edurange 0.0.1 → 0.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/bin/edurange-setup +14 -0
- data/final.yml +4 -3
- data/lib/edurange/edu_machine.rb +4 -1
- data/lib/edurange/parser.rb +25 -6
- data/lib/edurange/puppet_master.rb +11 -0
- data/lib/edurange/version.rb +1 -1
- data/lib/edurange.rb +57 -2
- metadata +9 -10
- data/parser.rb +0 -57
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA1:
|
|
3
|
+
metadata.gz: 31fe342dd428b3b905e59bfb4fd109900ea5f822
|
|
4
|
+
data.tar.gz: 67be712ee7e9f5b7c4ae186503a29e6c00b2cb8c
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: d73633e20619c1f6069951b35b100595d69221e12507f6fc0fb2913b03b6a260807d75983537b982bf58686b02f315803f1eaf8c68cd8033e98a5527571e718d
|
|
7
|
+
data.tar.gz: 6a31424c4bfaee52237575d266bb8938a1cb464cf9caeb89e45add8ef8bf438d197f3541d5d38b487a601efb04cabc587e6f2d11b10b824ccf1708dcbb4590cb
|
data/bin/edurange-setup
ADDED
data/final.yml
CHANGED
|
@@ -16,9 +16,10 @@ Nodes:
|
|
|
16
16
|
|
|
17
17
|
Groups:
|
|
18
18
|
Team_1:
|
|
19
|
-
- { login: sboesen,
|
|
19
|
+
- { login: sboesen, pass_file: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDZOg/RVwsrNvDuCETa1wTaQynNOBFVQIVbzZ4PnMUh+5XlYA40Z4AJ5Yzd6VhuH6vCqnsil2saPsedJK1Me7dl5P08Drqhhf2RbBUW9ZYE2VvtpneZXSGneL70NRJgnoCV55IMY4Btf+3vCV0Ddog5uXkH/Zkgxl3fI5E/6wF82JizMF1BQlg0N7vdWnPbqkn82/VYsIXK0jo8pXFrxjli1jfLN9y/UWL8b5AGpfr5punMWVqh+FsAThPd7sbbu//HRguocZRBSaaDJ8H7qVWJNPPWKecR12AViPjnmFkUMZMPObQWrIOTRyTOcSr5vU1fAxPVWSwFhELtLmxsy7hh stefanboesen@Derp' }
|
|
20
|
+
|
|
20
21
|
Instructor:
|
|
21
|
-
- { login: weissr,
|
|
22
|
+
- { login: weissr, pass_file: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDZOg/RVwsrNvDuCETa1wTaQynNOBFVQIVbzZ4PnMUh+5XlYA40Z4AJ5Yzd6VhuH6vCqnsil2saPsedJK1Me7dl5P08Drqhhf2RbBUW9ZYE2VvtpneZXSGneL70NRJgnoCV55IMY4Btf+3vCV0Ddog5uXkH/Zkgxl3fI5E/6wF82JizMF1BQlg0N7vdWnPbqkn82/VYsIXK0jo8pXFrxjli1jfLN9y/UWL8b5AGpfr5punMWVqh+FsAThPd7sbbu//HRguocZRBSaaDJ8H7qVWJNPPWKecR12AViPjnmFkUMZMPObQWrIOTRyTOcSr5vU1fAxPVWSwFhELtLmxsy7hh stefanboesen@Derp' }
|
|
22
23
|
|
|
23
24
|
Software:
|
|
24
25
|
Victim_CTF:
|
|
@@ -37,5 +38,5 @@ Software:
|
|
|
37
38
|
|
|
38
39
|
Packages: # References to puppet modules so we can support different OS options. Otherwise we need to know what OS we're on...
|
|
39
40
|
- iptables
|
|
40
|
-
-
|
|
41
|
+
- apache2
|
|
41
42
|
|
data/lib/edurange/edu_machine.rb
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
module Edurange
|
|
2
2
|
class EduMachine
|
|
3
|
-
attr_reader :uuid, :ami_id, :key_name, :vm_size, :ip_address
|
|
3
|
+
attr_reader :uuid, :ami_id, :key_name, :vm_size, :ip_address, :users
|
|
4
4
|
|
|
5
5
|
EC2_UTILS_PATH = "/home/ubuntu/.ec2/bin/"
|
|
6
6
|
|
|
@@ -12,6 +12,9 @@ module Edurange
|
|
|
12
12
|
@vm_size = vm_size
|
|
13
13
|
@ami_id = ami_id
|
|
14
14
|
end
|
|
15
|
+
def initial_users(users)
|
|
16
|
+
@users = users
|
|
17
|
+
end
|
|
15
18
|
def run(command)
|
|
16
19
|
# runs an ec2 command with full path.
|
|
17
20
|
command = EC2_UTILS_PATH + command
|
data/lib/edurange/parser.rb
CHANGED
|
@@ -1,9 +1,30 @@
|
|
|
1
1
|
module Edurange
|
|
2
2
|
class Parser
|
|
3
|
-
def self.
|
|
3
|
+
def self.puppet_firewall_rules(uuid, rules)
|
|
4
|
+
puppet_rules = "if $uuid == '#{uuid}' {"
|
|
5
|
+
rules.each do |rule|
|
|
6
|
+
protocol = rule[0]
|
|
7
|
+
port = rule[1]
|
|
8
|
+
dest = (rule[2] == 'All') ? '0.0.0.0/24' : rule[2]
|
|
9
|
+
|
|
10
|
+
puppet_rule = "iptables { '#{uuid} iptables: #{protocol}://#{dest}:#{port}':
|
|
11
|
+
proto => '#{protocol}',
|
|
12
|
+
dport => '#{port}',
|
|
13
|
+
destination => '#{dest}
|
|
14
|
+
}"
|
|
15
|
+
|
|
16
|
+
p puppet_rule
|
|
17
|
+
puppet_rules += puppet_rule
|
|
18
|
+
end
|
|
19
|
+
puppet_rules += "\n}"
|
|
20
|
+
puppet_rules
|
|
21
|
+
|
|
22
|
+
end
|
|
23
|
+
def self.facter_facts(uuid, services)
|
|
24
|
+
services = services.join(',')
|
|
4
25
|
facter_conf = <<conf
|
|
5
26
|
uuid=#{uuid}
|
|
6
|
-
services
|
|
27
|
+
services=#{services}
|
|
7
28
|
conf
|
|
8
29
|
end
|
|
9
30
|
def self.parse_yaml(filename)
|
|
@@ -58,16 +79,14 @@ conf
|
|
|
58
79
|
end
|
|
59
80
|
end
|
|
60
81
|
nodes.push [
|
|
82
|
+
node_name,
|
|
61
83
|
ami_id,
|
|
62
84
|
users,
|
|
63
85
|
iptables_rules,
|
|
64
86
|
packages
|
|
65
87
|
]
|
|
66
|
-
p ami_id
|
|
67
|
-
p users
|
|
68
|
-
p iptables_rules
|
|
69
|
-
p packages
|
|
70
88
|
end
|
|
89
|
+
return nodes
|
|
71
90
|
end
|
|
72
91
|
end
|
|
73
92
|
end
|
|
@@ -22,6 +22,17 @@ module Edurange
|
|
|
22
22
|
private_key = `sudo cat /var/lib/puppet/ssl/private_keys/#{uuid}.pem`.chomp
|
|
23
23
|
return [uuid, ssl_cert, ca_cert, private_key]
|
|
24
24
|
end
|
|
25
|
+
def self.append_to_config(conf)
|
|
26
|
+
File.open("my-user-script.sh", 'a+') do |file|
|
|
27
|
+
file.write(conf)
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
def self.write_puppet_conf(instance_id, conf)
|
|
31
|
+
File.open("/home/ubuntu/edurange/derp.pp", "w") do |file|
|
|
32
|
+
file.write(conf)
|
|
33
|
+
end
|
|
34
|
+
`sudo mv /home/ubuntu/edurange/derp.pp /etc/puppet/manifests/#{instance_id}#{Time.now.to_s.gsub(' ','')}.pp`
|
|
35
|
+
end
|
|
25
36
|
def self.write_shell_config_file(ssh_key, puppetmaster_ip, certs, puppet_conf, facter_facts)
|
|
26
37
|
File.open("my-user-script.sh", 'w') do |file|
|
|
27
38
|
file_contents = <<contents
|
data/lib/edurange/version.rb
CHANGED
data/lib/edurange.rb
CHANGED
|
@@ -5,9 +5,64 @@ require "edurange/edu_machine"
|
|
|
5
5
|
|
|
6
6
|
module Edurange
|
|
7
7
|
class Init
|
|
8
|
-
def self.init(
|
|
9
|
-
|
|
8
|
+
def self.init(config_filename)
|
|
9
|
+
keyname = "newkey"
|
|
10
|
+
our_ssh_key = Edurange::PuppetMaster.get_our_ssh_key()
|
|
11
|
+
puppetmaster_ip = Edurange::PuppetMaster.puppetmaster_ip()
|
|
10
12
|
|
|
13
|
+
nodes = Edurange::Parser.parse_yaml(config_filename) # format: nodes[node_name, ami_id, users, firewall_rules, packages]
|
|
14
|
+
|
|
15
|
+
nodes.each do |node|
|
|
16
|
+
node_name = node[0]
|
|
17
|
+
ami_id = node[1]
|
|
18
|
+
users = node[2]
|
|
19
|
+
firewall_rules = node[3]
|
|
20
|
+
packages = node[4]
|
|
21
|
+
puts "Preparing #{node_name} - Packages: #{packages} ami_id: #{ami_id}"
|
|
22
|
+
puts "Got users: #{users} and fw rules: #{firewall_rules}"
|
|
23
|
+
certs = Edurange::PuppetMaster.gen_client_ssl_cert()
|
|
24
|
+
conf = Edurange::PuppetMaster.generate_puppet_conf(certs[0])
|
|
25
|
+
facts = Edurange::Parser.facter_facts(certs[0], packages)
|
|
26
|
+
Edurange::PuppetMaster.write_shell_config_file(our_ssh_key,puppetmaster_ip, certs, conf, facts)
|
|
27
|
+
|
|
28
|
+
users_script = self.users_to_bash(users)
|
|
29
|
+
p users_script
|
|
30
|
+
puts 'user_script above...'
|
|
31
|
+
Edurange::PuppetMaster.append_to_config(users_script)
|
|
32
|
+
|
|
33
|
+
|
|
34
|
+
|
|
35
|
+
machine = Edurange::EduMachine.new(certs[0], keyname, ami_id)
|
|
36
|
+
#machine.users(users)
|
|
37
|
+
|
|
38
|
+
machine_details = machine.spin_up()
|
|
39
|
+
|
|
40
|
+
uuid = machine_details.uuid
|
|
41
|
+
|
|
42
|
+
puppet_rules = Edurange::Parser.puppet_firewall_rules(uuid, firewall_rules)
|
|
43
|
+
|
|
44
|
+
Edurange::PuppetMaster.write_puppet_conf(uuid, puppet_rules)
|
|
45
|
+
p machine_details
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
def self.users_to_bash(users)
|
|
50
|
+
shell = ""
|
|
51
|
+
users.each do |user|
|
|
52
|
+
p user
|
|
53
|
+
if user['password']
|
|
54
|
+
#shell += "\n"
|
|
55
|
+
#shell += "sudo useradd -m #{user[:login]}"
|
|
56
|
+
#shell += ''
|
|
57
|
+
elsif user['pass_file']
|
|
58
|
+
#TODO implement pass files
|
|
59
|
+
shell += "\n"
|
|
60
|
+
shell += "sudo useradd -m #{user['login']} -s /bin/bash\n"
|
|
61
|
+
shell += "sudo mkdir -p /home/#{user['login']}/.ssh\n"
|
|
62
|
+
shell += "echo '#{user['pass_file']}' >> /home/#{user['login']}/.ssh/authorized_keys\n"
|
|
63
|
+
end
|
|
64
|
+
end
|
|
65
|
+
shell
|
|
11
66
|
end
|
|
12
67
|
end
|
|
13
68
|
end
|
metadata
CHANGED
|
@@ -1,21 +1,21 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: edurange
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
5
|
-
prerelease:
|
|
4
|
+
version: 0.0.2
|
|
6
5
|
platform: ruby
|
|
7
6
|
authors:
|
|
8
7
|
- Stefan Boesen
|
|
9
8
|
autorequire:
|
|
10
9
|
bindir: bin
|
|
11
10
|
cert_chain: []
|
|
12
|
-
date: 2013-
|
|
11
|
+
date: 2013-03-04 00:00:00.000000000 Z
|
|
13
12
|
dependencies: []
|
|
14
13
|
description: EDURange Project
|
|
15
14
|
email:
|
|
16
15
|
- stefan.boesen@gmail.com
|
|
17
16
|
executables:
|
|
18
17
|
- edurange
|
|
18
|
+
- edurange-setup
|
|
19
19
|
extensions: []
|
|
20
20
|
extra_rdoc_files: []
|
|
21
21
|
files:
|
|
@@ -25,6 +25,7 @@ files:
|
|
|
25
25
|
- README.md
|
|
26
26
|
- Rakefile
|
|
27
27
|
- bin/edurange
|
|
28
|
+
- bin/edurange-setup
|
|
28
29
|
- edurange.gemspec
|
|
29
30
|
- final.yml
|
|
30
31
|
- lib/edurange.rb
|
|
@@ -32,30 +33,28 @@ files:
|
|
|
32
33
|
- lib/edurange/parser.rb
|
|
33
34
|
- lib/edurange/puppet_master.rb
|
|
34
35
|
- lib/edurange/version.rb
|
|
35
|
-
- parser.rb
|
|
36
36
|
- site.pp
|
|
37
37
|
homepage: ''
|
|
38
38
|
licenses: []
|
|
39
|
+
metadata: {}
|
|
39
40
|
post_install_message:
|
|
40
41
|
rdoc_options: []
|
|
41
42
|
require_paths:
|
|
42
43
|
- lib
|
|
43
44
|
required_ruby_version: !ruby/object:Gem::Requirement
|
|
44
|
-
none: false
|
|
45
45
|
requirements:
|
|
46
|
-
- -
|
|
46
|
+
- - '>='
|
|
47
47
|
- !ruby/object:Gem::Version
|
|
48
48
|
version: '0'
|
|
49
49
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
50
|
-
none: false
|
|
51
50
|
requirements:
|
|
52
|
-
- -
|
|
51
|
+
- - '>='
|
|
53
52
|
- !ruby/object:Gem::Version
|
|
54
53
|
version: '0'
|
|
55
54
|
requirements: []
|
|
56
55
|
rubyforge_project:
|
|
57
|
-
rubygems_version:
|
|
56
|
+
rubygems_version: 2.0.0
|
|
58
57
|
signing_key:
|
|
59
|
-
specification_version:
|
|
58
|
+
specification_version: 4
|
|
60
59
|
summary: Automatic warspace simulations
|
|
61
60
|
test_files: []
|
data/parser.rb
DELETED
|
@@ -1,57 +0,0 @@
|
|
|
1
|
-
require 'yaml'
|
|
2
|
-
|
|
3
|
-
file = YAML.load_file('final.yml')
|
|
4
|
-
|
|
5
|
-
softwares = {}
|
|
6
|
-
file["Software"].each do |software|
|
|
7
|
-
softwares[software[0]] = software[1]
|
|
8
|
-
end
|
|
9
|
-
|
|
10
|
-
groups = {}
|
|
11
|
-
file["Groups"].each do |group|
|
|
12
|
-
groups[group[0]] = group[1]
|
|
13
|
-
end
|
|
14
|
-
|
|
15
|
-
file["Nodes"].each do |node|
|
|
16
|
-
node_name = node[0]
|
|
17
|
-
ami_id = node[1]["AMI_ID"]
|
|
18
|
-
|
|
19
|
-
users = []
|
|
20
|
-
users_groups = node[1]["Users"]
|
|
21
|
-
users_groups.each do |user_group|
|
|
22
|
-
users.push groups[user_group]
|
|
23
|
-
end
|
|
24
|
-
users.flatten!
|
|
25
|
-
|
|
26
|
-
software = []
|
|
27
|
-
software_groups = node[1]["Software"]
|
|
28
|
-
software_groups.each do |software_group|
|
|
29
|
-
software.push softwares[software_group]
|
|
30
|
-
end
|
|
31
|
-
software.flatten!
|
|
32
|
-
|
|
33
|
-
iptables_rules = []
|
|
34
|
-
packages = []
|
|
35
|
-
software.each do |sw|
|
|
36
|
-
if !sw["IPTables"].nil?
|
|
37
|
-
sw["IPTables"].each do |iptable_rule|
|
|
38
|
-
port = iptable_rule[0]
|
|
39
|
-
protocol = iptable_rule[1]["Protocol"]
|
|
40
|
-
hosts = iptable_rule[1]["Hosts"]
|
|
41
|
-
hosts.each do |host|
|
|
42
|
-
iptables_rules.push [protocol, port, host]
|
|
43
|
-
end
|
|
44
|
-
end
|
|
45
|
-
end
|
|
46
|
-
if !sw["Packages"].nil?
|
|
47
|
-
sw["Packages"].each do |package|
|
|
48
|
-
packages.push package
|
|
49
|
-
end
|
|
50
|
-
end
|
|
51
|
-
end
|
|
52
|
-
p ami_id
|
|
53
|
-
p users
|
|
54
|
-
p iptables_rules
|
|
55
|
-
p packages
|
|
56
|
-
end
|
|
57
|
-
|