add deploy dynamic

ansible/.gitignore

@@ -1,4 +1,5 @@
 github.key
 hacker_theme.zip
+config.json
 # todo: remove this line
 challenge.py

ansible/deploy_dynamic.yml

@@ -0,0 +1,8 @@
+---
+
+- name: Setup the deploy-dynamic instance
+  hosts: deploy-dynamic
+  gather_facts: true
+  roles:
+    - prerequisites
+    - deploy_dynamic

ansible/inventories/dev

@@ -1,8 +1,11 @@
 [ctfd]
 heroctf-ctfd ansible_connection=ssh ansible_user=root
 
+[deploy-dynamic]
+heroctf-deploy-dynamic ansible_connection=ssh ansible_user=root
+
 [static-challenges]
-heroctf-static-1 ansible_connection=ssh ansible_user=root
+# heroctf-static-1 ansible_connection=ssh ansible_user=root
 
 [dynamic-challenges]
 heroctf-dynamic-1 ansible_connection=ssh ansible_user=root

ansible/roles/challenges/tasks/git_repository.yml

@@ -20,14 +20,21 @@
   become: true
   become_user: "{{ ctf_user }}"
 
-- name: "Clone HeroCTF challenges' repository to '/home/{{ ctf_user }}/challenges'"
+- name: "Clone HeroCTF challenges' repository to '{{ challenges_install_path }}'"
   ansible.builtin.git:
     repo: "{{ challenges_git_url }}"
     version: "main"
-    dest: "/home/{{ ctf_user }}/challenges"
+    dest: "{{ challenges_install_path }}"
     accept_hostkey: true
     force: true
   become: true
   become_user: "{{ ctf_user }}"
   register: git_challenge_output
   changed_when: git_challenge_output.changed
+
+- name: Run 'build_dynamic_challenges.sh' script
+  ansible.builtin.shell: "bash build_dynamic_challenges.sh"
+  args:
+    chdir: "{{ challenges_install_path }}"
+  become: true
+  become_user: "{{ ctf_user }}"

ansible/roles/challenges/vars/main.yml

@@ -1 +1,2 @@
 challenges_git_url: "[email protected]:HeroCTF/HeroCTF_v6.git"
+challenges_install_path: "/home/{{ ctf_user }}/challenges"

ansible/roles/ctfd/tasks/main.yml

@@ -1,55 +1,55 @@
 ---
 
-- name: "Clone CTFd at version '{{ ctfd_version }}' to '/home/{{ ctf_user }}/CTFd'"
+- name: "Clone CTFd at version '{{ ctfd_version }}' to '{{ ctfd_install_path }}'"
   ansible.builtin.git:
     repo: "https://github.com/CTFd/CTFd.git"
-    dest: "/home/{{ ctf_user }}/CTFd"
+    dest: "{{ ctfd_install_path }}"
     version: "{{ ctfd_version }}"
     force: true
   become: true
   become_user: "{{ ctf_user }}"
 
-- name: "Copy '.env' to '/home/{{ ctf_user }}/CTFd/.env'"
+- name: "Copy '.env' to '{{ ctfd_install_path }}/.env'"
   ansible.builtin.copy:
     src: "files/.env"
-    dest: "/home/{{ ctf_user }}/CTFd/.env"
+    dest: "{{ ctfd_install_path }}/.env"
     owner: "{{ ctf_user }}"
     group: "{{ ctf_user }}"
     mode: "0644"
   become: true
 
-- name: "Copy 'docker-compose.yml.j2' to '/home/{{ ctf_user }}/CTFd/docker-compose.yml'"
+- name: "Copy 'docker-compose.yml.j2' to '{{ ctfd_install_path }}/docker-compose.yml'"
   ansible.builtin.template:
     src: "docker-compose.yml.j2"
-    dest: "/home/{{ ctf_user }}/CTFd/docker-compose.yml"
+    dest: "{{ ctfd_install_path }}/docker-compose.yml"
     owner: "{{ ctf_user }}"
     group: "{{ ctf_user }}"
     mode: "0644"
   become: true
   become_user: "{{ ctf_user }}"
 
-- name: "Copy 'http.conf.j2' to '/home/{{ ctf_user }}/CTFd/conf/nginx/http.conf'"
+- name: "Copy 'http.conf.j2' to '{{ ctfd_install_path }}/conf/nginx/http.conf'"
   ansible.builtin.template:
     src: "http.conf.j2"
-    dest: "/home/{{ ctf_user }}/CTFd/conf/nginx/http.conf"
+    dest: "{{ ctfd_install_path }}/conf/nginx/http.conf"
     owner: "{{ ctf_user }}"
     group: "{{ ctf_user }}"
     mode: "0644"
   become: true
 
 - name: "Create a 'certs' directory for HTTPs certificates"
   ansible.builtin.file:
-    path: "/home/{{ ctf_user }}/CTFd/conf/nginx/certs/"
+    path: "{{ ctfd_install_path }}/conf/nginx/certs/"
     state: directory
     owner: "{{ ctf_user }}"
     group: "{{ ctf_user }}"
     mode: "0775"
   become: true
 
-- name: "Copy 'fullchain.pem' & 'privkey.pem' to '/home/{{ ctf_user }}/CTFd/conf/nginx/certs/'"
+- name: "Copy 'fullchain.pem' & 'privkey.pem' to '{{ ctfd_install_path }}/conf/nginx/certs/'"
   ansible.builtin.copy:
     src: "files/certs/{{ item }}"
-    dest: "/home/{{ ctf_user }}/CTFd/conf/nginx/certs/{{ item }}"
+    dest: "{{ ctfd_install_path }}/conf/nginx/certs/{{ item }}"
     owner: "{{ ctf_user }}"
     group: "{{ ctf_user }}"
     mode: "0644"
@@ -61,7 +61,7 @@
 - name: "Copy 'CTFd_api_v1_challenges.py' for first blood Discord webhook"
   ansible.builtin.copy:
     src: "files/CTFd_api_v1_challenges.py"
-    dest: "/home/{{ ctf_user }}/CTFd/CTFd/api/v1/challenges.py"
+    dest: "{{ ctfd_install_path }}/CTFd/api/v1/challenges.py"
     owner: "{{ ctf_user }}"
     group: "{{ ctf_user }}"
     mode: "0644"
@@ -71,7 +71,7 @@
 - name: "Copy 'CTFd_config.py' for better connection settings with the database"
   ansible.builtin.copy:
     src: "files/CTFd_config.py"
-    dest: "/home/{{ ctf_user }}/CTFd/CTFd/config.py"
+    dest: "{{ ctfd_install_path }}/CTFd/config.py"
     owner: "{{ ctf_user }}"
     group: "{{ ctf_user }}"
     mode: "0644"
@@ -80,14 +80,14 @@
 - name: Extract the custom theme
   ansible.builtin.unarchive:
     src: "files/{{ ctfd_theme_name }}"
-    dest: "/home/{{ ctf_user }}/CTFd/CTFd/themes/"
+    dest: "{{ ctfd_install_path }}/CTFd/themes/"
   become: true
   become_user: "{{ ctf_user }}"
   when: ctfd_install_theme
 
 - name: "Create a 'data' directory for docker-compose volumes"
   ansible.builtin.file:
-    path: "/home/{{ ctf_user }}/CTFd/data/"
+    path: "{{ ctfd_install_path }}/data/"
     state: directory
     owner: "{{ ctf_user }}"
     group: "{{ ctf_user }}"
@@ -98,14 +98,14 @@
 - name: "Add 'psycopg2-binary' to requirements.txt for PostgreSQL connection"
   ansible.builtin.shell: "echo 'psycopg2-binary' >> requirements.txt"
   args:
-    chdir: "/home/{{ ctf_user }}/CTFd"
+    chdir: "{{ ctfd_install_path }}"
   become: true
   become_user: "{{ ctf_user }}"
 
 - name: Start CTFd docker-compose
   ansible.builtin.shell: "docker compose up -d --build"
   args:
-    chdir: "/home/{{ ctf_user }}/CTFd"
+    chdir: "{{ ctfd_install_path }}"
   register: ctfd_docker_compose_output
   changed_when: "'recreated' in ctfd_docker_compose_output.stdout or 'Pulling' in ctfd_docker_compose_output.stdout"
   become: true

ansible/roles/ctfd/vars/main.yml

@@ -0,0 +1 @@
+ctfd_install_path: "/home/{{ ctf_user }}/CTFd"

ansible/roles/deploy_dynamic/tasks/main.yml

@@ -0,0 +1,48 @@
+---
+
+- name: "Clone deploy-dynamic repository to '{{ deploy_dynamic_install_path }}'"
+  ansible.builtin.git:
+    repo: "https://github.com/HeroCTF/deploy-dynamic"
+    version: "main"
+    dest: "{{ deploy_dynamic_install_path }}"
+    accept_hostkey: true
+    force: true
+  become: true
+  become_user: "{{ ctf_user }}"
+  register: git_challenge_output
+  changed_when: git_challenge_output.changed
+
+- name: "Upload 'config.json' & '.env' to '{{ deploy_dynamic_install_path }}'"
+  ansible.builtin.copy:
+    src: "files/{{ item }}"
+    dest: "{{ deploy_dynamic_install_path }}/{{ item }}"
+    owner: "{{ ctf_user }}"
+    group: "{{ ctf_user }}"
+    mode: "0644"
+  become: true
+  become_user: "{{ ctf_user }}"
+  loop:
+    - "config.json"
+    - ".env"
+
+- name: "Upload HTTPs certs to '{{ deploy_dynamic_install_path }}/nginx/certs/'"
+  ansible.builtin.copy:
+    src: "files/{{ item }}"
+    dest: "{{ deploy_dynamic_install_path }}/nginx/certs/{{ item }}"
+    owner: "{{ ctf_user }}"
+    group: "{{ ctf_user }}"
+    mode: "0644"
+  become: true
+  become_user: "{{ ctf_user }}"
+  loop:
+    - "fullchain.pem"
+    - "privkey.pem"
+
+- name: Start deploy-dynamic docker-compose
+  ansible.builtin.shell: "docker compose up -d --build --force-recreate"
+  args:
+    chdir: "{{ deploy_dynamic_install_path }}"
+  register: docker_compose_output
+  changed_when: "'recreated' in docker_compose_output.stdout or 'Pulling' in docker_compose_output.stdout"
+  become: true
+  become_user: "{{ ctf_user }}"

ansible/roles/deploy_dynamic/vars/main.yml

@@ -0,0 +1 @@
+deploy_dynamic_install_path: "/home/{{ ctf_user }}/deploy-dynamic"