Init, lack of thorough testing

.ansible-lint

@@ -0,0 +1,3 @@
+skip_list:
+  - '306'
+  - '305'

.travis.yml

@@ -0,0 +1,21 @@
+language: python
+python:
+  - '3.6'
+sudo: required
+
+install:
+  - pip3 install ansible 'molecule[ec2]<3.0' ansible-lint boto boto3
+
+script:
+  - ansible --version
+  - molecule --version
+  - molecule test -s aws-ec2
+
+notifications:
+  webhooks: https://galaxy.ansible.com/api/v1/notifications/
+
+env:
+  global:
+    - EC2_REGION: eu-west-1 
+    - secure: W4toFSCW5T+rfl56A8Hc2HSp7VDt76/aHB+PiSsL4RdOVWVLz3x5nxVxNbGzK1YtOF+S+/PPu5E+vx71slAWtzpqwd0+e2N08OfEJ27+t6fnzlXcd6SZrQTKeA6BVUNrbUhQ2yhuQsPqNMJF6CI7cG8NbBlz0XZh/lE5rlFqnAdcQhsmWIxuufNZ8zLLrYJlx2AB0iJ7LMc14iGKq6zSLXkKCiN399R8xIm1EQWY5U0Q27QcPv1jI0Qx2UVjouwnMzvHit1Ev+pH0/3Is4gQPB6iRyhqtnac0CSipudyqK0pJRXWnj/bedypAqN78oeEwwp9g4cVTdcdENnXISNIihW1+4euhc78R6ocxmqvmjjVSYYdrPHdr2NKtGV53i5BIfGbaHYe7nQZMJNVkoJgUG6jrTIonBIMw6JdM8vFqjqK7uEC/MuQXo42RU1S/eYntB7R0hcCL4jRg5k1SVnA6cfUN2VqGKtZbFl1Mp5acBC5npBFhkRMH426T/lH05DSziZjZOqkeB/q98UoeIMyPgee26Cz5VcO2fBc6Xoprk4ko0Gj/o0ebqF7ryO8OSXK5tKKc+bAtYE+9NcrhKIB8Pt33pcVfUDKkdpmjFAYm4MRHhzKuNPRvoKq6PH74vkcDWn93Y3K8M6T7PL5MnO7UjxN8LfsxbhEQ06p8ORbcwE=
+    - secure: gQWrRmAlzii5aCYOaUzmFVj55GTlh7DQZVEHArR+szM/G9JO4L/ZppLvwEhNyUbucXgqFLkJcFk9BnfISENw0KWI/wrHR1Pd+rPj2USY6L/o+4OdKaBOkZ8byXQ84504oT1kLOMkMomFsjDMNdxqEp6UKvjAEHrr0Pz+xVgKX9qV472jLKJe16VtYvmCN2xGsl/2sBghd08Pl1WJ+P1Vh/FWFcPlma/tLGpKHxTnXClvH8i+OIcYygcxenu1g4FB40wbr1V4w9LdtzjRp6Ss2ct/7SfDMfx3FtXHUxcQpsB23JqXp4ZVzxaoVml/LF4ke9ekS93Pd1lKTRGu6XeIMTQV4SqwJ+PLc4wqRtACA5zeBkiIbqE1r+r4tLCtbr5Ix14SRUWuoQ+KMSEpatPHKcD2EiM9xWg8H6lS50XNjjpqsBBDXPbwZw2yyHTaecDxxK9hHTuTurk389LV7p5iTvqIL3itkCwQWtERoPsRdu9zPjmoqdWfNLN70wtztO4b0P/supWA43E4TbS4qSckCSqoNYKyYPmeo6/9jjMEzJ87fT4btBrprq0J9OdQjv/H1a8JLicSKf/ed3Z6CXJHuhvzwzkCU1n8ZtlyWre+A2FzOlj8PePbUM2D6PGrYRKSTedAr6TIHf9JB3m5vGKiK/VQnqYp4Ck9hV4m7aktSzE=

.yamllint

@@ -0,0 +1,36 @@
+---
+# Based on ansible-lint config
+extends: default
+
+ignore: |
+  files/redirs/filebeat/filebeat.yml
+
+rules:
+  braces:
+    max-spaces-inside: 1
+    level: error
+  brackets:
+    max-spaces-inside: 1
+    level: error
+  colons:
+    max-spaces-after: -1
+    level: error
+  commas:
+    max-spaces-after: -1
+    level: error
+  comments: disable
+  comments-indentation: disable
+  document-start: disable
+  empty-lines:
+    max: 3
+    level: error
+  hyphens:
+    level: error
+  indentation: disable
+  key-duplicates: enable
+  line-length: disable
+  new-line-at-end-of-file: disable
+  new-lines:
+    type: unix
+  trailing-spaces: disable
+  truthy: disable

README.md

@@ -0,0 +1,63 @@
+# Ansible Role: redelk_redir
+
+Role that helps setting up redirectors for RedELK project.
+
+## Requirements
+
+None.
+
+## Role Variables
+
+Available variables are listed below, along with default values (see `defaults/main.yml`):
+	# Common packages for RedHat and Debian
+	common_pkgs:
+	  - tmux
+	  - rsync
+
+	# pkgs for rhel
+	rhel_pkgs:
+	  - "{{ 'python3-policycoreutils' if (ansible_distribution_major_version | int >= 8) else 'policycoreutils-python' }}"
+	  - rsyslog
+
+	debian_pkgs:
+	  - apt-transport-https
+	  - python3-apt
+
+	# Configure or not the firewall on your systems
+	no_firewalling: true
+
+	locale: en_US.UTF-8
+
+	firewall:
+	  redir_ports:
+	    - 80/tcp
+	    - 443/tcp
+
+	# Your timezone
+	timezone: Europe/Berlin
+
+## Dependencies
+
+	- src: robertdebock.epel
+	- src: geerlingguy.filebeat
+	- src: https://github.com/DrMeosch/ansible-role-python3
+	  scm: git
+	  version: master
+	  name: drmeosch.python3
+
+## Use with Ansible
+
+```yaml
+- hosts: all
+
+  roles:
+    - redelk_redir
+```
+
+## License
+
+MIT / BSD
+
+## Author Information
+
+This role was created in 2020 by DrMeosch.

defaults/main.yml

@@ -0,0 +1,31 @@
+---
+common_pkgs:
+  - tmux
+  - rsync
+
+# pkgs for rhel
+rhel_pkgs:
+  - "{{ 'python3-policycoreutils' if (ansible_distribution_major_version | int >= 8) else 'policycoreutils-python' }}"
+  - rsyslog
+
+debian_pkgs:
+  - apt-transport-https
+  - python3-apt
+
+# Configure or not the firewall on your systems
+no_firewalling: true
+
+locale: en_US.UTF-8
+
+firewall:
+  redir_ports:
+    - 80/tcp
+    - 443/tcp
+
+# Your timezone
+timezone: Europe/Berlin
+
+# default var for molecule testing
+# should be overwritten in your playbook
+attackscenario: default
+elkserver_hosts: 127.0.0.1

files/redirs/VERSION

@@ -0,0 +1 @@
+RedELK version 2 - BETA TESTING

files/redirs/filebeat/filebeat.yml

@@ -0,0 +1,41 @@
+filebeat.prospectors:
+- type: log
+  enabled: true
+  fields_under_root: true
+  paths:
+    - /var/log/haproxy.log
+  fields:
+    infralogtype: redirtraffic
+    redirprogram: haproxy
+- type: log
+  enabled: true
+  fields_under_root: true
+  paths:
+    - /var/log/apache2/access-redelk.log
+  fields:
+    infralogtype: redirtraffic
+    redirprogram: apache
+- type: log
+  enabled: true
+  fields_under_root: true
+  paths:
+    - /var/log/nginx/access-redelk.log
+  fields:
+    infralogtype: redirtraffic
+    redirprogram: nginx
+
+filebeat.config.modules:
+  path: ${path.config}/modules.d/*.yml
+  reload.enabled: false
+
+setup.template.settings:
+  index.number_of_shards: 3
+
+name: "@@HOSTNAME@@"
+fields_under_root: true
+fields:
+  attackscenario: @@ATTACKSCENARIO@@
+
+output.logstash:
+  hosts: ["@@HOSTANDPORT@@"]
+  ssl.certificate_authorities: ["/etc/filebeat/redelkCA.crt"]

files/redirs/filebeat/redelkCA.crt

@@ -0,0 +1,29 @@
+-----BEGIN CERTIFICATE-----
+MIIE3zCCA8egAwIBAgIJAKfEyIy3ViWmMA0GCSqGSIb3DQEBCwUAMIGlMQswCQYD
+VQQGEwJOTDEWMBQGA1UECAwNTm9vcmQtSG9sbGFuZDESMBAGA1UEBwwJQW1zdGVy
+ZGFtMRYwFAYDVQQKDA1PdXRmbGFuayBCLlYuMQ8wDQYDVQQLDAZJVC1PUFMxFDAS
+BgNVBAMMC291dGZsYW5rLm5sMSswKQYJKoZIhvcNAQkBFhx0b3RhbGx5bm90YXZp
+cnVzQG91dGZsYW5rLm5sMB4XDTIwMDcyNDA4MzYyNFoXDTMwMDcyMjA4MzYyNFow
+gaUxCzAJBgNVBAYTAk5MMRYwFAYDVQQIDA1Ob29yZC1Ib2xsYW5kMRIwEAYDVQQH
+DAlBbXN0ZXJkYW0xFjAUBgNVBAoMDU91dGZsYW5rIEIuVi4xDzANBgNVBAsMBklU
+LU9QUzEUMBIGA1UEAwwLb3V0ZmxhbmsubmwxKzApBgkqhkiG9w0BCQEWHHRvdGFs
+bHlub3RhdmlydXNAb3V0ZmxhbmsubmwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQDDehuKEIT9VKI+qEZnIY+qso8aegAXjRzPgBUOtKEdxuLeCFPOU7vv
+EtBslmnuQ5HlO2Vn4LgEYS9Z/VeHpwcF9vxc4puQThRR6HtaCQ2pCULMphIvORCd
+q7plmJyDPlpBDOuZXOIMbd4D0nh9mM5/eoEbob+Ej02/k4Ud1sGTrRdftcpuQBTI
+VlzE26+Es2hk2CRz/7JwFlf6/xCgUM+R4XB05njPmj9Qhcu8YGP767FwiP9gQuXj
+kMN3Lcr31mBqq5zXf7osb1lKkaZ3Da4aUJAFOMK2Kx7sEVOiTQ+lIRFgvCe4S9bR
+VuF/3xrOMW8QecwtdhYoE1wDGhU23RhNAgMBAAGjggEOMIIBCjAdBgNVHQ4EFgQU
+VMB9MrJTQmud2wpXo/WVdIbOlaUwgdoGA1UdIwSB0jCBz4AUVMB9MrJTQmud2wpX
+o/WVdIbOlaWhgaukgagwgaUxCzAJBgNVBAYTAk5MMRYwFAYDVQQIDA1Ob29yZC1I
+b2xsYW5kMRIwEAYDVQQHDAlBbXN0ZXJkYW0xFjAUBgNVBAoMDU91dGZsYW5rIEIu
+Vi4xDzANBgNVBAsMBklULU9QUzEUMBIGA1UEAwwLb3V0ZmxhbmsubmwxKzApBgkq
+hkiG9w0BCQEWHHRvdGFsbHlub3RhdmlydXNAb3V0ZmxhbmsubmyCCQCnxMiMt1Yl
+pjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQC326pEIVjbn+4oZzl1
+3PU/oP7x+HIsXWBkTN8SkdhXzhBcD6zOASY/AJCoFwIpzsQP+N7mBviftVEzB+Pm
+ZYtC0WeYZPrJ0aQV2rrNsC4CbAhPXUAncTt4HrQv1bKPXnH2ksi0jqI4Bcab8KU4
+hiXp8m9uaQapYQVxAbB/Yth4W7k0M0jS0A/hjFP7ysI2xat9GDe7JQWLno+anovK
+9nmzJ5A+/JyJlLM/A6DpAGHCQEi8nqLq4KNbDe1rxIOePKsbCvJFpQ/xOgeCRVhq
+syyQPgolUdhM3XDttDjcfDpt35oNZ6oRkqxFZhGEC6Ex9Unp4IZYZE7v0yCnDUoA
+yGpm
+-----END CERTIFICATE-----