Security VM is A VM for web development security tools, built with Vagrant + Ansible.
This project aims to put together a suite of tools that web developers can use to enhance the security of a site you are developing. Please note - most of these tools are intended to run on a non-production system.
It will install the following optional tools on an Ubuntu 14.04 (by default) linux VM:
- nmap
- w3af
- nodejs packages (configurable)
- composer packages (configurable)
There is one configuration file where you can customize the VM for your needs:
config.yml: Contains variables like the VM domain name and IP address, packages, and features.
- Download and install VirtualBox (Security VM also works with Parallels or VMware, if you have the Vagrant VMware integration plugin).
- Download and install Vagrant.
Note for Faster Provisioning (Mac/Linux only): Install Ansible on your host machine, so Security VM can run the provisioning steps locally instead of inside the VM.
Note for Linux users: If NFS is not already installed on your host, you will need to install it to use the default NFS synced folder configuration. See guides for Debian/Ubuntu, Arch, and RHEL/CentOS.
Note on versions: Please make sure you're running the latest stable version of Vagrant, VirtualBox, and Ansible, as the current version of Security VM is tested with the latest releases. As of August 2015: Vagrant 1.8.0, VirtualBox 5.0.12, and Ansible 2.0.0.
- Download this project and put it wherever you want.
- Copy the
example.config.ymltoconfig.ymlfiles, and modify to your liking. - Create local directories for all synced directories in
config.yml(local_path, insidevagrant_synced_folders). - Open Terminal, cd to this directory (containing the
Vagrantfileand this README file). - (If you have Ansible installed on Mac/Linux) Run
$ sudo ansible-galaxy install -r provisioning/requirements.yml --force. - Type in
vagrant up, and let Vagrant do its magic.
Note: If there are any errors during the course of running vagrant up, and it drops you back to your command prompt, just run vagrant provision to continue building the VM from where you left off. If there are still errors after doing this a few times, post an issue to this project's issue queue on GitHub with the error.
Please note, the configuration below can change based on your settings found in config.yml. The defaults are referenced below.
- Edit your hosts file, adding the line
192.168.88.88 securityvm.devso you can connect to the VM. - You can have Vagrant automatically configure your hosts file if you install thehostsupdaterplugin (vagrant plugin install vagrant-hostsupdater). All hosts defined inapache_vhostsornginx_hostswill be automatically managed. - You can also have Vagrant automatically assign an available IP address to your VM if you install theauto_networkplugin (vagrant plugin install vagrant-auto_network), and setvagrant_ipto0.0.0.0insideconfig.yml. - Open your browser and access http://securityvm.dev/.
By default, this VM includes optional features listed in the config.yml option installed_extras:
installed_extras:
- nmap
- w3af
If you don't want or need one or more of these extras, just delete them or comment them from the list. This is helpful if you want to conserve system resources.
- To shut down the virtual machine, enter
vagrant haltin the Terminal in the same folder that has theVagrantfile. To destroy it completely (if you want to save a little disk space, or want to rebuild it from scratch withvagrant upagain), type invagrant destroy. - Find out more about local development with Vagrant + VirtualBox + Ansible in this presentation: Local Development Environments - Vagrant, VirtualBox and Ansible.
- Learn about how Ansible can accelerate your ability to innovate and manage your infrastructure by reading Ansible for DevOps.
This project is licensed under the MIT open source license.
Adam Bergstein. Architecture borrowed from Drupal VM. This project, and others like it, are inspired by Jeff Geerling's book, Ansible for DevOps.