mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-08 18:22:47 +01:00
docker binds requires
This commit is contained in:
m0duspwnens
@@ -24,8 +24,9 @@ pki_private_key:
|
||||
- x509: /etc/pki/ca.crt
|
||||
{%- endif %}
|
||||
|
||||
/etc/pki/ca.crt:
|
||||
pki_public_ca_crt:
|
||||
x509.certificate_managed:
|
||||
- name: /etc/pki/ca.crt
|
||||
- signing_private_key: /etc/pki/ca.key
|
||||
- CN: {{ manager }}
|
||||
- C: US
|
||||
|
||||
@@ -53,6 +53,8 @@ so-domainstats:
|
||||
- user: domainstats
|
||||
- binds:
|
||||
- /opt/so/log/domainstats:/var/log/domain_stats
|
||||
- require:
|
||||
- file: dstatslogdir
|
||||
|
||||
append_so-domainstats_so-status.conf:
|
||||
file.append:
|
||||
|
||||
@@ -122,6 +122,10 @@ so-elastalert:
|
||||
- {{MANAGER_URL}}:{{MANAGER_IP}}
|
||||
- require:
|
||||
- cmd: wait_for_elasticsearch
|
||||
- file: elastarules
|
||||
- file: elastalogdir
|
||||
- file: elastacustmodulesdir
|
||||
- file: elastaconf
|
||||
- watch:
|
||||
- file: elastaconf
|
||||
|
||||
|
||||
@@ -15,7 +15,8 @@
|
||||
{% from 'allowed_states.map.jinja' import allowed_states %}
|
||||
{% if sls in allowed_states %}
|
||||
|
||||
|
||||
include:
|
||||
- ssl
|
||||
|
||||
{% set VERSION = salt['pillar.get']('global:soversion', 'HH1.2.2') %}
|
||||
{% set IMAGEREPO = salt['pillar.get']('global:imagerepo') %}
|
||||
@@ -280,6 +281,24 @@ so-elasticsearch:
|
||||
- file: esyml
|
||||
- file: esingestconf
|
||||
- file: so-elasticsearch-pipelines-file
|
||||
- require:
|
||||
- file: esyml
|
||||
- file: eslog4jfile
|
||||
- file: nsmesdir
|
||||
- file: eslogdir
|
||||
- file: cacertz
|
||||
- file: /etc/pki/elasticsearch.crt
|
||||
- file: /etc/pki/elasticsearch.key
|
||||
- file: elasticp12perms
|
||||
{% if ismanager %}
|
||||
- file: pki_public_ca_crt
|
||||
{% else %}
|
||||
- file: trusttheca
|
||||
{% endif %}
|
||||
{% if salt['pillar.get']('elasticsearch:auth:enabled', False) %}
|
||||
- cmd: auth_users_roles_inode
|
||||
- cmd: auth_users_inode
|
||||
{% endif %}
|
||||
|
||||
append_so-elasticsearch_so-status.conf:
|
||||
file.append:
|
||||
|
||||
@@ -30,6 +30,9 @@
|
||||
{% set ca_server = global_ca_server[0] %}
|
||||
{% endif %}
|
||||
|
||||
include:
|
||||
- ca
|
||||
|
||||
# Trust the CA
|
||||
trusttheca:
|
||||
x509.pem_managed:
|
||||
|
||||
Reference in New Issue
Block a user