.get']('influxdb:token') %}
 include:
  - salt.minion
--- a/salt/soc/defaults.map.jinja
+++ b/salt/soc/defaults.map.jinja
@@ -1,7 +1,7 @@
 {% import_yaml 'soc/defaults.yaml' as SOCDEFAULTS %}
 {% from 'vars/globals.map.jinja' import GLOBALS %}
 {% from 'docker/docker.map.jinja' import DOCKER -%}
-{% set INFLUXDB_TOKEN = salt['pillar.get']('secrets:influx_token') %}
+{% set INFLUXDB_TOKEN = salt['pillar.get']('influxdb:token') %}
 {% import_text 'influxdb/metrics_link.txt' as METRICS_LINK %}
 {% for module, application_url in GLOBALS.application_urls.items() %}
--- a/salt/telegraf/etc/telegraf.conf
+++ b/salt/telegraf/etc/telegraf.conf
@@ -2,7 +2,7 @@
 {%- set INFLUXDBHOST = GLOBALS.influxdb_host %}
 {%- set ES_USER = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:user', '') %}
 {%- set ES_PASS = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:pass', '') %}
-{%- set TOKEN = salt['pillar.get']('secrets:influx_token', '') %}
+{%- set TOKEN = salt['pillar.get']('influxdb:token', '') %}
 {%- set NODEIP = GLOBALS.node_ip %}
 {%- set UNIQUEID = salt['pillar.get']('sensor:uniqueid', '') %}
 {%- set ZEEK_ENABLED = salt['pillar.get']('zeek:enabled', True) %}
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -899,6 +899,7 @@ create_manager_pillars() {
 	kratos_pillar
 	soc_pillar
 	idh_pillar
 	influxdb_pillar
 }
@@ -1538,6 +1539,9 @@ influxdb_pillar() {
 	title "Create the influxdb pillar file"
 	touch $adv_influxdb_pillar_file
 	touch $influxdb_pillar_file
 	printf '%s\n'\
 		"influxdb:"\
 		"  token: $INFLUXTOKEN" > $local_salt_dir/pillar/influxdb/token.sls
 }
 make_some_dirs() {
@@ -2066,8 +2070,7 @@ secrets_pillar(){
 		"  playbook_admin: $PLAYBOOKADMINPASS"\
 		"  playbook_automation: $PLAYBOOKAUTOMATIONPASS"\
 		"  playbook_automation_api_key: "\
-		"  influx_pass: $INFLUXPASS"\
+		"  influx_pass: $INFLUXPASS" > $local_salt_dir/pillar/secrets.sls
 		"  influx_token: $INFLUXTOKEN" > $local_salt_dir/pillar/secrets.sls
  fi
 }
`@@ -1 +1 @@`
	`header = "Authorization: Token {{ salt['pillar.get']('secrets:influx_token') }}"`	`header = "Authorization: Token {{ salt['pillar.get']('influxdb:token') }}"`