finish documentation

add uninstaller playbook and script
tweaking and cleanup

README.md

@@ -40,7 +40,7 @@ env bash -c "$(curl -sL https://github.com/telekom-security/tpotce/raw/alpha/ins
   * [Installation Types](#installation-types)
     * [Standard / HIVE](#standard--hive)
     * [**Distributed**](#distributed)
-  * [Uninstall T-Pot (Linux only!) (to do)](#uninstall-t-pot-linux-only-to-do)
+  * [Uninstall T-Pot](#uninstall-t-pot)
 * [First Start](#first-start)
   * [Standalone First Start](#standalone-first-start)
   * [Distributed Deployment](#distributed-deployment)
@@ -354,7 +354,8 @@ The distributed version of T-Pot requires at least two hosts
 - The **SENSOR** will not start before finalizing the **SENSOR** installation as described in [Distributed Deployment](#distributed-deployment).
 <br><br>
 
-## Uninstall T-Pot (Linux only!) (to do)
+## Uninstall T-Pot
+Uninstallation of T-Pot is only available on the [supported Linux distros](#choose-your-distro).<br>
 To uninstall T-Pot run `~/tpotce/uninstall.sh` and follow the uninstaller instructions, you will have to enter your password at least once.<br>
 Once the uninstall is finished reboot the machine `sudo reboot`
 <br><br>

deploy.sh

@@ -109,7 +109,7 @@ echo "# New htpasswd encoded credentials: ${myLS_WEB_USER_ENC}"
 echo "# New htpasswd credentials base64 encoded: ${myLS_WEB_USER_ENC_B64}"
 echo "# New SENSOR credentials base64 encoded: ${myTPOT_HIVE_USER}"
 echo
-echo "# When asked for a 'BECOME password' enter the password for your user on the SENSOR machine."
+echo "# Ansible will ask for the ‘BECOME password‘ which is typically the password you ’sudo’ with on the SENSOR."
 echo "# The password will allow Ansible to run a reboot via sudo on the SENSOR."
 echo
 

installer/install/deploy.yml

@@ -1,12 +1,17 @@
 ---
-- name: TPOT configuration playbook
+###########################
+# T-Pot Sensor Deployment #
+###########################
+
+- name: T-POT Sensor Deployment
   hosts: all
   vars:
     local_nginx_cert_path: "~/tpotce/data/nginx/cert/nginx.crt"
     remote_cert_path: "~/tpotce/data/hive.crt"
     remote_sensor_yml_path: "~/tpotce/compose/sensor.yml"
     remote_docker_compose_path: "~/tpotce/docker-compose.yml"
     env_file_path: "~/tpotce/.env"
+
   tasks:
     - name: Ensure the destination directory exists
       ansible.builtin.file:
@@ -23,19 +28,19 @@
       ansible.builtin.command:
         cmd: "cp {{ remote_sensor_yml_path }} {{ remote_docker_compose_path }}"
 
-    - name: Update TPOT_HIVE_USER in .env
+    - name: Update T-POT_HIVE_USER in .env
       ansible.builtin.lineinfile:
         path: "{{ env_file_path }}"
         regexp: '^TPOT_HIVE_USER='
         line: 'TPOT_HIVE_USER={{ lookup("env", "myTPOT_HIVE_USER") }}'
 
-    - name: Update TPOT_HIVE_IP in .env
+    - name: Update T-POT_HIVE_IP in .env
       ansible.builtin.lineinfile:
         path: "{{ env_file_path }}"
         regexp: '^TPOT_HIVE_IP='
         line: 'TPOT_HIVE_IP={{ lookup("env", "myTPOT_HIVE_IP") }}'
 
-    - name: Ensure TPOT_TYPE is set to SENSOR in .env
+    - name: Ensure T-POT_TYPE is set to SENSOR in .env
       ansible.builtin.lineinfile:
         path: "{{ env_file_path }}"
         regexp: '^TPOT_TYPE='

installer/install/tpot.yml

@@ -668,6 +668,12 @@
     - "Ubuntu"
 
   tasks:
+    - name: Check for non-root user id (All)
+      debug:
+        msg: "Detected user: '{{ ansible_user_id }}'"
+      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
+      failed_when: ansible_user_id == "root"
+
     - name: Add aliases (All)
       blockinfile:
         path: ~/.bashrc
@@ -703,12 +709,6 @@
         append: yes
       when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
 
-    - name: Check for non-root user id (All)
-      debug:
-        msg: "Detected user: '{{ ansible_user_id }}'"
-      when: ansible_distribution in ["AlmaLinux", "Debian", "Fedora", "openSUSE Tumbleweed", "Raspbian", "Rocky", "Ubuntu"]
-      failed_when: ansible_user_id == "root"
-
 ########################################
 # T-Pot - Install service and cron job #
 ########################################