provisioning.yml

---
- name: Setup IntSec VM 
  hosts: all
  become: yes
  become_user: root
  become_method: sudo
  vars:
      - desired_mininet_version: '2.2.1'
      - mininet_build_directory: '/tmp/mininet_build/'
      - desired_yaf_version: '2.8.4'
      - yaf_build_directory: '/tmp/yaf_build/'
  tasks:
    - name: Update apt cache
      apt: update_cache=yes cache_valid_time=3600
    - name: Install necessary tools
      apt: name={{ item }} state=latest
      with_items:
       - wireshark
       - git
       - bind9
       - vim
       - tshark
       - nmap
       - nfdump
       - libglib2.0-dev
    - name: Ensure bind9 daemon is disabled and not running
      service: name=bind9 state=stopped enabled=no
    - name: Ensure that bind9 can access the configuration files in the assignments directory (AppArmor)
      lineinfile: dest=/etc/apparmor.d/local/usr.sbin.named regexp=^/home/vagrant/assignments/ line='/home/vagrant/assignments/** rw,' create=yes
      notify: reload named apparmor profile
    - name: Check mininet version
      shell: mn --version
      register: current_mininet_version
      changed_when: current_mininet_version.stdout != desired_mininet_version 
      ignore_errors: yes
      failed_when: False
    - name: Ensure that github hostkey is present
      lineinfile: dest=/etc/ssh/ssh_known_hosts regexp=^github.com line='github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==' create=yes
    - name: Obtain mininet from github
      git: repo=git://github.com/mininet/mininet version="{{ desired_mininet_version }}" dest="{{ mininet_build_directory }}{{desired_mininet_version}}/mininet"
      when: desired_mininet_version != current_mininet_version.stdout
    - name: Compile and install mininet
      shell: "{{ mininet_build_directory }}{{ desired_mininet_version }}/mininet/util/install.sh -a" 
      args:
          chdir: "{{ mininet_build_directory}}"
      when: desired_mininet_version != current_mininet_version.stdout
    - name: Check YAF version
      shell: "yaf --version 2>&1 | grep 'yaf version' | sed 's/[a-zA-Z :]*//g'"
      register: current_yaf_version
      changed_when: current_yaf_version.stdout != desired_yaf_version
      ignore_errors: yes
      failed_when: False
    - name: Remove YAF build directory (if present)
      file: path="{{ yaf_build_directory }}{{ desired_yaf_version }}" state=absent
      when: current_yaf_version.stdout != desired_yaf_version
    - name: Remove libfixbuf build directory (if present)
      file: path="{{ yaf_build_directory }}libfixbuf1.7.1" state=absent
      when: current_yaf_version.stdout != desired_yaf_version
    - name: Create YAF build directory
      file: path="{{ yaf_build_directory }}{{ desired_yaf_version }}" state=directory mode=0755
      when: current_yaf_version.stdout != desired_yaf_version
    - name: Create libfixbuf build directory
      file: path="{{ yaf_build_directory }}libfixbuf1.7.1/" state=directory mode=0755
      when: current_yaf_version.stdout != desired_yaf_version
    - name: Obtain YAF from netsa
      get_url:
        url: http://tools.netsa.cert.org/releases/yaf-{{ desired_yaf_version }}.tar.gz
        dest: "{{ yaf_build_directory }}{{ desired_yaf_version }}/"
      when: current_yaf_version.stdout != desired_yaf_version
    - name: Obtain libfixbuf from netsa
      get_url:
        url: http://tools.netsa.cert.org/releases/libfixbuf-1.7.1.tar.gz
        dest: "{{ yaf_build_directory }}libfixbuf1.7.1/"
      when: current_yaf_version.stdout != desired_yaf_version
    - name: Install libfixbuf
      shell: "tar -zxf * && cd libfixbuf* && ./configure && make && make install && ldconfig"
      args:
        chdir: "{{ yaf_build_directory }}libfixbuf1.7.1/"
      when: current_yaf_version.stdout != desired_yaf_version
    - name: Install YAF
      shell: "tar -zxf * && cd yaf* && ./configure && make && make install && ldconfig"
      args:
        chdir: "{{ yaf_build_directory }}{{ desired_yaf_version }}/"
      when: current_yaf_version.stdout != desired_yaf_version
    - name: Download ncrack 
      get_url:
        url: https://s3.eu-central-1.amazonaws.com/ut-dacs-packages/ncrack_0.5-1.deb
        dest: /tmp/ncrack_0.5-1.deb
    - name: Install ncrack
      apt: deb=/tmp/ncrack_0.5-1.deb
    - name: Create ncrack root directory
      file: path="/root/.ncrack" state=directory mode=0755
    - name: Copy ncrack-services file
      copy: src=/share/ncrack/ncrack-services dest=/root/.ncrack/ncrack-services remote_src=True
    - name: Create users for SSH exercise
      user: createhome=no name=user1 password=$6$DkM/SoxL$FWJ2fcsh3vRu2N1ktHZDSjSMbAeEkDzzoYQpTVPQYryXMyysDDeASdsI5wm2RBvSq4wAUS01yOL6DBgRtkn.90
    - name: Create users for SSH exercise
      user: createhome=no name=user2 password=$6$ebgPND6X$aNoa.tyZEukNYKrkM8w6wO1vGoC0EIYdwU/sLkJ/NAJTcIkqycEcWsmxo.Itci8aQm9A8Y0WPO0PmaLPXSrun0
    - name: Create users for SSH exercise
      user: createhome=no name=user3 password=$6$wgpIbhZt$WXwZAxgyMEas/MiSlbp4/6lLGF.ObO9nGNwEX6TZBUjk/1nXRbkMXq6LOrsEgJLbfmDNyR2tu2czJc/YCI2mW/
    - name: Create users for SSH exercise
      user: createhome=no name=user4 password=$6$VS3scDlz$Epl2unhm118kOZ9.URmGMoVjYUJMk0.R.yGhwbZ1qxxYubvU6qExRHX5b23g6aDKrOUjJ5Fajxfm84jrKQYc40
    - name: Create users for SSH exercise
      user: createhome=no name=user5 password=$6$3oT/DHrS$1rsjGKwfW32De13sUM2g/0DV8QU6bNOcW7WKeFlyKr5MTveXIAs.e1RJgKPlyDKmt1Pfh8qzdlHLS1vKcwvFu.

  handlers:
    - name: reload named apparmor profile
      shell: apparmor_parser -r /etc/apparmor.d/usr.sbin.named