CentOS7にCowrieをAnsibleで入れてみる

環境

• CentOS Linux release 7.5.1804 (Core)
• Cowrie

ファイルの準備

※対象ホスト（target）とのansible疎通は取れている前提です

以下のファイルを準備する
- hosts
- site.yml
- host_vars/target
- roles/setup_cowrie/tasks/main.yml

hosts

[targets]
target ansible_host=192.168.1.1

[all:vars]
ansible_ssh_user=root
ansible_ssh_private_key_file=./ssh_target.key

site.yml

- hosts: target
  gather_facts: True
  roles:
    - setup_cowrie

ユーザ（cowrie）のパスワード、適宜修正

host_vars/target

cowrie_password: P@ssword

roles/setup_cowrie/tasks/main.yml

- name: install modules
  tags: cowrie
  yum:
    name: "@Development Tools"
    state: present

- name: install modules
  tags: cowrie
  with_items:
    - python-devel
    - python-setuptools
    - python-virtualenv
    - epel-release
  yum:
    name: "{{ item }}"
    state: present

- name: install modules
  tags: cowrie
  yum:
    name: python-pip
    state: present

- name: upgrade pip
  tags: cowrie
  pip:
    name: pip
    extra_args: --upgrade

- name: useradd cowrie
  tags: cowrie
  user:
    name: cowrie
    state: present
    password: "{{ cowrie_password | password_hash('sha512') }}"
    update_password: on_create

- name: mkdir
  tags: cowrie
  become: yes
  become_user: cowrie
  file:
    path: /home/cowrie/cowrie
    state: directory
    mode: 0755

- name: git clone by cowrie
  tags: cowrie
  become: yes
  become_user: cowrie
  git:
    repo: http://github.com/micheloosterhof/cowrie
    dest: /home/cowrie/cowrie

- name: install packages
  tags: cowrie
  become: yes
  become_user: cowrie
  shell: /bin/bash -lc "cd /home/cowrie/cowrie&&virtualenv cowrie-env&&source cowrie-env/bin/activate&&pip install --upgrade pip&&pip install --upgrade -r requirements.txt&&deactivate"

playbookの実行

以下のコマンドでplaybookを実行

$ ansible-playbook -i hosts site.yml

起動

# su - cowrie
$ ./cowrie/bin/cowrie start

課題

cowrie.serviceおよびcowrie.socketがうまく動かないので
当面手動で起動・停止対応することにする