From c6236ad563f6a5acdced87fe982b9e85a5c7ce5a Mon Sep 17 00:00:00 2001 From: Elam Monnot Date: Mon, 9 Jan 2023 11:51:56 +0100 Subject: [PATCH] =?UTF-8?q?fichier=20de=20s=C3=A9curisation?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- sio1/sisr1/80-ansible/stlab.yml | 45 +++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 sio1/sisr1/80-ansible/stlab.yml diff --git a/sio1/sisr1/80-ansible/stlab.yml b/sio1/sisr1/80-ansible/stlab.yml new file mode 100644 index 0000000..8d69ca3 --- /dev/null +++ b/sio1/sisr1/80-ansible/stlab.yml @@ -0,0 +1,45 @@ +--- +- hosts: localhost + # become: true + vars_prompt: + - name: username + prompt: Votre nom? + private: false + + tasks: + - name: cree utilisateurs... + shell: "curl depl.sio.lan/usr/mkusrlin-2024.sh|bash" + + - name: mdp root verrouillage... +# avec mkpasswd -m SHA-512 + ansible.builtin.user: + name: root + password: '$6$Ga8KbEYAgCZYGeDB$7zlfBy1j4koFv.NYQEeZa/k7pwjNTEI7hrWUlrHWTwd1YsEqm.Sy2DZ1GAFYe2qe4ZccMQJAt7QxILY1sd9AV0' + + - name: enleve sio de sudo... + ansible.builtin.user: + name: sio + groups: '' + + - name: met le user "{{ username }}" dans le groupe sudo... + ansible.builtin.user: + name: "{{ username }}" + groups: sudo + append: yes + + - name: installe journal-remote... + apt: + name: systemd-journal-remote + state: present + + - name: configure journal-remote... + replace: + path: /etc/systemd/journal-upload.conf + regexp: '^# URL=' + replace: 'URL=http://192.168.0.1:19532' + + - name: active journal-remote au démarrage... + service: + name: systemd-journal-upload + state: started + enabled: yes