Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/CptOfEvilMinions/FleetDM-Automation


https://github.com/CptOfEvilMinions/FleetDM-Automation

Last synced: about 6 hours ago
JSON representation

Awesome Lists containing this project

README

        

# FleetDM automation with Ansible and Docker

FleetDM-Automation is a repo containing Ansible and Docker code to setup FleetDM. For a complete setup guide see my [blog post here](https://holdmybeersecurity.com/2021/01/07/getting-started-with-fleetdm-v3-6-0/).

## Generate OpenSSL keys
This project contains with a self-signed OpenSSL ceretificate which should ONLY BE used for testing. Below are instructions to make your own
1. `openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout conf/tls/.key -out conf/tls/.crt`

## Docker v2.2
This project has a pre-defined JWT key of `super_secret_key_here` which should ONLY BE used for testing. Below are instructions to make your own
1. `openssl rand -base64 32`
1. Copy key and paste in `conf/fleet/fleet.yml` as the value for `jwt_key`
1. `docker-compose build`
1. `docker-compose run --rm fleet fleet prepare db --config /etc/fleet/fleet.yml`
1. Initializes Kolid database
1. `docker-compose up -d`

## Docker Swarm v3.X
1. `openssl rand -base64 32 | tr -cd '[:alnum:]' | docker secret create fleetdm-jwt-key -`
1. `openssl rand -base64 32 | tr -cd '[:alnum:]' | docker secret create mysql-root-password -`
1. `openssl rand -base64 32 | tr -cd '[:alnum:]' | docker secret create mysql-fleetdm-password -`
1. `docker stack deploy -c docker-compose-swarm.yml fleetdm`
1. `docker service logs -f fleetdm_fleet`

## Ansible
1. `vim hosts.ini` and add IP address under `[fleetdm]`
1. `vim all.yml` and set:
1. `base_domain` - The domain for your network and the base domain of the FQDN
1. `timezone` - OPTIONAL - Change the default timezone of UTC +0
1. `openssl rand -base64 32`
1. Copy the output from the command
1. `vim fleetdm.yml` and set:
1. `fleetdm_jwt` -  Set this to the random string generated by the OpenSSL command
1. `mysql_root_password` - Set the root password for MySQL
1. `mysql_fleetdm_password` -  Set the password for FleetDM MySQL user
1. `ansible-playbook -i hosts.ini deploy_fleetdm.yml -u -K`

## Versions supported
* `Fleet FleetDM v4.11.0+`
* `Ansible v2.11+`
* `Ubuntu server 20.04`

## References
* [How to do a Docker healthcheck with wget instead of curl?](https://stackoverflow.com/questions/47722898/how-to-do-a-docker-healthcheck-with-wget-instead-of-curl)
* [NGINX - Enabling Session Persistence](https://docs.nginx.com/nginx/admin-guide/load-balancer/http-load-balancer/#enabling-session-persistence)
* [Docker - restart policy](https://docs.docker.com/compose/compose-file/#restart_policy)
* [fleetdm/osquery-in-a-box](https://github.com/fleetdm/osquery-in-a-box/blob/master/docker-compose.yml)
* [docker service logs](https://docs.docker.com/engine/reference/commandline/service_logs/)
* [Use Docker Secrets With MySQL on Docker Swarm](https://blog.ruanbekker.com/blog/2017/11/23/use-docker-secrets-with-mysql-on-docker-swarm/)
* [Configuring The Fleet Binary](https://github.com/fleetdm/fleet/blob/master/docs/infrastructure/configuring-the-fleet-binary.md)
* [StackOverFlow - Using multiple delimiters in awk](https://stackoverflow.com/questions/12204192/using-multiple-delimiters-in-awk)
* [Disable IPv6 in nginx proxy_pass](https://serverfault.com/questions/527317/disable-ipv6-in-nginx-proxy-pass)
* [ansible.builtin.lineinfile – Manage lines in text files](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/lineinfile_module.html)
* [Redirect HTTP to HTTPS in Nginx](https://linuxize.com/post/redirect-http-to-https-in-nginx/)
* [Serving Requests on IPv6 with Nginx.](https://bubblin.io/blog/ipv6-nginx)
* [Nginx 1.4.0 is not binding to IPv4 with [::]:80 on Ubuntu 13.04 when net.ipv6.bindv6only is set to false](https://trac.nginx.org/nginx/ticket/345)
* [Using multiple delimiters in awk](https://stackoverflow.com/questions/12204192/using-multiple-delimiters-in-awk)
* [Disable ipv6 on Ubuntu 20.04](https://www.geekpills.com/operating-system/linux/disable-ipv6-on-ubuntu-20-04)
* [How to Disable IPv6 on Ubuntu Linux](https://itsfoss.com/disable-ipv6-ubuntu-linux/)
* [Nginx configuration for FleetDM setups that want to catch 3m flatties (Willem Powerfish be proud).](https://mysteryincorporated.medium.com/nginx-configuration-for-fleetdm-setups-that-want-to-catch-3m-flatties-willem-powerfish-be-proud-7f99f97fdede)
* [Fleet - REST-API.md](https://github.com/fleetdm/fleet/blob/main/docs/1-Using-Fleet/3-REST-API.md)
* [How to Proxy WSS WebSockets with NGINX](https://www.serverlab.ca/tutorials/linux/web-servers-linux/how-to-proxy-wss-websockets-with-nginx/)
* [nginx — How to Fix Unknown "connection_upgrade" Variable](https://futurestud.io/tutorials/nginx-how-to-fix-unknown-connection_upgrade-variable)
* [Incompatible SockJS! Main site uses: "1.4.0", the iframe: "1.3.0". #7782](https://github.com/facebook/create-react-app/issues/7782)
* [How to install Redis-Server 6.0.1 in Ubuntu 20.04?](https://askubuntu.com/questions/1244058/how-to-install-redis-server-6-0-1-in-ubuntu-20-04)
* [An error was encountered while generating the current list of available VMware adapaters in use on this system. #11839](https://github.com/hashicorp/vagrant/issues/11839)
* []()
* []()
* []()
* []()
* []()
* []()