standalone burp role : initial version
This commit is contained in:
84
tasks/main.yml
Normal file
84
tasks/main.yml
Normal file
@@ -0,0 +1,84 @@
|
||||
---
|
||||
|
||||
- name: burp - remove old client
|
||||
ansible.builtin.package:
|
||||
name:
|
||||
- burp-client
|
||||
state: absent
|
||||
|
||||
- name: burp - set some variables
|
||||
set_fact:
|
||||
burp_password: "{{lookup( 'viczem.keepass.keepass', '{{ group_names[0]}}/{{ inventory_hostname }}_burp_password', 'password' ) }}"
|
||||
burp_encryption_password: "{{lookup( 'viczem.keepass.keepass', '{{ group_names[0]}}/{{inventory_hostname }}_burp_encryption_password', 'password' ) }}"
|
||||
|
||||
- name: burp - ensure we have all needed vars
|
||||
assert:
|
||||
that:
|
||||
- burp_password is defined
|
||||
- burp_encryption_password is defined
|
||||
|
||||
- name: install burp repo
|
||||
ansible.builtin.get_url:
|
||||
url: https://copr.fedorainfracloud.org/coprs/yopito/burp2/repo/epel-{{ ansible_distribution_major_version }}/yopito-burp2-epel-{{ ansible_distribution_major_version }}.repo
|
||||
dest: /etc/yum.repos.d/burp.repo
|
||||
when: ansible_distribution != "Fedora"
|
||||
|
||||
|
||||
- name: install burp repo
|
||||
ansible.builtin.get_url:
|
||||
url: https://copr.fedorainfracloud.org/coprs/yopito/burp2/repo/fedora-{{ ansible_distribution_major_version }}/yopito-burp2-fedora-{{ ansible_distribution_major_version }}.repo
|
||||
dest: /etc/yum.repos.d/burp.repo
|
||||
when: ansible_distribution == "Fedora"
|
||||
|
||||
|
||||
|
||||
- name: burp - install burp client
|
||||
package:
|
||||
name: "{{ burp_packages }}"
|
||||
state: present
|
||||
|
||||
- name: burp - deploy configuration file
|
||||
template:
|
||||
src: burp.conf
|
||||
dest: /etc/burp/burp.conf
|
||||
mode: 0600
|
||||
|
||||
- name: burp - add client on burp server
|
||||
template:
|
||||
src: client_conf_file
|
||||
dest: "/etc/burp/clientconfdir/{{ ansible_hostname }}"
|
||||
delegate_to: "{{ burp_server }}"
|
||||
|
||||
- name: burp - do a burp list to generate certificate
|
||||
command: burp -a l
|
||||
args:
|
||||
creates: /etc/burp/ssl_cert_ca.pem
|
||||
|
||||
- name: burp - create backup cronjob
|
||||
vars:
|
||||
minute: "{{ 59 | random(seed=inventory_hostname) }}"
|
||||
cron:
|
||||
name: "{{ item.name }}"
|
||||
cron_file: burp
|
||||
user: root
|
||||
hour: "{{ item.hour | default('*')}}"
|
||||
minute: "{{ minute }}"
|
||||
weekday: "{{ item.weekday | default('*') }}"
|
||||
job: "{{ item.job }}"
|
||||
loop:
|
||||
- { name: "burp backup", job: "/usr/sbin/burp -a t &> /dev/null" }
|
||||
- { name: "burp report", job: "/usr/sbin/burp -a l", hour: 1, weekday: 1 }
|
||||
tags: cron
|
||||
|
||||
- name: burp - deploy notify script
|
||||
block:
|
||||
- name: create dir
|
||||
file:
|
||||
path: /usr/share/burp/scripts
|
||||
state: directory
|
||||
|
||||
- name: copy
|
||||
copy:
|
||||
src: notify_script
|
||||
dest: /usr/share/burp/scripts/notify_script
|
||||
mode: 0755
|
||||
Reference in New Issue
Block a user