-
Notifications
You must be signed in to change notification settings - Fork 75
Ansible
The Ansible playbook and role (ansible
) were made for installing DFIRTrack on a Ubuntu server.
The following distributions are currently tested:
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
Beside the installation of DFIRTrack several tasks are executed alongside. It is planned to build another role that only takes the minimum needed steps for successful plain installation.
For fast testing the playbook may be executed with the default values. It was created with every option predefined. So for first testing you may skip this section.
Attention:
The used default deployment user is called "forensics".
If you wish to change, edit the variable ansible_ssh_user
in ansible/group_vars/all
.
For production usage (not publicly available!!!) it is recommended to think about the following values before executing:
- django secret key (there are many instructions in the wild how to generate it properly),
- path for the project (
<PROJECT_DIR>
), - path for logging,
- path and project name (needed separately) for markdown documentation,
- dedicated user for PostgreSQL database,
- password for PostgreSQL database (default and dedicated user),
- path for database backup,
- URL for reaching the web interface (
<FQDN>
), - service name for nginx logging,
- path for nginx static web server files,
- organization name and unit for self signed SSL certificates.
- change to
ansible
directory of DFIRTrack repo, - add destination host to
hosts
file like it is addressed by your ssh config, - execute ansible:
ansible-playbook -i hosts [-k] -K dfirtrack.yml
, - confirm or change the default values while executing.
- login to destination host,
- source the virtual environment:
source <PROJECT_DIR>/venv/bin/activate
, - change to project folder:
cd <PROJECT_DIR>
, - create superuser:
python3 manage.py createsuperuser
, - login to web interface (
https://<FQDN>
), - additional administration is possible due to admin UI (
https://<FQDN>/admin
).
The following tasks are executed:
- clone DFIRTrack repository to a desired destination on destination host,
- install and prepare
django
project, - copy and customize main project configuration file
settings.py
/local_settings.py
, - prepare folders for logging and markdown documentation (in
mkdocs
style), - configure
PostgreSQL
database (including users and passwords), - prepare cronjob for database backup,
- install and configure
nginx
reverse proxy server including self signed SSL certificates, - install WSGI server
gunicorn
as service, - install
django-q
task queue as service, - configure firewall
ufw
.