Initial commit for Open Telekom Cloud Showcase

- ECS creation via Open Telekom Cloud API - T-Pot deployment with Ansible playbook
2025-07-02 01:27:27 -04:00 · 2019-04-04 20:27:49 +00:00
parent a6d75002cd
commit f0d9fa90a8
7 changed files with 154 additions and 0 deletions
--- a/cloud/ansible/install.yaml
+++ b/cloud/ansible/install.yaml
@ -0,0 +1,15 @@
+
+---
+# This playbook deploys a T-Pot
+
+- hosts: TPOT
+  remote_user: linux
+  become: yes
+  become_user: root
+  become_method: sudo
+  gather_facts: no
+
+  roles:
+    - install
+
+
--- a/cloud/ansible/roles/install/tasks/main.yaml
+++ b/cloud/ansible/roles/install/tasks/main.yaml
@ -0,0 +1,54 @@
+- name: Waiting for SSH connection
+  wait_for_connection:
+    delay: 30
+    timeout: 300
+
+- name: Gathering Facts
+  setup:
+
+- name: Cloning t-pot install directory
+  git:
+    repo: 'https://github.com/dtag-dev-sec/tpotce.git'
+    dest: /root/tpot
+
+- name: Prepare to set user password 
+  set_fact:
+    user_password: "{{ lookup('env', 'LINUX_PASS') }}"
+    user_salt: 's0mew1ck3dTpoT'
+
+- name: Changing password for user linux to {{ user_password }}
+  user:
+   name: "linux"
+   password: "{{ user_password | password_hash('sha512', user_salt) }}"
+   state: present
+   shell: /bin/bash
+   update_password: always
+
+- name: Copy t-pot configuration file
+  template:
+    src: ../templates/tpot.conf
+    dest: /root
+    owner: root
+    group: root
+    mode: 0644
+
+- name: Install t-pot on ECS -  be patient, this might take 15 to 30 minutes depending on the connection speed. No further output is given. 
+  raw: /root/tpot/iso/installer/install.sh --type=auto --conf=/root/tpot.conf
+
+- name: Delete t-pot configuration file
+  file:
+    path: /root/tpot.conf
+    state: absent
+
+- name: Change unattended-upgrades to take default action
+  blockinfile:
+    dest: /etc/apt/apt.conf.d/50unattended-upgrades
+    block: |
+      Dpkg::Options {
+        "--force-confdef";
+        "--force-confold";
+      }
+
+- name: Finally rebooting t-pot in one minute - make sure your next login is on port 64295 or via https:// on port 64297
+  shell: /sbin/shutdown -r -t 1
+  become: true
--- a/cloud/ansible/roles/install/templates/tpot.conf
+++ b/cloud/ansible/roles/install/templates/tpot.conf
@ -0,0 +1,5 @@
+# tpot configuration file
+# myCONF_TPOT_FLAVOR=[STANDARD, SENSOR, INDUSTRIAL, COLLECTOR, NEXTGEN, LEGACY]
+myCONF_TPOT_FLAVOR='STANDARD'
+myCONF_WEB_USER='webuser'
+myCONF_WEB_PW='w3b$ecret'