generate cle publique et privee

goss.yaml

@@ -0,0 +1,25 @@
+port:
+  tcp:22:
+    listening: true
+    ip:
+    - 0.0.0.0
+  tcp6:22:
+    listening: true
+    ip:
+    - '::'
+service:
+  sshd:
+    enabled: true
+    running: true
+user:
+  sshd:
+    exists: true
+    uid: 101
+    gid: 65534
+    groups:
+    - nogroup
+    home: /run/sshd
+    shell: /usr/sbin/nologin
+process:
+  sshd:
+    running: true

roles/ssh-backup-key-gen/README.md

@@ -0,0 +1 @@
+###Génération de clé publique et privée###

roles/ssh-backup-key-gen/tasks/main.yml

@@ -0,0 +1,20 @@
+---
+- name: on genere une cle privee pour s-backup
+  openssh_keypair:
+    path: /root/id_rsa_sbackup
+    type: rsa
+    state: present
+
+- name: copie cle publique dans gsbstore
+  copy:
+    src: /root/id_rsa_sbackup.pub
+    dest: /var/www/html/gsbstore
+    mode: 0644
+    remote_src: yes
+
+- name: copie cle privee dans gsbstore
+  copy:
+    src: /root/id_rsa_sbackup
+    dest: /var/www/html/gsbstore
+    mode: 0600
+    remote_src: yes

roles/zabbix-srv/tasks/main.yml

@@ -29,65 +29,41 @@
       name: mariadb
       state: started
 
-  - name: 6. Créer la base de données
-    community.mysql.mysql_db:
-      name: zabbix
-      encoding: utf8mb4
-      collation: utf8mb4_bin
-      state: present
-      login_unix_socket: /var/run/mysqld/mysqld.sock
-
-  - name: 7. Creer un utilisateur et  lui attribuer tous les droits
-    community.mysql.mysql_user:
-      name: zabbix
-      password: password
-      priv: '*.*:ALL,GRANT'
-      state: present
-      login_unix_socket: /var/run/mysqld/mysqld.sock
-
-  - name: 8. Modifier une variable pour importer un schema
+  - name: 6. Modifier la variable trust function creators pour importer la base données
     community.mysql.mysql_variables:
       variable: log_bin_trust_function_creators
       value: 1
       mode: global
       login_unix_socket: /var/run/mysqld/mysqld.sock
 
-  - name: 9. Importer le schema initial
+  - name: 7. Importer la base de données
     community.mysql.mysql_db:
       state: import
       name: zabbix
       encoding: utf8mb4
-      login_user: zabbix
-      login_password: password
-      target: /usr/share/zabbix-sql-scripts/mysql/server.sql.gz
+      target: http://s-adm.gsb..adm/gsbstore/zabbix.sql.gz
       login_unix_socket: /var/run/mysqld/mysqld.sock
 
-  - name: 10. Modifier la variable pour le schema
+  - name: 8. Remettre a zero la variable trust function creators
     community.mysql.mysql_variables:
       variable: log_bin_trust_function_creators
       value: 0
       mode: global
       login_unix_socket: /var/run/mysqld/mysqld.sock
 
-  - name: 11. Configurer le mdp de la db
-    replace:
-     path: /etc/zabbix/zabbix_server.conf
-     regexp: '^# DBPassword='
-     replace: 'DBPassword=password'
-
-  - name: 12. Lancer le service zabbix-server
+  - name: 9. Lancer le service zabbix-server
     service:
      name: zabbix-server
      state: restarted
      enabled: yes
 
-  - name: 13. Lancer le service zabbix-agent
+  - name: 10. Lancer le service zabbix-agent
     service:
      name: zabbix-agent
      state: restarted
      enabled: yes
 
-  - name: 14. Lancer le service apache2
+  - name: 11. Lancer le service apache2
     service:
      name: apache2
      state: restarted

s-adm.yml

@@ -7,6 +7,7 @@
     - s-ssh
     - dnsmasq
     - squid
+    - ssh-backup-key-gen
 #    - local-store
     - zabbix-cli
     ## - syslog-cli