mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-06 09:12:45 +01:00
139 lines
3.0 KiB
Plaintext
139 lines
3.0 KiB
Plaintext
# Add socore Group
|
|
socoregroup:
|
|
group.present:
|
|
- name: socore
|
|
- gid: 939
|
|
|
|
# Add socore user
|
|
socore:
|
|
user.present:
|
|
- uid: 939
|
|
- gid: 939
|
|
- home: /opt/so
|
|
- createhome: True
|
|
- shell: /bin/bash
|
|
|
|
# Create a state directory
|
|
statedir:
|
|
file.directory:
|
|
- name: /opt/so/state
|
|
- user: 939
|
|
- group: 939
|
|
- makedirs: True
|
|
|
|
salttmp:
|
|
file.directory:
|
|
- name: /opt/so/tmp
|
|
- user: 939
|
|
- group: 939
|
|
- makedirs: True
|
|
|
|
# Install epel
|
|
{% if grains['os'] == 'CentOS' %}
|
|
epel:
|
|
pkg.installed:
|
|
- skip_suggestions: True
|
|
- pkgs:
|
|
- epel-release
|
|
{% endif %}
|
|
|
|
# Install common packages
|
|
commonpkgs:
|
|
pkg.installed:
|
|
- skip_suggestions: True
|
|
- pkgs:
|
|
{% if grains['os'] != 'CentOS' %}
|
|
- apache2-utils
|
|
- wget
|
|
- jq
|
|
- python3-docker
|
|
- docker-ce
|
|
- curl
|
|
- ca-certificates
|
|
- software-properties-common
|
|
- apt-transport-https
|
|
- openssl
|
|
- netcat
|
|
- python3-mysqldb
|
|
- sqlite3
|
|
- argon2
|
|
- libssl-dev
|
|
- python3-dateutil
|
|
- python3-m2crypto
|
|
- python3-mysqldb
|
|
- salt-minion: 2019.2.5+ds-1
|
|
- hold: True
|
|
- update_holds: True
|
|
{% if grains['role'] == 'so-master' or grains['role'] == 'so-eval' or grains['role'] == 'so-helix' or grains['role'] == 'so-mastersearch' or grains['role'] == 'so-standalone' %}
|
|
- salt-master: 2019.2.5+ds-1
|
|
- hold: True
|
|
- update_holds: True
|
|
- containerd.io: 1.2.13-2
|
|
- hold: True
|
|
- update_holds: True
|
|
- docker-ce: 5:19.03.9~3-0~ubuntu-bionic
|
|
- hold: True
|
|
- update_holds: True
|
|
{% endif %}
|
|
- containerd.io
|
|
- docker-ce
|
|
{% else %}
|
|
- wget
|
|
- bind-utils
|
|
- jq
|
|
- tcpdump
|
|
- httpd-tools
|
|
- net-tools
|
|
- curl
|
|
- sqlite
|
|
- argon2
|
|
- maridb-devel
|
|
- nmap-ncat
|
|
- python3
|
|
- python36-docker
|
|
- python36-dateutil
|
|
- python36-m2crypto
|
|
- python36-mysql
|
|
- yum-utils
|
|
- device-mapper-persistent-data
|
|
- lvm2
|
|
- openssl
|
|
- salt-minion: 2019.2.5
|
|
- hold: True
|
|
- update_holds: True
|
|
{% if grains['role'] == 'so-master' or grains['role'] == 'so-eval' or grains['role'] == 'so-helix' or grains['role'] == 'so-mastersearch' or grains['role'] == 'so-standalone' %}
|
|
- salt-master: 2019.2.5
|
|
- hold: True
|
|
- update_holds: True
|
|
{% endif %}
|
|
- containerd.io: 1.2.6-3
|
|
- hold: True
|
|
- update_holds: True
|
|
- docker-ce: 19.03.9-3
|
|
- hold: True
|
|
- update_holds: True
|
|
{% endif %}%}
|
|
|
|
# Always keep these packages up to date
|
|
|
|
alwaysupdated:
|
|
pkg.latest:
|
|
- pkgs:
|
|
- openssl
|
|
- openssh-server
|
|
- bash
|
|
- skip_suggestions: True
|
|
|
|
# Set time to UTC
|
|
Etc/UTC:
|
|
timezone.system
|
|
|
|
# Sync some Utilities
|
|
utilsyncscripts:
|
|
file.recurse:
|
|
- name: /usr/sbin
|
|
- user: 0
|
|
- group: 0
|
|
- file_mode: 755
|
|
- template: jinja
|
|
- source: salt://common/tools/sbin |