Skip to content

Instantly share code, notes, and snippets.

@echohtp

echohtp/main.tf

Created September 1, 2020 02:22
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save echohtp/861a728ab2c5769cdb10022bd05cdc80 to your computer and use it in GitHub Desktop.
Save echohtp/861a728ab2c5769cdb10022bd05cdc80 to your computer and use it in GitHub Desktop.
Download ZIP
0xBanana DFIR Lab Terraform
Raw
main.tf
### VARIABLE DECLARATIONS
variable "project_name" {
type = string
}
variable "region_name" {
type = string
}
variable "zone_name" {
type = string
}
variable "vpc_name" {
type = string
}
variable "kali_machine_type" {
type = string
}
variable "kali_startup_script" {
type = string
}
variable "remnux_machine_type" {
type = string
}
variable "remnux_startup_script" {
type = string
}
variable "tpot_machine_type" {
type = string
}
variable "tpot_startup_script" {
type = string
}
########################################################
# BEGIN MAIN CONFIGURATION
provider "google" {
credentials = file("service_account.json")
project = var.project_name
region = var.region_name
}
resource "google_storage_bucket" "storage_bucket" {
name = "banana-storage-bucket"
location = "US"
force_destroy = true
lifecycle_rule {
condition {
age = "3"
}
action {
type = "Delete"
}
}
}
resource "google_compute_network" "vpc_network" {
name = "bananaco-blog-dev-vpc-1"
auto_create_subnetworks = "true"
}
# Compute Kali Instance
resource "google_compute_instance" "compute_kali" {
name = "kali-linux"
machine_type = var.kali_machine_type
zone = var.zone_name
tags = ["admin"]
# Configure the system's boot disk and OS image
boot_disk {
initialize_params {
image = "debian-cloud/debian-9"
size = 10
}
}
network_interface {
network = google_compute_network.vpc_network.self_link
# This is needed for public IP access
access_config {
}
}
# Set the preemptible flag in the scheduler (and disable auto restart)
scheduling {
preemptible = true
automatic_restart = false
}
# configure the instance startup script
metadata_startup_script = var.kali_startup_script
}
# End Compute Kali
# Compute Remnux Instance
resource "google_compute_instance" "compute_remnux" {
name = "remnux-linux"
machine_type = var.remnux_machine_type
zone = var.zone_name
tags = ["admin"]
# Configure the system's boot disk and OS image
boot_disk {
initialize_params {
image = "debian-cloud/debian-9"
size = 10
}
}
network_interface {
network = google_compute_network.vpc_network.self_link
# This is needed for public IP access
access_config {
}
}
# Set the preemptible flag in the scheduler (and disable auto restart)
scheduling {
preemptible = true
automatic_restart = false
}
# configure the instance startup script
metadata_startup_script = var.remnux_startup_script
}
# End Compute Remnux
# Compute Tpot Instance
resource "google_compute_instance" "compute_tpot" {
name = "tpot"
machine_type = var.tpot_machine_type
zone = var.zone_name
tags = ["honeypot"]
# Configure the system's boot disk and OS image
boot_disk {
initialize_params {
image = "debian-cloud/debian-9"
size = 10
}
}
network_interface {
network = google_compute_network.vpc_network.self_link
# This is needed for public IP access
access_config {
}
}
# Set the preemptible flag in the scheduler (and disable auto restart)
scheduling {
preemptible = true
automatic_restart = false
}
# configure the instance startup script
metadata_startup_script = var.tpot_startup_script
}
# End Compute Tpot
# Firewall rule to allow all access to tpot
resource "google_compute_firewall" "allow_tpot" {
name = "lab1-ingress-allow-all-honeypot"
network = google_compute_network.vpc_network.self_link
allow {
protocol = "icmp"
}
allow {
protocol = "tcp"
}
target_tags = ["honeypot"]
source_ranges = ["0.0.0.0/0"]
}
resource "google_compute_firewall" "allow_admin" {
name = "lab1-ingress-allow-ssh-admin"
network = google_compute_network.vpc_network.self_link
allow {
protocol = "icmp"
}
allow {
protocol = "tcp"
ports = ["22", "64295", "64297"]
}
target_tags = ["admin"]
source_ranges = ["0.0.0.0/0"]
}
Raw
variables.tfvars
# Project Variables
project_name = ""
region_name = "us-east1"
zone_name = "us-east1-c"
# Kali machine variables
kali_machine_type = "n1-standard-2"
kali_startup_script = "[ ! -z /FINISHED.FLAG ] && export DEBIAN_FRONTEND=noninteractive && wget https://archive.kali.org/archive-key.asc -O /etc/apt/trusted.gpg.d/kali-archive-key.asc && echo 'deb http://http.kali.org/kali kali-rolling main contrib non-free' >> /etc/apt/sources.list && apt-get update && apt-get install -yq kali-linux-default && touch /FINISHED.FLAG"
# Remnux machine variables
remnux_machine_type = "n1-standard-2"
remnux_startup_script = "[ ! -z /FINISHED.FLAG ] && wget https://REMnux.org/remnux-cli && mv remnux-cli remnux && chmod +x remnux && mv remnux /usr/local/bin && remnux inatall --mode=cloud && touch /FINISHED.FLAG"
# T-Pot machine variables
tpot_machine_type = "n1-standard-4"
tpot_startup_script = "[ ! -z /FINISHED.FLAG ] && sudo apt-get install git -y && git clone https://github.com/telekom-security/tpotce.git && cd tpotce/iso/installer/ && cp tpot.conf.dist tpot.conf && ./install.sh --type=auto --conf=tpot.conf && touch /FINISHED.FLAG && reboot -n"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment