From adb68cfc358480df571b42c67108202765986cfd Mon Sep 17 00:00:00 2001 From: "kiril.kjiroski@finki.ukim.mk" <kiril.kjiroski@finki.ukim.mk> Date: Fri, 29 Jan 2021 11:46:24 +0000 Subject: [PATCH] adding createusers scripts --- roles/thehive/files/SOCTOOLS-CA.crt | 20 ++++++ roles/thehive/files/cacerts.jks | Bin 0 -> 893 bytes roles/thehive/files/dsoclab-thehive.crt | 88 ++++++++++++++++++++++++ roles/thehive/files/dsoclab-thehive.key | 28 ++++++++ roles/thehive/files/logback.xml | 45 ++++++++++++ roles/thehive/files/thehivesecret | 3 + roles/thehive/tasks/createusers.yml | 28 ++++++++ roles/thehive/templates/users.json | 6 ++ roles/thehive/vars/users.yml | 16 +++++ 9 files changed, 234 insertions(+) create mode 100644 roles/thehive/files/SOCTOOLS-CA.crt create mode 100644 roles/thehive/files/cacerts.jks create mode 100644 roles/thehive/files/dsoclab-thehive.crt create mode 100644 roles/thehive/files/dsoclab-thehive.key create mode 100644 roles/thehive/files/logback.xml create mode 100644 roles/thehive/files/thehivesecret create mode 100644 roles/thehive/tasks/createusers.yml create mode 100644 roles/thehive/templates/users.json create mode 100644 roles/thehive/vars/users.yml diff --git a/roles/thehive/files/SOCTOOLS-CA.crt b/roles/thehive/files/SOCTOOLS-CA.crt new file mode 100644 index 0000000..04b1f20 --- /dev/null +++ b/roles/thehive/files/SOCTOOLS-CA.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDNTCCAh2gAwIBAgIJAIp0kyaAW0K3MA0GCSqGSIb3DQEBCwUAMBYxFDASBgNV +BAMMC1NPQ1RPT0xTLUNBMB4XDTIwMTAzMDEwNDcxOFoXDTMwMTAyODEwNDcxOFow +FjEUMBIGA1UEAwwLU09DVE9PTFMtQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQC1GZDFZJPR7AYkhEsB9U6qtK+40di3KOeTwRosJ7hvP1FQjwnIC37B +UlVq15KEgRTCcXgLH0CdtzC1Rkz+AUCLyKTOGmNCqmvyMcESdpuoI1NULkv0QeYX +Mj4Q1Lh0RldqZpEr32UfsVowBPPhijAUlVAHeJLvji/tnUvI++9no2hx03UAhjTM +M59AviYsRT3DUkciNSllpwV+7B2pgnpRgzsbVGP2cheaaRYG9DAbRTLrAtVxO0WJ +c/zNGSpvXuOyBK30/pwGMvhNGPeckElSpDfaepuA8ZDcfaKNk0kEBvzIlUrpZBmv +tBc5DmpfEBlSk5UK/0XSblKE5dOqlWc1AgMBAAGjgYUwgYIwHQYDVR0OBBYEFHkG +ykDTn5pUrtMzTfI4PrYL8z3PMEYGA1UdIwQ/MD2AFHkGykDTn5pUrtMzTfI4PrYL +8z3PoRqkGDAWMRQwEgYDVQQDDAtTT0NUT09MUy1DQYIJAIp0kyaAW0K3MAwGA1Ud +EwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQA0XK1+Eg+j +JdwKnUpnwPq+fsyrCs4TF1DgwtqY4yr1KCw0QSPMK9ldLp62lJaRnrPE7ZGOQ7sd +z82yEM8nMulNREp3TZwuVFaWgs0yLVKkfqZ0jNGDuEf8AJAynI4ynRbtYxtYzBDy +XgJPk9lKK/gR14IXBet/dGbZf4yHiMzldMCb0dWzyDS1S+Y1iLTRCmpmRbFow12g +CjNoSxdyoJPZavcOVWa4tDc3PLMdkgdY20ewo3IvCQTOg9ogVX4Hq5/M4xTz8XUX +nHeUqshdkPVGFCIujCBg9131RYSE0SkVrPUaIbP9tgzabkZWwhiq8oSpTBmIi9qh +GPiQTFGknE1U +-----END CERTIFICATE----- diff --git a/roles/thehive/files/cacerts.jks b/roles/thehive/files/cacerts.jks new file mode 100644 index 0000000000000000000000000000000000000000..9d4001b7d9a466941cda896b6bf145bf2f02020c GIT binary patch literal 893 zcmezO_TO6u1_mYu1_nkj&0U<IT#}!kQ>>eu$iTo@S}9llhJiIg&(y$@fq~i5po!Vk zpovL#0W%XL6B8#xSIK0xhG?hl2E1&XT5TR}-+37sxmg(u#0*6YgxHuvS(tgagZ-UD z{QZ4`b)6jz<ivT63=9p74GaxT%ndD~#CbtXBMT@Or@kgeC1fiYSs9p{82K3tni#p5 zniv@wwn|Ponlky~8#a{|Z^o~FtG2A)aq-4>jpvgOO6jQY$hQv+=;u7aU3V}jH0%1L zmPV07g%#ZL4s*8~Y<2Vb$LP>~V#ztFWT#cxp9~KQmCatE92}zO{l)Q_xRIT}l^rE+ z;aO=DweP3OZ;Ucv`TVfUKxAqFd&Q*pefn?bdY}0HK7DaU;pI|>Hj^{P^Bwl7>A2b+ z4susA)l6N^TK7hFWm8pPv$b?c^0y-KS(##NUks#Ojb1ZdEwpy+EdFy=QY%01@g|nF zU;fQuGy35x@qNw&&!8pdx2k40e4KEnc2VzSPZqX6C#HJ6Op#o_Mck4vD_%e{X!2C9 z|E`zvf?A$lUNtq{l!=*<fpKwTt3hLvfh-$ys4O3g7>h_H+bM_3^Jj&uyKL<H$--_M z_h;Ml25ul}Wfpq_+Xk!(7D_FVz!eWoNHNX>GDnz&)qt6i@xK8#h{w;u!py|Th8$De z;Fw}$Fo{`PC&a&4^$youuk-`I_SKzP&2>&#JmA5hTQeSOebvx0aa2B|eKS^X-nJ>z zCeGV@<n6>h=iRdB&u$VpuWt0x*Tt*ccaC02*tDjzM!G>u>Xw!CTx{Oq{)b_L(VRY` zxnggVr6bM=e2Qc8pM29x`-kB5CUMr+^(ARH>wDTe&O9wSF#F=w%_mH@dOtJm*m998 zE6sId#^KlnT*evR;zbK4-^}{X7n-(Xi@CYYX4y&X5x3npEH2XLWI5M-OChw5ef9h^ zk3~LzEES(qK4sO3*a=_VM3nS;6cWD2esyhWxu_|+=Bt$A=D*u`Zsoa!9g<k}sb!^) nWJmX{g%Up|_yjJQ;~Qf5+vDoDTqXObIbI&Z%6$8^_~bbON?lF- literal 0 HcmV?d00001 diff --git a/roles/thehive/files/dsoclab-thehive.crt b/roles/thehive/files/dsoclab-thehive.crt new file mode 100644 index 0000000..0d474c2 --- /dev/null +++ b/roles/thehive/files/dsoclab-thehive.crt @@ -0,0 +1,88 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 61:09:5c:2c:8d:35:ee:29:1c:99:ce:ab:d4:2b:3c:a4 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=SOCTOOLS-CA + Validity + Not Before: Oct 30 10:47:29 2020 GMT + Not After : Oct 15 10:47:29 2023 GMT + Subject: CN=dsoclab-thehive + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ba:c5:4d:20:a4:60:b7:61:21:ed:16:a1:6f:72: + c4:de:a1:00:c0:ef:fc:5d:a1:89:34:07:15:d2:b4: + 3a:14:b8:95:75:8e:81:71:49:46:1d:c8:81:cb:f1: + ec:c7:5a:12:f6:89:60:e4:c8:98:1a:61:c8:2d:12: + 8f:73:ee:f8:9d:88:b5:7f:30:70:97:29:b4:ab:43: + 2d:dc:db:a7:10:47:c7:b5:26:9b:11:85:fb:d3:27: + 8f:3a:55:bc:ea:78:17:b8:89:10:a3:a4:10:60:39: + c3:7f:42:25:a9:fe:84:7f:38:5e:f4:3d:c3:98:3d: + 56:b9:ba:81:06:55:8d:65:12:f0:4e:23:88:1d:98: + 0c:2f:6e:4f:67:fd:4e:67:39:91:b9:01:52:12:aa: + 9e:bb:7a:c8:ea:8f:4a:2d:18:f8:69:9a:3a:a0:c8: + 6e:e3:de:c6:db:be:4c:59:e0:cf:bc:34:4f:2c:b0: + ef:3e:82:5a:df:68:be:b8:fb:cc:5f:6a:f2:3e:66: + d4:c6:c5:f6:0b:67:e9:64:85:15:87:60:6f:dc:b4: + 5b:13:6f:b0:9b:f8:f3:da:c1:91:9e:81:5f:16:ca: + 9e:14:01:c1:1c:ce:2a:d3:c8:3c:0f:be:b1:37:aa: + c9:08:68:2b:de:f9:44:6c:1e:90:a4:12:bc:f5:3c: + 46:bd + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 5B:08:8E:F2:1B:8F:12:03:BA:31:02:9C:CE:CC:BC:9F:FC:19:D1:E1 + X509v3 Authority Key Identifier: + keyid:79:06:CA:40:D3:9F:9A:54:AE:D3:33:4D:F2:38:3E:B6:0B:F3:3D:CF + DirName:/CN=SOCTOOLS-CA + serial:8A:74:93:26:80:5B:42:B7 + + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:dsoclab-thehive, DNS:dsoclab.gn4-3-wp8-soc.sunet.se + Signature Algorithm: sha256WithRSAEncryption + 7f:b2:fa:33:d6:e3:6c:57:8a:4a:9a:ef:8b:81:2b:df:f3:d6: + fb:8c:bc:02:cf:71:54:a0:f2:0d:ae:3b:30:cf:5c:69:d7:d0: + aa:cc:16:80:4d:9d:c8:1f:a7:98:9d:26:dc:ae:8e:24:2b:bc: + c1:11:a6:8d:4f:ca:13:1f:7f:8f:4c:ef:dd:46:df:d6:97:0a: + 88:51:4e:f7:46:aa:3d:e3:70:e9:19:e8:9f:7e:22:fa:b6:38: + 30:00:0a:94:38:09:bf:b8:64:6c:c1:b7:05:6d:4f:f3:27:0c: + df:04:ef:a1:4e:e8:2d:4c:06:d0:c0:4f:4f:da:d0:6d:b8:f2: + b3:79:18:63:bd:62:83:53:55:38:94:d9:64:ca:e7:4d:71:ce: + d1:05:6d:b1:6c:fb:1a:4c:b6:ef:70:2b:3d:9b:1d:66:d8:d9: + 9f:f0:e5:48:29:50:e8:1b:1a:fb:b4:d2:5e:38:ec:05:45:c2: + e7:de:9a:9d:aa:34:67:c5:66:18:e3:86:8b:0c:1a:c4:21:20: + 7e:b7:ad:e2:0b:d0:0d:d4:76:e6:53:ca:77:bc:ce:d0:9b:7b: + 7c:fd:42:94:da:63:d8:a7:52:d2:45:f2:d5:55:ef:37:f1:a5: + 0e:ba:29:c9:b4:ce:99:45:04:21:2b:86:27:bb:c1:f2:86:9a: + 7c:51:5c:3b +-----BEGIN CERTIFICATE----- +MIIDmDCCAoCgAwIBAgIQYQlcLI017ikcmc6r1Cs8pDANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtTT0NUT09MUy1DQTAeFw0yMDEwMzAxMDQ3MjlaFw0yMzEwMTUx +MDQ3MjlaMBoxGDAWBgNVBAMMD2Rzb2NsYWItdGhlaGl2ZTCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBALrFTSCkYLdhIe0WoW9yxN6hAMDv/F2hiTQHFdK0 +OhS4lXWOgXFJRh3Igcvx7MdaEvaJYOTImBphyC0Sj3Pu+J2ItX8wcJcptKtDLdzb +pxBHx7UmmxGF+9MnjzpVvOp4F7iJEKOkEGA5w39CJan+hH84XvQ9w5g9Vrm6gQZV +jWUS8E4jiB2YDC9uT2f9Tmc5kbkBUhKqnrt6yOqPSi0Y+GmaOqDIbuPextu+TFng +z7w0Tyyw7z6CWt9ovrj7zF9q8j5m1MbF9gtn6WSFFYdgb9y0WxNvsJv489rBkZ6B +XxbKnhQBwRzOKtPIPA++sTeqyQhoK975RGwekKQSvPU8Rr0CAwEAAaOB3TCB2jAJ +BgNVHRMEAjAAMB0GA1UdDgQWBBRbCI7yG48SA7oxApzOzLyf/BnR4TBGBgNVHSME +PzA9gBR5BspA05+aVK7TM03yOD62C/M9z6EapBgwFjEUMBIGA1UEAwwLU09DVE9P +TFMtQ0GCCQCKdJMmgFtCtzAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw +CwYDVR0PBAQDAgWgMDoGA1UdEQQzMDGCD2Rzb2NsYWItdGhlaGl2ZYIeZHNvY2xh +Yi5nbjQtMy13cDgtc29jLnN1bmV0LnNlMA0GCSqGSIb3DQEBCwUAA4IBAQB/svoz +1uNsV4pKmu+LgSvf89b7jLwCz3FUoPINrjswz1xp19CqzBaATZ3IH6eYnSbcro4k +K7zBEaaNT8oTH3+PTO/dRt/WlwqIUU73Rqo943DpGeiffiL6tjgwAAqUOAm/uGRs +wbcFbU/zJwzfBO+hTugtTAbQwE9P2tBtuPKzeRhjvWKDU1U4lNlkyudNcc7RBW2x +bPsaTLbvcCs9mx1m2Nmf8OVIKVDoGxr7tNJeOOwFRcLn3pqdqjRnxWYY44aLDBrE +ISB+t63iC9AN1HbmU8p3vM7Qm3t8/UKU2mPYp1LSRfLVVe838aUOuinJtM6ZRQQh +K4Ynu8Hyhpp8UVw7 +-----END CERTIFICATE----- diff --git a/roles/thehive/files/dsoclab-thehive.key b/roles/thehive/files/dsoclab-thehive.key new file mode 100644 index 0000000..6d4d8bb --- /dev/null +++ b/roles/thehive/files/dsoclab-thehive.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC6xU0gpGC3YSHt +FqFvcsTeoQDA7/xdoYk0BxXStDoUuJV1joFxSUYdyIHL8ezHWhL2iWDkyJgaYcgt +Eo9z7vidiLV/MHCXKbSrQy3c26cQR8e1JpsRhfvTJ486VbzqeBe4iRCjpBBgOcN/ +QiWp/oR/OF70PcOYPVa5uoEGVY1lEvBOI4gdmAwvbk9n/U5nOZG5AVISqp67esjq +j0otGPhpmjqgyG7j3sbbvkxZ4M+8NE8ssO8+glrfaL64+8xfavI+ZtTGxfYLZ+lk +hRWHYG/ctFsTb7Cb+PPawZGegV8Wyp4UAcEczirTyDwPvrE3qskIaCve+URsHpCk +Erz1PEa9AgMBAAECggEARJH9cBeJfqoFp6LgYCd1yfq4aR1yvPl6gwR66aHLlSHz +lXZdZbcuK+8aYEMQ2FvkjGkBjt1qonz13j5rNngtBMFVST4CiC0CrMH8S5LFMj/4 +PTTQR822F971QciKlFbE9rYzyrCIZpuuf8FMTK4p/P84NVmbvv/+IDAuAKJWSB3b +TXVeYzqET/cENXrNZNsTMHVoPAudtsHXXa5w3yXJXhTlRQrjMtMHgV+H1O2iOvi5 +IAJUm2HVmGON9aqQKZlzYvx9txSBRczEwQK+fLPoXGEG/KhskiBPMU0y9a60SV5F +Oi94zzBCOSf/k+C4+EhkvfSq727ZFs60zGcoEW7rzQKBgQD08umyOtqJEB6dk5hg +RA1mc3qx332Li0Ep9ciPD0oOyt9H/pQBMYHlV4Vf26dmjxg7XMPqB38topjbnVcY +r1QigQ8tnHXktcO1tUpx6MhTkN4sBH9dvZE4TdBiarlcThgnuCfZUhjyfyr715tR +BIC8TA9bd/6oUaf/zd0S4aGcEwKBgQDDMnKe7PoDlHtjxaiDs8VLRRgNKocT/jaD +SZ5j5a1e+fvIK+lqpW7pXT/AlBVvxC6ke2Zb1csgndgF0p45ZO9WsB5fV3x8AREM +zIvrqpH4hdRBEF7o1syVDMXmTQLsPOLzj6B2UC5mpqoo2GkI9yyXpJhNR0kqzkDy +Pclu3xZL7wKBgQCZsFAxI/w6Q4LyG8lfnVNLFOnG8RM0mwsn6K8OE+nDnka6RWFX +3lhCLcfhfVBraR0rIelKzaleWMbQBMjBFEEV5SRA2gqele1V9YngLs6CoELGG4xO +pMKZMTmuhogHAnjlcwaNtJUykdfGbGFnVAvyGUcJfSCrO5DNT72GO0vLQQKBgQCF +WyPf2/r7Eygxg8qbH+h8ghnqdNGQIS9RBqzFhxapOpR/rzBrAdcCbAiwIvt6Pke3 +a+8Ecs2x3OTHJZufjovNZ8l4TaboeToSynQVb5UGezgFs4+D96wRcIaLzrVefEJ5 +L/jqm+D3lInQGfm4fFXkzDiZI0ijjAHm/btumc771QKBgBTu4KvY6rzgmHbymux1 ++tr+xl3/Nb29XQJHpZV+hgFGg1+aWaR9c0WXz9mKovBanEUHJb5khqFQDFZuWMNG +tNQ1JbwTXwxmAfVJbLYbSHnuePkh+qtpmTVa3H5NdRBI/062/Km6Rxcf5JljB8/J +k+SqVxdKSTfaWxGqyyAZgVis +-----END PRIVATE KEY----- diff --git a/roles/thehive/files/logback.xml b/roles/thehive/files/logback.xml new file mode 100644 index 0000000..d7f5263 --- /dev/null +++ b/roles/thehive/files/logback.xml @@ -0,0 +1,45 @@ +<?xml version="1.0" encoding="UTF-8"?> +<configuration debug="true"> + + <conversionRule conversionWord="coloredLevel" + converterClass="play.api.libs.logback.ColoredLevel"/> + + <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>/var/log/thehive/application.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>/var/log/logs/application.%i.log.zip</fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>10</maxIndex> + </rollingPolicy> + <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>10MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>%date [%level] from %logger in %thread [%X{request}|%X{tx}] %message%n%xException</pattern> + </encoder> + </appender> + + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>%coloredLevel %logger{15} [%X{request}|%X{tx}] %message%n%xException{10} + </pattern> + </encoder> + </appender> + + <appender name="ASYNCFILE" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="FILE"/> + </appender> + + <appender name="ASYNCSTDOUT" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="STDOUT"/> + </appender> + + <logger name="org.thp" level="INFO"/> + + <root level="DEBUG"> + <appender-ref ref="ASYNCFILE"/> + <appender-ref ref="ASYNCSTDOUT"/> + </root> + +</configuration> + diff --git a/roles/thehive/files/thehivesecret b/roles/thehive/files/thehivesecret new file mode 100644 index 0000000..f00a8d5 --- /dev/null +++ b/roles/thehive/files/thehivesecret @@ -0,0 +1,3 @@ +{ + "value" : "b832e3a9-0080-4f07-bc3d-6bbc67bce741" +} \ No newline at end of file diff --git a/roles/thehive/tasks/createusers.yml b/roles/thehive/tasks/createusers.yml new file mode 100644 index 0000000..b0fbcdd --- /dev/null +++ b/roles/thehive/tasks/createusers.yml @@ -0,0 +1,28 @@ +--- +# - name: create organisation +# uri: +# url: "https://{{dslproxy}}:9000/api/organisation" +# method: POST +# headers: +# Authorization: "Bearer {{ THEHIVE_API_KEY }}" +# body_format: form-urlencoded +# body: +# name: "{{ organisation }}" +# description: "test" +# status_code: 201 +# tags: +# - create_org +- name: generate json files for creating users + remote_user: root + template: + src: users.json + dest: /tmp/{{ item.username }}.json + with_items: + - "{{ THEHIVE_USERS }}" +- name: create users + remote_user: root + shell: "curl -k -H 'Authorization: Bearer {{ THEHIVE_API_KEY }}' -H 'Content-Type: application/json' https://{{ dslproxy }}:9000/api/user -d @/tmp/{{ item.username}}.json" + args: + warn: false + with_items: + - "{{ THEHIVE_USERS }}" diff --git a/roles/thehive/templates/users.json b/roles/thehive/templates/users.json new file mode 100644 index 0000000..b16eed7 --- /dev/null +++ b/roles/thehive/templates/users.json @@ -0,0 +1,6 @@ +{ + "login": "{{ item.username }}", + "name": "{{ item.name }} {{ item.surname }}", + "roles": {{ item.roles }}, + "organisation": "{{ item.organization }}" +} diff --git a/roles/thehive/vars/users.yml b/roles/thehive/vars/users.yml new file mode 100644 index 0000000..07433e6 --- /dev/null +++ b/roles/thehive/vars/users.yml @@ -0,0 +1,16 @@ +--- + +THEHIVE_API_KEY: "1gFdNhmUSxO3BRe1SBB5JYEvkW9UOo6s" +THEHIVE_USERS: + - kiril: + username: "kiril" + name: "Kiril" + surname: "Kiroski" + roles: '["read", "write", "admin"]' + organization: "uninett.no" + - temur: + username: "temur" + name: "Temur" + surname: "Maisuradze" + roles: '["read", "write", "admin"]' + organization: "uninett.no" -- GitLab