mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2026-05-07 20:08:03 +02:00
Merge pull request #15749 from Security-Onion-Solutions/feature/postgres
Add so-postgres Salt states and infrastructure
This commit is contained in:
Mike Reeves
GitHub
+11
-2
@@ -821,6 +821,7 @@ create_manager_pillars() {
|
||||
soc_pillar
|
||||
idh_pillar
|
||||
influxdb_pillar
|
||||
postgres_pillar
|
||||
logrotate_pillar
|
||||
patch_pillar
|
||||
nginx_pillar
|
||||
@@ -1053,6 +1054,7 @@ generate_passwords(){
|
||||
HYDRAKEY=$(get_random_value)
|
||||
HYDRASALT=$(get_random_value)
|
||||
REDISPASS=$(get_random_value)
|
||||
POSTGRESPASS=$(get_random_value)
|
||||
SOCSRVKEY=$(get_random_value 64)
|
||||
IMPORTPASS=$(get_random_value)
|
||||
}
|
||||
@@ -1355,6 +1357,12 @@ influxdb_pillar() {
|
||||
" token: $INFLUXTOKEN" > $local_salt_dir/pillar/influxdb/token.sls
|
||||
}
|
||||
|
||||
postgres_pillar() {
|
||||
title "Create the postgres pillar file"
|
||||
touch $adv_postgres_pillar_file
|
||||
touch $postgres_pillar_file
|
||||
}
|
||||
|
||||
make_some_dirs() {
|
||||
mkdir -p /nsm
|
||||
mkdir -p "$default_salt_dir"
|
||||
@@ -1364,7 +1372,7 @@ make_some_dirs() {
|
||||
mkdir -p $local_salt_dir/salt/firewall/portgroups
|
||||
mkdir -p $local_salt_dir/salt/firewall/ports
|
||||
|
||||
for THEDIR in bpf elasticsearch ntp firewall redis backup influxdb strelka sensoroni soc docker zeek suricata nginx telegraf logstash soc manager kratos hydra idh elastalert stig global kafka versionlock hypervisor vm; do
|
||||
for THEDIR in bpf elasticsearch ntp firewall redis backup influxdb postgres strelka sensoroni soc docker zeek suricata nginx telegraf logstash soc manager kratos hydra idh elastalert stig global kafka versionlock hypervisor vm; do
|
||||
mkdir -p $local_salt_dir/pillar/$THEDIR
|
||||
touch $local_salt_dir/pillar/$THEDIR/adv_$THEDIR.sls
|
||||
touch $local_salt_dir/pillar/$THEDIR/soc_$THEDIR.sls
|
||||
@@ -1844,7 +1852,8 @@ secrets_pillar(){
|
||||
printf '%s\n'\
|
||||
"secrets:"\
|
||||
" import_pass: $IMPORTPASS"\
|
||||
" influx_pass: $INFLUXPASS" > $local_salt_dir/pillar/secrets.sls
|
||||
" influx_pass: $INFLUXPASS"\
|
||||
" postgres_pass: $POSTGRESPASS" > $local_salt_dir/pillar/secrets.sls
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
@@ -202,6 +202,12 @@ export influxdb_pillar_file
|
||||
adv_influxdb_pillar_file="$local_salt_dir/pillar/influxdb/adv_influxdb.sls"
|
||||
export adv_influxdb_pillar_file
|
||||
|
||||
postgres_pillar_file="$local_salt_dir/pillar/postgres/soc_postgres.sls"
|
||||
export postgres_pillar_file
|
||||
|
||||
adv_postgres_pillar_file="$local_salt_dir/pillar/postgres/adv_postgres.sls"
|
||||
export adv_postgres_pillar_file
|
||||
|
||||
logrotate_pillar_file="$local_salt_dir/pillar/logrotate/soc_logrotate.sls"
|
||||
export logrotate_pillar_file
|
||||
|
||||
|
||||
+2
-1
@@ -71,7 +71,8 @@ log_has_errors() {
|
||||
grep -vE "remove_failed_vm.sls" | \
|
||||
grep -vE "failed to copy: httpReadSeeker" | \
|
||||
grep -vE "Error response from daemon: failed to resolve reference" | \
|
||||
grep -vE "log-.*-pipeline_failed_attempts" &> "$error_log"
|
||||
grep -vE "log-.*-pipeline_failed_attempts" | \
|
||||
grep -vE " -v ON_ERROR_STOP=1" &> "$error_log"
|
||||
|
||||
if [[ $? -eq 0 ]]; then
|
||||
# This function succeeds (returns 0) if errors are detected
|
||||
|
||||
Reference in New Issue
Block a user