Compare commits
	
		
			5 Commits
		
	
	
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
|  | f35e953e33 | ||
|  | b922c7b009 | ||
|  | 8dde9a9e9f | ||
|  | 2c6ab59e82 | ||
|  | 7ecbfcd3e6 | 
							
								
								
									
										491
									
								
								sio2/ct-ansible/bash_history
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										491
									
								
								sio2/ct-ansible/bash_history
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,491 @@ | ||||
| apt install vim curl mc sudo  | ||||
| apt autoclean | ||||
| apt autoremove | ||||
| poweroff | ||||
| ip a | ||||
| ip l | ||||
| ip n | ||||
| ip r | ||||
| poweroff | ||||
| apt install ansible | ||||
| ssh-keygen | ||||
| cd /etc/ssh | ||||
| nano ~/.ssh  | ||||
| nano ~/.ssh/config  | ||||
| cd | ||||
| ssh-copy-id infra | ||||
| ssh-copy-id web1 | ||||
| ssh-copy-id web2 | ||||
| hostnamectl set-hostname ansible | ||||
| nano /etc/hosts | ||||
| reboot | ||||
| ssh infra uptime | ||||
| cd | ||||
| cd /home | ||||
| mkdir testansible | ||||
| cd testansible/ | ||||
| nano hosts | ||||
| ansible all -i hosts -m ping | ||||
| ansible web -i hosts -m shell -a uptime | ||||
| ansible web -i hosts -m setup | more | ||||
|  cd | ||||
| cd | ||||
| mkdir tpansible | ||||
| cd tpansible/ | ||||
| nano web.yml | ||||
| ansible-playbook -i hosts web.yml | ||||
| nano web.yml | ||||
| ansible-playbook -i hosts web.yml | ||||
| nano web.yml | ||||
| ansible-playbook -i hosts web.yml | ||||
| nano web.yml | ||||
| ansible-playbook -i hosts web.yml | ||||
| nano web.yml | ||||
| ansible-playbook -i hosts web.yml | ||||
| nano web.yml | ||||
| ansible-playbook -i hosts web.yml | ||||
| nano web.yml | ||||
| ansible-playbook -i hosts web.yml | ||||
| cd | ||||
| ls | ||||
| cd | ||||
| cd tpansible/ | ||||
| ls | ||||
| cd | ||||
| cd /home/testansible/ | ||||
|  | ||||
|  | ||||
| cd /home/testansible/ | ||||
| ls | ||||
| cd | ||||
| cd tpansible/ | ||||
| ls | ||||
| ansible-playbook -i hosts web.yml | ||||
| nano web.yml | ||||
| ansible-playbook -i hosts web.yml | ||||
| nano web.yml | ||||
| ansible-playbook -i hosts web.yml | ||||
| nano web.yml | ||||
| echo "salut" > index.html | ||||
| nano web.yml | ||||
| echo "salut" > index.html | ||||
|  | ||||
| cd | ||||
| ip a | ||||
| cd | ||||
| cd /home | ||||
| ls | ||||
| cd /test | ||||
| cd testansible/ | ||||
| cd | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano web.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| ansible-playbook -i hosts syslog.yml  | ||||
| ansible-playbook -i hosts syslog-cli.yml  | ||||
| nano syslog-cli.yml | ||||
| nano syslog.yml | ||||
| nano syslog.yml | ||||
| ansible-playbook -i hosts syslog-cli.yml  | ||||
| ansible-playbook -i hosts syslog.yml  | ||||
| nano syslog.yml | ||||
| ansible-playbook -i hosts syslog.yml  | ||||
| nano syslog.yml | ||||
| nano syslog-cli.yml | ||||
| nano syslog-cli.yml | ||||
| ansible-playbook -i hosts syslog.yml  | ||||
| ansible-playbook -i hosts syslog.yml  | ||||
| nano syslog-cli.yml | ||||
| ansible-playbook -i hosts syslog.yml  | ||||
| nano syslog-cli.yml | ||||
| ansible-playbook -i hosts syslog-cli.yml  | ||||
| nano syslog-cli.yml | ||||
| cd .. | ||||
| poweroff | ||||
| cd /home | ||||
| ls | ||||
| cd testansible/ | ||||
| ls | ||||
| ls | ||||
| cd | ||||
| ls | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano web.yml  | ||||
| ls | ||||
| nano syslog-cli.yml  | ||||
| cd | ||||
| cd /home | ||||
| ls | ||||
| mkdir -p dokuw/roles{web,doku}/{tasks,handlers,files,templates} | ||||
| ls | ||||
| cd dokuw | ||||
| ls | ||||
| cd .. | ||||
| tree dokuw | ||||
| cd | ||||
| tree dokuw | ||||
| three | ||||
| cd /home/dokuw/ | ||||
| nano local.yml | ||||
| cd roles | ||||
| ls | ||||
| ls  | ||||
| cd rolesdoku/ | ||||
| ls | ||||
| ls | ||||
| cd .. | ||||
| cd rolesweb/ | ||||
| cd tasks/ | ||||
| ls | ||||
| nano main.yml | ||||
| cd .. | ||||
| cd .. | ||||
| cd rolesdoku/ | ||||
| ls | ||||
| cd tasks/ | ||||
| ls | ||||
| nano main.yml | ||||
| cd | ||||
| ls | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano hosts  | ||||
| cd | ||||
| ls | ||||
| nano hosts  | ||||
| ls | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano hosts  | ||||
| ls | ||||
| cd | ||||
| ls | ||||
| cd /home/ | ||||
| ls | ||||
| cd dokuw/ | ||||
| cd rolesweb/tasks/ | ||||
| ls | ||||
| nano main.yml | ||||
| cd | ||||
| cd /etc/ssh | ||||
| ls | ||||
| nano ssh_config | ||||
| nano ssh_config.d | ||||
| cd /ssh_config.d | ||||
| ls | ||||
| cd ssh_config.d/ | ||||
| ls | ||||
| cd .. | ||||
| nano sshd_config | ||||
| ls | ||||
| cd | ||||
| nano ~/.ssh/config  | ||||
| ls | ||||
| cd /home | ||||
| ls | ||||
| cd dokuw/ | ||||
| ls | ||||
| cd  rolesweb/tasks/ | ||||
| ansible-playbook -i hosts main.yml  | ||||
| nano main.yml  | ||||
| ansible-playbook -i hosts main.yml  | ||||
| cd | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano web.yml  | ||||
| cd | ||||
| cd /home/ | ||||
| ls | ||||
| cd dokuw/rolesweb/tasks/ | ||||
| nano main.yml  | ||||
| ansible-playbook -i hosts main.yml  | ||||
| cd | ||||
| ls | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano web.yml  | ||||
| cd | ||||
| cd /home/dokuw/rolesweb/tasks/ | ||||
| ls | ||||
| nano main.yml  | ||||
| ansible-playbook -i hosts main.yml  | ||||
| cd | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano web.yml  | ||||
| ansible-playbook -i hosts web.yml  | ||||
| nano web.yml  | ||||
| cd /home/dokuw/rolesweb/tasks/ | ||||
| nano main.yml  | ||||
| ansible-playbook -i hosts web.yml  | ||||
| ansible-playbook -i hosts main.yml  | ||||
| nano main.yml  | ||||
| ansible-playbook -i hosts main.yml  | ||||
| cd .. | ||||
| cd .. | ||||
| cd rolesdoku/ | ||||
| ls | ||||
| cd tasks | ||||
| ls | ||||
| nano main.yml  | ||||
| ansible-playbook -i hosts main.yml | ||||
| nano main.yml  | ||||
| cd /home/dokuw/rolesweb/tasks | ||||
| nano main.yml  | ||||
| cd /home/dokuw/rolesdoku/tasks | ||||
| nano main.yml  | ||||
| cd /home/dokuw/rolesweb/tasks | ||||
| nano main.yml | ||||
| ansible-playbook -i hosts main.yml | ||||
|  | ||||
| nano ~/.ssh/config  | ||||
| cd | ||||
| ls | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano hosts  | ||||
| cd | ||||
| cd tmp | ||||
| cd tmp/ | ||||
| ls | ||||
| cd /etc/tmp | ||||
| cd | ||||
| cd /home/dokuw/rolesweb/tasks | ||||
| nano main.yml  | ||||
| ansible-playbook -i hosts main.yml | ||||
| cd | ||||
| cd tpansible/ | ||||
| nano hosts  | ||||
| echo doku > h-doku | ||||
| ssh doku | ||||
| ssh doku | ||||
| echo doku > h-doku | ||||
| cd | ||||
| ls | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano h-doku | ||||
| ls | ||||
| cd | ||||
| cd /home | ||||
| ls | ||||
| cd dokuw/ | ||||
| ls | ||||
| cd rolesweb/ | ||||
| cd tasks | ||||
| nano main.yml | ||||
| ansible-playbook hosts main.yml  | ||||
| ansible-playbook -i hosts main.yml  | ||||
| nano main.yml  | ||||
| cd | ||||
| cd /home/ | ||||
| ls | ||||
| nano dokuw/ | ||||
| cd dokuw/rolesweb/ | ||||
| cd tasks | ||||
| ls | ||||
| nano main.yml  | ||||
| cd /home/dokuw/rolesdoku/tasks | ||||
| nano main.yml  | ||||
| cd | ||||
| poweroff | ||||
| ssh-keygen | ||||
| nano /etc/ssh/sshd_config | ||||
| echo "PermitRootLogin yes" >>  /etc/ssh/sshd_config | ||||
| systemctl restart ssh | ||||
| ip a | ||||
| ssh-copy-id root@192.168.0.38 | ||||
| ls | ||||
| cd tp | ||||
| cd tpansible/ | ||||
| ls | ||||
| rm playb-ds.yml  | ||||
| nano user.yml | ||||
| rm user.yml  | ||||
| nano utilisateur.yml | ||||
| nano utilisateur.yml  | ||||
| nano .ssh/config  | ||||
| ssh-copy-id srv | ||||
| nano .ssh/config  | ||||
| ls | ||||
| cd tpansible/ | ||||
| ls | ||||
| cd | ||||
| mkdir ds_ansible | ||||
| apt install gitea | ||||
| apt install git | ||||
| ls | ||||
| rm -r ds_ansible/ | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano hosts | ||||
| ls | ||||
| nano h-doku  | ||||
| ls | ||||
| nano syslog-cli.yml  | ||||
| nano playb-ds.yml | ||||
| ls | ||||
| nano hosts | ||||
| ip a | ||||
| ls | ||||
| nano user.yml  | ||||
| cd | ||||
| nano /etc/resolv.conf  | ||||
| ls | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano user.yml  | ||||
| ls | ||||
| ip a | ||||
| ansible-playbook -i hosts utilisateur.yml  | ||||
|  -vvv | ||||
| ansible-playbook -i hosts utilisateur.yml -vvv | ||||
| nano /etc/ssh/sshd_config | ||||
| ls | ||||
| nano utilisateur.yml  | ||||
| nano resolv.conf | ||||
| ansible-playbook -i hosts utilisateur.yml  | ||||
| nano /etc/ssh/sshd_config | ||||
| ansible-playbook -i hosts utilisateur.yml  | ||||
| |more | ||||
| nano /etc/ssh/sshd_config | ||||
| nano /etc/ssh/sshd_config | ||||
| ansible-playbook -i hosts utilisateur.yml  | ||||
| cd | ||||
| nano /etc/ssh/sshd_config | ||||
| ansible all -i hosts -m ping | ||||
| nano .ssh/config  | ||||
| nano tpansible/hosts  | ||||
| ssh-copy-id srv | ||||
| ssh infra uptime | ||||
| ssh srv | ||||
| reboot | ||||
| nano .ssh/config  | ||||
| nano /etc/resolv.conf  | ||||
| ls | ||||
| cd tpansible/ | ||||
| ls | ||||
| mkdir old | ||||
| mv index.html h-doku syslog-cli.yml syslog.yml web.yml old/ | ||||
| ls | ||||
| nano resolv.conf  | ||||
| ansible-playbook -i hosts utilisateur.yml  | ||||
| nano utilisateur.yml  | ||||
| ansible-playbook -i hosts utilisateur.yml  | ||||
| ls | ||||
| mv resolv.conf /root | ||||
| ls | ||||
| cd | ||||
| ls | ||||
| cd tpansible/ | ||||
| nano utilisateur.yml  | ||||
| ansible-playbook -i hosts utilisateur.yml  | ||||
| cd | ||||
| mv resolv.conf tpansible/ | ||||
| ls | ||||
| cd tpansible/ | ||||
| ls | ||||
| nano utilisateur.yml  | ||||
| nano utilisateur.yml  | ||||
| rm /etc/resolv.conf  | ||||
| ansible-playbook  -i hosts utilisateur.yml  | ||||
| cd | ||||
| cd /etc/ | ||||
| resolv.conf | ||||
| nano resolv.conf | ||||
| cd | ||||
| apt install ansible ansible-lint | ||||
| apt update | ||||
| apt upgrade | ||||
| apt update | ||||
| apt install ansible ansible-lint | ||||
| apt-get update | ||||
| apt install ansible-lint | ||||
| apt install ansible-lint --fix-missing | ||||
| reboot | ||||
| apt install ansible-lint --fix-missing | ||||
| apt update | ||||
| apt upgrade | ||||
| ip a | ||||
| git clone https://gitea.lyc-lecastel.fr/ludovic.diemert/siotp.git | ||||
| ls | ||||
| cd siotp | ||||
| ls | ||||
| cd sio2/ | ||||
| ls | ||||
| mkdir ct-ansible | ||||
| cp /root/tpansible/utilisateur.yml . | ||||
| cp /root/tpansible/hosts . | ||||
| ls | ||||
| mv hosts utilisateur.yml ct-ansible/ | ||||
| ls | ||||
| cd ct-ansible/ | ||||
| ls | ||||
| git add utilisateur.yml  | ||||
| git add hosts  | ||||
| git commit | ||||
| git config --global user.email "ludovic.diemert@localhost.fr" | ||||
| git config --global user.name "ludovic diemert" | ||||
| git commit -am "ds ansible" | ||||
| git tag v1.1 | ||||
| git push --tag | ||||
| cd | ||||
| nano .bash_history  | ||||
| cd tpansible/ | ||||
| ls | ||||
| script cr-ansible.txt | ||||
| ansible-playbook utilisateur.yml | ||||
| ls | ||||
| nano cr-ansible.txt  | ||||
| cd | ||||
| ls | ||||
| cd siotp/ | ||||
| ls | ||||
| cd sio2/ | ||||
| ls | ||||
| cd ct-ansible/ | ||||
| ls | ||||
| cp /root/.bash_history . | ||||
| ls | ||||
| cd | ||||
| nano .bash_history  | ||||
| cp .bash_history /root/tpansible/ | ||||
| cd tpansible/ | ||||
| ls | ||||
| ansible-playbook utilisateur.yml | ||||
| ls | ||||
| nano utilisateur.yml  | ||||
| ls | ||||
| nano hosts  | ||||
| cd | ||||
| nano .ssh/config  | ||||
| reboot | ||||
| ansible-playbook cr-ansible.yml | ||||
| ansible-playbook utilisateur.yml  | ||||
							
								
								
									
										16
									
								
								sio2/ct-ansible/cr-ansible.txt
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										16
									
								
								sio2/ct-ansible/cr-ansible.txt
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,16 @@ | ||||
| Script démarré sur 2021-11-25 15:37:28+01:00 [TERM="linux" TTY="/dev/tty1" COLUMNS="100" LINES="37"] | ||||
| [?2004hroot@ansible:~/tpansible# anisbl[K[K[K[Ksible-playbook utilisateur.yml  | ||||
| [?2004l | ||||
| [1;35m[WARNING]: No inventory was parsed, only implicit localhost is available[0m | ||||
| [1;35m[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit[0m | ||||
| [1;35mlocalhost does not match 'all'[0m | ||||
| [1;35m[WARNING]: Could not match supplied host pattern, ignoring: srv[0m | ||||
|  | ||||
| PLAY [srv] ***************************************************************************************** | ||||
| [0;36mskipping: no hosts matched[0m | ||||
|  | ||||
| PLAY RECAP ***************************************************************************************** | ||||
|  | ||||
| [?2004hroot@ansible:~/tpansible# [?2004l | ||||
|  | ||||
| exit | ||||
							
								
								
									
										4
									
								
								sio2/ct-ansible/hosts
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								sio2/ct-ansible/hosts
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,4 @@ | ||||
| [user] | ||||
| srv | ||||
|  | ||||
|  | ||||
							
								
								
									
										4
									
								
								sio2/ct-ansible/resolv.conf
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								sio2/ct-ansible/resolv.conf
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,4 @@ | ||||
| search sio.lan | ||||
| domain sio.lan | ||||
| nameserver 10.121.38.7 | ||||
| nameserver 10.121.38.8 | ||||
							
								
								
									
										125
									
								
								sio2/ct-ansible/sshd_config
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										125
									
								
								sio2/ct-ansible/sshd_config
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,125 @@ | ||||
| #	$OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ | ||||
|  | ||||
| # This is the sshd server system-wide configuration file.  See | ||||
| # sshd_config(5) for more information. | ||||
|  | ||||
| # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin | ||||
|  | ||||
| # The strategy used for options in the default sshd_config shipped with | ||||
| # OpenSSH is to specify options with their default value where | ||||
| # possible, but leave them commented.  Uncommented options override the | ||||
| # default value. | ||||
|  | ||||
| Include /etc/ssh/sshd_config.d/*.conf | ||||
|  | ||||
| #Port 22 | ||||
| #AddressFamily any | ||||
| #ListenAddress 0.0.0.0 | ||||
| #ListenAddress :: | ||||
|  | ||||
| #HostKey /etc/ssh/ssh_host_rsa_key | ||||
| #HostKey /etc/ssh/ssh_host_ecdsa_key | ||||
| #HostKey /etc/ssh/ssh_host_ed25519_key | ||||
|  | ||||
| # Ciphers and keying | ||||
| #RekeyLimit default none | ||||
|  | ||||
| # Logging | ||||
| #SyslogFacility AUTH | ||||
| #LogLevel INFO | ||||
|  | ||||
| # Authentication: | ||||
|  | ||||
| #LoginGraceTime 2m | ||||
| #PermitRootLogin prohibit-password | ||||
| #StrictModes yes | ||||
| #MaxAuthTries 6 | ||||
| #MaxSessions 10 | ||||
|  | ||||
| #PubkeyAuthentication yes | ||||
|  | ||||
| # Expect .ssh/authorized_keys2 to be disregarded by default in future. | ||||
| #AuthorizedKeysFile	.ssh/authorized_keys .ssh/authorized_keys2 | ||||
|  | ||||
| #AuthorizedPrincipalsFile none | ||||
|  | ||||
| #AuthorizedKeysCommand none | ||||
| #AuthorizedKeysCommandUser nobody | ||||
|  | ||||
| # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts | ||||
| #HostbasedAuthentication no | ||||
| # Change to yes if you don't trust ~/.ssh/known_hosts for | ||||
| # HostbasedAuthentication | ||||
| #IgnoreUserKnownHosts no | ||||
| # Don't read the user's ~/.rhosts and ~/.shosts files | ||||
| #IgnoreRhosts yes | ||||
|  | ||||
| # To disable tunneled clear text passwords, change to no here! | ||||
| #PasswordAuthentication yes | ||||
| #PermitEmptyPasswords no | ||||
|  | ||||
| # Change to yes to enable challenge-response passwords (beware issues with | ||||
| # some PAM modules and threads) | ||||
| ChallengeResponseAuthentication no | ||||
|  | ||||
| # Kerberos options | ||||
| #KerberosAuthentication no | ||||
| #KerberosOrLocalPasswd yes | ||||
| #KerberosTicketCleanup yes | ||||
| #KerberosGetAFSToken no | ||||
|  | ||||
| # GSSAPI options | ||||
| #GSSAPIAuthentication no | ||||
| #GSSAPICleanupCredentials yes | ||||
| #GSSAPIStrictAcceptorCheck yes | ||||
| #GSSAPIKeyExchange no | ||||
|  | ||||
| # Set this to 'yes' to enable PAM authentication, account processing, | ||||
| # and session processing. If this is enabled, PAM authentication will | ||||
| # be allowed through the ChallengeResponseAuthentication and | ||||
| # PasswordAuthentication.  Depending on your PAM configuration, | ||||
| # PAM authentication via ChallengeResponseAuthentication may bypass | ||||
| # the setting of "PermitRootLogin without-password". | ||||
| # If you just want the PAM account and session checks to run without | ||||
| # PAM authentication, then enable this but set PasswordAuthentication | ||||
| # and ChallengeResponseAuthentication to 'no'. | ||||
| UsePAM yes | ||||
|  | ||||
| #AllowAgentForwarding yes | ||||
| #AllowTcpForwarding yes | ||||
| #GatewayPorts no | ||||
| X11Forwarding yes | ||||
| #X11DisplayOffset 10 | ||||
| #X11UseLocalhost yes | ||||
| #PermitTTY yes | ||||
| PrintMotd no | ||||
| #PrintLastLog yes | ||||
| #TCPKeepAlive yes | ||||
| #PermitUserEnvironment no | ||||
| #Compression delayed | ||||
| #ClientAliveInterval 0 | ||||
| #ClientAliveCountMax 3 | ||||
| #UseDNS no | ||||
| #PidFile /var/run/sshd.pid | ||||
| #MaxStartups 10:30:100 | ||||
| #PermitTunnel no | ||||
| #ChrootDirectory none | ||||
| #VersionAddendum none | ||||
|  | ||||
| # no default banner path | ||||
| #Banner none | ||||
|  | ||||
| # Allow client to pass locale environment variables | ||||
| AcceptEnv LANG LC_* | ||||
|  | ||||
| # override default of no subsystems | ||||
| Subsystem	sftp	/usr/lib/openssh/sftp-server | ||||
|  | ||||
| # Example of overriding settings on a per-user basis | ||||
| #Match User anoncvs | ||||
| #	X11Forwarding no | ||||
| #	AllowTcpForwarding no | ||||
| #	PermitTTY no | ||||
| #	ForceCommand cvs server | ||||
| PermitRootLogin yes | ||||
| PermitRootLogin prohibit-password | ||||
							
								
								
									
										36
									
								
								sio2/ct-ansible/utilisateur.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										36
									
								
								sio2/ct-ansible/utilisateur.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,36 @@ | ||||
| --- | ||||
| - hosts: srv | ||||
|   vars: | ||||
|     password: Azerty1+ | ||||
|   tasks: | ||||
|  | ||||
|     - name: creation de l'utilisateur sioadm | ||||
|       user: | ||||
|         name: sioadm | ||||
|         state: present | ||||
|         generate_ssh_key: yes | ||||
|         uid: 1200 | ||||
|         groups: sudo | ||||
|         append: yes | ||||
|         password: "{{ 'Azerty1+' | password_hash('sha512') }}" | ||||
|        | ||||
|     - name: desinstallation du paquet wpasupplicant | ||||
|       apt: | ||||
|          name: wpasupplicant | ||||
|          state: absent | ||||
|  | ||||
|     - name: desinstallation du paquet rpcbind | ||||
|       apt: | ||||
|          name: rpcbind | ||||
|          state: absent | ||||
|  | ||||
|     - name: copie du fichier /etc/resolv.conf | ||||
|       copy: | ||||
|         src: resolv.conf | ||||
|         dest: /etc/resolv.conf | ||||
|  | ||||
|     - name: ajout de la ligne PermitRootLogin prohibit-password dans /etc/ssh/sshd_config | ||||
|       lineinfile: | ||||
|         path: /etc/ssh/sshd_config | ||||
|         line: 'PermitRootLogin prohibit-password' | ||||
|         create: yes | ||||
| @@ -1,14 +1,11 @@ | ||||
| [Interface] | ||||
| Address = 10.0.2.1/24 # Adresses autorisées dans le VPN | ||||
| Listenport = 51820 | ||||
|  | ||||
| # clé privée de machine A  | ||||
| PrivateKey = WM0fO9rPFKRtkvKKEcqnUXwhTJ/aWtr8oWXkowuEFX8= | ||||
| # UDP service port; 51820 is a common choice for WireGuard | ||||
|  | ||||
| PrivateKey = GIOgHwIs/0uNvwn/iAX5dP5PGjDY7+OpM/c50X6ry2k= | ||||
| Address = 10.0.2.2/32 | ||||
| #DNS = 192.168.1.254 | ||||
|  | ||||
| [Peer] | ||||
| PublicKey = u0/S3/nbLceihWjlsSbPSBvhT4BsLp/b+dGpeLhqElg= | ||||
| AllowedIPs = 10.0.2.1/24 # le peer peut acceder au serveur | ||||
|  | ||||
|  | ||||
| PublicKey = COah6qTtwZo4h9GhtBHBhySOwmH4g78sI49NLGmze3M= | ||||
| #AllowedIPs = 10.0.0.0/8, 192.168.1.0/24 | ||||
| AllowedIPs = 0.0.0.0/0 | ||||
| Endpoint = 192.168.0.40:51820 | ||||
| PersistentKeepalive = 20 | ||||
|   | ||||
		Reference in New Issue
	
	Block a user