remove redundant common from top, create so-status conf files on manager before registry state https://github.com/Security-Onion-Solutions/securityonion/issues/1681

2025-12-06 17:22:49 +01:00 · 2020-11-10 17:09:38 -05:00
parent 9e612e98ed
commit edb00c2058
3 changed files with 7 additions and 16 deletions
--- a/salt/registry/init.sls
+++ b/salt/registry/init.sls
@@ -57,10 +57,10 @@ so-dockerregistry:
      - /etc/pki/registry.crt:/etc/pki/registry.crt:ro
      - /etc/pki/registry.key:/etc/pki/registry.key:ro
-append_so-dockerregistry_so-status.conf:
+append_so-registry_so-status.conf:
  file.append:
    - name: /opt/so/conf/so-status/so-status.conf
-    - text: so-dockerregistry
+    - text: so-registry
 {% else %}
--- a/salt/top.sls
+++ b/salt/top.sls
@@ -42,7 +42,6 @@ base:
    - salt.master
    - ca
    - ssl
    - common
    - registry
    - telegraf
    - firewall
@@ -60,7 +59,6 @@ base:
    - match: compound
    - ca
    - ssl
    - common
    - telegraf
    - firewall
    - nginx
@@ -86,7 +84,6 @@ base:
    - salt.master
    - ca
    - ssl
    - common
    - registry
    - manager
    - nginx
@@ -145,7 +142,6 @@ base:
    - salt.master
    - ca
    - ssl
    - common
    - registry
    - nginx
    - telegraf
@@ -194,7 +190,6 @@ base:
    - salt.master
    - ca
    - ssl
    - common
    - registry
    - manager
    - nginx
@@ -252,7 +247,6 @@ base:
  '*_node and I@node:node_type:parser and G@saltversion:{{saltversion}}':
    - match: compound
    - common
    - firewall
    - logstash
    {%- if FLEETMANAGER or FLEETNODE %}
@@ -263,7 +257,6 @@ base:
  '*_node and I@node:node_type:hot and G@saltversion:{{saltversion}}':
    - match: compound
    - common
    - firewall
    - logstash
    - curator
@@ -275,7 +268,6 @@ base:
  '*_node and I@node:node_type:warm and G@saltversion:{{saltversion}}':
    - match: compound
    - common
    - firewall
    - elasticsearch
    {%- if FLEETMANAGER or FLEETNODE %}
@@ -288,7 +280,6 @@ base:
    - match: compound
    - ca
    - ssl
    - common
    - nginx
    - telegraf
    - firewall
@@ -307,7 +298,6 @@ base:
  '*_managersensor and G@saltversion:{{saltversion}}':
    - match: compound
    - common
    - nginx
    - telegraf
    - influxdb
@@ -326,7 +316,6 @@ base:
    - salt.master
    - ca
    - ssl
    - common
    - registry
    - nginx
    - telegraf
@@ -375,7 +364,6 @@ base:
    - match: compound
    - ca
    - ssl
    - common
    - nginx
    - telegraf
    - firewall
@@ -406,7 +394,6 @@ base:
    - match: compound
    - ca
    - ssl
    - common
    - nginx
    - telegraf
    - firewall
@@ -422,7 +409,6 @@ base:
    - salt.master
    - ca
    - ssl
    - common
    - registry
    - manager
    - nginx
--- a/setup/so-setup
+++ b/setup/so-setup
@@ -590,6 +590,11 @@ fi
 		set_progress_str 25 'Configuring firewall'
 		set_initial_firewall_policy >> $setup_log 2>&1
 		# create these so the registry state can add so-registry to /opt/so/conf/so-status/so-status.conf
 		mkdir -p /opt/so/conf/so-status/
 		touch /opt/so/conf/so-status/so-status.conf
 		touch /opt/so/conf/so-status/so-status.disabled.conf
 		if [[ "$setup_type" == 'iso' ]]; then
 			set_progress_str 26 'Copying containers from iso'
 		else