Skip to content
Snippets Groups Projects
Commit 85d9cdd3 authored by Varga Máté György's avatar Varga Máté György
Browse files

Refact

parent a5ac4d2c
Branches testing
No related tags found
No related merge requests found
all:
hosts:
www:
hostname: "www"
ansible_host: 192.168.255.251
ansible_user: arcter
# manager:
# ansible_host: security.manager.arcter
# ansible_user: arcter
rimuru:
hostname: "rimuru"
ansible_host: rimuru
ansible_user: arcter
children:
security_req:
hosts:
www: {}
vms:
children:
security_req: {}
# manager: {}
---
collections:
- ansible.posix
- community.docker
roles:
- src: git@git.sch.bme.hu:netadmin/ansibleroles/podmanrole.git
scm: git
version: master
name: podman.install
\ No newline at end of file
---
#Install OSquery
- name: Add Osquery key
ansible.builtin.apt.key:
keyserver: hkp://keyserver.ubuntu.com:80
id: 1484120AC4E9F8A1A577AEEE97A80C63C9D8B80B
state: present
- name: Add Osquery repository
ansible.builtin.apt_repository:
repo: deb [arch=amd64] https://pkg.osquery.io/deb deb main
state: present
- name: Appdate apt cache
apt:
update_cache: yes
- name: Install Osquery
apt:
- osquery
- name: Enable Osquery
systemd:
daemon_reload: true
name: osquery
enabled: true
state: started
---
#Install Wazuh Agent
- name: Add Wazuh GPG key
ansible.builtin.apt.key:
url: https://packages.wazuh.com/key/GPG-KEY-WAZUH
state: present
- name: Add Wazuh repository
ansible.builtin.apt_repository:
repo: deb https://packages.wazuh.com/4.x/apt/ stable main
state: present
- name: Appdate apt cache
apt:
update_cache: yes
- name: Install Wazuh Agent
apt:
- wazuh-agent
- name: Config Wazuh Agent
shell: "agent-auth -m {{ manager.ansible_host }}"
- name: Enable Wazuh agent
systemd:
daemon_reload: true
name: wazuh-agent
enabled: true
state: started
---
- name: Install GPG
become: true
package:
name: gnupg
state: present
- name: Add the Caddy GPG key
become: true
ansible.builtin.apt_key:
url: https://dl.cloudsmith.io/public/caddy/stable/gpg.key
state: present
- name: Add the offical Caddy repository
become: true
ansible.builtin.apt_repository:
repo: "{{ item }}"
state: present
loop:
- deb https://dl.cloudsmith.io/public/caddy/stable/deb/debian any-version main
- deb-src https://dl.cloudsmith.io/public/caddy/stable/deb/debian any-version main
- name: Install Caddy
become: true
package:
name: caddy
state: present
......@@ -5,21 +5,8 @@
upgrade: yes
update_cache: yes
- name: "Install qemu-guest-agent"
become: true
package:
name: "{{item}}"
state: present
with_items:
- qemu-guest-agent
- name: Set hostname
become: true
ansible.builtin.hostname:
name: "{{ hostname }}"
- name: "Enable agent"
become: true
ansible.builtin.service:
name: qemu-guest-agent
enabled: yes
---
- name: Install Docker and Docker-compose
become: true
package:
name: "{{ item }}"
state: present
with_items:
- docker.io
- docker-compose
\ No newline at end of file
---
- name: Install GPG
become: true
package:
name: gnupg
state: present
- include_tasks: "tasks/podman/installpodmanonoldubuntu.yml"
when: ansible_distribution == "Ubuntu" and ansible_distribution_version == "20.04"
- name: Install podman and python3
become: true
package:
name: "{{ item }}"
state: present
with_items:
- podman
- python3
- python3-pip
- python3-venv
- name: Install podman-compose & dependencies
become: true
pip:
name:
- setuptools
- podman-compose
---
- name: Add the Podman GPG key
become: true
ansible.builtin.apt_key:
url: https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_20.04/Release.key
state: present
- name: Add the official Podman Ubuntu 20.04 repository
become: true
ansible.builtin.apt_repository:
repo: deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_20.04/ /
state: present
- name: "Podman: Update and upgrade apt packages"
become: true
apt:
upgrade: yes
update_cache: yes
---
- name: Copy registries config
become: true
copy:
src: files/etc/containers/registries.conf
dest: /etc/containers/registries.conf
owner: root
group: root
mode: 0644
- name: Enable podman socket service
become: true
systemd:
name: podman.socket
state: started
enabled: yes
- name: Add read write permission to podman socket
become: true
file:
path: /var/run/podman/podman.sock
owner: root
group: root
mode: '0664'
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment