Skip to content

Commit

Permalink
add ansible playbook for native-setup
Browse files Browse the repository at this point in the history
  • Loading branch information
@dmdhrumilmistry
dmdhrumilmistry committed Oct 2, 2024
1 parent 2e2a436 commit 2bfe16c
Show file tree
Hide file tree
Showing 11 changed files with 389 additions and 0 deletions.
44 changes: 44 additions & 0 deletions setup/ansible/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
# Ansible Setup

Configures mantis dependencies on ubuntu x86_64 arch

## Configuration

### Ansible hosts/nodes

* They must have python3 installed

```bash
sudo apt install python3 -y
```

### Ansible Controller

* Python deps

```bash
python3 -m pip install ansible ansible-core
```

* Generate host file `hosts`

```txt
[mantisnodes]
mantis-node-1 ansible_host=192.168.0.105 ansible_user=root
mantis-node-2 ansible_host=192.168.0.107 ansible_user=root
mantis-node-3 ansible_host=192.168.0.109 ansible_user=root
```

> Please ensure that ansible controller is able to ssh into the `mantisnodes` as `root` user using its private key

* Test connectivity with hosts

```bash
ansible all -m ping
```

* Run playbook

```bash
ansible-playbook -i hosts native-setup.yml
```
6 changes: 6 additions & 0 deletions setup/ansible/native-setup.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---

- hosts: mantisnodes
become: true
roles:
- { role : "native-setup" }
41 changes: 41 additions & 0 deletions setup/ansible/roles/native-setup/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
native-setup
=========

Role `native-setup` configures

Requirements
------------

* ubuntu machine (x86_64 arch)
* python3

<!-- Role Variables
--------------
A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
Dependencies
------------
A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. -->

Example Playbook
----------------

Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:

```yaml
- hosts: mantisnodes
roles:
- { role: native-setup }
```
License
-------
[Apache 2.0](/LICENSE)
Author Information
------------------
* [dmdhrumilmistry](https://github.com/dmdhrumilmistry)
2 changes: 2 additions & 0 deletions setup/ansible/roles/native-setup/defaults/main.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
---
# defaults file for native-setup
2 changes: 2 additions & 0 deletions setup/ansible/roles/native-setup/handlers/main.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
---
# handlers file for native-setup
34 changes: 34 additions & 0 deletions setup/ansible/roles/native-setup/meta/main.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
galaxy_info:
author: dmdhrumilmistry
description: Configures requirements for running mantis on ubuntu machines
# company: your company (optional)

# If the issue tracker for your role is not on github, uncomment the
# next line and provide a value
# issue_tracker_url: http://example.com/issue/tracker

# Choose a valid license ID from https://spdx.org - some suggested licenses:
# - BSD-3-Clause (default)
# - MIT
# - GPL-2.0-or-later
# - GPL-3.0-only
# - Apache-2.0
# - CC-BY-4.0
license: Apache-2.0

min_ansible_version: "2.1"

# If this a Container Enabled role, provide the minimum Ansible Container version.
# min_ansible_container_version:

galaxy_tags: []
# List tags for your role here, one per line. A tag is a keyword that describes
# and categorizes the role. Users find roles by searching for tags. Be sure to
# remove the '[]' above, if you add tags to this list.
#
# NOTE: A tag is limited to a single word comprised of alphanumeric characters.
# Maximum 20 tags per role.

dependencies: []
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
# if you add dependencies to this list.
186 changes: 186 additions & 0 deletions setup/ansible/roles/native-setup/tasks/install-tools.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,186 @@
---
- name: Install Amass
block:
- name: Download Amass
get_url:
url: https://github.com/owasp-amass/amass/releases/download/v4.1.0/amass_Linux_amd64.zip
dest: /tmp/amass.zip

- name: Unzip Amass
unarchive:
src: /tmp/amass.zip
dest: /tmp/
remote_src: yes
extra_opts: ["-j"]

- name: Move Amass to /usr/bin
command: mv /tmp/amass /usr/bin/amass

- name: Ensure /usr/bin/amass is executable
file:
path: /usr/bin/amass
mode: "0755"
state: file

- name: Install Subfinder
block:
- name: Download Subfinder
get_url:
url: https://github.com/projectdiscovery/subfinder/releases/download/v2.6.3/subfinder_2.6.3_linux_amd64.zip
dest: /tmp/subfinder.zip

- name: Unzip Subfinder
unarchive:
src: /tmp/subfinder.zip
dest: /tmp/
remote_src: yes
extra_opts: ["-j"]

- name: Move Subfinder to /usr/bin
command: mv /tmp/subfinder /usr/bin/subfinder

- name: Ensure /usr/bin/subfinder is executable
file:
path: /usr/bin/subfinder
mode: "0755"
state: file

- name: Install Httpx
block:
- name: Download Httpx
get_url:
url: https://github.com/projectdiscovery/httpx/releases/download/v1.3.7/httpx_1.3.7_linux_amd64.zip
dest: /tmp/httpx.zip

- name: Unzip Httpx
unarchive:
src: /tmp/httpx.zip
dest: /tmp/
remote_src: yes
extra_opts: ["-j"]

- name: Move Httpx to /usr/bin
command: mv /tmp/httpx /usr/bin/httpx

- name: Ensure /usr/bin/httpx is executable
file:
path: /usr/bin/httpx
mode: "0755"
state: file

- name: Install Naabu
block:
- name: Download Naabu
get_url:
url: https://github.com/projectdiscovery/naabu/releases/download/v2.1.9/naabu_2.1.9_linux_amd64.zip
dest: /tmp/naabu.zip

- name: Unzip Naabu
unarchive:
src: /tmp/naabu.zip
dest: /tmp/
remote_src: yes
extra_opts: ["-j"]

- name: Move Naabu to /usr/bin
command: mv /tmp/naabu /usr/bin/naabu

- name: Ensure /usr/bin/naabu is executable
file:
path: /usr/bin/naabu
mode: "0755"
state: file

- name: Install Nuclei
block:
- name: Download Nuclei
get_url:
url: https://github.com/projectdiscovery/nuclei/releases/download/v3.0.4/nuclei_3.0.4_linux_amd64.zip
dest: /tmp/nuclei.zip

- name: Unzip Nuclei
unarchive:
src: /tmp/nuclei.zip
dest: /tmp/
remote_src: yes
extra_opts: ["-j"]

- name: Move Nuclei to /usr/bin
command: mv /tmp/nuclei /usr/bin/nuclei

- name: Ensure /usr/bin/nuclei is executable
file:
path: /usr/bin/nuclei
mode: "0755"
state: file

- name: Install Gitleaks
block:
- name: Download Gitleaks
get_url:
url: https://github.com/gitleaks/gitleaks/releases/download/v8.18.1/gitleaks_8.18.1_linux_x64.tar.gz
dest: /tmp/gitleaks.tar.gz

- name: Extract Gitleaks
unarchive:
src: /tmp/gitleaks.tar.gz
dest: /tmp/
remote_src: yes

- name: Move Gitleaks to /usr/bin
command: mv /tmp/gitleaks /usr/bin/gitleaks

- name: Ensure /usr/bin/gitleaks is executable
file:
path: /usr/bin/gitleaks
mode: "0755"
state: file

- name: Install gau
block:
- name: Download gau tarball
get_url:
url: https://github.com/lc/gau/releases/download/v2.2.1/gau_2.2.1_linux_amd64.tar.gz
dest: /tmp/gau.tar.gz

- name: Extract gau tarball
unarchive:
src: /tmp/gau.tar.gz
dest: /tmp/
remote_src: yes

- name: Move gau to /usr/bin
command: mv /tmp/gau /usr/bin/gau

- name: Ensure /usr/bin/gau is executable
file:
path: /usr/bin/gau
mode: "0755"
state: file

- name: Install Corsy
block:
- name: Download Corsy zip
get_url:
url: https://github.com/s0md3v/Corsy/archive/refs/tags/1.0-rc.zip
dest: /tmp/1.0-rc.zip

- name: Unzip Corsy
unarchive:
src: /tmp/1.0-rc.zip
dest: /tmp
remote_src: yes

- name: Move Corsy to /usr/bin
command: mv /tmp/Corsy-1.0-rc /usr/bin/Corsy

- name: Install IPinfo
block:
- name: Download IPinfo deb package
get_url:
url: https://github.com/ipinfo/cli/releases/download/ipinfo-3.2.0/ipinfo_3.2.0.deb
dest: /tmp/ipinfo_3.2.0.deb

- name: Install IPinfo deb package
apt:
deb: /tmp/ipinfo_3.2.0.deb
65 changes: 65 additions & 0 deletions setup/ansible/roles/native-setup/tasks/main.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
---
# tasks file for native-setup
- name: Install aptitude
apt:
name: aptitude
state: latest
update_cache: true

- name: Add deadsnakes PPA for Python 3.9
apt_repository:
repo: ppa:deadsnakes/ppa

- name: Install required system packages
apt:
pkg:
- apt-transport-https
- ca-certificates
- curl
- gcc
- git
- gnupg
- libpcap-dev
- dnsutils
- python3.9
- python3.9-dev
- python3-pip
- python3-setuptools
- python3-requests
- unzip
- software-properties-common
- wget
state: latest
update_cache: true

- name: Add ~/.local/bin to PATH in ~/.bashrc
lineinfile:
path: ~/.bashrc
line: "export PATH='$HOME/.local/bin:$PATH'"
create: yes
state: present

- name: Reload ~/.bashrc
shell: source ~/.bashrc
args:
executable: /bin/bash

- include_tasks: install-tools.yml

- name: Install pip dependencies
pip:
name:
- "dnspython<=2.0.0"
- "dnstwist[full]"
- ipwhois
- wafw00f
- "git+https://github.com/cisagov/findcdn.git"

- name: Download requirements
get_url:
url: https://raw.githubusercontent.com/PhonePe/mantis/refs/heads/main/requirements.txt
dest: /tmp/mantis-requirements.txt

- name: Install Python dependencies
pip:
requirements: /tmp/mantis-requirements.txt
2 changes: 2 additions & 0 deletions setup/ansible/roles/native-setup/tests/inventory
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
localhost

5 changes: 5 additions & 0 deletions setup/ansible/roles/native-setup/tests/test.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
- hosts: localhost
remote_user: root
roles:
- native-setup
Loading

0 comments on commit 2bfe16c

Please sign in to comment.