From 6c487f8ef918c2765abedb89b5ffd34790397a36 Mon Sep 17 00:00:00 2001 From: t0kubetsu Date: Tue, 12 May 2026 10:45:57 +0200 Subject: [PATCH 1/2] docs: remove generic template header, document catalog layers, fix stale reference MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Remove the copy-pasted platform-wide "Project Overview" section that was generic boilerplate shared across multiple repos. Expand the repo-specific "Repository Content" section with per-layer documentation (02_ansible_layer, 03_container_layer, 04_gamification_layer) and fix the stale "coming soon" reference — the deployer UI is now functional. --- README.md | 67 ++++++++++++++++++++++++++++--------------------------- 1 file changed, 34 insertions(+), 33 deletions(-) diff --git a/README.md b/README.md index bbd93c5..f4cc6a3 100644 --- a/README.md +++ b/README.md @@ -1,56 +1,59 @@ # Table of Contents -- [Project Overview](#Project-Overview) - [Repository Content](#Repository-Content) - [Contributing](#Contributing) - [License](#License) --- -# Project Overview +# Repository Content -**RANGE42** is a modular cyber range platform designed for real-world readiness. -We build, deploy, and document offensive, defensive, and hybrid cyber training environments using reproducible, infrastructure-as-code methodologies. +This repository is the **range42 catalog** — a collection of reusable infrastructure bundles that can be orchestrated by the backend API or executed directly via the [range42-deployer-ui](https://github.com/range42/range42-deployer-ui) or CLI through the playbooks repository. -## What we build +Bundles include Ansible roles, Dockerfiles, and Docker Compose definitions designed to configure misconfigured or vulnerable environments for cyber training scenarios. -- Proxmox-based cyber ranges with dynamic catalog -- Ansible roles for automated deployments (Wazuh, Kong, Docker, etc.) -- Private APIs for range orchestration and telemetry -- Developer and testing toolkits and JSON transformers for automation pipelines -- ... +The catalog is structured in numbered layers to separate concerns: -## Repository Overview +## Layer 02 — Ansible -- **RANGE42 deployer UI** : A web interface to visually design infrastructure schemas and trigger deployments. -- **RANGE42 deployer backend API** : Orchestrates deployments by executing playbooks and bundles from the catalog. -- **RANGE42 catalog** : A collection of Ansible roles and Docker/Docker Compose stacks, forming deployable bundles. -- **RANGE42 playbooks** : Centralized playbooks that can be invoked by the backend or CLI. -- **RANGE42 proxmox role** : An Ansible role for controlling Proxmox nodes via the Proxmox API. -- **RANGE42 devkit** : Helper scripts for testing, debugging, and development workflows. -- **RANGE42 kong API gateway** : A network service in front of the backend API, handling authentication, ACLs, and access control policies. -- **RANGE42 swagger API spec** : OpenAPI/Swagger JSON definition of the backend API. +Path: `02_ansible_layer/` -### Putting it all together +Ansible roles that act directly on the system to configure environments. -These repositories provide a modular and extensible platform to design, manage and deploy infrastructures automaticallyeither from the UI (coming soon) or from the CLI through the playbooks repository. +- **`admin/roles/`** — roles targeting admin VMs: package warm-up, Docker Compose setup, firewall configuration, Tailscale / Headscale installation, Wazuh agent, NTP, symlink farms, Node.js app systemd services, user management, and system health checks. +- **`trainee/roles/`** — roles targeting trainee VMs: `blue_env`, `red_env`, and `malware_env` environment bootstraps. +- **`_ctf/cve/`** — CVE scenario roles, classified by technology: `network/`, `system/`, `web/`. +- **`_ctf/malware/`** — malware scenario roles: `backdoor/`, `keylogger/`, `rootkit/`. +- **`_ctf/misconfiguration/`** — misconfiguration scenario roles, classified by technology: `network/`, `system/`, `web/`. ---- +## Layer 03 — Containers -# Repository Content +Path: `03_container_layer/` -This repository contains the deployment cataloga collection of reusable infrastructure bundles. -Bundles often include Ansible roles, Dockerfiles and/or Docker Compose definitions designed to be orchestrated by the backend API or executed directly via CLI. +Container-based deployments for vulnerable or misconfigured services. -The catalog is currently composed of three parts: +- **`docker/_ctf/cve/`** — Docker / Docker Compose stacks for CVE scenarios. +- **`docker/_ctf/malware/`** — Docker / Docker Compose stacks for malware scenarios. +- **`docker/_ctf/misconfiguration/`** — Docker / Docker Compose stacks for misconfiguration scenarios. +- **`docker/_ctf/hello/`** — Hello-world stack used for smoke-testing deployments. +- **`lxc/`** — LXC container configuration placeholders. -- Ansible roles : act directly on the system to configure misconfigured or vulnerable environments. -- Docker / Docker compose definitions : setup vulnerable or misconfigured services based on containerized environments. -- Interface templates : root directory storing themed templates (e.g. fake hospital, fake bank) designed to gamify the deployed misconfigurations and vulnerabilities. +## Layer 04 — Gamification -Currently, the repository tree is organized to classify misconfigurations and CVEs by technology type. +Path: `04_gamification_layer/` -**⚠️ This deep tree structure still volatile and may evolve as the project grows.** +Interface templates and challenge frameworks that gamify the deployed scenarios. + +- **`web/frameworks/`** — challenge web frameworks (HTML, PHP, Vue) providing themed front-ends (e.g. fake hospital, fake bank) on top of the deployed vulnerabilities. +- **`web/shared/`** — shared assets: CSS, JavaScript, i18n strings, and reusable skins. +- **`web/tools/`** — tooling scripts for the web layer. +- **`crypto/notes/`** — notes and resources for crypto challenges. +- **`network/notes/`** — notes and resources for network challenges. +- **`files/notes/`** — notes and resources for file-based challenges. + +--- + +**Note:** The deep tree structure is still evolving and may change as the project grows. ## Contributing @@ -60,5 +63,3 @@ We use centralized community health files in Range42 community health. ## License - GPL-3.0 license - - From d26e3c6d7bc8c04b12bc4f12332d7473d3331b49 Mon Sep 17 00:00:00 2001 From: t0kubetsu Date: Fri, 15 May 2026 15:03:45 +0200 Subject: [PATCH 2/2] fix(warmup.basic_packages): add iputils-ping to Ubuntu network utils Minimized Ubuntu cloud images ship without ping. Adding iputils-ping ensures ping is available on all VMs deployed with this role (vuln-boxes, admin VMs), which is expected for network diagnostics and test plans. --- .../packages-sets/utils/network/ubuntu/utils_network.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/02_ansible_layer/admin/roles/software.install.warmup.basic_packages/tasks/include/packages-sets/utils/network/ubuntu/utils_network.yaml b/02_ansible_layer/admin/roles/software.install.warmup.basic_packages/tasks/include/packages-sets/utils/network/ubuntu/utils_network.yaml index a611eb3..5bb0015 100644 --- a/02_ansible_layer/admin/roles/software.install.warmup.basic_packages/tasks/include/packages-sets/utils/network/ubuntu/utils_network.yaml +++ b/02_ansible_layer/admin/roles/software.install.warmup.basic_packages/tasks/include/packages-sets/utils/network/ubuntu/utils_network.yaml @@ -7,5 +7,6 @@ - nmap - tcpdump - net-tools + - iputils-ping when: ansible_facts.distribution == 'Ubuntu'