CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-05-08 20:38:00 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
eadad6c163aaad3312d2d4387ae16b6c86e0da9e
securityonion/salt
T
History
Mike Reeves eadad6c163 soup: bootstrap postgres pillar stubs and secret on 3.0.0 upgrade 
pillar/top.sls now references postgres.soc_postgres / postgres.adv_postgres
unconditionally, but make_some_dirs only runs at install time so managers
upgrading from 3.0.0 have no local/pillar/postgres/ and salt-master fails
pillar render on the first post-upgrade restart. Similarly, secrets_pillar
is a no-op on upgrade (secrets.sls already exists), so secrets:postgres_pass
never gets seeded and the postgres container's POSTGRES_PASSWORD_FILE and
SOC's PG_ADMIN_PASS would land empty after highstate.

Add ensure_postgres_local_pillar and ensure_postgres_secret to up_to_3.1.0
so the stubs and secret exist before masterlock/salt-master restart. Both
are idempotent and safe to re-run.
2026-04-23 10:01:38 -04:00
..
_beacons
remove unneeded files
2025-05-30 12:50:59 -04:00
_modules
Remove non-Oracle Linux 9 support from salt states
2026-03-16 16:58:39 -04:00
_runners
merge 2.4/dev
2025-12-02 11:16:08 -06:00
backup
Move postgres backup script and cron to the postgres states
2026-04-21 09:42:41 -04:00
bpf
update helpLink references for new documentation
2026-03-18 09:46:45 -04:00
ca
Add so-postgres Salt states and integration wiring
2026-04-08 10:58:52 -04:00
common
Fix Telegraf→Postgres table creation and state.apply race
2026-04-17 13:00:12 -04:00
cron
desktop
the great ssl refactor
2025-12-11 17:30:06 -05:00
docker
Change so-postgres final_octet to 47
2026-04-21 09:33:47 -04:00
docker_clean
elastalert
new elastalert options advanced
2026-03-19 17:19:42 -04:00
elastic-fleet-package-registry
ensure bool sliders for each state:enabled annotation
2026-03-19 12:35:38 -04:00
elasticagent
ensure bool sliders for each state:enabled annotation
2026-03-19 12:35:38 -04:00
elasticfleet
enable elastic agent patch release for 9.3.3
2026-04-13 16:27:28 -05:00
elasticsearch
add wait_for_so-elasticsearch state and split elasticsearch cluster configuration out of enabled.sls
2026-04-17 14:43:07 -05:00
firewall
Use TELEGRAFMERGED for telegraf.output and de-jinja pg_hba.conf
2026-04-20 16:06:01 -04:00
global
Move telegraf_output from global pillar to telegraf pillar
2026-04-20 16:03:02 -04:00
healthcheck
host
update helpLink references for new documentation
2026-03-18 09:46:45 -04:00
hydra
ensure bool sliders for each state:enabled annotation
2026-03-19 12:35:38 -04:00
hypervisor
merge 2.4/dev
2025-12-02 11:16:08 -06:00
idh
Remove hardcoded path
2026-03-23 16:26:56 -04:00
influxdb
define options in annotation files
2026-04-09 10:18:36 -04:00
kafka
define options in annotation files
2026-04-09 10:18:36 -04:00
kibana
ES 9.3.2
2026-04-06 15:08:30 -05:00
kratos
define options in annotation files
2026-04-09 10:18:36 -04:00
libvirt
create libvirt volumes directory
2025-10-30 11:02:36 -04:00
logrotate
remove steno
2026-03-06 15:45:36 -05:00
logstash
ensure bool sliders for each state:enabled annotation
2026-03-19 12:35:38 -04:00
manager
soup: bootstrap postgres pillar stubs and secret on 3.0.0 upgrade
2026-04-23 10:01:38 -04:00
motd
nginx
Merge pull request #15658 from Security-Onion-Solutions/jertel/wip
2026-03-23 09:55:31 -04:00
ntp
update helpLink references for new documentation
2026-03-18 09:46:45 -04:00
orch
Split postgres auth from per-minion telegraf creds
2026-04-22 10:55:15 -04:00
patch
ensure bool sliders for patch
2026-03-19 14:39:10 -04:00
pcap
cleanup steno. sensor run pcap.cleanup
2026-03-10 16:09:32 -04:00
pipeline
postgres
Split postgres auth from per-minion telegraf creds
2026-04-22 10:55:15 -04:00
reactor
Move per-minion telegraf cred provisioning into so-minion
2026-04-21 15:34:15 -04:00
redis
ensure bool sliders for each state:enabled annotation
2026-03-19 12:35:38 -04:00
registry
ensure bool sliders for each state:enabled annotation
2026-03-19 12:35:38 -04:00
repo/client
Remove non-Oracle Linux 9 support from salt states
2026-03-16 16:58:39 -04:00
salt
Move per-minion telegraf cred provisioning into so-minion
2026-04-21 15:34:15 -04:00
sensor
update helpLink references for new documentation
2026-03-18 09:46:45 -04:00
sensoroni
ensure bool sliders sensoroni
2026-03-19 14:41:49 -04:00
setup/virt
handle - in hypervisor hostname
2025-08-04 15:25:26 -04:00
soc
Harden postgres secrets, TLS enforcement, and admin tooling
2026-04-20 12:36:17 -04:00
ssl
dont remove ca in ssl.remove
2026-01-07 14:14:57 -05:00
stig
update stig profile v1r3
2026-03-23 14:04:48 -05:00
storage
remove .log extension
2025-10-14 11:03:00 -04:00
strelka
ensure bool sliders strelka
2026-03-19 14:46:49 -04:00
suricata
define options in annotation files
2026-04-09 10:18:36 -04:00
systemd
tcpreplay
telegraf
Split postgres auth from per-minion telegraf creds
2026-04-22 10:55:15 -04:00
utility
vars
Move telegraf_output from global pillar to telegraf pillar
2026-04-20 16:03:02 -04:00
versionlock
update helpLink references for new documentation
2026-03-18 09:46:45 -04:00
vm
handle - in hypervisor hostname
2025-08-04 15:25:26 -04:00
zeek
Fix JA4+ license link in soc_zeek.yaml
2026-04-06 10:12:37 -04:00
allowed_states.map.jinja
Add postgres.auth to allowed_states
2026-04-09 12:39:46 -04:00
schedule.sls
splay highstate schedule 2minutes for non managers
2025-07-22 11:52:50 -04:00
top.sls
Add so-postgres Salt states and integration wiring
2026-04-08 10:58:52 -04:00