added role-based playbooks

author: heqnx <root@heqnx.com> 2025-05-25 11:51:57 +0300
committer: heqnx <root@heqnx.com> 2025-05-25 11:51:57 +0300
commit: 8fb0b275bf00c963a24c21e1dfbaa64491c4f445 (patch)
tree: 28e9b4bbf0d4391f092f832d8f00d84ec20fed4f /roles/sliver-c2/tasks
parent: 7c8ed923df3c02338dfbf826fd6fd9a23dac502e (diff)
download: ansible-playbooks-8fb0b275bf00c963a24c21e1dfbaa64491c4f445.tar.gz
ansible-playbooks-8fb0b275bf00c963a24c21e1dfbaa64491c4f445.zip
6 files changed, 128 insertions, 0 deletions
diff --git a/roles/sliver-c2/tasks/apt_install.yaml b/roles/sliver-c2/tasks/apt_install.yaml
new file mode 100644
index 0000000..4004daf
--- /dev/null
+++ b/roles/sliver-c2/tasks/apt_install.yaml
@@ -0,0 +1,5 @@
+- name: install apt packages
+  apt:
+    name: "{{ apt_packages }}"
+    state: present
+    update_cache: yes
+\ No newline at end of file
diff --git a/roles/sliver-c2/tasks/golang_install.yaml b/roles/sliver-c2/tasks/golang_install.yaml
new file mode 100644
index 0000000..e67d508
--- /dev/null
+++ b/roles/sliver-c2/tasks/golang_install.yaml
@@ -0,0 +1,33 @@
+- name: download and extract golang
+  block:
+    - name: get latest golang version
+      shell: |
+        curl -sSL https://golang.org/dl/ | awk -F '"' '/dl\/.*linux-amd64.*tar.gz/{print $(NF-1)}' | awk -F '/' '{print $3}' | head -1
+      register: latest_golang
+      changed_when: false
+
+    - name: download golang
+      get_url:
+        url: "https://golang.org/dl/{{ latest_golang.stdout }}"
+        dest: /tmp/golang.tar.gz
+
+    - name: extract golang to /usr/local
+      unarchive:
+        src: /tmp/golang.tar.gz
+        dest: /usr/local
+        remote_src: yes
+
+    - name: remove tarball
+      file:
+        path: /tmp/golang.tar.gz
+        state: absent
+
+    - name: set system-wide go environment variables
+      copy:
+        dest: /etc/profile.d/go_env.sh
+        content: |
+          export GOPATH=/root/go
+          export PATH=$PATH:/usr/local/go/bin:$GOPATH:$GOPATH/bin
+        owner: root
+        group: root
+        mode: '0644'
diff --git a/roles/sliver-c2/tasks/main.yaml b/roles/sliver-c2/tasks/main.yaml
new file mode 100644
index 0000000..55e353f
--- /dev/null
+++ b/roles/sliver-c2/tasks/main.yaml
@@ -0,0 +1,5 @@
+- import_tasks: tasks/apt_install.yaml
+- import_tasks: tasks/golang_install.yaml
+- import_tasks: tasks/sliver_install.yaml
+- import_tasks: tasks/sliver_systemd.yaml
+- import_tasks: tasks/sliver_configure.yaml
diff --git a/roles/sliver-c2/tasks/sliver_configure.yaml b/roles/sliver-c2/tasks/sliver_configure.yaml
new file mode 100644
index 0000000..b90d955
--- /dev/null
+++ b/roles/sliver-c2/tasks/sliver_configure.yaml
@@ -0,0 +1,40 @@
+- name: ensure .sliver config directory exists
+  file:
+    path: "{{ install_path }}/.sliver/configs"
+    state: directory
+    owner: root
+    group: root
+    mode: '0700'
+
+- name: ensure .sliver-client config directory exists
+  file:
+    path: "/root/.sliver-client/configs"
+    state: directory
+    owner: root
+    group: root
+    mode: '0700'
+
+- name: deploy custom server.json config
+  template:
+    src: server.json.j2
+    dest: "{{ install_path }}/.sliver/configs/server.json"
+    owner: root
+    group: root
+    mode: '0600'
+    force: true
+
+- name: generate sliver operator profiles
+  loop: "{{ sliver_operators }}"
+  loop_control:
+    loop_var: operator
+  command: /opt/sliver/sliver-server operator --name {{ operator }} --lhost {{ sliver_server }} --save /root/.sliver-client/configs
+  notify: sliver systemd handler
+
+- name: fix permissions for .sliver-client directory
+  file:
+    path: /root/.sliver-client
+    state: directory
+    recurse: true
+    owner: root
+    group: root
+
diff --git a/roles/sliver-c2/tasks/sliver_install.yaml b/roles/sliver-c2/tasks/sliver_install.yaml
new file mode 100644
index 0000000..3f0e029
--- /dev/null
+++ b/roles/sliver-c2/tasks/sliver_install.yaml
@@ -0,0 +1,35 @@
+- name: import sliver gpg key
+  shell: |
+    gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 4449039C
+
+- name: get latest sliver-server binary URL
+  shell: |
+    curl -sSLf https://api.github.com/repos/BishopFox/sliver/releases/latest \
+    | grep -i browser_download_url \
+    | grep -i sliver-server_linux \
+    | grep -v sig \
+    | head -1 \
+    | cut -d '"' -f 4
+  register: sliver_url
+  changed_when: false
+
+- name: create sliver directory
+  file:
+    path: "{{ install_path }}"
+    state: directory
+    mode: '0755'
+
+- name: download sliver-server binary
+  get_url:
+    url: "{{ sliver_url.stdout }}"
+    dest: "{{ install_path }}/sliver-server"
+    mode: '0755'
+
+- name: symlink sliver binaries
+  file:
+    src: "{{ install_path }}/{{ item }}"
+    dest: "/usr/local/bin/{{ item }}"
+    state: link
+    force: true
+  loop:
+    - sliver-server
diff --git a/roles/sliver-c2/tasks/sliver_systemd.yaml b/roles/sliver-c2/tasks/sliver_systemd.yaml
new file mode 100644
index 0000000..3b29f0f
--- /dev/null
+++ b/roles/sliver-c2/tasks/sliver_systemd.yaml
@@ -0,0 +1,10 @@
+- name: copy sliver systemd service template
+  template:
+    src: sliver.service.j2
+    dest: /etc/systemd/system/sliver.service
+    owner: root
+    group: root
+    mode: '0600'
+  notify:
+    - reload systemd
+    - sliver systemd handler
author	heqnx <root@heqnx.com>	2025-05-25 11:51:57 +0300
committer	heqnx <root@heqnx.com>	2025-05-25 11:51:57 +0300
commit	8fb0b275bf00c963a24c21e1dfbaa64491c4f445 (patch)
tree	28e9b4bbf0d4391f092f832d8f00d84ec20fed4f /roles/sliver-c2/tasks
parent	7c8ed923df3c02338dfbf826fd6fd9a23dac502e (diff)
download	ansible-playbooks-8fb0b275bf00c963a24c21e1dfbaa64491c4f445.tar.gz ansible-playbooks-8fb0b275bf00c963a24c21e1dfbaa64491c4f445.zip