continue work on sensor deploy

deploy.sh

@@ -38,11 +38,11 @@ if [[ ${mySENSOR_INSTALLED} != "y" ]];
       exit 1
 fi
 
-# Check if ssh key has been deployed
+# Ask for the remote user
-read -p "# Has the SSH key been deployed to the SENSOR? (y/n): " mySSHKEY_DEPLOYED
+read -p "# Enter the remote username T-Pot SENSOR was installed with: " mySSHUSER
-if [[ ${mySSHKEY_DEPLOYED} != "y" ]]; 
+if [[ ${mySSHUSER} == "" ]]; 
     then
-      echo "# Generate a SSH key using 'ssh-keygen' and deploy it to the SENSOR with 'ssh-copy-id user@sensor-ip'."
+      echo "# You need to enter a user. Aborting."
       exit 1
 fi
 
@@ -57,6 +57,14 @@ while true; do
   fi
 done
 
+# Check if ssh key has been deployed
+read -p "# Has a SSH key been deployed to the SENSOR? (y/n): " mySSHKEY_DEPLOYED
+if [[ ${mySSHKEY_DEPLOYED} != "y" ]]; 
+    then
+      echo "# Generate a SSH key using 'ssh-keygen' and deploy it to the SENSOR (Example: ssh-copy-id -p 64295 ${mySSHUSER}@${mySENSOR_IP})."
+      exit 1
+fi
+
 # Validate IP/domain name of HIVE
 while true; do
   read -p "# Enter the IP/domain name of this HIVE: " myTPOT_HIVE_IP
@@ -92,12 +100,25 @@ echo "# New SENSOR credentials base64 encoded: ${myTPOT_HIVE_USER}"
 # Read LS_WEB_USER from file
 myENV_LS_WEB_USER=$(grep "^LS_WEB_USER=" "${myENV_FILE}" | sed 's/^LS_WEB_USER=//g' | tr -d "\"'")
 
-# Add the new SENSOR and show a complete list of all the SENSORs
+# Add the new SENSOR user
+if [ "${myENV_LS_WEB_USER}" == "" ];
+  then
+    myENV_LS_WEB_USER="${myLS_WEB_USER_ENC_B64}"
+  else
     myENV_LS_WEB_USER="${myENV_LS_WEB_USER} ${myLS_WEB_USER_ENC_B64}"
+fi
 
+# Need to export for Ansible
+export myTPOT_HIVE_USER
+export myTPOT_HIVE_IP
+
+ANSIBLE_LOG_PATH=${HOME}/tpotce/data/deploy_sensor.log ansible-playbook ${myANSIBLE_TPOT_PLAYBOOK} -i ${mySENSOR_IP}, -c ssh -u ${mySSHUSER} -e "ansible_port=${myANSIBLE_PORT}"
+
+if [ "$?" == 0 ];
+  then
 	# Update the T-Pot .env config and lswebpasswd (avoid the need to restart T-Pot) on the host
 	echo "# Updating SENSOR users on this HIVE and in the T-Pot .env config:"
-sed -i "/^LS_WEB_USER=/c\LS_WEB_USER=${myENV_LS_WEB_USER}" "${myENV_FILE}"
+    sed -i "/^LS_WEB_USER=/c\LS_WEB_USER=$myENV_LS_WEB_USER" "${myENV_FILE}"
 	: > "${HOME}"/tpotce/data/nginx/conf/lswebpasswd
 	for i in $myENV_LS_WEB_USER;
 	  do
@@ -110,12 +131,7 @@ for i in $myENV_LS_WEB_USER;
 	        echo >> ${HOME}/tpotce/data/nginx/conf/lswebpasswd
 	      fi
 	done
-
+fi
-# Need to export for Ansible
-export myTPOT_HIVE_USER
-export myTPOT_HIVE_IP
-
-ANSIBLE_LOG_PATH=${HOME}/tpotce/data/deploy_sensor.log ansible-playbook ${myANSIBLE_TPOT_PLAYBOOK} -i ${mySENSOR_IP}, --check -c ssh -e "ansible_port=${myANSIBLE_PORT}"
 
 unset myTPOT_HIVE_USER
 unset myTPOT_HIVE_IP

install.sh

@@ -269,7 +269,7 @@ if [ "${myTPOT_TYPE}" == "SENSOR" ];
   then
     cp ${HOME}/tpotce/compose/sensor.yml ${HOME}/tpotce/docker-compose.yml
     myINFO="### Make sure to deploy SSH keys to this sensor and disable SSH password authentication.
-### On hive run the tpotce/tools/deploy.sh script to join this sensor to the hive."
+### On hive run the tpotce/deploy.sh script to join this sensor to the hive."
 fi
 
 # Pull docker images

installer/install/deploy.yml

@@ -8,6 +8,12 @@
     remote_docker_compose_path: "~/tpotce/docker-compose.yml"
     env_file_path: "~/tpotce/.env"
   tasks:
+    - name: Ensure the destination directory exists
+      ansible.builtin.file:
+        path: "{{ remote_cert_path | dirname }}"
+        state: directory
+        mode: '770'
+
     - name: Copy nginx.crt from local to remote host
       ansible.builtin.copy:
         src: "{{ local_nginx_cert_path }}"