From 3c168336d9addd40c4f1311d622eda2b58512b49 Mon Sep 17 00:00:00 2001 From: konsthol Date: Fri, 8 Sep 2023 04:15:10 +0300 Subject: [PATCH] increased loading time by a bit --- .gitignore | 1 + assets/pages/tips_tricks/tips_n_tricks.md | 9 ++++++++ secdep.py | 28 ++++++++++++++++++++++- 3 files changed, 37 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index a25da68..fa8d941 100644 --- a/.gitignore +++ b/.gitignore @@ -2,6 +2,7 @@ *.json *.yml *.yaml +hosts secdep secdep.pub UnneededFiles/ diff --git a/assets/pages/tips_tricks/tips_n_tricks.md b/assets/pages/tips_tricks/tips_n_tricks.md index db95ac9..51c5246 100644 --- a/assets/pages/tips_tricks/tips_n_tricks.md +++ b/assets/pages/tips_tricks/tips_n_tricks.md @@ -63,3 +63,12 @@ Example usage: `secdep -P aws -l --awsregion us-east-2` `secdep -P aws -a deleteall --awsregion us-east-2` + +## Usage with Ansible 🤖 + +If you have Ansible installed, you can use the hosts file generated by SecDep to run commands on all of the instances simultaneously. +This file is located in the SecDep directory and is being updated every time you create or delete an instance. All instances have a secdep user created and you automatically have an ssh key to use for the connection so as long as you create all instances with or without the `--deploy` flag you can easily use Ansible. That is because this flag calls the hardening script which among the hardening steps changes the default ssh port. + +Example usage with ansible from the same directory as the hosts file: + +`ansible all -i hosts --private-key=secdep -u secdep -a 'echo "This text was created by Ansible" > /home/secdep/ansible.txt'` diff --git a/secdep.py b/secdep.py index 54d3813..dca0164 100755 --- a/secdep.py +++ b/secdep.py @@ -49,12 +49,14 @@ pretty.install() # Declare the ENV_FILE variable as such to always reside in the same directory as the script # We use os.path.join to make sure the path is correct for every OS # Also do the same for the ssh keys and the script to be used during deployment +# And also a hosts file to store the ip addresses of the instances # Finally we declare the docker-compose.yml file in case the user wants to use that in addition to the list of docker images ENV_FILE = os.path.join(os.path.dirname(__file__), ".env") SECDEP_SSH_PUBLIC_KEY = os.path.join(os.path.dirname(__file__), "secdep.pub") SECDEP_SSH_PRIVATE_KEY = os.path.join(os.path.dirname(__file__), "secdep") SECDEP_DEPLOY_SCRIPT = os.path.join(os.path.dirname(__file__), "harden") SECDEP_DOCKER_COMPOSE = os.path.join(os.path.dirname(__file__), "docker-compose.yml") +SECDEP_HOSTS_FILE = os.path.join(os.path.dirname(__file__), "hosts") # Available choices when the action flag is used action_choices = ["delete","start","stop","reboot","deleteall","startall","stopall","rebootall"] @@ -131,6 +133,10 @@ if not os.path.exists(ENV_FILE): with open(ENV_FILE, 'w') as f: f.write('') +if not os.path.exists(SECDEP_HOSTS_FILE): + with open(SECDEP_HOSTS_FILE, 'w') as f: + f.write('') + # The required values for authentication are stored in the .env file in the form of KEY=VALUE # These are # 1) SECDEP_GCE_CLIENT_ID (the service account Email found in project's IAM & Admin section/Service Accounts) @@ -1326,6 +1332,9 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi console.print("Node is initializing, please wait...", style="bold white") console.print("ip to connect to", style="bold white") console.print("[bold white]\nIP: %s[/bold white]" % (node.public_ips[0])) + # Here is where we write the node's ip to the file + with open(SECDEP_HOSTS_FILE, "a") as nodesFile: + nodesFile.write(node.public_ips[0]+"\n") console.print("[u]ssh command:[/u]", style="bold white") if args.deploy: console.print("[bold white]\nssh -p 22100 -i %s secdep@%s\n[/bold white]" % (SECDEP_SSH_PRIVATE_KEY, node.public_ips[0])) @@ -1489,6 +1498,13 @@ def node_action(action, provider, awsRegion=None): succeded = driver.start_node(node) case "delete": succeded = driver.destroy_node(node) + # Here is where we delete the node's ip from the file to keep it updated + with open(SECDEP_HOSTS_FILE, "r") as nodesFile: + lines = nodesFile.readlines() + with open(SECDEP_HOSTS_FILE, "w") as nodesFile: + for line in lines: + if line.strip("\n") != node.public_ips[0]: + nodesFile.write(line) case _: console.print("[u]Invalid[/u] action command", style="bold red") exit(0) @@ -1530,6 +1546,13 @@ def node_action_all(action, provider, awsRegion=None): succeded = driver.start_node(node) case "deleteall": succeded = driver.destroy_node(node) + # Here is where we delete the node's ip from the file to keep it updated + with open(SECDEP_HOSTS_FILE, "r") as nodesFile: + lines = nodesFile.readlines() + with open(SECDEP_HOSTS_FILE, "w") as nodesFile: + for line in lines: + if line.strip("\n") != node.public_ips[0]: + nodesFile.write(line) case _: console.print("[u]Invalid[/u] action command", style="bold red") exit(0) @@ -1610,7 +1633,10 @@ if args.listlocations and args.provider: if args.create: assert args.provider is not None, "Provider must be specified for node creation" # If -c or --create is passed, call the create_node function - create_node(args.provider, args.name, args.region, args.size, args.image, args.yes, args.deploy[0]) + if args.deploy: + create_node(args.provider, args.name, args.region, args.size, args.image, args.yes, args.deploy[0]) + else: + create_node(args.provider, args.name, args.region, args.size, args.image, args.yes) exit(0) if args.list: if args.print: