From 8279757b41ca627630a5fd7388159bb9e6004746 Mon Sep 17 00:00:00 2001 From: Benedikt Radtke Date: Sun, 26 Jan 2025 13:39:39 +0000 Subject: [PATCH] Ubuntu24, dotnet8 --- ansible/roles/dotnetsdk/tasks/main.yml | 2 +- ansible/roles/pip_packages/tasks/main.yml | 1 + .../router_trafficcapture/tasks/main.yml | 8 +++ .../roles/vulnbox_enomoloch/tasks/main.yml | 8 +++ configgen/poetry.lock | 67 ++++++++++++------- configgen/pyproject.toml | 2 +- packer/bambichecker.json | 2 +- packer/bambielk.json | 2 +- packer/bambiengine.json | 2 +- packer/bambirouter.json | 2 +- packer/bambivulnbox.json | 2 +- terraform/terraform.tfvars.sample | 6 +- 12 files changed, 70 insertions(+), 34 deletions(-) diff --git a/ansible/roles/dotnetsdk/tasks/main.yml b/ansible/roles/dotnetsdk/tasks/main.yml index 25bceb5..39040d6 100644 --- a/ansible/roles/dotnetsdk/tasks/main.yml +++ b/ansible/roles/dotnetsdk/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Install dotnet sdk apt: - name: "dotnet-sdk-6.0" + name: "dotnet-sdk-8.0" state: present cache_valid_time: 250 diff --git a/ansible/roles/pip_packages/tasks/main.yml b/ansible/roles/pip_packages/tasks/main.yml index 05b687e..1037983 100644 --- a/ansible/roles/pip_packages/tasks/main.yml +++ b/ansible/roles/pip_packages/tasks/main.yml @@ -3,3 +3,4 @@ ansible.builtin.pip: name: "{{ pip_packages_list }}" umask: "0022" + break_system_packages: true diff --git a/ansible/roles/router_trafficcapture/tasks/main.yml b/ansible/roles/router_trafficcapture/tasks/main.yml index b5fbf8d..3425ff9 100644 --- a/ansible/roles/router_trafficcapture/tasks/main.yml +++ b/ansible/roles/router_trafficcapture/tasks/main.yml @@ -35,6 +35,14 @@ dest: /etc/systemd/system/enorouterdump.service mode: "0644" +- name: Ensure /etc/apparmor.d/disable exists + file: + path: /etc/apparmor.d/disable + state: directory + owner: root + group: root + mode: "0700" + - name: Disable tcpdump apparmor profile file: path: /etc/apparmor.d/disable/usr.bin.tcpdump diff --git a/ansible/roles/vulnbox_enomoloch/tasks/main.yml b/ansible/roles/vulnbox_enomoloch/tasks/main.yml index 5bb2db9..0abfdc9 100644 --- a/ansible/roles/vulnbox_enomoloch/tasks/main.yml +++ b/ansible/roles/vulnbox_enomoloch/tasks/main.yml @@ -18,6 +18,14 @@ mode: "0644" changed_when: false +- name: Ensure /etc/apparmor.d/disable exists + file: + path: /etc/apparmor.d/disable + state: directory + owner: root + group: root + mode: "0700" + - name: Disable tcpdump apparmor profile file: path: /etc/apparmor.d/disable/usr.bin.tcpdump diff --git a/configgen/poetry.lock b/configgen/poetry.lock index 9ddc5c6..68014eb 100644 --- a/configgen/poetry.lock +++ b/configgen/poetry.lock @@ -1,4 +1,4 @@ -# This file is automatically @generated by Poetry 1.5.1 and should not be changed by hand. +# This file is automatically @generated by Poetry 2.0.1 and should not be changed by hand. [[package]] name = "argparse" @@ -6,6 +6,7 @@ version = "1.4.0" description = "Python command-line parsing library" optional = false python-versions = "*" +groups = ["main"] files = [ {file = "argparse-1.4.0-py2.py3-none-any.whl", hash = "sha256:c31647edb69fd3d465a847ea3157d37bed1f95f19760b11a47aa91c04b666314"}, {file = "argparse-1.4.0.tar.gz", hash = "sha256:62b089a55be1d8949cd2bc7e0df0bddb9e028faefc8c32038cc84862aefdd6e4"}, @@ -13,29 +14,34 @@ files = [ [[package]] name = "black" -version = "23.11.0" +version = "24.10.0" description = "The uncompromising code formatter." optional = false -python-versions = ">=3.8" +python-versions = ">=3.9" +groups = ["dev"] files = [ - {file = "black-23.11.0-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:dbea0bb8575c6b6303cc65017b46351dc5953eea5c0a59d7b7e3a2d2f433a911"}, - {file = "black-23.11.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:412f56bab20ac85927f3a959230331de5614aecda1ede14b373083f62ec24e6f"}, - {file = "black-23.11.0-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:d136ef5b418c81660ad847efe0e55c58c8208b77a57a28a503a5f345ccf01394"}, - {file = "black-23.11.0-cp310-cp310-win_amd64.whl", hash = "sha256:6c1cac07e64433f646a9a838cdc00c9768b3c362805afc3fce341af0e6a9ae9f"}, - {file = "black-23.11.0-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:cf57719e581cfd48c4efe28543fea3d139c6b6f1238b3f0102a9c73992cbb479"}, - {file = "black-23.11.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:698c1e0d5c43354ec5d6f4d914d0d553a9ada56c85415700b81dc90125aac244"}, - {file = "black-23.11.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:760415ccc20f9e8747084169110ef75d545f3b0932ee21368f63ac0fee86b221"}, - {file = "black-23.11.0-cp311-cp311-win_amd64.whl", hash = "sha256:58e5f4d08a205b11800332920e285bd25e1a75c54953e05502052738fe16b3b5"}, - {file = "black-23.11.0-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:45aa1d4675964946e53ab81aeec7a37613c1cb71647b5394779e6efb79d6d187"}, - {file = "black-23.11.0-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:4c44b7211a3a0570cc097e81135faa5f261264f4dfaa22bd5ee2875a4e773bd6"}, - {file = "black-23.11.0-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:2a9acad1451632021ee0d146c8765782a0c3846e0e0ea46659d7c4f89d9b212b"}, - {file = "black-23.11.0-cp38-cp38-win_amd64.whl", hash = "sha256:fc7f6a44d52747e65a02558e1d807c82df1d66ffa80a601862040a43ec2e3142"}, - {file = "black-23.11.0-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:7f622b6822f02bfaf2a5cd31fdb7cd86fcf33dab6ced5185c35f5db98260b055"}, - {file = "black-23.11.0-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:250d7e60f323fcfc8ea6c800d5eba12f7967400eb6c2d21ae85ad31c204fb1f4"}, - {file = "black-23.11.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:5133f5507007ba08d8b7b263c7aa0f931af5ba88a29beacc4b2dc23fcefe9c06"}, - {file = "black-23.11.0-cp39-cp39-win_amd64.whl", hash = "sha256:421f3e44aa67138ab1b9bfbc22ee3780b22fa5b291e4db8ab7eee95200726b07"}, - {file = "black-23.11.0-py3-none-any.whl", hash = "sha256:54caaa703227c6e0c87b76326d0862184729a69b73d3b7305b6288e1d830067e"}, - {file = "black-23.11.0.tar.gz", hash = "sha256:4c68855825ff432d197229846f971bc4d6666ce90492e5b02013bcaca4d9ab05"}, + {file = "black-24.10.0-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:e6668650ea4b685440857138e5fe40cde4d652633b1bdffc62933d0db4ed9812"}, + {file = "black-24.10.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:1c536fcf674217e87b8cc3657b81809d3c085d7bf3ef262ead700da345bfa6ea"}, + {file = "black-24.10.0-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:649fff99a20bd06c6f727d2a27f401331dc0cc861fb69cde910fe95b01b5928f"}, + {file = "black-24.10.0-cp310-cp310-win_amd64.whl", hash = "sha256:fe4d6476887de70546212c99ac9bd803d90b42fc4767f058a0baa895013fbb3e"}, + {file = "black-24.10.0-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:5a2221696a8224e335c28816a9d331a6c2ae15a2ee34ec857dcf3e45dbfa99ad"}, + {file = "black-24.10.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:f9da3333530dbcecc1be13e69c250ed8dfa67f43c4005fb537bb426e19200d50"}, + {file = "black-24.10.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:4007b1393d902b48b36958a216c20c4482f601569d19ed1df294a496eb366392"}, + {file = "black-24.10.0-cp311-cp311-win_amd64.whl", hash = "sha256:394d4ddc64782e51153eadcaaca95144ac4c35e27ef9b0a42e121ae7e57a9175"}, + {file = "black-24.10.0-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:b5e39e0fae001df40f95bd8cc36b9165c5e2ea88900167bddf258bacef9bbdc3"}, + {file = "black-24.10.0-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:d37d422772111794b26757c5b55a3eade028aa3fde43121ab7b673d050949d65"}, + {file = "black-24.10.0-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:14b3502784f09ce2443830e3133dacf2c0110d45191ed470ecb04d0f5f6fcb0f"}, + {file = "black-24.10.0-cp312-cp312-win_amd64.whl", hash = "sha256:30d2c30dc5139211dda799758559d1b049f7f14c580c409d6ad925b74a4208a8"}, + {file = "black-24.10.0-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:1cbacacb19e922a1d75ef2b6ccaefcd6e93a2c05ede32f06a21386a04cedb981"}, + {file = "black-24.10.0-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:1f93102e0c5bb3907451063e08b9876dbeac810e7da5a8bfb7aeb5a9ef89066b"}, + {file = "black-24.10.0-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:ddacb691cdcdf77b96f549cf9591701d8db36b2f19519373d60d31746068dbf2"}, + {file = "black-24.10.0-cp313-cp313-win_amd64.whl", hash = "sha256:680359d932801c76d2e9c9068d05c6b107f2584b2a5b88831c83962eb9984c1b"}, + {file = "black-24.10.0-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:17374989640fbca88b6a448129cd1745c5eb8d9547b464f281b251dd00155ccd"}, + {file = "black-24.10.0-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:63f626344343083322233f175aaf372d326de8436f5928c042639a4afbbf1d3f"}, + {file = "black-24.10.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:ccfa1d0cb6200857f1923b602f978386a3a2758a65b52e0950299ea014be6800"}, + {file = "black-24.10.0-cp39-cp39-win_amd64.whl", hash = "sha256:2cd9c95431d94adc56600710f8813ee27eea544dd118d45896bb734e9d7a0dc7"}, + {file = "black-24.10.0-py3-none-any.whl", hash = "sha256:3bb2b7a1f7b685f85b11fed1ef10f8a9148bceb49853e47a294a3dd963c1dd7d"}, + {file = "black-24.10.0.tar.gz", hash = "sha256:846ea64c97afe3bc677b761787993be4991810ecc7a4a937816dd6bddedc4875"}, ] [package.dependencies] @@ -49,7 +55,7 @@ typing-extensions = {version = ">=4.0.1", markers = "python_version < \"3.11\""} [package.extras] colorama = ["colorama (>=0.4.3)"] -d = ["aiohttp (>=3.7.4)"] +d = ["aiohttp (>=3.10)"] jupyter = ["ipython (>=7.8.0)", "tokenize-rt (>=3.2.0)"] uvloop = ["uvloop (>=0.15.2)"] @@ -59,6 +65,7 @@ version = "8.1.7" description = "Composable command line interface toolkit" optional = false python-versions = ">=3.7" +groups = ["dev"] files = [ {file = "click-8.1.7-py3-none-any.whl", hash = "sha256:ae74fb96c20a0277a1d615f1e4d73c8414f5a98db8b799a7931d1582f3390c28"}, {file = "click-8.1.7.tar.gz", hash = "sha256:ca9853ad459e787e2192211578cc907e7594e294c7ccc834310722b41b9ca6de"}, @@ -73,6 +80,8 @@ version = "0.4.6" description = "Cross-platform colored terminal text." optional = false python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,>=2.7" +groups = ["dev"] +markers = "platform_system == \"Windows\"" files = [ {file = "colorama-0.4.6-py2.py3-none-any.whl", hash = "sha256:4f1d9991f5acc0ca119f9d443620b77f9d6b33703e51011c16baf57afb285fc6"}, {file = "colorama-0.4.6.tar.gz", hash = "sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44"}, @@ -84,6 +93,7 @@ version = "5.12.0" description = "A Python utility / library to sort Python imports." optional = false python-versions = ">=3.8.0" +groups = ["dev"] files = [ {file = "isort-5.12.0-py3-none-any.whl", hash = "sha256:f84c2818376e66cf843d497486ea8fed8700b340f308f076c6fb1229dff318b6"}, {file = "isort-5.12.0.tar.gz", hash = "sha256:8bef7dde241278824a6d83f44a544709b065191b95b6e50894bdc722fcba0504"}, @@ -101,6 +111,7 @@ version = "1.6.1" description = "Optional static typing for Python" optional = false python-versions = ">=3.8" +groups = ["dev"] files = [ {file = "mypy-1.6.1-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:e5012e5cc2ac628177eaac0e83d622b2dd499e28253d4107a08ecc59ede3fc2c"}, {file = "mypy-1.6.1-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:d8fbb68711905f8912e5af474ca8b78d077447d8f3918997fecbf26943ff3cbb"}, @@ -147,6 +158,7 @@ version = "1.0.0" description = "Type system extensions for programs checked with the mypy type checker." optional = false python-versions = ">=3.5" +groups = ["dev"] files = [ {file = "mypy_extensions-1.0.0-py3-none-any.whl", hash = "sha256:4392f6c0eb8a5668a69e23d168ffa70f0be9ccfd32b5cc2d26a34ae5b844552d"}, {file = "mypy_extensions-1.0.0.tar.gz", hash = "sha256:75dbf8955dc00442a438fc4d0666508a9a97b6bd41aa2f0ffe9d2f2725af0782"}, @@ -158,6 +170,7 @@ version = "23.2" description = "Core utilities for Python packages" optional = false python-versions = ">=3.7" +groups = ["dev"] files = [ {file = "packaging-23.2-py3-none-any.whl", hash = "sha256:8c491190033a9af7e1d931d0b5dacc2ef47509b34dd0de67ed209b5203fc88c7"}, {file = "packaging-23.2.tar.gz", hash = "sha256:048fb0e9405036518eaaf48a55953c750c11e1a1b68e0dd1a9d62ed0c092cfc5"}, @@ -169,6 +182,7 @@ version = "0.11.2" description = "Utility library for gitignore style pattern matching of file paths." optional = false python-versions = ">=3.7" +groups = ["dev"] files = [ {file = "pathspec-0.11.2-py3-none-any.whl", hash = "sha256:1d6ed233af05e679efb96b1851550ea95bbb64b7c490b0f5aa52996c11e92a20"}, {file = "pathspec-0.11.2.tar.gz", hash = "sha256:e0d8d0ac2f12da61956eb2306b69f9469b42f4deb0f3cb6ed47b9cce9996ced3"}, @@ -180,6 +194,7 @@ version = "3.11.0" description = "A small Python package for determining appropriate platform-specific dirs, e.g. a \"user data dir\"." optional = false python-versions = ">=3.7" +groups = ["dev"] files = [ {file = "platformdirs-3.11.0-py3-none-any.whl", hash = "sha256:e9d171d00af68be50e9202731309c4e658fd8bc76f55c11c7dd760d023bda68e"}, {file = "platformdirs-3.11.0.tar.gz", hash = "sha256:cf8ee52a3afdb965072dcc652433e0c7e3e40cf5ea1477cd4b3b1d2eb75495b3"}, @@ -195,6 +210,7 @@ version = "0.1.5" description = "An extremely fast Python linter and code formatter, written in Rust." optional = false python-versions = ">=3.7" +groups = ["dev"] files = [ {file = "ruff-0.1.5-py3-none-macosx_10_7_x86_64.whl", hash = "sha256:32d47fc69261c21a4c48916f16ca272bf2f273eb635d91c65d5cd548bf1f3d96"}, {file = "ruff-0.1.5-py3-none-macosx_10_9_x86_64.macosx_11_0_arm64.macosx_10_9_universal2.whl", hash = "sha256:171276c1df6c07fa0597fb946139ced1c2978f4f0b8254f201281729981f3c17"}, @@ -221,6 +237,8 @@ version = "2.0.1" description = "A lil' TOML parser" optional = false python-versions = ">=3.7" +groups = ["dev"] +markers = "python_version < \"3.11\"" files = [ {file = "tomli-2.0.1-py3-none-any.whl", hash = "sha256:939de3e7a6161af0c887ef91b7d41a53e7c5a1ca976325f429cb46ea9bc30ecc"}, {file = "tomli-2.0.1.tar.gz", hash = "sha256:de526c12914f0c550d15924c62d72abc48d6fe7364aa87328337a31007fe8a4f"}, @@ -232,12 +250,13 @@ version = "4.8.0" description = "Backported and Experimental Type Hints for Python 3.8+" optional = false python-versions = ">=3.8" +groups = ["dev"] files = [ {file = "typing_extensions-4.8.0-py3-none-any.whl", hash = "sha256:8f92fc8806f9a6b641eaa5318da32b44d401efaac0f6678c9bc448ba3605faa0"}, {file = "typing_extensions-4.8.0.tar.gz", hash = "sha256:df8e4339e9cb77357558cbdbceca33c303714cf861d1eef15e1070055ae8b7ef"}, ] [metadata] -lock-version = "2.0" +lock-version = "2.1" python-versions = "^3.10" -content-hash = "639380462f639404bedf08394e616af6fd19caf39f673d8795b0320e526bce7b" +content-hash = "51b4a78eac4fa882f13f96fe39d8befc8dafb61c61fdc2a39dd84115e08e1887" diff --git a/configgen/pyproject.toml b/configgen/pyproject.toml index 0130779..32b6b4a 100644 --- a/configgen/pyproject.toml +++ b/configgen/pyproject.toml @@ -13,7 +13,7 @@ argparse = "^1.4.0" [tool.poetry.group.dev.dependencies] mypy = "^1.6.1" ruff = "^0.1.5" -black = "^23.11.0" +black = "^24.3.0" isort = "^5.12.0" [build-system] diff --git a/packer/bambichecker.json b/packer/bambichecker.json index 12dd9e0..8526af3 100644 --- a/packer/bambichecker.json +++ b/packer/bambichecker.json @@ -13,7 +13,7 @@ "builders": [ { "type": "hcloud", - "image": "ubuntu-22.04", + "image": "ubuntu-24.04", "location": "fsn1", "server_type": "cx22", "ssh_username": "root", diff --git a/packer/bambielk.json b/packer/bambielk.json index 12e650f..059ae86 100644 --- a/packer/bambielk.json +++ b/packer/bambielk.json @@ -13,7 +13,7 @@ "builders": [ { "type": "hcloud", - "image": "ubuntu-22.04", + "image": "ubuntu-24.04", "location": "fsn1", "server_type": "cx22", "ssh_username": "root", diff --git a/packer/bambiengine.json b/packer/bambiengine.json index bff1de4..4a1dcec 100644 --- a/packer/bambiengine.json +++ b/packer/bambiengine.json @@ -13,7 +13,7 @@ "builders": [ { "type": "hcloud", - "image": "ubuntu-22.04", + "image": "ubuntu-24.04", "location": "fsn1", "server_type": "cx22", "ssh_username": "root", diff --git a/packer/bambirouter.json b/packer/bambirouter.json index 8233c25..15b387a 100644 --- a/packer/bambirouter.json +++ b/packer/bambirouter.json @@ -14,7 +14,7 @@ "builders": [ { "type": "hcloud", - "image": "ubuntu-22.04", + "image": "ubuntu-24.04", "location": "fsn1", "server_type": "cx22", "ssh_username": "root", diff --git a/packer/bambivulnbox.json b/packer/bambivulnbox.json index ee2aa46..f1297b5 100644 --- a/packer/bambivulnbox.json +++ b/packer/bambivulnbox.json @@ -13,7 +13,7 @@ "builders": [ { "type": "hcloud", - "image": "ubuntu-22.04", + "image": "ubuntu-24.04", "location": "fsn1", "server_type": "cx32", "ssh_username": "root", diff --git a/terraform/terraform.tfvars.sample b/terraform/terraform.tfvars.sample index 91f3154..f8668b8 100644 --- a/terraform/terraform.tfvars.sample +++ b/terraform/terraform.tfvars.sample @@ -8,8 +8,8 @@ engine_count = 1 elk_count = 1 vulnbox_count = 2 -router_type = "cx21" -checker_type = "cx21" -engine_type = "cx21" +router_type = "cx22" +checker_type = "cx22" +engine_type = "cx22" elk_type = "cpx31" vulnbox_type = "cpx31"