init.yml 1.74 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
---

- name: Set PHP symbolic link
  file:
   src: /opt/rh/rh-php72/root/bin/php  
   dest: /usr/bin/php
   state: link

- name: Copy certificates
  copy:
    src:  "{{ item.local }}"
    dest: "{{ item.remote }}"
    mode: "{{ item.mode}}"
  with_items:
    - local: "{{playbook_dir}}/secrets/CA/issued/{{ inventory_hostname }}.crt"
      remote: /etc/ssl/certs/misp.crt
      mode: '0644'
    - local: "{{playbook_dir}}/secrets/CA/private/{{ inventory_hostname }}.key"
      remote: /etc/ssl/certs/misp.key
      mode: '0600'
    - local: "{{playbook_dir}}/secrets/CA/ca.crt"
      remote: /etc/ssl/certs/ca.crt
      mode: '0644'
    - local: "{{playbook_dir}}/secrets/CA/ca.crt"
      remote: /etc/pki/ca-trust/source/anchors/ca.crt
      mode: '0644'

- name: Update CA trust
  command: update-ca-trust

- name: Get openid authkey
  set_fact:
    mispsecret: "{{lookup('file', '{{playbook_dir}}/secrets/tokens/mispsecret',convert_data=False) | from_json }}"

- name: Configure Apache web server for misp
  template:
    src: misp.conf.j2
    dest: /etc/httpd/conf.d/misp.conf

- name: Configure MISP database access
  template:
    src: database.php.j2
    dest: /var/www/MISP/app/Config/database.php

- name: Configure salt
  lineinfile:
    path: /var/www/MISP/app/Config/config.php
    regexp: "'salt'.*=>"
    line: "'salt' => '{{lookup('password', '{{playbook_dir}}/secrets/misp_salt')}}',"

- name: Configure MISP database initialization script
  template:
    src: checkdb.sh.j2
    dest: /var/www/MISP/checkdb.sh
    mode: '0700'

- name: Check if database is initialized
  command: /var/www/MISP/checkdb.sh

60
61
62
63
64
65
66
67
- name: Recursively change ownership of a directory
  file:
    path: /var/www/MISP
    state: directory
    recurse: yes
    owner: apache
    group: apache