kali-packages.yml

---
# Playbook for Kali

# Update Kali and deploy packages
- hosts: all
  become: true
  tasks:
    - name: Configure apt to use Cloudflare mirror
      ansible.builtin.replace:
        path: /etc/apt/sources.list
        regexp: '^(deb\s+)http://([A-Za-z0-9.-]+)(/kali.*)$'
        replace: '\1http://kali.download\3'

    - name: Install apt packages to support HTTPS repos
      ansible.builtin.apt:
        name:
          - apt-transport-https
          - apt-utils
          - ca-certificates
        state: present
        update_cache: true

    - name: Configure apt to use HTTPS for Kali repo
      ansible.builtin.replace:
        path: /etc/apt/sources.list
        regexp: '^(deb\s+)http://(.*)$'
        replace: '\1https://\2'

    - name: Upgrade all packages
      ansible.builtin.apt:
        upgrade: safe
        update_cache: true

    - name: Install Kali meta packages
      ansible.builtin.apt:
        name: "{{ kali_meta_packages }}"
        state: present
      register: apt_meta_packages
      until: apt_meta_packages is success
      retries: 1
      delay: 10
      tags:
        # exclude from testing due to size
        - molecule-notest

    - name: Install Kali tool packages
      ansible.builtin.apt:
        name: "{{ kali_tool_packages }}"
        state: present
      register: apt_tool_packages
      until: apt_tool_packages is success
      retries: 1
      delay: 30

    - name: Remove unnecessary packages
      ansible.builtin.apt:
        autoremove: true

    # Python packages
    - name: Ensure packages for Python pip are installed
      ansible.builtin.apt:
        name:
          - python3-dev
          - python3-pip
          - python3-setuptools
        state: present
      register: apt_pip_packages
      until: apt_pip_packages is success
      retries: 1
      delay: 10

    - name: Install Python Pip Packages
      ansible.builtin.pip:
        name: "{{ item }}"
        state: latest
        executable: pip3
        extra_args: "--break-system-packages"
      loop: "{{ python_pip_packages }}"
      changed_when: false

    # Pipx packages
    - name: Create Pipx home directory
      ansible.builtin.file:
        path: /usr/local/share/pipx
        state: directory
        owner: root
        group: root
        mode: "0755"

    - name: Install Pipx packages
      community.general.pipx:
        name: "{{ item }}"
      environment:
        PIPX_HOME: /usr/local/share/pipx
        PIPX_BIN_DIR: /usr/local/bin
      loop: "{{ pipx_packages }}"

    # Ruby packages
    - name: Ensure packages for Ruby gems are installed
      ansible.builtin.apt:
        name:
          - ruby-dev
          - ruby-rubygems
        state: present
      register: apt_rubygems_packages
      until: apt_rubygems_packages is success
      retries: 1
      delay: 10

    - name: Install Ruby Gem Packages
      community.general.gem:
        name: "{{ item }}"
        state: latest
        user_install: false
        norc: true
      loop: "{{ ruby_gem_packages }}"

    # Go packages
    - name: Install Go packages
      ansible.builtin.command:
        cmd: "/usr/bin/go install -x {{ item }}"
      environment:
        GOBIN: /usr/local/bin
      register: go_install_cmd
      changed_when: go_install_cmd.stderr | regex_search('/pkg/tool/linux_.*/buildid')
      loop: "{{ go_packages }}"