Created
October 26, 2021 19:49
-
-
Save edingc/2a7bd8c448083ab7d43db339640d0e9a to your computer and use it in GitHub Desktop.
Single file playbook to deploy T-Pot honeypot software using Ansible.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - hosts: tpots | |
| remote_user: root | |
| gather_facts: yes | |
| vars: | |
| ansible_python_interpreter: /usr/bin/python3 | |
| tpot_web_user: "user" | |
| tpot_web_pw: "mypassword" | |
| tasks: | |
| - name: fail if not running on debian 10 buster | |
| fail: msg="T-Pot must be run on Debian 10 (buster) systems" | |
| when: ansible_distribution != "Debian" or ansible_distribution_version|int != 10 | |
| - name: disable firewall | |
| ufw: | |
| state: disabled | |
| - name: Upgrade all apt packages | |
| apt: | |
| upgrade: dist | |
| - name: install git | |
| apt: | |
| name: git | |
| state: latest | |
| - name: clone tpot | |
| git: | |
| repo: 'https://github.com/telekom-security/tpotce.git' | |
| dest: /tmp/tpotce | |
| - name: create tpot.conf | |
| copy: | |
| dest: /tmp/tpotce/iso/installer/tpot.conf | |
| content: | | |
| # tpot configuration file | |
| # myCONF_TPOT_FLAVOR=[STANDARD, SENSOR, INDUSTRIAL, COLLECTOR, NEXTGEN, MEDICAL] | |
| myCONF_TPOT_FLAVOR='STANDARD' | |
| myCONF_WEB_USER='{{ tpot_web_user }}' | |
| myCONF_WEB_PW='{{ tpot_web_pw }}' | |
| - name: install tpot | |
| shell: | |
| cmd: ./install.sh --type=auto --conf=/tmp/tpotce/iso/installer/tpot.conf | |
| chdir: /tmp/tpotce | |
| notify: reboot host | |
| handlers: | |
| - name: reboot host | |
| shell: shutdown -r +1 # stock ansible reboot command doesn't work well with tpot |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment