From c3cde61202507f177f30212fa75d8b258e6da671 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Wed, 18 Oct 2023 15:01:26 -0400
Subject: [PATCH] docker service watches and requires the intca

---
 salt/docker/init.sls | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/salt/docker/init.sls b/salt/docker/init.sls
index 45ba4a1ac..769c58af8 100644
--- a/salt/docker/init.sls
+++ b/salt/docker/init.sls
@@ -6,6 +6,9 @@
 {% from 'docker/docker.map.jinja' import DOCKER %}
 {% from 'vars/globals.map.jinja' import GLOBALS %}
 
+# include ssl since docker service requires the intca
+include:
+  - ssl
 
 dockergroup:
   group.present:
@@ -86,6 +89,11 @@ docker_running:
     - enable: True
     - watch:
       - file: docker_daemon
+      - x509: trusttheca
+    - require:
+      - file: docker_daemon
+      - x509: trusttheca
+
 
 # Reserve OS ports for Docker proxy in case boot settings are not already applied/present
 # 57314 = Strelka, 47760-47860 = Zeek