Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-04-29 11:48:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Moved to hpfeeds cmdline option

Browse source
This commit is contained in:
Sebastian Haderecker 2019-05-16 10:51:04 +00:00
parent 190fba654a
commit 965170ff21
3 changed files with 10 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
cloud/open-telekom-cloud/ansible/roles/custom_ews/tasks/main.yaml
View file

@ -12,29 +12,13 @@
insertafter: '/opt/ewsposter/ews.ip' insertafter: '/opt/ewsposter/ews.ip'
line: ' - /data/ews/conf/ews.cfg:/opt/ewsposter/ews.cfg' line: ' - /data/ews/conf/ews.cfg:/opt/ewsposter/ews.cfg'
- name: Lookup HPFEED environment variables - name: Copy hpfeeds configuration file
set_fact: template:
myENABLE: "{{ lookup('env', 'myENABLE') }}" src: ../templates/hpfeeds.cfg
myHOST: "{{ lookup('env', 'myHOST') }}" dest: /data/ews/conf
myPORT: "{{ lookup('env', 'myPORT') }}" owner: root
myCHANNEL: "{{ lookup('env', 'myCHANNEL') }}" group: root
myIDENT: "{{ lookup('env', 'myIDENT') }}" mode: 0644
mySECRET: "{{ lookup('env', 'mySECRET') }}"
myCERT: "{{ lookup('env', 'myCERT') }}"
myFORMAT: "{{ lookup('env', 'myFORMAT') }}"
- name: Apply HPFEED settings in tpot.yml -name: Applying hpfeeds settings
lineinfile: command: /opt/tpot/bin/hpfeeds_optin.sh --conf=/data/ews/conf/hpfeeds.cfg
path: /opt/tpot/etc/tpot.yml
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
with_items:
- { regexp: 'EWS_HPFEEDS_ENABLE.*', line: ' - EWS_HPFEEDS_ENABLE={{ myENABLE | lower }}' }
- { regexp: 'EWS_HPFEEDS_HOST.*', line: ' - EWS_HPFEEDS_HOST={{ myHOST }}' }
- { regexp: 'EWS_HPFEEDS_PORT.*', line: ' - EWS_HPFEEDS_PORT={{ myPORT }}' }
- { regexp: 'EWS_HPFEEDS_CHANNELS.*', line: ' - EWS_HPFEEDS_CHANNELS={{ myCHANNEL }}' }
- { regexp: 'EWS_HPFEEDS_IDENT.*', line: ' - EWS_HPFEEDS_IDENT={{ myIDENT }}' }
- { regexp: 'EWS_HPFEEDS_SECRET.*', line: ' - EWS_HPFEEDS_SECRET={{ mySECRET }}' }
- { regexp: 'EWS_HPFEEDS_TLSCERT.*', line: ' - EWS_HPFEEDS_TLSCERT={{ myCERT }}' }
- { regexp: 'EWS_HPFEEDS_TLSCERT.False', line: ' - EWS_HPFEEDS_TLSCERT={{ myCERT | lower }}' }
- { regexp: 'EWS_HPFEEDS_FORMAT.*', line: ' - EWS_HPFEEDS_FORMAT={{ myFORMAT }}' }

2
cloud/open-telekom-cloud/.hpfeeds_settings.sh → cloud/open-telekom-cloud/ansible/roles/custom_ews/templates/hpfeeds.cfg
View file

@ -2,7 +2,7 @@ myENABLE=false
myHOST=host myHOST=host
myPORT=port myPORT=port
myCHANNEL=channels myCHANNEL=channels
myCERT=false
myIDENT=user myIDENT=user
mySECRET=secret mySECRET=secret
myCERT=false
myFORMAT=json myFORMAT=json

13
cloud/open-telekom-cloud/deploy_ansible_otc_t-pot.sh
View file

@ -33,22 +33,9 @@ source .ecs_settings.sh
# Import OTC authentication credentials # Import OTC authentication credentials
source .otc_env.sh source .otc_env.sh
# Import HPFEED settings
source .hpfeeds_settings.sh
# Password is later used by Ansible # Password is later used by Ansible
export LINUX_PASS=$linuxpass export LINUX_PASS=$linuxpass
# HPFEED settings are later used by Ansible
export myENABLE=$myENABLE
export myHOST=$myHOST
export myPORT=$myPORT
export myCHANNEL=$myCHANNEL
export myIDENT=$myIDENT
export mySECRET=$mySECRET
export myCERT=$myCERT
export myFORMAT=$myFORMAT
# Ignore ssh host keys as they are new anyway # Ignore ssh host keys as they are new anyway
export ANSIBLE_HOST_KEY_CHECKING=False export ANSIBLE_HOST_KEY_CHECKING=False