Preparing the boxes

We are going to be launching two Vagrant boxes for this chapter, the first of which we will be using to install the scanning tools. This host will have Docker installed, and we will be using the Docker Ansible modules to interact with the software. The second box will contain or host the WordPress installation, which will be targeted by the scanning tools.

Create a Vagrantfile with the following content:

# -*- mode: ruby -*-
# vi: set ft=ruby :

API_VERSION = "2"
BOX_NAME = "centos/7"
BOX_IP_SCAN = "10.20.30.40"
BOX_IP_WP = "10.20.30.41"
DOMAIN = "nip.io"
PRIVATE_KEY = "~/.ssh/id_rsa"
PUBLIC_KEY = '~/.ssh/id_rsa.pub'

Vagrant.configure(API_VERSION) do |config|

  config.vm.define :scan do |scan| 
    scan.vm.box = BOX_NAME
    scan.vm.network "private_network", ip: BOX_IP_SCAN
    scan.vm.host_name = BOX_IP_SCAN + '.' + DOMAIN
    scan.ssh.insert_key = false
    scan.ssh.private_key_path = [PRIVATE_KEY, "~/.vagrant.d/insecure_private_key"]
    scan.vm.provision "file", source: PUBLIC_KEY, destination: "~/.ssh/authorized_keys"
  end

  config.vm.define :wp do |wp| 
    wp.vm.box = BOX_NAME
    wp.vm.network "private_network", ip: BOX_IP_WP
    wp.vm.host_name = BOX_IP_WP + '.' + DOMAIN
    wp.ssh.insert_key = false
    wp.ssh.private_key_path = [PRIVATE_KEY, "~/.vagrant.d/insecure_private_key"]
    wp.vm.provision "file", source: PUBLIC_KEY, destination: "~/.ssh/authorized_keys"
  end

  config.vm.provider "virtualbox" do |v|
    v.memory = "2024"
    v.cpus = "2"
  end

  config.vm.provider "vmware_fusion" do |v|
    v.vmx["memsize"] = "2024"
    v.vmx["numvcpus"] = "2"
  end

end

As you can see, we are going to be launching two CentOS 7 boxes, one labelled scan, which has a hostname of 10.20.30.40.nip.io, and the other wp, which has a hostname of 10.20.30.41.nip.io.

The inventory host file, which is always called production, contains the following:

box1 ansible_host=10.20.30.40.nip.io
box2 ansible_host=10.20.30.41.nip.io

[scan]
box1

[wordpress]
box2

[boxes]
box1
box2

[boxes:vars]
ansible_connection=ssh
ansible_user=vagrant
ansible_private_key_file=~/.ssh/id_rsa
host_key_checking=False

As you can see, we have defined three host groups; the first group called scan includes the single host which we will use to run the scanning tools. The second group, wordpress, while only containing a single host, could have more than one hosted listed, and the scans should target them all. The third group, called boxes, has been defined as a way of applying the connection configuration to all the hosts we have added to the playbook.

You can launch the two boxes using one of the following two commands:

$ vagrant up
$ vagrant up --provider=vmware_fusion

Now we have our Vagrant boxes up and running, we can take a look at what our playbook looks like.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.138.204.208