Supprimer sio2/AP/sdis2023.sql

sio2/AP/apbase.yml

@@ -0,0 +1,25 @@
+---
+- name: apbase
+  hosts: web
+  become: yes
+  tasks:
+  - name: 1. Installer les paquets apache2 php et adminer
+    apt:
+      name:
+        - apache2 
+        - php
+        - adminer
+        - php-mbstring
+      state: present
+        #notify: 2. redémarrer apache et activer adminer
+  
+  - name: 2. redémarrer apache et activer adminer
+    shell: sudo a2enconf adminer
+
+  - name: 3. redémarrer apache et activer adminer
+    shell: sudo systemctl reload apache2    
+
+
+
+
+

sio2/AP/apdb.yml

@@ -0,0 +1,52 @@
+---
+- name: apdb
+  hosts: web
+  become: yes
+  tasks:
+
+    - name: 1. Installer mariadb
+      apt:
+        name:
+          - mariadb-server
+          - python3-pymysql
+        state: present
+
+    - name: 2. s'assurer que mariadb est en fonctionnement
+      service:
+        name: mariadb
+        state: started
+
+    - name: 3. Creer un utilisateur et  lui attribuer tous les droits
+      community.mysql.mysql_user:
+        name: admin
+        password: admin
+        priv: '*.*:ALL,GRANT'
+        state: present
+        login_unix_socket: /var/run/mysqld/mysqld.sock
+
+    - name: 4. Creation de la base de donnee  'sdis2023'
+      community.mysql.mysql_db:
+        name: sdis2023
+        state: present
+        login_unix_socket: /var/run/mysqld/mysqld.sock
+
+    - name: 5. copier la base de donnée sur l'hôte distant
+      copy:
+        src: sdis2023.sql
+        dest: /tmp/sdis2023.sql
+
+    - name: 6. Restore la base de donnée
+      community.mysql.mysql_db:
+        name: sdis2023
+        state: import
+        target: /tmp/sdis2023.sql
+        login_unix_socket: /var/run/mysqld/mysqld.sock
+
+          # - name: 5. Dump multiple databases
+          #community.mysql.mysql_db:
+          #state: dump
+          #name:
+          #- sdis2023
+          #target: sdis2023.sql
+          #login_unix_socket: /var/run/mysqld/mysqld.sock
+

sio2/AP/apdbdump.yml

@@ -0,0 +1,11 @@
+---
+- name: apdbdump
+  hosts: web
+  become: yes
+  tasks:
+    - name: 1. recuperation de sdis2023.sql avec fetch
+      ansible.builtin.fetch:
+        src: /tmp/sdis2023.sql
+        dest: /tmp/sdis2023.sql
+        flat: yes
+

sio2/AP/drop.yml

@@ -0,0 +1,12 @@
+---
+- name: apdb
+  hosts: web
+  become: yes
+  tasks:
+    - name: 1. Suppression de la base de donnee  'sdis2023'
+      community.mysql.mysql_db:
+        name: sdis2023
+        state: absent
+        login_unix_socket: /var/run/mysqld/mysqld.sock
+
+

sio2/AP/hosts

@@ -0,0 +1,2 @@
+[web]
+ap33prod

sio2/CYBER/Cryptage/crypt.sh

@@ -0,0 +1,23 @@
+#!/bin/bash
+unn=$1
+utilisateurmdp=$2
+action=$3
+ficcle=$4
+user=$(echo $utilisateurmdp| cut -f1 -d/ )
+mdp=$(echo $utilisateurmdp| cut -f2 -d/ )
+echo $user
+echo $mdp
+[ -e /tmp/share ] ||  mkdir /tmp/share
+mount.cifs -o "username=${user},password=${mdp}" //${unn}  /tmp/share
+if [[ $? == 0 ]] ;then
+	echo "le montage fonctionne cryptage en cours"
+	ccrypt ${action} -r -k ${ficcle} /tmp/share/*
+	umount /tmp/share
+	rm -r /tmp/share
+else
+	echo "erreur montage $?"
+	exit 1
+fi
+exit 0
+
+

sio2/SISR/Ansible/dokuw/hosts

@@ -0,0 +1,9 @@
+[adm]
+infra
+ 
+[web]
+web1
+web2
+
+[doc]
+doku

sio2/SISR/Ansible/dokuw/local.yml

@@ -0,0 +1,6 @@
+
+- hosts: doku
+  roles:
+    - web
+    - doku
+  

sio2/SISR/Ansible/dokuw/roles/doku/main.yml

@@ -0,0 +1,18 @@
+vars:
+  - chemin_fichier: /var/www/html/doku
+
+- name: recuperation dokuwiki-stable.tgz depuis machine depl
+  get_url:
+    url: http://depl/store/dokuwiki-stable.tgz
+    dest: /tmp/
+
+- name: Extraction archive
+  ansible.builtin.unarchive:
+    src: /tmp/dokuwiki-stable.tgz
+    dest: /var/www/html/
+
+- name: changer propriétaire du fichier var/www/html/doku
+    file:
+      path: "{{ chemin_fichier }}"
+      owner: www-data:www-data data lib conf
+      become: true

sio2/SISR/Ansible/dokuw/roles/doku/tasks/main.yml

@@ -0,0 +1,37 @@
+- name: 1. recuperation dokuwiki-stable.tgz depuis machine depl
+  get_url:
+    url: http://depl/store/dokuwiki-stable.tgz
+    dest: /tmp
+
+- name: 2. Extraction archive dokuwiki-stage.tgz
+  unarchive:
+    src: /tmp/dokuwiki-stable.tgz
+    dest: /var/www/html/
+    remote_src: yes
+
+- name: 3. stat dokuwiki
+  stat: 
+    path: /var/www/html/dokuwiki-2023-04-04
+  register: doku_stat
+
+- name: 4. On renomme doku-v... en doku
+  command: mv /var/www/html/dokuwiki-2023-04-04 /var/www/html/doku
+  when: doku_stat.stat.exists
+
+- name: 5. Changer propritaire group et permissions
+  file:
+    path: /var/www/html/doku
+    owner: root
+    group: root
+    mode: '0755'
+    recurse: yes
+      
+- name: 6. Changer propritaire. group et permissions
+  file:
+    path: /var/www/html/doku
+    owner: www-data
+    group: www-data
+    recurse: yes
+      #    mode: '755'
+
+

sio2/SISR/Ansible/dokuw/roles/web/tasks/main.yml

@@ -0,0 +1,13 @@
+- name: 1. installe  apache2 php et ces dependances
+  apt:
+    name:
+      - apache2
+      - php
+       #     - php-gd
+      - php-mbstring
+    state: present
+
+- name: 2. lance Apache
+  service:
+    name: apache2
+    state: started

sio2/SISR/Ansible/hosts

@@ -0,0 +1,6 @@
+[adm]
+infra
+ 
+[web]
+web1
+web2

sio2/SISR/Ansible/squid-j2.yml

@@ -0,0 +1,23 @@
+---
+- name: squid-j2.yml
+  hosts: infra
+  vars:
+  - proxy_port: 8080
+  - proxy_mem: 512
+  tasks:  
+  - name: 1. assurer que squid est installe
+    service:
+      name: squid
+      state: started
+  
+  - name: 2. Copie du squid.conf apres generation dynamique 
+    template:
+      src: squid.conf.j2
+      dest: /etc/squid/squid.conf
+    notify: restart squid
+
+  handlers:
+    - name: restart squid
+      service:
+        name: squid
+        state: restarted

sio2/SISR/Ansible/squid.yml

@@ -0,0 +1,22 @@
+---
+- name: squid.yml
+  hosts: infra
+  vars:
+    proxy_port: 8080
+    proxy_mem: 128
+
+  tasks:
+    - name: 1. installation de squid
+      apt:
+        name: squid
+        state: latest
+
+    - name: 2. recuperation de squid.conf avec fetch
+      ansible.builtin.fetch:
+        src: /etc/squid/squid.conf
+        dest: ./squid.conf
+        flat: yes
+
+
+
+

sio2/SISR/Ansible/syslog-cli.yml

@@ -0,0 +1,45 @@
+---
+- name: syslog.yml
+  hosts: web
+  tasks:
+  - name:  1. installer rsyslog
+    apt:
+      name: rsyslog
+      state: latest
+
+  - name: ajout du serveur syslog distant 
+    lineinfile:
+      path: /etc/rsyslog.conf
+      line: '*.* @172.20.10.4:514'
+      insertbefore: EOF
+      create: yes 
+    notify:
+      - 5. redemarrer rsyslog
+ 
+        # - name: 3. Ajout de la ligne ForwardToSyslog
+      #shell: echo "ForwardToSyslog=yes" >> /etc/systemd/journald.conf
+ 
+  - name: 4. Decommente la ligne ForwardToSyslog
+    replace:
+      path: /etc/systemd/journald.conf
+      regexp: '^#ForwardToSyslog=yes'
+      replace: 'ForwardToSyslog=yes'
+    notify: 6. redemarrer journald.service
+
+        # notify:
+        #- restart rsyslog
+        #- name: redemarrage de syslog
+        #- restart journald.service
+        #- name: redemarrage de journald.service
+
+  handlers:
+  - name: 5. redemarrer rsyslog
+    service:
+      name: rsyslog
+      state: restarted
+      
+  - name: 6. redemarrer journald.service
+    service:
+      name: systemd-journald.service
+      state: restarted
+

sio2/SISR/Ansible/syslog.yml

@@ -0,0 +1,52 @@
+---
+- name: syslog.yml
+  hosts: infra
+  tasks:
+  - name:  1. installer rsyslog
+    apt:
+      name: rsyslog
+      state: latest
+  
+  - name:  2. decommente le chargement du module imudp dans rsyslog.conf
+    replace:
+      path: /etc/rsyslog.conf
+      regexp: '^#module\(load="imudp"\)'
+      replace: 'module(load="imudp")'
+    notify:
+      - 5. redemarrer rsyslog
+ 
+  - name:  3. decommente le chargement du module imudp  port 514 dans rsyslog.conf
+    replace:
+      path: /etc/rsyslog.conf
+      regexp: '^#input\(type="imudp" port="514"\)'
+      replace: 'input(type="imudp" port="514")'
+    notify:
+      - 5. redemarrer rsyslog
+
+        # - name: 3. Ajout de la ligne ForwardToSyslog
+      #shell: echo "ForwardToSyslog=yes" >> /etc/systemd/journald.conf
+ 
+  - name: 4. Decommente la ligne ForwardToSyslog
+    replace:
+      path: /etc/systemd/journald.conf
+      regexp: '^#ForwardToSyslog=yes'
+      replace: 'ForwardToSyslog=yes'
+    notify: 6. redemarrer journald.service
+
+        # notify:
+        #- restart rsyslog
+        #- name: redemarrage de syslog
+        #- restart journald.service
+        #- name: redemarrage de journald.service
+
+  handlers:
+  - name: 5. redemarrer rsyslog
+    service:
+      name: rsyslog
+      state: restarted
+      
+  - name: 6. redemarrer journald.service
+    service:
+      name: systemd-journald.service
+      state: restarted
+

sio2/SISR/Ansible/web.yml

@@ -0,0 +1,20 @@
+---
+- name: web.yml
+  hosts: web
+  tasks:
+  - name: 1. installer apache2
+    apt :
+      name: apache2
+      state: present
+  - name: 2  installer php-mbstring
+    apt:
+      name: php-mbstring
+      state: present
+  - name: 3 assurer Apache tourne
+    service:
+      name: apache2
+      state: started
+  - name: 4 copier le fichier index.html vers /var/www/html      
+    template:
+      src: index.html
+      dest: /var/www/html/