85 lines
2.4 KiB
YAML
85 lines
2.4 KiB
YAML
---
|
|
|
|
- name: burp - remove old client
|
|
ansible.builtin.package:
|
|
name:
|
|
- burp-client
|
|
state: absent
|
|
|
|
- name: burp - set some variables
|
|
set_fact:
|
|
burp_password: "{{lookup( 'viczem.keepass.keepass', '{{ group_names[0]}}/{{ inventory_hostname }}_burp_password', 'password' ) }}"
|
|
burp_encryption_password: "{{lookup( 'viczem.keepass.keepass', '{{ group_names[0]}}/{{inventory_hostname }}_burp_encryption_password', 'password' ) }}"
|
|
|
|
- name: burp - ensure we have all needed vars
|
|
assert:
|
|
that:
|
|
- burp_password is defined
|
|
- burp_encryption_password is defined
|
|
|
|
- name: install burp repo
|
|
ansible.builtin.get_url:
|
|
url: https://copr.fedorainfracloud.org/coprs/yopito/burp2/repo/epel-{{ ansible_distribution_major_version }}/yopito-burp2-epel-{{ ansible_distribution_major_version }}.repo
|
|
dest: /etc/yum.repos.d/burp.repo
|
|
when: ansible_distribution != "Fedora"
|
|
|
|
|
|
- name: install burp repo
|
|
ansible.builtin.get_url:
|
|
url: https://copr.fedorainfracloud.org/coprs/yopito/burp2/repo/fedora-{{ ansible_distribution_major_version }}/yopito-burp2-fedora-{{ ansible_distribution_major_version }}.repo
|
|
dest: /etc/yum.repos.d/burp.repo
|
|
when: ansible_distribution == "Fedora"
|
|
|
|
|
|
|
|
- name: burp - install burp client
|
|
package:
|
|
name: "{{ burp_packages }}"
|
|
state: present
|
|
|
|
- name: burp - deploy configuration file
|
|
template:
|
|
src: burp.conf
|
|
dest: /etc/burp/burp.conf
|
|
mode: 0600
|
|
|
|
- name: burp - add client on burp server
|
|
template:
|
|
src: client_conf_file
|
|
dest: "/etc/burp/clientconfdir/{{ ansible_hostname }}"
|
|
delegate_to: "{{ burp_server }}"
|
|
|
|
- name: burp - do a burp list to generate certificate
|
|
command: burp -a l
|
|
args:
|
|
creates: /etc/burp/ssl_cert_ca.pem
|
|
|
|
- name: burp - create backup cronjob
|
|
vars:
|
|
minute: "{{ 59 | random(seed=inventory_hostname) }}"
|
|
cron:
|
|
name: "{{ item.name }}"
|
|
cron_file: burp
|
|
user: root
|
|
hour: "{{ item.hour | default('*')}}"
|
|
minute: "{{ minute }}"
|
|
weekday: "{{ item.weekday | default('*') }}"
|
|
job: "{{ item.job }}"
|
|
loop:
|
|
- { name: "burp backup", job: "/usr/sbin/burp -a t &> /dev/null" }
|
|
- { name: "burp report", job: "/usr/sbin/burp -a l", hour: 1, weekday: 1 }
|
|
tags: cron
|
|
|
|
- name: burp - deploy notify script
|
|
block:
|
|
- name: create dir
|
|
file:
|
|
path: /usr/share/burp/scripts
|
|
state: directory
|
|
|
|
- name: copy
|
|
copy:
|
|
src: notify_script
|
|
dest: /usr/share/burp/scripts/notify_script
|
|
mode: 0755
|