diff --git a/salt/manager/defaults.yaml b/salt/manager/defaults.yaml index 8bb34690eb..708900af6a 100644 --- a/salt/manager/defaults.yaml +++ b/salt/manager/defaults.yaml @@ -2,4 +2,6 @@ manager: reposync: enabled: True hour: 3 - minute: 0 \ No newline at end of file + minute: 0 + additionalCA: '' + insecureSkipVerify: False diff --git a/salt/manager/map.jinja b/salt/manager/map.jinja new file mode 100644 index 0000000000..1ab9c12c3f --- /dev/null +++ b/salt/manager/map.jinja @@ -0,0 +1,7 @@ +{# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one + or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at + https://securityonion.net/license; you may not use this file except in compliance with the + Elastic License 2.0. #} + +{% import_yaml 'manager/defaults.yaml' as MANAGERDEFAULTS %} +{% set MANAGERMERGED = salt['pillar.get']('manager', MANAGERDEFAULTS.manager, merge=True) %} \ No newline at end of file diff --git a/salt/manager/soc_manager.yaml b/salt/manager/soc_manager.yaml index f6461a0c7b..f3346269ec 100644 --- a/salt/manager/soc_manager.yaml +++ b/salt/manager/soc_manager.yaml @@ -7,7 +7,7 @@ manager: hour: description: The hour of the day in which the repo sync takes place. global: True - helpLink: soup.html + helpLink: soup.html minute: description: The minute within the hour to run the repo sync. global: True @@ -16,11 +16,23 @@ manager: description: Enable elastalert 1=enabled 0=disabled. global: True helpLink: elastalert.html - no_proxy: - description: String of hosts to ignore the proxy settings for. + no_proxy: + description: String of hosts to ignore the proxy settings for. global: True helpLink: proxy.html proxy: description: Proxy server to use for updates. global: True helpLink: proxy.html + additionalCA: + description: Additional CA certificates to trust in PEM format. + global: True + advanced: True + multiline: True + helpLink: proxy.html + insecureSkipVerify: + description: Disable TLS verification for outgoing requests. This will make your installation less secure to MITM attacks. Recommended only for debugging purposes. + advanced: True + forcedType: bool + global: True + helpLink: proxy.html diff --git a/salt/soc/merged.map.jinja b/salt/soc/merged.map.jinja index 4ee0eea1ec..c823175cba 100644 --- a/salt/soc/merged.map.jinja +++ b/salt/soc/merged.map.jinja @@ -6,13 +6,15 @@ {% from 'vars/globals.map.jinja' import GLOBALS %} {% from 'soc/defaults.map.jinja' import SOCDEFAULTS with context %} {% from 'logstash/map.jinja' import LOGSTASH_NODES %} +{% from 'manager/map.jinja' import MANAGERMERGED %} {% set DOCKER_EXTRA_HOSTS = LOGSTASH_NODES %} {% do DOCKER_EXTRA_HOSTS.append({GLOBALS.influxdb_host:pillar.node_data[GLOBALS.influxdb_host].ip}) %} {% set SOCMERGED = salt['pillar.get']('soc', SOCDEFAULTS, merge=true) %} -{% set MANAGER_PROXY = salt['pillar.get']('manager:proxy', '') %} -{% do SOCMERGED.config.server.update({'proxy': MANAGER_PROXY}) %} +{% do SOCMERGED.config.server.update({'proxy': MANAGERMERGED.proxy}) %} +{% do SOCMERGED.config.server.update({'additionalCA': MANAGERMERGED.additionalCA}) %} +{% do SOCMERGED.config.server.update({'insecureSkipVerify': MANAGERMERGED.insecureSkipVerify}) %} {# if SOCMERGED.config.server.modules.cases == httpcase details come from the soc pillar #} {% if SOCMERGED.config.server.modules.cases != 'soc' %}