CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

additional changes for managerhype

Browse Source
This commit is contained in:
Josh Patterson
2025-03-13 10:55:49 -04:00
parent 44a5b3b1e5
commit c93a5de460
5 changed files with 7 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pillar/hypervisor/nodes.sls
View File

@@ -1,7 +1,7 @@
{% set node_types = {} %} {% set node_types = {} %}
{% for minionid, ip in salt.saltutil.runner( {% for minionid, ip in salt.saltutil.runner(
'mine.get', 'mine.get',
tgt='G@role:so-hypervisor', tgt='G@role:so-hypervisor or G@role:so-managerhype',
fun='network.ip_addrs', fun='network.ip_addrs',
tgt_type='compound') | dictsort() tgt_type='compound') | dictsort()
%} %}

2
salt/libvirt/packages.sls
View File

@@ -42,7 +42,7 @@ libvirt_python_module:
- onchanges: - onchanges:
- file: libvirt_python_wheel - file: libvirt_python_wheel
{% if 'hyper' in grains.id.split('_') | last %} {% if 'hype' in grains.id.split('_') | last %}
# provides virsh # provides virsh
install_libvirt-client: install_libvirt-client:

4
salt/libvirt/ssh/users.sls
View File

@@ -21,7 +21,9 @@ qemu_ssh_client_config:
- name: /root/.ssh/config - name: /root/.ssh/config
- source: salt://libvirt/ssh/files/config - source: salt://libvirt/ssh/files/config
{% else %} {% endif %}
{% if GLOBALS.role in ['so-hypervisor', 'so-managerhype'] %}
# used for qemu+ssh connection between manager and hypervisors # used for qemu+ssh connection between manager and hypervisors
create_soqemussh_user: create_soqemussh_user:

13
salt/salt/master.sls
View File

@@ -86,19 +86,6 @@ salt_master_service:
- file: engines_config - file: engines_config
- order: last - order: last
{#
# we need to managed adding the following to salt-master config if there are hypervisors
reactor:
- 'salt/key':
- salt://reactor/check_hypervisor.sls
- 'salt/cloud/*/deploying':
- /opt/so/saltstack/default/salt/reactor/createEmptyPillar.sls
- 'setup/so-minion':
- /opt/so/saltstack/default/salt/reactor/sominion_setup.sls
- 'salt/cloud/*/destroyed':
- /opt/so/saltstack/default/salt/reactor/deleteKey.sls
#}
{% else %} {% else %}
{{sls}}_state_not_allowed: {{sls}}_state_not_allowed:

4
salt/salt/mine_functions.sls
View File

@@ -8,7 +8,7 @@
# this state is included in the salt.minion state # this state is included in the salt.minion state
{% set role = salt['grains.get']('role', '') %} {% set role = salt['grains.get']('role', '') %}
{% if role == 'so-hypervisor' -%} {% if role in ['so-hypervisor','so-managerhype'] and salt['network.ip_addrs']('br0')|length > 0 -%}
{% set interface = 'br0' %} {% set interface = 'br0' %}
{% else %} {% else %}
{% set interface = pillar.host.mainint %} {% set interface = pillar.host.mainint %}
@@ -22,7 +22,7 @@ mine_functions:
mine_functions: mine_functions:
network.ip_addrs: network.ip_addrs:
- interface: {{ interface }} - interface: {{ interface }}
{%- if role in ['so-eval','so-import','so-manager','so-managersearch','so-standalone'] %} {%- if role in ['so-eval','so-import','so-manager','so-managerhype','so-managersearch','so-standalone'] %}
x509.get_pem_entries: x509.get_pem_entries:
- glob_path: '/etc/pki/ca.crt' - glob_path: '/etc/pki/ca.crt'
{% endif -%} {% endif -%}