From fe40a7b56b9317e59e87e28f1b1a86af6818c01f Mon Sep 17 00:00:00 2001 From: Benedikt Galbavy Date: Thu, 10 Apr 2025 20:09:04 +0200 Subject: [PATCH] Finished base config --- .../client/virtualbox/action_provision | 1 + .../client/virtualbox/action_set_name | 1 + .../machines/client/virtualbox/box_meta | 1 + .../machines/client/virtualbox/creator_uid | 1 + .../.vagrant/machines/client/virtualbox/id | 1 + .../machines/client/virtualbox/index_uuid | 1 + .../machines/client/virtualbox/private_key | 8 ++ .../machines/client/virtualbox/synced_folders | 1 + .../machines/client/virtualbox/vagrant_cwd | 1 + .../sandbox/virtualbox/action_provision | 1 + .../sandbox/virtualbox/action_set_name | 1 + .../machines/sandbox/virtualbox/box_meta | 1 + .../machines/sandbox/virtualbox/creator_uid | 1 + .../.vagrant/machines/sandbox/virtualbox/id | 1 + .../machines/sandbox/virtualbox/index_uuid | 1 + .../machines/sandbox/virtualbox/private_key | 8 ++ .../sandbox/virtualbox/synced_folders | 1 + .../machines/sandbox/virtualbox/vagrant_cwd | 1 + webserver/base/.vagrant/rgloader/loader.rb | 12 ++ webserver/base/Vagrantfile | 65 ++++++++-- webserver/base/ansible/playbook.yml | 54 --------- webserver/base/docker/docker-compose.yml | 31 ----- webserver/base/sandbox/docker-compose.yml | 80 +++++++++++++ webserver/base/sandbox/nginx.conf | 33 ++++++ webserver/base/sandbox/playbook.yml | 111 ++++++++++++++++++ webserver/base/scripts/client.sh | 14 +++ 26 files changed, 337 insertions(+), 95 deletions(-) create mode 100644 webserver/base/.vagrant/machines/client/virtualbox/action_provision create mode 100644 webserver/base/.vagrant/machines/client/virtualbox/action_set_name create mode 100644 webserver/base/.vagrant/machines/client/virtualbox/box_meta create mode 100644 webserver/base/.vagrant/machines/client/virtualbox/creator_uid create mode 100644 webserver/base/.vagrant/machines/client/virtualbox/id create mode 100644 webserver/base/.vagrant/machines/client/virtualbox/index_uuid create mode 100644 webserver/base/.vagrant/machines/client/virtualbox/private_key create mode 100644 webserver/base/.vagrant/machines/client/virtualbox/synced_folders create mode 100644 webserver/base/.vagrant/machines/client/virtualbox/vagrant_cwd create mode 100644 webserver/base/.vagrant/machines/sandbox/virtualbox/action_provision create mode 100644 webserver/base/.vagrant/machines/sandbox/virtualbox/action_set_name create mode 100644 webserver/base/.vagrant/machines/sandbox/virtualbox/box_meta create mode 100644 webserver/base/.vagrant/machines/sandbox/virtualbox/creator_uid create mode 100644 webserver/base/.vagrant/machines/sandbox/virtualbox/id create mode 100644 webserver/base/.vagrant/machines/sandbox/virtualbox/index_uuid create mode 100644 webserver/base/.vagrant/machines/sandbox/virtualbox/private_key create mode 100644 webserver/base/.vagrant/machines/sandbox/virtualbox/synced_folders create mode 100644 webserver/base/.vagrant/machines/sandbox/virtualbox/vagrant_cwd create mode 100644 webserver/base/.vagrant/rgloader/loader.rb delete mode 100644 webserver/base/ansible/playbook.yml delete mode 100644 webserver/base/docker/docker-compose.yml create mode 100644 webserver/base/sandbox/docker-compose.yml create mode 100644 webserver/base/sandbox/nginx.conf create mode 100644 webserver/base/sandbox/playbook.yml create mode 100644 webserver/base/scripts/client.sh diff --git a/webserver/base/.vagrant/machines/client/virtualbox/action_provision b/webserver/base/.vagrant/machines/client/virtualbox/action_provision new file mode 100644 index 0000000..ac8e739 --- /dev/null +++ b/webserver/base/.vagrant/machines/client/virtualbox/action_provision @@ -0,0 +1 @@ +1.5:1c3904c4-3841-41d0-a368-6511bfc3d787 \ No newline at end of file diff --git a/webserver/base/.vagrant/machines/client/virtualbox/action_set_name b/webserver/base/.vagrant/machines/client/virtualbox/action_set_name new file mode 100644 index 0000000..738adc5 --- /dev/null +++ b/webserver/base/.vagrant/machines/client/virtualbox/action_set_name @@ -0,0 +1 @@ +1744307380 \ No newline at end of file diff --git a/webserver/base/.vagrant/machines/client/virtualbox/box_meta b/webserver/base/.vagrant/machines/client/virtualbox/box_meta new file mode 100644 index 0000000..7a358a0 --- /dev/null +++ b/webserver/base/.vagrant/machines/client/virtualbox/box_meta @@ -0,0 +1 @@ +{"name":"gusztavvargadr/ubuntu-desktop","version":"2404.0.2503","provider":"virtualbox","directory":"boxes/gusztavvargadr-VAGRANTSLASH-ubuntu-desktop/2404.0.2503/amd64/virtualbox"} \ No newline at end of file diff --git a/webserver/base/.vagrant/machines/client/virtualbox/creator_uid b/webserver/base/.vagrant/machines/client/virtualbox/creator_uid new file mode 100644 index 0000000..e37d32a --- /dev/null +++ b/webserver/base/.vagrant/machines/client/virtualbox/creator_uid @@ -0,0 +1 @@ +1000 \ No newline at end of file diff --git a/webserver/base/.vagrant/machines/client/virtualbox/id b/webserver/base/.vagrant/machines/client/virtualbox/id new file mode 100644 index 0000000..9e7628f --- /dev/null +++ b/webserver/base/.vagrant/machines/client/virtualbox/id @@ -0,0 +1 @@ +1c3904c4-3841-41d0-a368-6511bfc3d787 \ No newline at end of file diff --git a/webserver/base/.vagrant/machines/client/virtualbox/index_uuid b/webserver/base/.vagrant/machines/client/virtualbox/index_uuid new file mode 100644 index 0000000..beb8c9e --- /dev/null +++ b/webserver/base/.vagrant/machines/client/virtualbox/index_uuid @@ -0,0 +1 @@ +2f33b9ea09874a799770502541baf566 \ No newline at end of file diff --git a/webserver/base/.vagrant/machines/client/virtualbox/private_key b/webserver/base/.vagrant/machines/client/virtualbox/private_key new file mode 100644 index 0000000..8312b49 --- /dev/null +++ b/webserver/base/.vagrant/machines/client/virtualbox/private_key @@ -0,0 +1,8 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAA +AAtzc2gtZWQyNTUxOQAAACC5m1pF3zUj30DeyGCMe30VxFrMjHUi/A/TPgu7 +enp12AAAAJApt4lPKbeJTwAAAAtzc2gtZWQyNTUxOQAAACC5m1pF3zUj30De +yGCMe30VxFrMjHUi/A/TPgu7enp12AAAAEBpp9qYWH0Mbzewsi0SoM0zAvsn +ejxxGl3Vu/DgGjTC67mbWkXfNSPfQN7IYIx7fRXEWsyMdSL8D9M+C7t6enXY +AAAAB3ZhZ3JhbnQBAgMEBQY= +-----END OPENSSH PRIVATE KEY----- diff --git a/webserver/base/.vagrant/machines/client/virtualbox/synced_folders b/webserver/base/.vagrant/machines/client/virtualbox/synced_folders new file mode 100644 index 0000000..1777c5d --- /dev/null +++ b/webserver/base/.vagrant/machines/client/virtualbox/synced_folders @@ -0,0 +1 @@ +{"virtualbox":{"/vagrant":{"guestpath":"/vagrant","hostpath":"/home/nano/Documents/bachthesis/setup/webserver/base","disabled":false,"__vagrantfile":true}}} \ No newline at end of file diff --git a/webserver/base/.vagrant/machines/client/virtualbox/vagrant_cwd b/webserver/base/.vagrant/machines/client/virtualbox/vagrant_cwd new file mode 100644 index 0000000..96895c6 --- /dev/null +++ b/webserver/base/.vagrant/machines/client/virtualbox/vagrant_cwd @@ -0,0 +1 @@ +/home/nano/Documents/bachthesis/setup/webserver/base \ No newline at end of file diff --git a/webserver/base/.vagrant/machines/sandbox/virtualbox/action_provision b/webserver/base/.vagrant/machines/sandbox/virtualbox/action_provision new file mode 100644 index 0000000..2c0992f --- /dev/null +++ b/webserver/base/.vagrant/machines/sandbox/virtualbox/action_provision @@ -0,0 +1 @@ +1.5:bd5dac24-b9cd-44a1-b099-dc32b509bd35 \ No newline at end of file diff --git a/webserver/base/.vagrant/machines/sandbox/virtualbox/action_set_name b/webserver/base/.vagrant/machines/sandbox/virtualbox/action_set_name new file mode 100644 index 0000000..956aa3f --- /dev/null +++ b/webserver/base/.vagrant/machines/sandbox/virtualbox/action_set_name @@ -0,0 +1 @@ +1744308366 \ No newline at end of file diff --git a/webserver/base/.vagrant/machines/sandbox/virtualbox/box_meta b/webserver/base/.vagrant/machines/sandbox/virtualbox/box_meta new file mode 100644 index 0000000..bb21e19 --- /dev/null +++ b/webserver/base/.vagrant/machines/sandbox/virtualbox/box_meta @@ -0,0 +1 @@ +{"name":"ubuntu/jammy64","version":"20241002.0.0","provider":"virtualbox","directory":"boxes/ubuntu-VAGRANTSLASH-jammy64/20241002.0.0/virtualbox"} \ No newline at end of file diff --git a/webserver/base/.vagrant/machines/sandbox/virtualbox/creator_uid b/webserver/base/.vagrant/machines/sandbox/virtualbox/creator_uid new file mode 100644 index 0000000..e37d32a --- /dev/null +++ b/webserver/base/.vagrant/machines/sandbox/virtualbox/creator_uid @@ -0,0 +1 @@ +1000 \ No newline at end of file diff --git a/webserver/base/.vagrant/machines/sandbox/virtualbox/id b/webserver/base/.vagrant/machines/sandbox/virtualbox/id new file mode 100644 index 0000000..17c55af --- /dev/null +++ b/webserver/base/.vagrant/machines/sandbox/virtualbox/id @@ -0,0 +1 @@ +bd5dac24-b9cd-44a1-b099-dc32b509bd35 \ No newline at end of file diff --git a/webserver/base/.vagrant/machines/sandbox/virtualbox/index_uuid b/webserver/base/.vagrant/machines/sandbox/virtualbox/index_uuid new file mode 100644 index 0000000..6244bdf --- /dev/null +++ b/webserver/base/.vagrant/machines/sandbox/virtualbox/index_uuid @@ -0,0 +1 @@ +cbb6ab55ad5d4e97aac9a94ccafd2a53 \ No newline at end of file diff --git a/webserver/base/.vagrant/machines/sandbox/virtualbox/private_key b/webserver/base/.vagrant/machines/sandbox/virtualbox/private_key new file mode 100644 index 0000000..3acfbd3 --- /dev/null +++ b/webserver/base/.vagrant/machines/sandbox/virtualbox/private_key @@ -0,0 +1,8 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAA +AAtzc2gtZWQyNTUxOQAAACBPPx1BkOAq97k/WUW03olnWwuhCnTpiT1Tpziw +zrlOIwAAAJAy/B12MvwddgAAAAtzc2gtZWQyNTUxOQAAACBPPx1BkOAq97k/ +WUW03olnWwuhCnTpiT1TpziwzrlOIwAAAEApFi9yE4Up0kYmNSw2G8Ayc2iW +6o3bqc3a6sMZkJAR/U8/HUGQ4Cr3uT9ZRbTeiWdbC6EKdOmJPVOnOLDOuU4j +AAAAB3ZhZ3JhbnQBAgMEBQY= +-----END OPENSSH PRIVATE KEY----- diff --git a/webserver/base/.vagrant/machines/sandbox/virtualbox/synced_folders b/webserver/base/.vagrant/machines/sandbox/virtualbox/synced_folders new file mode 100644 index 0000000..395c662 --- /dev/null +++ b/webserver/base/.vagrant/machines/sandbox/virtualbox/synced_folders @@ -0,0 +1 @@ +{"virtualbox":{"/vagrant":{"guestpath":"/vagrant","hostpath":"/home/nano/Documents/bachthesis/setup/webserver/base/sandbox","disabled":false,"__vagrantfile":true}}} \ No newline at end of file diff --git a/webserver/base/.vagrant/machines/sandbox/virtualbox/vagrant_cwd b/webserver/base/.vagrant/machines/sandbox/virtualbox/vagrant_cwd new file mode 100644 index 0000000..96895c6 --- /dev/null +++ b/webserver/base/.vagrant/machines/sandbox/virtualbox/vagrant_cwd @@ -0,0 +1 @@ +/home/nano/Documents/bachthesis/setup/webserver/base \ No newline at end of file diff --git a/webserver/base/.vagrant/rgloader/loader.rb b/webserver/base/.vagrant/rgloader/loader.rb new file mode 100644 index 0000000..b6c81bf --- /dev/null +++ b/webserver/base/.vagrant/rgloader/loader.rb @@ -0,0 +1,12 @@ +# Copyright (c) HashiCorp, Inc. +# SPDX-License-Identifier: BUSL-1.1 + +# This file loads the proper rgloader/loader.rb file that comes packaged +# with Vagrant so that encoded files can properly run with Vagrant. + +if ENV["VAGRANT_INSTALLER_EMBEDDED_DIR"] + require File.expand_path( + "rgloader/loader", ENV["VAGRANT_INSTALLER_EMBEDDED_DIR"]) +else + raise "Encoded files can't be read outside of the Vagrant installer." +end diff --git a/webserver/base/Vagrantfile b/webserver/base/Vagrantfile index 88324b5..b91fdeb 100644 --- a/webserver/base/Vagrantfile +++ b/webserver/base/Vagrantfile @@ -1,17 +1,62 @@ Vagrant.configure("2") do |config| - config.vm.box = "ubuntu/focal64" - config.vm.box_version = "20240821.0.1" - config.vm.hostname = "docker-vm" - config.vm.network "private_network", type: "dhcp" - config.vm.provider "virtualbox" do |v| - v.memory = 2048 - v.cpus = 2 + BOX_NAME = "ubuntu/jammy64" + BOX_VERSION = "20241002.0.0" + + DESKTOP_BOX_NAME = "gusztavvargadr/ubuntu-desktop" + DESKTOP_BOX_VERSION = "2404.0.2503" + + config.vm.define "sandbox" do |sandbox| + sandbox.vm.box = BOX_NAME + sandbox.vm.box_version = BOX_VERSION + sandbox.vm.hostname = "sandbox.vm" + sandbox.vm.network "private_network", ip: "192.168.56.10" + + sandbox.vm.provider "virtualbox" do |v| + v.memory = 2048 + v.cpus = 2 + end + + sandbox.vm.synced_folder "./sandbox", "/vagrant" + sandbox.vm.provision "shell", + inline: "cp /vagrant/docker-compose.yml /home/vagrant/docker-compose.yml" + sandbox.vm.provision "shell", + inline: "cp /vagrant/nginx.conf /home/vagrant/nginx.conf" + + sandbox.vm.provision "ansible_local" do |ansible| + ansible.playbook = "/vagrant/playbook.yml" + end end - config.vm.synced_folder "./docker", "/home/vagrant/docker" + config.vm.define "client" do |client| + client.vm.box = DESKTOP_BOX_NAME + client.vm.box_version = DESKTOP_BOX_VERSION + client.vm.hostname = "client.vm" + client.vm.network "private_network", ip: "192.168.56.20" - config.vm.provision "ansible_local" do |ansible| - ansible.playbook = "/vagrant/ansible/playbook.yml" + client.vm.provider "virtualbox" do |v| + v.memory = 4096 + v.cpus = 2 + end + + client.vm.provision "shell" do |script| + script.path = "./scripts/client.sh" + end end + +# config.vm.define "external" do |external| +# external.vm.box = BOX_NAME +# external.vm.box_version = BOX_VERSION +# external.vm.hostname = "external.vm" +# external.vm.network "private_network", ip: "192.168.56.30" +# +# external.vm.provider "virtualbox" do |v| +# v.memory = 2048 +# v.cpus = 2 +# end +# +# external.vm.provision "ansible_local" do |ansible| +# ansible.playbook = "/vagrant/ansible/playbook.yml" +# end +# end end diff --git a/webserver/base/ansible/playbook.yml b/webserver/base/ansible/playbook.yml deleted file mode 100644 index d3c92c7..0000000 --- a/webserver/base/ansible/playbook.yml +++ /dev/null @@ -1,54 +0,0 @@ ---- -- hosts: all - become: true - vars: - container_count: 1 - default_container_name: docker - default_container_image: hello-world - default_container_command: sleep 1 - tasks: - - name: Install required system packages - apt: - pkg: - - apt-transport-https - - ca-certificates - - curl - - software-properties-common - - virtualenv - state: latest - update_cache: true - - - name: Add Docker GPG apt Key - apt_key: - url: https://download.docker.com/linux/ubuntu/gpg - state: present - - - name: Add Docker Repository - apt_repository: - repo: deb https://download.docker.com/linux/ubuntu focal stable - state: present - - - name: Update apt and install docker-ce - apt: - pkg: - - docker-ce - - docker-compose-plugin - state: latest - update_cache: true - - - name: Copy docker-compose.yml to home directory - copy: - src: /home/vagrant/docker/docker-compose.yml - dest: /home/vagrant/docker-compose.yml - remote_src: yes - - - name: Ensure Docker service is running - service: - name: docker - state: started - enabled: true - - - name: Run docker compose up -d - command: docker compose up -d - args: - chdir: /home/vagrant \ No newline at end of file diff --git a/webserver/base/docker/docker-compose.yml b/webserver/base/docker/docker-compose.yml deleted file mode 100644 index 05ad0cd..0000000 --- a/webserver/base/docker/docker-compose.yml +++ /dev/null @@ -1,31 +0,0 @@ -services: - bitwarden: - image: vaultwarden/server:latest - container_name: vaultwarden - restart: unless-stopped - environment: - DOMAIN: "https://vw.domain.tld" - volumes: - - ./vw-data/:/data/ - ports: - - 80:80 - gitea: - image: docker.gitea.com/gitea:latest - container_name: gitea - environment: - - USER_UID=1000 - - USER_GID=1000 - restart: unless-stopped - networks: - - gitea - volumes: - - ./gitea:/data - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro - ports: - - "3000:3000" - - "222:22" - -networks: - gitea: - external: false \ No newline at end of file diff --git a/webserver/base/sandbox/docker-compose.yml b/webserver/base/sandbox/docker-compose.yml new file mode 100644 index 0000000..7d5d561 --- /dev/null +++ b/webserver/base/sandbox/docker-compose.yml @@ -0,0 +1,80 @@ +services: + vaultwarden: + image: vaultwarden/server:latest + container_name: vaultwarden + restart: unless-stopped + networks: + - internal + environment: + DOMAIN: "https://bitwarden.vm.local" + DATABASE_URL: "postgres://vaultwarden:vaultwarden@vaultwarden-db/vaultwarden" + volumes: + - ./vw-data/:/data/ + expose: + - 80 + + vaultwarden-db: + image: docker.io/library/postgres:latest + container_name: vaultwarden-db + restart: unless-stopped + environment: + POSTGRES_DB: vaultwarden + POSTGRES_USER: vaultwarden + POSTGRES_PASSWORD: vaultwarden + volumes: + - ./vw-postgres:/var/lib/postgresql/data + networks: + - internal + + gitea: + image: docker.gitea.com/gitea:latest + container_name: gitea + environment: + - USER_UID=1000 + - USER_GID=1000 + - GITEA__database__DB_TYPE=postgres + - GITEA__database__HOST=gitea-db:5432 + - GITEA__database__NAME=gitea + - GITEA__database__USER=gitea + - GITEA__database__PASSWD=gitea + - GITEA__security__INSTALL_LOCK=true + restart: unless-stopped + networks: + - internal + volumes: + - ./gitea:/data + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + expose: + - 3000 + - 22 + + gitea-db: + image: docker.io/library/postgres:latest + container_name: gitea-db + restart: unless-stopped + environment: + - POSTGRES_USER=gitea + - POSTGRES_PASSWORD=gitea + - POSTGRES_DB=gitea + volumes: + - ./postgres:/var/lib/postgresql/data + networks: + - internal + + nginx: + image: nginx:latest + container_name: nginx + restart: unless-stopped + networks: + - internal + volumes: + - ./nginx.conf:/etc/nginx/conf.d/default.conf + - ./nginx/certs:/etc/nginx/certs + ports: + - 80:80 + - 443:443 + +networks: + internal: + driver: bridge \ No newline at end of file diff --git a/webserver/base/sandbox/nginx.conf b/webserver/base/sandbox/nginx.conf new file mode 100644 index 0000000..dbdbd30 --- /dev/null +++ b/webserver/base/sandbox/nginx.conf @@ -0,0 +1,33 @@ +server { + listen 443 ssl; + server_name gitea.vm.local; + + ssl_certificate /etc/nginx/certs/gitea.vm.local.crt; + ssl_certificate_key /etc/nginx/certs/gitea.vm.local.key; + + location / { + proxy_pass http://gitea:3000; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + } +} + +server { + listen 443 ssl; + server_name bitwarden.vm.local; + + ssl_certificate /etc/nginx/certs/bitwarden.vm.local.crt; + ssl_certificate_key /etc/nginx/certs/bitwarden.vm.local.key; + + location / { + proxy_pass http://vaultwarden:80; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + } +} + +server { + listen 80; + server_name _; + return 301 https://$host$request_uri; +} diff --git a/webserver/base/sandbox/playbook.yml b/webserver/base/sandbox/playbook.yml new file mode 100644 index 0000000..d1a731a --- /dev/null +++ b/webserver/base/sandbox/playbook.yml @@ -0,0 +1,111 @@ +--- +- hosts: all + become: true + vars: + container_count: 1 + default_container_name: docker + default_container_image: hello-world + default_container_command: sleep 1 + tasks: + - name: Install required system packages + apt: + pkg: + - apt-transport-https + - ca-certificates + - curl + - software-properties-common + - virtualenv + state: latest + update_cache: true + + - name: Ensure certs directory exists + file: + path: /home/vagrant/nginx/certs + state: directory + mode: '0755' + + - name: Generate self-signed cert for gitea.vm.local + command: > + openssl req -x509 -nodes -days 365 + -newkey rsa:2048 + -keyout /home/vagrant/nginx/certs/gitea.vm.local.key + -out /home/vagrant/nginx/certs/gitea.vm.local.crt + -subj "/CN=gitea.vm.local" + args: + creates: /home/vagrant/nginx/certs/gitea.vm.local.crt + + - name: Generate self-signed cert for bitwarden.vm.local + command: > + openssl req -x509 -nodes -days 365 + -newkey rsa:2048 + -keyout /home/vagrant/nginx/certs/bitwarden.vm.local.key + -out /home/vagrant/nginx/certs/bitwarden.vm.local.crt + -subj "/CN=bitwarden.vm.local" + args: + creates: /home/vagrant/nginx/certs/bitwarden.vm.local.crt + + - name: Add Docker GPG apt Key + apt_key: + url: https://download.docker.com/linux/ubuntu/gpg + state: present + + - name: Add Docker Repository + apt_repository: + repo: deb https://download.docker.com/linux/ubuntu focal stable + state: present + + - name: Update apt and install docker-ce + apt: + pkg: + - docker-ce + - docker-compose-plugin + state: latest + update_cache: true + + - name: Add 'vagrant' and 'git' users to docker group + user: + name: "{{ item }}" + groups: docker + append: yes + loop: + - vagrant + - git + + - name: Create git user + user: + name: git + shell: /home/git/docker-shell + home: /home/git + create_home: yes + + - name: Deploy docker passthrough shell + copy: + dest: /home/git/docker-shell + content: | + #!/bin/sh + exec /usr/bin/docker exec -i -u git --env SSH_ORIGINAL_COMMAND="$SSH_ORIGINAL_COMMAND" gitea sh "$@" + mode: '0755' + + - name: Update SSH config for git user + blockinfile: + path: /etc/ssh/sshd_config + block: | + Match User git + AuthorizedKeysCommandUser git + AuthorizedKeysCommand /usr/bin/docker exec -i -u git gitea /usr/local/bin/gitea keys -c /data/gitea/conf/app.ini -e git -u %u -t %t -k %k + + - name: Restart SSH + service: + name: ssh + state: restarted + + - name: Ensure Docker service is running + service: + name: docker + state: started + enabled: true + + - name: Run docker compose up -d + command: docker compose up -d + args: + chdir: /home/vagrant \ No newline at end of file diff --git a/webserver/base/scripts/client.sh b/webserver/base/scripts/client.sh new file mode 100644 index 0000000..d0c528b --- /dev/null +++ b/webserver/base/scripts/client.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +echo "Adding metasploit-framework repository" +add-apt-repository ppa:metasploit-official -y > /dev/null +echo "Updating repositories" +apt-get update > /dev/null +echo "Installing metasploit-framework" +apt-get install metasploit-framework -y > /dev/null +echo "Installing curl" +apt-get install curl -y > /dev/null +echo "Installing nmap" +apt-get install nmap -y > /dev/null + +echo "192.168.56.10 gitea.vm.local bitwarden.vm.local" | sudo tee -a /etc/hosts > /dev/null \ No newline at end of file