moved building of images to dedicated build directory

group_vars/all/main.yml

 ---
 
-soctoolsproxy: "arne-centos2.cert-labs.uninett.no"
+soctoolsproxy: "<CHANGE_ME:hostname>"
+
+docker_build_dir: "{{playbook_dir}}/build"
 
 # TheHive Button plugin
 THEHIVE_URL: "https://hive.gn4-3-wp8-soc.sunet.se/"
@@ -10,7 +12,7 @@ THEHIVE_OWNER: "admin"
 soctools_netname: "soctoolsnet"
 soctools_network: "172.22.0.0/16"
 
-repo: gn43-dsl
+repo: soctools
 version: 7
 suffix: a20201004
 
@@ -45,14 +47,10 @@ cassandra_img: "{{repo}}/cassandra:{{version}}{{suffix}}"
 
 thehive_name: "soctools-thehive"
 thehive_img: "{{repo}}/thehive:{{version}}{{suffix}}"
-# GENERATED WITH cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1
-thehive_secret_key: "LcnI9eKLo33711BmCnzf6UM1y05pdmj3dlADL81PxuffWqhobRoiiGFftjNPKpmM"
 
 cortex_name: "soctools-cortex"
 cortex_img: "{{repo}}/cortex:{{version}}{{suffix}}"
 cortex_elasticsearch_mem: "256m"
-# GENERATED WITH cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1
-cortex_secret_key: "9CZ844IcAp5dHjsgU4iuaEssdopLcS6opzhVP3Ys4t4eRpNlHmwZdtfveLEXpM9D"
 
 sysctlconfig:
   - { key: "net.core.rmem_max", val: "4194304" }
@@ -69,8 +67,6 @@ ca_cn: "SOCTOOLS-CA"
 
 odfees_img: "{{repo}}/odfees:{{version}}{{suffix}}"
 odfekibana_img: "{{repo}}/odfekibana:{{version}}{{suffix}}"
-# GENERATE 32-bit secure value
-odfekibana_cookie: "iroAm0ueIV7w6CS1WcJTwIV6R4d5RIAt"
 #elk_version: "oss-7.6.1"
 elk_version: "oss-7.4.2"
 #odfeplugin_version: "1.7.0.0"
@@ -89,6 +85,20 @@ maxmind_key: ""
 
 misp_dbname: "mispdb"
 misp_dbuser: "misp"
-# misp_salt generated with: openssl rand -base64 32
-#misp_odic_crypto_pass: 1234567890 #TODO: Generate dynamically
-#misp_crypto_pass: 1234567890 #TODO: Generate dynamically
+
+services:
+  - mysql
+  - haproxy
+  - openjdk
+  - zookeeper
+  - nifi
+  - elasticsearch
+  - kibana
+  - odfees
+  - odfekibana
+  - keycloak
+  - misp
+  - cassandra
+  - thehive
+  - cortex
+

roles/build/files/misp/mispstart.sh

+#!/usr/bin/env bash
+#dockerfile from ansible
+
+# Check if run as root
+if [ "$EUID" -eq 0 ]; then
+    echo "Please DO NOT run the worker script as root"
+    exit 1
+fi
+
+PATH_TO_MISP='/var/www/MISP'
+RUN_PHP="/usr/bin/scl enable rh-php72"
+PHP_INI="/etc/opt/rh/rh-php72/php.ini"
+CAKE="${PATH_TO_MISP}/app/Console/cake"
+
+# Extract base directory where this script is and cd into it
+cd "${0%/*}"
+$RUN_PHP -- $CAKE CakeResque.CakeResque stop --all
+$RUN_PHP -- $CAKE CakeResque.CakeResque start --interval 5 --queue default
+$RUN_PHP -- $CAKE CakeResque.CakeResque start --interval 5 --queue prio
+$RUN_PHP -- $CAKE CakeResque.CakeResque start --interval 5 --queue cache
+$RUN_PHP -- $CAKE CakeResque.CakeResque start --interval 5 --queue email
+$RUN_PHP -- $CAKE CakeResque.CakeResque start --interval 5 --queue update
+$RUN_PHP -- $CAKE CakeResque.CakeResque startscheduler --interval 5
+
+exit 0

roles/build/tasks/cassandra.yml

----
-
-- name: Configure the cassandra Dockerfile
-  template:
-    src: cassandra/Dockerfile.j2
-    dest: "{{role_path}}/files/cassandraDockerfile"
-
-- name: Build cassandra image
-  command: docker build -t {{repo}}/cassandra:{{version}}{{suffix}} -f {{role_path}}/files/cassandraDockerfile {{role_path}}/files
-
-

roles/build/tasks/cortex.yml

----
-
-- name: Configure the Cortex Dockerfile
-  template:
-    src: cortex/Dockerfile.j2
-    dest: "{{role_path}}/files/cortexDockerfile"
-
-- name: Build the Cortex image
-  command: docker build -t {{repo}}/cortex:{{version}}{{suffix}} -f {{role_path}}/files/cortexDockerfile {{role_path}}/files
-
-

roles/build/tasks/haproxy.yml

----
-
-- name: Configure the haproxy Dockerfile
-  template:
-    src: haproxy/Dockerfile.j2
-    dest: "{{role_path}}/files/haproxyDockerfile"
-
-- name: Build haproxy image
-  command: docker build -t {{repo}}/haproxy:{{version}}{{suffix}} -f {{role_path}}/files/haproxyDockerfile {{role_path}}/files
-

roles/build/tasks/keycloak.yml

----
-
-- name: Configure the keycloak Dockerfile
-  template:
-    src: keycloak/Dockerfile.j2
-    dest: "{{role_path}}/files/keycloakDockerfile"
-
-- name: Copy tools to build path
-  command: "cp -av {{role_path}}/templates/keycloak/keycloak-tools/ {{role_path}}/files/keycloak-tools/"
-
-- name: Build keycloak image
-  command: docker build -t {{repo}}/keycloak:{{version}}{{suffix}} -f {{role_path}}/files/keycloakDockerfile {{role_path}}/files
-
-- name: Remove tools from build path
-  file:
-    path: "{{role_path}}/files/keycloak-tools/"
-    state: absent
-

roles/build/tasks/main.yml

@@ -6,15 +6,41 @@
     fail_msg: "Review *all* settings in group_vars/all/main.yml"
 
 - include: centos.yml
-- include: mysql.yml
-- include: haproxy.yml
-- include: openjdk.yml
-- include: zookeeper.yml
-- include: nifi.yml
-- include: odfees.yml
-- include: odfekibana.yml
-- include: keycloak.yml
-- include: misp.yml
-- include: cassandra.yml
-- include: thehive.yml
-- include: cortex.yml
+
+- name: Create main build dir
+  file:
+    path: "{{docker_build_dir}}"
+    state: directory
+
+- name: Create build dir
+  file:
+    path: "{{docker_build_dir}}/{{item}}"
+    state: directory
+  with_items: "{{services}}"
+
+- name: Configure the Dockerfile
+  template:
+    src: "{{item}}/Dockerfile.j2"
+    dest: "{{docker_build_dir}}/{{item}}/Dockerfile"
+  with_items: "{{services}}"
+
+- name: Copy thehive_button to build path
+  copy:
+    src: "{{role_path}}/templates/odfekibana/thehive_button"
+    dest: "{{docker_build_dir}}/odfekibana/"
+
+- name: Copy keycloak-tools to build path
+  copy:
+    src: "{{role_path}}/templates/keycloak/keycloak-tools"
+    dest: "{{docker_build_dir}}/keycloak/"
+
+- name: Copy build files
+  copy:
+    src: "files/{{item}}/"
+    dest: "{{docker_build_dir}}/{{item}}/"
+  with_items: "{{services}}"
+  ignore_errors: yes
+
+- name: Build image
+  command: docker build -t {{repo}}/{{item}}:{{version}}{{suffix}} -f {{docker_build_dir}}/{{item}}/Dockerfile {{docker_build_dir}}/{{item}}
+  with_items: "{{services}}"

roles/build/tasks/misp.yml

----
-
-- name: Configure the misp Dockerfile
-  template:
-    src: misp/Dockerfile.j2
-    dest: "{{role_path}}/files/mispDockerfile"
-
-- name: Configure the misp worker startscript
-  template:
-    src: misp/start.sh.j2
-    dest: "{{role_path}}/files/mispstart.sh"
-
-- name: Build misp image
-  command: docker build -t {{repo}}/misp:{{version}}{{suffix}} -f {{role_path}}/files/mispDockerfile {{role_path}}/files
-