mirror of
https://github.com/trailofbits/algo
synced 2024-11-13 19:12:06 +00:00
88 lines
2.5 KiB
YAML
88 lines
2.5 KiB
YAML
- name: Configure the server and install required software
|
|
hosts: localhost
|
|
|
|
vars:
|
|
regions:
|
|
"1": "ams2"
|
|
"2": "ams3"
|
|
"3": "fra1"
|
|
"4": "lon1"
|
|
"5": "nyc1"
|
|
"6": "nyc2"
|
|
"7": "nyc3"
|
|
"8": "sfo1"
|
|
"9": "sfo2"
|
|
"10": "sgp1"
|
|
"11": "tor1"
|
|
|
|
vars_prompt:
|
|
- name: "do_access_token"
|
|
prompt: "Enter your API Token (https://cloud.digitalocean.com/settings/api/tokens):\n"
|
|
private: yes
|
|
|
|
- name: "do_ssh_name"
|
|
prompt: "Enter a valid SSH key name (https://cloud.digitalocean.com/settings/security):\n"
|
|
private: no
|
|
|
|
- name: "do_region"
|
|
prompt: >
|
|
What region should the server be located in?
|
|
1. Amsterdam (Datacenter 2)
|
|
2. Amsterdam (Datacenter 3)
|
|
3. Frankfurt
|
|
4. London
|
|
5. New York (Datacenter 1)
|
|
6. New York (Datacenter 2)
|
|
7. New York (Datacenter 3)
|
|
8. San Francisco (Datacenter 1)
|
|
9. San Francisco (Datacenter 2)
|
|
10. Singapore
|
|
11. Toronto
|
|
Please choose the number of your region. Press enter for default (#7) region.
|
|
default: "7"
|
|
private: no
|
|
|
|
- name: "server_name"
|
|
prompt: "Name the vpn server:\nMaybe a valid DNS name"
|
|
default: "strongswan.local"
|
|
private: no
|
|
|
|
- name: "service_dns"
|
|
prompt: "Do you want to use DNS resolver on the new server to block ads and malware while surfing? (Y or N)\nIf your choice is 'N', DNS servers will set to values from the dns_servers variable.\n"
|
|
default: "Y"
|
|
private: no
|
|
|
|
tasks:
|
|
- name: "Getting your SSH key ID on Digital Ocean..."
|
|
digital_ocean:
|
|
state: present
|
|
command: ssh
|
|
name: "{{ do_ssh_name }}"
|
|
api_token: "{{ do_access_token }}"
|
|
register: do_ssh_key
|
|
|
|
- name: "Creating a droplet..."
|
|
digital_ocean:
|
|
state: present
|
|
command: droplet
|
|
name: "{{ server_name }}"
|
|
region_id: "{{ regions[do_region] }}"
|
|
size_id: "512mb"
|
|
image_id: "ubuntu-16-04-x64"
|
|
ssh_key_ids: "{{ do_ssh_key.ssh_key.id }}"
|
|
unique_name: yes
|
|
api_token: "{{ do_access_token }}"
|
|
register: do
|
|
|
|
- name: Add the droplet to an inventory group
|
|
add_host:
|
|
name: "{{ do.droplet.ip_address }}"
|
|
groups: vpn-host
|
|
ansible_ssh_user: root
|
|
ansible_python_interpreter: "/usr/bin/python2.7"
|
|
|
|
- name: Wait for SSH to become available
|
|
local_action: "wait_for port=22 host={{ do.droplet.ip_address }} timeout=320"
|
|
|
|
|