mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-29 12:23:38 +01:00
31 lines
1.7 KiB
Django/Jinja
31 lines
1.7 KiB
Django/Jinja
# soup needs
|
|
# elasticsearch:esclustername pillar move to elasticsearch:config:cluster:name
|
|
# move elasticsearch:true_cluster_name to elasticsearch:config:cluster:name if true_cluster enabled
|
|
# elasticsearch:node_route_type moved
|
|
|
|
{% import_yaml 'elasticsearch/defaults.yaml' as ESCONFIG with context %}
|
|
|
|
{% if not salt['pillar.get']('elasticsearch:auth:enabled', False) %}
|
|
{% do ESCONFIG.elasticsearch.config.xpack.security.authc.anonymous.update({'username': 'anonymous_user', 'roles': 'superuser', 'authz_exception': 'true'}) %}
|
|
{% endif %}
|
|
|
|
{% if salt['pillar.get']('elasticsearch:true_cluster', False) %}
|
|
{% do ESCONFIG.elasticsearch.config.cluster.update({'name': salt['pillar.get']('elasticsearch:true_cluster_name')}) %} {# this is temporary #}
|
|
{% if grains.id.split('_') | last in ['manager','managersearch'] %}
|
|
{% if salt['pillar.get']('nodestab', {}) %}
|
|
{% do ESCONFIG.elasticsearch.config.node.update({'roles': ['master', 'data', 'remote_cluster_client']}) %}
|
|
{% do ESCONFIG.elasticsearch.config.discovery.update({'seed_hosts': [grains.master]}) %}
|
|
{% for SN, SNDATA in salt['pillar.get']('nodestab', {}).items() %}
|
|
{% do ESCONFIG.elasticsearch.config.discovery.seed_hosts.append(SN.split('_')|first) %}
|
|
{% endfor %}
|
|
{% endif %}
|
|
{% if grains.id.split('_') | last == 'manager' %}
|
|
{% do ESCONFIG.elasticsearch.config.node.attr.update({'box_type': ''}) %}
|
|
{% endif %}
|
|
{% else %}
|
|
{% do ESCONFIG.elasticsearch.config.node.update({'roles': ['data', 'ingest']}) %}
|
|
{% do ESCONFIG.elasticsearch.config.node.attr.update({'box_type': 'hot'}) %}
|
|
{% do ESCONFIG.elasticsearch.config.discovery.update({'seed_hosts': [grains.master]}) %}
|
|
{% endif %}
|
|
{% endif %}
|