edurange 0.0.1 → 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/bin/edurange-setup +14 -0
- data/final.yml +4 -3
- data/lib/edurange/edu_machine.rb +4 -1
- data/lib/edurange/parser.rb +25 -6
- data/lib/edurange/puppet_master.rb +11 -0
- data/lib/edurange/version.rb +1 -1
- data/lib/edurange.rb +57 -2
- metadata +9 -10
- data/parser.rb +0 -57
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 31fe342dd428b3b905e59bfb4fd109900ea5f822
|
4
|
+
data.tar.gz: 67be712ee7e9f5b7c4ae186503a29e6c00b2cb8c
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: d73633e20619c1f6069951b35b100595d69221e12507f6fc0fb2913b03b6a260807d75983537b982bf58686b02f315803f1eaf8c68cd8033e98a5527571e718d
|
7
|
+
data.tar.gz: 6a31424c4bfaee52237575d266bb8938a1cb464cf9caeb89e45add8ef8bf438d197f3541d5d38b487a601efb04cabc587e6f2d11b10b824ccf1708dcbb4590cb
|
data/bin/edurange-setup
ADDED
data/final.yml
CHANGED
@@ -16,9 +16,10 @@ Nodes:
|
|
16
16
|
|
17
17
|
Groups:
|
18
18
|
Team_1:
|
19
|
-
- { login: sboesen,
|
19
|
+
- { login: sboesen, pass_file: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDZOg/RVwsrNvDuCETa1wTaQynNOBFVQIVbzZ4PnMUh+5XlYA40Z4AJ5Yzd6VhuH6vCqnsil2saPsedJK1Me7dl5P08Drqhhf2RbBUW9ZYE2VvtpneZXSGneL70NRJgnoCV55IMY4Btf+3vCV0Ddog5uXkH/Zkgxl3fI5E/6wF82JizMF1BQlg0N7vdWnPbqkn82/VYsIXK0jo8pXFrxjli1jfLN9y/UWL8b5AGpfr5punMWVqh+FsAThPd7sbbu//HRguocZRBSaaDJ8H7qVWJNPPWKecR12AViPjnmFkUMZMPObQWrIOTRyTOcSr5vU1fAxPVWSwFhELtLmxsy7hh stefanboesen@Derp' }
|
20
|
+
|
20
21
|
Instructor:
|
21
|
-
- { login: weissr,
|
22
|
+
- { login: weissr, pass_file: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDZOg/RVwsrNvDuCETa1wTaQynNOBFVQIVbzZ4PnMUh+5XlYA40Z4AJ5Yzd6VhuH6vCqnsil2saPsedJK1Me7dl5P08Drqhhf2RbBUW9ZYE2VvtpneZXSGneL70NRJgnoCV55IMY4Btf+3vCV0Ddog5uXkH/Zkgxl3fI5E/6wF82JizMF1BQlg0N7vdWnPbqkn82/VYsIXK0jo8pXFrxjli1jfLN9y/UWL8b5AGpfr5punMWVqh+FsAThPd7sbbu//HRguocZRBSaaDJ8H7qVWJNPPWKecR12AViPjnmFkUMZMPObQWrIOTRyTOcSr5vU1fAxPVWSwFhELtLmxsy7hh stefanboesen@Derp' }
|
22
23
|
|
23
24
|
Software:
|
24
25
|
Victim_CTF:
|
@@ -37,5 +38,5 @@ Software:
|
|
37
38
|
|
38
39
|
Packages: # References to puppet modules so we can support different OS options. Otherwise we need to know what OS we're on...
|
39
40
|
- iptables
|
40
|
-
-
|
41
|
+
- apache2
|
41
42
|
|
data/lib/edurange/edu_machine.rb
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
module Edurange
|
2
2
|
class EduMachine
|
3
|
-
attr_reader :uuid, :ami_id, :key_name, :vm_size, :ip_address
|
3
|
+
attr_reader :uuid, :ami_id, :key_name, :vm_size, :ip_address, :users
|
4
4
|
|
5
5
|
EC2_UTILS_PATH = "/home/ubuntu/.ec2/bin/"
|
6
6
|
|
@@ -12,6 +12,9 @@ module Edurange
|
|
12
12
|
@vm_size = vm_size
|
13
13
|
@ami_id = ami_id
|
14
14
|
end
|
15
|
+
def initial_users(users)
|
16
|
+
@users = users
|
17
|
+
end
|
15
18
|
def run(command)
|
16
19
|
# runs an ec2 command with full path.
|
17
20
|
command = EC2_UTILS_PATH + command
|
data/lib/edurange/parser.rb
CHANGED
@@ -1,9 +1,30 @@
|
|
1
1
|
module Edurange
|
2
2
|
class Parser
|
3
|
-
def self.
|
3
|
+
def self.puppet_firewall_rules(uuid, rules)
|
4
|
+
puppet_rules = "if $uuid == '#{uuid}' {"
|
5
|
+
rules.each do |rule|
|
6
|
+
protocol = rule[0]
|
7
|
+
port = rule[1]
|
8
|
+
dest = (rule[2] == 'All') ? '0.0.0.0/24' : rule[2]
|
9
|
+
|
10
|
+
puppet_rule = "iptables { '#{uuid} iptables: #{protocol}://#{dest}:#{port}':
|
11
|
+
proto => '#{protocol}',
|
12
|
+
dport => '#{port}',
|
13
|
+
destination => '#{dest}
|
14
|
+
}"
|
15
|
+
|
16
|
+
p puppet_rule
|
17
|
+
puppet_rules += puppet_rule
|
18
|
+
end
|
19
|
+
puppet_rules += "\n}"
|
20
|
+
puppet_rules
|
21
|
+
|
22
|
+
end
|
23
|
+
def self.facter_facts(uuid, services)
|
24
|
+
services = services.join(',')
|
4
25
|
facter_conf = <<conf
|
5
26
|
uuid=#{uuid}
|
6
|
-
services
|
27
|
+
services=#{services}
|
7
28
|
conf
|
8
29
|
end
|
9
30
|
def self.parse_yaml(filename)
|
@@ -58,16 +79,14 @@ conf
|
|
58
79
|
end
|
59
80
|
end
|
60
81
|
nodes.push [
|
82
|
+
node_name,
|
61
83
|
ami_id,
|
62
84
|
users,
|
63
85
|
iptables_rules,
|
64
86
|
packages
|
65
87
|
]
|
66
|
-
p ami_id
|
67
|
-
p users
|
68
|
-
p iptables_rules
|
69
|
-
p packages
|
70
88
|
end
|
89
|
+
return nodes
|
71
90
|
end
|
72
91
|
end
|
73
92
|
end
|
@@ -22,6 +22,17 @@ module Edurange
|
|
22
22
|
private_key = `sudo cat /var/lib/puppet/ssl/private_keys/#{uuid}.pem`.chomp
|
23
23
|
return [uuid, ssl_cert, ca_cert, private_key]
|
24
24
|
end
|
25
|
+
def self.append_to_config(conf)
|
26
|
+
File.open("my-user-script.sh", 'a+') do |file|
|
27
|
+
file.write(conf)
|
28
|
+
end
|
29
|
+
end
|
30
|
+
def self.write_puppet_conf(instance_id, conf)
|
31
|
+
File.open("/home/ubuntu/edurange/derp.pp", "w") do |file|
|
32
|
+
file.write(conf)
|
33
|
+
end
|
34
|
+
`sudo mv /home/ubuntu/edurange/derp.pp /etc/puppet/manifests/#{instance_id}#{Time.now.to_s.gsub(' ','')}.pp`
|
35
|
+
end
|
25
36
|
def self.write_shell_config_file(ssh_key, puppetmaster_ip, certs, puppet_conf, facter_facts)
|
26
37
|
File.open("my-user-script.sh", 'w') do |file|
|
27
38
|
file_contents = <<contents
|
data/lib/edurange/version.rb
CHANGED
data/lib/edurange.rb
CHANGED
@@ -5,9 +5,64 @@ require "edurange/edu_machine"
|
|
5
5
|
|
6
6
|
module Edurange
|
7
7
|
class Init
|
8
|
-
def self.init(
|
9
|
-
|
8
|
+
def self.init(config_filename)
|
9
|
+
keyname = "newkey"
|
10
|
+
our_ssh_key = Edurange::PuppetMaster.get_our_ssh_key()
|
11
|
+
puppetmaster_ip = Edurange::PuppetMaster.puppetmaster_ip()
|
10
12
|
|
13
|
+
nodes = Edurange::Parser.parse_yaml(config_filename) # format: nodes[node_name, ami_id, users, firewall_rules, packages]
|
14
|
+
|
15
|
+
nodes.each do |node|
|
16
|
+
node_name = node[0]
|
17
|
+
ami_id = node[1]
|
18
|
+
users = node[2]
|
19
|
+
firewall_rules = node[3]
|
20
|
+
packages = node[4]
|
21
|
+
puts "Preparing #{node_name} - Packages: #{packages} ami_id: #{ami_id}"
|
22
|
+
puts "Got users: #{users} and fw rules: #{firewall_rules}"
|
23
|
+
certs = Edurange::PuppetMaster.gen_client_ssl_cert()
|
24
|
+
conf = Edurange::PuppetMaster.generate_puppet_conf(certs[0])
|
25
|
+
facts = Edurange::Parser.facter_facts(certs[0], packages)
|
26
|
+
Edurange::PuppetMaster.write_shell_config_file(our_ssh_key,puppetmaster_ip, certs, conf, facts)
|
27
|
+
|
28
|
+
users_script = self.users_to_bash(users)
|
29
|
+
p users_script
|
30
|
+
puts 'user_script above...'
|
31
|
+
Edurange::PuppetMaster.append_to_config(users_script)
|
32
|
+
|
33
|
+
|
34
|
+
|
35
|
+
machine = Edurange::EduMachine.new(certs[0], keyname, ami_id)
|
36
|
+
#machine.users(users)
|
37
|
+
|
38
|
+
machine_details = machine.spin_up()
|
39
|
+
|
40
|
+
uuid = machine_details.uuid
|
41
|
+
|
42
|
+
puppet_rules = Edurange::Parser.puppet_firewall_rules(uuid, firewall_rules)
|
43
|
+
|
44
|
+
Edurange::PuppetMaster.write_puppet_conf(uuid, puppet_rules)
|
45
|
+
p machine_details
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
49
|
+
def self.users_to_bash(users)
|
50
|
+
shell = ""
|
51
|
+
users.each do |user|
|
52
|
+
p user
|
53
|
+
if user['password']
|
54
|
+
#shell += "\n"
|
55
|
+
#shell += "sudo useradd -m #{user[:login]}"
|
56
|
+
#shell += ''
|
57
|
+
elsif user['pass_file']
|
58
|
+
#TODO implement pass files
|
59
|
+
shell += "\n"
|
60
|
+
shell += "sudo useradd -m #{user['login']} -s /bin/bash\n"
|
61
|
+
shell += "sudo mkdir -p /home/#{user['login']}/.ssh\n"
|
62
|
+
shell += "echo '#{user['pass_file']}' >> /home/#{user['login']}/.ssh/authorized_keys\n"
|
63
|
+
end
|
64
|
+
end
|
65
|
+
shell
|
11
66
|
end
|
12
67
|
end
|
13
68
|
end
|
metadata
CHANGED
@@ -1,21 +1,21 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: edurange
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
5
|
-
prerelease:
|
4
|
+
version: 0.0.2
|
6
5
|
platform: ruby
|
7
6
|
authors:
|
8
7
|
- Stefan Boesen
|
9
8
|
autorequire:
|
10
9
|
bindir: bin
|
11
10
|
cert_chain: []
|
12
|
-
date: 2013-
|
11
|
+
date: 2013-03-04 00:00:00.000000000 Z
|
13
12
|
dependencies: []
|
14
13
|
description: EDURange Project
|
15
14
|
email:
|
16
15
|
- stefan.boesen@gmail.com
|
17
16
|
executables:
|
18
17
|
- edurange
|
18
|
+
- edurange-setup
|
19
19
|
extensions: []
|
20
20
|
extra_rdoc_files: []
|
21
21
|
files:
|
@@ -25,6 +25,7 @@ files:
|
|
25
25
|
- README.md
|
26
26
|
- Rakefile
|
27
27
|
- bin/edurange
|
28
|
+
- bin/edurange-setup
|
28
29
|
- edurange.gemspec
|
29
30
|
- final.yml
|
30
31
|
- lib/edurange.rb
|
@@ -32,30 +33,28 @@ files:
|
|
32
33
|
- lib/edurange/parser.rb
|
33
34
|
- lib/edurange/puppet_master.rb
|
34
35
|
- lib/edurange/version.rb
|
35
|
-
- parser.rb
|
36
36
|
- site.pp
|
37
37
|
homepage: ''
|
38
38
|
licenses: []
|
39
|
+
metadata: {}
|
39
40
|
post_install_message:
|
40
41
|
rdoc_options: []
|
41
42
|
require_paths:
|
42
43
|
- lib
|
43
44
|
required_ruby_version: !ruby/object:Gem::Requirement
|
44
|
-
none: false
|
45
45
|
requirements:
|
46
|
-
- -
|
46
|
+
- - '>='
|
47
47
|
- !ruby/object:Gem::Version
|
48
48
|
version: '0'
|
49
49
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
50
|
-
none: false
|
51
50
|
requirements:
|
52
|
-
- -
|
51
|
+
- - '>='
|
53
52
|
- !ruby/object:Gem::Version
|
54
53
|
version: '0'
|
55
54
|
requirements: []
|
56
55
|
rubyforge_project:
|
57
|
-
rubygems_version:
|
56
|
+
rubygems_version: 2.0.0
|
58
57
|
signing_key:
|
59
|
-
specification_version:
|
58
|
+
specification_version: 4
|
60
59
|
summary: Automatic warspace simulations
|
61
60
|
test_files: []
|
data/parser.rb
DELETED
@@ -1,57 +0,0 @@
|
|
1
|
-
require 'yaml'
|
2
|
-
|
3
|
-
file = YAML.load_file('final.yml')
|
4
|
-
|
5
|
-
softwares = {}
|
6
|
-
file["Software"].each do |software|
|
7
|
-
softwares[software[0]] = software[1]
|
8
|
-
end
|
9
|
-
|
10
|
-
groups = {}
|
11
|
-
file["Groups"].each do |group|
|
12
|
-
groups[group[0]] = group[1]
|
13
|
-
end
|
14
|
-
|
15
|
-
file["Nodes"].each do |node|
|
16
|
-
node_name = node[0]
|
17
|
-
ami_id = node[1]["AMI_ID"]
|
18
|
-
|
19
|
-
users = []
|
20
|
-
users_groups = node[1]["Users"]
|
21
|
-
users_groups.each do |user_group|
|
22
|
-
users.push groups[user_group]
|
23
|
-
end
|
24
|
-
users.flatten!
|
25
|
-
|
26
|
-
software = []
|
27
|
-
software_groups = node[1]["Software"]
|
28
|
-
software_groups.each do |software_group|
|
29
|
-
software.push softwares[software_group]
|
30
|
-
end
|
31
|
-
software.flatten!
|
32
|
-
|
33
|
-
iptables_rules = []
|
34
|
-
packages = []
|
35
|
-
software.each do |sw|
|
36
|
-
if !sw["IPTables"].nil?
|
37
|
-
sw["IPTables"].each do |iptable_rule|
|
38
|
-
port = iptable_rule[0]
|
39
|
-
protocol = iptable_rule[1]["Protocol"]
|
40
|
-
hosts = iptable_rule[1]["Hosts"]
|
41
|
-
hosts.each do |host|
|
42
|
-
iptables_rules.push [protocol, port, host]
|
43
|
-
end
|
44
|
-
end
|
45
|
-
end
|
46
|
-
if !sw["Packages"].nil?
|
47
|
-
sw["Packages"].each do |package|
|
48
|
-
packages.push package
|
49
|
-
end
|
50
|
-
end
|
51
|
-
end
|
52
|
-
p ami_id
|
53
|
-
p users
|
54
|
-
p iptables_rules
|
55
|
-
p packages
|
56
|
-
end
|
57
|
-
|