summaryrefslogtreecommitdiff
path: root/roles
diff options
context:
space:
mode:
authorDan Fedele <dan.fedele@gmail.com>2023-06-13 10:59:02 -0400
committerGitHub <noreply@github.com>2023-06-13 10:59:02 -0400
commitb8e08d78024e53ecbb00267623a5aea73e6b538d (patch)
tree269e6a5402d34a650e8313dacc91111611aa0295 /roles
parent8986e5bcabccb476a9088fe925a3ba05ed517053 (diff)
parentdfa9f2398bd614f73a0df92cbcfd561c609a2f3b (diff)
Merge pull request #5 from AgroDan/dev
Merge pull request #4 from AgroDan/master
Diffstat (limited to 'roles')
-rw-r--r--roles/custom-config/README.md4
-rw-r--r--roles/custom-config/defaults/main.yml2
-rw-r--r--roles/custom-config/files/tmux_conf14
-rw-r--r--roles/custom-config/files/zsh_functions.zsh26
-rw-r--r--roles/custom-config/handlers/main.yml2
-rw-r--r--roles/custom-config/meta/main.yml52
-rw-r--r--roles/custom-config/tasks/main.yml131
-rw-r--r--roles/custom-config/tests/inventory2
-rw-r--r--roles/custom-config/tests/test.yml5
-rw-r--r--roles/custom-config/vars/main.yml3
-rw-r--r--roles/individual-apps/README.md9
-rw-r--r--roles/individual-apps/defaults/main.yml2
-rw-r--r--roles/individual-apps/handlers/main.yml2
-rw-r--r--roles/individual-apps/meta/main.yml52
-rw-r--r--roles/individual-apps/tasks/main.yml106
-rw-r--r--roles/individual-apps/tests/inventory2
-rw-r--r--roles/individual-apps/tests/test.yml5
-rw-r--r--roles/individual-apps/vars/main.yml3
-rw-r--r--roles/package-mgmt/README.md9
-rw-r--r--roles/package-mgmt/defaults/main.yml2
-rw-r--r--roles/package-mgmt/handlers/main.yml2
-rw-r--r--roles/package-mgmt/meta/main.yml52
-rw-r--r--roles/package-mgmt/tasks/main.yml79
-rw-r--r--roles/package-mgmt/tests/inventory2
-rw-r--r--roles/package-mgmt/tests/test.yml5
-rw-r--r--roles/package-mgmt/vars/main.yml6
26 files changed, 579 insertions, 0 deletions
diff --git a/roles/custom-config/README.md b/roles/custom-config/README.md
new file mode 100644
index 0000000..65ff9ca
--- /dev/null
+++ b/roles/custom-config/README.md
@@ -0,0 +1,4 @@
+Custom Config
+=========
+
+This role handles customization of the desktop experience only. Adding things like zsh functions I use, getting rid of mouse interactivity with vim (because who in their right mind thought this was a good idea???), and other small tweaks that I needed. Put customization in here.
diff --git a/roles/custom-config/defaults/main.yml b/roles/custom-config/defaults/main.yml
new file mode 100644
index 0000000..ccefed4
--- /dev/null
+++ b/roles/custom-config/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+# defaults file for custom-config
diff --git a/roles/custom-config/files/tmux_conf b/roles/custom-config/files/tmux_conf
new file mode 100644
index 0000000..55cf067
--- /dev/null
+++ b/roles/custom-config/files/tmux_conf
@@ -0,0 +1,14 @@
+# remap CTRL-b to CTRL-a because it's better
+unbind C-b
+set-option -g prefix C-a
+bind-key C-a send-prefix
+
+# vi master race
+set -g mode-keys vi
+set -sg escape-time 0
+
+# I <3 history
+set -g history-limit 500000
+
+# colors!
+set -g default-terminal "screen-256color"
diff --git a/roles/custom-config/files/zsh_functions.zsh b/roles/custom-config/files/zsh_functions.zsh
new file mode 100644
index 0000000..e6df6e0
--- /dev/null
+++ b/roles/custom-config/files/zsh_functions.zsh
@@ -0,0 +1,26 @@
+# This is a handy list of functions I use
+
+scan() {
+ SCANDIR="${PWD}/nmap_scans"
+ if [ -z $1 ];
+ then
+ read "TARGET?Enter a target: "
+ else
+ TARGET=$1
+ fi
+
+ echo "Scanning ${TARGET}..."
+ mkdir -p $SCANDIR
+ sudo nmap -sS -sV -sC -oN $SCANDIR/initial-scan -v $TARGET
+ sudo nmap -sS -p- -oN $SCANDIR/allports -v0 $TARGET &disown
+ sudo nmap -sU -oN $SCANDIR/udpports -v0 $TARGET &disown
+}
+
+# Get latest version of linpeas and download to current directory
+alias getlinpeas='curl -L https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh > linpeas.sh'
+
+# I use this a ton
+alias webserver='python -m http.server'
+
+# hey why not, change this number to your preferred revshell port.
+alias revshell='ncat -lvnp 9090' \ No newline at end of file
diff --git a/roles/custom-config/handlers/main.yml b/roles/custom-config/handlers/main.yml
new file mode 100644
index 0000000..2fee87f
--- /dev/null
+++ b/roles/custom-config/handlers/main.yml
@@ -0,0 +1,2 @@
+---
+# handlers file for custom-config
diff --git a/roles/custom-config/meta/main.yml b/roles/custom-config/meta/main.yml
new file mode 100644
index 0000000..c572acc
--- /dev/null
+++ b/roles/custom-config/meta/main.yml
@@ -0,0 +1,52 @@
+galaxy_info:
+ author: your name
+ description: your role description
+ company: your company (optional)
+
+ # If the issue tracker for your role is not on github, uncomment the
+ # next line and provide a value
+ # issue_tracker_url: http://example.com/issue/tracker
+
+ # Choose a valid license ID from https://spdx.org - some suggested licenses:
+ # - BSD-3-Clause (default)
+ # - MIT
+ # - GPL-2.0-or-later
+ # - GPL-3.0-only
+ # - Apache-2.0
+ # - CC-BY-4.0
+ license: license (GPL-2.0-or-later, MIT, etc)
+
+ min_ansible_version: 2.1
+
+ # If this a Container Enabled role, provide the minimum Ansible Container version.
+ # min_ansible_container_version:
+
+ #
+ # Provide a list of supported platforms, and for each platform a list of versions.
+ # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+ # To view available platforms and versions (or releases), visit:
+ # https://galaxy.ansible.com/api/v1/platforms/
+ #
+ # platforms:
+ # - name: Fedora
+ # versions:
+ # - all
+ # - 25
+ # - name: SomePlatform
+ # versions:
+ # - all
+ # - 1.0
+ # - 7
+ # - 99.99
+
+ galaxy_tags: []
+ # List tags for your role here, one per line. A tag is a keyword that describes
+ # and categorizes the role. Users find roles by searching for tags. Be sure to
+ # remove the '[]' above, if you add tags to this list.
+ #
+ # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+ # Maximum 20 tags per role.
+
+dependencies: []
+ # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+ # if you add dependencies to this list.
diff --git a/roles/custom-config/tasks/main.yml b/roles/custom-config/tasks/main.yml
new file mode 100644
index 0000000..ec55f0e
--- /dev/null
+++ b/roles/custom-config/tasks/main.yml
@@ -0,0 +1,131 @@
+---
+# tasks file for custom-config
+- name: Getting all interactive users
+ ansible.builtin.shell: "awk -F: '{ if (($3 >= 1000 && $3 != 65534) || $3 == 0) print $1}' /etc/passwd"
+ register: users
+
+- name: Install Kitty Terminal Emulator 🐱
+ ansible.builtin.shell:
+ cmd: "/usr/bin/curl -sL {{ kitty_installer }} | sh /dev/stdin dest=/opt launch=n"
+
+- name: Create Desktop Icon for Kitty 🐱
+ ansible.builtin.copy:
+ dest: "/usr/share/applications/kitty.desktop"
+ content: |
+ [Desktop Entry]
+ Version=0.26.2
+ Type=Application
+ Name=Kitty Terminal Emulator
+ Exec=/opt/kitty.app/bin/kitty
+ Icon=/opt/kitty.app/share/icons/hicolor/256x256/apps/kitty.png
+ Categories=Utility
+
+- name: Prepare kitty.conf files for all interactive users 🐱
+ loop: "{{ users.stdout_lines }}"
+ ansible.builtin.file:
+ dest: "~{{ item }}/.config/kitty/"
+ state: directory
+ recurse: yes
+ owner: "{{ item }}"
+ group: "{{ item }}"
+ mode: 0755
+
+- name: Prepare personalized configs for Kitty 🐱
+ loop: "{{ users.stdout_lines }}"
+ ansible.builtin.blockinfile:
+ path: "~{{ item }}/.config/kitty/kitty.conf"
+ insertafter: EOF
+ create: yes
+ state: present
+ block: |
+ # New windows open in current directory
+ map ctrl+shift+enter launch --cwd=current
+
+ # New tabs open in current directory
+ map ctrl+t new_tab --cwd=current
+
+ # The coveted "zoom" function
+ map ctrl+shift+z toggle_layout stack
+
+ # disable mouse-click a link to open in a browser
+ mouse_map left click ungrabbed no_op
+
+- name: Disable mouse interactivity in vim (╯°□°)╯︵ ┻━┻
+ ansible.builtin.blockinfile:
+ path: /etc/vim/vimrc
+ marker: "\" {mark} ANSIBLE MANAGED BLOCK"
+ insertafter: EOF
+ state: present
+ block: |
+ set mouse=
+ set ttymouse=
+
+- name: Add sudo-NOPASSWD to users
+ loop: "{{ users.stdout_lines }}"
+ ansible.builtin.lineinfile:
+ path: /etc/sudoers
+ state: present
+ insertafter: EOF
+ line: "{{ item }} ALL=(ALL) NOPASSWD: ALL"
+ validate: /usr/sbin/visudo -cf %s
+
+- name: Initialize Gef for all users
+ ansible.builtin.script: /opt/gef/scripts/gef.sh
+ become_user: "{{ item }}"
+ loop: "{{ users.stdout_lines }}"
+
+- name: Copying over zsh functions file for all users
+ ansible.builtin.copy:
+ src: zsh_functions.zsh
+ dest: "~{{ item }}/.zsh_functions"
+ owner: "{{ item }}"
+ group: "{{ item }}"
+ mode: '0640'
+ loop: "{{ users.stdout_lines }}"
+
+- name: Enabling zsh functions
+ loop: "{{ users.stdout_lines }}"
+ ansible.builtin.blockinfile:
+ path: "~{{ item }}/.zshrc"
+ state: present
+ insertafter: EOF
+ owner: "{{ item }}"
+ block: |
+ if [ -f ~/.zsh_functions]; then
+ source ~/.zsh_functions
+ fi
+
+- name: Copying over tmux config to all users
+ ansible.builtin.copy:
+ src: tmux_conf
+ dest: "~{{ item }}/.tmux.conf"
+ owner: "{{ item }}"
+ group: "{{ item }}"
+ mode: '0640'
+ loop: "{{ users.stdout_lines }}"
+
+- name: Create /srv/smb/ directory for payload population
+ ansible.builtin.file:
+ path: /srv/smb
+ state: directory
+ mode: '0755'
+
+- name: Creating IWR share in samba config
+ ansible.builtin.blockinfile:
+ path: /etc/samba/smb.conf
+ insertafter: EOF
+ state: present
+ block: |
+ [iwr]
+ comment = Invoke-WebReq'd em? Damn near killed em!
+ path = /srv/smb
+ guest ok = yes
+ browseable = yes
+ create mask = 0600
+ directory mask = 0755
+
+- name: Ensure that samba doesn't start on boot
+ ansible.builtin.systemd:
+ name: smbd
+ enabled: no
+ state: stopped
diff --git a/roles/custom-config/tests/inventory b/roles/custom-config/tests/inventory
new file mode 100644
index 0000000..878877b
--- /dev/null
+++ b/roles/custom-config/tests/inventory
@@ -0,0 +1,2 @@
+localhost
+
diff --git a/roles/custom-config/tests/test.yml b/roles/custom-config/tests/test.yml
new file mode 100644
index 0000000..181d731
--- /dev/null
+++ b/roles/custom-config/tests/test.yml
@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+ remote_user: root
+ roles:
+ - custom-config
diff --git a/roles/custom-config/vars/main.yml b/roles/custom-config/vars/main.yml
new file mode 100644
index 0000000..60c28e5
--- /dev/null
+++ b/roles/custom-config/vars/main.yml
@@ -0,0 +1,3 @@
+---
+# vars file for custom-config
+kitty_installer: "https://sw.kovidgoyal.net/kitty/installer.sh"
diff --git a/roles/individual-apps/README.md b/roles/individual-apps/README.md
new file mode 100644
index 0000000..5880d2b
--- /dev/null
+++ b/roles/individual-apps/README.md
@@ -0,0 +1,9 @@
+Individual Apps
+=========
+
+This role will install individual packages that are _not_ tied to the package management system, IE apt. This also applies to git repositories and the like, as well as one-off compilation and build instructions, such as JumboJohn and Kerbrute.
+
+Role Variables
+--------------
+
+Just using a link to the compiled ysoserial .jar file.
diff --git a/roles/individual-apps/defaults/main.yml b/roles/individual-apps/defaults/main.yml
new file mode 100644
index 0000000..ebfe4e0
--- /dev/null
+++ b/roles/individual-apps/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+# defaults file for individual-apps
diff --git a/roles/individual-apps/handlers/main.yml b/roles/individual-apps/handlers/main.yml
new file mode 100644
index 0000000..3c771dd
--- /dev/null
+++ b/roles/individual-apps/handlers/main.yml
@@ -0,0 +1,2 @@
+---
+# handlers file for individual-apps
diff --git a/roles/individual-apps/meta/main.yml b/roles/individual-apps/meta/main.yml
new file mode 100644
index 0000000..c572acc
--- /dev/null
+++ b/roles/individual-apps/meta/main.yml
@@ -0,0 +1,52 @@
+galaxy_info:
+ author: your name
+ description: your role description
+ company: your company (optional)
+
+ # If the issue tracker for your role is not on github, uncomment the
+ # next line and provide a value
+ # issue_tracker_url: http://example.com/issue/tracker
+
+ # Choose a valid license ID from https://spdx.org - some suggested licenses:
+ # - BSD-3-Clause (default)
+ # - MIT
+ # - GPL-2.0-or-later
+ # - GPL-3.0-only
+ # - Apache-2.0
+ # - CC-BY-4.0
+ license: license (GPL-2.0-or-later, MIT, etc)
+
+ min_ansible_version: 2.1
+
+ # If this a Container Enabled role, provide the minimum Ansible Container version.
+ # min_ansible_container_version:
+
+ #
+ # Provide a list of supported platforms, and for each platform a list of versions.
+ # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+ # To view available platforms and versions (or releases), visit:
+ # https://galaxy.ansible.com/api/v1/platforms/
+ #
+ # platforms:
+ # - name: Fedora
+ # versions:
+ # - all
+ # - 25
+ # - name: SomePlatform
+ # versions:
+ # - all
+ # - 1.0
+ # - 7
+ # - 99.99
+
+ galaxy_tags: []
+ # List tags for your role here, one per line. A tag is a keyword that describes
+ # and categorizes the role. Users find roles by searching for tags. Be sure to
+ # remove the '[]' above, if you add tags to this list.
+ #
+ # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+ # Maximum 20 tags per role.
+
+dependencies: []
+ # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+ # if you add dependencies to this list.
diff --git a/roles/individual-apps/tasks/main.yml b/roles/individual-apps/tasks/main.yml
new file mode 100644
index 0000000..7b1b3d6
--- /dev/null
+++ b/roles/individual-apps/tasks/main.yml
@@ -0,0 +1,106 @@
+---
+# tasks file for individual-apps
+- name: Install pwntools
+ ansible.builtin.pip:
+ name: git+https://github.com/Gallopsled/pwntools.git@dev
+
+- name: Clone Invoke-Obfuscation (•_•) ( •_•)>⌐■-■ (⌐■_■)
+ ansible.builtin.git:
+ repo: 'https://github.com/danielbohannon/Invoke-Obfuscation'
+ dest: /opt/Invoke-Obfuscation
+
+- name: Clone JumboJohn
+ ansible.builtin.git:
+ repo: 'https://github.com/magnumripper/JohnTheRipper'
+ dest: /opt/JohnTheRipper
+
+- name: Compiling JumboJohn, hold onto yer butts...
+ ansible.builtin.command: chdir=/opt/JohnTheRipper/src {{ item }}
+ with_items:
+ - ./configure
+ - make
+ - make install
+
+- name: Install trufflehog
+ ansible.builtin.pip:
+ name: trufflehog
+
+- name: Install LDAPDomainDump
+ ansible.builtin.pip:
+ name: ldapdomaindump
+
+- name: Clone Nishang
+ ansible.builtin.git:
+ repo: 'https://github.com/samratashok/nishang'
+ dest: /opt/nishang
+
+- name: Clone Chisel
+ ansible.builtin.git:
+ repo: 'https://github.com/jpillora/chisel'
+ dest: /opt/chisel
+
+- name: Clone LinEnum
+ ansible.builtin.git:
+ repo: 'https://github.com/rebootuser/LinEnum'
+ dest: /opt/LinEnum
+
+- name: Clone PowerSploit
+ ansible.builtin.git:
+ repo: 'https://github.com/PowerShellMafia/PowerSploit'
+ dest: /opt/PowerSploit
+
+- name: Clone Impacket
+ ansible.builtin.git:
+ repo: 'https://github.com/SecureAuthCorp/impacket'
+ dest: /opt/impacket
+
+- name: Installing Impacket
+ ansible.builtin.shell: "python3 /opt/impacket/setup.py build && python3 /opt/impacket/setup.py install"
+ args:
+ chdir: /opt/impacket
+
+- name: Clone Bloodhound.py
+ ansible.builtin.git:
+ repo: 'https://github.com/fox-it/BloodHound.py.git'
+ dest: /opt/BloodHound.py
+
+- name: Clone PyFuscation
+ ansible.builtin.git:
+ repo: 'https://github.com/CBHue/PyFuscation.git'
+ dest: /opt/PyFuscation
+
+- name: Clone Gef
+ ansible.builtin.git:
+ repo: 'https://github.com/hugsy/gef.git'
+ dest: /opt/gef
+
+- name: Clone Static Binaries
+ ansible.builtin.git:
+ repo: 'https://github.com/andrew-d/static-binaries'
+ dest: /opt/static-binaries
+
+- name: Clone Ysoserial
+ ansible.builtin.git:
+ repo: 'https://github.com/frohoff/ysoserial'
+ dest: /opt/ysoserial
+
+- name: Clone Kerbrute
+ ansible.builtin.git:
+ repo: 'https://github.com/ropnop/kerbrute.git'
+ dest: /opt/kerbrute
+
+- name: Building Kerbrute...
+ ansible.builtin.command: chdir=/opt/kerbrute make linux
+
+- name: Downloading Ysoserial JAR file
+ ansible.builtin.get_url:
+ url: "{{ ysoserial_jar }}"
+ dest: /opt/ysoserial/ysoserial-all.jar
+ mode: '0644'
+
+- name: Get Evil-WinRM via gem installer
+ community.general.gem:
+ name: evil-winrm
+ norc: yes
+ state: latest
+ user_install: no
diff --git a/roles/individual-apps/tests/inventory b/roles/individual-apps/tests/inventory
new file mode 100644
index 0000000..878877b
--- /dev/null
+++ b/roles/individual-apps/tests/inventory
@@ -0,0 +1,2 @@
+localhost
+
diff --git a/roles/individual-apps/tests/test.yml b/roles/individual-apps/tests/test.yml
new file mode 100644
index 0000000..9626dd6
--- /dev/null
+++ b/roles/individual-apps/tests/test.yml
@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+ remote_user: root
+ roles:
+ - individual-apps
diff --git a/roles/individual-apps/vars/main.yml b/roles/individual-apps/vars/main.yml
new file mode 100644
index 0000000..c21af81
--- /dev/null
+++ b/roles/individual-apps/vars/main.yml
@@ -0,0 +1,3 @@
+---
+# vars file for individual-apps
+ysoserial_jar: "https://github.com/frohoff/ysoserial/releases/latest/download/ysoserial-all.jar"
diff --git a/roles/package-mgmt/README.md b/roles/package-mgmt/README.md
new file mode 100644
index 0000000..01452d7
--- /dev/null
+++ b/roles/package-mgmt/README.md
@@ -0,0 +1,9 @@
+Package Mgmt
+=========
+
+This role will handle any OS-level patching and package installs, including the installation of keys for repositories and such. This role typically takes a while to run because I always make sure I am patched and up to date before doing anything, and then of course the individual packages just take a while to install.
+
+Role Variables
+--------------
+
+I have added the URLs to the specific keys I am using to install the repositories for things like Docker and Sublime Text.
diff --git a/roles/package-mgmt/defaults/main.yml b/roles/package-mgmt/defaults/main.yml
new file mode 100644
index 0000000..57adef2
--- /dev/null
+++ b/roles/package-mgmt/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+# defaults file for package-mgmt
diff --git a/roles/package-mgmt/handlers/main.yml b/roles/package-mgmt/handlers/main.yml
new file mode 100644
index 0000000..ef24490
--- /dev/null
+++ b/roles/package-mgmt/handlers/main.yml
@@ -0,0 +1,2 @@
+---
+# handlers file for package-mgmt
diff --git a/roles/package-mgmt/meta/main.yml b/roles/package-mgmt/meta/main.yml
new file mode 100644
index 0000000..c572acc
--- /dev/null
+++ b/roles/package-mgmt/meta/main.yml
@@ -0,0 +1,52 @@
+galaxy_info:
+ author: your name
+ description: your role description
+ company: your company (optional)
+
+ # If the issue tracker for your role is not on github, uncomment the
+ # next line and provide a value
+ # issue_tracker_url: http://example.com/issue/tracker
+
+ # Choose a valid license ID from https://spdx.org - some suggested licenses:
+ # - BSD-3-Clause (default)
+ # - MIT
+ # - GPL-2.0-or-later
+ # - GPL-3.0-only
+ # - Apache-2.0
+ # - CC-BY-4.0
+ license: license (GPL-2.0-or-later, MIT, etc)
+
+ min_ansible_version: 2.1
+
+ # If this a Container Enabled role, provide the minimum Ansible Container version.
+ # min_ansible_container_version:
+
+ #
+ # Provide a list of supported platforms, and for each platform a list of versions.
+ # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+ # To view available platforms and versions (or releases), visit:
+ # https://galaxy.ansible.com/api/v1/platforms/
+ #
+ # platforms:
+ # - name: Fedora
+ # versions:
+ # - all
+ # - 25
+ # - name: SomePlatform
+ # versions:
+ # - all
+ # - 1.0
+ # - 7
+ # - 99.99
+
+ galaxy_tags: []
+ # List tags for your role here, one per line. A tag is a keyword that describes
+ # and categorizes the role. Users find roles by searching for tags. Be sure to
+ # remove the '[]' above, if you add tags to this list.
+ #
+ # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+ # Maximum 20 tags per role.
+
+dependencies: []
+ # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+ # if you add dependencies to this list.
diff --git a/roles/package-mgmt/tasks/main.yml b/roles/package-mgmt/tasks/main.yml
new file mode 100644
index 0000000..ca5381e
--- /dev/null
+++ b/roles/package-mgmt/tasks/main.yml
@@ -0,0 +1,79 @@
+---
+# tasks file for package-mgmt
+- name: Add Docker repo key
+ ansible.builtin.shell: curl -fsSL {{ docker_repo_key }} | gpg --dearmor --batch --yes -o /etc/apt/trusted.gpg.d/docker-ce-keyring.gpg
+
+- name: Add Docker repo
+ ansible.builtin.apt_repository:
+ repo: "{{ docker_repo }}"
+ state: present
+
+- name: Add Sublime Text repo key
+ ansible.builtin.shell: curl -fsSL {{ sublime_repo_key }} | gpg --dearmor --batch --yes -o /etc/apt/trusted.gpg.d/sublime-text-keyring.gpg
+
+- name: Add Sublime Text repo
+ ansible.builtin.apt_repository:
+ repo: "{{ sublime_repo }}"
+ state: present
+
+- name: Ensuring all packages are up to date
+ ansible.builtin.apt:
+ update_cache: yes
+ upgrade: dist
+
+- name: Installing one-off packages from package manager
+ ansible.builtin.package:
+ name:
+ - bloodhound
+ - build-essential
+ - bytecode-viewer
+ - clang
+ - cmake
+ - crackmapexec
+ - curl
+ - default-jdk
+ - default-jre
+ - docker
+ - docker-compose
+ - eog
+ - feroxbuster
+ - flex
+ - forensics-extra
+ - gawk
+ - gdb
+ - gdbserver
+ - ghidra
+ - git
+ - gobuster
+ - golang-go
+ - jq
+ - jxplorer
+ - libffi-dev
+ - liblzma-dev
+ - libssl-dev
+ - libxml2-dev
+ - ltrace
+ - ncat
+ - neo4j
+ - ntpdate
+ - mingw-w64
+ - patch
+ - powershell
+ - python3
+ - python3-dev
+ - python3-pip
+ - p7zip-full
+ - remmina
+ - rlwrap
+ - samba
+ - seclists
+ - steghide
+ - strace
+ - sublime-text
+ - terminator
+ - tmux
+ - xclip
+ - xfce4-terminal
+ - zaproxy
+ - zlib1g-dev
+ state: latest
diff --git a/roles/package-mgmt/tests/inventory b/roles/package-mgmt/tests/inventory
new file mode 100644
index 0000000..878877b
--- /dev/null
+++ b/roles/package-mgmt/tests/inventory
@@ -0,0 +1,2 @@
+localhost
+
diff --git a/roles/package-mgmt/tests/test.yml b/roles/package-mgmt/tests/test.yml
new file mode 100644
index 0000000..929b029
--- /dev/null
+++ b/roles/package-mgmt/tests/test.yml
@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+ remote_user: root
+ roles:
+ - package-mgmt
diff --git a/roles/package-mgmt/vars/main.yml b/roles/package-mgmt/vars/main.yml
new file mode 100644
index 0000000..8bb393e
--- /dev/null
+++ b/roles/package-mgmt/vars/main.yml
@@ -0,0 +1,6 @@
+---
+# vars file for package-mgmt
+docker_repo_key: "https://download.docker.com/linux/debian/gpg"
+docker_repo: "deb [arch=amd64] https://download.docker.com/linux/debian bullseye stable"
+sublime_repo_key: "https://download.sublimetext.com/sublimehq-pub.gpg"
+sublime_repo: "deb https://download.sublimetext.com/ apt/stable/"