-
Notifications
You must be signed in to change notification settings - Fork 2
/
playbook.yml
140 lines (126 loc) · 4.92 KB
/
playbook.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
-
name: 'Setup Phishing Server'
hosts: phishing_server
vars:
- vmail_db_bind_passwd: "{{ lookup('password', '/dev/null length=15 chars=ascii_letters') }}"
- vmail_db_admin_passwd: "{{ lookup('password', '/dev/null length=15 chars=ascii_letters') }}"
- api_auth_token: "{{ lookup('password', '/dev/null length=15 chars=ascii_letters') }}"
- netdata_db_password: "{{ lookup('password', '/dev/null length=15 chars=ascii_letters') }}"
- mysql_root_password: "{{ lookup('password', '/dev/null length=15 chars=ascii_letters') }}"
- amavisd_db_password: "{{ lookup('password', '/dev/null length=15 chars=ascii_letters') }}"
- ired_db_passwd: "{{ lookup('password', '/dev/null length=15 chars=ascii_letters') }}"
- rcm_db_passwd: "{{ lookup('password', '/dev/null length=15 chars=ascii_letters') }}"
- sogo_db_passwd: "{{ lookup('password', '/dev/null length=15 chars=ascii_letters') }}"
- sogo_password: "{{ lookup('password', '/dev/null length=15 chars=ascii_letters') }}"
- iredapd_db_password: "{{ lookup('password', '/dev/null length=15 chars=ascii_letters') }}"
- fail2ban_password: "{{ lookup('password', '/dev/null length=15 chars=ascii_letters') }}"
tasks:
-
name: 'Set a hostname'
ansible.builtin.hostname:
name: mx.{{ le_domain }}
-
name: 'Update /etc/hosts'
lineinfile:
dest: /etc/hosts
regexp: '.*127.0.0.1$'
line: "127.0.0.1 {{le_domain}} mx.{{le_domain}}"
state: present
-
name: 'Install Nginx'
yum:
name: nginx
state: present
-
name: 'Stop Nginx'
service:
name: nginx
state: stopped
-
name: 'Install Certbot #1'
yum:
name: epel-release
state: present
-
name: 'Install Certbot #2'
yum:
name: certbot
state: present
-
name: 'Getting a certificate'
command: 'certbot certonly --authenticator standalone --agree-tos --email {{le_email}} --expand -n -q -d {{le_domain}}'
ignore_errors: yes
-
name: "Download iRedMail"
get_url:
url: https://github.com/iredmail/iRedMail/archive/1.4.2.tar.gz
dest: "/root/1.4.2.tar.gz"
checksum: sha256:8826409cb3cd92e17742087210de10be681431a3dec379f729d19c88675f4576
-
name: "Unzipping iRedMail"
unarchive:
remote_src: true
src: '/root/1.4.2.tar.gz'
dest: '/root'
-
name: "Creating iRedMail config"
template:
src: "templates/iRedMail.j2"
dest: "/root/iRedMail-1.4.2/config"
-
name: "Installing iRedMail"
shell: |
AUTO_USE_EXISTING_CONFIG_FILE=y \
AUTO_INSTALL_WITHOUT_CONFIRM=y \
AUTO_CLEANUP_REMOVE_SENDMAIL=y \
AUTO_CLEANUP_REPLACE_FIREWALL_RULES=y \
AUTO_CLEANUP_RESTART_FIREWALL=y \
AUTO_CLEANUP_REPLACE_MYSQL_CONFIG=y \
bash /root/iRedMail-1.4.2/iRedMail.sh
-
name: "Start Nginx"
service:
name: nginx
state: started
-
name: 'Start iRedAdmin'
service:
name: iredadmin
state: started
-
name: 'Creating /root/gophish'
file:
path: /root/gophish
state: directory
-
name: 'Download Gophish'
get_url:
url: 'https://github.com/gophish/gophish/releases/download/v0.11.0/gophish-v0.11.0-linux-64bit.zip'
dest: '/root/gophish/gophish.zip'
checksum: sha256:f33ac7695850132c04d190f83ef54732421a8d4578be1475d3a819fe6173c462
-
name: 'Setup Gophish'
unarchive:
remote_src: true
src: /root/gophish/gophish.zip
dest: /root/gophish
-
name: 'Configuring Gophish'
template:
src: "templates/gophish.j2"
dest: "/root/gophish/config.json"
- name: 'Setting up easy start for Gophish'
copy:
dest: "/root/gophish/start.sh"
content: |
bash -c /root/gophish/gophish -c /root/gophish/config.json
-
name: 'Just wrapping up'
file:
dest: '/root/gophish/gophish'
mode: a+x
-
name: 'Just wrapping up #2'
file:
dest: '/root/gophish/start.sh'
mode: a+x