はじめに
WoWHoneypotの構築を先ほど行っていたのですが
再現性を担保するためにIaCを行なったので記録していきます.
環境
server: ubuntu20.04 (AWS)
client: Macbook air 2020
出来上がったもの
実際のコード(要点)
files/wowhoneypot.service
[Unit]
Description=WoWHoneypot daemon
Documentation=https://github.com/morihisa/WOWHoneypot
[Service]
ExecStart = /home/ubuntu/wowhoneypot.sh
ExecRestart = /bin/kill -WINCH ${MAINPID} ; /home/ubuntu/wowhoneypot.sh
ExecStop = /bin/kill -WINCH ${MAINPID}
User = root
[Install]
WantedBy = multi-user.target
files/wowhoneypot.sh
#!/bin/bash
cd /home/ubuntu/wowhoneypot
/usr/bin/python3 /home/ubuntu/wowhoneypot/wowhoneypot.py
site.yml
---
- hosts: webserver
tasks:
- include: WoWHoneypot/tasks/main.yml
tasks/main.yml
---
#==========システム導入編==========#
- name: ubuntu git_install
apt:
name: git
state: latest
become: yes
#ユーザー直下に落とす
- name: git_clone_wowhoneypot
command: git clone https://github.com/morihisa/WOWHoneypot.git wowhoneypot
become: yes
- name: service Wowhonepot
become: yes
copy:
src: ../files/wowhoneypot.service
dest: /etc/systemd/system/wowhoneypot.service
- name: Wowhonepot.sh
copy:
src: ../files/wowhoneypot.sh
dest: /home/ubuntu/wowhoneypot.sh
become: yes
- name: chmod +x wowhoneypot.sh
command: chmod +x wowhoneypot.sh
become: yes
#==========実行編==========#
- name: start wowhoneypot.service
command: systemctl start wowhoneypot.service
become: yesl
設定ファイルの追加(host/hosts)
[webserver]
Target01 ansible_ssh_host='global_IP'
[webserver:vars]
ansible_ssh_user='User_name'
ansible_ssh_private_key_file='key'
実行方法
$ ansible-playbook site.yml -i hosts/hosts
参考サイト