digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-21 19:28:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
auto_grading_dev
SecGen/lib/templates/Vagrantfile.erb
thomashaw 9969bde729 add 2cpu to grading server
2022-10-17 18:02:54 +01:00

244 lines
13 KiB
Plaintext
Raw Permalink Blame History

# -*- mode: ruby -*-
# vi: set ft=ruby :
# This file was generated by SecGen
# <%= @time %>
# Based on <%= @scenario %>
<% require 'json'
require 'base64'
require 'securerandom'
require_relative './lib/helpers/scenario.rb' -%>
<% scenario_name = @scenario.split('/').last.split('.').first + '-'
prefix = @options[:prefix] ? (@options[:prefix] + '-' + scenario_name) : ('SecGen-' + scenario_name) -%>
VAGRANTFILE_API_VERSION = "2"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
<% @systems.each do |system| %>
<% system.module_selections.each do |selected_module|
if selected_module.module_type == 'base'
@base_type = selected_module.attributes['type']
@ovirt_template = selected_module.attributes['ovirt_template']
@esxi_url = selected_module.attributes['esxi_url']
@cpu_word_size = selected_module.attributes['cpu_word_size'].first.downcase
if (@options.has_key? :ovirtuser) && (@options.has_key? :ovirtpass)
@ovirt_base_template = selected_module.attributes['ovirt_template']&.first
if @ovirt_base_template == nil
Print.err "Scenario includes #{selected_module.attributes['name']} which is not available on oVirt!"
return nil
end
end
end
end
system.memory = resolve_memory(system) -%>
config.vm.define "<%= system.name %>" do |<%= system.name %>|
<% if (@options.has_key? :ovirtuser) && (@options.has_key? :ovirtpass) %>
#oVirt provider begin
<%= system.name %>.vm.provider :ovirt4 do |ovirt|
<%=
" ovirt.username = '#{@options[:ovirtuser]}'
ovirt.password = '#{@options[:ovirtpass]}'" %>
<%= if @options.has_key? :ovirturl
" ovirt.url = '#{@options[:ovirturl]}'"
end %>
<%= if @options.has_key? :ovirtcluster
" ovirt.cluster = '#{@options[:ovirtcluster]}'"
end %>
<%=
" ovirt.template = '#{@ovirt_base_template}'" %>
<%=
" ovirt.memory_size = '#{system.memory} MB'\n" -%>
<%= if @base_type.include? 'desktop'
" ovirt.memory_guaranteed = '512 MB'\n"
elsif system.memory.to_i >= 4096
" ovirt.memory_guaranteed = '4096 MB'\n"
end -%>
<%= if @options.has_key? :cpu_cores
" ovirt.cpu_cores = #{@options[:cpu_cores]}\n"
end -%>
<%= if system.name.include? 'grading' # TODO: Update this later, eugh...
" ovirt.cpu_cores = 2\n"
end -%>
ovirt.console = 'spice'
# ovirt.filtered_api = true
ovirt.insecure = true
ovirt.debug = true
end
# oVirt provider end
<% elsif (@options.has_key? :esxiuser) && (@options.has_key? :esxipass) %>
# vmware_esxi provider begin
<%= system.name %>.vm.provider :vmware_esxi do |esxi|
<%=
" esxi.esxi_hostname = '#{@options[:esxi_url]}'
esxi.esxi_username = '#{@options[:esxiuser]}'
esxi.esxi_password = '#{@options[:esxipass]}' "
%>
<%= if @options.has_key? :esxidatastore
" esxi.esxi_disk_store = '#{@options[:esxidatastore]}'"
end -%>
<%= if @options.has_key? :esxi_disktype
" esxi.guest_disk_type = '#{@options[:esxi_disktype]}'"
end -%>
<%= " esxi.guest_memsize = '#{system.memory} MB'\n"
-%>
<%= if @options.has_key? :cpu_cores
" esxi.guest_numvcpus = #{@options[:cpu_cores]}\n"
end -%>
end
# End ESXi provider
<%
else %>
<%= system.name %>.vm.provider :virtualbox do |vb|
<% system.module_selections.each do |selected_module|
if selected_module.module_type == 'base'
@cpu_word_size = selected_module.attributes['cpu_word_size'].first.downcase
end
end -%>
<%= gui = (@options.has_key? :gui_output) ? 'true' : 'false'
" vb.gui = #{gui}\n" -%>
<%= no_pae = (@options.has_key? :nopae) ? 'off' : 'on'
" vb.customize ['modifyvm', :id, '--pae', '#{no_pae}']\n" -%>
<%= if @cpu_word_size == '32-bit'
if @options.has_key? :hwvirtex
" vb.customize ['modifyvm', :id, '--hwvirtex', 'on']\n"
else
" vb.customize ['modifyvm', :id, '--hwvirtex', 'off']\n"
end
elsif @cpu_word_size == '64-bit'
" vb.customize ['modifyvm', :id, '--hwvirtex', 'on']\n"
end -%>
<%= vtxpid = (@options.has_key? :vtxvpid) ? 'on' : 'off'
" vb.customize ['modifyvm', :id, '--vtxvpid', '#{vtxpid}']\n" -%>
<%= " vb.memory = '#{system.memory}'\n"-%>
<%= if @options.has_key? :cpu_cores
" vb.cpus = #{@options[:cpu_cores]}\n"
end -%>
<%= if @options.has_key? :max_cpu_usage
" vb.customize ['modifyvm', :id, '--cpuexecutioncap', '#{@options[:max_cpu_usage]}']\n"
end -%>
end
<% end %>
<% # Adds line that stops cloud-init from attempting to grab meta-data as eth0 is overwritten with provided networks.
# TODO: Remove when mutli-network vagrant-plugin issue is resolved
if (@options.has_key? :ovirtuser) && (@options.has_key? :ovirtpass) && @ovirt_base_template && @ovirt_base_template !~ /win/ -%>
<%= system.name %>.vm.provision 'shell', inline: "echo 'datasource_list: [ None ] '> /etc/cloud/cloud.cfg.d/90_dpkg.cfg"
<% end -%>
<%= system.name %>.vm.boot_timeout = 600
<%= system.name %>.ssh.connect_timeout = 600
# SecGen datastore
# <%= JSON.generate($datastore) %>
# SecGen modules
<% system.module_selections.each do |selected_module| -%>
<%= selected_module.to_s_comment -%>
<% if selected_module.module_type == 'network' and selected_module.received_inputs.include? 'IP_address' %>
<%= ' # This module has a datastore entry for IP_address, using that instead of the default.' %>
<% elsif selected_module.module_type == 'network' and @options.has_key? :ip_ranges -%>
<%= ' # This module has a command line ip_range, using that instead of the default.' %>
<% end -%>
<% case selected_module.module_type
when 'base' -%>
<% if (@options.has_key? :ovirtuser) && (@options.has_key? :ovirtpass) %> # TODO
<%# if selected_module.attributes['platform'].first.downcase != 'windows' %>
<%# gets stuck setting host name on Windows XP %>
<%= system.name %>.vm.hostname = '<%= system.get_hostname %>'
<%# end %>
<%= system.name %>.vm.box = 'ovirt4'
<%= system.name %>.vm.box_url = 'https://github.com/myoung34/vagrant-ovirt4/blob/master/example_box/dummy.box?raw=true'
<% elsif (@options.has_key? :esxiuser) && (@options.has_key? :esxipass) %>
<%= system.name %>.vm.hostname = '<%= system.get_hostname %>'
<%= system.name %>.vm.box = "<%= selected_module.module_path_name %>"
<%= system.name %>.vm.box_url = "<%= selected_module.attributes['esxi_url'].first %>"
<% else %>
<%= system.name %>.vm.box = "<%= selected_module.module_path_name %>"
<%= system.name %>.vm.box_url = "<%= selected_module.attributes['url'].first %>"
<% end %>
<% if selected_module.attributes['platform'].first.downcase == 'windows' %>
<%= system.name %>.vm.communicator = 'winssh'
<%= system.name %>.vm.guest = :windows
#<%= system.name %>.vm.synced_folder '.', '/vagrant', disabled: true
<% end %>
<% when 'network' -%>
<% # DHCP networking -%>
<% if (selected_module.attributes['range'].first.nil? || selected_module.attributes['range'].first == "dhcp") and (!selected_module.received_inputs.include? 'IP_address' and !@options[:ip_ranges])-%>
<% if (@options.has_key? :ovirtnetwork) && (@options.has_key? :ovirtuser) && (@options.has_key? :ovirtpass) %>
<%= system.name %>.vm.network :<%= selected_module.attributes['type'].first %>, type: "dhcp", :ovirt__network_name => '<%= get_ovirt_network_name(system.name, @options[:ovirtnetwork]) %>'
<% else %>
<%= system.name %>.vm.network :<%= selected_module.attributes['type'].first %>, type: "dhcp", auto_config: false
<% end %>
<% # Below string is used within testing, do not delete. -%>
# ip_address_for_<%= system.name %>=DHCP
<% # Static networking -%>
<% else -%>
<% # Static oVirt networking -%>
<% if (@options.has_key? :ovirtuser) && (@options.has_key? :ovirtpass) && @ovirt_base_template && @ovirt_base_template !~ /win/ -%>
<% interface = 'ens3' -%>
<% if @ovirt_base_template =~ /kali|debian_desktop_kde|debian_wheezy_server/ -%>
<% interface = 'eth0' -%>
<% end -%>
# use some shell scripting to identify the name of the network interface (eth0/ens3/...), and set the IP address statically
<%= system.name %>.vm.provision 'shell', inline: "echo -e \"auto lo\niface lo inet loopback\n\nauto <%= interface %>\niface <%= interface %> inet static\n\taddress <%= resolve_network(selected_module)%>\" > /etc/network/interfaces"
<%= system.name %>.vm.provision 'shell', inline: "echo '' > /etc/environment"
<% # Below string is used within testing, do not delete. -%>
# ip_address_for_<%= system.name %>=<%= resolve_network(selected_module)%>
<% # Static Virtualbox networking -%>
<% elsif (@options.has_key? :ovirtuser) && (@options.has_key? :ovirtpass) && @ovirt_base_template && @ovirt_base_template =~ /win/ -%>
<% # Windows on oVirt
# re-activate windows -%>
<%= system.name %>.vm.provision 'shell', inline: 'cscript //b c:\windows\system32\slmgr.vbs /ato'
<% # change network on reboot via scheduled task, so that it gets the new IP on reboot (not mid-provision)
# TODO: use some clever scripting to identify the network name : $interface = $(wmic.exe nic where "NetConnectionStatus=2" get NetConnectionID | findstr Local).Trim(); schtasks /create /rl HIGHEST /ru system /sc ONSTART /tn networksettings /f /tr "netsh interface ip set address '$interface' static IPADDRESS 255.0.0.0" %>
<%= system.name %>.vm.provision 'shell', inline: 'schtasks /create /rl HIGHEST /ru system /sc ONSTART /tn networksettings1 /f /tr "netsh interface ip set address \'Local Area Connection\' static <%= resolve_network(selected_module)%> 255.0.0.0\" '
<%= system.name %>.vm.provision 'shell', inline: 'schtasks /create /rl HIGHEST /ru system /sc ONSTART /tn networksettings2 /f /tr "netsh interface ip set address \'Local Area Connection 2\' static <%= resolve_network(selected_module)%> 255.0.0.0\" '
<%= system.name %>.vm.provision 'shell', inline: 'schtasks /create /rl HIGHEST /ru system /sc ONSTART /tn networksettings3 /f /tr "netsh interface ip set address \'Local Area Connection 3\' static <%= resolve_network(selected_module)%> 255.0.0.0\" '
<%= system.name %>.vm.provision 'shell', inline: 'schtasks /create /rl HIGHEST /ru system /sc ONSTART /tn networksettings3 /f /tr "netsh interface ip set address \'Ethernet\' static <%= resolve_network(selected_module)%> 255.0.0.0\" '
<% else # not windows or not ovirt -%>
<%= system.name %>.vm.network :<%= selected_module.attributes['type'].first %>, ip: "<%= resolve_network(selected_module)%>"
<% # Below string is used within testing, do not delete. -%>
# ip_address_for_<%= system.name %>=<%= resolve_network(selected_module)%>
<% end -%>
<% end -%>
<% when 'vulnerability', 'service', 'utility', 'build' -%>
<% module_name = selected_module.module_path_name -%>
<%= system.name %>.vm.provision "puppet" do | <%=module_name%> |
<% # if there are facter variables to define
if selected_module.received_inputs != {} -%>
<% json_inputs = JSON.generate(selected_module.received_inputs)
b64_json_inputs = Base64.strict_encode64(json_inputs)
# save the inputs in a randomly named file in the
# project out directory of the secgen_functions module
json_inputs_filename = "#{selected_module.module_path_end}_#{SecureRandom.hex(15).to_s}"
dir = "#{@out_dir}/puppet/#{system.name}/modules/secgen_functions/files/json_inputs"
FileUtils.mkdir_p(dir) unless File.exists?(dir)
Print.verbose "Writing #{selected_module.module_path_name} input to: #{dir}/#{json_inputs_filename}"
File.write("#{dir}/#{json_inputs_filename}", b64_json_inputs)
-%>
<%= module_name%>.facter = {
"base64_inputs_file" => '<%= json_inputs_filename %>',
}
<% end -%>
<%=module_name%>.module_path = "<%="puppet/#{system.name}/modules"%>"
<% if selected_module.attributes['platform'].first.downcase == 'windows' %>
<%=module_name%>.temp_dir = "/cygdrive/c/vagrant/"
<% else %>
<%=module_name%>.environment_path = "environments/"
<%=module_name%>.environment_variables = {'RUBYOPT' => '-W0'}
<%=module_name%>.environment = "production"
<% end %>
<%=module_name%>.synced_folder_type = "rsync"
<%=module_name%>.manifests_path = "<%="puppet/#{system.name}/modules/#{selected_module.module_path_end}"%>"
<%=module_name%>.manifest_file = "<%="#{selected_module.module_path_end}.pp"%>"
end
<% end -%>
<% end -%>
end
<% end %>
end
Reference in New Issue View Git Blame Copy Permalink