Téléverser les fichiers vers "sio2/CYBER/Journald"

fichier de config journald snd et rcv
Actualiser sio2/AP4/provision/glpi.yml
2023-12-25 11:38:14 +01:00 · 2023-12-25 11:36:20 +01:00 · 2023-12-19 10:35:58 +01:00 · 2023-12-15 08:28:03 +01:00
11 changed files with 93 additions and 9 deletions
--- a/sio2/AP4/Vagrantfile
+++ b/sio2/AP4/Vagrantfile
@ -15,7 +15,7 @@ Vagrant.configure("2") do |config|
    glpi.vm.hostname = "glpi" # Nom de la machine
    glpi.vm.network "public_network" #, ip: "192.168.0.111"# Set static IP
    glpi.vm.provision "ansible" do |ansible|
-      ansible.playbook = "glpi.yml" # Lance le playbook glpi.yml
+      ansible.playbook = "provision/glpi.yml" # Lance le playbook glpi.yml
    end
  end
 end
--- a/sio2/AP4/provision/glpi.yml
+++ b/sio2/AP4/provision/glpi.yml
@ -1,7 +1,7 @@
---
- hosts: all
-  
-  roles:
-    - web
-    - bdd
-    - install
+---
+- hosts: all
+  become: true
+  roles:
+    - web
+    - bdd
+    - glpi
--- a/sio2/AP4/provision/roles/bdd/handlers/main.yml
+++ b/sio2/AP4/provision/roles/bdd/handlers/main.yml
--- a/sio2/AP4/provision/roles/bdd/tasks/main.yml
+++ b/sio2/AP4/provision/roles/bdd/tasks/main.yml
--- a/sio2/AP4/provision/roles/glpi/tasks/main.yml
+++ b/sio2/AP4/provision/roles/glpi/tasks/main.yml
@ -1,7 +1,7 @@
 --- 
 - name: 1. Telechargement de l'archive de glpi 10.0.10
  get_url:
-    url: https://github.com/glpi-project/glpi/releases/download/10.0.10/glpi-10.0.10.tgz
+    url: http://depl.sio.lan/store/glpi-10.0.10.tgz
    dest: /tmp

 - name: 2.  Extraire glpi 10.0.10.tgz vers /tmp/
--- a/sio2/AP4/provision/roles/web/handlers/main.yml
+++ b/sio2/AP4/provision/roles/web/handlers/main.yml
--- a/sio2/AP4/provision/roles/web/tasks/main.yml
+++ b/sio2/AP4/provision/roles/web/tasks/main.yml
--- a/sio2/CYBER/Journald/journal-upload.conf
+++ b/sio2/CYBER/Journald/journal-upload.conf
@ -0,0 +1,19 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it under the
+#  terms of the GNU Lesser General Public License as published by the Free
+#  Software Foundation; either version 2.1 of the License, or (at your option)
+#  any later version.
+#
+# Entries in this file show the compile time defaults. Local configuration
+# should be created by either modifying this file, or by creating "drop-ins" in
+# the journal-upload.conf.d/ subdirectory. The latter is generally recommended.
+# Defaults can be restored by simply deleting this file and all drop-ins.
+#
+# See journal-upload.conf(5) for details.
+
+[Upload]
+URL=http://192.168.1.42:19532
+# ServerKeyFile=/etc/ssl/private/journal-upload.pem
+# ServerCertificateFile=/etc/ssl/certs/journal-upload.pem
+# TrustedCertificateFile=/etc/ssl/ca/trusted.pem
--- a/sio2/CYBER/Journald/journald-rcv.sh
+++ b/sio2/CYBER/Journald/journald-rcv.sh
@ -0,0 +1,10 @@
+#!/bin/bash
+sudo timedatectl set-timezone Europe/Paris
+sudo apt-get update
+sudo apt-get install -y systemd-journal-remote
+sudo systemctl enable --now systemd-journal-remote.socket
+sudo cp /lib/systemd/system/systemd-journal-remote.service /etc/systemd/system
+sudo sed -i 's/--listen-https=-3/--listen-http=-3/' /etc/systemd/system/systemd-journal-remote.service
+[[ -d /var/log/journal/remote ]] || sudo mkdir /var/log/journal/remote
+sudo chown systemd-journal-remote /var/log/journal/remote
+sudo systemctl daemon-reload
--- a/sio2/CYBER/Journald/journald-snd.sh
+++ b/sio2/CYBER/Journald/journald-snd.sh
@ -0,0 +1,9 @@
+#!/bin/bash
+# usage : ./journald-snd.sh 192.168.1.100
+sudo timedatectl set-timezone Europe/Paris
+sudo apt-get update
+sudo apt-get install -y systemd-journal-remote
+rpl="s/^# URL=/URL=http:\/\/${1}:19532/"  # $1 represente l'adresse du recepteur
+sudo sed -i "$rpl" /etc/systemd/journal-upload.conf
+sudo systemctl enable --now systemd-journal-upload.service
+sudo systemctl restart systemd-journal-upload.service
--- a/sio2/CYBER/Journald/systemd-journal-remote.service
+++ b/sio2/CYBER/Journald/systemd-journal-remote.service
@ -0,0 +1,46 @@
+#  SPDX-License-Identifier: LGPL-2.1-or-later
+#
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Journal Remote Sink Service
+Documentation=man:systemd-journal-remote(8) man:journal-remote.conf(5)
+Requires=systemd-journal-remote.socket
+
+[Service]
+ExecStart=/lib/systemd/systemd-journal-remote --listen-http=-3 --output=/var/log/journal/remote/
+LockPersonality=yes
+LogsDirectory=journal/remote
+MemoryDenyWriteExecute=yes
+NoNewPrivileges=yes
+PrivateDevices=yes
+PrivateNetwork=yes
+PrivateTmp=yes
+ProtectProc=invisible
+ProtectClock=yes
+ProtectControlGroups=yes
+ProtectHome=yes
+ProtectHostname=yes
+ProtectKernelLogs=yes
+ProtectKernelModules=yes
+ProtectKernelTunables=yes
+ProtectSystem=strict
+RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
+RestrictNamespaces=yes
+RestrictRealtime=yes
+RestrictSUIDSGID=yes
+SystemCallArchitectures=native
+User=systemd-journal-remote
+WatchdogSec=3min
+
+# If there are many split up journal files we need a lot of fds to access them
+# all in parallel.
+LimitNOFILE=524288
+
+[Install]
+Also=systemd-journal-remote.socket
Author	SHA1	Message	Date
alhassane.kone	993ae82b02	Téléverser les fichiers vers "sio2/CYBER/Journald"	2023-12-25 11:38:14 +01:00
sio user	bdc9b72e1b	fichier de config journald snd et rcv	2023-12-25 11:36:20 +01:00
alhassane.kone	c62514d799	Actualiser sio2/AP4/provision/glpi.yml	2023-12-19 10:35:58 +01:00
Alhassane Kone	759f7a3d03	maj projet AP4	2023-12-15 08:28:03 +01:00