From 978be52b92b2d4a3016a12821ec34fc20c7a4b27 Mon Sep 17 00:00:00 2001
From: Arne Oslebo <arne.oslebo@uninett.no>
Date: Tue, 22 Sep 2020 11:09:16 +0200
Subject: [PATCH] added role for configuring soctools server
---
group_vars/all/main.yml | 2 +-
roles/build/tasks/main.yml | 1 -
roles/build/tasks/system.yml | 11 --------
roles/nifi/tasks/main.yml | 3 +++
roles/soctools-server/tasks/main.yml | 38 ++++++++--------------------
soctools_server.yml | 5 ++++
6 files changed, 20 insertions(+), 40 deletions(-)
delete mode 100644 roles/build/tasks/system.yml
create mode 100644 soctools_server.yml
diff --git a/group_vars/all/main.yml b/group_vars/all/main.yml
index 84d605b..a331ddb 100644
--- a/group_vars/all/main.yml
+++ b/group_vars/all/main.yml
@@ -1,6 +1,6 @@
---
-dslproxy: "<CHANGE_ME:hostname>"
+dslproxy: "arne-centos.cert-labs.uninett.no"
# TheHive Button plugin
THEHIVE_URL: "https://hive.gn4-3-wp8-soc.sunet.se/"
diff --git a/roles/build/tasks/main.yml b/roles/build/tasks/main.yml
index d7701b7..23ea830 100644
--- a/roles/build/tasks/main.yml
+++ b/roles/build/tasks/main.yml
@@ -5,7 +5,6 @@
- "'CHANGE_ME' not in dslproxy"
fail_msg: "Review *all* settings in group_vars/all/main.yml"
-- include: system.yml
- include: centos.yml
- include: nginx.yml
- include: openjdk.yml
diff --git a/roles/build/tasks/system.yml b/roles/build/tasks/system.yml
deleted file mode 100644
index f36ded0..0000000
--- a/roles/build/tasks/system.yml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-
-- name: Set sysctl parameters
- sysctl:
- name: "{{item.key}}"
- value: "{{item.val}}"
- sysctl_file: /etc/sysctl.d/54-soctools.conf
- sysctl_set: yes
- with_items:
- - "{{sysctlconfig}}"
-
diff --git a/roles/nifi/tasks/main.yml b/roles/nifi/tasks/main.yml
index 8174bca..e66a72a 100644
--- a/roles/nifi/tasks/main.yml
+++ b/roles/nifi/tasks/main.yml
@@ -80,6 +80,9 @@
tags:
- start
+- name: Create conf/enrich dir
+ file: path=conf/enrich state=directory
+
- name: Copy empty GeoLite2-City database
copy:
src: GeoLite2-City.mmdb
diff --git a/roles/soctools-server/tasks/main.yml b/roles/soctools-server/tasks/main.yml
index df65a49..47f9f8d 100644
--- a/roles/soctools-server/tasks/main.yml
+++ b/roles/soctools-server/tasks/main.yml
@@ -1,34 +1,9 @@
---
# tasks file for docker-host
-- name: Install apt-transport-https
- apt:
- name: apt-transport-https
- state: present
- when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
-
-- name: Add docker repository key
- apt_key:
- url: https://download.docker.com/linux/debian/gpg
- id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
- state: present
- when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
-
-- name: Add docker apt repository
- apt_repository:
- repo: deb https://download.docker.com/linux/debian {{ansible_distribution_release}} stable
- state: present
- when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
-
-- name: Install required packages
- apt:
- name: ["aptitude","rsync","docker-ce","docker-ce-cli","containerd.io","python-docker","python-pip"]
- state: present
- when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
-
- name: Install required packages
yum:
- name: ["yum-utils","device-mapper-persistent-data","lvm2","epel-release","rsync"]
+ name: ["yum-utils","device-mapper-persistent-data","lvm2","epel-release","rsync",]
state: latest
when: ansible_distribution == 'CentOS' or ansible_distribution == 'Red Hat Enterprise Linux'
@@ -48,7 +23,16 @@
- name: Install pip packages
pip:
- name: docker-py>1.10.0
+ name: ["docker-py>1.10.0"," pexpect>=3.3"]
+
+- name: Set sysctl parameters
+ sysctl:
+ name: "{{item.key}}"
+ value: "{{item.val}}"
+ sysctl_file: /etc/sysctl.d/54-soctools.conf
+ sysctl_set: yes
+ with_items:
+ - "{{sysctlconfig}}"
- name: Start Docker service
systemd:
diff --git a/soctools_server.yml b/soctools_server.yml
new file mode 100644
index 0000000..23716c5
--- /dev/null
+++ b/soctools_server.yml
@@ -0,0 +1,5 @@
+---
+- hosts: dsldev
+ become: true
+ roles:
+ - soctools-server
--
GitLab