Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-04-19 21:52:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
tpotce/installer/install/deploy.yml
Marco Ochse 3a81e988da finish documentation 
add uninstaller playbook and script
tweaking and cleanup
2024-03-24 16:21:51 +01:00

71 lines
2.2 KiB
YAML
Raw Blame History

---
###########################
# T-Pot Sensor Deployment #
###########################
- name: T-POT Sensor Deployment
hosts: all
vars:
local_nginx_cert_path: "~/tpotce/data/nginx/cert/nginx.crt"
remote_cert_path: "~/tpotce/data/hive.crt"
remote_sensor_yml_path: "~/tpotce/compose/sensor.yml"
remote_docker_compose_path: "~/tpotce/docker-compose.yml"
env_file_path: "~/tpotce/.env"
tasks:
- name: Ensure the destination directory exists
ansible.builtin.file:
path: "{{ remote_cert_path | dirname }}"
state: directory
mode: '770'
- name: Copy nginx.crt from local to remote host
ansible.builtin.copy:
src: "{{ local_nginx_cert_path }}"
dest: "{{ remote_cert_path }}"
- name: Copy sensor.yml to docker-compose.yml on the remote host
ansible.builtin.command:
cmd: "cp {{ remote_sensor_yml_path }} {{ remote_docker_compose_path }}"
- name: Update T-POT_HIVE_USER in .env
ansible.builtin.lineinfile:
path: "{{ env_file_path }}"
regexp: '^TPOT_HIVE_USER='
line: 'TPOT_HIVE_USER={{ lookup("env", "myTPOT_HIVE_USER") }}'
- name: Update T-POT_HIVE_IP in .env
ansible.builtin.lineinfile:
path: "{{ env_file_path }}"
regexp: '^TPOT_HIVE_IP='
line: 'TPOT_HIVE_IP={{ lookup("env", "myTPOT_HIVE_IP") }}'
- name: Ensure T-POT_TYPE is set to SENSOR in .env
ansible.builtin.lineinfile:
path: "{{ env_file_path }}"
regexp: '^TPOT_TYPE='
line: 'TPOT_TYPE=SENSOR'
create: yes
- name: Ensure WEB_USER is empty in .env
ansible.builtin.lineinfile:
path: "{{ env_file_path }}"
regexp: '^WEB_USER='
line: 'WEB_USER='
create: yes
- name: Ensure LS_WEB_USER is empty in .env
ansible.builtin.lineinfile:
path: "{{ env_file_path }}"
regexp: '^LS_WEB_USER='
line: 'LS_WEB_USER='
create: yes
- name: Reboot the sensor
become: yes
ansible.builtin.reboot:
reboot_timeout: 600
pre_reboot_delay: 0
post_reboot_delay: 0
msg: "Reboot initiated by Ansible for T-Pot sensor deployment."
test_command: "uptime"
Reference in a new issue View git blame Copy permalink