CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-11 15:22:34 +02:00
Code Issues Packages Projects Releases Wiki Activity
17,973 Commits 31 Branches 125 Tags
2dfa83dd7da1ec2a0cb87aef8a9cabdc42fc0161
Commit Graph

19 Commits

Author SHA1 Message Date
Mike Reeves
868cd11874 Add so-postgres Salt states and integration wiring 
Phase 1 of the PostgreSQL central data platform:
- Salt states: init, enabled, disabled, config, ssl, auth, sostatus
- TLS via SO CA-signed certs with postgresql.conf template
- Two-tier auth: postgres superuser + so_postgres application user
- Firewall restricts port 5432 to manager-only (HA-ready)
- Wired into top.sls, pillar/top.sls, allowed_states, firewall
  containers map, docker defaults, CA signing policies, and setup
  scripts for all manager-type roles
 2026-04-08 10:58:52 -04:00
m0duspwnens
a2bb220043 fix x509 mine_function 2024-06-18 12:33:33 -04:00
reyesj2
436cbc1f06 Add kafka signing_policy for client/server auth. Add kafka-client cert on manager so manager can interact with kafka using its own cert 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-04 16:21:29 -04:00
Mike Reeves
4fb9cce41c Update signing_policies.conf 2023-11-17 16:38:50 -05:00
Josh Brower
6945596eee Tweak elastic agent ssl gen 2022-09-14 08:10:42 -04:00
m0duspwnens
2a5b4ef276 add mine function to signing_policies.conf. no longer need to check if mine in ca during manager install 2021-12-28 15:19:06 -05:00
m0duspwnens
b2e7a4221c master to manager for ssl signing policy 2020-07-09 17:19:17 -04:00
Mike Reeves
0f5c0373c5 SSL Issue 79 - Remove extensions from filebeat cert 2019-10-23 15:27:31 -04:00
Mike Reeves
3ecb6a7c3f SSL Issue 79 - Add extended type to all certs 2019-10-21 17:55:06 -04:00
Mike Reeves
06261b0b9a SSL Issue 79 - Add extended type to all certs 2019-10-21 17:54:09 -04:00
Mike Reeves
792cc7d4c4 SSL Issue 79 - Reduce valid time 2019-10-21 17:04:18 -04:00
Mike Reeves
53f7fcd07c Fleet Module - SSL additions 2018-12-05 15:54:43 -05:00
Mike Reeves
39602f3ef8 InfluxDB Module - Add Support for influxdb 2018-11-17 16:24:23 -05:00
Mike Reeves
3fa9d0cd55 CA Module - Trying to fix SSL keys 2018-10-11 09:02:20 -04:00
Mike Reeves
a42c14f1af CA Module - Formatting is important 2018-10-11 08:46:08 -04:00
Mike Reeves
8a25da1ee9 Reverse Proxy - The Big Commit 2018-10-10 21:24:24 -04:00
Mike Reeves
3870e3cb95 SSL Module - It's Working 2018-07-17 12:52:04 -04:00
Mike Reeves
4046f5fc00 SSL Module - Change registry settings 2018-07-17 12:34:22 -04:00
Mike Reeves
ee2d5b37b4 SSL and CA Modules - Add base 2018-05-23 16:56:44 -04:00