ansible-setup.yml

---
- hosts: localhost
  name: Setup localhost
  gather_facts: true
  tasks:
    - name: Install pre-req packages
      ansible.builtin.apt:
        pkg:
          - apt-transport-https
          - ca-certificates
          - curl
          - gnupg
          - jq
          - unzip
        update_cache: true
      become: true

    - name: Add Docker repo
      block:
        - name: Add Docker GPG apt key
          ansible.builtin.get_url:
            url: https://download.docker.com/linux/ubuntu/gpg
            dest: /etc/apt/keyrings/docker.asc
            checksum: sha256:1500c1f56fa9e26b9b8f42452a553675796ade0807cdce11975eb98170b3a570
          become: true
        - name: Determine architecture
          ansible.builtin.command:
            cmd: dpkg --print-architecture
          register: arch
        - name: Determine release
          ansible.builtin.shell: |
            . /etc/os-release && echo "$VERSION_CODENAME"
          register: release
        - name: Add Docker apt repo
          ansible.builtin.apt_repository:
            repo: "deb [arch={{ arch.stdout }} signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu {{ release.stdout }} stable"
            filename: docker
            state: present
          become: true

    - name: Install Docker Engine and utilities
      ansible.builtin.apt:
        pkg:
          - docker-ce
          - docker-ce-cli
          - containerd.io
          - docker-buildx-plugin
          - docker-compose-plugin
        update_cache: true
      become: true

    - name: Add current user to Docker group
      ansible.builtin.user:
        name: "{{ lookup('env', 'USER') }}"
        groups: docker
        append: true
      become: true

    - name: Create a directory for downloads
      ansible.builtin.file:
        path: "/tmp/lab-setup"
        state: directory
        mode: '0755'
      register: download

    - name: Download ngrok
      ansible.builtin.uri:
        url: https://bin.equinox.io/c/bNyj1mQVY4c/ngrok-v3-stable-linux-amd64.tgz
        dest: "{{ download.path }}/ngrok.tgz"
      register: ngrok

    - name: Extract ngrok
      ansible.builtin.unarchive:
        src: "{{ ngrok.path }}"
        dest: "/usr/local/bin/"
      become: true

    - name: Create a directory for CICD GOAT
      ansible.builtin.file:
        path: "{{ download.path }}/cicd-goat"
        state: directory
      register: cicdgoat

    - name: Download CICD GOAT Docker Compose file
      ansible.builtin.get_url:
        url: https://raw.githubusercontent.com/cider-security-research/cicd-goat/main/docker-compose.yaml
        dest: "{{ cicdgoat.path }}/docker-compose.yaml"

    - name: Make sure Docker is running
      ansible.builtin.systemd:
        state: started
        name: docker

    - name: Run Docker compose for CICD GOAT
      ansible.builtin.shell: 
        cmd: docker compose up -d 
        chdir: "{{ cicdgoat.path }}"

    - name: Clean up
      ansible.builtin.file:
        path: "/tmp/lab-setup"
        state: absent

    - name: Print urls and creds
      ansible.builtin.debug:
        msg:
          - "CTFd - http://{{ ansible_fqdn }}:8000 alice:alice"
          - "Jenkins - http://{{ ansible_fqdn }}:8080 alice:alice"
          - "Gitea - http://{{ ansible_fqdn }}:3000 thealice:thealice"
          - "GitLab - http://{{ ansible_fqdn }}:4000 alice:alice1234"