Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-04-20 06:02:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Add support for Raspbian (64 Bit)

Browse source
This commit is contained in:
Marco Ochse 2023-11-01 15:51:56 +01:00 committed by GitHub
parent 15d65dbc25
commit 13326985a9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 48 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

77
installer/install/tpot.yml
View file

@ -18,6 +18,7 @@
- "Debian" - "Debian"
- "Fedora" - "Fedora"
- "openSUSE Tumbleweed" - "openSUSE Tumbleweed"
- "Raspbian"
- "Rocky" - "Rocky"
- "Ubuntu" - "Ubuntu"
@ -29,16 +30,18 @@
- "Debian" - "Debian"
- "Fedora" - "Fedora"
- "openSUSE Tumbleweed" - "openSUSE Tumbleweed"
- "Raspbian"
- "Rocky" - "Rocky"
- "Ubuntu" - "Ubuntu"
- name: Add python package (Debian, Ubuntu) - name: Add python package (Debian, Raspbian, Ubuntu)
raw: | raw: |
apt update apt update
apt -y install python3 apt -y install python3
when: my_distribution.stdout | trim in ["Debian", "Ubuntu"] and my_python3.stdout | trim == "" when: my_distribution.stdout | trim in ["Debian", "Raspbian", "Ubuntu"] and my_python3.stdout | trim == ""
tags: tags:
- "Debian" - "Debian"
- "Raspbian"
- "Ubuntu" - "Ubuntu"
- name: Add python package (Alma, Fedora, Rocky) - name: Add python package (Alma, Fedora, Rocky)
@ -71,6 +74,7 @@
- "Debian" - "Debian"
- "Fedora" - "Fedora"
- "openSUSE Tumbleweed" - "openSUSE Tumbleweed"
- "Raspbian"
- "Rocky" - "Rocky"
- "Ubuntu" - "Ubuntu"
@ -89,7 +93,7 @@
- name: Check if supported distribution (All) - name: Check if supported distribution (All)
assert: assert:
that: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Rocky", "Ubuntu"] that: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
fail_msg: "T-Pot is not supported on this plattform: {{ ansible_distribution }}." fail_msg: "T-Pot is not supported on this plattform: {{ ansible_distribution }}."
success_msg: "T-Pot will now install on {{ ansible_distribution }}." success_msg: "T-Pot will now install on {{ ansible_distribution }}."
@ -105,17 +109,18 @@
tasks: tasks:
- name: Syncing clocks (All) - name: Syncing clocks (All)
shell: "hwclock --hctosys" shell: "hwclock --hctosys"
when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Rocky", "Ubuntu"] when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
ignore_errors: true ignore_errors: true
tags: tags:
- "AlmaLinux" - "AlmaLinux"
- "Debian" - "Debian"
- "Fedora" - "Fedora"
- "openSUSE Tumbleweed" - "openSUSE Tumbleweed"
- "Raspbian"
- "Rocky" - "Rocky"
- "Ubuntu" - "Ubuntu"
- name: Install recommended packages (Debian, Ubuntu) - name: Install recommended packages (Debian, Raspbian, Ubuntu)
package: package:
name: name:
- apache2-utils - apache2-utils
@ -133,9 +138,10 @@
- wget - wget
state: latest state: latest
update_cache: yes update_cache: yes
when: ansible_distribution in ["Debian", "Ubuntu"] when: ansible_distribution in ["Debian", "Raspbian", "Ubuntu"]
tags: tags:
- "Debian" - "Debian"
- "Raspbian"
- "Ubuntu" - "Ubuntu"
- name: Install grc from remote repo (AlmaLinux, Rocky) - name: Install grc from remote repo (AlmaLinux, Rocky)
@ -217,7 +223,7 @@
become: true become: true
tasks: tasks:
- name: Remove distribution based Docker packages (AlmaLinux, Debian, Fedora, Rocky, Ubuntu) - name: Remove distribution based Docker packages (AlmaLinux, Debian, Fedora, Raspbian, Rocky, Ubuntu)
package: package:
name: name:
- docker - docker
@ -227,52 +233,57 @@
- runc - runc
state: absent state: absent
update_cache: yes update_cache: yes
when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "Rocky", "Ubuntu"] when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "Raspbian", "Rocky", "Ubuntu"]
tags: tags:
- "AlmaLinux" - "AlmaLinux"
- "Debian" - "Debian"
- "Fedora" - "Fedora"
- "Raspbian"
- "Rocky" - "Rocky"
- "Ubuntu" - "Ubuntu"
- name: Add folder for Docker Engine GPG key (Debian, Ubuntu) - name: Add folder for Docker Engine GPG key (Debian, Raspbian, Ubuntu)
file: file:
path: /etc/apt/keyrings path: /etc/apt/keyrings
state: directory state: directory
mode: 0755 mode: 0755
when: ansible_distribution in ["Debian", "Ubuntu"] when: ansible_distribution in ["Debian", "Raspbian", "Ubuntu"]
tags: tags:
- "Debian" - "Debian"
- "Raspbian"
- "Ubuntu" - "Ubuntu"
- name: Download Docker Engine GPG key (Debian, Ubuntu) - name: Download Docker Engine GPG key (Debian, Raspbian, Ubuntu)
get_url: get_url:
url: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg url: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg
dest: /etc/apt/keyrings/docker dest: /etc/apt/keyrings/docker
mode: 0755 mode: 0755
when: ansible_distribution in ["Debian", "Ubuntu"] when: ansible_distribution in ["Debian", "Raspbian", "Ubuntu"]
tags: tags:
- "Debian" - "Debian"
- "Raspbian"
- "Ubuntu" - "Ubuntu"
- name: Decrypt Docker Engine GPG key (Debian, Ubuntu) - name: Decrypt Docker Engine GPG key (Debian, Raspbian, Ubuntu)
shell: gpg --dearmor /etc/apt/keyrings/docker shell: gpg --dearmor /etc/apt/keyrings/docker
args: args:
creates: /etc/apt/keyrings/docker.gpg creates: /etc/apt/keyrings/docker.gpg
when: ansible_distribution in ["Debian", "Ubuntu"] when: ansible_distribution in ["Debian", "Raspbian", "Ubuntu"]
tags: tags:
- "Debian" - "Debian"
- "Raspbian"
- "Ubuntu" - "Ubuntu"
- name: Add Docker Engine repository (Debian, Ubuntu) - name: Add Docker Engine repository (Debian, Raspbian, Ubuntu)
apt_repository: apt_repository:
filename: docker filename: docker
repo: "deb [arch={{ ansible_architecture | replace('aarch64', 'arm64') }} signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable" repo: "deb [arch={{ ansible_architecture | replace('aarch64', 'arm64') }} signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable"
state: present state: present
update_cache: yes update_cache: yes
when: ansible_distribution in ["Debian", "Ubuntu"] when: ansible_distribution in ["Debian", "Raspbian", "Ubuntu"]
tags: tags:
- "Debian" - "Debian"
- "Raspbian"
- "Ubuntu" - "Ubuntu"
- name: Add Docker repository (Fedora) - name: Add Docker repository (Fedora)
@ -323,7 +334,7 @@
tags: tags:
- "openSUSE Tumbleweed" - "openSUSE Tumbleweed"
- name: Install Docker Engine packages (AlmaLinux, Debian, Fedora, Rocky, Ubuntu) - name: Install Docker Engine packages (AlmaLinux, Debian, Fedora, Raspbian, Rocky, Ubuntu)
package: package:
name: name:
- docker-ce - docker-ce
@ -333,11 +344,12 @@
- docker-compose-plugin - docker-compose-plugin
state: latest state: latest
update_cache: yes update_cache: yes
when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "Rocky", "Ubuntu"] when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "Raspbian", "Rocky", "Ubuntu"]
tags: tags:
- "AlmaLinux" - "AlmaLinux"
- "Debian" - "Debian"
- "Fedora" - "Fedora"
- "Raspbian"
- "Rocky" - "Rocky"
- "Ubuntu" - "Ubuntu"
@ -346,12 +358,13 @@
name: docker name: docker
state: stopped state: stopped
enabled: false enabled: false
when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Rocky", "Ubuntu"] when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
tags: tags:
- "AlmaLinux" - "AlmaLinux"
- "Debian" - "Debian"
- "Fedora" - "Fedora"
- "openSUSE Tumbleweed" - "openSUSE Tumbleweed"
- "Raspbian"
- "Rocky" - "Rocky"
- "Ubuntu" - "Ubuntu"
@ -370,12 +383,13 @@
name: tpot name: tpot
gid: 2000 gid: 2000
state: present state: present
when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Rocky", "Ubuntu"] when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
tags: tags:
- "AlmaLinux" - "AlmaLinux"
- "Debian" - "Debian"
- "Fedora" - "Fedora"
- "openSUSE Tumbleweed" - "openSUSE Tumbleweed"
- "Raspbian"
- "Rocky" - "Rocky"
- "Ubuntu" - "Ubuntu"
@ -387,12 +401,13 @@
shell: /bin/false shell: /bin/false
home: /nonexistent home: /nonexistent
group: tpot group: tpot
when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Rocky", "Ubuntu"] when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
tags: tags:
- "AlmaLinux" - "AlmaLinux"
- "Debian" - "Debian"
- "Fedora" - "Fedora"
- "openSUSE Tumbleweed" - "openSUSE Tumbleweed"
- "Raspbian"
- "Rocky" - "Rocky"
- "Ubuntu" - "Ubuntu"
@ -413,16 +428,17 @@
tags: tags:
- "Ubuntu" - "Ubuntu"
- name: Change SSH Port to 64295 (AlmaLinux, Debian, Fedora, Rocky, Ubuntu) - name: Change SSH Port to 64295 (AlmaLinux, Debian, Fedora, Raspbian, Rocky, Ubuntu)
lineinfile: lineinfile:
path: /etc/ssh/sshd_config path: /etc/ssh/sshd_config
line: "Port 64295" line: "Port 64295"
insertafter: EOF insertafter: EOF
when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "Rocky", "Ubuntu"] when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "Raspbian", "Rocky", "Ubuntu"]
tags: tags:
- "AlmaLinux" - "AlmaLinux"
- "Debian" - "Debian"
- "Fedora" - "Fedora"
- "Raspbian"
- "Rocky" - "Rocky"
- "Ubuntu" - "Ubuntu"
@ -573,12 +589,13 @@
name: docker name: docker
state: restarted state: restarted
enabled: true enabled: true
when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Rocky", "Ubuntu"] when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
tags: tags:
- "AlmaLinux" - "AlmaLinux"
- "Debian" - "Debian"
- "Fedora" - "Fedora"
- "openSUSE Tumbleweed" - "openSUSE Tumbleweed"
- "Raspbian"
- "Rocky" - "Rocky"
- "Ubuntu" - "Ubuntu"
@ -587,12 +604,13 @@
name: "{{ 'ssh' if ansible_distribution in ['Ubuntu'] else 'sshd' }}" name: "{{ 'ssh' if ansible_distribution in ['Ubuntu'] else 'sshd' }}"
state: restarted state: restarted
enabled: true enabled: true
when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Rocky", "Ubuntu"] when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
tags: tags:
- "AlmaLinux" - "AlmaLinux"
- "Debian" - "Debian"
- "Fedora" - "Fedora"
- "openSUSE Tumbleweed" - "openSUSE Tumbleweed"
- "Raspbian"
- "Rocky" - "Rocky"
- "Ubuntu" - "Ubuntu"
@ -609,6 +627,7 @@
- "Debian" - "Debian"
- "Fedora" - "Fedora"
- "openSUSE Tumbleweed" - "openSUSE Tumbleweed"
- "Raspbian"
- "Rocky" - "Rocky"
- "Ubuntu" - "Ubuntu"
@ -627,7 +646,7 @@
marker: "# {mark} ANSIBLE MANAGED BLOCK" marker: "# {mark} ANSIBLE MANAGED BLOCK"
insertafter: EOF insertafter: EOF
state: present state: present
when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Rocky", "Ubuntu"] when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
- name: Clone / Update T-Pot repository (All) - name: Clone / Update T-Pot repository (All)
git: git:
@ -636,7 +655,7 @@
version: dev version: dev
clone: yes clone: yes
update: no update: no
when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Rocky", "Ubuntu"] when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
- name: Add current user to Docker, T-Pot group (All) - name: Add current user to Docker, T-Pot group (All)
become: true become: true
@ -646,10 +665,10 @@
- docker - docker
- tpot - tpot
append: yes append: yes
when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Rocky", "Ubuntu"] when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
- name: Check for non-root user id (All) - name: Check for non-root user id (All)
debug: debug:
msg: "Detected user: '{{ ansible_user_id }}'" msg: "Detected user: '{{ ansible_user_id }}'"
when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Rocky", "Ubuntu"] when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
failed_when: ansible_user_id == "root" failed_when: ansible_user_id == "root"