add prompts for optional features. resolved #103

2025-06-07 07:33:52 +02:00 · 2016-10-21 20:27:14 +03:00 · 2016-10-21 20:27:14 +03:00 · d4f8ea13ac
commit d4f8ea13ac
parent 5769d5a1cc
1 changed files with 66 additions and 23 deletions
--- a/57
+++ b/57
@ -2,6 +2,45 @@

 set -e

+additional_roles () {
+read -p "
+Do you want to apply security enhancements?
+[y/N]: " -r security_enabled
+security_enabled=${security_enabled:-n}
+if [[ "$security_enabled" == 'y' ]]; then ROLES+=" security"; fi
+
+read -p "
+Do you want to install an HTTP proxy to block ads and decrease traffic usage while surfing?
+[y/N]: " -r proxy_enabled
+proxy_enabled=${proxy_enabled:-n}
+if [[ "$proxy_enabled" == 'y' ]]; then ROLES+=" proxy"; fi
+
+read -p "
+Do you want to install a local DNS resolver to block ads while surfing?
+[y/N]: " -r dns_enabled
+dns_enabled=${dns_enabled:-n}
+if [[ "$dns_enabled" == 'y' ]]; then ROLES+=" dns"; fi
+
+read -p "
+Do you want to use auditd for security monitoring (see config.cfg)?
+[y/N]: " -r logging_enabled
+logging_enabled=${logging_enabled:-n}
+if [[ "$logging_enabled" == 'y' ]]; then ROLES+=" logging"; fi
+
+read -p "
+Do you want each user to have their own account for SSH tunneling?
+[y/N]: " -r ssh_tunneling_enabled
+ssh_tunneling_enabled=${ssh_tunneling_enabled:-n}
+if [[ "$ssh_tunneling_enabled" == 'y' ]]; then ROLES+=" ssh_tunneling"; fi
+
+}
+
+deploy () {
+
+  ansible-playbook deploy.yml -t "${ROLES// /,}" -e "${EXTRA_VARS}"
+
+}
+
 digitalocean () {
  read -p "
 Enter your API token (https://cloud.digitalocean.com/settings/api/tokens):
@ -49,8 +88,8 @@ Enter the number of your desired region:
    12) do_region="blr1" ;;
  esac

-ansible-playbook deploy.yml -t digitalocean,vpn -e "do_access_token=$do_access_token do_ssh_name=$do_ssh_name do_server_name=$do_server_name do_region=$do_region"
-
+ROLES="digitalocean vpn"
+EXTRA_VARS="do_access_token=$do_access_token do_ssh_name=$do_ssh_name do_server_name=$do_server_name do_region=$do_region"
 }

 ec2 () {
@ -106,8 +145,8 @@ Enter the number of your desired region:
    12) region="sa-east-1" ;;
  esac

-ansible-playbook deploy.yml -t ec2,vpn -e "aws_access_key=$aws_access_key aws_secret_key=$aws_secret_key aws_server_name=$aws_server_name ssh_public_key=$ssh_public_key region=$region"
-
+  ROLES="ec2 vpn"
+  EXTRA_VARS="aws_access_key=$aws_access_key aws_secret_key=$aws_secret_key aws_server_name=$aws_server_name ssh_public_key=$ssh_public_key region=$region"
 }

 gce () {
@ -159,8 +198,8 @@ Please choose the number of your zone. Press enter for default (#8) zone.
    13) zone="asia-east1-c" ;;
  esac

-ansible-playbook deploy.yml -t gce,vpn -e "credentials_file=$credentials_file server_name=$server_name ssh_public_key=$ssh_public_key zone=$zone"
-
+  ROLES="gce vpn"
+  EXTRA_VARS="credentials_file=$credentials_file server_name=$server_name ssh_public_key=$ssh_public_key zone=$zone"
 }

 non_cloud () {
@ -177,7 +216,9 @@ What user should we use to login on the server? (ignore if you're deploying to l
 Enter the public IP address of your server: (IMPORTANT! This IP is used to verify the certificate)
 : " -r IP_subject

-  ansible-playbook deploy.yml -t local,vpn -e "server_ip=$server_ip server_user=$server_user IP_subject_alt_name=$IP_subject"
+  ROLES="local vpn"
+  EXTRA_VARS="server_ip=$server_ip server_user=$server_user IP_subject_alt_name=$IP_subject"
+
 }

 algo_provisioning () {
@ -201,6 +242,8 @@ Enter the number of your desired provider
    *) exit 1 ;;
  esac

+  additional_roles
+  deploy
 }

 user_management () {