trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fixing issues 228, 252, 255

Browse Source
This commit is contained in:
Chris Long
2019-04-25 23:06:07 -07:00
parent 574df0e0c4
commit dae0393b00
12 changed files with 101 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
Vagrant/Vagrantfile vendored
View File

@@ -29,10 +29,6 @@ Vagrant.configure("2") do |config|
cfg.vm.box = "detectionlab/win2016" cfg.vm.box = "detectionlab/win2016"
cfg.vm.hostname = "dc" cfg.vm.hostname = "dc"
cfg.vm.boot_timeout = 600 cfg.vm.boot_timeout = 600
# use the plaintext WinRM transport and force it to use basic authentication.
# NB this is needed because the default negotiate transport stops working
# after the domain controller is installed.
# see https://groups.google.com/forum/#!topic/vagrant-up/sZantuCM0q4
cfg.winrm.transport = :plaintext cfg.winrm.transport = :plaintext
cfg.vm.communicator = "winrm" cfg.vm.communicator = "winrm"
cfg.winrm.basic_auth_only = true cfg.winrm.basic_auth_only = true
@@ -58,13 +54,14 @@ Vagrant.configure("2") do |config|
cfg.vm.provision "shell", path: "scripts/configure-wef-gpo.ps1", privileged: false cfg.vm.provision "shell", path: "scripts/configure-wef-gpo.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/configure-powershelllogging.ps1", privileged: false cfg.vm.provision "shell", path: "scripts/configure-powershelllogging.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/configure-AuditingPolicyGPOs.ps1", privileged: false cfg.vm.provision "shell", path: "scripts/configure-AuditingPolicyGPOs.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/configure-rdp-user-gpo.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-autorunstowineventlog.ps1", privileged: false cfg.vm.provision "shell", path: "scripts/install-autorunstowineventlog.ps1", privileged: false
cfg.vm.provision "shell", inline: 'wevtutil el | Select-String -notmatch "Microsoft-Windows-LiveId" | Foreach-Object {wevtutil cl "$_"}', privileged: false cfg.vm.provision "shell", inline: 'wevtutil el | Select-String -notmatch "Microsoft-Windows-LiveId" | Foreach-Object {wevtutil cl "$_"}', privileged: false
cfg.vm.provision "shell", inline: "Set-SmbServerConfiguration -AuditSmb1Access $true -Force", privileged: false cfg.vm.provision "shell", inline: "Set-SmbServerConfiguration -AuditSmb1Access $true -Force", privileged: false
cfg.vm.provider "vmware_desktop" do |v, override| cfg.vm.provider "vmware_desktop" do |v, override|
v.vmx["displayname"] = "dc.windomain.local" v.vmx["displayname"] = "dc.windomain.local"
v.memory = 2560 v.memory = 3072
v.cpus = 2 v.cpus = 2
v.gui = true v.gui = true
v.enable_vmrun_ip_lookup = false v.enable_vmrun_ip_lookup = false
@@ -74,7 +71,7 @@ Vagrant.configure("2") do |config|
vb.gui = true vb.gui = true
vb.name = "dc.windomain.local" vb.name = "dc.windomain.local"
vb.default_nic_type = "82545EM" vb.default_nic_type = "82545EM"
vb.customize ["modifyvm", :id, "--memory", 2560] vb.customize ["modifyvm", :id, "--memory", 3072]
vb.customize ["modifyvm", :id, "--cpus", 2] vb.customize ["modifyvm", :id, "--cpus", 2]
vb.customize ["modifyvm", :id, "--vram", "32"] vb.customize ["modifyvm", :id, "--vram", "32"]
vb.customize ["modifyvm", :id, "--clipboard", "bidirectional"] vb.customize ["modifyvm", :id, "--clipboard", "bidirectional"]
@@ -145,12 +142,12 @@ Vagrant.configure("2") do |config|
cfg.vm.network :private_network, ip: "192.168.38.104", gateway: "192.168.38.1", dns: "192.168.38.102" cfg.vm.network :private_network, ip: "192.168.38.104", gateway: "192.168.38.1", dns: "192.168.38.102"
cfg.vm.provision "shell", path: "scripts/fix-second-network.ps1", privileged: false, args: "-ip 192.168.38.104 -dns 192.168.38.102" cfg.vm.provision "shell", path: "scripts/fix-second-network.ps1", privileged: false, args: "-ip 192.168.38.104 -dns 192.168.38.102"
cfg.vm.provision "shell", path: "scripts/MakeWindows10GreatAgain.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
cfg.vm.provision "reload" cfg.vm.provision "reload"
cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false cfg.vm.provision "shell", path: "scripts/provision.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/download_palantir_wef.ps1", privileged: false cfg.vm.provision "shell", path: "scripts/download_palantir_wef.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/download_palantir_osquery.ps1", privileged: false cfg.vm.provision "shell", path: "scripts/download_palantir_osquery.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/MakeWindows10GreatAgain.ps1", privileged: false
cfg.vm.provision "shell", inline: 'wevtutil el | Select-String -notmatch "Microsoft-Windows-LiveId" | Foreach-Object {wevtutil cl "$_"}', privileged: false cfg.vm.provision "shell", inline: 'wevtutil el | Select-String -notmatch "Microsoft-Windows-LiveId" | Foreach-Object {wevtutil cl "$_"}', privileged: false
cfg.vm.provision "shell", path: "scripts/install-splunkuf.ps1", privileged: false cfg.vm.provision "shell", path: "scripts/install-splunkuf.ps1", privileged: false
cfg.vm.provision "shell", path: "scripts/install-utilities.ps1", privileged: false cfg.vm.provision "shell", path: "scripts/install-utilities.ps1", privileged: false

1
Vagrant/resources/GPO/rdp_users/manifest.xml Normal file
View File

@@ -0,0 +1 @@
<Backups xmlns="http://www.microsoft.com/GroupPolicy/GPOOperations/Manifest" xmlns:mfst="http://www.microsoft.com/GroupPolicy/GPOOperations/Manifest" mfst:version="1.0"><BackupInst><GPOGuid><![CDATA[{4EC18B73-0966-463C-BD39-72D0903AFE65}]]></GPOGuid><GPODomain><![CDATA[windomain.local]]></GPODomain><GPODomainGuid><![CDATA[{46037b97-c619-4c8b-b901-d264bbccc4c0}]]></GPODomainGuid><GPODomainController><![CDATA[dc.windomain.local]]></GPODomainController><BackupTime><![CDATA[2019-04-26T03:18:07]]></BackupTime><ID><![CDATA[{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}]]></ID><Comment><![CDATA[Allows windomain\vagrant to RDP to hosts]]></Comment><GPODisplayName><![CDATA[Allow Domain Users RDP]]></GPODisplayName></BackupInst></Backups>

20
Vagrant/resources/GPO/rdp_users/{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}/Backup.xml Normal file
View File

@@ -0,0 +1,20 @@
<?xml version="1.0" encoding="utf-8"?><!-- Copyright (c) Microsoft Corporation. All rights reserved. --><GroupPolicyBackupScheme bkp:version="2.0" bkp:type="GroupPolicyBackupTemplate" xmlns:bkp="http://www.microsoft.com/GroupPolicy/GPOOperations" xmlns="http://www.microsoft.com/GroupPolicy/GPOOperations">
<GroupPolicyObject><SecurityGroups><Group><Sid/><SamAccountName><![CDATA[Remote Desktop Users]]></SamAccountName><Type><![CDATA[Unknown]]></Type><NetBIOSDomainName/><DnsDomainName/><UPN/></Group><Group><Sid><![CDATA[S-1-5-21-2442050065-1280348291-2767644839-1000]]></Sid><SamAccountName><![CDATA[vagrant]]></SamAccountName><Type><![CDATA[User]]></Type><NetBIOSDomainName><![CDATA[WINDOMAIN]]></NetBIOSDomainName><DnsDomainName><![CDATA[windomain.local]]></DnsDomainName><UPN><![CDATA[vagrant@windomain.local]]></UPN></Group><Group bkp:Source="FromDACL"><Sid><![CDATA[S-1-5-21-2442050065-1280348291-2767644839-519]]></Sid><SamAccountName><![CDATA[Enterprise Admins]]></SamAccountName><Type><![CDATA[UniversalGroup]]></Type><NetBIOSDomainName><![CDATA[WINDOMAIN]]></NetBIOSDomainName><DnsDomainName><![CDATA[windomain.local]]></DnsDomainName><UPN><![CDATA[Enterprise Admins@windomain.local]]></UPN></Group><Group bkp:Source="FromDACL"><Sid><![CDATA[S-1-5-21-2442050065-1280348291-2767644839-512]]></Sid><SamAccountName><![CDATA[Domain Admins]]></SamAccountName><Type><![CDATA[GlobalGroup]]></Type><NetBIOSDomainName><![CDATA[WINDOMAIN]]></NetBIOSDomainName><DnsDomainName><![CDATA[windomain.local]]></DnsDomainName><UPN><![CDATA[Domain Admins@windomain.local]]></UPN></Group></SecurityGroups><FilePaths/><GroupPolicyCoreSettings><ID><![CDATA[{4EC18B73-0966-463C-BD39-72D0903AFE65}]]></ID><Domain><![CDATA[windomain.local]]></Domain><SecurityDescriptor>01 00 04 9c 00 00 00 00 00 00 00 00 00 00 00 00 14 00 00 00 04 00 ec 00 08 00 00 00 05 02 28 00 00 01 00 00 01 00 00 00 8f fd ac ed b3 ff d1 11 b4 1d 00 a0 c9 68 f9 39 01 01 00 00 00 00 00 05 0b 00 00 00 00 00 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 11 ba 8e 91 83 90 50 4c a7 e8 f6 a4 e8 03 00 00 00 02 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 11 ba 8e 91 83 90 50 4c a7 e8 f6 a4 00 02 00 00 00 02 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 11 ba 8e 91 83 90 50 4c a7 e8 f6 a4 07 02 00 00 00 02 14 00 94 00 02 00 01 01 00 00 00 00 00 05 09 00 00 00 00 02 14 00 94 00 02 00 01 01 00 00 00 00 00 05 0b 00 00 00 00 02 14 00 ff 00 0f 00 01 01 00 00 00 00 00 05 12 00 00 00 00 0a 14 00 ff 00 0f 00 01 01 00 00 00 00 00 03 00 00 00 00</SecurityDescriptor><DisplayName><![CDATA[Allow Domain Users RDP]]></DisplayName><Options><![CDATA[0]]></Options><UserVersionNumber><![CDATA[0]]></UserVersionNumber><MachineVersionNumber><![CDATA[327685]]></MachineVersionNumber><MachineExtensionGuids><![CDATA[[{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]]]></MachineExtensionGuids><UserExtensionGuids/><WMIFilter/></GroupPolicyCoreSettings>
<GroupPolicyExtension bkp:ID="{35378EAC-683F-11D2-A89A-00C04FBBCFA2}" bkp:DescName="Registry">
<FSObjectFile bkp:Path="%GPO_FSPATH%\Adm\*.*" bkp:SourceExpandedPath="\\dc.windomain.local\sysvol\windomain.local\Policies\{4EC18B73-0966-463C-BD39-72D0903AFE65}\Adm\*.*"/>
</GroupPolicyExtension>
<GroupPolicyExtension bkp:ID="{827D319E-6EAC-11D2-A4EA-00C04F79F83A}" bkp:DescName="Security">
<FSObjectFile bkp:Path="%GPO_MACH_FSPATH%\microsoft\windows nt\SecEdit\GptTmpl.inf" bkp:SourceExpandedPath="\\dc.windomain.local\sysvol\windomain.local\Policies\{4EC18B73-0966-463C-BD39-72D0903AFE65}\Machine\microsoft\windows nt\SecEdit\GptTmpl.inf" bkp:ReEvaluateFunction="SecurityValidateSettings" bkp:Location="DomainSysvol\GPO\Machine\microsoft\windows nt\SecEdit\GptTmpl.inf"/>
</GroupPolicyExtension>
<GroupPolicyExtension bkp:ID="{F15C46CD-82A0-4C2D-A210-5D0D3182A418}" bkp:DescName="Unknown Extension"><FSObjectDir bkp:Path="%GPO_MACH_FSPATH%\Microsoft" bkp:SourceExpandedPath="\\dc.windomain.local\sysvol\windomain.local\Policies\{4EC18B73-0966-463C-BD39-72D0903AFE65}\Machine\Microsoft" bkp:Location="DomainSysvol\GPO\Machine\Microsoft"/><FSObjectDir bkp:Path="%GPO_MACH_FSPATH%\Microsoft\Windows NT" bkp:SourceExpandedPath="\\dc.windomain.local\sysvol\windomain.local\Policies\{4EC18B73-0966-463C-BD39-72D0903AFE65}\Machine\Microsoft\Windows NT" bkp:Location="DomainSysvol\GPO\Machine\Microsoft\Windows NT"/><FSObjectDir bkp:Path="%GPO_MACH_FSPATH%\Microsoft\Windows NT\SecEdit" bkp:SourceExpandedPath="\\dc.windomain.local\sysvol\windomain.local\Policies\{4EC18B73-0966-463C-BD39-72D0903AFE65}\Machine\Microsoft\Windows NT\SecEdit" bkp:Location="DomainSysvol\GPO\Machine\Microsoft\Windows NT\SecEdit"/><FSObjectDir bkp:Path="%GPO_MACH_FSPATH%\Scripts" bkp:SourceExpandedPath="\\dc.windomain.local\sysvol\windomain.local\Policies\{4EC18B73-0966-463C-BD39-72D0903AFE65}\Machine\Scripts" bkp:Location="DomainSysvol\GPO\Machine\Scripts"/><FSObjectDir bkp:Path="%GPO_MACH_FSPATH%\Scripts\Shutdown" bkp:SourceExpandedPath="\\dc.windomain.local\sysvol\windomain.local\Policies\{4EC18B73-0966-463C-BD39-72D0903AFE65}\Machine\Scripts\Shutdown" bkp:Location="DomainSysvol\GPO\Machine\Scripts\Shutdown"/><FSObjectDir bkp:Path="%GPO_MACH_FSPATH%\Scripts\Startup" bkp:SourceExpandedPath="\\dc.windomain.local\sysvol\windomain.local\Policies\{4EC18B73-0966-463C-BD39-72D0903AFE65}\Machine\Scripts\Startup" bkp:Location="DomainSysvol\GPO\Machine\Scripts\Startup"/></GroupPolicyExtension></GroupPolicyObject>
</GroupPolicyBackupScheme>

BIN
Vagrant/resources/GPO/rdp_users/{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf Normal file
View File

Binary file not shown.

1
Vagrant/resources/GPO/rdp_users/{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}/bkupInfo.xml Normal file
View File

@@ -0,0 +1 @@
<BackupInst xmlns="http://www.microsoft.com/GroupPolicy/GPOOperations/Manifest"><GPOGuid><![CDATA[{4EC18B73-0966-463C-BD39-72D0903AFE65}]]></GPOGuid><GPODomain><![CDATA[windomain.local]]></GPODomain><GPODomainGuid><![CDATA[{46037b97-c619-4c8b-b901-d264bbccc4c0}]]></GPODomainGuid><GPODomainController><![CDATA[dc.windomain.local]]></GPODomainController><BackupTime><![CDATA[2019-04-26T03:18:07]]></BackupTime><ID><![CDATA[{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}]]></ID><Comment><![CDATA[Allows windomain\vagrant to RDP to hosts]]></Comment><GPODisplayName><![CDATA[Allow Domain Users RDP]]></GPODisplayName></BackupInst>

BIN
Vagrant/resources/GPO/rdp_users/{87A41109-E0FA-4D74-BE50-9ED009D4BAAF}/gpreport.xml Normal file
View File

Binary file not shown.

4
Vagrant/resources/windows/classic_shell_win7.reg Normal file
View File

@@ -0,0 +1,4 @@
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\IvoSoft\ClassicStartMenu]
"MenuStyle_Default"="Win7"

6
Vagrant/scripts/configure-powershelllogging.ps1
View File

@@ -11,7 +11,7 @@ If ($gPLinks.LinkedGroupPolicyObjects -notcontains $gpo.path)
} }
else else
{ {
Write-Host "Powershell Loggin was already linked at $OU. Moving On." Write-Host "Powershell Logging was already linked at $OU. Moving On."
} }
$OU = "ou=Servers,dc=windomain,dc=local" $OU = "ou=Servers,dc=windomain,dc=local"
$gPLinks = $null $gPLinks = $null
@@ -23,7 +23,7 @@ If ($gPLinks.LinkedGroupPolicyObjects -notcontains $gpo.path)
} }
else else
{ {
Write-Host "Powershell Loggin was already linked at $OU. Moving On." Write-Host "Powershell Logging was already linked at $OU. Moving On."
} }
$OU = "ou=Domain Controllers,dc=windomain,dc=local" $OU = "ou=Domain Controllers,dc=windomain,dc=local"
$gPLinks = $null $gPLinks = $null
@@ -34,6 +34,6 @@ If ($gPLinks.LinkedGroupPolicyObjects -notcontains $gpo.path)
} }
else else
{ {
Write-Host "Powershell Loggin was already linked at $OU. Moving On." Write-Host "Powershell Logging was already linked at $OU. Moving On."
} }
gpupdate /force gpupdate /force

29
Vagrant/scripts/configure-rdp-user-gpo.ps1 Normal file
View File

@@ -0,0 +1,29 @@
# Purpose: Install the GPO that allows windomain\vagrant to RDP
Write-Host "Importing the GPO to allow windomain/vagrant to RDP..."
Import-GPO -BackupGpoName 'Allow Domain Users RDP' -Path "c:\vagrant\resources\GPO\rdp_users" -TargetName 'Allow Domain Users RDP' -CreateIfNeeded
$OU = "ou=Workstations,dc=windomain,dc=local"
$gPLinks = $null
$gPLinks = Get-ADOrganizationalUnit -Identity $OU -Properties name,distinguishedName, gPLink, gPOptions
$GPO = Get-GPO -Name 'Allow Domain Users RDP'
If ($gPLinks.LinkedGroupPolicyObjects -notcontains $gpo.path)
{
New-GPLink -Name 'Allow Domain Users RDP' -Target $OU -Enforced yes
}
else
{
Write-Host "Allow Domain Users RDP GPO was already linked at $OU. Moving On."
}
$OU = "ou=Servers,dc=windomain,dc=local"
$gPLinks = $null
$gPLinks = Get-ADOrganizationalUnit -Identity $OU -Properties name,distinguishedName, gPLink, gPOptions
$GPO = Get-GPO -Name 'Allow Domain Users RDP'
If ($gPLinks.LinkedGroupPolicyObjects -notcontains $gpo.path)
{
New-GPLink -Name 'Allow Domain Users RDP' -Target $OU -Enforced yes
}
else
{
Write-Host "Allow Domain Users RDP GPO was already linked at $OU. Moving On."
}
gpupdate /force

1
Vagrant/scripts/install-utilities.ps1
View File

@@ -11,6 +11,7 @@ Write-Host "Installing utilities..."
If ($(hostname) -eq "win10") { If ($(hostname) -eq "win10") {
# Because the Windows10 start menu sucks # Because the Windows10 start menu sucks
choco install -y classic-shell -installArgs ADDLOCAL=ClassicStartMenu choco install -y classic-shell -installArgs ADDLOCAL=ClassicStartMenu
reg import "c:\vagrant\resources\windows\classic_shell_win7.reg"
} }
choco install -y NotepadPlusPlus choco install -y NotepadPlusPlus
choco install -y GoogleChrome choco install -y GoogleChrome

16
ci/build_machine_bootstrap.sh
View File

@@ -37,8 +37,10 @@ fi
echo "deb http://download.virtualbox.org/virtualbox/debian xenial contrib" >> /etc/apt/sources.list echo "deb http://download.virtualbox.org/virtualbox/debian xenial contrib" >> /etc/apt/sources.list
sed -i "2ideb mirror://mirrors.ubuntu.com/mirrors.txt xenial main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt xenial-updates main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt xenial-backports main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt xenial-security main restricted universe multiverse" /etc/apt/sources.list sed -i "2ideb mirror://mirrors.ubuntu.com/mirrors.txt xenial main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt xenial-updates main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt xenial-backports main restricted universe multiverse\ndeb mirror://mirrors.ubuntu.com/mirrors.txt xenial-security main restricted universe multiverse" /etc/apt/sources.list
wget -q https://www.virtualbox.org/download/oracle_vbox_2016.asc -O- | sudo apt-key add - wget -q https://www.virtualbox.org/download/oracle_vbox_2016.asc -O- | sudo apt-key add -
apt-get update echo "Running apt-get update..."
apt-get install -y linux-headers-"$(uname -r)" virtualbox-5.2 build-essential unzip git ufw apache2 apt-get -qq update
echo "Running apt-get install..."
apt-get -qq install -y linux-headers-"$(uname -r)" virtualbox-5.2 build-essential unzip git ufw apache2
echo "building" > /var/www/html/index.html echo "building" > /var/www/html/index.html
@@ -52,10 +54,16 @@ if [ "$PACKER_ONLY" -eq 0 ]; then
# Install Vagrant # Install Vagrant
mkdir /opt/vagrant mkdir /opt/vagrant
cd /opt/vagrant || exit 1 cd /opt/vagrant || exit 1
wget https://releases.hashicorp.com/vagrant/2.2.4/vagrant_2.2.4_x86_64.deb wget --progress=bar:force https://releases.hashicorp.com/vagrant/2.2.4/vagrant_2.2.4_x86_64.deb
dpkg -i vagrant_2.2.4_x86_64.deb dpkg -i vagrant_2.2.4_x86_64.deb
vagrant plugin install vagrant-reload vagrant plugin install vagrant-reload
# Make sure the plugin installed correctly. Retry if not.
if [ "$(vagrant plugin list | grep -c vagrant-reload)" -ne "1" ]; then
echo "The first attempt to install the vagrant-reload plugin failed. Trying again."
vagrant plugin install vagrant-reload
fi
# Make the Vagrant instances headless # Make the Vagrant instances headless
cd /opt/DetectionLab/Vagrant || exit 1 cd /opt/DetectionLab/Vagrant || exit 1
sed -i 's/vb.gui = true/vb.gui = false/g' Vagrantfile sed -i 's/vb.gui = true/vb.gui = false/g' Vagrantfile
@@ -65,7 +73,7 @@ if [ "$VAGRANT_ONLY" -eq 0 ]; then
# Install Packer # Install Packer
mkdir /opt/packer mkdir /opt/packer
cd /opt/packer || exit 1 cd /opt/packer || exit 1
wget https://releases.hashicorp.com/packer/1.3.2/packer_1.3.2_linux_amd64.zip wget --progress=bar:force https://releases.hashicorp.com/packer/1.3.2/packer_1.3.2_linux_amd64.zip
unzip packer_1.3.2_linux_amd64.zip unzip packer_1.3.2_linux_amd64.zip
cp packer /usr/local/bin/packer cp packer /usr/local/bin/packer

10
ci/circle_workflows/vagrant_changes.sh
View File

@@ -35,7 +35,7 @@ IP_ADDRESS=$(curl -s -X GET --header 'Accept: application/json' --header 'X-Auth
# Copy repo to Packet server # Copy repo to Packet server
# TODO: Tar up the repo and expand it remotely # TODO: Tar up the repo and expand it remotely
cd ~/repo cd ~/repo
rsync -Pav -e "ssh -i ~/.ssh/id_rsa" ~/repo/ root@"$IP_ADDRESS":/opt/DetectionLab rsync -Paq -e "ssh -i ~/.ssh/id_rsa" ~/repo/ root@"$IP_ADDRESS":/opt/DetectionLab
## Running install script on Packet server ## Running install script on Packet server
ssh -i ~/.ssh/id_rsa root@"$IP_ADDRESS" 'bash -s' -- < ci/build_machine_bootstrap.sh --vagrant-only ssh -i ~/.ssh/id_rsa root@"$IP_ADDRESS" 'bash -s' -- < ci/build_machine_bootstrap.sh --vagrant-only
@@ -46,16 +46,16 @@ while [ "$MINUTES_PAST" -lt 180 ]; do
STATUS=$(curl $IP_ADDRESS) STATUS=$(curl $IP_ADDRESS)
if [ "$STATUS" == "building" ]; then if [ "$STATUS" == "building" ]; then
echo "$STATUS" echo "$STATUS"
scp -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/ || echo "Vagrant log not yet present" scp -q -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/ || echo "Vagrant log not yet present"
sleep 300 sleep 300
((MINUTES_PAST += 5)) ((MINUTES_PAST += 5))
else else
scp -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/ || echo "Vagrant log not yet present" scp -q -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/ || echo "Vagrant log not yet present"
break break
fi fi
if [ "$MINUTES_PAST" -gt 180 ]; then if [ "$MINUTES_PAST" -gt 180 ]; then
echo "Serer timed out. Uptime: $MINUTES_PAST minutes." echo "Serer timed out. Uptime: $MINUTES_PAST minutes."
scp -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/ scp -q -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/
curl -X DELETE --header 'Accept: application/json' --header 'X-Auth-Token: '"$PACKET_API_TOKEN" 'https://api.packet.net/devices/'"$DEVICE_ID" curl -X DELETE --header 'Accept: application/json' --header 'X-Auth-Token: '"$PACKET_API_TOKEN" 'https://api.packet.net/devices/'"$DEVICE_ID"
exit 1 exit 1
fi fi
@@ -64,7 +64,7 @@ done
## Recording the build results ## Recording the build results
echo $STATUS echo $STATUS
if [ "$STATUS" != "success" ]; then if [ "$STATUS" != "success" ]; then
scp -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/ scp -q -i ~/.ssh/id_rsa root@"$IP_ADDRESS":/opt/DetectionLab/Vagrant/vagrant_up_*.log /tmp/artifacts/
echo "Build failed. Cleaning up server with ID $DEVICE_ID" echo "Build failed. Cleaning up server with ID $DEVICE_ID"
curl -X DELETE --header 'Accept: application/json' --header 'X-Auth-Token: '"$PACKET_API_TOKEN" 'https://api.packet.net/devices/'"$DEVICE_ID" curl -X DELETE --header 'Accept: application/json' --header 'X-Auth-Token: '"$PACKET_API_TOKEN" 'https://api.packet.net/devices/'"$DEVICE_ID"
exit 1 exit 1