From bdeda04692ec3aa97fb60c36fdcf8f4b8febbce7 Mon Sep 17 00:00:00 2001 From: juju4 Date: Sat, 7 Nov 2020 08:43:09 -0500 Subject: [PATCH 1/3] improve idempotency with changed_when/failed_when, args creates --- Azure/Ansible/roles/common/tasks/main.yml | 6 ++++++ Azure/Ansible/roles/dc/tasks/main.yml | 5 ++++- Azure/Ansible/roles/wef/tasks/main.yml | 10 ++++++++++ Azure/Ansible/roles/win10/tasks/main.yml | 9 +++++++++ 4 files changed, 29 insertions(+), 1 deletion(-) diff --git a/Azure/Ansible/roles/common/tasks/main.yml b/Azure/Ansible/roles/common/tasks/main.yml index d1574215e..6a4ba2c1a 100644 --- a/Azure/Ansible/roles/common/tasks/main.yml +++ b/Azure/Ansible/roles/common/tasks/main.yml @@ -6,6 +6,7 @@ chdir: 'c:\vagrant\scripts' register: palantir_wef failed_when: "'Exception' in palantir_wef.stdout" + changed_when: "' already exists. Moving On.' not in palantir_wef.stdout" - debug: msg="{{ palantir_wef.stdout_lines }}" @@ -15,6 +16,7 @@ chdir: 'c:\vagrant\scripts' register: install_osquery failed_when: "'Exception' in install_osquery.stdout" + changed_when: "' already installed. Moving On.' not in install_osquery.stdout" - debug: msg="{{ install_osquery.stdout_lines }}" @@ -24,6 +26,7 @@ chdir: 'c:\vagrant\scripts' register: sysinternals failed_when: "'Exception' in sysinternals.stdout" + changed_when: "'Tools directory exists, no need to re-install.' not in sysinternals.stdout" - debug: msg="{{ sysinternals.stdout_lines }}" @@ -33,6 +36,7 @@ chdir: 'c:\vagrant\scripts' register: velociraptor failed_when: "'Exception' in velociraptor.stdout" + changed_when: "' already installed. Moving On.' not in velociraptor.stdout" - debug: msg="{{ velociraptor.stdout_lines }}" @@ -42,6 +46,7 @@ chdir: 'c:\vagrant\scripts' register: autorunstowineventlog failed_when: "'Exception' in autorunstowineventlog.stdout" + changed_when: "' already installed. Moving On.' not in autorunstowineventlog.stdout" - debug: msg="{{ autorunstowineventlog.stdout_lines }}" @@ -51,6 +56,7 @@ chdir: 'c:\vagrant\scripts' register: redteam failed_when: "'Exception' in redteam.stdout" + changed_when: "' already installed. Moving On.' not in redteam.stdout" - debug: msg="{{ redteam.stdout_lines }}" diff --git a/Azure/Ansible/roles/dc/tasks/main.yml b/Azure/Ansible/roles/dc/tasks/main.yml index d75262931..6378468a1 100644 --- a/Azure/Ansible/roles/dc/tasks/main.yml +++ b/Azure/Ansible/roles/dc/tasks/main.yml @@ -21,6 +21,8 @@ - name: Copy scripts to c:\vagrant win_shell: Copy-Item -Recurse c:\DetectionLab\Vagrant c:\vagrant + args: + creates: c:\vagrant\Vagrantfile - name: Create an Administrator user win_user: @@ -28,7 +30,8 @@ password: Vagrant123 state: present groups: - - Users,Administrators + - Users + - Administrators password_never_expires: yes - name: Create the Domain diff --git a/Azure/Ansible/roles/wef/tasks/main.yml b/Azure/Ansible/roles/wef/tasks/main.yml index d1bed68c2..ffd6f19f4 100644 --- a/Azure/Ansible/roles/wef/tasks/main.yml +++ b/Azure/Ansible/roles/wef/tasks/main.yml @@ -21,6 +21,8 @@ - name: Copy scripts to c:\vagrant win_shell: Copy-Item -Recurse c:\DetectionLab\Vagrant c:\vagrant + args: + creates: c:\vagrant\Vagrantfile - name: Join the Domain win_shell: .\\provision.ps1 @@ -28,6 +30,7 @@ chdir: 'c:\vagrant\scripts' register: wef_join_domain changed_when: "'HasSucceeded : True' in wef_join_domain.stdout" + failed_when: '"failed to join domain" in wef_join_domain.stderr' - debug: msg="{{ wef_join_domain.stdout_lines }}" @@ -37,6 +40,7 @@ pre_reboot_delay: 15 reboot_timeout: 600 post_reboot_delay: 60 + when: wef_join_domain.changed - name: Download Microsoft ATA win_get_url: @@ -53,6 +57,7 @@ chdir: 'c:\vagrant\scripts' register: palantir_wef failed_when: "'Exception' in palantir_wef.stdout" + changed_when: "' already exists. Moving On.' not in palantir_wef.stdout" - debug: msg="{{ palantir_wef.stdout_lines }}" @@ -62,6 +67,7 @@ chdir: 'c:\vagrant\scripts' register: wef_subscriptions failed_when: "'Exception' in wef_subscriptions.stdout" + changed_when: "'already installed, moving on...' not in wef_subscriptions.stdout" - debug: msg="{{ wef_subscriptions.stdout_lines }}" @@ -71,6 +77,7 @@ chdir: 'c:\vagrant\scripts' register: splunkuf failed_when: "'Exception' in splunkuf.stdout" + changed_when: "' already installed. Moving on.' not in splunkuf.stdout" - debug: msg="{{ splunkuf.stdout_lines }}" @@ -80,6 +87,7 @@ chdir: 'c:\vagrant\scripts' register: windowsta failed_when: "'Exception' in windowsta.stdout" + changed_when: "' already installed. Moving on.' not in windowsta.stdout" - debug: msg="{{ windowsta.stdout_lines }}" @@ -98,6 +106,7 @@ chdir: 'c:\vagrant\scripts' register: evtxeventsamples failed_when: "'Exception' in evtxeventsamples.stdout" + changed_when: "' were already installed. Moving On.' not in evtxeventsamples.stdout" - debug: msg="{{ evtxeventsamples.stdout_lines }}" @@ -107,6 +116,7 @@ chdir: 'c:\vagrant\scripts' register: windowsata failed_when: "'Exception' in windowsata.stdout" + changed_when: "' was already installed. Moving On.' not in windowsata.stdout" - debug: msg="{{ windowsata.stdout_lines }}" diff --git a/Azure/Ansible/roles/win10/tasks/main.yml b/Azure/Ansible/roles/win10/tasks/main.yml index 3cc8c024f..0b972b1ef 100644 --- a/Azure/Ansible/roles/win10/tasks/main.yml +++ b/Azure/Ansible/roles/win10/tasks/main.yml @@ -20,19 +20,27 @@ - name: Copy scripts to c:\vagrant win_shell: Copy-Item -Recurse c:\DetectionLab\Vagrant c:\vagrant + args: + creates: c:\vagrant\Vagrantfile - name: Making Windows10 Great Again win_shell: .\\MakeWindows10GreatAgain.ps1 args: chdir: 'c:\vagrant\scripts' + register: win10_great + changed_when: "' was already installed. Moving On.' not in win10_great.stdout" - name: Join the Domain win_shell: .\\provision.ps1 args: chdir: 'c:\vagrant\scripts' + register: win10_join_domain + changed_when: "'HasSucceeded : True' in win10_join_domain.stdout" + failed_when: '"failed to join domain" in win10_join_domain.stderr' - name: Update group policy win_shell: "gpupdate /force" + when: win10_join_domain.changed - name: Reboot Server win_reboot: @@ -40,6 +48,7 @@ pre_reboot_delay: 15 reboot_timeout: 600 post_reboot_delay: 60 + when: win10_join_domain.changed - name: Clear Event Logs win_shell: "wevtutil el | Select-String -notmatch \"Microsoft-Windows-LiveId\" | Foreach-Object {wevtutil cl \"$_\"}" From f110936fefa171b9c208c5ffedf33151401515cc Mon Sep 17 00:00:00 2001 From: sukster <67369320+sukster@users.noreply.github.com> Date: Sat, 7 Nov 2020 21:05:19 +0100 Subject: [PATCH 2/3] Added VIB file to open VNC ports automatically I have created this VIB file to automate the manual steps to open the VNC ports on ESXi firewall. --- ESXi/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/ESXi/README.md b/ESXi/README.md index 8e2a4646c..cd58f417e 100644 --- a/ESXi/README.md +++ b/ESXi/README.md @@ -17,6 +17,7 @@ NOTE: This is an early release and it's possible that certain features may not w 2. Enable the "Guest IP Hack" 3. Open VNC ports on the firewall * Instructions for those steps are here: https://nickcharlton.net/posts/using-packer-esxi-6.html + * Alternatively, you can install the VIB file from https://github.com/sukster/ESXi-Packer-VNC which will automatically open the VNC ports on the ESXi firewall. 6. [Install Ansible](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html) ## Steps From fc3416874c9e412606c599b83a6dc2d97242ab8a Mon Sep 17 00:00:00 2001 From: sukster <67369320+sukster@users.noreply.github.com> Date: Sun, 8 Nov 2020 10:41:24 +0100 Subject: [PATCH 3/3] ESXi Terraform Provider automatic installation Since Terraform 0.13.x there is no need to build the provider or download it manually. The file versions.tf was added to specify the provider name in the Terraform Registry. The instructions in the README file have been updated to reflect this change. --- ESXi/README.md | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/ESXi/README.md b/ESXi/README.md index cd58f417e..b8d1c8241 100644 --- a/ESXi/README.md +++ b/ESXi/README.md @@ -5,20 +5,17 @@ NOTE: This is an early release and it's possible that certain features may not w ## Prereqs (~30-60 minutes) 0. Have an ESXi instance version 6 or higher. VSphere is **NOT** required. -1. Install the [requirements from the ESXi Terraform Provider](https://github.com/josenk/terraform-provider-esxi#requirements) - * If building on MacOS, don't forget to change the GOOS from linux to darwin! - * `GOOS=linux` -> `GOOS=darwin` -2. Build and install the [terraform-provider-esxi](https://github.com/josenk/terraform-provider-esxi#building-the-provider) provider -3. Your ESXi must have at least two separate networks - one that is accessible from your current machine (VM Network) and a HostOnly network to allow the VMs to have internet access (HostOnly). -4. [OVFTool](https://my.vmware.com/web/vmware/details?downloadGroup=OVFTOOL420&productId=618) must be installed and in your path. +1. The ESXi Terraform Provider built by https://github.com/josenk/terraform-provider-esxi will be installed automatically from the Terraform Registry, if you are using Terraform 0.13.x or higher. If needed, the lastest provider package can be downloaded manually from https://github.com/josenk/terraform-provider-esxi/releases. +2. Your ESXi must have at least two separate networks - one that is accessible from your current machine (VM Network) and a HostOnly network to allow the VMs to have internet access (HostOnly). +3. [OVFTool](https://my.vmware.com/web/vmware/details?downloadGroup=OVFTOOL420&productId=618) must be installed and in your path. * On MacOS, I solved this by creating a symbolic link to the ovftool included in VMWare Fusion: `sudo ln -s "/Applications/VMware Fusion.app/Contents/Library/VMware OVF Tool/ovftool" "/usr/local/bin/ovftool"` -5. On your ESXI, you must: +4. On your ESXI, you must: 1. Enable SSH 2. Enable the "Guest IP Hack" 3. Open VNC ports on the firewall * Instructions for those steps are here: https://nickcharlton.net/posts/using-packer-esxi-6.html * Alternatively, you can install the VIB file from https://github.com/sukster/ESXi-Packer-VNC which will automatically open the VNC ports on the ESXi firewall. -6. [Install Ansible](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html) +5. [Install Ansible](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html) ## Steps