tpotce/installer/install/deploy.yml

---
###########################
# T-Pot Sensor Deployment #
###########################

- name: T-POT Sensor Deployment
  hosts: all
  vars:
    local_nginx_cert_path: "~/tpotce/data/nginx/cert/nginx.crt"
    remote_cert_path: "~/tpotce/data/hive.crt"
    remote_sensor_yml_path: "~/tpotce/compose/sensor.yml"
    remote_docker_compose_path: "~/tpotce/docker-compose.yml"
    env_file_path: "~/tpotce/.env"

  tasks:
    - name: Ensure the destination directory exists
      ansible.builtin.file:
        path: "{{ remote_cert_path | dirname }}"
        state: directory
        mode: '770'

    - name: Copy nginx.crt from local to remote host
      ansible.builtin.copy:
        src: "{{ local_nginx_cert_path }}"
        dest: "{{ remote_cert_path }}"

    - name: Copy sensor.yml to docker-compose.yml on the remote host
      ansible.builtin.command:
        cmd: "cp {{ remote_sensor_yml_path }} {{ remote_docker_compose_path }}"

    - name: Update T-POT_HIVE_USER in .env
      ansible.builtin.lineinfile:
        path: "{{ env_file_path }}"
        regexp: '^TPOT_HIVE_USER='
        line: 'TPOT_HIVE_USER={{ lookup("env", "myTPOT_HIVE_USER") }}'

    - name: Update T-POT_HIVE_IP in .env
      ansible.builtin.lineinfile:
        path: "{{ env_file_path }}"
        regexp: '^TPOT_HIVE_IP='
        line: 'TPOT_HIVE_IP={{ lookup("env", "myTPOT_HIVE_IP") }}'

    - name: Ensure T-POT_TYPE is set to SENSOR in .env
      ansible.builtin.lineinfile:
        path: "{{ env_file_path }}"
        regexp: '^TPOT_TYPE='
        line: 'TPOT_TYPE=SENSOR'
        create: yes

    - name: Ensure WEB_USER is empty in .env
      ansible.builtin.lineinfile:
        path: "{{ env_file_path }}"
        regexp: '^WEB_USER='
        line: 'WEB_USER='
        create: yes

    - name: Ensure LS_WEB_USER is empty in .env
      ansible.builtin.lineinfile:
        path: "{{ env_file_path }}"
        regexp: '^LS_WEB_USER='
        line: 'LS_WEB_USER='
        create: yes

    - name: Reboot the sensor
      become: yes
      ansible.builtin.reboot:
        reboot_timeout: 600
        pre_reboot_delay: 0
        post_reboot_delay: 0
        msg: "Reboot initiated by Ansible for T-Pot sensor deployment."
        test_command: "uptime"
start rework env, sensor deploy 2024-02-22 18:09:52 +00:00			`---`
finish documentation add uninstaller playbook and script tweaking and cleanup 2024-03-24 15:21:51 +00:00			`###########################`
			`# T-Pot Sensor Deployment #`
			`###########################`

			`- name: T-POT Sensor Deployment`
start rework env, sensor deploy 2024-02-22 18:09:52 +00:00			`hosts: all`
			`vars:`
			`local_nginx_cert_path: "~/tpotce/data/nginx/cert/nginx.crt"`
			`remote_cert_path: "~/tpotce/data/hive.crt"`
			`remote_sensor_yml_path: "~/tpotce/compose/sensor.yml"`
			`remote_docker_compose_path: "~/tpotce/docker-compose.yml"`
			`env_file_path: "~/tpotce/.env"`
finish documentation add uninstaller playbook and script tweaking and cleanup 2024-03-24 15:21:51 +00:00
start rework env, sensor deploy 2024-02-22 18:09:52 +00:00			`tasks:`
continue work on sensor deploy 2024-02-23 19:30:12 +00:00			`- name: Ensure the destination directory exists`
			`ansible.builtin.file:`
			`path: "{{ remote_cert_path \| dirname }}"`
			`state: directory`
			`mode: '770'`

start rework env, sensor deploy 2024-02-22 18:09:52 +00:00			`- name: Copy nginx.crt from local to remote host`
			`ansible.builtin.copy:`
			`src: "{{ local_nginx_cert_path }}"`
			`dest: "{{ remote_cert_path }}"`

			`- name: Copy sensor.yml to docker-compose.yml on the remote host`
			`ansible.builtin.command:`
			`cmd: "cp {{ remote_sensor_yml_path }} {{ remote_docker_compose_path }}"`

finish documentation add uninstaller playbook and script tweaking and cleanup 2024-03-24 15:21:51 +00:00			`- name: Update T-POT_HIVE_USER in .env`
start rework env, sensor deploy 2024-02-22 18:09:52 +00:00			`ansible.builtin.lineinfile:`
			`path: "{{ env_file_path }}"`
			`regexp: '^TPOT_HIVE_USER='`
			`line: 'TPOT_HIVE_USER={{ lookup("env", "myTPOT_HIVE_USER") }}'`

finish documentation add uninstaller playbook and script tweaking and cleanup 2024-03-24 15:21:51 +00:00			`- name: Update T-POT_HIVE_IP in .env`
start rework env, sensor deploy 2024-02-22 18:09:52 +00:00			`ansible.builtin.lineinfile:`
			`path: "{{ env_file_path }}"`
			`regexp: '^TPOT_HIVE_IP='`
			`line: 'TPOT_HIVE_IP={{ lookup("env", "myTPOT_HIVE_IP") }}'`

finish documentation add uninstaller playbook and script tweaking and cleanup 2024-03-24 15:21:51 +00:00			`- name: Ensure T-POT_TYPE is set to SENSOR in .env`
start rework env, sensor deploy 2024-02-22 18:09:52 +00:00			`ansible.builtin.lineinfile:`
			`path: "{{ env_file_path }}"`
			`regexp: '^TPOT_TYPE='`
			`line: 'TPOT_TYPE=SENSOR'`
			`create: yes`

			`- name: Ensure WEB_USER is empty in .env`
			`ansible.builtin.lineinfile:`
			`path: "{{ env_file_path }}"`
			`regexp: '^WEB_USER='`
			`line: 'WEB_USER='`
			`create: yes`

			`- name: Ensure LS_WEB_USER is empty in .env`
			`ansible.builtin.lineinfile:`
			`path: "{{ env_file_path }}"`
			`regexp: '^LS_WEB_USER='`
			`line: 'LS_WEB_USER='`
			`create: yes`
continue with documentation fix tpotinit entrypoint.sh to resolve a conflict with sensor deployment where data folder is not yet owned by tpot user 2024-03-22 19:47:39 +00:00
			`- name: Reboot the sensor`
			`become: yes`
			`ansible.builtin.reboot:`
			`reboot_timeout: 600`
			`pre_reboot_delay: 0`
			`post_reboot_delay: 0`
			`msg: "Reboot initiated by Ansible for T-Pot sensor deployment."`
			`test_command: "uptime"`