From 98f0eec4eb02ca806f0c66f18a7df10632133fcb Mon Sep 17 00:00:00 2001 From: Anthony Perkins Date: Mon, 11 Jul 2022 15:15:38 +0100 Subject: [PATCH] Add Kali --- admin-cli.yml | 3 +++ admin-gui.yml | 3 +++ roles/kali/tasks/main.yml | 22 ++++++++++++++++ roles/kali/tasks/packagekit.yml | 34 ++++++++++++++++++++++++ roles/kali/tasks/packages-cli.yml | 43 +++++++++++++++++++++++++++++++ roles/kali/tasks/packages-gui.yml | 41 +++++++++++++++++++++++++++++ roles/kali/tasks/ssh.yml | 35 +++++++++++++++++++++++++ roles/kali/tasks/sudo.yml | 23 +++++++++++++++++ 8 files changed, 204 insertions(+) create mode 100644 roles/kali/tasks/main.yml create mode 100644 roles/kali/tasks/packagekit.yml create mode 100644 roles/kali/tasks/packages-cli.yml create mode 100644 roles/kali/tasks/packages-gui.yml create mode 100644 roles/kali/tasks/ssh.yml create mode 100644 roles/kali/tasks/sudo.yml diff --git a/admin-cli.yml b/admin-cli.yml index 92fb74f..c0273b0 100755 --- a/admin-cli.yml +++ b/admin-cli.yml @@ -47,3 +47,6 @@ - include_role: name: ubuntu when: ansible_distribution == 'Ubuntu' + - include_role: + name: kali + when: ansible_distribution == 'Kali' diff --git a/admin-gui.yml b/admin-gui.yml index b2bccdb..c943d10 100755 --- a/admin-gui.yml +++ b/admin-gui.yml @@ -46,3 +46,6 @@ - include_role: name: ubuntu when: ansible_distribution == 'Ubuntu' + - include_role: + name: kali + when: ansible_distribution == 'Kali' diff --git a/roles/kali/tasks/main.yml b/roles/kali/tasks/main.yml new file mode 100644 index 0000000..9b90dc0 --- /dev/null +++ b/roles/kali/tasks/main.yml @@ -0,0 +1,22 @@ +--- +# Copyright 2021 Anthony Perkins +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- import_tasks: packages-cli.yml +- import_tasks: packages-gui.yml + when: gui == true +- import_tasks: ssh.yml +- import_tasks: sudo.yml +- import_tasks: packagekit.yml + when: gui == true diff --git a/roles/kali/tasks/packagekit.yml b/roles/kali/tasks/packagekit.yml new file mode 100644 index 0000000..46ca533 --- /dev/null +++ b/roles/kali/tasks/packagekit.yml @@ -0,0 +1,34 @@ +--- +# Copyright 2021 Anthony Perkins +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Disable PackageKit + become: true + ansible.builtin.systemd: + name: packagekit.service + enabled: no + masked: yes + state: stopped +- name: Disable PackageKit offline updates + become: true + ansible.builtin.systemd: + name: packagekit-offline-update.service + enabled: no + masked: yes + state: stopped +- name: Delete PackageKit/APT integration + become: true + ansible.builtin.file: + path: /etc/apt/apt.conf.d/20packagekit + state: absent diff --git a/roles/kali/tasks/packages-cli.yml b/roles/kali/tasks/packages-cli.yml new file mode 100644 index 0000000..9fc371a --- /dev/null +++ b/roles/kali/tasks/packages-cli.yml @@ -0,0 +1,43 @@ +--- +# Copyright 2021 Anthony Perkins +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Install CLI packages + become: true + ansible.builtin.apt: + name: '{{ packages }}' + state: present + force_apt_get: yes + vars: + packages: + - dc + - openssh-server + - sipcalc + - sudo + - tmux + - vim + - zstd +- name: Enable automatic update check + become: true + ansible.builtin.lineinfile: + path: /etc/apt/apt.conf.d/10periodic + regex: "APT::Periodic::Update-Package-Lists " + line: "APT::Periodic::Update-Package-Lists \"1\";" + create: yes +- name: Enable automatic install of updates + become: true + ansible.builtin.lineinfile: + path: /etc/apt/apt.conf.d/10periodic + regex: "APT::Periodic::Unattended-Upgrade " + line: "APT::Periodic::Unattended-Upgrade \"1\";" diff --git a/roles/kali/tasks/packages-gui.yml b/roles/kali/tasks/packages-gui.yml new file mode 100644 index 0000000..9ce318f --- /dev/null +++ b/roles/kali/tasks/packages-gui.yml @@ -0,0 +1,41 @@ +--- +# Copyright 2021 Anthony Perkins +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Install GUI packages + become: true + ansible.builtin.apt: + name: '{{ packages }}' + state: present + force_apt_get: yes + vars: + packages: + - git-gui + - libcanberra-gtk-module + - remmina + - vim-gtk +- name: Check for Gnome Shell + ansible.builtin.stat: + path: /usr/bin/gnome-shell + register: gnome_shell +- name: Install Gnome packages + become: true + ansible.builtin.apt: + name: '{{ packages }}' + state: present + force_apt_get: yes + vars: + packages: + - gnome-tweaks + when: gnome_shell.stat.exists diff --git a/roles/kali/tasks/ssh.yml b/roles/kali/tasks/ssh.yml new file mode 100644 index 0000000..39ea688 --- /dev/null +++ b/roles/kali/tasks/ssh.yml @@ -0,0 +1,35 @@ +--- +# Copyright 2021 Anthony Perkins +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Disable SSH passwords + become: true + ansible.builtin.lineinfile: + path: /etc/ssh/sshd_config + regexp: '^#?\w*PasswordAuthentication (yes|no)' + line: 'PasswordAuthentication no' + register: changed_ssh_config +- name: Enable SSH + become: true + ansible.builtin.systemd: + name: ssh.service + enabled: yes + state: started + when: wsl_distro is not defined +- name: Restart SSH + become: true + ansible.builtin.systemd: + name: ssh.service + state: restarted + when: changed_ssh_config.changed == true and wsl_distro is not defined diff --git a/roles/kali/tasks/sudo.yml b/roles/kali/tasks/sudo.yml new file mode 100644 index 0000000..928910b --- /dev/null +++ b/roles/kali/tasks/sudo.yml @@ -0,0 +1,23 @@ +--- +# Copyright 2021 Anthony Perkins +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Disable sudo FQDN lookups + become: true + ansible.builtin.lineinfile: + path: /etc/sudoers.d/nofqdn + regexp: '^Defaults.*fqdn' + line: 'Defaults !fqdn' + mode: '0640' + create: yes