wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-09-06 20:13:11 +02:00
Code Issues Projects Releases Wiki Activity

Merge 8de16b714b into eae4353691

Browse source
This commit is contained in:
PC 2017-04-04 14:26:07 +00:00 committed by GitHub
commit 401c6d6b68
2 changed files with 73 additions and 52 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
algo
View file

@ -208,23 +208,32 @@ EXTRA_VARS="do_access_token=$do_access_token do_server_name=$do_server_name do_r
} }
ec2 () { ec2 () {
if [[ -z $AWS_ACCESS_KEY_ID ]]; then
read -p " read -p "
Enter your aws_access_key (http://docs.aws.amazon.com/general/latest/gr/managing-aws-access-keys.html) Enter your aws_access_key (http://docs.aws.amazon.com/general/latest/gr/managing-aws-access-keys.html)
Note: Make sure to use either your root key (recommended) or an IAM user with an acceptable policy attached Note: Make sure to use either your root key (recommended) or an IAM user with an acceptable policy attached
[pasted values will not be displayed] [pasted values will not be displayed]
[AKIA...]: " -rs aws_access_key [AKIA...]: " -rs aws_access_key
else
aws_access_key=$AWS_ACCESS_KEY_ID
fi
if [[ -z $AWS_SECRET_ACCESS_KEY ]]; then
read -p " read -p "
Enter your aws_secret_key (http://docs.aws.amazon.com/general/latest/gr/managing-aws-access-keys.html) Enter your aws_secret_key (http://docs.aws.amazon.com/general/latest/gr/managing-aws-access-keys.html)
Note: Make sure to use either your root key (recommended) or an IAM user with an acceptable policy attached Note: Make sure to use either your root key (recommended) or an IAM user with an acceptable policy attached
[pasted values will not be displayed] [pasted values will not be displayed]
[ABCD...]: " -rs aws_secret_key [ABCD...]: " -rs aws_secret_key
else
aws_secret_key=$AWS_SECRET_ACCESS_KEY
fi
read -p " read -p "
Name the vpn server: Name the vpn server:
[algo]: " -r aws_server_name [algo]: " -r aws_server_name
aws_server_name=${aws_server_name:-algo} aws_server_name=${aws_server_name:-algo}
if [[ -z $AWS_DEFAULT_REGION ]]; then
read -p " read -p "
What region should the server be located in? What region should the server be located in?
1. us-east-1 US East (N. Virginia) 1. us-east-1 US East (N. Virginia)
@ -244,7 +253,6 @@ Name the vpn server:
Enter the number of your desired region: Enter the number of your desired region:
[1]: " -r aws_region [1]: " -r aws_region
aws_region=${aws_region:-1} aws_region=${aws_region:-1}
case "$aws_region" in case "$aws_region" in
1) region="us-east-1" ;; 1) region="us-east-1" ;;
2) region="us-east-2" ;; 2) region="us-east-2" ;;
@ -261,6 +269,9 @@ Enter the number of your desired region:
13) region="sa-east-1" ;; 13) region="sa-east-1" ;;
14) region="ca-central-1" ;; 14) region="ca-central-1" ;;
esac esac
else
region=$AWS_DEFAULT_REGION
fi
ROLES="ec2 vpn cloud" ROLES="ec2 vpn cloud"
EXTRA_VARS="aws_access_key=$aws_access_key aws_secret_key=$aws_secret_key aws_server_name=$aws_server_name ssh_public_key=$ssh_public_key region=$region" EXTRA_VARS="aws_access_key=$aws_access_key aws_secret_key=$aws_secret_key aws_server_name=$aws_server_name ssh_public_key=$ssh_public_key region=$region"

14
roles/cloud-ec2/tasks/main.yml
View file

@ -104,9 +104,19 @@
instance_initiated_shutdown_behavior: terminate instance_initiated_shutdown_behavior: terminate
register: ec2 register: ec2
- name: Allocate and attach a new elastic IP to the instance
ec2_eip:
state: present
region: "{{ region }}"
release_on_disassociation: yes
reuse_existing_ip_allowed: yes
in_vpc: yes
device_id: "{{ ec2.tagged_instances[0].id }}"
register: eip
- name: Add new instance to host group - name: Add new instance to host group
add_host: add_host:
hostname: "{{ item.public_ip }}" hostname: "{{ eip.public_ip }}"
groupname: vpn-host groupname: vpn-host
ansible_ssh_user: ubuntu ansible_ssh_user: ubuntu
ansible_python_interpreter: "/usr/bin/python2.7" ansible_python_interpreter: "/usr/bin/python2.7"
@ -116,7 +126,7 @@
with_items: "{{ ec2.tagged_instances }}" with_items: "{{ ec2.tagged_instances }}"
- set_fact: - set_fact:
cloud_instance_ip: "{{ ec2.tagged_instances[0].public_ip }}" cloud_instance_ip: "{{ eip.public_ip }}"
- name: Get EC2 instances - name: Get EC2 instances
ec2_remote_facts: ec2_remote_facts: