mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-07-01 04:22:11 +00:00
Merge pull request #597 from shaderecker/terraform-aws
Update AWS Terraform
This commit is contained in:
Marco Ochse
GitHub
commit
7b081d164f
4 changed files with 38 additions and 17 deletions
|
|
@ -60,7 +60,7 @@ resource "aws_instance" "tpot" {
|
||||||
volume_size = 128
|
volume_size = 128
|
||||||
delete_on_termination = true
|
delete_on_termination = true
|
||||||
}
|
}
|
||||||
user_data = "${file("../cloud-init.yaml")} content: ${base64encode(file("../tpot.conf"))}"
|
user_data = templatefile("../cloud-init.yaml", {timezone = var.timezone, password = var.linux_password, tpot_flavor = var.tpot_flavor, web_user = var.web_user, web_password = var.web_password})
|
||||||
vpc_security_group_ids = [aws_security_group.tpot.id]
|
vpc_security_group_ids = [aws_security_group.tpot.id]
|
||||||
associate_public_ip_address = true
|
associate_public_ip_address = true
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -52,3 +52,29 @@ variable "ec2_ami" {
|
||||||
"us-west-2" = "ami-023b7a69b9328e1f9"
|
"us-west-2" = "ami-023b7a69b9328e1f9"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# cloud-init configuration
|
||||||
|
variable "timezone" {
|
||||||
|
default = "UTC"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "linux_password" {
|
||||||
|
#default = "LiNuXuSeRPaSs#"
|
||||||
|
description = "Set a password for the default user"
|
||||||
|
}
|
||||||
|
|
||||||
|
# These will go in the generated tpot.conf file
|
||||||
|
variable "tpot_flavor" {
|
||||||
|
default = "STANDARD"
|
||||||
|
description = "Specify your tpot flavor [STANDARD, SENSOR, INDUSTRIAL, COLLECTOR, NEXTGEN]"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "web_user" {
|
||||||
|
default = "webuser"
|
||||||
|
description = "Set a username for the web user"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "web_password" {
|
||||||
|
#default = "w3b$ecret"
|
||||||
|
description = "Set a password for the web user"
|
||||||
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,5 @@
|
||||||
#cloud-config
|
#cloud-config
|
||||||
timezone: UTC
|
timezone: ${timezone}
|
||||||
|
|
||||||
package_update: true
|
|
||||||
package_upgrade: true
|
|
||||||
package_reboot_if_required: true
|
|
||||||
|
|
||||||
packages:
|
packages:
|
||||||
- git
|
- git
|
||||||
|
|
@ -12,14 +8,18 @@ runcmd:
|
||||||
- git clone https://github.com/dtag-dev-sec/tpotce /root/tpot
|
- git clone https://github.com/dtag-dev-sec/tpotce /root/tpot
|
||||||
- /root/tpot/iso/installer/install.sh --type=auto --conf=/root/tpot.conf
|
- /root/tpot/iso/installer/install.sh --type=auto --conf=/root/tpot.conf
|
||||||
- rm /root/tpot.conf
|
- rm /root/tpot.conf
|
||||||
- /sbin/shutdown -r +5
|
- /sbin/shutdown -r now
|
||||||
|
|
||||||
|
password: ${password}
|
||||||
|
chpasswd:
|
||||||
|
expire: false
|
||||||
|
|
||||||
# The contents of tpot.conf will be base64 encoded and appended to this file
|
|
||||||
# via the terraform configuration in main.tf
|
|
||||||
#
|
|
||||||
# Make sure there are no trailing new lines after "permissions" below
|
|
||||||
write_files:
|
write_files:
|
||||||
- encoding: b64
|
- content: |
|
||||||
|
# tpot configuration file
|
||||||
|
myCONF_TPOT_FLAVOR='${tpot_flavor}'
|
||||||
|
myCONF_WEB_USER='${web_user}'
|
||||||
|
myCONF_WEB_PW='${web_password}'
|
||||||
owner: root:root
|
owner: root:root
|
||||||
path: /root/tpot.conf
|
path: /root/tpot.conf
|
||||||
permissions: '0600'
|
permissions: '0600'
|
||||||
|
|
|
||||||
|
|
@ -1,5 +0,0 @@
|
||||||
# tpot configuration file
|
|
||||||
# myCONF_TPOT_FLAVOR=[STANDARD, SENSOR, INDUSTRIAL, COLLECTOR, NEXTGEN]
|
|
||||||
myCONF_TPOT_FLAVOR='STANDARD'
|
|
||||||
myCONF_WEB_USER='webuser'
|
|
||||||
myCONF_WEB_PW='w3b$ecret'
|
|
||||||
Loading…
Reference in a new issue