Cuckoo-Report/tasks/main.yml

---
- name:
  package:
    name: "{{ package_name }}"
    state: present
  loop:
    - python
    - python-pip
    - python-dev
    - libffi-dev
    - libssl-dev
    - python-virtualenv
    - python-setuptools
    - libjpeg-dev
    - zlib1g-dev
    - swig
    - postgresql
    - libpq-dev
    - qemu-kvm
    - libvirt-bin
    - bridge-utils
    - python-libvirt
    - ubuntu-vm-builder
    - tcpdump
    - apparmor-utils
    - volatility
    - mongodb
    - virt-manager
    - inetsim
    - curl
  loop_control:
    loop_var: package_name

- name: Disable AppArmor for Tcpdump
  shell: aa-disable /usr/sbin/tcpdump || echo "Disabled"

- name: Create groups
  group:
    name: "{{ group_name }}"
    state: present
  loop:
    - pcap
    - cuckoo
  loop_control:
    loop_var: group_name

- name: Create the Cuckoo user
  user:
    name: cuckoo
    comment: "Cuckoo user"
    group: cuckoo
    shell: /bin/bash

- name: Add groups to Cuckoo user
  user:
    name: cuckoo
    groups: pcap,libvirt,libvirt-qemu
    append: yes

- name: Change tcpdump to pcap group
  file:
    path: /usr/sbin/tcpdump
    group: pcap
    mode: "2755"

- name: Set cap for tcpdump binary
  community.general.capabilities:
    path: /usr/sbin/tcpdump
    capability: cap_net_admin,cap_net_raw+eip
    state: present

- name: Create Cuckoo Python Virt Env
  file:
    path: /opt/cuckoo-env
    state: directory
    owner: root
    group: root
    mode: "0744"

- name: Upgrade Pip
  pip:
    name:
      - pip
      - setuptools
    virtualenv: /opt/cuckoo-env
    virtualenv_python: python2

- name: Install m2crypto & Cuckoo
  pip:
    name:
      - m2crypto
      - cuckoo
    virtualenv: /opt/cuckoo-env
    virtualenv_python: python2

- name: Setting Activate Binary to executable
  file:
    path: /opt/cuckoo-env/bin/activate
    mode: u+x,g+x

- name:
  shell: /opt/cuckoo-env/bin/activate && /opt/cuckoo-env/bin/cuckoo init || echo "Created"

- name: Enabling MongoDB
  ini_file:
    path: /root/.cuckoo/conf/reporting.conf
    section: mongodb
    option: enabled
    value: 'yes'

- name: Setting qemu as virtual machine provider
  lineinfile:
    path: /root/.cuckoo/conf/cuckoo.conf
    state: present
    regexp: '^machinery'
    line: machinery = qemu

- name: Enabling memory dump
  lineinfile:
    path: /root/.cuckoo/conf/cuckoo.conf
    state: present
    regexp: '^memory_dump'
    line: memory_dump = yes

- name: Configuring Cuckoo kvm
  ini_file:
    path: /root/.cuckoo/conf/qemu.conf
    section: "{{ kvm_conf.section }}"
    option: "{{ kvm_conf.option }}"
    value: "{{ kvm_conf.value }}"
  loop:
    - option: label
      value: win7
      section: win7
    - option: image
      value: /var/lib/libvirt/images/win7.qcow2
      section: win7
    - option: snapshot
      value: 1619566313
      section: win7
    - option: enable_kvm
      value: 'no'
      section: win7
    - option: platform
      value: linux
      section: win7
    - option: ip
      value: 192.168.24.200
      section: win7
    - option: machines
      value: win7
      section: qemu
    - option: interface
      value: virbr1
      section: qemu
  loop_control:
    loop_var: kvm_conf
  tags:
    - never
    - conf_kvm

- name: Set correct listening IP address
  lineinfile:
    path: /root/.cuckoo/conf/cuckoo.conf
    state: present
    regexp: '^ip ='
    line: "ip = {{ ansible_default_ipv4.address }}"

- name: Create ISO Folder
  file:
    path: /root/iso
    state: directory
    owner: root
    group: root
    mode: '0640'

- name: Copy Win10 ISO to host
  copy:
    src: ./Win10_20H2_v2_English_x64.iso
    dest: /root/iso/Win10.iso
    owner: root
    group: root
    mode: '0640'

...