From 85d9cdd33f706400e78a9e2042b06622c6994af4 Mon Sep 17 00:00:00 2001
From: arcter <varga.mate@kszk.bme.hu>
Date: Sat, 15 Jan 2022 12:49:45 +0100
Subject: [PATCH] Refact
---
Ansible/inventory.yml | 15 ----------
Ansible/requirements.galaxy.yaml | 10 +++++++
Ansible/tasks/Security/hosts/osquery.yml | 27 -----------------
Ansible/tasks/Security/hosts/wazuh.yml | 29 -------------------
Ansible/tasks/Security/manager/osquery.yml | 0
Ansible/tasks/Security/manager/wazuh.yml | 0
Ansible/tasks/caddy_install.yml | 28 ------------------
Ansible/tasks/init.yml | 13 ---------
Ansible/tasks/installdocker.yml | 9 ------
Ansible/tasks/podman/installpodman.yml | 27 -----------------
.../tasks/podman/installpodmanonoldubuntu.yml | 20 -------------
Ansible/tasks/podman/podman_config.yml | 24 ---------------
12 files changed, 10 insertions(+), 192 deletions(-)
create mode 100644 Ansible/requirements.galaxy.yaml
delete mode 100644 Ansible/tasks/Security/hosts/osquery.yml
delete mode 100644 Ansible/tasks/Security/hosts/wazuh.yml
delete mode 100644 Ansible/tasks/Security/manager/osquery.yml
delete mode 100644 Ansible/tasks/Security/manager/wazuh.yml
delete mode 100644 Ansible/tasks/caddy_install.yml
delete mode 100644 Ansible/tasks/installdocker.yml
delete mode 100644 Ansible/tasks/podman/installpodman.yml
delete mode 100644 Ansible/tasks/podman/installpodmanonoldubuntu.yml
delete mode 100644 Ansible/tasks/podman/podman_config.yml
diff --git a/Ansible/inventory.yml b/Ansible/inventory.yml
index 35c867ec8..3119dbfb1 100644
--- a/Ansible/inventory.yml
+++ b/Ansible/inventory.yml
@@ -1,21 +1,6 @@
all:
hosts:
- www:
- hostname: "www"
- ansible_host: 192.168.255.251
- ansible_user: arcter
- # manager:
- # ansible_host: security.manager.arcter
- # ansible_user: arcter
rimuru:
hostname: "rimuru"
ansible_host: rimuru
ansible_user: arcter
- children:
- security_req:
- hosts:
- www: {}
- vms:
- children:
- security_req: {}
- # manager: {}
diff --git a/Ansible/requirements.galaxy.yaml b/Ansible/requirements.galaxy.yaml
new file mode 100644
index 000000000..a5362c93f
--- /dev/null
+++ b/Ansible/requirements.galaxy.yaml
@@ -0,0 +1,10 @@
+---
+collections:
+ - ansible.posix
+ - community.docker
+
+roles:
+ - src: git@git.sch.bme.hu:netadmin/ansibleroles/podmanrole.git
+ scm: git
+ version: master
+ name: podman.install
\ No newline at end of file
diff --git a/Ansible/tasks/Security/hosts/osquery.yml b/Ansible/tasks/Security/hosts/osquery.yml
deleted file mode 100644
index d33fd57cb..000000000
--- a/Ansible/tasks/Security/hosts/osquery.yml
+++ /dev/null
@@ -1,27 +0,0 @@
----
-#Install OSquery
-- name: Add Osquery key
- ansible.builtin.apt.key:
- keyserver: hkp://keyserver.ubuntu.com:80
- id: 1484120AC4E9F8A1A577AEEE97A80C63C9D8B80B
- state: present
-
-- name: Add Osquery repository
- ansible.builtin.apt_repository:
- repo: deb [arch=amd64] https://pkg.osquery.io/deb deb main
- state: present
-
-- name: Appdate apt cache
- apt:
- update_cache: yes
-
-- name: Install Osquery
- apt:
- - osquery
-
-- name: Enable Osquery
- systemd:
- daemon_reload: true
- name: osquery
- enabled: true
- state: started
diff --git a/Ansible/tasks/Security/hosts/wazuh.yml b/Ansible/tasks/Security/hosts/wazuh.yml
deleted file mode 100644
index bca440c1c..000000000
--- a/Ansible/tasks/Security/hosts/wazuh.yml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-#Install Wazuh Agent
-- name: Add Wazuh GPG key
- ansible.builtin.apt.key:
- url: https://packages.wazuh.com/key/GPG-KEY-WAZUH
- state: present
-
-- name: Add Wazuh repository
- ansible.builtin.apt_repository:
- repo: deb https://packages.wazuh.com/4.x/apt/ stable main
- state: present
-
-- name: Appdate apt cache
- apt:
- update_cache: yes
-
-- name: Install Wazuh Agent
- apt:
- - wazuh-agent
-
-- name: Config Wazuh Agent
- shell: "agent-auth -m {{ manager.ansible_host }}"
-
-- name: Enable Wazuh agent
- systemd:
- daemon_reload: true
- name: wazuh-agent
- enabled: true
- state: started
diff --git a/Ansible/tasks/Security/manager/osquery.yml b/Ansible/tasks/Security/manager/osquery.yml
deleted file mode 100644
index e69de29bb..000000000
diff --git a/Ansible/tasks/Security/manager/wazuh.yml b/Ansible/tasks/Security/manager/wazuh.yml
deleted file mode 100644
index e69de29bb..000000000
diff --git a/Ansible/tasks/caddy_install.yml b/Ansible/tasks/caddy_install.yml
deleted file mode 100644
index e79c6acf9..000000000
--- a/Ansible/tasks/caddy_install.yml
+++ /dev/null
@@ -1,28 +0,0 @@
----
-- name: Install GPG
- become: true
- package:
- name: gnupg
- state: present
-
-- name: Add the Caddy GPG key
- become: true
- ansible.builtin.apt_key:
- url: https://dl.cloudsmith.io/public/caddy/stable/gpg.key
- state: present
-
-
-- name: Add the offical Caddy repository
- become: true
- ansible.builtin.apt_repository:
- repo: "{{ item }}"
- state: present
- loop:
- - deb https://dl.cloudsmith.io/public/caddy/stable/deb/debian any-version main
- - deb-src https://dl.cloudsmith.io/public/caddy/stable/deb/debian any-version main
-
-- name: Install Caddy
- become: true
- package:
- name: caddy
- state: present
diff --git a/Ansible/tasks/init.yml b/Ansible/tasks/init.yml
index 315ad3f32..6862ff969 100644
--- a/Ansible/tasks/init.yml
+++ b/Ansible/tasks/init.yml
@@ -5,21 +5,8 @@
upgrade: yes
update_cache: yes
-- name: "Install qemu-guest-agent"
- become: true
- package:
- name: "{{item}}"
- state: present
- with_items:
- - qemu-guest-agent
-
- name: Set hostname
become: true
ansible.builtin.hostname:
name: "{{ hostname }}"
-- name: "Enable agent"
- become: true
- ansible.builtin.service:
- name: qemu-guest-agent
- enabled: yes
diff --git a/Ansible/tasks/installdocker.yml b/Ansible/tasks/installdocker.yml
deleted file mode 100644
index 1a85fa720..000000000
--- a/Ansible/tasks/installdocker.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-- name: Install Docker and Docker-compose
- become: true
- package:
- name: "{{ item }}"
- state: present
- with_items:
- - docker.io
- - docker-compose
\ No newline at end of file
diff --git a/Ansible/tasks/podman/installpodman.yml b/Ansible/tasks/podman/installpodman.yml
deleted file mode 100644
index 1fd55937e..000000000
--- a/Ansible/tasks/podman/installpodman.yml
+++ /dev/null
@@ -1,27 +0,0 @@
----
-- name: Install GPG
- become: true
- package:
- name: gnupg
- state: present
-
-- include_tasks: "tasks/podman/installpodmanonoldubuntu.yml"
- when: ansible_distribution == "Ubuntu" and ansible_distribution_version == "20.04"
-
-- name: Install podman and python3
- become: true
- package:
- name: "{{ item }}"
- state: present
- with_items:
- - podman
- - python3
- - python3-pip
- - python3-venv
-
-- name: Install podman-compose & dependencies
- become: true
- pip:
- name:
- - setuptools
- - podman-compose
diff --git a/Ansible/tasks/podman/installpodmanonoldubuntu.yml b/Ansible/tasks/podman/installpodmanonoldubuntu.yml
deleted file mode 100644
index 7574b8633..000000000
--- a/Ansible/tasks/podman/installpodmanonoldubuntu.yml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-- name: Add the Podman GPG key
- become: true
- ansible.builtin.apt_key:
- url: https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_20.04/Release.key
- state: present
-
-- name: Add the official Podman Ubuntu 20.04 repository
- become: true
- ansible.builtin.apt_repository:
- repo: deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_20.04/ /
- state: present
-
-- name: "Podman: Update and upgrade apt packages"
- become: true
- apt:
- upgrade: yes
- update_cache: yes
-
-
diff --git a/Ansible/tasks/podman/podman_config.yml b/Ansible/tasks/podman/podman_config.yml
deleted file mode 100644
index 57170897a..000000000
--- a/Ansible/tasks/podman/podman_config.yml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-- name: Copy registries config
- become: true
- copy:
- src: files/etc/containers/registries.conf
- dest: /etc/containers/registries.conf
- owner: root
- group: root
- mode: 0644
-
-- name: Enable podman socket service
- become: true
- systemd:
- name: podman.socket
- state: started
- enabled: yes
-
-- name: Add read write permission to podman socket
- become: true
- file:
- path: /var/run/podman/podman.sock
- owner: root
- group: root
- mode: '0664'
--
GitLab