Cyberdefense/VulnWhisperer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3a09f6054336bf70cc9cd3a2b10361169adf8eb3
VulnWhisperer/ansible/README.md
Andrea Lusuardi 3a09f60543 Add ansible provisioning (#122) 
* first ansible skeleton

* first commit of ansible installation of vulnwhisperer outside docker

* first ansible skeleton

* first commit of ansible installation of vulnwhisperer outside docker

* refactor the ansible role a bit

* update readme, add fail validation step to provision.yml and fix
typo when calling a logging funciton
2018-11-14 10:14:12 +01:00

3.3 KiB
Raw Blame History

Ansible deployment

The code can also be deployed using Ansible with a playbook and a role.

Code organization

This ansible configuration is reasonably standard and lives under the ansible directory in the main repository root. A brief explanation of each file follows.

ansible.cfg

Main ansible configuration file, contains some options like the remote username, where to find the roles directory and the inventory file name. The only variables that should ever need to be customized are the remote_user and host_key_checking to specify the user to use on the remote system (requires sudo access) and if the remote host SSH key must be validated before proceeding.

hosts

The hosts file contains the list of hosts that we want to deploy Vulnwhisperer on. There is a default [ec2] tag under which any number of hosts can be configured. Please refer to the official inventory documentation for further information.

provision.yml

The main playbook, it's usually used with the ansible-playbook command as follows:

ansible-playbook provision.yml

The playbook will prompt for an install option that can either be install or update. Each does what the name suggests. A path to the configuration file will be requested. This choice has been made to ensure that there is no coupling between the provisioning process and the configuration one, giving the user full control on what configuration file to use and where to have it reside on the host running the playbook.

The playbook will then perform some basic sanity checking (in the pre_tasks section) to make sure the inputted variables are present and then call the roles that will actually perform the provisioning.

If you need to customize the ELK installation variables please refer to the role section below.

ssh.config

The SSH configuration that ansible will use to reach the remote host. The reason for this file is to allow the user to customize the local SSH configuration, for example to specify the SSH key to use to authenticate to the remote host (it can be a symbolic link) or a ProxyCommand.

Roles

There are a number of roles in this ansible tree, they are detailed below.

Elasticsearch

This roles comes from the upstream elastic ansible repository and has been installed via the ansible-galaxy tool. Please refer to the official documentation for more information. The various configuration options for this role can be specified in the provision.yml playbook directly by editing the list of variables or can be passed from the command line. Please refer to the upstream role documentation for more information.

Note vulnwhisperer at the time of writing only supports Elasticsearch version 5.x

Vulnwhisperer

This is the main role that configures the vulnwhisperer software. It creates a number of directories in which it clones the repository from mainline, creates a Python virtualenv virtualenv in which it installs all the required dependencies and Vulnwhisperer itself. The role supports two tags, install and update that do exactly what the name suggests.