labtainers

2026-02-21 11:18:06 +00:00 · 2019-07-03 16:20:13 +01:00
parent 0e5499d5a6
commit 0eb9e317e2
7 changed files with 101 additions and 18 deletions
--- a/modules/utilities/unix/labtainers/files/labtainer.files/modified-install-docker-debian.sh
+++ b/modules/utilities/unix/labtainers/files/labtainer.files/modified-install-docker-debian.sh
@@ -32,8 +32,8 @@ END
 # sudo apt-get -y --allow-unauthenticated install docker-ce

 #gives user access to docker commands
-sudo groupadd docker
-sudo usermod -aG docker $USER
+# sudo groupadd docker
+# sudo usermod -aG docker $USER

 #enables and starts docker
 # sudo systemctl start docker
--- a/modules/utilities/unix/labtainers/manifests/config.pp
+++ b/modules/utilities/unix/labtainers/manifests/config.pp
@@ -3,11 +3,67 @@ class labtainers::config{

  $secgen_parameters = secgen_functions::get_parameters($::base64_inputs_file)
  $lab = $secgen_parameters['lab'][0]
+  $accounts = $secgen_parameters['accounts']

-  # TODO: don't raise an error for now
-  exec { 'start lab':
-    command  => "/opt/labtainers/labtainer-student/labtainer $lab | true",
-    provider => shell,
+  # Set.up labtainers for each user account
+  unless $accounts == undef {
+    $accounts.each |$raw_account| {
+      $account = parsejson($raw_account)
+      $username = $account['username']
+      # set home directory
+      if $username == 'root' {
+        $home_dir = "/root"
+      } else {
+        $home_dir = "/home/$username"
+      }
+      $labtainer_dir = "$home_dir/labtainer"
+
+      file { ["$home_dir/",
+        "$labtainer_dir"]:
+        ensure  => directory,
+        owner   => $username,
+        group   => $username,
+      } ->
+
+      file { "$labtainer_dir/labtainer-student":
+        ensure => 'link',
+        target => '/opt/labtainers/scripts/labtainer-student',
+      }
+
+      file_line { 'patch_path_labtainers':
+        path  => "$home_dir/.profile",
+        line  => 'export PATH=/opt/labtainers/scripts/labtainer-student/bin:/opt/labtainers/scripts/labtainer-student/lab-bin/:/opt/labtainers/setup_scripts/trunk/scripts/designer/bin:$PATH',
+      }
+      file_line { 'patch_path_labtainers_dir':
+        path  => "$home_dir/.bashrc",
+        line  => 'export LABTAINER_DIR="/opt/labtainers/"',
+      }
+
+      # autostart script
+      file { ["$home_dir/.config/", "$home_dir/.config/autostart/"]:
+        ensure => directory,
+        owner  => $username,
+        group  => $username,
+      }
+
+      file { "$home_dir/.config/autostart/auto_start_lab.desktop":
+        ensure => file,
+        content => template('labtainers/auto_start_lab.desktop.erb'),
+        owner  => $username,
+        group  => $username,
+      }
+
+      exec { 'download labs':
+        command  => "sudo -u $username /opt/labtainers/setup_scripts/pull-all.sh",
+        cwd => "/opt/labtainers/setup_scripts/",
+        provider => shell,
+      } ->
+      exec { 'start lab':
+        command  => "sudo -u $username bash -c 'source ~/.profile; echo -e \"email@addre.ss\\n\\n\" | /opt/labtainers/scripts/labtainer-student/bin/labtainer $lab -q'",
+        cwd => "/opt/labtainers/scripts/labtainer-student/",
+        provider => shell,
+      }
+    }
  }

 }
--- a/modules/utilities/unix/labtainers/manifests/install.pp
+++ b/modules/utilities/unix/labtainers/manifests/install.pp
@@ -6,27 +6,32 @@ class labtainers::install{


  # these are also installed by the install script, but good to use puppet where possible
-  package { ['apt-transport-https', 'ca-certificates', 'curl', 'gnupg2', 'software-properties-common', 'python-pip', 'openssh-server']:
+  package { ['apt-transport-https', 'ca-certificates', 'curl', 'gnupg2', 'software-properties-common', 'python-pip', 'openssh-server', 'python-netaddr', 'python-parse', 'python-dateutil', 'okular', 'gnome-terminal']:
    ensure   => 'installed',
  } ->

  file { '/opt/labtainers':
    ensure => directory,
    recurse => true,
-    source => 'puppet:///modules/labtainers/Labtainer-master',
-    mode   => '0766',
+    source => 'puppet:///modules/labtainers/Labtainers-master',
+    mode   => '0777',
    owner => 'root',
    group => 'root',
  } ->
-  file { '/opt/labtainers/setup_scripts/modified-install-docker-debian.sh':
-    source => 'puppet:///modules/labtainers/labtainer.files/modified-install-docker-debian.sh',
-    mode   => '0766',
-    owner => 'root',
-    group => 'root',
+
+  # not sure why this is required in our environment, but this fixes the script on our VM builds
+  file_line { 'patch_build_image':
+    path  => '/opt/labtainers/scripts/labtainer-student/bin/buildImage.sh',
+    line  => '#shift 1 -- SecGen fix',
+    match => 'shift 1',
  } ->
-  exec { 'install script':
-    command  => '/opt/labtainers/setup_scripts/modified-install-docker-debian.sh',
+
+  exec { 'build capinout tool':
+    command  => "/bin/bash ./mkit.sh | true",
    provider => shell,
+    cwd => "/opt/labtainers/tool-src/capinout"
  }

+  # TODO: users added to docker group?
+
 }
--- a/modules/utilities/unix/labtainers/secgen_metadata.xml
+++ b/modules/utilities/unix/labtainers/secgen_metadata.xml
@@ -16,6 +16,7 @@
  <software_license>public domain</software_license>

  <read_fact>lab</read_fact>
+  <read_fact>accounts</read_fact>

  <default_input into="lab">
    <value>shellbasics</value>
--- a/modules/utilities/unix/labtainers/templates/auto_start_lab.desktop.erb
+++ b/modules/utilities/unix/labtainers/templates/auto_start_lab.desktop.erb
@@ -0,0 +1,8 @@
+[Desktop Entry]
+Name=Lab
+GenericName=Labtainer lab autostart
+Comment=Autostart script
+Exec=/opt/labtainers/labtainer-student/labtainer <%= @lab %>
+Terminal=true
+Type=Application
+X-GNOME-Autostart-enabled=true
--- a/scenarios/labs/lab_environments/labtainers.xml
+++ b/scenarios/labs/lab_environments/labtainers.xml
@@ -37,6 +37,9 @@
        <input into="super_user">
          <value>true</value>
        </input>
+        <input into="groups">
+					<value>docker</value>
+				</input>
        <input into="leaked_filenames">
          <value></value>
        </input>
@@ -50,7 +53,12 @@
      <generator type="strong_password_generator"/>
    </input>

-    <!--Create the users-->
+    <!--Create the groups-->
+		<utility module_path=".*groups">
+			<input into="groups">
+				<value>docker</value>
+			</input>
+		</utility>    <!--Create the users-->
    <utility module_path=".*parameterised_accounts">
      <input into="accounts">
        <datastore>accounts</datastore>
@@ -92,6 +100,9 @@
      <input into="lab">
        <value>shellbasics</value>
      </input>
+      <input into="accounts">
+        <datastore>accounts</datastore>
+      </input>
    </utility>

    <network type="private_network">
--- a/secgen.rb
+++ b/secgen.rb
@@ -544,7 +544,9 @@ opts.each do |opt, arg|
  when '--esxi-disktype'
    Print.info "ESXi disk type : #{arg}"
    options[:esxidisktype] = arg
-
+  when '--no-tests'
+    Print.info "Not running post-provision tests"
+    options[:notests] = true
  else
    Print.err "Argument not valid: #{arg}"
    usage