Compare commits
	
		
			12 Commits
		
	
	
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
|  | 3617c1448f | ||
|  | f35e953e33 | ||
|  | b922c7b009 | ||
|  | 8dde9a9e9f | ||
|  | 2c6ab59e82 | ||
|  | 7ecbfcd3e6 | ||
|  | a8125f9062 | ||
|  | b82576d49e | ||
|  | 1b80141dc4 | ||
|  | 22508e2755 | ||
|  | e2434ee93c | ||
|  | 474fbcba2c | 
							
								
								
									
										491
									
								
								sio2/ct-ansible/bash_history
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										491
									
								
								sio2/ct-ansible/bash_history
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,491 @@ | ||||
| apt install vim curl mc sudo  | ||||
| apt autoclean | ||||
| apt autoremove | ||||
| poweroff | ||||
| ip a | ||||
| ip l | ||||
| ip n | ||||
| ip r | ||||
| poweroff | ||||
| apt install ansible | ||||
| ssh-keygen | ||||
| cd /etc/ssh | ||||
| nano ~/.ssh  | ||||
| nano ~/.ssh/config  | ||||
| cd | ||||
| ssh-copy-id infra | ||||
| ssh-copy-id web1 | ||||
| ssh-copy-id web2 | ||||
| hostnamectl set-hostname ansible | ||||
| nano /etc/hosts | ||||
| reboot | ||||
| ssh infra uptime | ||||
| cd | ||||
| cd /home | ||||
| mkdir testansible | ||||
| cd testansible/ | ||||
| nano hosts | ||||
| ansible all -i hosts -m ping | ||||
| ansible web -i hosts -m shell -a uptime | ||||
| ansible web -i hosts -m setup | more | ||||
|  cd | ||||
| cd | ||||
| mkdir tpansible | ||||
| cd tpansible/ | ||||
| nano web.yml | ||||
| ansible-playbook -i hosts web.yml | ||||
| nano web.yml | ||||
| ansible-playbook -i hosts web.yml | ||||
| nano web.yml | ||||
| ansible-playbook -i hosts web.yml | ||||
| nano web.yml | ||||
| ansible-playbook -i hosts web.yml | ||||
| nano web.yml | ||||
| ansible-playbook -i hosts web.yml | ||||
| nano web.yml | ||||
| ansible-playbook -i hosts web.yml | ||||
| nano web.yml | ||||
| ansible-playbook -i hosts web.yml | ||||
| cd | ||||
| ls | ||||
| cd | ||||
| cd tpansible/ | ||||
| ls | ||||
| cd | ||||
| cd /home/testansible/ | ||||
|  | ||||
|  | ||||
| cd /home/testansible/ | ||||
| ls | ||||
| cd | ||||
| cd tpansible/ | ||||
| ls | ||||
| ansible-playbook -i hosts web.yml | ||||
| nano web.yml | ||||
| ansible-playbook -i hosts web.yml | ||||
| nano web.yml | ||||
| ansible-playbook -i hosts web.yml | ||||
| nano web.yml | ||||
| echo "salut" > index.html | ||||
| nano web.yml | ||||
| echo "salut" > index.html | ||||
|  | ||||
| cd | ||||
| ip a | ||||
| cd | ||||
| cd /home | ||||
| ls | ||||
| cd /test | ||||
| cd testansible/ | ||||
| cd | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano web.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| ansible-playbook -i hosts syslog.yml  | ||||
| ansible-playbook -i hosts syslog-cli.yml  | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog.yml | ||||
| ansible-playbook -i hosts syslog-cli.yml  | ||||
| ansible-playbook -i hosts syslog.yml  | ||||
| nano syslog.yml | ||||
| ansible-playbook -i hosts syslog.yml  | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog-cli.yml | ||||
| ansible-playbook -i hosts syslog.yml  | ||||
| ansible-playbook -i hosts syslog.yml  | ||||
| nano syslog-cli.yml | ||||
| ansible-playbook -i hosts syslog.yml  | ||||
| nano syslog-cli.yml | ||||
| ansible-playbook -i hosts syslog-cli.yml  | ||||
| nano syslog-cli.yml | ||||
| cd .. | ||||
| poweroff | ||||
| cd /home | ||||
| ls | ||||
| cd testansible/ | ||||
| ls | ||||
| ls | ||||
| cd | ||||
| ls | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano web.yml  | ||||
| ls | ||||
| nano syslog-cli.yml  | ||||
| cd | ||||
| cd /home | ||||
| ls | ||||
| mkdir -p dokuw/roles{web,doku}/{tasks,handlers,files,templates} | ||||
| ls | ||||
| cd dokuw | ||||
| ls | ||||
| cd .. | ||||
| tree dokuw | ||||
| cd | ||||
| tree dokuw | ||||
| three | ||||
| cd /home/dokuw/ | ||||
| nano local.yml | ||||
| cd roles | ||||
| ls | ||||
| ls  | ||||
| cd rolesdoku/ | ||||
| ls | ||||
| ls | ||||
| cd .. | ||||
| cd rolesweb/ | ||||
| cd tasks/ | ||||
| ls | ||||
| nano main.yml | ||||
| cd .. | ||||
| cd .. | ||||
| cd rolesdoku/ | ||||
| ls | ||||
| cd tasks/ | ||||
| ls | ||||
| nano main.yml | ||||
| cd | ||||
| ls | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano hosts  | ||||
| cd | ||||
| ls | ||||
| nano hosts  | ||||
| ls | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano hosts  | ||||
| ls | ||||
| cd | ||||
| ls | ||||
| cd /home/ | ||||
| ls | ||||
| cd dokuw/ | ||||
| cd rolesweb/tasks/ | ||||
| ls | ||||
| nano main.yml | ||||
| cd | ||||
| cd /etc/ssh | ||||
| ls | ||||
| nano ssh_config | ||||
| nano ssh_config.d | ||||
| cd /ssh_config.d | ||||
| ls | ||||
| cd ssh_config.d/ | ||||
| ls | ||||
| cd .. | ||||
| nano sshd_config | ||||
| ls | ||||
| cd | ||||
| nano ~/.ssh/config  | ||||
| ls | ||||
| cd /home | ||||
| ls | ||||
| cd dokuw/ | ||||
| ls | ||||
| cd  rolesweb/tasks/ | ||||
| ansible-playbook -i hosts main.yml  | ||||
| nano main.yml  | ||||
| ansible-playbook -i hosts main.yml  | ||||
| cd | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano web.yml  | ||||
| cd | ||||
| cd /home/ | ||||
| ls | ||||
| cd dokuw/rolesweb/tasks/ | ||||
| nano main.yml  | ||||
| ansible-playbook -i hosts main.yml  | ||||
| cd | ||||
| ls | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano web.yml  | ||||
| cd | ||||
| cd /home/dokuw/rolesweb/tasks/ | ||||
| ls | ||||
| nano main.yml  | ||||
| ansible-playbook -i hosts main.yml  | ||||
| cd | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano web.yml  | ||||
| ansible-playbook -i hosts web.yml  | ||||
| nano web.yml  | ||||
| cd /home/dokuw/rolesweb/tasks/ | ||||
| nano main.yml  | ||||
| ansible-playbook -i hosts web.yml  | ||||
| ansible-playbook -i hosts main.yml  | ||||
| nano main.yml  | ||||
| ansible-playbook -i hosts main.yml  | ||||
| cd .. | ||||
| cd .. | ||||
| cd rolesdoku/ | ||||
| ls | ||||
| cd tasks | ||||
| ls | ||||
| nano main.yml  | ||||
| ansible-playbook -i hosts main.yml | ||||
| nano main.yml  | ||||
| cd /home/dokuw/rolesweb/tasks | ||||
| nano main.yml  | ||||
| cd /home/dokuw/rolesdoku/tasks | ||||
| nano main.yml  | ||||
| cd /home/dokuw/rolesweb/tasks | ||||
| nano main.yml | ||||
| ansible-playbook -i hosts main.yml | ||||
|  | ||||
| nano ~/.ssh/config  | ||||
| cd | ||||
| ls | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano hosts  | ||||
| cd | ||||
| cd tmp | ||||
| cd tmp/ | ||||
| ls | ||||
| cd /etc/tmp | ||||
| cd | ||||
| cd /home/dokuw/rolesweb/tasks | ||||
| nano main.yml  | ||||
| ansible-playbook -i hosts main.yml | ||||
| cd | ||||
| cd tpansible/ | ||||
| nano hosts  | ||||
| echo doku > h-doku | ||||
| ssh doku | ||||
| ssh doku | ||||
| echo doku > h-doku | ||||
| cd | ||||
| ls | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano h-doku | ||||
| ls | ||||
| cd | ||||
| cd /home | ||||
| ls | ||||
| cd dokuw/ | ||||
| ls | ||||
| cd rolesweb/ | ||||
| cd tasks | ||||
| nano main.yml | ||||
| ansible-playbook hosts main.yml  | ||||
| ansible-playbook -i hosts main.yml  | ||||
| nano main.yml  | ||||
| cd | ||||
| cd /home/ | ||||
| ls | ||||
| nano dokuw/ | ||||
| cd dokuw/rolesweb/ | ||||
| cd tasks | ||||
| ls | ||||
| nano main.yml  | ||||
| cd /home/dokuw/rolesdoku/tasks | ||||
| nano main.yml  | ||||
| cd | ||||
| poweroff | ||||
| ssh-keygen | ||||
| nano /etc/ssh/sshd_config | ||||
| echo "PermitRootLogin yes" >>  /etc/ssh/sshd_config | ||||
| systemctl restart ssh | ||||
| ip a | ||||
| ssh-copy-id root@192.168.0.38 | ||||
| ls | ||||
| cd tp | ||||
| cd tpansible/ | ||||
| ls | ||||
| rm playb-ds.yml  | ||||
| nano user.yml | ||||
| rm user.yml  | ||||
| nano utilisateur.yml | ||||
| nano utilisateur.yml  | ||||
| nano .ssh/config  | ||||
| ssh-copy-id srv | ||||
| nano .ssh/config  | ||||
| ls | ||||
| cd tpansible/ | ||||
| ls | ||||
| cd | ||||
| mkdir ds_ansible | ||||
| apt install gitea | ||||
| apt install git | ||||
| ls | ||||
| rm -r ds_ansible/ | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano hosts | ||||
| ls | ||||
| nano h-doku  | ||||
| ls | ||||
| nano syslog-cli.yml  | ||||
| nano playb-ds.yml | ||||
| ls | ||||
| nano hosts | ||||
| ip a | ||||
| ls | ||||
| nano user.yml  | ||||
| cd | ||||
| nano /etc/resolv.conf  | ||||
| ls | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano user.yml  | ||||
| ls | ||||
| ip a | ||||
| ansible-playbook -i hosts utilisateur.yml  | ||||
|  -vvv | ||||
| ansible-playbook -i hosts utilisateur.yml -vvv | ||||
| nano /etc/ssh/sshd_config | ||||
| ls | ||||
| nano utilisateur.yml  | ||||
| nano resolv.conf | ||||
| ansible-playbook -i hosts utilisateur.yml  | ||||
| nano /etc/ssh/sshd_config | ||||
| ansible-playbook -i hosts utilisateur.yml  | ||||
| |more | ||||
| nano /etc/ssh/sshd_config | ||||
| nano /etc/ssh/sshd_config | ||||
| ansible-playbook -i hosts utilisateur.yml  | ||||
| cd | ||||
| nano /etc/ssh/sshd_config | ||||
| ansible all -i hosts -m ping | ||||
| nano .ssh/config  | ||||
| nano tpansible/hosts  | ||||
| ssh-copy-id srv | ||||
| ssh infra uptime | ||||
| ssh srv | ||||
| reboot | ||||
| nano .ssh/config  | ||||
| nano /etc/resolv.conf  | ||||
| ls | ||||
| cd tpansible/ | ||||
| ls | ||||
| mkdir old | ||||
| mv index.html h-doku syslog-cli.yml syslog.yml web.yml old/ | ||||
| ls | ||||
| nano resolv.conf  | ||||
| ansible-playbook -i hosts utilisateur.yml  | ||||
| nano utilisateur.yml  | ||||
| ansible-playbook -i hosts utilisateur.yml  | ||||
| ls | ||||
| mv resolv.conf /root | ||||
| ls | ||||
| cd | ||||
| ls | ||||
| cd tpansible/ | ||||
| nano utilisateur.yml  | ||||
| ansible-playbook -i hosts utilisateur.yml  | ||||
| cd | ||||
| mv resolv.conf tpansible/ | ||||
| ls | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano utilisateur.yml  | ||||
| nano utilisateur.yml  | ||||
| rm /etc/resolv.conf  | ||||
| ansible-playbook  -i hosts utilisateur.yml  | ||||
| cd | ||||
| cd /etc/ | ||||
| resolv.conf | ||||
| nano resolv.conf | ||||
| cd | ||||
| apt install ansible ansible-lint | ||||
| apt update | ||||
| apt upgrade | ||||
| apt update | ||||
| apt install ansible ansible-lint | ||||
| apt-get update | ||||
| apt install ansible-lint | ||||
| apt install ansible-lint --fix-missing | ||||
| reboot | ||||
| apt install ansible-lint --fix-missing | ||||
| apt update | ||||
| apt upgrade | ||||
| ip a | ||||
| git clone https://gitea.lyc-lecastel.fr/ludovic.diemert/siotp.git | ||||
| ls | ||||
| cd siotp | ||||
| ls | ||||
| cd sio2/ | ||||
| ls | ||||
| mkdir ct-ansible | ||||
| cp /root/tpansible/utilisateur.yml . | ||||
| cp /root/tpansible/hosts . | ||||
| ls | ||||
| mv hosts utilisateur.yml ct-ansible/ | ||||
| ls | ||||
| cd ct-ansible/ | ||||
| ls | ||||
| git add utilisateur.yml  | ||||
| git add hosts  | ||||
| git commit | ||||
| git config --global user.email "ludovic.diemert@localhost.fr" | ||||
| git config --global user.name "ludovic diemert" | ||||
| git commit -am "ds ansible" | ||||
| git tag v1.1 | ||||
| git push --tag | ||||
| cd | ||||
| nano .bash_history  | ||||
| cd tpansible/ | ||||
| ls | ||||
| script cr-ansible.txt | ||||
| ansible-playbook utilisateur.yml | ||||
| ls | ||||
| nano cr-ansible.txt  | ||||
| cd | ||||
| ls | ||||
| cd siotp/ | ||||
| ls | ||||
| cd sio2/ | ||||
| ls | ||||
| cd ct-ansible/ | ||||
| ls | ||||
| cp /root/.bash_history . | ||||
| ls | ||||
| cd | ||||
| nano .bash_history  | ||||
| cp .bash_history /root/tpansible/ | ||||
| cd tpansible/ | ||||
| ls | ||||
| ansible-playbook utilisateur.yml | ||||
| ls | ||||
| nano utilisateur.yml  | ||||
| ls | ||||
| nano hosts  | ||||
| cd | ||||
| nano .ssh/config  | ||||
| reboot | ||||
| ansible-playbook cr-ansible.yml | ||||
| ansible-playbook utilisateur.yml  | ||||
							
								
								
									
										110
									
								
								sio2/ct-ansible/cr-ansible.txt
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										110
									
								
								sio2/ct-ansible/cr-ansible.txt
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,110 @@ | ||||
| Script démarré sur 2021-11-25 15:52:11+01:00 [TERM="linux" TTY="/dev/tty1" COLUMNS="100" LINES="37"] | ||||
| [?2004hroot@ansible:~/tpansible# ansible-playbook utilisateur.yml [2Pcr-ansible.yml | ||||
| [C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[Creboot[Knano .ssh/config cd[Knano hosts ls[Knano utilisateur.yml ls[Kansible-playbook utilisateur.yml | ||||
| [C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[C[Cls[Kansible-playbook utilisateur.yml-utilisateur.ymliutilisateur.yml utilisateur.yml[1Putilisateur.yml[1Putilisateur.yml[1Putilisateur.yml-utilisateur.ymliutilisateur.yml utilisateur.yml | ||||
| [?2004l | ||||
| usage: ansible-playbook [-h] [--version] [-v] [-k] [--private-key PRIVATE_KEY_FILE] | ||||
|                         [-u REMOTE_USER] [-c CONNECTION] [-T TIMEOUT] | ||||
|                         [--ssh-common-args SSH_COMMON_ARGS] [--sftp-extra-args SFTP_EXTRA_ARGS] | ||||
|                         [--scp-extra-args SCP_EXTRA_ARGS] [--ssh-extra-args SSH_EXTRA_ARGS] | ||||
|                         [--force-handlers] [--flush-cache] [-b] [--become-method BECOME_METHOD] | ||||
|                         [--become-user BECOME_USER] [-K] [-t TAGS] [--skip-tags SKIP_TAGS] [-C] | ||||
|                         [--syntax-check] [-D] [-i INVENTORY] [--list-hosts] [-l SUBSET] | ||||
|                         [-e EXTRA_VARS] [--vault-id VAULT_IDS] | ||||
|                         [--ask-vault-password | --vault-password-file VAULT_PASSWORD_FILES] | ||||
|                         [-f FORKS] [-M MODULE_PATH] [--list-tasks] [--list-tags] [--step] | ||||
|                         [--start-at-task START_AT_TASK] | ||||
|                         playbook [playbook ...] | ||||
| ansible-playbook: error: the following arguments are required: playbook | ||||
|   | ||||
| usage: ansible-playbook [-h] [--version] [-v] [-k] [--private-key PRIVATE_KEY_FILE] | ||||
|                         [-u REMOTE_USER] [-c CONNECTION] [-T TIMEOUT] | ||||
|                         [--ssh-common-args SSH_COMMON_ARGS] [--sftp-extra-args SFTP_EXTRA_ARGS] | ||||
|                         [--scp-extra-args SCP_EXTRA_ARGS] [--ssh-extra-args SSH_EXTRA_ARGS] | ||||
|                         [--force-handlers] [--flush-cache] [-b] [--become-method BECOME_METHOD] | ||||
|                         [--become-user BECOME_USER] [-K] [-t TAGS] [--skip-tags SKIP_TAGS] [-C] | ||||
|                         [--syntax-check] [-D] [-i INVENTORY] [--list-hosts] [-l SUBSET] | ||||
|                         [-e EXTRA_VARS] [--vault-id VAULT_IDS] | ||||
|                         [--ask-vault-password | --vault-password-file VAULT_PASSWORD_FILES] | ||||
|                         [-f FORKS] [-M MODULE_PATH] [--list-tasks] [--list-tags] [--step] | ||||
|                         [--start-at-task START_AT_TASK] | ||||
|                         playbook [playbook ...] | ||||
|  | ||||
| Runs Ansible playbooks, executing the defined tasks on the targeted hosts. | ||||
|  | ||||
| positional arguments: | ||||
|   playbook              Playbook(s) | ||||
|  | ||||
| optional arguments: | ||||
|   --ask-vault-password, --ask-vault-pass | ||||
|                         ask for vault password | ||||
|   --flush-cache         clear the fact cache for every host in inventory | ||||
|   --force-handlers      run handlers even if a task fails | ||||
|   --list-hosts          outputs a list of matching hosts; does not execute anything else | ||||
|   --list-tags           list all available tags | ||||
|   --list-tasks          list all tasks that would be executed | ||||
|   --skip-tags SKIP_TAGS | ||||
|                         only run plays and tasks whose tags do not match these values | ||||
|   --start-at-task START_AT_TASK | ||||
|                         start the playbook at the task matching this name | ||||
|   --step                one-step-at-a-time: confirm each task before running | ||||
|   --syntax-check        perform a syntax check on the playbook, but do not execute it | ||||
|   --vault-id VAULT_IDS  the vault identity to use | ||||
|   --vault-password-file VAULT_PASSWORD_FILES, --vault-pass-file VAULT_PASSWORD_FILES | ||||
|                         vault password file | ||||
|   --version             show program's version number, config file location, configured module | ||||
|                         search path, module location, executable location and exit | ||||
|   -C, --check           don't make any changes; instead, try to predict some of the changes that | ||||
|                         may occur | ||||
|   -D, --diff            when changing (small) files and templates, show the differences in those | ||||
|                         files; works great with --check | ||||
|   -M MODULE_PATH, --module-path MODULE_PATH | ||||
|                         prepend colon-separated path(s) to module library | ||||
|                         (default=~/.ansible/plugins/modules:/usr/share/ansible/plugins/modules) | ||||
|   -e EXTRA_VARS, --extra-vars EXTRA_VARS | ||||
|                         set additional variables as key=value or YAML/JSON, if filename prepend | ||||
|                         with @ | ||||
|   -f FORKS, --forks FORKS | ||||
|                         specify number of parallel processes to use (default=5) | ||||
|   -h, --help            show this help message and exit | ||||
|   -i INVENTORY, --inventory INVENTORY, --inventory-file INVENTORY | ||||
|                         specify inventory host path or comma separated host list. --inventory-file | ||||
|                         is deprecated | ||||
|   -l SUBSET, --limit SUBSET | ||||
|                         further limit selected hosts to an additional pattern | ||||
|   -t TAGS, --tags TAGS  only run plays and tasks tagged with these values | ||||
|   -v, --verbose         verbose mode (-vvv for more, -vvvv to enable connection debugging) | ||||
|  | ||||
| Connection Options: | ||||
|   control as whom and how to connect to hosts | ||||
|  | ||||
|   --private-key PRIVATE_KEY_FILE, --key-file PRIVATE_KEY_FILE | ||||
|                         use this file to authenticate the connection | ||||
|   --scp-extra-args SCP_EXTRA_ARGS | ||||
|                         specify extra arguments to pass to scp only (e.g. -l) | ||||
|   --sftp-extra-args SFTP_EXTRA_ARGS | ||||
|                         specify extra arguments to pass to sftp only (e.g. -f, -l) | ||||
|   --ssh-common-args SSH_COMMON_ARGS | ||||
|                         specify common arguments to pass to sftp/scp/ssh (e.g. ProxyCommand) | ||||
|   --ssh-extra-args SSH_EXTRA_ARGS | ||||
|                         specify extra arguments to pass to ssh only (e.g. -R) | ||||
|   -T TIMEOUT, --timeout TIMEOUT | ||||
|                         override the connection timeout in seconds (default=10) | ||||
|   -c CONNECTION, --connection CONNECTION | ||||
|                         connection type to use (default=smart) | ||||
|   -k, --ask-pass        ask for connection password | ||||
|   -u REMOTE_USER, --user REMOTE_USER | ||||
|                         connect as this user (default=None) | ||||
|  | ||||
| Privilege Escalation Options: | ||||
|   control how and which user you become as on target hosts | ||||
|  | ||||
|   --become-method BECOME_METHOD | ||||
|                         privilege escalation method to use (default=sudo), use `ansible-doc -t | ||||
|                         become -l` to list valid choices. | ||||
|   --become-user BECOME_USER | ||||
|                         run operations as this user (default=root) | ||||
|   -K, --ask-become-pass | ||||
|                         ask for privilege escalation password | ||||
|   -b, --become          run operations with become (does not imply password prompting) | ||||
|  [?2004hroot@ansible:~/tpansible# ls | ||||
							
								
								
									
										4
									
								
								sio2/ct-ansible/hosts
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								sio2/ct-ansible/hosts
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,4 @@ | ||||
| [user] | ||||
| srv | ||||
|  | ||||
|  | ||||
							
								
								
									
										4
									
								
								sio2/ct-ansible/resolv.conf
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								sio2/ct-ansible/resolv.conf
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,4 @@ | ||||
| search sio.lan | ||||
| domain sio.lan | ||||
| nameserver 10.121.38.7 | ||||
| nameserver 10.121.38.8 | ||||
							
								
								
									
										125
									
								
								sio2/ct-ansible/sshd_config
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										125
									
								
								sio2/ct-ansible/sshd_config
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,125 @@ | ||||
| #	$OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ | ||||
|  | ||||
| # This is the sshd server system-wide configuration file.  See | ||||
| # sshd_config(5) for more information. | ||||
|  | ||||
| # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin | ||||
|  | ||||
| # The strategy used for options in the default sshd_config shipped with | ||||
| # OpenSSH is to specify options with their default value where | ||||
| # possible, but leave them commented.  Uncommented options override the | ||||
| # default value. | ||||
|  | ||||
| Include /etc/ssh/sshd_config.d/*.conf | ||||
|  | ||||
| #Port 22 | ||||
| #AddressFamily any | ||||
| #ListenAddress 0.0.0.0 | ||||
| #ListenAddress :: | ||||
|  | ||||
| #HostKey /etc/ssh/ssh_host_rsa_key | ||||
| #HostKey /etc/ssh/ssh_host_ecdsa_key | ||||
| #HostKey /etc/ssh/ssh_host_ed25519_key | ||||
|  | ||||
| # Ciphers and keying | ||||
| #RekeyLimit default none | ||||
|  | ||||
| # Logging | ||||
| #SyslogFacility AUTH | ||||
| #LogLevel INFO | ||||
|  | ||||
| # Authentication: | ||||
|  | ||||
| #LoginGraceTime 2m | ||||
| #PermitRootLogin prohibit-password | ||||
| #StrictModes yes | ||||
| #MaxAuthTries 6 | ||||
| #MaxSessions 10 | ||||
|  | ||||
| #PubkeyAuthentication yes | ||||
|  | ||||
| # Expect .ssh/authorized_keys2 to be disregarded by default in future. | ||||
| #AuthorizedKeysFile	.ssh/authorized_keys .ssh/authorized_keys2 | ||||
|  | ||||
| #AuthorizedPrincipalsFile none | ||||
|  | ||||
| #AuthorizedKeysCommand none | ||||
| #AuthorizedKeysCommandUser nobody | ||||
|  | ||||
| # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts | ||||
| #HostbasedAuthentication no | ||||
| # Change to yes if you don't trust ~/.ssh/known_hosts for | ||||
| # HostbasedAuthentication | ||||
| #IgnoreUserKnownHosts no | ||||
| # Don't read the user's ~/.rhosts and ~/.shosts files | ||||
| #IgnoreRhosts yes | ||||
|  | ||||
| # To disable tunneled clear text passwords, change to no here! | ||||
| #PasswordAuthentication yes | ||||
| #PermitEmptyPasswords no | ||||
|  | ||||
| # Change to yes to enable challenge-response passwords (beware issues with | ||||
| # some PAM modules and threads) | ||||
| ChallengeResponseAuthentication no | ||||
|  | ||||
| # Kerberos options | ||||
| #KerberosAuthentication no | ||||
| #KerberosOrLocalPasswd yes | ||||
| #KerberosTicketCleanup yes | ||||
| #KerberosGetAFSToken no | ||||
|  | ||||
| # GSSAPI options | ||||
| #GSSAPIAuthentication no | ||||
| #GSSAPICleanupCredentials yes | ||||
| #GSSAPIStrictAcceptorCheck yes | ||||
| #GSSAPIKeyExchange no | ||||
|  | ||||
| # Set this to 'yes' to enable PAM authentication, account processing, | ||||
| # and session processing. If this is enabled, PAM authentication will | ||||
| # be allowed through the ChallengeResponseAuthentication and | ||||
| # PasswordAuthentication.  Depending on your PAM configuration, | ||||
| # PAM authentication via ChallengeResponseAuthentication may bypass | ||||
| # the setting of "PermitRootLogin without-password". | ||||
| # If you just want the PAM account and session checks to run without | ||||
| # PAM authentication, then enable this but set PasswordAuthentication | ||||
| # and ChallengeResponseAuthentication to 'no'. | ||||
| UsePAM yes | ||||
|  | ||||
| #AllowAgentForwarding yes | ||||
| #AllowTcpForwarding yes | ||||
| #GatewayPorts no | ||||
| X11Forwarding yes | ||||
| #X11DisplayOffset 10 | ||||
| #X11UseLocalhost yes | ||||
| #PermitTTY yes | ||||
| PrintMotd no | ||||
| #PrintLastLog yes | ||||
| #TCPKeepAlive yes | ||||
| #PermitUserEnvironment no | ||||
| #Compression delayed | ||||
| #ClientAliveInterval 0 | ||||
| #ClientAliveCountMax 3 | ||||
| #UseDNS no | ||||
| #PidFile /var/run/sshd.pid | ||||
| #MaxStartups 10:30:100 | ||||
| #PermitTunnel no | ||||
| #ChrootDirectory none | ||||
| #VersionAddendum none | ||||
|  | ||||
| # no default banner path | ||||
| #Banner none | ||||
|  | ||||
| # Allow client to pass locale environment variables | ||||
| AcceptEnv LANG LC_* | ||||
|  | ||||
| # override default of no subsystems | ||||
| Subsystem	sftp	/usr/lib/openssh/sftp-server | ||||
|  | ||||
| # Example of overriding settings on a per-user basis | ||||
| #Match User anoncvs | ||||
| #	X11Forwarding no | ||||
| #	AllowTcpForwarding no | ||||
| #	PermitTTY no | ||||
| #	ForceCommand cvs server | ||||
| PermitRootLogin yes | ||||
| PermitRootLogin prohibit-password | ||||
							
								
								
									
										36
									
								
								sio2/ct-ansible/utilisateur.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										36
									
								
								sio2/ct-ansible/utilisateur.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,36 @@ | ||||
| --- | ||||
| - hosts: srv | ||||
|   vars: | ||||
|     password: Azerty1+ | ||||
|   tasks: | ||||
|  | ||||
|     - name: creation de l'utilisateur sioadm | ||||
|       user: | ||||
|         name: sioadm | ||||
|         state: present | ||||
|         generate_ssh_key: yes | ||||
|         uid: 1200 | ||||
|         groups: sudo | ||||
|         append: yes | ||||
|         password: "{{ 'Azerty1+' | password_hash('sha512') }}" | ||||
|        | ||||
|     - name: desinstallation du paquet wpasupplicant | ||||
|       apt: | ||||
|          name: wpasupplicant | ||||
|          state: absent | ||||
|  | ||||
|     - name: desinstallation du paquet rpcbind | ||||
|       apt: | ||||
|          name: rpcbind | ||||
|          state: absent | ||||
|  | ||||
|     - name: copie du fichier /etc/resolv.conf | ||||
|       copy: | ||||
|         src: resolv.conf | ||||
|         dest: /etc/resolv.conf | ||||
|  | ||||
|     - name: ajout de la ligne PermitRootLogin prohibit-password dans /etc/ssh/sshd_config | ||||
|       lineinfile: | ||||
|         path: /etc/ssh/sshd_config | ||||
|         line: 'PermitRootLogin prohibit-password' | ||||
|         create: yes | ||||
							
								
								
									
										50
									
								
								sio2/cyber/05-nagios/apache2.conf
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										50
									
								
								sio2/cyber/05-nagios/apache2.conf
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,50 @@ | ||||
| # apache configuration for nagios 4.x | ||||
|  | ||||
| ScriptAlias /cgi-bin/nagios4 /usr/lib/cgi-bin/nagios4 | ||||
| ScriptAlias /nagios4/cgi-bin /usr/lib/cgi-bin/nagios4 | ||||
|  | ||||
| # Where the stylesheets (config files) reside | ||||
| Alias /nagios4/stylesheets /etc/nagios4/stylesheets | ||||
|  | ||||
| # Where the HTML pages live | ||||
| Alias /nagios4 /usr/share/nagios4/htdocs | ||||
|  | ||||
| <DirectoryMatch (/usr/share/nagios4/htdocs|/usr/lib/cgi-bin/nagios4|/etc/nagios4/stylesheets)> | ||||
|     Options FollowSymLinks | ||||
|     DirectoryIndex index.php index.html | ||||
|     AllowOverride AuthConfig | ||||
|     # | ||||
|     # The default Debian nagios4 install sets use_authentication=0 in | ||||
|     # /etc/nagios4/cgi.cfg, which turns off nagos's internal authentication. | ||||
|     # This is insecure.  As a compromise this default apache2 configuration | ||||
|     # only allows private IP addresses access. | ||||
|     # | ||||
|     # The <Files>...</Files> below shows how you can secure the nagios4 | ||||
|     # web site so anybody can view it, but only authenticated users can issue | ||||
|     # commands (such as silence notifications).  To do that replace the | ||||
|     # "Require all granted" with "Require valid-user", and use htdigest | ||||
|     # program from the apache2-utils package to add users to | ||||
|     # /etc/nagios4/htdigest.users. | ||||
|     # | ||||
|     # A step up is to insist all users validate themselves by moving | ||||
|     # the stanza's in the <Files>..<Files> into the <DirectoryMatch>. | ||||
|     # Then by setting use_authentication=1 in /etc/nagios4/cgi.cfg you | ||||
|     # can configure which people get to see a particular service from | ||||
|     # within the nagios configuration. | ||||
|     #  | ||||
|     Require ip	::1/128 fc00::/7 fe80::/10 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 172.16.0.0/12 192.168.0.0/16 | ||||
|     <Files "cmd.cgi"> | ||||
| 	AuthDigestDomain "Nagios4" | ||||
| 	AuthDigestProvider file | ||||
| 	AuthUserFile	"/etc/nagios4/htdigest.users" | ||||
| 	AuthGroupFile	"/etc/group" | ||||
| 	AuthName	"Nagios4" | ||||
| 	AuthType	Digest | ||||
| 	Require all	granted | ||||
| 	#Require	valid-user | ||||
|     </Files> | ||||
| </DirectoryMatch> | ||||
|  | ||||
| <Directory /usr/share/nagios4/htdocs> | ||||
|     Options	+ExecCGI	 | ||||
| </Directory> | ||||
							
								
								
									
										422
									
								
								sio2/cyber/05-nagios/cgi.cfg
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										422
									
								
								sio2/cyber/05-nagios/cgi.cfg
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,422 @@ | ||||
| ################################################################# | ||||
| # | ||||
| # CGI.CFG - Sample CGI Configuration File for Nagios 4.4.6 | ||||
| # | ||||
| # | ||||
| ################################################################# | ||||
|  | ||||
|  | ||||
| # MAIN CONFIGURATION FILE | ||||
| # This tells the CGIs where to find your main configuration file. | ||||
| # The CGIs will read the main and host config files for any other | ||||
| # data they might need. | ||||
|  | ||||
| main_config_file=/etc/nagios4/nagios.cfg | ||||
|  | ||||
|  | ||||
|  | ||||
| # PHYSICAL HTML PATH | ||||
| # This is the path where the HTML files for Nagios reside.  This | ||||
| # value is used to locate the logo images needed by the statusmap | ||||
| # and statuswrl CGIs. | ||||
|  | ||||
| physical_html_path=/usr/share/nagios4/htdocs | ||||
|  | ||||
|  | ||||
|  | ||||
| # URL HTML PATH | ||||
| # This is the path portion of the URL that corresponds to the | ||||
| # physical location of the Nagios HTML files (as defined above). | ||||
| # This value is used by the CGIs to locate the online documentation | ||||
| # and graphics.  If you access the Nagios pages with an URL like | ||||
| # http://www.myhost.com/nagios, this value should be '/nagios' | ||||
| # (without the quotes). | ||||
|  | ||||
| url_html_path=/nagios4 | ||||
|  | ||||
|  | ||||
|  | ||||
| # CONTEXT-SENSITIVE HELP | ||||
| # This option determines whether or not a context-sensitive | ||||
| # help icon will be displayed for most of the CGIs. | ||||
| # Values: 0 = disables context-sensitive help | ||||
| #         1 = enables context-sensitive help | ||||
|  | ||||
| show_context_help=0 | ||||
|  | ||||
|  | ||||
|  | ||||
| # PENDING STATES OPTION | ||||
| # This option determines what states should be displayed in the web | ||||
| # interface for hosts/services that have not yet been checked. | ||||
| # Values: 0 = leave hosts/services that have not been check yet in their original state | ||||
| #         1 = mark hosts/services that have not been checked yet as PENDING | ||||
|  | ||||
| use_pending_states=1 | ||||
|  | ||||
|  | ||||
|  | ||||
| # AUTHENTICATION USAGE | ||||
| # This option controls whether or not the CGIs will use any | ||||
| # authentication when displaying host and service information, as | ||||
| # well as committing commands to Nagios for processing. | ||||
| # | ||||
| # Read the HTML documentation to learn how the authorization works! | ||||
| # | ||||
| # NOTE: It is a really *bad* idea to disable authorization, unless | ||||
| # you plan on removing the command CGI (cmd.cgi)!  Failure to do | ||||
| # so will leave you wide open to kiddies messing with Nagios and | ||||
| # possibly hitting you with a denial of service attack by filling up | ||||
| # your drive by continuously writing to your command file! | ||||
| # | ||||
| # Setting this value to 0 will cause the CGIs to *not* use | ||||
| # authentication (bad idea), while any other value will make them | ||||
| # use the authentication functions (the default). | ||||
|  | ||||
| use_authentication=0 | ||||
|  | ||||
|  | ||||
|  | ||||
| # x509 CERT AUTHENTICATION | ||||
| # When enabled, this option allows you to use x509 cert (SSL) | ||||
| # authentication in the CGIs.  This is an advanced option and should | ||||
| # not be enabled unless you know what you're doing. | ||||
|  | ||||
| use_ssl_authentication=0 | ||||
|  | ||||
|  | ||||
|  | ||||
| # DEFAULT USER | ||||
| # Setting this variable will define a default user name that can | ||||
| # access pages without authentication.  This allows people within a | ||||
| # secure domain (i.e., behind a firewall) to see the current status | ||||
| # without authenticating.  You may want to use this to avoid basic | ||||
| # authentication if you are not using a secure server since basic | ||||
| # authentication transmits passwords in the clear. | ||||
| # | ||||
| # Important:  Do not define a default username unless you are | ||||
| # running a secure web server and are sure that everyone who has | ||||
| # access to the CGIs has been authenticated in some manner!  If you | ||||
| # define this variable, anyone who has not authenticated to the web | ||||
| # server will inherit all rights you assign to this user! | ||||
|  | ||||
| #default_user_name=guest | ||||
|  | ||||
|  | ||||
|  | ||||
| # SYSTEM/PROCESS INFORMATION ACCESS | ||||
| # This option is a comma-delimited list of all usernames that | ||||
| # have access to viewing the Nagios process information as | ||||
| # provided by the Extended Information CGI (extinfo.cgi).  By | ||||
| # default, *no one* has access to this unless you choose to | ||||
| # not use authorization.  You may use an asterisk (*) to | ||||
| # authorize any user who has authenticated to the web server. | ||||
|  | ||||
| authorized_for_system_information=nagiosadmin | ||||
|  | ||||
|  | ||||
|  | ||||
| # CONFIGURATION INFORMATION ACCESS | ||||
| # This option is a comma-delimited list of all usernames that | ||||
| # can view ALL configuration information (hosts, commands, etc). | ||||
| # By default, users can only view configuration information | ||||
| # for the hosts and services they are contacts for. You may use | ||||
| # an asterisk (*) to authorize any user who has authenticated | ||||
| # to the web server. | ||||
|  | ||||
| authorized_for_configuration_information=nagiosadmin | ||||
|  | ||||
|  | ||||
|  | ||||
| # SYSTEM/PROCESS COMMAND ACCESS | ||||
| # This option is a comma-delimited list of all usernames that | ||||
| # can issue shutdown and restart commands to Nagios via the | ||||
| # command CGI (cmd.cgi).  Users in this list can also change | ||||
| # the program mode to active or standby. By default, *no one* | ||||
| # has access to this unless you choose to not use authorization. | ||||
| # You may use an asterisk (*) to authorize any user who has | ||||
| # authenticated to the web server. | ||||
|  | ||||
| authorized_for_system_commands=nagiosadmin | ||||
|  | ||||
|  | ||||
|  | ||||
| # GLOBAL HOST/SERVICE VIEW ACCESS | ||||
| # These two options are comma-delimited lists of all usernames that | ||||
| # can view information for all hosts and services that are being | ||||
| # monitored.  By default, users can only view information | ||||
| # for hosts or services that they are contacts for (unless you | ||||
| # you choose to not use authorization). You may use an asterisk (*) | ||||
| # to authorize any user who has authenticated to the web server. | ||||
|  | ||||
| authorized_for_all_services=nagiosadmin | ||||
| authorized_for_all_hosts=nagiosadmin | ||||
|  | ||||
|  | ||||
|  | ||||
| # GLOBAL HOST/SERVICE COMMAND ACCESS | ||||
| # These two options are comma-delimited lists of all usernames that | ||||
| # can issue host or service related commands via the command | ||||
| # CGI (cmd.cgi) for all hosts and services that are being monitored. | ||||
| # By default, users can only issue commands for hosts or services | ||||
| # that they are contacts for (unless you you choose to not use | ||||
| # authorization).  You may use an asterisk (*) to authorize any | ||||
| # user who has authenticated to the web server. | ||||
|  | ||||
| authorized_for_all_service_commands=nagiosadmin | ||||
| authorized_for_all_host_commands=nagiosadmin | ||||
|  | ||||
|  | ||||
|  | ||||
| # READ-ONLY USERS | ||||
| # A comma-delimited list of usernames that have read-only rights in | ||||
| # the CGIs.  This will block any service or host commands normally shown | ||||
| # on the extinfo CGI pages.  It will also block comments from being shown | ||||
| # to read-only users. | ||||
|  | ||||
| #authorized_for_read_only=user1,user2 | ||||
|  | ||||
|  | ||||
|  | ||||
| # STATUSMAP BACKGROUND IMAGE | ||||
| # This option allows you to specify an image to be used as a | ||||
| # background in the statusmap CGI.  It is assumed that the image | ||||
| # resides in the HTML images path (i.e. /usr/local/nagios/share/images). | ||||
| # This path is automatically determined by appending "/images" | ||||
| # to the path specified by the 'physical_html_path' directive. | ||||
| # Note:  The image file may be in GIF, PNG, JPEG, or GD2 format. | ||||
| # However, I recommend that you convert your image to GD2 format | ||||
| # (uncompressed) but ONLY IF YOU WILL USE THE LEGACY MAP EXCLUSIVELY, | ||||
| # as this will cause less CPU load when the CGI generates the image. | ||||
|  | ||||
| #statusmap_background_image=smbackground.gd2 | ||||
|  | ||||
|  | ||||
|  | ||||
| # STATUSMAP TRANSPARENCY INDEX COLOR | ||||
| # These options set the r,g,b values of the background color used the statusmap CGI, | ||||
| # so normal browsers that can't show real png transparency set the desired color as | ||||
| # a background color instead (to make it look pretty). | ||||
| # Defaults to white: (R,G,B) = (255,255,255). | ||||
|  | ||||
| #color_transparency_index_r=255 | ||||
| #color_transparency_index_g=255 | ||||
| #color_transparency_index_b=255 | ||||
|  | ||||
|  | ||||
|  | ||||
| # DEFAULT STATUSMAP LAYOUT METHOD | ||||
| # This option allows you to specify the default layout method | ||||
| # the statusmap CGI should use for drawing hosts.  If you do | ||||
| # not use this option, the default for the legacy map is to use | ||||
| # user-defined coordinates and the default for the new map is "6" | ||||
| # (Circular Balloon). | ||||
| # Valid options for the legacy map are as follows: | ||||
| #	0 = User-defined coordinates | ||||
| #	1 = Depth layers | ||||
| #	2 = Collapsed tree | ||||
| #	3 = Balanced tree | ||||
| #	4 = Circular | ||||
| #	5 = Circular (Marked Up) | ||||
| # Valid options for the new map are as follows: | ||||
| #	0 = User-defined coordinates | ||||
| #	1 = Depth Layers (Horizontal) | ||||
| #	2 = Collapsed tree (Horizontal) | ||||
| #	3 = Balanced tree (Horizontal) | ||||
| #	4 = DON'T USE | ||||
| #	5 = Circular Markup | ||||
| #	6 = Circular Balloon | ||||
| #	7 = Balanced tree (Vertical) | ||||
| #	8 = Collapsed tree (Vertical) | ||||
| #	9 = Depth Layers (Vertical) | ||||
| #	10 = Force Map | ||||
|  | ||||
| #default_statusmap_layout=6 | ||||
|  | ||||
|  | ||||
|  | ||||
| # DEFAULT STATUSWRL LAYOUT METHOD | ||||
| # This option allows you to specify the default layout method | ||||
| # the statuswrl (VRML) CGI should use for drawing hosts.  If you | ||||
| # do not use this option, the default is to use user-defined | ||||
| # coordinates.  Valid options are as follows: | ||||
| #	0 = User-defined coordinates | ||||
| #       2 = Collapsed tree | ||||
| #       3 = Balanced tree | ||||
| #       4 = Circular | ||||
|  | ||||
| default_statuswrl_layout=4 | ||||
|  | ||||
|  | ||||
|  | ||||
| # STATUSWRL INCLUDE | ||||
| # This option allows you to include your own objects in the | ||||
| # generated VRML world.  It is assumed that the file | ||||
| # resides in the HTML path (i.e. /usr/local/nagios/share). | ||||
|  | ||||
| #statuswrl_include=myworld.wrl | ||||
|  | ||||
|  | ||||
|  | ||||
| # PING SYNTAX | ||||
| # This option determines what syntax should be used when | ||||
| # attempting to ping a host from the WAP interface (using | ||||
| # the statuswml CGI.  You must include the full path to | ||||
| # the ping binary, along with all required options.  The | ||||
| # $HOSTADDRESS$ macro is substituted with the address of | ||||
| # the host before the command is executed. | ||||
| # Please note that the syntax for the ping binary is | ||||
| # notorious for being different on virtually ever *NIX | ||||
| # OS and distribution, so you may have to tweak this to | ||||
| # work on your system. | ||||
|  | ||||
| ping_syntax=/bin/ping -n -U -c 5 $HOSTADDRESS$ | ||||
|  | ||||
|  | ||||
|  | ||||
| # REFRESH RATE | ||||
| # This option allows you to specify the refresh rate in seconds | ||||
| # of various CGIs (status, statusmap, extinfo, and outages). | ||||
|  | ||||
| refresh_rate=90 | ||||
|  | ||||
|  | ||||
|  | ||||
| # PAGE TOUR | ||||
| # Enable page tour for helpful tips and tricks on various pages | ||||
|  | ||||
| #enable_page_tour=1 | ||||
|  | ||||
|  | ||||
|  | ||||
| # DEFAULT PAGE LIMIT | ||||
| # This option allows you to specify the default number of results | ||||
| # displayed on the status.cgi.  This number can be adjusted from | ||||
| # within the UI after the initial page load. Setting this to 0 | ||||
| # will show all results. | ||||
|  | ||||
| result_limit=100 | ||||
|  | ||||
|  | ||||
|  | ||||
| # ESCAPE HTML TAGS | ||||
| # This option determines whether HTML tags in host and service | ||||
| # status output is escaped in the web interface.  If enabled, | ||||
| # your plugin output will not be able to contain clickable links. | ||||
|  | ||||
| escape_html_tags=1 | ||||
|  | ||||
|  | ||||
|  | ||||
| # SOUND OPTIONS | ||||
| # These options allow you to specify an optional audio file | ||||
| # that should be played in your browser window when there are | ||||
| # problems on the network.  The audio files are used only in | ||||
| # the status CGI.  Only the sound for the most critical problem | ||||
| # will be played.  Order of importance (higher to lower) is as | ||||
| # follows: unreachable hosts, down hosts, critical services, | ||||
| # warning services, and unknown services. If there are no | ||||
| # visible problems, the sound file optionally specified by | ||||
| # 'normal_sound' variable will be played. | ||||
| # | ||||
| # | ||||
| # <varname>=<sound_file> | ||||
| # | ||||
| # Note: All audio files must be placed in the /media subdirectory | ||||
| # under the HTML path (i.e. /usr/local/nagios/share/media/). | ||||
|  | ||||
| #host_unreachable_sound=hostdown.wav | ||||
| #host_down_sound=hostdown.wav | ||||
| #service_critical_sound=critical.wav | ||||
| #service_warning_sound=warning.wav | ||||
| #service_unknown_sound=warning.wav | ||||
| #normal_sound=noproblem.wav | ||||
|  | ||||
|  | ||||
|  | ||||
| # URL TARGET FRAMES | ||||
| # These options determine the target frames in which notes and | ||||
| # action URLs will open. | ||||
|  | ||||
| action_url_target=_blank | ||||
| notes_url_target=_blank | ||||
|  | ||||
|  | ||||
|  | ||||
| # LOCK AUTHOR NAMES OPTION | ||||
| # This option determines whether users can change the author name | ||||
| # when submitting comments, scheduling downtime.  If disabled, the | ||||
| # author names will be locked into their contact name, as defined in Nagios. | ||||
| # Values: 0 = allow editing author names | ||||
| #         1 = lock author names (disallow editing) | ||||
|  | ||||
| lock_author_names=1 | ||||
|  | ||||
|  | ||||
|  | ||||
| # SPLUNK INTEGRATION OPTIONS | ||||
| # These options allow you to enable integration with Splunk | ||||
| # in the web interface.  If enabled, you'll be presented with | ||||
| # "Splunk It" links in various places in the CGIs (log file, | ||||
| # alert history, host/service detail, etc).  Useful if you're | ||||
| # trying to research why a particular problem occurred. | ||||
| # For more information on Splunk, visit http://www.splunk.com/ | ||||
|  | ||||
| # This option determines whether the Splunk integration is enabled | ||||
| # Values: 0 = disable Splunk integration | ||||
| #         1 = enable Splunk integration | ||||
|  | ||||
| #enable_splunk_integration=1 | ||||
|  | ||||
| # This option should be the URL used to access your instance of Splunk | ||||
| #splunk_url=http://127.0.0.1:8000/ | ||||
|  | ||||
|  | ||||
|  | ||||
| # NAVIGATION BAR SEARCH OPTIONS | ||||
| # The following options allow to configure the navbar search. Default | ||||
| # is to search for hostnames. With enabled navbar_search_for_addresses, | ||||
| # the navbar search queries IP addresses as well. It's also possible | ||||
| # to enable search for aliases by setting navbar_search_for_aliases=1. | ||||
|  | ||||
| navbar_search_for_addresses=1 | ||||
| navbar_search_for_aliases=1 | ||||
|  | ||||
|  | ||||
|  | ||||
| # DEFAULTS FOR CHECKBOXES FOR ACKNOWLEDGEMENTS | ||||
| # Enabling ack_no_sticky will default the "Sticky Acknowledgement" to | ||||
| # be unchecked. | ||||
| # Enabling ack_no_send will default the "Send Notification" to | ||||
| # be unchecked. | ||||
|  | ||||
| #ack_no_sticky=0 | ||||
| #ack_no_send=0 | ||||
|  | ||||
|  | ||||
|  | ||||
| # SHOW ONLY HARD STATES IS TACTICAL OVERVIEW | ||||
| # This option controls whether only HARD states are counted on the | ||||
| # Tactical Overview, or if both HARD and SOFT states are counted. | ||||
| # Set to 1 to show only HARD states. Defaults to 0 (HARD+SOFT). | ||||
|  | ||||
| #tac_cgi_hard_only=0 | ||||
|  | ||||
|  | ||||
|  | ||||
| # COMMAND COMMENTS | ||||
| # These options control whether or not comments are required, optional, | ||||
| # or not allowed for specific commands. The format for each line is: | ||||
| #    cmd-name=req,def-comment | ||||
| # | ||||
| #    cmd-name     is "CMT_" plus a command such as ADD_HOST_COMMENT | ||||
| #    req          0 = not allowed, 1 = optional, 2 = required | ||||
| #    def-comment  optional default comment that will be put in the input field | ||||
| # | ||||
| # The following examples override the default comment requirements in | ||||
| # some way. | ||||
|  | ||||
| #CMT_ADD_HOST_COMMENT=1 | ||||
| #CMT_ACKNOWLEDGE_HOST_PROBLEM=2,"Problem is being looked into" | ||||
| #CMT_SCHEDULE_SVC_CHECK=1 | ||||
| #CMT_SCHEDULE_HOST_DOWNTIME=0 | ||||
							
								
								
									
										1390
									
								
								sio2/cyber/05-nagios/nagios.cfg
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										1390
									
								
								sio2/cyber/05-nagios/nagios.cfg
									
									
									
									
									
										Normal file
									
								
							
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							
							
								
								
									
										20
									
								
								sio2/cyber/05-nagios/srv.cfg
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										20
									
								
								sio2/cyber/05-nagios/srv.cfg
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,20 @@ | ||||
| define host { | ||||
| 	use linux-server | ||||
| 	host_name		srv | ||||
| 	alias			srv | ||||
| 	address			192.168.0.28 | ||||
| } | ||||
|  | ||||
| define service { | ||||
| 	use			generic-service | ||||
| 	host_name		srv | ||||
| 	service_description	WWW | ||||
| 	check_command		check_http | ||||
| } | ||||
|  | ||||
| define service { | ||||
| 	use			generic-service | ||||
| 	host_name		srv | ||||
| 	service_description	SSH | ||||
| 	check_command		check_ssh | ||||
| } | ||||
							
								
								
									
										11
									
								
								sio2/cyber/10-WireGuard/wg0.conf
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										11
									
								
								sio2/cyber/10-WireGuard/wg0.conf
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,11 @@ | ||||
| [Interface] | ||||
| PrivateKey = GIOgHwIs/0uNvwn/iAX5dP5PGjDY7+OpM/c50X6ry2k= | ||||
| Address = 10.0.2.2/32 | ||||
| #DNS = 192.168.1.254 | ||||
|  | ||||
| [Peer] | ||||
| PublicKey = COah6qTtwZo4h9GhtBHBhySOwmH4g78sI49NLGmze3M= | ||||
| #AllowedIPs = 10.0.0.0/8, 192.168.1.0/24 | ||||
| AllowedIPs = 0.0.0.0/0 | ||||
| Endpoint = 192.168.0.40:51820 | ||||
| PersistentKeepalive = 20 | ||||
							
								
								
									
										5
									
								
								sio2/sisr/05-lb/recup
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										5
									
								
								sio2/sisr/05-lb/recup
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,5 @@ | ||||
| #!/bin/bash | ||||
| while [ TRUE ] | ||||
| do | ||||
| curl -s http://192.168.0.150 -o /dev/null | ||||
| done | ||||
							
								
								
									
										109
									
								
								sio2/sisr/15-pxe/dhcpd.conf
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										109
									
								
								sio2/sisr/15-pxe/dhcpd.conf
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,109 @@ | ||||
| # dhcpd.conf | ||||
| # | ||||
| # Sample configuration file for ISC dhcpd | ||||
| # | ||||
|  | ||||
| # option definitions common to all supported networks... | ||||
| option domain-name "example.org"; | ||||
| option domain-name-servers ns1.example.org, ns2.example.org; | ||||
|  | ||||
| default-lease-time 600; | ||||
| max-lease-time 7200; | ||||
|  | ||||
| # The ddns-updates-style parameter controls whether or not the server will | ||||
| # attempt to do a DNS update when a lease is confirmed. We default to the | ||||
| # behavior of the version 2 packages ('none', since DHCP v2 didn't | ||||
| # have support for DDNS.) | ||||
| ddns-update-style none; | ||||
|  | ||||
| # If this DHCP server is the official DHCP server for the local | ||||
| # network, the authoritative directive should be uncommented. | ||||
| #authoritative; | ||||
|  | ||||
| # Use this to send dhcp log messages to a different log file (you also | ||||
| # have to hack syslog.conf to complete the redirection). | ||||
| #log-facility local7; | ||||
|  | ||||
| # No service will be given on this subnet, but declaring it helps the  | ||||
| # DHCP server to understand the network topology. | ||||
|  | ||||
| #subnet 10.152.187.0 netmask 255.255.255.0 { | ||||
| #} | ||||
|  | ||||
| # This is a very basic subnet declaration. | ||||
|  | ||||
| #subnet 10.254.239.0 netmask 255.255.255.224 { | ||||
| #  range 10.254.239.10 10.254.239.20; | ||||
| #  option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org; | ||||
| #} | ||||
|  | ||||
| # This declaration allows BOOTP clients to get dynamic addresses, | ||||
| # which we don't really recommend. | ||||
|  | ||||
| #subnet 192.168.1.1 netmask 255.255.255.0 { | ||||
| #  range dynamic-bootp 10.254.239.40 10.254.239.60; | ||||
| #  option broadcast-address 10.254.239.31; | ||||
| #  option routers rtr-239-32-1.example.org; | ||||
| #} | ||||
|  | ||||
| # A slightly different configuration for an internal subnet. | ||||
| subnet 192.168.1.0 netmask 255.255.255.0 { | ||||
|   range 192.168.1.20 192.168.1.40; | ||||
|   option domain-name-servers 192.168.0.1; | ||||
|   option routers 192.168.1.1; | ||||
|   option broadcast-address 192.168.1.255; | ||||
|   filename "pxelinux.0"; | ||||
|   next-server 192.168.1.1; | ||||
| } | ||||
| #  default-lease-time 600; | ||||
| #  max-lease-time 7200; | ||||
| #} | ||||
|  | ||||
| # Hosts which require special configuration options can be listed in | ||||
| # host statements.   If no address is specified, the address will be | ||||
| # allocated dynamically (if possible), but the host-specific information | ||||
| # will still come from the host declaration. | ||||
|  | ||||
| #host passacaglia { | ||||
| #  hardware ethernet 0:0:c0:5d:bd:95; | ||||
| #  filename "vmunix.passacaglia"; | ||||
| #  server-name "toccata.example.com"; | ||||
| #} | ||||
|  | ||||
| # Fixed IP addresses can also be specified for hosts.   These addresses | ||||
| # should not also be listed as being available for dynamic assignment. | ||||
| # Hosts for which fixed IP addresses have been specified can boot using | ||||
| # BOOTP or DHCP.   Hosts for which no fixed address is specified can only | ||||
| # be booted with DHCP, unless there is an address range on the subnet | ||||
| # to which a BOOTP client is connected which has the dynamic-bootp flag | ||||
| # set. | ||||
| #host fantasia { | ||||
| #  hardware ethernet 08:00:07:26:c0:a5; | ||||
| #  fixed-address fantasia.example.com; | ||||
| #} | ||||
|  | ||||
| # You can declare a class of clients and then do address allocation | ||||
| # based on that.   The example below shows a case where all clients | ||||
| # in a certain class get addresses on the 10.17.224/24 subnet, and all | ||||
| # other clients get addresses on the 10.0.29/24 subnet. | ||||
|  | ||||
| #class "foo" { | ||||
| #  match if substring (option vendor-class-identifier, 0, 4) = "SUNW"; | ||||
| #} | ||||
|  | ||||
| #shared-network 224-29 { | ||||
| #  subnet 10.17.224.0 netmask 255.255.255.0 { | ||||
| #    option routers rtr-224.example.org; | ||||
| #  } | ||||
| #  subnet 10.0.29.0 netmask 255.255.255.0 { | ||||
| #    option routers rtr-29.example.org; | ||||
| #  } | ||||
| #  pool { | ||||
| #    allow members of "foo"; | ||||
| #    range 10.17.224.10 10.17.224.250; | ||||
| #  } | ||||
| #  pool { | ||||
| #    deny members of "foo"; | ||||
| #    range 10.0.29.10 10.0.29.230; | ||||
| #  } | ||||
| #} | ||||
							
								
								
									
										17
									
								
								sio2/sisr/15-pxe/interfaces
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										17
									
								
								sio2/sisr/15-pxe/interfaces
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,17 @@ | ||||
| # This file describes the network interfaces available on your system | ||||
| # and how to activate them. For more information, see interfaces(5). | ||||
|  | ||||
| source /etc/network/interfaces.d/* | ||||
|  | ||||
| # The loopback network interface | ||||
| auto lo | ||||
| iface lo inet loopback | ||||
|  | ||||
| # The primary network interface | ||||
| allow-hotplug enp0s3 | ||||
| iface enp0s3 inet dhcp | ||||
|  | ||||
| allow-hotplug enp0s8 | ||||
| iface enp0s8 inet static | ||||
| 	address 192.168.1.1/24 | ||||
| 	up /root/nat.sh	 | ||||
							
								
								
									
										18
									
								
								sio2/sisr/15-pxe/isc-dhcp-server
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										18
									
								
								sio2/sisr/15-pxe/isc-dhcp-server
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,18 @@ | ||||
| # Defaults for isc-dhcp-server (sourced by /etc/init.d/isc-dhcp-server) | ||||
|  | ||||
| # Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf). | ||||
| DHCPDv4_CONF=/etc/dhcp/dhcpd.conf | ||||
| #DHCPDv6_CONF=/etc/dhcp/dhcpd6.conf | ||||
|  | ||||
| # Path to dhcpd's PID file (default: /var/run/dhcpd.pid). | ||||
| DHCPDv4_PID=/var/run/dhcpd.pid | ||||
| #DHCPDv6_PID=/var/run/dhcpd6.pid | ||||
|  | ||||
| # Additional options to start dhcpd with. | ||||
| #	Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead | ||||
| #OPTIONS="" | ||||
|  | ||||
| # On what interfaces should the DHCP server (dhcpd) serve DHCP requests? | ||||
| #	Separate multiple interfaces with spaces, e.g. "eth0 eth1". | ||||
| INTERFACESv4="enp0s8" | ||||
| INTERFACESv6="" | ||||
							
								
								
									
										3
									
								
								sio2/sisr/15-pxe/nat.sh
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										3
									
								
								sio2/sisr/15-pxe/nat.sh
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,3 @@ | ||||
| #!/bin/bash | ||||
| echo "1" > /proc/sys/net/ipv4/ip_forward | ||||
| iptables -t nat -A POSTROUTING -o enp0s3 -j MASQUERADE | ||||
							
								
								
									
										4
									
								
								sio2/sisr/20-python/Exercice1
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										4
									
								
								sio2/sisr/20-python/Exercice1
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,4 @@ | ||||
| #!/usr/bin/python3 | ||||
| rayon = input('donnez la valeur du rayon : ') | ||||
| perimetre = 2 * 3.141592 * int(rayon) | ||||
| print (perimetre, " cm ") | ||||
							
								
								
									
										18
									
								
								sio2/sisr/20-python/Exercice2
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										18
									
								
								sio2/sisr/20-python/Exercice2
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,18 @@ | ||||
| #!/usr/bin/python3 | ||||
| tableau = [] | ||||
| for i in range(3) | ||||
| 	entier = int(input('chiffre : ')) | ||||
| 	tableau.append(entier) | ||||
|  | ||||
| moy= sum(tableau)/len(tableau) | ||||
|  | ||||
| def maximum(tableau): | ||||
| 	vmax = tableau[0] | ||||
|  | ||||
|  | ||||
|  | ||||
|  | ||||
| def minimum(tableau): | ||||
| 	vmax = tableau[0] | ||||
|  | ||||
|  | ||||
							
								
								
									
										13
									
								
								sio2/sisr/20-python/Exercice3
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										13
									
								
								sio2/sisr/20-python/Exercice3
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,13 @@ | ||||
| #!/usr/bin/python3 | ||||
| phrase = input ("Phrase : ") | ||||
| tabmot = phrase.split(' ') | ||||
| cptmot = {} | ||||
| for mot in tabmot : | ||||
| 	if mot in tabmot: | ||||
| 		cptmot [mot]=cptmot[mot] +1 | ||||
| 	else: | ||||
| 		cptmot[mot]=1 | ||||
| for key in cptmot.keys(): | ||||
| 	print (key, " ",cptmot[key]) | ||||
|  | ||||
|  | ||||
							
								
								
									
										13
									
								
								sio2/sisr/20-python/cptmot.py
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										13
									
								
								sio2/sisr/20-python/cptmot.py
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,13 @@ | ||||
| #!/usr/bin/python3 | ||||
| phrase = input('Phrase : ') | ||||
| tabmot = phrase.split(' ') | ||||
| cptmot = {} | ||||
|  | ||||
| for mot in tabmot :  | ||||
|     if mot in cptmot : | ||||
|         cptmot[mot] = cptmot[mot] + 1 | ||||
|     else : | ||||
|         cptmot[mot] = 1 | ||||
|  | ||||
| for key in cptmot.keys() : | ||||
|     print (key, " ", cptmot[key]) | ||||
							
								
								
									
										26
									
								
								sio2/sisr/20-python/creatusr.py
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										26
									
								
								sio2/sisr/20-python/creatusr.py
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,26 @@ | ||||
| #!/usr/bin/python3 | ||||
|  | ||||
| import sys | ||||
| nbarg = len(sys.arg) | ||||
|  | ||||
| if nbarg !=2 | ||||
| 	print ("Nombre d'arguments invalides") | ||||
| 	exit (1) | ||||
| filename = sys.arg[1] | ||||
|  | ||||
| try: | ||||
|     fh = open("user.txt", "r") | ||||
| except: | ||||
|     print ("Fichier user.txt inconnu") | ||||
| else: | ||||
|     line = fh.readline () | ||||
|     while line: | ||||
| 	nouvline = line.rstrip() | ||||
| 	login.nomlong = nouvline.split(':') | ||||
| 	print (nbarg) | ||||
| 	#useradd (login) | ||||
|         line = fh.readline() | ||||
|  | ||||
|     fh.close() | ||||
|  | ||||
|  | ||||
							
								
								
									
										10
									
								
								sio2/sisr/20-python/log.py
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										10
									
								
								sio2/sisr/20-python/log.py
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,10 @@ | ||||
| #!/bin/usr/python3 | ||||
| import re | ||||
| import  sys | ||||
| group = {} | ||||
| regexp = '^(\S+) (\S+) (\S+) \[([^]]+)\] "(\w+) (\S+).*" (\d+) (\S+)' | ||||
| for line in sys.stdin: | ||||
|     line = line.rstrip ( ) | ||||
|     match = re.match (regexp, line) | ||||
|     if match: | ||||
|         print (match.group(1)," ",match.group(8)) | ||||
							
								
								
									
										3
									
								
								sio2/sisr/20-python/user.txt
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								sio2/sisr/20-python/user.txt
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,3 @@ | ||||
| jdaniel      : Jack Daniel | ||||
| wpeel        : William Peel | ||||
| ngraphaneaud : Noe Graphaneaud | ||||
		Reference in New Issue
	
	Block a user