added current playbooks and roles

playbooks/install-sis-motd.yml

@@ -0,0 +1,7 @@
+---
+- name: Install perfect Sistematics motd
+  hosts: sis_srvs
+  become: yes
+
+  roles:
+    - role: install-sis-motd

playbooks/install-srvs-packages.yml

@@ -0,0 +1,7 @@
+---
+- name: Install packages for Sistematics Server
+  hosts: sis_srv
+  become: yes
+  
+  roles:
+    - role: install-packages

playbooks/install-stcp.yml

@@ -0,0 +1,46 @@
+- name: Install fully worked (I hope) STCP server
+  hosts: test 
+  become: yes
+
+  roles:
+    - role: install-stcp
+      server_port: 5006
+      links_number: 8
+      start_ip_addr: 192.168.56.34
+      internal_links_name: stcp-5006-
+      ext_iface: eth0
+      stcp_mode: tun
+      stcp_runas: root
+      use_auth: no
+      use_client_logging: yes
+      #stcp_tuntaps
+      en_tap_iface: no
+      tap_iface_name: 'tap_{{ stcp_instance_name }}'
+      tap_iface_ip_addr: 10.10.1.1
+      tap_iface_ip_mask: 255.255.255.0
+
+      en_tun_iface: yes
+      tun_iface_name: 'tun_{{ stcp_instance_name }}'
+      tun_iface_ip_addr: 10.11.1.1
+      tun_iface_ip_mask: 255.255.255.0
+
+    - role: install-stcp
+      server_port: 4998
+      links_number: 8
+      start_ip_addr: 192.168.56.2
+      internal_links_name: stcp-4998-
+      ext_iface: eth0
+      stcp_mode: tun
+      stcp_runas: root
+      use_auth: no
+      use_client_logging: yes
+      #stcp_tuntaps
+      en_tap_iface: no
+      tap_iface_name: 'tap_{{ stcp_instance_name }}'
+      tap_iface_ip_addr: 10.10.0.1
+      tap_iface_ip_mask: 255.255.255.0
+
+      en_tun_iface: yes
+      tun_iface_name: 'tun_{{ stcp_instance_name }}'
+      tun_iface_ip_addr: 10.11.0.1
+      tun_iface_ip_mask: 255.255.255.0

playbooks/setup-sis-srv.yml

@@ -0,0 +1,11 @@
+---
+- name: Setup new sis srv from the ground
+  hosts: sis_srvs
+  become: yes
+
+  roles:
+    - role: install-sis-motd
+    - role: install-packages
+    - role: install-zsh-and-vim
+#    - role: tune-settings  не запилил
+      update_only: yes

playbooks/zsh-and-vim-setup.yml

@@ -0,0 +1,15 @@
+---
+- name: Install (or update) vim and zsh with defined configs
+  hosts: all
+  become: yes
+
+# параметры:
+#   update_only: {yes, no} - включить режим обновления конфигураций. По умолчанию равен no (см. директорию vars роли install-zsh-and-vim)
+#   install_deps: {yes, no} - активация установки пакетов (zsh, wget, vim, git). По умолчанию равен yes
+#   dest_folder: "path" - путь, по которому скопируются файлы конфигурации. По умолчанию "/root/"
+# Если update_only: yes и install_deps: yes, то установка пакетов не выполнится, только обновление файлов
+
+  roles:
+    - role: install-zsh-and-vim
+      # update_only: yes
+      install_deps: no

roles/install-packages/tasks/main.yml

@@ -0,0 +1,55 @@
+---
+# tasks file for install-packages
+- block: # red hat based distros
+  - yum: name={{item}} state=latest update_cache=True
+    with_items:
+    - iptables-services
+    - iperf3
+    - git
+    - zsh
+    - vim
+    - wget
+    - epel-release
+    - bmon
+    - curl
+    - tcpdump
+    - nmap
+    - mc
+    - nano
+    - iptraf-ng
+  when: ansible_os_family == "RedHat"
+
+- block: # debina based distros
+  - apt: name={{item}} state=latest update_cache=True
+    with_items:
+    - iperf3
+    - git
+    - zsh
+    - vim
+    - wget
+    - bmon
+    - curl
+    - tcpdump
+    - nmap
+    - nano
+    - mc
+    - iptraf-ng
+  when: ansible_os_family == "Debian"
+
+- block: # alpine
+  - apk: name={{item}} state=latest update_cache=True
+    with_items:
+    - git
+    - zsh
+    - zsh-vcs
+    - vim
+    - wget
+    - curl
+    - tcpdump
+    - nmap
+    - bmon
+    - shadow
+    - nano
+    - mc
+    - iptraf-ng
+  when: ansible_os_family == "Alpine"

roles/install-packages/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for install-packages

roles/install-sis-motd/files/motd

@@ -0,0 +1 @@
+../../../files/motd

roles/install-sis-motd/tasks/main.yml

@@ -0,0 +1,7 @@
+---
+# tasks file for install-sis-motd
+
+- name: Copy motd to the server(s)
+  copy:
+    src: motd
+    dest: /etc/motd

roles/install-stcp/defaults/main.yml

@@ -0,0 +1,23 @@
+---
+# defaults file for install-stcp
+stcp_base_dir: /opt/stcp
+stcp_binary_path: '{{stcp_base_dir}}/multi_srv_raw'
+stcp_instance_name: '{{ server_port }}_{{ server_port + links_number-1 }}'
+stcp_instance_dir: '{{ stcp_base_dir }}/{{ stcp_instance_name }}'
+loop_script_path: '{{stcp_base_dir}}/loop'
+init_scripts_dir: /etc/init.d
+clients_log_file_path: '{{ stcp_instance_dir }}/logc'
+users_file_path: '{{ stcp_instance_dir }}/users.ini'
+
+# default stcp conf settings
+stcp_mtu_size: 1500
+en_peer_to_peer: 1
+en_print_info: 1
+stcp_http_srv_addr: 127.0.0.1
+stcp_http_srv_port: 1888
+max_sessions_threshold: 8
+min_sessions_threshold: 4
+flush_sort_delay_max: 600000
+flush_sort_delay_min: 200000
+flush_sort_add_time: 100000
+split_tcp_sessions: 2

roles/install-stcp/files/loop

@@ -0,0 +1 @@
+../../../files/loop

roles/install-stcp/files/multi_srv_raw

@@ -0,0 +1 @@
+../../../files/multi_srv_raw

roles/install-stcp/tasks/create_handlers.yml

@@ -0,0 +1,5 @@
+- name: Templating STCP Server service script
+  template:
+    src: service.j2
+    dest: '{{ init_scripts_dir }}/stcp_{{ stcp_instance_name }}'
+    mode: '0700'

roles/install-stcp/tasks/create_stcp.yml

@@ -0,0 +1,84 @@
+---
+- name: Copying the STCP binary file
+  block:
+    - name: Creating "{{ stcp_base_dir }}" directory
+      file: path="{{ stcp_base_dir }}" state=directory
+    - name: Copying binary
+      copy: 
+        src: multi_srv_raw 
+        dest: '{{ stcp_binary_path }}'
+        mode: '0700'
+
+- name: Copying the loop script file
+  copy:
+    src: loop
+    dest: '{{ loop_script_path }}'
+    mode: '0700'
+
+- name: Creating symlink to the STCP binary file
+  block:
+    - name: Creating STCP instance directory
+      file: 
+        path: '{{ stcp_instance_dir }}'
+        state: directory
+        mode: '0600'
+    - name: Creating symlink
+      file:
+        src: '{{ stcp_binary_path }}'
+        dest: '{{ stcp_instance_dir }}/multi_srv_raw'
+        state: link
+
+- name: Creating STCP logging file
+  file:
+    path: '{{ clients_log_file_path }}'
+    state: touch
+    mode: '0600'
+  when: use_client_logging == true
+
+- name: Creating STCP users file
+  file:
+    path: '{{ users_file_path }}'
+    state: touch
+    mode: '0600'
+  when: use_auth == true
+
+- name: Templating STCP server config
+  block:
+    - name: Templating config 
+      template:
+        src: server.ini.j2
+        dest: '{{ stcp_instance_dir }}/server.ini'
+        mode: '0600'
+    
+    - name: Creating STCP links
+      lineinfile:
+        path: '{{ stcp_instance_dir }}/server.ini'
+        line: 'link {{ internal_links_name }}{{ item }} {{ start_ip_addr.split(".")[0] }}.{{ start_ip_addr.split(".")[1] }}.{{ start_ip_addr.split(".")[2] }}.{{ (start_ip_addr.split(".")[-1])|int+4*(item-1) }} 255.255.255.252'
+        insertbefore: BOF
+      loop: '{{ range(links_number, 0, -1) |list }}'
+
+    - name: Enabling TUN 
+      lineinfile:
+        path: '{{ stcp_instance_dir }}/server.ini'
+        line: 'tun {{ tun_iface_name }} {{ tun_iface_ip_addr }} {{ tun_iface_ip_mask }}'
+        insertafter: '^# stcp ifaces:'
+      when: en_tun_iface == true
+    
+    - name: Enabling TAP 
+      lineinfile:
+        path: '{{ stcp_instance_dir }}/server.ini'
+        line: 'tap {{ tap_iface_name }} {{ tap_iface_ip_addr }} {{ tap_iface_ip_mask }}'
+        insertafter: '^# stcp ifaces:'
+      when: en_tap_iface == true
+
+    - name: Enabling clients logging 
+      lineinfile:
+        path: '{{ stcp_instance_dir }}/server.ini'
+        line: 'clients_log_fname {{ clients_log_file_path }}'
+      when: use_client_logging == true
+
+    - name: Enabling users auth 
+      lineinfile:
+        path: '{{ stcp_instance_dir }}/server.ini'
+        line: 'users {{ users_file_path }}'
+      when: use_auth == true

roles/install-stcp/tasks/handle_stcp.yml

@@ -0,0 +1,9 @@
+- name: Refreshing systemd daemon list
+  systemd:
+    daemon_reload: yes
+
+- name: Starting and enabling the STCP Server service
+  systemd:
+    name: 'stcp_{{ stcp_instance_name }}'
+    state: restarted
+    enabled: yes

roles/install-stcp/tasks/main.yml

@@ -0,0 +1,13 @@
+---
+# tasks file for install-stcp
+- name: Creating Sistematics STCP Server {{ stcp_instance_name }}
+  block:
+
+  - name: Creating STCP Server files
+    include: create_stcp.yml
+
+  - name: Creating STCP Server handlers
+    include: create_handlers.yml
+
+  - name: Starting the STCP Server
+    include: handle_stcp.yml

roles/install-stcp/templates/server.ini.j2

@@ -0,0 +1,13 @@
+
+# stcp ifaces:
+
+SPLIT_TCP_SESSIONS {{ split_tcp_sessions }}
+print_info {{ en_print_info }}
+MAX_SESSIONS_THRESHOLD {{ max_sessions_threshold }}
+MIN_SESSIONS_THRESHOLD {{ min_sessions_threshold }}
+FLUSH_SORT_DELAY_MAX {{ flush_sort_delay_max }}
+FLUSH_SORT_DELAY_MIN {{ flush_sort_delay_min }}
+FLUSH_SORT_ADD_TIME {{ flush_sort_add_time }}
+server_http {{ stcp_http_srv_addr }} {{ stcp_http_srv_port }}
+enable_peer_to_peer {{ en_peer_to_peer }}
+INTERFACE_MTU {{ stcp_mtu_size }}

roles/install-stcp/templates/service.j2

@@ -0,0 +1,61 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides:          stcp
+# Required-Start:    $local_fs $network $time $syslog
+# Required-Stop:     $local_fs $network $time $syslog
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Description:       Sistematics Server v3 (Sep2021)
+### END INIT INFO
+# Date of installation: {{ ansible_date_time.date }}
+
+BASE_DIR="{{ stcp_base_dir }}"
+STCP_INSTANCE_NAME="{{ stcp_instance_name }}"
+MULTISRV="$BASE_DIR/$STCP_INSTANCE_NAME/multi_srv_raw"
+LOOP="$BASE_DIR/loop"
+CFG="$BASE_DIR/$STCP_INSTANCE_NAME/server.ini"
+STCP_PIDFILE="/var/run/stcp_${STCP_INSTANCE_NAME}.pid"
+EXT_IF={{ ext_iface }}
+PORT_MIN={{ server_port }}
+MODE={{ stcp_mode }}
+RUNAS={{ stcp_runas }}
+
+DAEMON_PIDFILE="/var/run/stcp_${STCP_INSTANCE_NAME}_loop.pid"
+DAEMON_LOGFILE="/var/log/stcp_${STCP_INSTANCE_NAME}_loop.log"
+
+start() {
+  if [ -f $DAEMON_PIDFILE ] && kill -0 $(cat $DAEMON_PIDFILE); then
+    echo -e '\033[1;33m[WARN]\033[0m Service already running' >&2
+    return 1
+  fi
+  echo -e '\033[0;34m[NOTIFY]\033[0m Starting service…' >&2
+  local CMD="$LOOP $MULTISRV $CFG $STCP_PIDFILE $EXT_IF $PORT_MIN $MODE"
+  su -c "$CMD" $RUNAS > $DAEMON_LOGFILE 2>&1 &
+  echo $! > $DAEMON_PIDFILE 
+  echo -e '\033[0;32m[OK]\033[0m Service started' >&2
+}
+
+stop() {
+   if [ ! -f $DAEMON_PIDFILE ] || ! kill -0 $(cat $DAEMON_PIDFILE); then
+    echo -e '\033[1;33m[WARN]\033[0m Service not running' >&2
+    return 1
+  fi
+  echo -e '\033[0;34m[NOTIFY]\033[0m Stopping service…' >&2
+  pkill -15 -P $(cat $DAEMON_PIDFILE) && rm -f $DAEMON_PIDFILE
+  echo -e '\033[0;32m[OK]\033[0m Service stopped' >&2
+}
+
+case "$1" in
+  start)
+    start
+    ;;
+  stop)
+    stop
+    ;;
+  restart)
+    stop
+    start
+    ;;
+  *)
+    echo "Usage: $0 {start|stop|restart}"
+esac

roles/install-stcp/vars/main.yml

@@ -0,0 +1,23 @@
+---
+# vars file for install-stcp
+
+server_port: 5006
+links_number: 8
+start_ip_addr: 192.168.56.2
+internal_links_name: stcp # pattern
+ext_iface: eth0
+stcp_mode: tun
+stcp_runas: root
+use_auth: no
+use_client_logging: yes
+#stcp_tuntaps
+en_tap_iface: no
+tap_iface_name: 'tap_{{ stcp_instance_name }}'
+tap_iface_ip_addr: 10.10.1.1
+tap_iface_ip_mask: 255.255.255.0
+
+en_tun_iface: yes
+tun_iface_name: 'tun_{{ stcp_instance_name }}'
+tun_iface_ip_addr: 10.11.1.1
+tun_iface_ip_mask: 255.255.255.0
+

roles/install-zsh-and-vim/files/.vimrc

@@ -0,0 +1 @@
+../../../files/vimrc

roles/install-zsh-and-vim/files/.zshrc

@@ -0,0 +1 @@
+../../../files/zshrc

roles/install-zsh-and-vim/tasks/main.yml

@@ -0,0 +1,66 @@
+---
+- block: #red hat based distros
+  - yum: 
+      name: '{{ item }}' 
+      state: latest 
+      update_cache: true
+    with_items:
+      - git
+      - zsh
+      - vim
+      - wget
+  when: ansible_os_family == "RedHat" and install_deps == true and update_only == false
+
+- block: #debian based distros
+  - apt: 
+      name: '{{ item }}' 
+      state: latest 
+      update_cache: true
+    with_items:
+      - git
+      - zsh
+      - vim
+      - wget
+  when: ansible_os_family == "Debian" and install_deps == true and update_only == false
+
+- block: #alpine
+  - apk:
+      name: '{{ item }}' 
+      state: latest 
+      update_cache: true
+    with_items:
+      - git
+      - zsh
+      - vim
+      - wget
+      - zsh-vcs
+      - shadow
+  when: ansible_os_family == "Alpine" and install_deps == true and update_only == false
+
+- name: change default shell
+  shell: '[[ ! $SHELL = "$(which zsh)" ]] && chsh -s "$(which zsh)" || true'
+  async: 1
+  poll: 0
+  when: update_only == false
+
+- name: remove oh-my-zsh if exists
+  file: 
+    path: /root/.oh-my-zsh/
+    state: absent
+  when: update_only == false
+
+- name: updload zsh and vim config
+  copy: 
+    src: '{{item}}'
+    dest: '{{dest_folder}}'
+  loop:
+    - ".vimrc"
+    - ".zshrc"
+
+- name: Install zsh-syntax-highlighting
+  shell: '[ ! -d "/usr/share/zsh-syntax-highlighting" ] && git clone https://github.com/zsh-users/zsh-syntax-highlighting.git /usr/share/zsh-syntax-highlighting || true'
+  when: update_only == false
+
+- name: install oh-my-zsh if needed
+  shell: 'sh -c "$(wget -O- https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" "" --unattended --keep-zshrc'
+  when: update_only == false

roles/install-zsh-and-vim/vars/main.yml

@@ -0,0 +1,5 @@
+---
+# vars file for istall-zsh-and-vim
+update_only: no
+install_deps: yes
+dest_folder: /root/