diff --git a/configure.sh b/configure.sh
index 048a152f4d4d8579c0cf11c9b65551e8dab55df8..57185d2d91afa26a12a539d8c1c4dae83bd92231 100755
--- a/configure.sh
+++ b/configure.sh
@@ -83,7 +83,7 @@ else
echo
echo
echo
- echo "Please provide the following parameters for the first SOCTools user, which will be created during the initialization with organization admin privileges:"
+ echo "Please provide the following parameters for the first SOCTools user, which will be created during the initialization with organization admin privileges (other user accounts can be created later via a web GUI):"
echo "username - Username of the user"
echo "firstname - First name of the user"
echo "lastname - Last name of the user"
@@ -105,16 +105,37 @@ else
DN="CN=${CN}"
echo
echo
+ echo "Please provide the configuration for sending emails via SMTP (used by user management web GUI to send emails to users)."
+ echo "You can leave it empty if you are just testing and don't plan to add more users."
+ echo " host - Hostname of the SMTP server"
+ echo " sender - Email address used as the sender (e.g. 'soctools@${soctoolsproxy}')"
+ echo " username - Authenticate using this username (leave empty to send emails without authentication)"
+ echo " password - Authenticate using this password (WARNING: Password is stored in clear in a configuration file)"
+ echo
+ read -p "host []: " smtp_host
+ read -p "sender [soctools@${soctoolsproxy}]: " smtp_sender
+ if [ -z "$smtp_sender" ]; then
+ smtp_sender=soctools@${soctoolsproxy}
+ fi
+ read -p "username []: " smtp_username
+ read -p "password []: " smtp_password
+ echo
echo
echo "Please check the gathered variables and type 'yes' if everything is correct:"
echo "soctoolsproxy: $soctoolsproxy"
echo "organization: $organization"
- echo "firstname: $firstname"
- echo "lastname: $lastname"
- echo "username: $username"
- echo "email: $email"
- echo "DN: $DN"
- echo "CN: $CN"
+ echo "user:"
+ echo " firstname: $firstname"
+ echo " lastname: $lastname"
+ echo " username: $username"
+ echo " email: $email"
+ echo " DN: $DN"
+ echo " CN: $CN"
+ echo "smtp config:"
+ echo " host: $smtp_host"
+ echo " sender: $smtp_sender"
+ echo " username: $smtp_username"
+ echo " password: $smtp_password"
echo
echo
read -p "Correct? type 'yes' or 'no': " ANSWER
@@ -125,14 +146,17 @@ else
else
cp -f group_vars/all/variables.template group_vars/all/variables.yml
sed -i "s/CHANGE_ME_TO_FQDN/${soctoolsproxy}/g" group_vars/all/variables.yml
- sed -i "s/soctools.test/${domain}/g" group_vars/all/variables.yml
- sed -i "11s/CHANGE_ME_FIRST_NAME/${firstname}/" group_vars/all/variables.yml
- sed -i "12s/CHANGE_ME_LAST_NAME/${lastname}/" group_vars/all/variables.yml
- sed -i "13s/soc_admin/${username}/" group_vars/all/variables.yml
- sed -i "14s/soc_admin@example.org/${email}/" group_vars/all/variables.yml
- sed -i "15s/CN=soc_admin/${DN}/" group_vars/all/variables.yml
- sed -i "16s/soc_admin/${CN}/" group_vars/all/variables.yml
- sed -i "26s/soc_admin/${username}/" group_vars/all/variables.yml
+ sed -i "s/CHANGE_ME_ORG/${organization}/g" group_vars/all/variables.yml
+ sed -i "s/CHANGE_ME_SMTP_HOST/${smtp_host}/g" group_vars/all/variables.yml
+ sed -i "s/CHANGE_ME_SMTP_SENDER/${smtp_sender}/g" group_vars/all/variables.yml
+ sed -i "s/CHANGE_ME_SMTP_USERNAME/${smtp_username}/g" group_vars/all/variables.yml
+ sed -i "s/CHANGE_ME_SMTP_PASSWORD/${smtp_password}/g" group_vars/all/variables.yml
+ sed -i "s/CHANGE_ME_FIRST_NAME/${firstname}/" group_vars/all/variables.yml
+ sed -i "s/CHANGE_ME_LAST_NAME/${lastname}/" group_vars/all/variables.yml
+ sed -i "s/CHANGE_ME_USERNAME/${username}/" group_vars/all/variables.yml
+ sed -i "s/CHANGE_ME_EMAIL/${email}/" group_vars/all/variables.yml
+ sed -i "s/CHANGE_ME_DN/${DN}/" group_vars/all/variables.yml
+ sed -i "s/CHANGE_ME_CN/${CN}/" group_vars/all/variables.yml
echo
echo
echo "variables file generated (group_vars/all/variables.yml)"
diff --git a/group_vars/all/variables.template b/group_vars/all/variables.template
index 0a8e1e635aea00b4649c59922834a3c3aad28138..c85ecbedce38fe8e0ce7c108724f08f99dd09e2f 100644
--- a/group_vars/all/variables.template
+++ b/group_vars/all/variables.template
@@ -4,16 +4,28 @@
soctoolsproxy: "CHANGE_ME_TO_FQDN"
# Short organization name (will be used as org. name in MISP, The Hive and Cortex)
-org_name: "SOCTools"
+org_name: "CHANGE_ME_ORG"
+
+# SMTP connection parameters - used by user-mgmt-ui to send emails with access information to users
+smtp:
+ # hostname and port of SMTP server to use (TLS connection is always used)
+ host: "CHANGE_ME_SMTP_HOST"
+ port: 465
+ # sender email address ("From:" header)
+ sender: "CHANGE_ME_SMTP_SENDER"
+ # user and pass to authenticate (optional, it tries to send email without authentication if empty)
+ username: "CHANGE_ME_SMTP_USERNAME"
+ password: "CHANGE_ME_SMTP_PASSWORD"
+
#List of users which will be created during the initialization with organization admin privileges
soctools_users:
- firstname: "CHANGE_ME_FIRST_NAME"
lastname: "CHANGE_ME_LAST_NAME"
- username: "soc_admin"
- email: "soc_admin@example.org"
- DN: "CN=soc_admin"
- CN: "soc_admin"
+ username: "CHANGE_ME_USERNAME"
+ email: "CHANGE_ME_EMAIL"
+ DN: "CHANGE_ME_DN"
+ CN: "CHANGE_ME_CN"
# - firstname: "SOC Admin 2"
# lastname: ""
# username: "soc_admin_2"
diff --git a/roles/soctools-server/tasks/main.yml b/roles/soctools-server/tasks/main.yml
index da0b59fa2d342f1b006ca592ae663b87be7be2a8..e25956f14e65a6572e6f5140f0f658cba44d7b26 100644
--- a/roles/soctools-server/tasks/main.yml
+++ b/roles/soctools-server/tasks/main.yml
@@ -33,8 +33,15 @@
chdir: '{{playbook_dir}}/user-mgmt-ui'
warn: no
+- name: configure user-mgmt-ui
+ template:
+ src: '{{playbook_dir}}/user-mgmt-ui/config.yml.j2'
+ dest: '{{playbook_dir}}/user-mgmt-ui/config.yml'
+
- name: create systemd service file for user-mgmt-ui
- template: src=user-mgmt-ui.service.j2 dest=/etc/systemd/system/user-mgmt-ui.service mode=644
+ template:
+ src: user-mgmt-ui.service.j2
+ dest: /etc/systemd/system/user-mgmt-ui.service mode=644
- name: enable and start user-mgmt-ui service
systemd: