From bb41499a270e51792dfaa166709cc37dde688694 Mon Sep 17 00:00:00 2001 From: Chris Long Date: Sat, 8 May 2021 15:13:05 -0700 Subject: [PATCH] Convert Exchange to a Terraform module --- .gitignore | 5 ++- Addons/Exchange/Azure/Ansible/ansible.cfg | 3 -- Addons/Exchange/Azure/Ansible/exchange.yml | 6 --- .../Exchange/Azure/Ansible/group_vars/all.yml | 1 - Addons/Exchange/Azure/Ansible/roles/common | 1 - Addons/Exchange/ESXi/Ansible/ansible.cfg | 2 - Addons/Exchange/ESXi/Ansible/exchange.yml | 6 --- .../Exchange/ESXi/Ansible/group_vars/all.yml | 1 - Addons/Exchange/ESXi/Ansible/roles/common | 1 - Addons/Exchange/ESXi/Terraform/main.tf | 40 ------------------- Addons/Exchange/ESXi/Terraform/variables.tf | 1 - Addons/Exchange/Vagrant/resources | 1 - Addons/Exchange/Vagrant/scripts | 1 - Azure/Ansible/inventory.yml | 4 ++ .../Ansible/roles/exchange/tasks/main.yml | 0 Azure/Terraform/exchange.tf | 10 +++++ .../Terraform/modules/exchange}/locals.tf | 0 .../Terraform/modules/exchange}/main.tf | 19 +++++---- .../Terraform/modules/exchange}/outputs.tf | 0 Azure/Terraform/modules/exchange/variables.tf | 11 +++++ Azure/build_ansible_inventory.sh | 6 +++ ESXi/ansible/detectionlab.yml | 6 +++ .../ansible}/roles/exchange/tasks/main.yml | 0 ESXi/exchange.tf | 9 +++++ .../modules/exchange/main.tf | 28 +++++++++++++ .../modules/exchange}/outputs.tf | 0 ESXi/modules/exchange/variables.tf | 11 +++++ .../Vagrant => Vagrant/Exchange}/Vagrantfile | 24 +++++------ 28 files changed, 112 insertions(+), 85 deletions(-) delete mode 100644 Addons/Exchange/Azure/Ansible/ansible.cfg delete mode 100644 Addons/Exchange/Azure/Ansible/exchange.yml delete mode 120000 Addons/Exchange/Azure/Ansible/group_vars/all.yml delete mode 120000 Addons/Exchange/Azure/Ansible/roles/common delete mode 100644 Addons/Exchange/ESXi/Ansible/ansible.cfg delete mode 100644 Addons/Exchange/ESXi/Ansible/exchange.yml delete mode 120000 Addons/Exchange/ESXi/Ansible/group_vars/all.yml delete mode 120000 Addons/Exchange/ESXi/Ansible/roles/common delete mode 100644 Addons/Exchange/ESXi/Terraform/main.tf delete mode 120000 Addons/Exchange/ESXi/Terraform/variables.tf delete mode 120000 Addons/Exchange/Vagrant/resources delete mode 120000 Addons/Exchange/Vagrant/scripts rename {Addons/Exchange/Azure => Azure}/Ansible/roles/exchange/tasks/main.yml (100%) create mode 100644 Azure/Terraform/exchange.tf rename {Addons/Exchange/Azure/Terraform => Azure/Terraform/modules/exchange}/locals.tf (100%) rename {Addons/Exchange/Azure/Terraform => Azure/Terraform/modules/exchange}/main.tf (78%) rename {Addons/Exchange/Azure/Terraform => Azure/Terraform/modules/exchange}/outputs.tf (100%) create mode 100644 Azure/Terraform/modules/exchange/variables.tf rename {Addons/Exchange/ESXi/Ansible => ESXi/ansible}/roles/exchange/tasks/main.yml (100%) create mode 100644 ESXi/exchange.tf rename Addons/Exchange/ESXi/Terraform/versions.tf => ESXi/modules/exchange/main.tf (58%) rename {Addons/Exchange/ESXi/Terraform => ESXi/modules/exchange}/outputs.tf (100%) create mode 100644 ESXi/modules/exchange/variables.tf rename {Addons/Exchange/Vagrant => Vagrant/Exchange}/Vagrantfile (63%) diff --git a/.gitignore b/.gitignore index b3342ae..a83f478 100755 --- a/.gitignore +++ b/.gitignore @@ -8,9 +8,10 @@ Boxes/* *.tfstate *.tfstate.* *.tfvars -inventory.yml +ESXi/Ansible/inventory.yml +Azure/Ansible/inventory.yml inventory.yml.bak -**/inventory.yml +inventory.yml *.box manifest.xml HyperV/.vagrant/* diff --git a/Addons/Exchange/Azure/Ansible/ansible.cfg b/Addons/Exchange/Azure/Ansible/ansible.cfg deleted file mode 100644 index bcbfb98..0000000 --- a/Addons/Exchange/Azure/Ansible/ansible.cfg +++ /dev/null @@ -1,3 +0,0 @@ -[defaults] -inventory = inventory.yml -host_key_checking = False diff --git a/Addons/Exchange/Azure/Ansible/exchange.yml b/Addons/Exchange/Azure/Ansible/exchange.yml deleted file mode 100644 index 18afd15..0000000 --- a/Addons/Exchange/Azure/Ansible/exchange.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- hosts: exchange - roles: - - exchange - - common - tags: exchange diff --git a/Addons/Exchange/Azure/Ansible/group_vars/all.yml b/Addons/Exchange/Azure/Ansible/group_vars/all.yml deleted file mode 120000 index 881d25b..0000000 --- a/Addons/Exchange/Azure/Ansible/group_vars/all.yml +++ /dev/null @@ -1 +0,0 @@ -../../../../Azure/Ansible/group_vars/all.yml \ No newline at end of file diff --git a/Addons/Exchange/Azure/Ansible/roles/common b/Addons/Exchange/Azure/Ansible/roles/common deleted file mode 120000 index 76017e7..0000000 --- a/Addons/Exchange/Azure/Ansible/roles/common +++ /dev/null @@ -1 +0,0 @@ -../../../../../Azure/Ansible/roles/common \ No newline at end of file diff --git a/Addons/Exchange/ESXi/Ansible/ansible.cfg b/Addons/Exchange/ESXi/Ansible/ansible.cfg deleted file mode 100644 index d601d7e..0000000 --- a/Addons/Exchange/ESXi/Ansible/ansible.cfg +++ /dev/null @@ -1,2 +0,0 @@ -[defaults] -inventory = inventory.yml diff --git a/Addons/Exchange/ESXi/Ansible/exchange.yml b/Addons/Exchange/ESXi/Ansible/exchange.yml deleted file mode 100644 index 18afd15..0000000 --- a/Addons/Exchange/ESXi/Ansible/exchange.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- hosts: exchange - roles: - - exchange - - common - tags: exchange diff --git a/Addons/Exchange/ESXi/Ansible/group_vars/all.yml b/Addons/Exchange/ESXi/Ansible/group_vars/all.yml deleted file mode 120000 index 52b2c39..0000000 --- a/Addons/Exchange/ESXi/Ansible/group_vars/all.yml +++ /dev/null @@ -1 +0,0 @@ -../../../../../ESXi/Ansible/group_vars/all.yml \ No newline at end of file diff --git a/Addons/Exchange/ESXi/Ansible/roles/common b/Addons/Exchange/ESXi/Ansible/roles/common deleted file mode 120000 index 6b58ef8..0000000 --- a/Addons/Exchange/ESXi/Ansible/roles/common +++ /dev/null @@ -1 +0,0 @@ -../../../../../ESXi/Ansible/roles/common \ No newline at end of file diff --git a/Addons/Exchange/ESXi/Terraform/main.tf b/Addons/Exchange/ESXi/Terraform/main.tf deleted file mode 100644 index 3f80f22..0000000 --- a/Addons/Exchange/ESXi/Terraform/main.tf +++ /dev/null @@ -1,40 +0,0 @@ -######################################### -# ESXI Provider host/login details -######################################### -# -# Use of variables here to hide/move the variables to a separate file -# -provider "esxi" { - esxi_hostname = var.esxi_hostname - esxi_hostport = var.esxi_hostport - esxi_username = var.esxi_username - esxi_password = var.esxi_password -} - -resource "esxi_guest" "exchange" { - guest_name = "exchange" - disk_store = var.esxi_datastore - guestos = "windows9srv-64" - - boot_disk_type = "thin" - - memsize = "8192" - numvcpus = "4" - resource_pool_name = "/" - power = "on" - clone_from_vm = "WindowsServer2016" - # This is the network that bridges your host machine with the ESXi VM - network_interfaces { - virtual_network = var.vm_network - mac_address = "00:50:56:a1:b2:c5" - nic_type = "e1000" - } - # This is the local network that will be used for 192.168.38.x addressing - network_interfaces { - virtual_network = var.hostonly_network - mac_address = "00:50:56:a1:b4:c5" - nic_type = "e1000" - } - guest_startup_timeout = 45 - guest_shutdown_timeout = 30 -} diff --git a/Addons/Exchange/ESXi/Terraform/variables.tf b/Addons/Exchange/ESXi/Terraform/variables.tf deleted file mode 120000 index 0ff79dd..0000000 --- a/Addons/Exchange/ESXi/Terraform/variables.tf +++ /dev/null @@ -1 +0,0 @@ -../../../../ESXi/variables.tf \ No newline at end of file diff --git a/Addons/Exchange/Vagrant/resources b/Addons/Exchange/Vagrant/resources deleted file mode 120000 index ebd8c69..0000000 --- a/Addons/Exchange/Vagrant/resources +++ /dev/null @@ -1 +0,0 @@ -../../../Vagrant/resources \ No newline at end of file diff --git a/Addons/Exchange/Vagrant/scripts b/Addons/Exchange/Vagrant/scripts deleted file mode 120000 index 7dc000e..0000000 --- a/Addons/Exchange/Vagrant/scripts +++ /dev/null @@ -1 +0,0 @@ -../../../Vagrant/scripts \ No newline at end of file diff --git a/Azure/Ansible/inventory.yml b/Azure/Ansible/inventory.yml index b604553..c0ee6c6 100644 --- a/Azure/Ansible/inventory.yml +++ b/Azure/Ansible/inventory.yml @@ -11,3 +11,7 @@ wef: win10: hosts: z.z.z.z: + +exchange: + hosts: + # v.v.v.v: diff --git a/Addons/Exchange/Azure/Ansible/roles/exchange/tasks/main.yml b/Azure/Ansible/roles/exchange/tasks/main.yml similarity index 100% rename from Addons/Exchange/Azure/Ansible/roles/exchange/tasks/main.yml rename to Azure/Ansible/roles/exchange/tasks/main.yml diff --git a/Azure/Terraform/exchange.tf b/Azure/Terraform/exchange.tf new file mode 100644 index 0000000..2f82d47 --- /dev/null +++ b/Azure/Terraform/exchange.tf @@ -0,0 +1,10 @@ +## Remove the block comment to enable the creation of the Exchange server +/* +module "exchange" { + source = "./modules/exchange" + resource_group_name = azurerm_resource_group.detectionlab.name + region = var.region + subnet_id = azurerm_subnet.detectionlab-subnet.id +} +*/ + diff --git a/Addons/Exchange/Azure/Terraform/locals.tf b/Azure/Terraform/modules/exchange/locals.tf similarity index 100% rename from Addons/Exchange/Azure/Terraform/locals.tf rename to Azure/Terraform/modules/exchange/locals.tf diff --git a/Addons/Exchange/Azure/Terraform/main.tf b/Azure/Terraform/modules/exchange/main.tf similarity index 78% rename from Addons/Exchange/Azure/Terraform/main.tf rename to Azure/Terraform/modules/exchange/main.tf index 6e5a764..84d3164 100644 --- a/Addons/Exchange/Azure/Terraform/main.tf +++ b/Azure/Terraform/modules/exchange/main.tf @@ -1,8 +1,13 @@ +# https://github.com/terraform-providers/terraform-provider-azurerm/blob/1940d84dba45e41b2f1f868a22d7f7af1adea8a0/examples/virtual-machines/virtual_machine/vm-joined-to-active-directory/modules/active-directory/2-virtual-machine.tf +locals { + custom_data_content = file("${path.module}/../../files/winrm.ps1") +} + resource "azurerm_virtual_machine" "exchange" { name = "exchange.windomain.local" location = var.region - resource_group_name = azurerm_resource_group.detectionlab.name - network_interface_ids = [azurerm_network_interface.exchange-nic[count.index].id] + resource_group_name = var.resource_group_name + network_interface_ids = [azurerm_network_interface.exchange-nic.id] vm_size = "Standard_D3_v2" delete_os_disk_on_termination = true @@ -39,7 +44,7 @@ resource "azurerm_virtual_machine" "exchange" { pass = "oobeSystem" component = "Microsoft-Windows-Shell-Setup" setting_name = "FirstLogonCommands" - content = file("${path.module}/files/FirstLogonCommands.xml") + content = file("${path.module}/../../files/FirstLogonCommands.xml") } } @@ -58,21 +63,21 @@ resource "azurerm_virtual_machine" "exchange" { resource "azurerm_network_interface" "exchange-nic" { name = "exchange-nic" location = var.region - resource_group_name = azurerm_resource_group.detectionlab.name + resource_group_name = var.resource_group_name ip_configuration { name = "myNicConfiguration" - subnet_id = azurerm_subnet.detectionlab-subnet.id + subnet_id = var.subnet_id private_ip_address_allocation = "Static" private_ip_address = "192.168.38.106" - public_ip_address_id = azurerm_public_ip.exchange-publicip[count.index].id + public_ip_address_id = azurerm_public_ip.exchange-publicip.id } } resource "azurerm_public_ip" "exchange-publicip" { name = "exchange-public-ip" location = var.region - resource_group_name = azurerm_resource_group.detectionlab.name + resource_group_name = var.resource_group_name allocation_method = "Static" tags = { diff --git a/Addons/Exchange/Azure/Terraform/outputs.tf b/Azure/Terraform/modules/exchange/outputs.tf similarity index 100% rename from Addons/Exchange/Azure/Terraform/outputs.tf rename to Azure/Terraform/modules/exchange/outputs.tf diff --git a/Azure/Terraform/modules/exchange/variables.tf b/Azure/Terraform/modules/exchange/variables.tf new file mode 100644 index 0000000..d2ccde2 --- /dev/null +++ b/Azure/Terraform/modules/exchange/variables.tf @@ -0,0 +1,11 @@ +variable "resource_group_name" { + type = string +} + +variable "region" { + type = string +} + +variable "subnet_id" { + type = string +} \ No newline at end of file diff --git a/Azure/build_ansible_inventory.sh b/Azure/build_ansible_inventory.sh index 516cdc6..2eeb6b5 100755 --- a/Azure/build_ansible_inventory.sh +++ b/Azure/build_ansible_inventory.sh @@ -24,6 +24,7 @@ TF_OUTPUT=$(terraform output) DC_IP=$(echo "$TF_OUTPUT" | grep -E -o "dc_public_ip = ([0-9]{1,3}[\.]){3}[0-9]{1,3}" | cut -d '=' -f 2 | tr -d ' ') WEF_IP=$(echo "$TF_OUTPUT" | grep -E -o "wef_public_ip = ([0-9]{1,3}[\.]){3}[0-9]{1,3}" | cut -d '=' -f 2 | tr -d ' ') WIN10_IP=$(echo "$TF_OUTPUT" | grep -E -o "win10_public_ip = ([0-9]{1,3}[\.]){3}[0-9]{1,3}" | cut -d '=' -f 2 | tr -d ' ') +EXCHANGE_IP=$(echo "$TF_OUTPUT" | grep -E -o "exchange_public_ip = ([0-9]{1,3}[\.]){3}[0-9]{1,3}" | cut -d '=' -f 2 | tr -d ' ') # Don't update unless there's default values in inventory.yml GREP_COUNT=$(grep -E -c 'x\.x\.x\.x|y\.y\.y\.y|z\.z\.z\.z' ../Ansible/inventory.yml) @@ -37,5 +38,10 @@ fi echo "Replacing the default values in DetectionLab/Azure/Ansible/inventory.yml..." sed -i.bak "s/x.x.x.x/$DC_IP/g; s/y.y.y.y/$WEF_IP/g; s/z.z.z.z/$WIN10_IP/g" ../Ansible/inventory.yml +if [ ! -e "$EXCHANGE_IP" ]; then + echo "Exchange server found! Adding the IP to the Ansible inventory..." + sed -i.bak "s/# v.v.v.v/$EXCHANGE_IP/g" ../Ansible/inventory.yml +fi + echo "Displaying the updated inventory.yml below!" cat ../Ansible/inventory.yml diff --git a/ESXi/ansible/detectionlab.yml b/ESXi/ansible/detectionlab.yml index d41ffb5..c968c11 100644 --- a/ESXi/ansible/detectionlab.yml +++ b/ESXi/ansible/detectionlab.yml @@ -16,6 +16,12 @@ - common tags: wef +- hosts: exchange + roles: + - exchange + - common + tags: exchange + - hosts: win10 roles: - win10 diff --git a/Addons/Exchange/ESXi/Ansible/roles/exchange/tasks/main.yml b/ESXi/ansible/roles/exchange/tasks/main.yml similarity index 100% rename from Addons/Exchange/ESXi/Ansible/roles/exchange/tasks/main.yml rename to ESXi/ansible/roles/exchange/tasks/main.yml diff --git a/ESXi/exchange.tf b/ESXi/exchange.tf new file mode 100644 index 0000000..50197bc --- /dev/null +++ b/ESXi/exchange.tf @@ -0,0 +1,9 @@ +## Remove the block comment to enable the creation of the Exchange server +/* +module "exchange" { + source = "./modules/exchange" + disk_store = var.esxi_datastore + vm_network = var.vm_network + hostonly_network = var.hostonly_network +} +*/ diff --git a/Addons/Exchange/ESXi/Terraform/versions.tf b/ESXi/modules/exchange/main.tf similarity index 58% rename from Addons/Exchange/ESXi/Terraform/versions.tf rename to ESXi/modules/exchange/main.tf index 7d8294c..bf951b4 100644 --- a/Addons/Exchange/ESXi/Terraform/versions.tf +++ b/ESXi/modules/exchange/main.tf @@ -7,3 +7,31 @@ terraform { } } } + +resource "esxi_guest" "exchange" { + guest_name = "exchange" + disk_store = var.disk_store + guestos = "windows9srv-64" + + boot_disk_type = "thin" + + memsize = "8192" + numvcpus = "4" + resource_pool_name = "/" + power = "on" + clone_from_vm = "WindowsServer2016" + # This is the network that bridges your host machine with the ESXi VM + network_interfaces { + virtual_network = var.vm_network + mac_address = "00:50:56:a1:b2:c5" + nic_type = "e1000" + } + # This is the local network that will be used for 192.168.38.x addressing + network_interfaces { + virtual_network = var.hostonly_network + mac_address = "00:50:56:a1:b4:c5" + nic_type = "e1000" + } + guest_startup_timeout = 45 + guest_shutdown_timeout = 30 +} diff --git a/Addons/Exchange/ESXi/Terraform/outputs.tf b/ESXi/modules/exchange/outputs.tf similarity index 100% rename from Addons/Exchange/ESXi/Terraform/outputs.tf rename to ESXi/modules/exchange/outputs.tf diff --git a/ESXi/modules/exchange/variables.tf b/ESXi/modules/exchange/variables.tf new file mode 100644 index 0000000..636b617 --- /dev/null +++ b/ESXi/modules/exchange/variables.tf @@ -0,0 +1,11 @@ +variable "vm_network" { + default = "VM Network" +} + +variable "hostonly_network" { + default = "HostOnly Network" +} + +variable "disk_store" { + type = string +} \ No newline at end of file diff --git a/Addons/Exchange/Vagrant/Vagrantfile b/Vagrant/Exchange/Vagrantfile similarity index 63% rename from Addons/Exchange/Vagrant/Vagrantfile rename to Vagrant/Exchange/Vagrantfile index 4bf5568..7e9c5a5 100644 --- a/Addons/Exchange/Vagrant/Vagrantfile +++ b/Vagrant/Exchange/Vagrantfile @@ -8,20 +8,20 @@ cfg.winrm.retry_limit = 20 cfg.vm.network :private_network, ip: "192.168.38.106", gateway: "192.168.38.1", dns: "192.168.38.102" - cfg.vm.provision "shell", path: "scripts/fix-second-network.ps1", privileged: true, args: "-ip 192.168.38.106 -dns 8.8.8.8 -gateway 192.168.38.1" - cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false + cfg.vm.provision "shell", path: "../scripts/fix-second-network.ps1", privileged: true, args: "-ip 192.168.38.106 -dns 8.8.8.8 -gateway 192.168.38.1" + cfg.vm.provision "shell", path: "../scripts/provision.ps1", privileged: false cfg.vm.provision "reload" - cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false - cfg.vm.provision "shell", path: "scripts/download_palantir_wef.ps1", privileged: false + cfg.vm.provision "shell", path: "../scripts/provision.ps1", privileged: false + cfg.vm.provision "shell", path: "../scripts/download_palantir_wef.ps1", privileged: false cfg.vm.provision "shell", inline: 'wevtutil el | Select-String -notmatch "Microsoft-Windows-LiveId" | Foreach-Object {wevtutil cl "$_"}', privileged: false - cfg.vm.provision "shell", path: "scripts/install-splunkuf.ps1", privileged: false - cfg.vm.provision "shell", path: "scripts/install-windows_ta.ps1", privileged: false - cfg.vm.provision "shell", path: "scripts/install-utilities.ps1", privileged: false - cfg.vm.provision "shell", path: "scripts/install-redteam.ps1", privileged: false - cfg.vm.provision "shell", path: "scripts/install-choco-extras.ps1", privileged: false - cfg.vm.provision "shell", path: "scripts/install-osquery.ps1", privileged: false - cfg.vm.provision "shell", path: "scripts/install-sysinternals.ps1", privileged: false - cfg.vm.provision "shell", path: "scripts/install-velociraptor.ps1", privileged: false + cfg.vm.provision "shell", path: "../scripts/install-splunkuf.ps1", privileged: false + cfg.vm.provision "shell", path: "../scripts/install-windows_ta.ps1", privileged: false + cfg.vm.provision "shell", path: "../scripts/install-utilities.ps1", privileged: false + cfg.vm.provision "shell", path: "../scripts/install-redteam.ps1", privileged: false + cfg.vm.provision "shell", path: "../scripts/install-choco-extras.ps1", privileged: false + cfg.vm.provision "shell", path: "../scripts/install-osquery.ps1", privileged: false + cfg.vm.provision "shell", path: "../scripts/install-sysinternals.ps1", privileged: false + cfg.vm.provision "shell", path: "../scripts/install-velociraptor.ps1", privileged: false cfg.vm.provision "shell", inline: "Set-SmbServerConfiguration -AuditSmb1Access $true -Force", privileged: false cfg.vm.provision "shell", inline: 'cscript c:\windows\system32\slmgr.vbs /dlv', privileged: false