Ansible/confsrv.yml

@@ -1,43 +0,0 @@
----
-- hosts: srv
-  remote_user: root
-  tasks:
-  - name: création de sioadm
-    user:
-      name: sioadm
-      state: present
-      generate_ssh_key: yes
-      password: "{{ 'sioadm' | password_hash('sha512') }}"
-      uid: 1200
-      groups: sudo
-      append: yes
-    register: mavar
-  - name: debug
-    debug:
-      msg: "{{ mavar }}"
-  - name: export clé publique
-    authorized_key:
-      user: "{{ sioadm }}"
-      key: /sioadm/.ssh/id_rsa.pub 
-      state: present 
-  - name: désinstaller paquets wpasupplicant
-    apt :
-      name : wpasupplicant
-      state: absent
-  - name: désinstaller paquets rpcbindd
-    apt :
-      name : rpcbind
-      state: absent
-  - name: copie fichier resolv.conf
-    copy:
-      src:resolv.conf
-      dest:/etc
-  - name: disable SSH access for root
-    lineinfile:
-      path: /etc/ssh/sshd_config
-      regexp: '^(.*)#PermitRootLogin prohibit-password(.*)$"
-      replace: "PermitRootLogin prohibit-password"
-  - name: copie fichier sshd_config
-    copy:
-      src:sshd_config
-      dest:/etc/ssh/

Ansible/cr-ansible.txt

@@ -1,21 +0,0 @@
-Script démarré sur 2021-11-24 09:49:54+01:00 [TERM="xterm-256color" TTY="/dev/pts/0" COLUMNS="126" LINES="45"]
-[?2004hroot@ansible:~# sed -i 's/srv/ansible/g' /etc/host{s,name};reboot
ip -br anano resolv.confsed -i 's/ansible/srv/g' /etc/host{s,name};reboot
apt install ansible -y
ip -br ased -i 's/test/ansible/g' /etc/host{s,name};reboot
poweroffapt update && apt upgrade -y
sed -i 's/bullseye/test/g' /etc/host{s,name};reboot
apt update && apt upgrade -y
poweroffsed -i 's/test/ansible/g' /etc/host{s,name};reboot
ip -br aapt install ansible -y
sed -i 's/ansible/srv/g' /etc/host{s,name};reboot
nano resolv.confip -br ased -i 's/srv/ansible/g' /etc/host{s,name};reboot
sed -i 's/srv/ansible/g' /etc/host{s,name};reboot
ip -br anano resolv.confsed -i 's/ansible/srv/g' /etc/host{s,name};reboot
apt install ansible -y
ip -br ased -i 's/test/ansible/g' /etc/host{s,name};reboot
poweroffapt update && apt upgrade -y
sed -i 's/bullseye/test/g' /etc/host{s,name};reboot
poweroffnano /etc/ssh/sshd_config
lspoweroffip rnlapoweroffapt autoremovecleaninstall vim curl mc sudo ansible-playbook -i hiosrts confsrv.yml
-[?2004l
[WARNING]: Found both group and host with same name: srv
-ERROR! We were unable to read either as JSON nor YAML, these are the errors we got from each:
-JSON: Expecting value: line 1 column 1 (char 0)
-
-Syntax Error while loading YAML.
-  found unexpected end of stream
-
-The error appears to be in '/root/confsrv.yml': line 44, column 1, but may
-be elsewhere in the file depending on the exact syntax problem.
-
-The offending line appears to be:
-
-      src:sshd_config
-      dest:/etc/ssh/
-^ here
-[?2004hroot@ansible:~# [?2004l
-exit
-
-Script terminé sur 2021-11-24 09:50:32+01:00 [COMMAND_EXIT_CODE="4"]

Ansible/hosts

@@ -1,2 +0,0 @@
-[srv]
-srv

Ansible/resolv.conf

@@ -1,4 +0,0 @@
-search sio.lan
-domain sio.lan
-nameserver 10.121.38.7
-nameserver 10.121.38.8

Ansible/sshd_config

@@ -1,124 +0,0 @@
-#	$OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $
-
-# This is the sshd server system-wide configuration file.  See
-# sshd_config(5) for more information.
-
-# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
-
-# The strategy used for options in the default sshd_config shipped with
-# OpenSSH is to specify options with their default value where
-# possible, but leave them commented.  Uncommented options override the
-# default value.
-
-Include /etc/ssh/sshd_config.d/*.conf
-
-#Port 22
-#AddressFamily any
-#ListenAddress 0.0.0.0
-#ListenAddress ::
-
-#HostKey /etc/ssh/ssh_host_rsa_key
-#HostKey /etc/ssh/ssh_host_ecdsa_key
-#HostKey /etc/ssh/ssh_host_ed25519_key
-
-# Ciphers and keying
-#RekeyLimit default none
-
-# Logging
-#SyslogFacility AUTH
-#LogLevel INFO
-
-# Authentication:
-
-#LoginGraceTime 2m
-#PermitRootLogin prohibit-password
-#StrictModes yes
-#MaxAuthTries 6
-#MaxSessions 10
-
-#PubkeyAuthentication yes
-
-# Expect .ssh/authorized_keys2 to be disregarded by default in future.
-#AuthorizedKeysFile	.ssh/authorized_keys .ssh/authorized_keys2
-
-#AuthorizedPrincipalsFile none
-
-#AuthorizedKeysCommand none
-#AuthorizedKeysCommandUser nobody
-
-# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
-#HostbasedAuthentication no
-# Change to yes if you don't trust ~/.ssh/known_hosts for
-# HostbasedAuthentication
-#IgnoreUserKnownHosts no
-# Don't read the user's ~/.rhosts and ~/.shosts files
-#IgnoreRhosts yes
-
-# To disable tunneled clear text passwords, change to no here!
-#PasswordAuthentication yes
-#PermitEmptyPasswords no
-
-# Change to yes to enable challenge-response passwords (beware issues with
-# some PAM modules and threads)
-ChallengeResponseAuthentication no
-
-# Kerberos options
-#KerberosAuthentication no
-#KerberosOrLocalPasswd yes
-#KerberosTicketCleanup yes
-#KerberosGetAFSToken no
-
-# GSSAPI options
-#GSSAPIAuthentication no
-#GSSAPICleanupCredentials yes
-#GSSAPIStrictAcceptorCheck yes
-#GSSAPIKeyExchange no
-
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
-# be allowed through the ChallengeResponseAuthentication and
-# PasswordAuthentication.  Depending on your PAM configuration,
-# PAM authentication via ChallengeResponseAuthentication may bypass
-# the setting of "PermitRootLogin without-password".
-# If you just want the PAM account and session checks to run without
-# PAM authentication, then enable this but set PasswordAuthentication
-# and ChallengeResponseAuthentication to 'no'.
-UsePAM yes
-
-#AllowAgentForwarding yes
-#AllowTcpForwarding yes
-#GatewayPorts no
-X11Forwarding yes
-#X11DisplayOffset 10
-#X11UseLocalhost yes
-#PermitTTY yes
-PrintMotd no
-#PrintLastLog yes
-#TCPKeepAlive yes
-#PermitUserEnvironment no
-#Compression delayed
-#ClientAliveInterval 0
-#ClientAliveCountMax 3
-#UseDNS no
-#PidFile /var/run/sshd.pid
-#MaxStartups 10:30:100
-#PermitTunnel no
-#ChrootDirectory none
-#VersionAddendum none
-
-# no default banner path
-#Banner none
-
-# Allow client to pass locale environment variables
-AcceptEnv LANG LC_*
-
-# override default of no subsystems
-Subsystem	sftp	/usr/lib/openssh/sftp-server
-
-# Example of overriding settings on a per-user basis
-#Match User anoncvs
-#	X11Forwarding no
-#	AllowTcpForwarding no
-#	PermitTTY no
-#	ForceCommand cvs server
-PermitRootLogin prohibit-password

Python/Python/exotp2-exprregu

@@ -1,11 +0,0 @@
-#!/usr/bin/python3
-import sys
-import re
-
-regexp = '^(\S+) (\S+) (\S+) \[([^]]+)\] "(\w+) (\S+).*" (\d+) (\S+)'
-for line in sys.stdin:
-    line = line.rstrip ()
-    match =re.match (regexp, line)
-    if match :
-        print (match.group(1)," ",match.group(8))
-#        for line in

Python/analog.py

@@ -1,23 +0,0 @@
-#!/usr/bin/python3
-import sys
-import re
-
-cptip = {}
-
-
-regexp = '^(\S+) (\S+) (\S+) \[([^]]+)\] "(\w+) (\S+).*" (\d+) (\S+)'
-for line in sys.stdin:
-        line = line.rstrip ()
-        match =re.match (regexp, line)
-        if match :
-            print (match.group(1)," ",match.group(8))
-            #print {match.group(1)}
-            ip = match.group(1)
-            vol = int(match.group(8))
-            if ip in cptip :
-                cptip[ip] = cptip[ip] + vol
-            else:
-                cptip[ip] = vol
-
-for key in cptip.keys():
-    print(key, ":", cptip[key]) 

nxc/hosts

@@ -1,2 +0,0 @@
-[test]
-192.168.0.22

nxc/inst-nxc.yml

@@ -1,11 +0,0 @@
----
-- name: Installation de Docker Nextcloud et  Traefik
-  hosts: test 
-  become: yes
-  become_method: sudo
-  remote_user: root
-
-  roles:
-    - docker
-    - nextcloud
-    - traefik

nxc/roles/docker/tasks/main.yml

@@ -1,15 +0,0 @@
----
-- name: Téléchargement get.docker
-  get_url:
-    url: http://s-adm/gsbstore/getdocker.sh
-    dest: /tmp
-    mode: '0755'
-
-- name: Execution du script get_docker
-  script: /tmp/get_docker.sh
-
-- name: Téléchargement docker-compose
-  get_url:
-    url: http://s-adm/gsbstore/docker-compose
-    dest: /usr/local/bin               
-    mode: '0755'

nxc/roles/nextcloud/tasks/main.yml

@@ -1,32 +0,0 @@
----
-- name: Creation du repertoire nextcloud
-  file:
-    path: /root/nxc
-    state: directory
-
-- name: Download foo.conf
-  get_url:
-    url: http://example.com/path/file.conf
-    dest: /etc/foo.conf
-    mode: '0755'
-
-- name: Execution du script get_docker
-  script: /root/nextcloud/get_docker.sh
-
-- name: Installation de docker-compose
-  shell: curl -L "https://github.com/docker/compose/releases/download/1.28.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
-
-- name: Attribution des droits de docker compose
-  file:
-    path: /usr/local/bin/docker-compose
-    mode: '755'
-
-- name: Copie de docker-compose.yml
-  copy: 
-    src: /root/tools/ansible/gsb2021/roles/docker-nextcloud/files/docker-compose.yml
-    dest: /root/nextcloud
-
-- name: Execution du fichier docker-compose.yml
-  shell: docker-compose up -d
-  args:
-    chdir: /root/nextcloud

testansible/dokuw/local.yml

@@ -1,5 +0,0 @@
----
-- hosts: all
-  roles:
-  - web
-  - doku

testansible/dokuw/roles/web/tasks/main.yml

@@ -1,10 +0,0 @@
-- name: installation apache2
-  apt:
-    name: apache2
-    state: present
-
-- name: installation php
-  apt:
-    name: php
-    state: present
-

testansible/hosts

@@ -1,6 +0,0 @@
-[adm]
-infra
-
-[web]
-web1
-web2

testansible/index.html

@@ -1 +0,0 @@
-On m'appelle l'ovni

testansible/squid.yml

@@ -1,16 +0,0 @@
----
-- hosts: 
-
-  tasks:
-  - name: install squid
-    apt :
-      name: squid
-      state: present
-
-  - name: mise en place du fichier de conf
-    template:
-      src: squid.conf.j2
-      dest: /etc/squid/squid.conf
-    notify:
-      - restart squid
-      

testansible/syslog-cli.yml

@@ -1,25 +0,0 @@
-- hosts: web
-  tasks:
-  - name: on decommente l'option ForwardToSyslog=yes dans /etc/systemd/journald>
-    replace:
-      path: /etc/systemd/journald.conf
-      regexp: '^#ForwardToSyslog=yes'
-      replace: 'ForwardToSyslog=yes'
-    notify:
-    - restart journald
-  - name: Ajoute l'indication de serveur syslog distant
-    lineinfile:
-      path: /etc/rsyslog.conf
-      line: '*.* @192.168.0.37:514'
-      create: yes
-    notify:
-    - restart rsyslog
-  handlers:
-  - name: restart journald
-    service:
-      name: systemd-journald.service
-      state: restarted
-  - name: restart rsyslog
-    service:
-      name: rsyslog
-      state: restarted

testansible/syslog.yml

@@ -1,22 +0,0 @@
-- hosts: adm
-  tasks:
-  - name: on active le module imudp dans /etc/rsyslog.conf
-    replace:
-      path: /etc/rsyslog.conf
-      regexp: '^#module\(load="imudp"\)'
-      replace: 'module(load="imudp")'
-    notify:
-    - restart rsyslog
-  - name: on decommente la ligne input type imudp port 514 dans /etc/rsyslog.conf
-    replace:
-      path: /etc/rsyslog.conf
-      regexp: '^#input\(type="imudp" port="514"\)'
-      replace: 'input(type="imudp" port="514")'
-    notify:
-    - restart rsyslog
-  handlers:
-  - name: restart rsyslog
-    service:
-      name: rsyslog
-      state: restarted
-

testansible/web.yml

@@ -1,27 +0,0 @@
----
-- hosts: web
-  vars:
-    http_port: 80
-    max_clients: 200
-  remote_user: root
-  tasks:
-  - name: install apache2
-    apt :
-      name: apache2
-      state: present
-  - name: install php
-    apt : 
-      name: php
-      state: present
-  - name: install php-mbstring
-    apt :
-      name: php-mbstring
-      state: present
-  - name: apache is running
-    service:
-      name: apache2
-      state: started
-  - name: copie fichier index.html
-    copy:
-      src: index.html
-      dest: /var/www/html/

tp_loadbalancing/recup

@@ -1,4 +0,0 @@
-#!/bin/sh
-while true ; do
-	curl -s http://192.168.0.151 -o /dev/null
-done

tp_pxe/dhcpd.conf

@@ -1,114 +0,0 @@
-# dhcpd.conf
-#
-# Sample configuration file for ISC dhcpd
-#
-
-# option definitions common to all supported networks...
-option domain-name "192.168.1.1";
-option domain-name-servers 192.168.1.1;
-
-default-lease-time 600;
-max-lease-time 7200;
-
-# The ddns-updates-style parameter controls whether or not the server will
-# attempt to do a DNS update when a lease is confirmed. We default to the
-# behavior of the version 2 packages ('none', since DHCP v2 didn't
-# have support for DDNS.)
-ddns-update-style none;
-
-# If this DHCP server is the official DHCP server for the local
-# network, the authoritative directive should be uncommented.
-#authoritative;
-
-# Use this to send dhcp log messages to a different log file (you also
-# have to hack syslog.conf to complete the redirection).
-#log-facility local7;
-
-# No service will be given on this subnet, but declaring it helps the 
-# DHCP server to understand the network topology.
-
-subnet 192.168.1.0 netmask 255.255.255.0 {
-	range 192.168.1.10 192.168.1.30;
-	option routers 192.168.1.1;
-	option broadcast-address 192.168.1.254;
-	default-lease-time 600;
-	max-lease-time 7200;
-	filename "pxelinux.0";
-	next-server 192.168.1.1;
-}
-
-# This is a very basic subnet declaration.
-
-#subnet 10.254.239.0 netmask 255.255.255.224 {
-#  range 10.254.239.10 10.254.239.20;
-#  option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
-#}
-
-# This declaration allows BOOTP clients to get dynamic addresses,
-# which we don't really recommend.
-
-#subnet 10.254.239.32 netmask 255.255.255.224 {
-#  range dynamic-bootp 10.254.239.40 10.254.239.60;
-#  option broadcast-address 10.254.239.31;
-#  option routers rtr-239-32-1.example.org;
-#}
-
-# A slightly different configuration for an internal subnet.
-#subnet 10.5.5.0 netmask 255.255.255.224 {
-#  range 10.5.5.26 10.5.5.30;
-#  option domain-name-servers ns1.internal.example.org;
-#  option domain-name "internal.example.org";
-#  option routers 10.5.5.1;
-#  option broadcast-address 10.5.5.31;
-#  default-lease-time 600;
-#  max-lease-time 7200;
-#}
-
-# Hosts which require special configuration options can be listed in
-# host statements.   If no address is specified, the address will be
-# allocated dynamically (if possible), but the host-specific information
-# will still come from the host declaration.
-
-#host passacaglia {
-#  hardware ethernet 0:0:c0:5d:bd:95;
-#  filename "vmunix.passacaglia";
-#  server-name "toccata.example.com";
-#}
-
-# Fixed IP addresses can also be specified for hosts.   These addresses
-# should not also be listed as being available for dynamic assignment.
-# Hosts for which fixed IP addresses have been specified can boot using
-# BOOTP or DHCP.   Hosts for which no fixed address is specified can only
-# be booted with DHCP, unless there is an address range on the subnet
-# to which a BOOTP client is connected which has the dynamic-bootp flag
-# set.
-#host fantasia {
-#  hardware ethernet 08:00:07:26:c0:a5;
-#  fixed-address fantasia.example.com;
-#}
-
-# You can declare a class of clients and then do address allocation
-# based on that.   The example below shows a case where all clients
-# in a certain class get addresses on the 10.17.224/24 subnet, and all
-# other clients get addresses on the 10.0.29/24 subnet.
-
-#class "foo" {
-#  match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
-#}
-
-#shared-network 224-29 {
-#  subnet 10.17.224.0 netmask 255.255.255.0 {
-#    option routers rtr-224.example.org;
-#  }
-#  subnet 10.0.29.0 netmask 255.255.255.0 {
-#    option routers rtr-29.example.org;
-#  }
-#  pool {
-#    allow members of "foo";
-#    range 10.17.224.10 10.17.224.250;
-#  }
-#  pool {
-#    deny members of "foo";
-#    range 10.0.29.10 10.0.29.230;
-#  }
-#}

tp_pxe/interfaces

@@ -1,18 +0,0 @@
-# This file describes the network interfaces available on your system
-# and how to activate them. For more information, see interfaces(5).
-
-source /etc/network/interfaces.d/*
-
-# The loopback network interface
-auto lo
-iface lo inet loopback
-
-# The primary network interface
-allow-hotplug enp0s3
-iface enp0s3 inet dhcp
-
-allow-hotplug enp0s8
-iface enp0s8 inet static
-	address 192.168.1.1/24
-	up /root/nat.sh
-

tp_pxe/isc-dhcp-server

@@ -1,18 +0,0 @@
-# Defaults for isc-dhcp-server (sourced by /etc/init.d/isc-dhcp-server)
-
-# Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf).
-#DHCPDv4_CONF=/etc/dhcp/dhcpd.conf
-#DHCPDv6_CONF=/etc/dhcp/dhcpd6.conf
-
-# Path to dhcpd's PID file (default: /var/run/dhcpd.pid).
-#DHCPDv4_PID=/var/run/dhcpd.pid
-#DHCPDv6_PID=/var/run/dhcpd6.pid
-
-# Additional options to start dhcpd with.
-#	Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead
-#OPTIONS=""
-
-# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
-#	Separate multiple interfaces with spaces, e.g. "eth0 eth1".
-INTERFACESv4="enp0s8"
-#INTERFACESv6=""

tp_pxe/nat.sh

@@ -1,3 +0,0 @@
-#!/bin/bash
-echo "1" > /proc/sys/net/ipv4/ip_forward
-iptables -t nat -A POSTROUTING -o enp0s3 -j MASQUERADE # eth0 est l'interface externe