sgratias/semaphore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d616fdbe55680f05066dfbdd45dd3937ec74e00a
semaphore/chisel.yml
staffadmin d616fdbe55 good night
2023-09-26 02:43:13 +02:00

114 lines
4.5 KiB
YAML
Raw Blame History

---
- name: Chisel Client - Server playbook
hosts: all
become: true
# #
# # @author Stéphane Gratias (2021).
#
roles:
- { role: justin_p.chisel, tags: chisel-server, when: "{{ chisel_server|default(false) }} is true" }
tasks:
# Need to install proxychains
- name: Change settings in chisel-server and proxychains conf files | Server
ansible.builtin.lineinfile:
path: "{{ item.path }}"
regexp: "{{ item.regexp }}"
state: "{{ item.state }}"
line: "{{ item.line|default(omit) }}"
loop: "{{ chisel_proxychains_conf }}"
when: "{{ chisel_server|default(false) }} is true"
tags: chisel-server
- name: Reload service chisel-server | Server
ansible.builtin.service:
name: chisel-server
state: restarted
when: "{{ chisel_server|default(false) }} is true"
tags: chisel-server
- name: Read fingerprint chisel server in log file
ansible.builtin.slurp:
src: "/var/log/chisel/{{ chisel_config_name }}_error.log"
register: fingerprint
when: "{{ chisel_server|default(false) }} is true"
tags:
- chisel-server
- chisel-client
- name: Setting fingerprint host facts
ansible.builtin.set_fact:
chisel_fingerprint: "{{ fingerprint['content'] | b64decode | regex_search('.*Fingerprint.*', multiline=True, ignorecase=True) | split(' ') }}"
tags:
- chisel-server
- chisel-client
when: "{{ chisel_server|default(false) }} is true"
- name: Debug fingerprint for ALL hosts
debug:
msg: "{{ hostvars[groups['server'][0]].chisel_fingerprint }}"
tags:
- chisel-server
- chisel-client
- name: CHECK if binary chisel is already installed | Client
shell: which /usr/local/bin/chisel
changed_when: false
failed_when: false
register: chisel_installed
tags: chisel-client
- name: install chisel from github source
block:
- name: Ensure gzip is installed | Client
ansible.builtin.apt:
name: gzip
state: present
when:
- ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
- chisel_server is false
- name: "Download chisel {{ chisel_version }}"
ansible.builtin.get_url:
url: "https://github.com/jpillora/chisel/releases/download/v{{ chisel_version }}/chisel_{{ chisel_version }}_linux_amd64.gz"
dest: "/tmp/"
mode: '0600'
when: "{{ chisel_server }} is false"
- name: "Unpack chisel to {{ chisel_install_destination | default('/usr/local/bin/') }}"
ansible.builtin.shell: "gunzip -c /tmp/chisel_{{ chisel_version }}_linux_amd64.gz > {{ chisel_install_destination }}"
register: gunzip_output
when: "{{ chisel_server }} is false"
- name: "Set correct rights for {{ chisel_install_destination }}"
ansible.builtin.file:
path: "{{ chisel_install_destination }}"
owner: root
group: root
mode: 0775
when: "{{ chisel_server }} is false"
- name: "Run chisel to : {{ chisel_server_host }}:{{ chisel_server_port }}"
ansible.builtin.shell: "{{ chisel_install_destination }} client --fingerprint {{ hostvars[groups['server'][0]].chisel_fingerprint[4] }} --auth {{ chisel_basic_auth }} {{ chisel_server_host }}:{{ chisel_server_port }} R:{{ chisel_server_host }}:socks"
async: 60 # Le temps maximal en secondes d'attente apres deco (chisel tournera quand meme apres)
poll: 0
#register: chisel_client_output
when: "{{ chisel_server }} is false"
when: chisel_installed.rc != 0
tags:
- chisel-client
- name: "Run chisel to : {{ chisel_server_host }}:{{ chisel_server_port }} with auth {{ chisel_basic_auth }}"
ansible.builtin.shell: "{{ chisel_install_destination }} client --fingerprint {{ hostvars[groups['server'][0]].chisel_fingerprint[4] }} --auth {{ chisel_basic_auth }} {{ chisel_server_host }}:{{ chisel_server_port }} R:{{ chisel_server_host }}:socks"
when: "{{ chisel_server }} is false"
async: 60 # Le temps maximal en secondes d'attente apres deco (chisel tournera quand meme apres)
poll: 0
#register: chisel_client_output
tags:
- chisel-client
# TODO remove tmp/chisel_1.8.1_linux_amd64.gz /usr/local/bin/chisel /tmp/ansible_ansible.legacy.command_payload_XXXX and stop chisel-server
Reference in New Issue View Git Blame Copy Permalink