github.com/merlinepedra/gopphish-attack@v0.9.0/ansible-playbook/roles/gophish/tasks/main.yml

github.com/merlinepedra/gopphish-attack@v0.9.0/ansible-playbook/roles/gophish/tasks/main.yml (about)

     1  - name: Change /etc/hostname
     2    hostname:
     3      name: "{{ hostname }}"
     4  
     5  - name: Allow TCP 22 for SSH.
     6    ufw:
     7      rule: allow
     8      port: 22
     9      proto: tcp
    10  
    11  - name: Allow TCP 80 for Gophish.
    12    ufw:
    13      rule: allow
    14      port: 80
    15      proto: tcp
    16  
    17  - name: Allow TCP 443 for Gophish.
    18    ufw:
    19      rule: allow
    20      port: 443
    21      proto: tcp
    22  
    23  - name: Enable ufw.
    24    ufw:
    25      state: enabled
    26      policy: deny
    27    when: enable_ufw_firewall
    28  
    29  - name: Update APT package cache.
    30    apt:
    31      update_cache: yes
    32  
    33  - name: Upgrade APT to the latest packages.
    34    apt:
    35      upgrade: safe
    36  
    37  - name: Install specified packages.
    38    apt:
    39      pkg: "{{ item }}"
    40      state: latest
    41    with_items: "{{ install_packages }}"
    42  
    43  - name: Update postfix main.cf configuration file.
    44    template:
    45      src: main.cf.j2
    46      dest: /etc/postfix/main.cf
    47      backup: yes
    48      owner: root
    49      group: root
    50      mode: 0644
    51  
    52  - name: Restart postfix.
    53    service:
    54      name: postfix
    55      state: restarted
    56  
    57  - name: Ensure postfix is started and enabled at boot.
    58    service:
    59      name: postfix
    60      state: started
    61      enabled: yes
    62  
    63  - name: Download latest Gophish .zip file.
    64    get_url:
    65      validate_certs: True
    66      url: https://getgophish.com/releases/latest/linux/64
    67      dest: "/home/{{ gophish_user }}/gophish.zip"
    68      mode: 0755
    69      owner: "{{ gophish_user }}"
    70      group: "{{ gophish_user }}"
    71  
    72  - name: Create directory for gophish.
    73    file:
    74      path: "/home/{{ gophish_user }}/gophish"
    75      state: directory
    76      mode: 0755
    77      owner: "{{ gophish_user }}"
    78      group: "{{ gophish_user }}"
    79  
    80  - name: Unzip gophish file.
    81    unarchive:
    82      src: "/home/{{ gophish_user }}/gophish.zip"
    83      dest: "/home/{{ gophish_user }}/gophish"
    84      remote_src: True  # File is on target server and not locally.
    85      owner: "{{ gophish_user }}"
    86      group: "{{ gophish_user }}"
    87  
    88  - name: Change ownership of Gophish folder and files.
    89    file:
    90      path: /home/{{ gophish_user }}/gophish
    91      owner: "{{ gophish_user }}"
    92      group: "{{ gophish_user }}"
    93      recurse: True
    94  
    95  - name: Allow gophish binary to bind to privileged ports using setcap.
    96    shell: setcap CAP_NET_BIND_SERVICE=+eip /home/{{ gophish_user }}/gophish/gophish
    97  
    98  - name: Copy config.json file.
    99    copy:
   100      src: files/config.json
   101      dest: "/home/{{ gophish_user }}/gophish/config.json"
   102      owner: "{{ gophish_user }}"
   103      group: "{{ gophish_user }}"
   104      mode: 0644
   105  
   106  - name: Reboot the box in 1 minute.
   107    command: shutdown -r 1
   108    when: reboot_box