Move Exchange to AddOns Folder

2021-05-05 21:40:48 -07:00
parent ed30d82600
commit fbb03be0d0
34 changed files with 237 additions and 234 deletions
--- a/Azure/Ansible/inventory.yml
+++ b/Azure/Ansible/inventory.yml
@@ -11,8 +11,3 @@ wef:
 win10:
  hosts:
    z.z.z.z:
-
-#exchange:
-#  hosts:
-#    w.w.w.w:
-
--- a/Azure/Ansible/roles/exchange/tasks/main.yml
+++ b/Azure/Ansible/roles/exchange/tasks/main.yml
@@ -1,135 +0,0 @@
---
-
- name: Hostname -> EXCHANGE
-  win_hostname:
-    name: EXCHANGE
-  register: res
-
- name: Reboot
-  win_reboot:
-  when: res.reboot_required
-
- name: Set HostOnly DNS Address
-  win_dns_client:
-    adapter_names: '*'
-    ipv4_addresses:
-      - 192.168.38.102
-      - 8.8.8.8
-    log_path: C:\dns_log.txt
-
- name: Install git
-  win_chocolatey:
-    name: git
-    state: present
-
- name: Check if existing DetectionLab directory
-  win_stat:
-    path: 'c:\DetectionLab'
-  register: dir
-
- name: Git clone Detectionlab
-  win_shell: git clone https://github.com/clong/DetectionLab.git
-  args:
-    chdir: 'c:\'
-  when: not dir.stat.exists
-
- name: Copy scripts to c:\vagrant
-  win_shell: Copy-Item -Recurse c:\DetectionLab\Vagrant c:\vagrant
-
- name: Join the Domain
-  win_shell: .\\provision.ps1
-  args:
-    chdir: 'c:\vagrant\scripts'
-  register: exchange_join_domain
-  changed_when: "'HasSucceeded : True' in exchange_join_domain.stdout"
-
- debug: msg="{{ exchange_join_domain.stdout_lines }}"
-
- name: Reboot After Joining the Domain
-  win_reboot:
-    msg: "Joining the domain. Rebooting..."
-    pre_reboot_delay: 5
-    reboot_timeout: 600
-    post_reboot_delay: 60
-
- name: Install Exchange Prereqs
-  win_shell: .\\install-exchange.ps1
-  args:
-    chdir: 'c:\vagrant\scripts'
-  register: exchange_prereqs
-  changed_when: "'A reboot is required to continue installation of exchange.' in exchange_prereqs.stdout"
-
- name: Reboot After Installing Exchange PreReqs
-  win_reboot:
-    msg: "Exchange Prereqs installed. Rebooting..."
-    pre_reboot_delay: 5
-    reboot_timeout: 600
-    post_reboot_delay: 60
-
- name: Download Exchange ISO and Mount It
-  win_shell: .\\install-exchange.ps1
-  args:
-    chdir: 'c:\vagrant\scripts'
-  register: download_exchange_iso
-
- name: Prepare Schema
-  win_package:
-    path: F:\Setup.exe
-    arguments: >-
-      /IAcceptExchangeServerLicenseTerms
-      /PrepareSchema
-    product_id: '{CD981244-E9B8-405A-9026-6AEB9DCEF1F1}'
-  vars:
-    ansible_become: yes
-    ansible_become_method: runas
-    ansible_become_user: WINDOMAIN\vagrant
-    ansible_become_password: vagrant
-  register: prepare_schema
-
- name: Prepare AD
-  win_package:
-    path: F:\Setup.exe
-    arguments: >-
-      /IAcceptExchangeServerLicenseTerms
-      /PrepareAD
-      /OrganizationName: DetectionLab
-    product_id: '{CD981244-E9B8-405A-9026-6AEB9DCEF1F1}'
-  vars:
-    ansible_become: yes
-    ansible_become_method: runas
-    ansible_become_user: WINDOMAIN\vagrant
-    ansible_become_password: vagrant
-  register: prepare_ad
-
- name: Install Exchange
-  win_package:
-    path: F:\Setup.exe
-    arguments: >-
-      /IAcceptExchangeServerLicenseTerms
-      /Mode:Install
-      /Role:Mailbox
-    product_id: '{CD981244-E9B8-405A-9026-6AEB9DCEF1F1}'
-  vars:
-    ansible_become: yes
-    ansible_become_method: runas
-    ansible_become_user: WINDOMAIN\vagrant
-    ansible_become_password: vagrant
-  register: install_exchange
-
- name: Reboot after Exchange Installation
-  win_reboot:
-    msg: "Exchange installed. Rebooting..."
-    pre_reboot_delay: 5
-    reboot_timeout: 600
-    post_reboot_delay: 60
-
- name: Clear Event Logs
-  win_shell: "wevtutil el | Select-String -notmatch \"Microsoft-Windows-LiveId\" | Foreach-Object {wevtutil cl \"$_\"}"
-
- name: Configure EXCHANGE with raw Commands
-  win_shell: "{{ item }}"
-  with_items:
-    - "wevtutil el | Select-String -notmatch \"Microsoft-Windows-LiveId\" | Foreach-Object {wevtutil cl \"$_\"}"
-    - "Set-SmbServerConfiguration -AuditSmb1Access $true -Force"
-
-
--- a/Azure/Terraform/locals.tf
+++ b/Azure/Terraform/locals.tf
@@ -4,5 +4,4 @@ locals {
  ata_url    = "https://${azurerm_public_ip.wef-publicip.ip_address}"
  guacamole_url = "http://${azurerm_public_ip.logger-publicip.ip_address}:8080/guacamole"
  velociraptor_url = "https://${azurerm_public_ip.logger-publicip.ip_address}:9999"
-  exchange_url    = "https://${var.create_exchange_server ? azurerm_public_ip.exchange-publicip[0].ip_address : ""}"
 }
--- a/Azure/Terraform/main.tf
+++ b/Azure/Terraform/main.tf
@@ -366,33 +366,6 @@ resource "azurerm_public_ip" "win10-publicip" {
  }
 }

-resource "azurerm_network_interface" "exchange-nic" {
-  count = var.create_exchange_server ? 1 : 0
-  name = "exchange-nic"
-  location = var.region
-  resource_group_name  = azurerm_resource_group.detectionlab.name
-
-  ip_configuration {
-    name                          = "myNicConfiguration"
-    subnet_id                     = azurerm_subnet.detectionlab-subnet.id
-    private_ip_address_allocation = "Static"
-    private_ip_address            = "192.168.38.106"
-    public_ip_address_id          = azurerm_public_ip.exchange-publicip[count.index].id
-  }
-}
-
-resource "azurerm_public_ip" "exchange-publicip" {
-  count = var.create_exchange_server ? 1 : 0
-  name                = "exchange-public-ip"
-  location            = var.region
-  resource_group_name = azurerm_resource_group.detectionlab.name
-  allocation_method   = "Static"
-
-  tags = {
-    role = "exchange"
-  }
-}
-
 resource "azurerm_virtual_machine" "dc" {
  name = "dc.windomain.local"
  location = var.region
@@ -506,64 +479,6 @@ resource "azurerm_virtual_machine" "wef" {
  }
 }

-resource "azurerm_virtual_machine" "exchange" {
-  count = var.create_exchange_server ? 1 : 0
-  name = "exchange.windomain.local"
-  location = var.region
-  resource_group_name  = azurerm_resource_group.detectionlab.name
-  network_interface_ids = [azurerm_network_interface.exchange-nic[count.index].id]
-  vm_size               = "Standard_D3_v2"
-
-  delete_os_disk_on_termination = true
-
-  storage_image_reference {
-    publisher = "MicrosoftWindowsServer"
-    offer     = "WindowsServer"
-    sku       = "2016-Datacenter"
-    version   = "latest"
-  }
-
-  os_profile {
-    computer_name  = "exchange"
-    admin_username = "vagrant"
-    admin_password = "Vagrant123"
-    custom_data    = local.custom_data_content
-  }
-
-  os_profile_windows_config {
-    provision_vm_agent        = true
-    enable_automatic_upgrades = false
-
-    # Auto-Login's required to configure WinRM
-    additional_unattend_config {
-      pass         = "oobeSystem"
-      component    = "Microsoft-Windows-Shell-Setup"
-      setting_name = "AutoLogon"
-      content      = "<AutoLogon><Password><Value>Vagrant123</Value></Password><Enabled>true</Enabled><LogonCount>1</LogonCount><Username>vagrant</Username></AutoLogon>"
-    }
-
-    # Unattend config is to enable basic auth in WinRM, required for the provisioner stage.
-    # https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/examples/virtual-machines/provisioners/windows/files/FirstLogonCommands.xml
-    additional_unattend_config {
-      pass         = "oobeSystem"
-      component    = "Microsoft-Windows-Shell-Setup"
-      setting_name = "FirstLogonCommands"
-      content      = file("${path.module}/files/FirstLogonCommands.xml")
-    }
-  }
-
-  storage_os_disk {
-    name              = "OsDiskExchange"
-    caching           = "ReadWrite"
-    create_option     = "FromImage"
-    managed_disk_type = "Standard_LRS"
-  }
-
-  tags = {
-    role = "exchange"
-  }
-}
-
 resource "azurerm_virtual_machine" "win10" {
  name = "win10.windomain.local"
  location = var.region
--- a/Azure/Terraform/outputs.tf
+++ b/Azure/Terraform/outputs.tf
@@ -18,10 +18,6 @@ output "win10_public_ip" {
  value = azurerm_public_ip.win10-publicip.ip_address 
 }

-output "exchange_public_ip" {
-  value = "${var.create_exchange_server ? azurerm_public_ip.exchange-publicip[0].ip_address : null}"
-}
-
 output "ata_url" {
  value = local.ata_url
 }
@@ -41,7 +37,3 @@ output "guacamole_url" {
 output "velociraptor_url" {
  value = local.velociraptor_url
 }
-
-output "exchange_url" {
-  value = "${var.create_exchange_server ? local.exchange_url : null}"
-}
--- a/Azure/Terraform/variables.tf
+++ b/Azure/Terraform/variables.tf
@@ -39,10 +39,4 @@ variable "external_dns_servers" {
  description = "Configure lab to allow external DNS resolution"
  type        = list(string)
  default     = ["8.8.8.8"]
-}
-
-variable "create_exchange_server" {
-  description = "If set to true, adds an additional host that installs exchange"
-  type        = bool
-  default     = false
 }
--- a/Azure/build_ansible_inventory.sh
+++ b/Azure/build_ansible_inventory.sh
@@ -23,10 +23,7 @@ TF_OUTPUT=$(terraform output)

 DC_IP=$(echo "$TF_OUTPUT" | grep -E -o "dc_public_ip = ([0-9]{1,3}[\.]){3}[0-9]{1,3}" | cut -d '=' -f 2 | tr -d ' ')
 WEF_IP=$(echo "$TF_OUTPUT" | grep -E -o "wef_public_ip = ([0-9]{1,3}[\.]){3}[0-9]{1,3}" | cut -d '=' -f 2 | tr -d ' ')
-EXCHANGE_IP=$(echo "$TF_OUTPUT" | grep -E -o "exchange_public_ip = ([0-9]{1,3}[\.]){3}[0-9]{1,3}" | cut -d '=' -f 2 | tr -d ' ')
 WIN10_IP=$(echo "$TF_OUTPUT" | grep -E -o "win10_public_ip = ([0-9]{1,3}[\.]){3}[0-9]{1,3}" | cut -d '=' -f 2 | tr -d ' ')
-# Code needs to be added for exchange
-

 # Don't update unless there's default values in inventory.yml
 GREP_COUNT=$(grep -E -c 'x\.x\.x\.x|y\.y\.y\.y|z\.z\.z\.z' ../Ansible/inventory.yml)
@@ -40,10 +37,5 @@ fi
 echo "Replacing the default values in DetectionLab/Azure/Ansible/inventory.yml..."
 sed -i.bak "s/x.x.x.x/$DC_IP/g; s/y.y.y.y/$WEF_IP/g; s/z.z.z.z/$WIN10_IP/g" ../Ansible/inventory.yml

-if [ ! -z $EXCHANGE_IP ]; then
-  echo "Found Exchange IP address in Terraform output. Adding to inventory."
-  sed -i.bak "s/#exchange:/exchange:/g; s/#  hosts:/  hosts:/g; s/#    w.w.w.w/    $EXCHANGE_IP/g" ../Ansible/inventory.yml
-fi
-
 echo "Displaying the updated inventory.yml below!"
 cat ../Ansible/inventory.yml