From ef18cb3704f779420496488368e7e2743483e22c Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Mon, 8 May 2023 14:12:46 -0400
Subject: [PATCH] top and allow_states changes for playbook

---
 salt/allowed_states.map.jinja | 7 +++----
 salt/playbook/defaults.yaml   | 2 +-
 salt/playbook/disabled.sls    | 1 -
 salt/top.sls                  | 3 +--
 4 files changed, 5 insertions(+), 8 deletions(-)

diff --git a/salt/allowed_states.map.jinja b/salt/allowed_states.map.jinja
index 5e80dfd65..0476bc8ed 100644
--- a/salt/allowed_states.map.jinja
+++ b/salt/allowed_states.map.jinja
@@ -3,7 +3,6 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.
 
-{% set PLAYBOOK = salt['pillar.get']('manager:playbook', '0') %}
 {% set ELASTALERT = salt['pillar.get']('elastalert:enabled', True) %}
 {% set ELASTICSEARCH = salt['pillar.get']('elasticsearch:enabled', True) %}
 {% set KIBANA = salt['pillar.get']('kibana:enabled', True) %}
@@ -215,7 +214,7 @@
           ],
   }, grain='role') %}
 
-  {% if (PLAYBOOK != 0) and grains.role in ['so-eval', 'so-manager', 'so-managersearch', 'so-standalone'] %}
+  {% if grains.role in ['so-eval', 'so-manager', 'so-managersearch', 'so-standalone'] %}
     {% do allowed_states.append('mysql') %}
   {% endif %}
 
@@ -248,11 +247,11 @@
     {% do allowed_states.append('elastalert') %}
   {% endif %}
 
-  {% if (PLAYBOOK !=0) and grains.role in ['so-eval', 'so-manager', 'so-standalone', 'so-managersearch'] %}
+  {% if grains.role in ['so-eval', 'so-manager', 'so-standalone', 'so-managersearch'] %}
     {% do allowed_states.append('playbook') %}
   {% endif %}
 
-  {% if (PLAYBOOK !=0) and grains.role in ['so-eval'] %}
+  {% if (REDIS !=0) and grains.role in ['so-eval'] %}
     {% do allowed_states.append('redis') %}
   {% endif %}
 
diff --git a/salt/playbook/defaults.yaml b/salt/playbook/defaults.yaml
index 20859fef2..e75ec6a3c 100644
--- a/salt/playbook/defaults.yaml
+++ b/salt/playbook/defaults.yaml
@@ -1,2 +1,2 @@
 playbook:
-  enabled: True
+  enabled: False
diff --git a/salt/playbook/disabled.sls b/salt/playbook/disabled.sls
index 0af127692..c8c876cfb 100644
--- a/salt/playbook/disabled.sls
+++ b/salt/playbook/disabled.sls
@@ -23,7 +23,6 @@ so-playbook-sync_cron:
     - identifier: so-playbook-sync_cron
     - user: root
 
-
 so-playbook-ruleupdate_cron:
   cron.absent:
     - identifier: so-playbook-ruleupdate_cron
diff --git a/salt/top.sls b/salt/top.sls
index b3e4fba6c..49af8d21a 100644
--- a/salt/top.sls
+++ b/salt/top.sls
@@ -3,7 +3,6 @@
 # https://securityonion.net/license; you may not use this file except in compliance with the
 # Elastic License 2.0.
 
-{% set PLAYBOOK = salt['pillar.get']('manager:playbook', '0') %}
 {% set ELASTALERT = salt['pillar.get']('elastalert:enabled', True) %}
 {% set ELASTICSEARCH = salt['pillar.get']('elasticsearch:enabled', True) %}
 {% set KIBANA = salt['pillar.get']('kibana:enabled', True) %}
@@ -95,8 +94,8 @@ base:
     {%- endif %}
     - utility
     - soctopus
-    {%- if PLAYBOOK != 0 %}
     - playbook
+    {%- if REDIS != 0 %}
     - redis
     {%- endif %}
     - elasticfleet