-
Notifications
You must be signed in to change notification settings - Fork 15
/
step-3-deploy-infra.sh
executable file
·92 lines (76 loc) · 3.16 KB
/
step-3-deploy-infra.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
#!/bin/bash
orange=$(printf '\033[0;33m')
green=$(printf '\033[0;32m')
reset=$(printf '\033[0;00m')
blue=$(printf '\033[0;34m')
red=$(printf '\033[0;31m')
yellow=$(printf '\033[0;93m')
purple=$(printf '\033[0;95m')
cyan=$(printf '\033[1;36m')
bold=$(printf '\033[1m')
underline=$(printf '\033[4m')
reversed=$(printf '\033[7m')
if [[ $# -eq 0 ]] ; then
cat <<-EOF
Usage: $0 <configuration_directory> [<tags>]
Tags are optional and allow you to deploy only certain components
Run ./tools/list-tags.py to see all available tags
WARNING: Tags assume that the "backend-common" or "relay-common" and "users"
roles are already deployed to the server, if this is not the case
add "backend-common" or "relay-common" and "users" as a tag
EOF
exit 1
fi
CONFIG_PATH="${PWD}/$1"
HOST_FILE="${CONFIG_PATH}/hosts.yml"
CONFIG_FILE="${CONFIG_PATH}/configuration.yml"
EXPORT_PATH="${CONFIG_PATH}/Exports_Autogenerated/"
VAULT_FILE="${CONFIG_PATH}/vaulted_vars.yml"
echo
echo "__________ .___ __ __.__ .___"
echo "\______ \ ____ __| _/ / \ / \__|____________ _______ __| _/"
echo " | _// __ \ / __ | \ \/\/ / \___ /\__ \\_ __ \/ __ |"
echo " | | \ ___// /_/ | \ /| |/ / / __ \| | \/ /_/ |"
echo " |____|_ /\___ >____ | \__/\ / |__/_____ \(____ /__| \____ |"
echo " \/ \/ \/ \/ \/ \/ \/"
echo
echo " --- Deploying Infrastructure --- "
echo
echo
cat <<-EOF
Have you checked all requirements? If they are not met, this will fail.
Check the requirements with ${green}python3 tools/check-prerequisites.py ${CONFIG_PATH}${reset}
EOF
read -p "Do you want to continue? [y/N] " -n 1 -r
echo
if [[ ! ${REPLY} =~ ^[Yy]$ ]]; then
exit 1
fi
if [ ! -f "${HOST_FILE}" ]; then
echo "Hosts file (hosts) does not exist in ${CONFIG_PATH}."
exit 1
fi
if [ ! -f "${CONFIG_FILE}" ]; then
echo "Config file (configuration.yml) file does not exist in ${CONFIG_PATH}."
exit 1
fi
mkdir -p ${EXPORT_PATH}
if [[ $# -eq 1 ]] ; then
ansible-playbook -i "${HOST_FILE}" -e "@${CONFIG_FILE}" -e "@${VAULT_FILE}" --ask-vault-pass --extra-vars "export_path=${EXPORT_PATH} config_path=${CONFIG_PATH}" playbook.yml
fi
if [[ $# -eq 2 ]] ; then
TAGS="$2"
cat <<-EOF
WARNING: Tags assume that the "backend-common" or "relay-common" and "users"
roles are already deployed to the server, if this is not the case
add "backend-common" or "relay-common" and "users" as a tag or your deployment
will fail
EOF
ansible-playbook -i "${HOST_FILE}" -e "@${CONFIG_FILE}" -e "@${VAULT_FILE}" --tags "${TAGS}" --ask-vault-pass --extra-vars "export_path=${EXPORT_PATH} config_path=${CONFIG_PATH}" playbook.yml
fi
cat <<-EOF
------------------------------------- DONE -------------------------------------
- Consider running ${green}./tools/create-ssh-config.py ${CONFIG_PATH}${reset} to create your SSH Config
- Consider running ${green}./tools/diagram.py ${CONFIG_PATH}${reset} to create a diagram of your infra
- Configure your DNS settings for phishing and CobaltStrike campaigns. Consider running ${green}cat ${CONFIG_PATH}/Exports_Autogenerated/dns_configs/*${reset}
EOF