CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'dev' of https://github.com/Security-Onion-Solutions/securityonion-saltstack into dev

Browse Source
This commit is contained in:
m0duspwnens
2020-05-21 09:09:12 -04:00
parent b3ccba4c7e 35646b7945
commit ba9ff34cff
7 changed files with 29 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
salt/patch/os/init.sls
View File

@@ -1,7 +1,4 @@
include: include:
{% if grains.os == "CentOS" %}
- yum.packages
{% endif %}
- patch.needs_restarting - patch.needs_restarting
patch_os: patch_os:

5
salt/top.sls
View File

@@ -11,6 +11,11 @@
base: base:
'os:CentOS':
- match: grain
- yum.packages
'*': '*':
- salt - salt
- docker - docker

13
salt/wazuh/init.sls
View File

@@ -43,6 +43,14 @@ ossec:
# - user: 945 # - user: 945
# - group: 945 # - group: 945
wazuhpkgs:
pkg.installed:
- skip_suggestions: False
- pkgs:
- wazuh-agent: 3.10.2-1
- hold: True
- update_holds: True
# Add Wazuh agent conf # Add Wazuh agent conf
wazuhagentconf: wazuhagentconf:
file.managed: file.managed:
@@ -72,6 +80,11 @@ wazuhmgrwhitelist:
- mode: 755 - mode: 755
- template: jinja - template: jinja
wazuhagentservice:
service.running:
- name: wazuh-agent
- enable: True
so-wazuh: so-wazuh:
docker_container.running: docker_container.running:
- image: {{ MASTER }}:5000/soshybridhunter/so-wazuh:{{ VERSION }} - image: {{ MASTER }}:5000/soshybridhunter/so-wazuh:{{ VERSION }}

4
salt/yum/packages.sls
View File

@@ -1,3 +1,7 @@
install_yum_utils: install_yum_utils:
pkg.installed: pkg.installed:
- name: yum-utils - name: yum-utils
install_yum_versionlock:
pkg.installed:
- name: yum-plugin-versionlock

13
setup/so-setup
View File

@@ -354,7 +354,6 @@ fi
set_progress_str 22 'Generating CA and checking in' set_progress_str 22 'Generating CA and checking in'
salt_checkin >> $setup_log 2>&1 salt_checkin >> $setup_log 2>&1
if [[ $is_master || $is_helix ]]; then if [[ $is_master || $is_helix ]]; then
set_progress_str 25 'Configuring firewall' set_progress_str 25 'Configuring firewall'
set_initial_firewall_policy >> $setup_log 2>&1 set_initial_firewall_policy >> $setup_log 2>&1
@@ -379,6 +378,11 @@ fi
set_progress_str 62 "$(print_salt_state_apply 'firewall')" set_progress_str 62 "$(print_salt_state_apply 'firewall')"
salt-call state.apply -l info firewall >> $setup_log 2>&1 salt-call state.apply -l info firewall >> $setup_log 2>&1
if [ $OS = 'centos' ]; then
set_progress_str 63 'Installing Yum utilities'
salt-call state.apply -l info yum.packages >> $setup_log 2>&1
fi
set_progress_str 63 "$(print_salt_state_apply 'common')" set_progress_str 63 "$(print_salt_state_apply 'common')"
salt-call state.apply -l info common >> $setup_log 2>&1 salt-call state.apply -l info common >> $setup_log 2>&1
@@ -429,13 +433,6 @@ fi
fi fi
if [[ "$WAZUH" = 1 ]]; then if [[ "$WAZUH" = 1 ]]; then
if [ $OS = 'centos' ]; then
yum -y install wazuh-agent-3.10.2-1 >> "$setup_log" 2>&1
echo "exclude=wazuh-agent" >> /etc/yum.repos.d/wazuh.repo
else
apt-get -y install wazuh-agent=3.10.2-1 >> "$setup_log" 2>&1
apt-mark hold wazuh-agent >> "$setup_log" 2>&1
fi
set_progress_str 75 "$(print_salt_state_apply 'wazuh')" set_progress_str 75 "$(print_salt_state_apply 'wazuh')"
salt-call state.apply -l info wazuh >> $setup_log 2>&1 salt-call state.apply -l info wazuh >> $setup_log 2>&1
fi fi