mirror of
https://github.com/trailofbits/algo.git
synced 2025-07-27 07:52:57 +02:00
Merge 98fd887e01 into 45fe0f595d
This commit is contained in:
Dhruv Kelawala
GitHub
commit
dc3209144d
4 changed files with 48 additions and 32 deletions
|
|
@ -215,7 +215,7 @@ cloud_providers:
|
||||||
disk: 10
|
disk: 10
|
||||||
vultr:
|
vultr:
|
||||||
os: Ubuntu 20.04 LTS x64
|
os: Ubuntu 20.04 LTS x64
|
||||||
size: 1024 MB RAM,25 GB SSD,1.00 TB BW
|
size: vc2-1c-1gb
|
||||||
linode:
|
linode:
|
||||||
type: g6-nanode-1
|
type: g6-nanode-1
|
||||||
image: linode/ubuntu20.04
|
image: linode/ubuntu20.04
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,3 @@
|
||||||
ansible==6.1.0
|
ansible==7.3.0
|
||||||
jinja2~=3.0.3
|
jinja2~=3.0.3
|
||||||
netaddr
|
netaddr
|
||||||
|
|
|
||||||
|
|
@ -4,35 +4,50 @@
|
||||||
|
|
||||||
- block:
|
- block:
|
||||||
- name: Creating a firewall group
|
- name: Creating a firewall group
|
||||||
vultr_firewall_group:
|
vultr.cloud.firewall_group:
|
||||||
|
api_key: "{{ vultr_api_key }}"
|
||||||
name: "{{ algo_server_name }}"
|
name: "{{ algo_server_name }}"
|
||||||
|
|
||||||
- name: Creating firewall rules
|
- name: Creating firewall rules
|
||||||
vultr_firewall_rule:
|
vultr.cloud.firewall_rule:
|
||||||
|
api_key: "{{ vultr_api_key }}"
|
||||||
group: "{{ algo_server_name }}"
|
group: "{{ algo_server_name }}"
|
||||||
protocol: "{{ item.protocol }}"
|
protocol: "{{ item.protocol }}"
|
||||||
port: "{{ item.port }}"
|
port: "{{ item.port }}"
|
||||||
ip_version: "{{ item.ip }}"
|
ip_type: "{{ item.ip }}"
|
||||||
cidr: "{{ item.cidr }}"
|
subnet: "{{ item.subnet }}"
|
||||||
with_items:
|
subnet_size: "0"
|
||||||
- { protocol: tcp, port: "{{ ssh_port }}", ip: v4, cidr: 0.0.0.0/0 }
|
loop:
|
||||||
- { protocol: tcp, port: "{{ ssh_port }}", ip: v6, cidr: "::/0" }
|
- { protocol: tcp, port: "{{ ssh_port }}", ip: v4, subnet: 0.0.0.0/0 }
|
||||||
- { protocol: udp, port: 500, ip: v4, cidr: 0.0.0.0/0 }
|
- { protocol: tcp, port: "{{ ssh_port }}", ip: v6, subnet: "::/0" }
|
||||||
- { protocol: udp, port: 500, ip: v6, cidr: "::/0" }
|
- { protocol: udp, port: 500, ip: v4, subnet: 0.0.0.0/0 }
|
||||||
- { protocol: udp, port: 4500, ip: v4, cidr: 0.0.0.0/0 }
|
- { protocol: udp, port: 500, ip: v6, subnet: "::/0" }
|
||||||
- { protocol: udp, port: 4500, ip: v6, cidr: "::/0" }
|
- { protocol: udp, port: 4500, ip: v4, subnet: 0.0.0.0/0 }
|
||||||
- { protocol: udp, port: "{{ wireguard_port }}", ip: v4, cidr: 0.0.0.0/0 }
|
- { protocol: udp, port: 4500, ip: v6, subnet: "::/0" }
|
||||||
- { protocol: udp, port: "{{ wireguard_port }}", ip: v6, cidr: "::/0" }
|
- {
|
||||||
|
protocol: udp,
|
||||||
|
port: "{{ wireguard_port }}",
|
||||||
|
ip: v4,
|
||||||
|
subnet: 0.0.0.0/0
|
||||||
|
}
|
||||||
|
- {
|
||||||
|
protocol: udp,
|
||||||
|
port: "{{ wireguard_port }}",
|
||||||
|
ip: v6,
|
||||||
|
subnet: "::/0"
|
||||||
|
}
|
||||||
|
|
||||||
- name: Upload the startup script
|
- name: Upload the startup script
|
||||||
vultr_startup_script:
|
vultr.cloud.startup_script:
|
||||||
|
api_key: "{{ vultr_api_key }}"
|
||||||
name: algo-startup
|
name: algo-startup
|
||||||
script: |
|
script: |
|
||||||
{{ lookup('template', 'files/cloud-init/base.yml') }}
|
{{ lookup('template', 'files/cloud-init/base.yml') }}
|
||||||
|
|
||||||
- name: Creating a server
|
- name: Creating a server
|
||||||
vultr_server:
|
vultr.cloud.instance:
|
||||||
name: "{{ algo_server_name }}"
|
api_key: "{{ vultr_api_key }}"
|
||||||
|
label: "{{ algo_server_name }}"
|
||||||
startup_script: algo-startup
|
startup_script: algo-startup
|
||||||
hostname: "{{ algo_server_name }}"
|
hostname: "{{ algo_server_name }}"
|
||||||
os: "{{ cloud_providers.vultr.os }}"
|
os: "{{ cloud_providers.vultr.os }}"
|
||||||
|
|
@ -40,14 +55,14 @@
|
||||||
region: "{{ algo_vultr_region }}"
|
region: "{{ algo_vultr_region }}"
|
||||||
firewall_group: "{{ algo_server_name }}"
|
firewall_group: "{{ algo_server_name }}"
|
||||||
state: started
|
state: started
|
||||||
tag: Environment:Algo
|
tags: ["Environment:Algo"]
|
||||||
ipv6_enabled: true
|
enable_ipv6: true
|
||||||
auto_backup_enabled: false
|
backups: false
|
||||||
notify_activate: false
|
activation_email: false
|
||||||
register: vultr_server
|
register: vultr_server
|
||||||
|
|
||||||
- set_fact:
|
- set_fact:
|
||||||
cloud_instance_ip: "{{ vultr_server.vultr_server.v4_main_ip }}"
|
cloud_instance_ip: "{{ vultr_server.vultr_instance.main_ip }}"
|
||||||
ansible_ssh_user: algo
|
ansible_ssh_user: algo
|
||||||
ansible_ssh_port: "{{ ssh_port }}"
|
ansible_ssh_port: "{{ ssh_port }}"
|
||||||
cloudinit: true
|
cloudinit: true
|
||||||
|
|
|
||||||
|
|
@ -12,9 +12,13 @@
|
||||||
set_fact:
|
set_fact:
|
||||||
algo_vultr_config: "{{ vultr_config | default(_vultr_config.user_input) | default(lookup('env','VULTR_API_CONFIG'), true) }}"
|
algo_vultr_config: "{{ vultr_config | default(_vultr_config.user_input) | default(lookup('env','VULTR_API_CONFIG'), true) }}"
|
||||||
|
|
||||||
|
- name: Set the Vultr API Key as a fact
|
||||||
|
set_fact:
|
||||||
|
vultr_api_key: "{{ lookup('ansible.builtin.ini', 'key', section='default', file=algo_vultr_config) }}"
|
||||||
|
|
||||||
- name: Get regions
|
- name: Get regions
|
||||||
uri:
|
uri:
|
||||||
url: https://api.vultr.com/v1/regions/list
|
url: https://api.vultr.com/v2/regions
|
||||||
method: GET
|
method: GET
|
||||||
status_code: 200
|
status_code: 200
|
||||||
register: _vultr_regions
|
register: _vultr_regions
|
||||||
|
|
@ -22,7 +26,7 @@
|
||||||
- name: Format regions
|
- name: Format regions
|
||||||
set_fact:
|
set_fact:
|
||||||
regions: >-
|
regions: >-
|
||||||
[ {% for k, v in _vultr_regions.json.items() %}
|
[ {% for v in _vultr_regions.json['regions'] %}
|
||||||
{{ v }}{% if not loop.last %},{% endif %}
|
{{ v }}{% if not loop.last %},{% endif %}
|
||||||
{% endfor %} ]
|
{% endfor %} ]
|
||||||
|
|
||||||
|
|
@ -32,17 +36,14 @@
|
||||||
|
|
||||||
- name: Set default region
|
- name: Set default region
|
||||||
set_fact:
|
set_fact:
|
||||||
default_region: >-
|
default_region: 1
|
||||||
{% for r in vultr_regions %}
|
|
||||||
{%- if r['DCID'] == "1" %}{{ loop.index }}{% endif %}
|
|
||||||
{%- endfor %}
|
|
||||||
|
|
||||||
- pause:
|
- pause:
|
||||||
prompt: |
|
prompt: |
|
||||||
What region should the server be located in?
|
What region should the server be located in?
|
||||||
(https://www.vultr.com/locations/):
|
(https://www.vultr.com/locations/):
|
||||||
{% for r in vultr_regions %}
|
{% for r in vultr_regions %}
|
||||||
{{ loop.index }}. {{ r['name'] }}
|
{{ loop.index }}. {{ r['city'] }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
Enter the number of your desired region
|
Enter the number of your desired region
|
||||||
|
|
@ -54,5 +55,5 @@
|
||||||
set_fact:
|
set_fact:
|
||||||
algo_vultr_region: >-
|
algo_vultr_region: >-
|
||||||
{% if region is defined %}{{ region }}
|
{% if region is defined %}{{ region }}
|
||||||
{%- elif _algo_region.user_input %}{{ vultr_regions[_algo_region.user_input | int -1 ]['name'] }}
|
{%- elif _algo_region.user_input %}{{ vultr_regions[_algo_region.user_input | int -1 ]['id'] }}
|
||||||
{%- else %}{{ vultr_regions[default_region | int - 1]['name'] }}{% endif %}
|
{%- else %}{{ vultr_regions[default_region | int - 1]['id'] }}{% endif %}
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue