commit 59a172caa855c0b174f90513f64271be0bbc2baf
Author: charlie.alves <charliealves3740@gmail.com>
Date:   Mon Dec 8 14:43:38 2025 +0000

    ctrlansible

diff --git a/files/resolv.conf b/files/resolv.conf
new file mode 100755
index 0000000..352c7b7
--- /dev/null
+++ b/files/resolv.conf
@@ -0,0 +1,4 @@
+search sio.lan
+domain sio.lan
+nameserver 10.121.38.7
+nameserver 10.121.38.8
diff --git a/hosts b/hosts
new file mode 100755
index 0000000..4672012
--- /dev/null
+++ b/hosts
@@ -0,0 +1,2 @@
+[srv]
+192.168.0.42 ansible_user=vagrant ansible_password=vagrant
diff --git a/playbook.yml b/playbook.yml
new file mode 100755
index 0000000..d7d7961
--- /dev/null
+++ b/playbook.yml
@@ -0,0 +1,64 @@
+---
+- hosts: srv
+  become: yes
+  tasks:
+
+    # Créer l'utilisateur sioadm
+    - name: Créer l'utilisateur sioadm
+      user:
+        name: sioadm
+        state: present
+        shell: /bin/bash
+        groups: sudo
+        append: yes
+        password: "{{ 'sioadm' | password_hash('sha512') }}"
+        create_home: yes
+
+    # Ajouter la clé publique SSH pour sioadm
+    - name: Ajouter la clé publique SSH pour sioadm
+      authorized_key:
+        user: sioadm
+        key: "{{ lookup('file', 'keys/id_rsa.pub') }}"
+
+    # désinstaller les paquets wpasupplicant et rpcbind inutiles
+    - name: Désinstaller wpasupplicant et rpcbind
+      apt:
+        name:
+          - wpasupplicant
+          - rpcbind
+        state: absent
+        purge: yes
+
+    # Configurer /etc/resolv.conf
+    - name: Configurer search
+      lineinfile:
+        path: /etc/resolv.conf
+        regexp: '^search'
+        line: 'search sio.lan'
+
+    - name: Configurer domain
+      lineinfile:
+        path: /etc/resolv.conf
+        regexp: '^domain'
+        line: 'domain sio.lan'
+
+    - name: Ajouter nameserver 10.121.38.7
+      lineinfile:
+        path: /etc/resolv.conf
+        regexp: '^nameserver 10\.121\.38\.7'
+        line: 'nameserver 10.121.38.7'
+        insertafter: EOF
+
+    - name: Ajouter nameserver 10.121.38.8
+      lineinfile:
+        path: /etc/resolv.conf
+        regexp: '^nameserver 10\.121\.38\.8'
+        line: 'nameserver 10.121.38.8'
+        insertafter: EOF
+
+    # Désactiver le login root en SSH
+    - name: Configurer PermitRootLogin dans sshd_config
+      lineinfile:
+        path: /etc/ssh/sshd_config
+        regexp: '^#?PermitRootLogin'
+        line: 'PermitRootLogin prohibit-password'