proxycannon · jaredhaight · Nov 30, 2018 · Nov 30, 2018 · Nov 30, 2018 · Nov 30, 2018
diff --git a/nodes/aws/main.tf b/nodes/aws/main.tf
@@ -4,8 +4,8 @@ provider "aws" {
 }
 
 resource "aws_instance" "exit-node" {
-  ami           = "ami-0f65671a86f061fcd"
-  instance_type = "t2.micro"
+  ami           = "${var.ami}"
+  instance_type = "${var.size}"
   key_name      = "proxycannon"
   vpc_security_group_ids = ["${aws_security_group.exit-node-sec-group.id}"]
   subnet_id	= "${var.subnet_id}"

diff --git a/nodes/aws/variables.tf b/nodes/aws/variables.tf
@@ -7,6 +7,16 @@ variable "count" {
   default = 2
 }
 
+# AMI image to use for exit nodes
+variable "ami" {
+  default = "ami-0f65671a86f061fcd"
+}
+
+# Size of EC2 VM to spin up for exit nodes
+variable "size" {
+  default = "t2.micro"
+}
+
 # launch all exit nodes in the same subnet id
 # this should be the same subnet id that your control server is in
 # you can get this value from the AWS console when viewing the details of the control-server instance

diff --git a/setup/install.sh b/setup/install.sh
@@ -8,7 +8,7 @@
 # update and install deps
 apt update
 apt -y upgrade
-apt -y install unzip git openvpn easy-rsa
+apt -y install zip unzip git openvpn easy-rsa
 
 # install terraform
 wget https://releases.hashicorp.com/terraform/0.11.10/terraform_0.11.10_linux_amd64.zip
@@ -21,6 +21,14 @@ rm -rf terraform
 mkdir ~/.aws
 touch ~/.aws/credentials
 
+##################################
+# update subnet id in variables.tf
+##################################
+MAC=`curl http://169.254.169.254/latest/meta-data/network/interfaces/macs/`
+SUBNETID=`curl http://169.254.169.254/latest/meta-data/network/interfaces/macs/$MAC/subnet-id`
+sed -i "s/subnet-XXXXXXXX/$SUBNETID/" ../nodes/aws/variables.tf
+
+
 ################
 # setup openvpn
 ################
@@ -77,10 +85,13 @@ iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
 # post install instructions
 ############################
 
-echo "Copy /etc/openvpn/easy-rsa/keys/ta.key, /etc/openvpn/easy-rsa/keys/ca.crt, /etc/openvpn/easy-rsa/keys/client01.crt, /etc/openvpn/easy-rsa/keys/client01.key, and ~/proxycannon-client.conf to your workstation."
-
+echo "A folder containing the OpenVPN client config has been created at /home/$SUDO_USER/proxycannon-vpn-client."
+echo "Download these files by running the following from your workstation (including the trailing period): "
+echo
+echo "scp -i proxycannon.pem $SUDO_USER@$EIP:/home/$SUDO_USER/proxycannon-vpn-client/* ."
+echo 
 echo "####################### OpenVPN client config [proxycannon-client.conf] ################################"
-cat ~/proxycannon-client.conf
+cat ~/proxycannon-vpn-client/proxycannon-client.conf
 
 echo "####################### Be sure to add your AWS API keys and SSH keys to the following locations ###################"
 echo "copy your aws ssh private key to ~/.ssh/proxycannon.pem and chmod 600"