Step 2: Setting up the appliance systems

You must install packages and Ansible® content and complete configuration steps on each of the appliances.

About this task

Complete the following steps on each of the SOAR Platform appliances.

Procedure

  1. Ensure that the resadmin sudo user password is the same on both appliances.
  2. Copy the resilient-optional-packages-repo.run file to the /tmp directory on each of the SOAR Platform appliances.
  3. As the resadmin user, run the following command and follow the on-screen instructions to install the packages:
    sudo bash soar-optional-packages-repo-rhel8-<release_number>.run
  4. Enable the repository.
    sudo yum --disablerepo="*" --enablerepo="resilient_optional" list available
  5. Install the Yum packages.
    sudo yum --noplugins install lsyncd

    This command also installs the rsync package.

  6. To ensure secure communication between the two appliances when you sync files, you must generate a public/private ssh key pair for the resfilesync user.
    ssh-keygen -t rsa -b 4096 -C "resfilesync@res-dr"
    When prompted for the file in which to save the key, enter the following value:
    /usr/share/resilient-dr/ansible/files/id_rsa

    When prompted for a password, press Enter to leave it empty. It is a requirement to not specify a password.

  7. Copy the /usr/share/resilient-dr/ansible/templates/ssh_vault.template.yml file to the /usr/share/resilient-dr/ansible/files directory and rename the copied file to ssh_vault.yml.
  8. Using the generated SSH key pair, copy the id_rsa private key content and paste it, replacing the <INSERT_PRIVATE_KEY_HERE> tag, as shown in the following example.
    Note: Ensure that you maintain the correct YAML syntax structure and alignment.
  9. Complete a similar procedure for the public key by replacing the <INSERT_PUBLIC_KEY_HERE> tag in the ssh_vault.yml file with the id_rsa.pub content. Make sure that you keep the key on a single line and maintain the YAML syntax, as shown in the following example:
    Important: The indentation and formatting must be exactly as defined by the YAML format. The entire contents must have the same indentation from start to finish for each inserted key.
    Example:
    # Place your private and public ssh keys here
    ssh_key_files:
      /home/resfilesync/.ssh/id_rsa:
        owner: "resfilesync"
        group: "resfilesync"
        mode: "0600"
        content: |
          -----BEGIN RSA PRIVATE KEY-----
          MIIJKQIBAAKCAgEAsO4znU2B6rESLao5MetjScpuTefV89PflTRnh0iEVuzck/QY
          No0y5oWyC1r8BRRveTjYJM8uf4QC2RyN1VMQFA66sqPBpsegHayQmrEfssIgcHh6
          u3m7DReh6l0PyEb86fG92yAywAvzeLyFqRfjaUUws79/bDInBNWRNjilufCovGaE
          PV+l3wOvi6mZ3L8Ps4khxxeXqmrgAKSG/ElJYuE9JFhCFN1JpNAgvxArxoR8gKaO
          oa4X/vvuhp2K0cFvNTTXA/rzsiiazkt4b812IJnLYTHwLxY1eL6PGKJyUBUc4531
          wdefwdfadfaerfaef233refdzvdfsavq34rtefcdsfv4fr234feq3fqervavdvvc
          eddfvqerfgyougettheideavszdfgvsbdfgbnrstghwergsvddvaegfvaefgsfbg
          9bVm01CVKUJtxcbd77nDDLp1LGb3FsAnvj4atbiu/q0LPygKkIAFXedEV0psWlwH
          gCM9n3Dzs9qm7r9kyfH0ud9YYS/nz6x0i6ZRF5jwhNy0C+PWQeyVzWlv3QfN9ALY
          Z1IPNVScxAjJCzDjqhP_____SAMPLE_____iQIv/UQGws1nyKJWFaeffeffFEFEF
          YvOafmpudnpMFlILHNl8t1c4AZEL/1Jt0TF9bCbBnQ0tlEZ9WkrvFCcHw1OhpIHH
          1KMpSGSWUfVw9TatZf0icwQRPxwImC2vAoIBAQCYoHcAPeYlFXcNZfVvLUQtA6qr
          nlrxrkLZDCZTrgCt4QxU5egGWFlosjHk0TqCElBq5aB4fjPTck/PNLGvdLcxlsnN
          piafGrbCbxuZ1kqqPhbVCA7bjsgW5X7ljLwhhE4B6iOuB7j/sHFD7kMhYamtVJRR
          B+C9KUNx3hTc8ILDbnC4O6lijJzPmx1F3L3OeHbzHB/tXNZdLIrL5Gt/ckA3+0ow
          NuOuaZV2FLlyVa0UjUaAKirN/c68d/G3MJdQFEsARI9TNc+uhOCY+8rTr35dAliG
          LfsxTtDA+1ftKmt+I28PdgZpPz0X9QAws6Wd/QCIAI3BF5Dz7rT02KveJKPOEFJU
          -----END RSA PRIVATE KEY-----
      /home/resfilesync/.ssh/id_rsa.pub:
        owner: "resfilesync"
        group: "resfilesync"
        mode: "0644"
        content: |
          ssh-rsa AAAAB3NzaC1yc2EAAADFVBNJR56SO2djdvdvvgyuoldfgwADA==resfilesync@resilient.localdomain
  10. Activate the built-in Ansible environment.
    source /opt/ansible-venv/python/ansible-python-env-latest/bin/activate 
  11. To protect the keys, encrypt the ssh_vault.yml file by typing the following command from the /usr/share/resilient-dr/ansible/files folder.
    ansible-vault encrypt ssh_vault.yml
    Important: Because of an Ansible limitation, you must use the same password when you encrypt the following vault files on each appliance.
    • group_vars/all/vault
    • ansible/files/ssh_vault.yml
    • ansible/files/ssl_certs_vault_file
    To decrypt the files, enter the following command from the /usr/share/resilient-dr/ansible/files directory:
    ansible-vault decrypt <filename>

What to do next

Ensure that you complete these configuration steps on both of the SOAR Platform systems.

After the appliances are configured, proceed to Step 3: Configuring Postgres for SSL.