From b922c7b009b43b9bdf55c68dcaab391c2ce488eb Mon Sep 17 00:00:00 2001
From: ludovic diemert <ludovic.diemert@localhost.fr>
Date: Thu, 25 Nov 2021 15:31:28 +0100
Subject: [PATCH] DS ansible

---
 sio2/ct-ansible/hosts           |  4 ++++
 sio2/ct-ansible/utilisateur.yml | 36 +++++++++++++++++++++++++++++++++
 2 files changed, 40 insertions(+)
 create mode 100644 sio2/ct-ansible/hosts
 create mode 100644 sio2/ct-ansible/utilisateur.yml

diff --git a/sio2/ct-ansible/hosts b/sio2/ct-ansible/hosts
new file mode 100644
index 0000000..0f7c417
--- /dev/null
+++ b/sio2/ct-ansible/hosts
@@ -0,0 +1,4 @@
+[user]
+srv
+
+
diff --git a/sio2/ct-ansible/utilisateur.yml b/sio2/ct-ansible/utilisateur.yml
new file mode 100644
index 0000000..c3bbe4d
--- /dev/null
+++ b/sio2/ct-ansible/utilisateur.yml
@@ -0,0 +1,36 @@
+---
+- hosts: srv
+  vars:
+    password: Azerty1+
+  tasks:
+
+    - name: creation de l'utilisateur sioadm
+      user:
+        name: sioadm
+        state: present
+        generate_ssh_key: yes
+        uid: 1200
+        groups: sudo
+        append: yes
+        password: "{{ 'Azerty1+' | password_hash('sha512') }}"
+      
+    - name: desinstallation du paquet wpasupplicant
+      apt:
+         name: wpasupplicant
+         state: absent
+
+    - name: desinstallation du paquet rpcbind
+      apt:
+         name: rpcbind
+         state: absent
+
+    - name: copie du fichier /etc/resolv.conf
+      copy:
+        src: resolv.conf
+        dest: /etc/resolv.conf
+
+    - name: ajout de la ligne PermitRootLogin prohibit-password dans /etc/ssh/sshd_config
+      lineinfile:
+        path: /etc/ssh/sshd_config
+        line: 'PermitRootLogin prohibit-password'
+        create: yes