jeremy.thomas/siotp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: jeremy.thomas:v0.0.2
Branches Tags
jeremy.thomas:main jeremy.thomas:master
jeremy.thomas:v0.0.6 jeremy.thomas:v0.0.5 jeremy.thomas:v0.0.4 jeremy.thomas:v0.0.3 jeremy.thomas:v0.0.2a jeremy.thomas:v0.0.2 jeremy.thomas:v0.0.1
...
compare: jeremy.thomas:v0.0.6
Branches Tags
jeremy.thomas:main jeremy.thomas:master
jeremy.thomas:v0.0.6 jeremy.thomas:v0.0.5 jeremy.thomas:v0.0.4 jeremy.thomas:v0.0.3 jeremy.thomas:v0.0.2a jeremy.thomas:v0.0.2 jeremy.thomas:v0.0.1

6 Commits
v0.0.2 ... v0.0.6

Author SHA1 Message Date
jeremy.thomas
ae750c11f7 Ajout du tp ansible 2025-11-13 14:56:33 +01:00
root
c7699038a7 Ajout du tp nagios4 2025-09-19 17:19:18 +02:00
jeremy.thomas
e8177b4577 Actualiser sisr2/sisr/README.md 2025-09-22 17:32:14 +02:00
root
24917e9aeb Ajout de la séance 7 du tp PXE 2025-09-22 17:27:56 +02:00
root
e232f3b685 Ajout du script lvs.sh 2025-09-18 17:17:33 +02:00
root
ab12968586 Ajout du fichier haproxy 2025-09-18 17:10:50 +02:00
23 changed files with 20626 additions and 1 deletions
Expand all files Collapse all files

300
sisr2/cyber/20-nagios4/commands.cfg Normal file
View File

@@ -0,0 +1,300 @@
###############################################################################
# COMMANDS.CFG - SAMPLE COMMAND DEFINITIONS FOR NAGIOS 4.4.6
#
#
# NOTES: This config file provides you with some example command definitions
# that you can reference in host, service, and contact definitions.
#
# You don't need to keep commands in a separate file from your other
# object definitions. This has been done just to make things easier to
# understand.
#
###############################################################################
################################################################################
#
# SAMPLE NOTIFICATION COMMANDS
#
# These are some example notification commands. They may or may not work on
# your system without modification. As an example, some systems will require
# you to use "/usr/bin/mailx" instead of "/usr/bin/mail" in the commands below.
#
################################################################################
define command {
command_name notify-host-by-email
command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" $CONTACTEMAIL$
}
define command {
command_name notify-service-by-email
command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$
}
define command {
command_name check_lin_load
command_line $USER1$/check_snmp_load.pl -H $HOSTADDRESS$ -C $ARG1$ $ARG2$ -T $ARG3$ -w $ARG4$ -c $ARG5$
}
define command {
command_name check_dns_ext
command_line /usr/lib/nagios/plugins/check_dns -H google.com -s 10.121.38.7
}
################################################################################
#
# SAMPLE HOST CHECK COMMANDS
#
################################################################################
# Removed in Debian because it conflicts with the command of the same name
# defined in ping.cfg, which is part of monitoring-plugins-basic.
#
## This command checks to see if a host is "alive" by pinging it
## The check must result in a 100% packet loss or 5 second (5000ms) round trip
## average time to produce a critical error.
## Note: Five ICMP echo packets are sent (determined by the '-p 5' argument)
#
#define command {
#
# command_name check-host-alive
# command_line $USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5
#}
################################################################################
#
# SAMPLE SERVICE CHECK COMMANDS
#
# These are some example service check commands. They may or may not work on
# your system, as they must be modified for your plugins. See the HTML
# documentation on the plugins for examples of how to configure command definitions.
#
# NOTE: The following 'check_local_...' functions are designed to monitor
# various metrics on the host that Nagios is running on (i.e. this one).
################################################################################
define command {
command_name check_local_disk
command_line $USER1$/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
}
define command {
command_name check_local_load
command_line $USER1$/check_load -w $ARG1$ -c $ARG2$
}
define command {
command_name check_local_procs
command_line $USER1$/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$
}
define command {
command_name check_local_users
command_line $USER1$/check_users -w $ARG1$ -c $ARG2$
}
define command {
command_name check_local_swap
command_line $USER1$/check_swap -w $ARG1$ -c $ARG2$
}
define command {
command_name check_local_mrtgtraf
command_line $USER1$/check_mrtgtraf -F $ARG1$ -a $ARG2$ -w $ARG3$ -c $ARG4$ -e $ARG5$
}
################################################################################
# NOTE: The following 'check_...' commands are used to monitor services on
# both local and remote hosts.
################################################################################
# Removed in Debian because it conflicts with the command of the same of
# defined in ftp.cfg, which is part of monitoring-plugins-basic.
#
#define command {
#
# command_name check_ftp
# command_line $USER1$/check_ftp -H $HOSTADDRESS$ $ARG1$
#}
# Removed in Debian because it conflicts with the command of the same of
# defined in hppjd.cfg, which is part of monitoring-plugins-standard.
#
#define command {
#
# command_name check_hpjd
# command_line $USER1$/check_hpjd -H $HOSTADDRESS$ $ARG1$
#}
define command {
command_name check_snmp
command_line $USER1$/check_snmp -H $HOSTADDRESS$ $ARG1$
}
# Removed in Debian because it conflicts with the command of the same of
# defined in http.cfg, which is part of monitoring-plugins-basic.
#
#define command {
#
# command_name check_http
# command_line $USER1$/check_http -I $HOSTADDRESS$ $ARG1$
#}
# Removed in Debian because it conflicts with the command of the same of
# defined in ssh.cfg, which is part of monitoring-plugins-basic.
#
#define command {
#
# command_name check_ssh
# command_line $USER1$/check_ssh $ARG1$ $HOSTADDRESS$
#}
# Removed in Debian because it conflicts with the command of the same of
# defined in dhcp.cfg, which is part of monitoring-plugins-basic.
#
#define command {
#
# command_name check_dhcp
# command_line $USER1$/check_dhcp $ARG1$
#}
# Removed in Debian because it conflicts with the command of the same of
# defined in ping.cfg, which is part of monitoring-plugins-basic.
#
#define command {
#
# command_name check_ping
# command_line $USER1$/check_ping -H $HOSTADDRESS$ -w $ARG1$ -c $ARG2$ -p 5
#}
# Removed in Debian because it conflicts with the command of the same of
# defined in mail.cfg, which is part of monitoring-plugins-basic.
#
#define command {
#
# command_name check_pop
# command_line $USER1$/check_pop -H $HOSTADDRESS$ $ARG1$
#}
# Removed in Debian because it conflicts with the command of the same of
# defined in mail.cfg, which is part of monitoring-plugins-basic.
#
#define command {
#
# command_name check_imap
# command_line $USER1$/check_imap -H $HOSTADDRESS$ $ARG1$
#}
# Removed in Debian because it conflicts with the command of the same of
# defined in mail.cfg, which is part of monitoring-plugins-basic.
#
#define command {
#
# command_name check_smtp
# command_line $USER1$/check_smtp -H $HOSTADDRESS$ $ARG1$
#}
# Removed in Debian because it conflicts with the command of the same of
# defined in tcp_ucp.cfg, which is part of monitoring-plugins-basic.
#
#define command {
#
# command_name check_tcp
# command_line $USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ $ARG2$
#}
# Removed in Debian because it conflicts with the command of the same of
# defined in tcp_ucp.cfg, which is part of monitoring-plugins-basic.
#
#define command {
#
# command_name check_udp
# command_line $USER1$/check_udp -H $HOSTADDRESS$ -p $ARG1$ $ARG2$
#}
# Removed in Debian because it conflicts with the command of the same of
# defined in nt.cfg, which is part of monitoring-plugins-standard.
#
#define command {
#
# command_name check_nt
# command_line $USER1$/check_nt -H $HOSTADDRESS$ -p 12489 -v $ARG1$ $ARG2$
#}
################################################################################
#
# SAMPLE PERFORMANCE DATA COMMANDS
#
# These are sample performance data commands that can be used to send performance
# data output to two text files (one for hosts, another for services). If you
# plan on simply writing performance data out to a file, consider using the
# host_perfdata_file and service_perfdata_file options in the main config file.
#
################################################################################
define command {
command_name process-host-perfdata
command_line /usr/bin/printf "%b" "$LASTHOSTCHECK$\t$HOSTNAME$\t$HOSTSTATE$\t$HOSTATTEMPT$\t$HOSTSTATETYPE$\t$HOSTEXECUTIONTIME$\t$HOSTOUTPUT$\t$HOSTPERFDATA$\n" >> /var/lib/nagios4/host-perfdata.out
}
define command {
command_name process-service-perfdata
command_line /usr/bin/printf "%b" "$LASTSERVICECHECK$\t$HOSTNAME$\t$SERVICEDESC$\t$SERVICESTATE$\t$SERVICEATTEMPT$\t$SERVICESTATETYPE$\t$SERVICEEXECUTIONTIME$\t$SERVICELATENCY$\t$SERVICEOUTPUT$\t$SERVICEPERFDATA$\n" >> /var/lib/nagios4/service-perfdata.out
}

166
sisr2/cyber/20-nagios4/localhost.cfg Normal file
View File

@@ -0,0 +1,166 @@
###############################################################################
# LOCALHOST.CFG - SAMPLE OBJECT CONFIG FILE FOR MONITORING THIS MACHINE
#
#
# NOTE: This config file is intended to serve as an *extremely* simple
# example of how you can create configuration entries to monitor
# the local (Linux) machine.
#
###############################################################################
###############################################################################
#
# HOST DEFINITION
#
###############################################################################
# Define a host for the local machine
define host {
use linux-server ; Name of host template to use
; This host definition will inherit all variables that are defined
; in (or inherited by) the linux-server host template definition.
host_name localhost
alias localhost
address 127.0.0.1
}
###############################################################################
#
# HOST GROUP DEFINITION
#
###############################################################################
# Define an optional hostgroup for Linux machines
#define hostgroup {
# hostgroup_name linux-servers ; The name of the hostgroup
# alias Linux Servers ; Long name of the group
# members localhost ; Comma separated list of hosts that belong to this group
#}
###############################################################################
#
# SERVICE DEFINITIONS
#
###############################################################################
# Define a service to "ping" the local machine
define service {
use local-service ; Name of service template to use
host_name localhost
service_description PING
check_command check_ping!100.0,20%!500.0,60%
}
# Define a service to check the disk space of the root partition
# on the local machine. Warning if < 20% free, critical if
# < 10% free space on partition.
define service {
use local-service ; Name of service template to use
host_name localhost
service_description Root Partition
check_command check_local_disk!20%!10%!/
}
# Define a service to check the number of currently logged in
# users on the local machine. Warning if > 20 users, critical
# if > 50 users.
define service {
use local-service ; Name of service template to use
host_name localhost
service_description Current Users
check_command check_local_users!20!50
}
# Define a service to check the number of currently running procs
# on the local machine. Warning if > 250 processes, critical if
# > 400 processes.
define service {
use local-service ; Name of service template to use
host_name localhost
service_description Total Processes
check_command check_local_procs!250!400!RSZDT
}
# Define a service to check the load on the local machine.
define service {
use local-service ; Name of service template to use
host_name localhost
service_description Current Load
check_command check_local_load!5.0,4.0,3.0!10.0,6.0,4.0
}
# Define a service to check the swap usage the local machine.
# Critical if less than 10% of swap is free, warning if less than 20% is free
define service {
use local-service ; Name of service template to use
host_name localhost
service_description Swap Usage
check_command check_local_swap!20%!10%
}
# Define a service to check SSH on the local machine.
# Disable notifications for this service by default, as not all users may have SSH enabled.
define service {
use local-service ; Name of service template to use
host_name localhost
service_description SSH
check_command check_ssh
notifications_enabled 0
}
# Define a service to check HTTP on the local machine.
# Disable notifications for this service by default, as not all users may have HTTP enabled.
define service {
use local-service ; Name of service template to use
host_name localhost
service_description HTTP
check_command check_http
notifications_enabled 0
}
define service{
use generic-service
host_name localhost
service_description chk-dns-ext
check_command check_dns_ext
}

1392
sisr2/cyber/20-nagios4/nagios.cfg Normal file
View File

File diff suppressed because it is too large Load Diff

9
sisr2/cyber/20-nagios4/services.cfg Normal file
View File

@@ -0,0 +1,9 @@
# service de supervision de Load Linux avec SNMP
# 3 valeurs : charge moyenne sur 1 min, 5 min, 15 min
define service{
use generic-service ;Use generic-service template
hostgroup_name linux-servers ; S'applique au groupe en question
service_description chk-lin-load ; Nom du service
check_command check_lin_load!public!--v2c!netsl!3,2,2!3,2,2 ; Command
# servicegroups ser-lin-base ;Service belong servicegroup
}

87
sisr2/cyber/20-nagios4/srv.cfg Normal file
View File

@@ -0,0 +1,87 @@
###############################################################################
# LOCALHOST.CFG - SAMPLE OBJECT CONFIG FILE FOR MONITORING THIS MACHINE
#
#
# NOTE: This config file is intended to serve as an *extremely* simple
# example of how you can create configuration entries to monitor
# the local (Linux) machine.
#
###############################################################################
###############################################################################
#
# HOST DEFINITION
#
###############################################################################
# Define a host for the local machine
define host {
use linux-server ; Name of host template to use
; This host definition will inherit all variables that are defined
; in (or inherited by) the linux-server host template definition.
host_name srv
alias srv
address 192.168.0.32
}
###############################################################################
#
# HOST GROUP DEFINITION
#
###############################################################################
# Define an optional hostgroup for Linux machines
###############################################################################
#
# SERVICE DEFINITIONS
#
###############################################################################
# Define a service to "ping" the local machine
# Define a service to check the disk space of the root partition
# on the local machine. Warning if < 20% free, critical if
# < 10% free space on partition.
# Define a service to check the number of currently logged in
# users on the local machine. Warning if > 20 users, critical
# if > 50 users.
# Define a service to check SSH on the local machine.
# Disable notifications for this service by default, as not all users may have SSH enabled.
define service {
use generic-service ; Name of service template to use
host_name srv
service_description SSH
check_command check_ssh
notifications_enabled 0
}
# Define a service to check HTTP on the local machine.
# Disable notifications for this service by default, as not all users may have HTTP enabled.
define service {
use generic-service ; Name of service template to use
host_name srv
service_description HTTP
check_command check_http
notifications_enabled 0
}

51
sisr2/sisr/20-LB/haproxy.cfg Normal file
View File

@@ -0,0 +1,51 @@
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
# See: https://ssl-config.mozilla.org/#server=haproxy&server-version=2.0.3&config=intermediate
ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
# définir l'avant-tête (n'importe quel nom est OK pour [http-in)
frontend http-in
# Écouter sur 80 ports
bind *:80
# Délimiter le retrait par défaut
default_backend backend_servers
# Envoyer l'en-tête X-Forwarded-For
option forwardfor
# définir le backend
backend backend_servers
# équilibre avec la arrondie
balance roundrobin
# définir des serveurs dorsaux
server web1 172.16.1.1:80 check
server web2 172.16.1.2:80 check

14
sisr2/sisr/20-LB/lvs.sh Normal file
View File

@@ -0,0 +1,14 @@
#!/bin/bash
# Installation du paquet ipvsadm
sudo apt update && sudo apt upgrade -y
sudo apt install ipvsadm
# Activation du routage
sudo sysctl -w net.ipv4.ip_forward=1
# Création du cluster
sudo ipvsadm -A -t 192.168.0.160:80 -s rr
# Ajout des serveurs réels au cluster
sudo ipvsadm -a -t 192.168.0.160:80 -r 172.16.1.1:80 -m
sudo ipvsadm -a -t 192.168.0.160:80 -r 172.16.1.2:80 -m

9
sisr2/sisr/25-pxe/README.md Normal file
View File

@@ -0,0 +1,9 @@
# séance 7 : PXE/déploiement automatisé de machines
**nat.sh** : Activation du routage NAT
**dhcpd.conf** : Configuration du dhcp
**isc-dhcp-server** : Activation tout ce qui concerne IPV4
**enp0s3 et enp0s8** : Cartes réseaux

110
sisr2/sisr/25-pxe/dhcpd.conf Normal file
View File

@@ -0,0 +1,110 @@
# dhcpd.conf
#
# Sample configuration file for ISC dhcpd
#
# option definitions common to all supported networks...
option domain-name "example.org";
option domain-name-servers ns1.example.org, ns2.example.org;
default-lease-time 600;
max-lease-time 7200;
# The ddns-updates-style parameter controls whether or not the server will
# attempt to do a DNS update when a lease is confirmed. We default to the
# behavior of the version 2 packages ('none', since DHCP v2 didn't
# have support for DDNS.)
ddns-update-style none;
# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
#authoritative;
# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
#log-facility local7;
# No service will be given on this subnet, but declaring it helps the
# DHCP server to understand the network topology.
#subnet 10.152.187.0 netmask 255.255.255.0 {
#}
# This is a very basic subnet declaration.
#subnet 10.254.239.0 netmask 255.255.255.224 {
# range 10.254.239.10 10.254.239.20;
# option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
#}
# This declaration allows BOOTP clients to get dynamic addresses,
# which we don't really recommend.
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.10 192.168.1.20;
option domain-name-servers 10.121.38.7;
option broadcast-address 192.168.1.255;
option routers 192.168.1.1;
next-server 192.168.1.1;
filename "pxelinux.0";
}
# A slightly different configuration for an internal subnet.
#subnet 10.5.5.0 netmask 255.255.255.224 {
# range 10.5.5.26 10.5.5.30;
# option domain-name-servers ns1.internal.example.org;
# option domain-name "internal.example.org";
# option routers 10.5.5.1;
# option broadcast-address 10.5.5.31;
# default-lease-time 600;
# max-lease-time 7200;
#}
# Hosts which require special configuration options can be listed in
# host statements. If no address is specified, the address will be
# allocated dynamically (if possible), but the host-specific information
# will still come from the host declaration.
#host passacaglia {
# hardware ethernet 0:0:c0:5d:bd:95;
# filename "vmunix.passacaglia";
# server-name "toccata.example.com";
#}
# Fixed IP addresses can also be specified for hosts. These addresses
# should not also be listed as being available for dynamic assignment.
# Hosts for which fixed IP addresses have been specified can boot using
# BOOTP or DHCP. Hosts for which no fixed address is specified can only
# be booted with DHCP, unless there is an address range on the subnet
# to which a BOOTP client is connected which has the dynamic-bootp flag
# set.
#host fantasia {
# hardware ethernet 08:00:07:26:c0:a5;
# fixed-address fantasia.example.com;
#}
# You can declare a class of clients and then do address allocation
# based on that. The example below shows a case where all clients
# in a certain class get addresses on the 10.17.224/24 subnet, and all
# other clients get addresses on the 10.0.29/24 subnet.
#class "foo" {
# match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
#}
#shared-network 224-29 {
# subnet 10.17.224.0 netmask 255.255.255.0 {
# option routers rtr-224.example.org;
# }
# subnet 10.0.29.0 netmask 255.255.255.0 {
# option routers rtr-29.example.org;
# }
# pool {
# allow members of "foo";
# range 10.17.224.10 10.17.224.250;
# }
# pool {
# deny members of "foo";
# range 10.0.29.10 10.0.29.230;
# }
#}

3
sisr2/sisr/25-pxe/enp0s3 Normal file
View File

@@ -0,0 +1,3 @@
# generated by FAI
auto enp0s3
iface enp0s3 inet dhcp

5
sisr2/sisr/25-pxe/enp0s8 Normal file
View File

@@ -0,0 +1,5 @@
# generated by FAI
auto enp0s8
iface enp0s8 inet static
address 192.168.1.1/24
post-up bash /root/nat.sh

18
sisr2/sisr/25-pxe/isc-dhcp-server Normal file
View File

@@ -0,0 +1,18 @@
# Defaults for isc-dhcp-server (sourced by /etc/init.d/isc-dhcp-server)
# Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf).
DHCPDv4_CONF=/etc/dhcp/dhcpd.conf
#DHCPDv6_CONF=/etc/dhcp/dhcpd6.conf
# Path to dhcpd's PID file (default: /var/run/dhcpd.pid).
DHCPDv4_PID=/var/run/dhcpd.pid
#DHCPDv6_PID=/var/run/dhcpd6.pid
# Additional options to start dhcpd with.
# Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead
#OPTIONS=""
# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
# Separate multiple interfaces with spaces, e.g. "eth0 eth1".
INTERFACESv4="enp0s8"
#INTERFACESv6=""

6
sisr2/sisr/25-pxe/nat.sh Normal file
View File

@@ -0,0 +1,6 @@
#!/bin/bash
IFEXT=enp0s3
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -F -t nat
iptables -t nat -A POSTROUTING -o "${IFEXT}" -j MASQUERADE
exit 0

16
sisr2/sisr/30-ansinble/apache.yml Normal file
View File

@@ -0,0 +1,16 @@
---
- hosts: all
tasks:
- name: install apache2
apt:
name:
- apache2
- php
- php-mbstring
update_cache: yes
state: present
- name: insert index.html
copy:
src: index.html
dest: /var/www/html/
mode: 0664

7
sisr2/sisr/30-ansinble/doku/local.yml Normal file
View File

@@ -0,0 +1,7 @@
---
- hosts: all
become: yes
roles:
- web
- doku

10
sisr2/sisr/30-ansinble/doku/main.yml Normal file
View File

@@ -0,0 +1,10 @@
- name: installation apache2
apt:
name: apache2
state: present
with_items:
- apache2
- php
- php-mbstring
- php-gd
- php-xml

6
sisr2/sisr/30-ansinble/hosts Normal file
View File

@@ -0,0 +1,6 @@
[adm]
infra
[web]
web1
web2

9161
sisr2/sisr/30-ansinble/squid.conf Normal file
View File

File diff suppressed because it is too large Load Diff

9163
sisr2/sisr/30-ansinble/squid.conf.j2 Normal file
View File

File diff suppressed because it is too large Load Diff

30
sisr2/sisr/30-ansinble/squid.yml Normal file
View File

@@ -0,0 +1,30 @@
---
- name: squid.yml
hosts: all
vars:
- proxy_port: 8080
- proxy_mem: 128
tasks:
- name: Installer Squid
apt:
name: squid
state: present
# update_cache: yes
# - name: Récupérer le fichier de configuration par défaut squid.conf
# fetch:
# src: /etc/squid/squid.conf
# dest: squid.conf
# flat: yes
- name: envoi du fichier squid.conf
template:
src: squid.conf.j2
dest: /etc/squid/squid.conf
notify: Restart squid
handlers:
- name: Restart squid
service:
name: squid
state: restarted

33
sisr2/sisr/30-ansinble/syslog-cli.yml Normal file
View File

@@ -0,0 +1,33 @@
# syslog-cli.yml
---
- hosts: web
tasks:
- name: 1. Installe le paquet rsyslog.
apt:
name: rsyslog
state: present
- name: 2. Ajoute la ligne pour forwarder les logs rsyslog au bon endroit.
lineinfile:
path: /etc/rsyslog.conf
line: '*.* @192.168.0.37:514'
create: yes
notify: Restart rsyslog
- name: 3. Forward les logs journald vers syslog.
replace:
path: /etc/systemd/journald.conf
regexp: '^#ForwardToSyslog=yes'
replace: 'ForwardToSyslog=yes'
notify: Restart journald
handlers:
- name: Restart rsyslog
service:
name: rsyslog
state: restarted
- name: Restart journald
service:
name: systemd-journald
state: restarted

29
sisr2/sisr/30-ansinble/syslog.yml Normal file
View File

@@ -0,0 +1,29 @@
# syslog.yml
---
- hosts: adm
tasks:
- name: 1. Installe le paquet rsyslog.
apt:
name: rsyslog
state: present
- name: 2. Active le module UDP sur le serveur syslog.
replace:
path: /etc/rsyslog.conf
regexp: '^#module\(load="imudp"\)'
replace: 'module(load="imudp")'
notify: Restart rsyslog
- name: 3. Active l'écoute sur le port UDP 514.
replace:
path: /etc/rsyslog.conf
regexp: '^#input\(type="imudp" port="514"\)'
replace: 'input(type="imudp" port="514")'
notify: Restart rsyslog
handlers:
- name: Restart rsyslog
service:
name: rsyslog
state: restarted

2
sisr2/sisr/README.md
View File

@@ -1 +1 @@
# Dépôt des tp de SISR
# Dépôt tp de SISR 2ème année