Commit 9e74674e authored by awithers's avatar awithers

updated readme

parent aa0ce7d0
......@@ -4,3 +4,10 @@ SDAIA Project
CICI: Secure Data Architecture: Shared Intelligence Platform for Protecting our National Cyberinfrastructure
ACI Award Number:1547249
-----------------------
Ansible roles found in site.yml. Comment out roles not needed.
You can run `install.sh`, which requires and runs Ansible locally. Or deploy using your own Ansible instance via SSH. Install requires root.
Deploys SDAIA software on Ubuntu 16 and CentOS 7 (beta).
......@@ -39,3 +39,11 @@
remote_src: true
src: zzmq.py
dest: /usr/local/lib/python2.7/dist-packages/csirtg_smrt/client/
when: (ansible_distribution == "Ubuntu")
- name: patch csirtg zmq
copy:
remote_src: true
src: zzmq.py
dest: /usr/lib/python2.7/site-packages/csirtg_smrt/client/
when: (ansible_distribution == "CentOS")
---
- name: start docker
service:
name: docker
state: started
- name: restart sshd
service:
name: sshd
state: restarted
- name: restart docker-ssh-logger
docker_container:
name: "{{ docker_container_name }}"
state: started
restart: yes
restart_policy: "always"
ports: "{{ ssh_traffic_port }}:22"
image: "justinazoff/ssh-auth-logger:latest"
command: ssh-auth-logger
tags: docker
- name: reload systemd
command: systemctl daemon-reload
......@@ -53,7 +53,7 @@
state: latest
pkg: "{{ item }}"
with_items:
# - docker-engine
- docker-engine
- htop
- python-virtualenv
- python-pip
......
......@@ -17,3 +17,8 @@
- firewalld: port="{{ sshd_alt_port }}/tcp" permanent=true state=enabled immediate=yes
when: (ansible_distribution == "CentOS")
- command: /usr/bin/firewall-cmd reload
when: (ansible_distribution == "CentOS")
- command: /usr/sbin/semanage port -a -t ssh_port_t -p tcp "{{ sshd_alt_port }}"
ignore_errors: True
......@@ -24,14 +24,3 @@
name: sshd
state: restarted
## issues with ansible, python docker, docker-py and docker-compose
#- name: restart docker-ssh-logger
# docker_container:
# name: "{{ docker_container_name }}"
# state: started
# restart: yes
# restart_policy: "always"
# ports: "{{ ssh_traffic_port }}:22"
# image: "justinazoff/ssh-auth-logger:latest"
# command: ssh-auth-logger
---
- user: name="{{ ansible_env.SUDO_USER }}" groups=docker append=yes
- name: pull recent docker image
command: docker pull "justinazoff/ssh-auth-logger:{{ ssh_logger_version }}"
async: 300
poll: 5
- name: systemd services
template: src=ssh-auth-logger.service.j2 dest=/etc/systemd/system/ssh-auth-logger.service owner=root group=root mode=0644
notify:
- reload systemd
- start docker
when: (ansible_distribution == "CentOS")
- name: systemd services
......@@ -18,6 +14,11 @@
- reload systemd
when: (ansible_distribution == "Ubuntu")
- name: pull recent docker image
command: docker pull "justinazoff/ssh-auth-logger:{{ ssh_logger_version }}"
async: 300
poll: 5
#- name: start ssh-auth-logger
# service: name=ssh-auth-logger.service state=started
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment