mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-06 09:12:45 +01:00
repo for rocky
This commit is contained in:
m0duspwnens
29
salt/repo/client/files/rocky/keys/RPM-GPG-KEY-rockyofficial
Normal file
29
salt/repo/client/files/rocky/keys/RPM-GPG-KEY-rockyofficial
Normal file
@@ -0,0 +1,29 @@
|
|||||||
|
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||||
|
|
||||||
|
mQINBGAofzYBEAC6yS1azw6f3wmaVd//3aSy6O2c9+jeetulRQvg2LvhRRS1eNqp
|
||||||
|
/x9tbBhfohu/tlDkGpYHV7diePgMml9SZDy1sKlI3tDhx6GZ3xwF0fd1vWBZpmNk
|
||||||
|
D9gRkUmYBeLotmcXQZ8ZpWLicosFtDpJEYpLUhuIgTKwt4gxJrHvkWsGQiBkJxKD
|
||||||
|
u3/RlL4IYA3Ot9iuCBflc91EyAw1Yj0gKcDzbOqjvlGtS3ASXgxPqSfU0uLC9USF
|
||||||
|
uKDnP2tcnlKKGfj0u6VkqISliSuRAzjlKho9Meond+mMIFOTT6qp4xyu+9Dj3IjZ
|
||||||
|
IC6rBXRU3xi8z0qYptoFZ6hx70NV5u+0XUzDMXdjQ5S859RYJKijiwmfMC7gZQAf
|
||||||
|
OkdOcicNzen/TwD/slhiCDssHBNEe86Wwu5kmDoCri7GJlYOlWU42Xi0o1JkVltN
|
||||||
|
D8ZId+EBDIms7ugSwGOVSxyZs43q2IAfFYCRtyKHFlgHBRe9/KTWPUrnsfKxGJgC
|
||||||
|
Do3Yb63/IYTvfTJptVfhQtL1AhEAeF1I+buVoJRmBEyYKD9BdU4xQN39VrZKziO3
|
||||||
|
hDIGng/eK6PaPhUdq6XqvmnsZ2h+KVbyoj4cTo2gKCB2XA7O2HLQsuGduHzYKNjf
|
||||||
|
QR9j0djjwTrsvGvzfEzchP19723vYf7GdcLvqtPqzpxSX2FNARpCGXBw9wARAQAB
|
||||||
|
tDNSZWxlYXNlIEVuZ2luZWVyaW5nIDxpbmZyYXN0cnVjdHVyZUByb2NreWxpbnV4
|
||||||
|
Lm9yZz6JAk4EEwEIADgWIQRwUcRwqSn0VM6+N7cVr12sbXRaYAUCYCh/NgIbDwUL
|
||||||
|
CQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRAVr12sbXRaYLFmEACSMvoO1FDdyAbu
|
||||||
|
1m6xEzDhs7FgnZeQNzLZECv2j+ggFSJXezlNVOZ5I1I8umBan2ywfKQD8M+IjmrW
|
||||||
|
k9/7h9i54t8RS/RN7KNo7ECGnKXqXDPzBBTs1Gwo1WzltAoaDKUfXqQ4oJ4aCP/q
|
||||||
|
/XPVWEzgpJO1XEezvCq8VXisutyDiXEjjMIeBczxb1hbamQX+jLTIQ1MDJ4Zo1YP
|
||||||
|
zlUqrHW434XC2b1/WbSaylq8Wk9cksca5J+g3FqTlgiWozyy0uxygIRjb6iTzKXk
|
||||||
|
V7SYxeXp3hNTuoUgiFkjh5/0yKWCwx7aQqlHar9GjpxmBDAO0kzOlgtTw//EqTwR
|
||||||
|
KnYZLig9FW0PhwvZJUigr0cvs/XXTTb77z/i/dfHkrjVTTYenNyXogPtTtSyxqca
|
||||||
|
61fbPf0B/S3N43PW8URXBRS0sykpX4SxKu+PwKCqf+OJ7hMEVAapqzTt1q9T7zyB
|
||||||
|
QwvCVx8s7WWvXbs2d6ZUrArklgjHoHQcdxJKdhuRmD34AuXWCLW+gH8rJWZpuNl3
|
||||||
|
+WsPZX4PvjKDgMw6YMcV7zhWX6c0SevKtzt7WP3XoKDuPhK1PMGJQqQ7spegGB+5
|
||||||
|
DZvsJS48Ip0S45Qfmj82ibXaCBJHTNZE8Zs+rdTjQ9DS5qvzRA1sRA1dBb/7OLYE
|
||||||
|
JmeWf4VZyebm+gc50szsg6Ut2yT8hw==
|
||||||
|
=AiP8
|
||||||
|
-----END PGP PUBLIC KEY BLOCK-----
|
||||||
17
salt/repo/client/files/rocky/yum.conf.jinja
Normal file
17
salt/repo/client/files/rocky/yum.conf.jinja
Normal file
@@ -0,0 +1,17 @@
|
|||||||
|
{% set proxy = salt['pillar.get']('manager:proxy') -%}
|
||||||
|
[main]
|
||||||
|
cachedir=/var/cache/yum/$basearch/$releasever
|
||||||
|
keepcache=0
|
||||||
|
debuglevel=2
|
||||||
|
logfile=/var/log/yum.log
|
||||||
|
exactarch=1
|
||||||
|
obsoletes=1
|
||||||
|
gpgcheck=1
|
||||||
|
plugins=1
|
||||||
|
installonly_limit={{ salt['pillar.get']('yum:config:installonly_limit', 2) }}
|
||||||
|
bugtracker_url=http://bugs.centos.org/set_project.php?project_id=23&ref=http://bugs.centos.org/bug_report_page.php?category=yum
|
||||||
|
distroverpkg=centos-release
|
||||||
|
clean_requirements_on_remove=1
|
||||||
|
{% if proxy -%}
|
||||||
|
proxy={{ proxy }}
|
||||||
|
{% endif %}
|
||||||
62
salt/repo/client/rocky.sls
Normal file
62
salt/repo/client/rocky.sls
Normal file
@@ -0,0 +1,62 @@
|
|||||||
|
# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
|
||||||
|
# or more contributor license agreements. Licensed under the Elastic License 2.0; you may not use
|
||||||
|
# this file except in compliance with the Elastic License 2.0.
|
||||||
|
|
||||||
|
{% from 'repo/client/map.jinja' import ABSENTFILES with context %}
|
||||||
|
{% from 'repo/client/map.jinja' import REPOPATH with context %}
|
||||||
|
{% from 'vars/globals.map.jinja' import GLOBALS %}
|
||||||
|
|
||||||
|
{% set role = grains.id.split('_') | last %}
|
||||||
|
{% set MANAGER = salt['grains.get']('master') %}
|
||||||
|
{% if grains['os'] == 'Rocky' %}
|
||||||
|
|
||||||
|
{% if ABSENTFILES|length > 0%}
|
||||||
|
{% for file in ABSENTFILES %}
|
||||||
|
{{ file }}:
|
||||||
|
file.absent:
|
||||||
|
- name: {{ REPOPATH }}{{ file }}
|
||||||
|
- onchanges_in:
|
||||||
|
- cmd: cleanyum
|
||||||
|
{% endfor %}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
cleanyum:
|
||||||
|
cmd.run:
|
||||||
|
- name: 'yum clean all'
|
||||||
|
- onchanges:
|
||||||
|
- so_repo
|
||||||
|
|
||||||
|
yumconf:
|
||||||
|
file.managed:
|
||||||
|
- name: /etc/yum.conf
|
||||||
|
- source: salt://repo/client/files/rocky/yum.conf.jinja
|
||||||
|
- mode: 644
|
||||||
|
- template: jinja
|
||||||
|
- show_changes: False
|
||||||
|
|
||||||
|
repair_yumdb:
|
||||||
|
cmd.run:
|
||||||
|
- name: 'mv -f /var/lib/rpm/__db* /tmp && yum clean all'
|
||||||
|
- onlyif:
|
||||||
|
- 'yum check-update 2>&1 | grep "Error: rpmdb open failed"'
|
||||||
|
|
||||||
|
crsynckeys:
|
||||||
|
file.recurse:
|
||||||
|
- name: /etc/pki/rpm-gpg
|
||||||
|
- source: salt://repo/client/files/rocky/keys/
|
||||||
|
|
||||||
|
so_repo:
|
||||||
|
pkgrepo.managed:
|
||||||
|
- name: securityonion
|
||||||
|
- humanname: Security Onion Repo
|
||||||
|
{% if GLOBALS.role in ['eval', 'standalone', 'import', 'manager', 'managersearch'] %}
|
||||||
|
- baseurl: file:///nsm/repo/
|
||||||
|
{% else %}
|
||||||
|
- baseurl: https://{{ GLOBALS.repo_host }}/repo
|
||||||
|
{% endif %}
|
||||||
|
- enabled: 1
|
||||||
|
- gpgcheck: 1
|
||||||
|
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
# TODO: Add a pillar entry for custom repos
|
||||||
Reference in New Issue
Block a user