Merge pull request #1603 from unfetter-discover/rc-0.3.12

Rc 0.3.12 into master

Author: j987987

ansible/.gitignore

@@ -10,6 +10,8 @@ backup/*
 roles/gateway/files/conf.d/default.conf
 roles/gateway/files/ui-dist/
 
+roles/threat-ingest/files/**/*
+
 host_vars/*
 !host_vars/demo-file.yml
 src/*

ansible/build-prod.yml

@@ -1,15 +1,11 @@
 ####################################################################################
-#  This playbook only builds the docker images locally
-#
-####################################################################################
+#  This playbook builds, but does not deploy, docker containers.   It will
+#  also build the production UI versions.
+#####################################################################################
 
 - name: Build the Docker images only.
   hosts: build
   tasks:
-    - name: Iterate over group variables
-      debug:
-        var: item
-      with_items: "{{ hostvars | to_nice_json }}"
     - name: Start running the commands
       import_tasks: discover-tasks.yml
     - include_role:

ansible/discover-tasks.yml

@@ -33,32 +33,13 @@
     ansible_python_interpreter: "{{ overrides.ansible_python_interpreter | default(ansible_python_interpreter) }}"
     gateway_tag: "{{ overrides.gateway_tag | default(gateway_tag) }}"
     https_proxy_url: "{{ overrides.https_proxy_url | default(https_proxy_url) }}"
+    backup_directory: "{{ overrides.backup_directory | default(backup_directory) }}"
 
-#  Displaying the variables.
-- debug:
-    msg:
-      - "docker_tag: {{ docker_tag }} "
-      - "gateway_tag: {{ gateway_tag }} "
-      - "build_action: {{ build_action }}"
-      - "run_action: {{ run_action }}"
-      - "use_unfetter_ui: {{ use_unfetter_ui }}"
-      - "use_uac: {{ use_uac }}"
-      - "use_taxii: {{ use_taxii }}"
-      - "registry: {{ registry }}"
-      - "prepath: {{ prepath }}"
-      - "remote home: {{ ansible_env.HOME }}"
-      - "ansible_host = {{ ansible_host }}"
-      - "ansible_ssh_private_key_file = {{ ansible_ssh_private_key_file }}"
-      - "ansible_connection = {{ ansible_connection }}"
-      - "run_mode = {{ run_mode }}"
-      - "https_proxy_url = {{ https_proxy_url }}"
-
+- include_tasks: "task-print-variables.yml"
 - include_role:
     name: common
 - include_role:
     name: processor
-- include_role:
-    name: openssl
 - include_role:
     name: pattern-handler
 - include_role:

ansible/group_vars/all.yml

@@ -1,5 +1,5 @@
 ---
-# For version 0.3.11 of Unfetter Discover
+# For version 0.3.12 of Unfetter Discover
 
 run_action: true
 # use_taxii tells Ansible if the Taxii server should be running.  At the moment, this will always be false.
@@ -18,7 +18,7 @@ use_taxii_tls: false
 # 0 means there is no size limit
 attachments_max_size: 0
 ansible_python_interpreter: python
-docker_tag: "0.3.11"
+docker_tag: "0.3.12"
 gateway_tag: "{{ docker_tag }}.uac"
 
 legacy: false

ansible/group_vars/demo.yml

@@ -1,4 +1,3 @@
 ---
-# For version 0.3.11 of Unfetter Discover
 
 use_uac: false

ansible/group_vars/development.yml

@@ -1,5 +1,5 @@
 ---
-# For version 0.3.11 of Unfetter Discover
+# For version 0.3.12 of Unfetter Discover
 
 # For development, you can use the local ansible location as default
 ansible_host: "127.0.0.1"
@@ -16,7 +16,7 @@ ansible_connection: "local"
 prepath: '../../'
 
 # For testing, the API_Domain is "localhost"
-docker_tag: "0.3.11.beta.1"
+docker_tag: "0.3.12.beta.1"
 gateway_tag: "{{ docker_tag }}.uac"
 
 

ansible/group_vars/production.yml

@@ -13,7 +13,7 @@ ansible_ssh_private_key_file: ""
 ansible_connection: "local"
 # If local, then use ../../ or the full directory path to the directory above the "unfetter" directory.  
 prepath: '../../'
-docker_tag: "0.3.11"
+docker_tag: "0.3.12"
 gateway_tag: "{{ docker_tag }}.uac"
 
 # Docker Tag specifies what will be the name of the developed tag.

ansible/host_vars/demo-file.yml

@@ -1,12 +1,70 @@
 ---
-remote_tmp: ""
-ansible_connection: "ssh"
-backup_directory: "{{ remote_tmp }}/unfetter"
-ansible_user: "ansible"
-ansible_ssh_private_key_file: "xxxxxxx"
+
+######################################################################################################
+
+# This file is a demonstration of the variables you may need to override in order to customize
+# Unfetter deployment to meet your needs.
+
+# Each file in the host_vars directory should be named after your deployment type
+# - prod-uac.yml
+# - prod-legacy-demo.yml
+# - prod-legacy-uac.yml
+# - prod-demo.yml
+
+# For developers, a 'build.yml' may also be necessary.
+
+# Every variable in a hosts file will override all group vars.  Consider the group_vars files to be default values
+
+######################################################################################################
+
+
+
+
+######################################################################################
+# Connection Variables
+# These variables are needed to connect to your system that is running Unfetter.  By default, 
+# the group_vars will set the variables to support a local deployment.  Meaning, that ansible is 
+# executed on the same system that you will run Unfetter.  
+
+# For a local system, the values will be 
+
+# ansible_connection: "local"
+# ansible_user: ""
+# ansible_ssh_private_key_file: ""
+# ansible_host: "127.0.0.1"
+# backup_directory: "{{ playbook_dir }}/backup"
+
+# For remote system accessed over SSH, which is where Ansible excels, you would change those values to the following:
+######################################################################################
+
+# Tell Ansible host how to connect with the host.  ssh 
+ansible_connection: "ssh" 
+
+# The user that the host running ansible will connect to the remote system.  You are responsible
+#      for creating this user.  For AWS, it is likely ec2-user
+ansible_user: "ec2-user" 
+
+# The private key file and location
+ansible_ssh_private_key_file: "~/.ssh/id_rsa"
+
+# What is the host IP that you will SSH into.
 ansible_host: "xx.xx.xxx.xxx"
-api_domain: "{{ ansible_host }}"
-ui_domain: "{{ ansible_host }}"
 
+# The backup directory is where backup files are stored, and where Unfetter will look for the files to restore
+#     data from.  For remote deployments, there is no ansible directory so {{ playbook_dir }} has to be overwritten
+backup_directory: "/tmp/backup"
+
+######################################################################################
+# In UAC deployed, these values are needed as the domain that people are accessing Unfetter.  If you are running
+#   locally, as the default setting, this is localhost.  For a real deployment, it is the domain name or IP address
+
+api_domain: "www.example.com"
+ui_domain: "www.example.com"
+
+
+######################################################################################
 # If you are using a proxy URL, you can change that here, otherwise, leave it commented out
+######################################################################################
+
+
 # https_proxy_url: "http://host:port"

ansible/roles/api/tasks/main.yml

@@ -3,13 +3,17 @@
     name: "{{ image_name }}"
     state: present
     path: "{{ path }}"
+    buildargs:
+       https_proxy_url: "{{ https_proxy_url }}"
   when: "build_action == 'local'"
 
 - name: "Pull {{ container_name }}"
   docker_image:
     name: "{{ image_name }}"
     state: present
     pull: yes
+    buildargs:
+       https_proxy_url: "{{ https_proxy_url }}"
   when: "build_action == 'pull'"
 
 # Creating the list of volumes has been difficult.

ansible/roles/explorer/tasks/main.yml

@@ -7,6 +7,8 @@
     state: present
     path: "{{ path }}"
     dockerfile: "{{ dockerfile }}"
+    buildargs:
+       https_proxy_url: "{{ https_proxy_url }}"
   when: "build_action == 'local'"
 
 
@@ -16,6 +18,8 @@
     name: "{{ image_name }}"
     state: present
     pull: yes
+    buildargs:
+       https_proxy_url: "{{ https_proxy_url }}"
   when: "build_action == 'pull'"