Ajout glpi

glpi/glpi.yml

@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  connection: local
+  roles:
+    - glpi

glpi/roles/glpi/defaults/main.yml

@@ -0,0 +1,10 @@
+depl_url: "http://depl/store"
+glpi_tgz: "glpi-9.5.7.tgz"
+fusion: "fusioninventory-9.5+3.0.tar.bz2"
+fusion64: "fusioninventory-agent_windows-x64_2.6.exe"
+glpi_dir: "/var/www/html/glpi"
+glpi_dbhost: "127.0.0.1"
+glpi_dbname: "glpi"
+glpi_dbuser: "glpi"
+glpi_dbpasswd: "glpi"
+

glpi/roles/glpi/files/glpi.conf

@@ -0,0 +1,12 @@
+DocumentRoot /var/www/glpi
+        <Directory /var/www/glpi>
+                Options Indexes FollowSymLinks MultiViews
+                AllowOverride All
+                Order allow,deny
+                allow from all
+                AuthType Basic
+        </Directory>
+
+        LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined
+        CustomLog ${APACHE_LOG_DIR}/glpi_access.log combined
+        ErrorLog  ${APACHE_LOG_DIR}/glpi_error.log

glpi/roles/glpi/files/my.cnf

@@ -0,0 +1,3 @@
+[client]
+user=root
+password=root

glpi/roles/glpi/handlers/main.yml

@@ -0,0 +1,18 @@
+---
+- name: restart php-fpm
+  service:
+    name: php-fpm
+    state: restarted
+    enabled: yes
+
+- name: restart nginx
+  service:
+    name: nginx
+    state : restarted
+    enabled: yes  
+
+- name: restart mariadb-server
+  service: 
+    name: mariadb-server
+    state: restarted
+    enabled: yes

glpi/roles/glpi/tasks/main.yml

@@ -0,0 +1,132 @@
+---
+  - name: Installation des paquets
+    apt:
+      state: latest
+      name:
+      - nginx
+      - php-fpm
+      - php-mbstring
+      - php-mysql
+      - php-gd
+      - php-curl
+      - php-xml
+      - php-apcu
+      - php-ldap
+      - php-imap
+      - php-xmlrpc
+      - php-cas
+      - python3-mysqldb
+      - mariadb-server
+      - python3-pymysql
+      - php-intl
+      - php-bz2
+      - php-zip
+      - postfix
+      - mailutils
+
+  - name: Changement listen dans le fichier conf de php
+    replace:
+      dest: /etc/php/7.4/fpm/pool.d/www.conf
+      regexp: 'listen = /run/php/php7.4-fpm.sock'
+      replace: 'listen = 127.0.0.1:9000'
+      backup: yes
+
+  - name: Effacement block nginx default
+    file:
+      path: /etc/nginx/sites-enabled/default 
+      state: absent
+
+  - name: Creation fichier block nginx
+    template: 
+      src: block.j2 
+      dest: /etc/nginx/sites-enabled/glpi
+
+  - name: Remplacement dans le fichier de conf php du timeout
+    replace:
+      dest: /etc/php/7.4/fpm/php.ini
+      regexp: 'max_execution_time = 30'
+      replace: 'max_execution_time = 600'
+      backup: yes
+
+    notify:
+      - restart nginx
+
+  - name: Creation de la base de donnee mysql
+    mysql_db:
+      name: "{{ glpi_dbname }}"
+      check_implicit_admin: yes
+      state: present
+      login_unix_socket: /var/run/mysqld/mysqld.sock
+
+  - name: Creation de l'utilisateur mysql avec tous les privileges
+    mysql_user:
+      user: "{{ glpi_dbuser }}"
+      password: "{{ glpi_dbpasswd }}"
+      priv: "*.*:ALL,GRANT"
+      login_unix_socket: /var/run/mysqld/mysqld.sock
+      state: present
+
+  - name: Creation du repertoire {{ glpi_dir }}
+    file: 
+      path: "{{ glpi_dir }}"
+      state: directory
+      owner: www-data
+      group: www-data
+
+  - name: Installation de GLPI
+    unarchive:
+      src: "{{ depl_url }}/{{ glpi_tgz }}"
+      dest: /var/www/html
+      remote_src: yes
+      owner: www-data
+      group: www-data
+
+  - name: Changement des attributs {{ glpi_dir }}
+    file: 
+      path: "{{ glpi_dir }}" 
+      owner: www-data 
+      group: www-data 
+      mode: 0755 
+      recurse: yes
+
+  - name: Changement des attributs {{ glpi_dir }}/plugins
+    file:
+      path: "{{ glpi_dir }}/plugins"
+      mode: 0777
+      owner: www-data
+      group: www-data
+      recurse: yes
+
+  - name: Installation de Fusioninventory pour Linux
+    unarchive:
+      src: "{{ depl_url }}/{{ fusion }}"
+      dest: "/var/www/html/glpi/plugins"
+      remote_src: yes
+
+  - name: Creation de ficlient
+    file:
+      path: /var/www/html/ficlients
+      state: directory
+      owner: www-data
+      group: www-data
+      mode: 0775
+
+  - name: Attribution des droits nginx.index
+    file:
+      path: /var/www/html/index.nginx-debian.html
+      owner: www-data
+      group: www-data
+      mode: 0775
+
+  - name: Installation de FusionInventory windows x64
+    get_url:
+      url: "{{ depl_url }}/{{ fusion64 }}"
+      dest: "/var/www/html/ficlients"
+
+  - name: Attribution des permissions sur repertoire /plugins/fusioninventory
+    file:
+      path: /var/www/html/glpi/plugins/fusioninventory
+      owner: www-data
+      group: www-data
+      recurse: yes
+      state: directory

glpi/roles/glpi/templates/block.j2

@@ -0,0 +1,23 @@
+server {
+        listen   80 default_server;
+        root {{ glpi_dir }};
+        index index.php;
+        server_name localhost;
+
+        location / {try_files $uri $uri/ index.php;}
+
+        #prise en charge PHP
+        location ~ \.php$ {
+                fastcgi_pass 127.0.0.1:9000;
+                fastcgi_index index.php;
+                include /etc/nginx/fastcgi_params;
+                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+                include fastcgi_params;
+                fastcgi_param SERVER_NAME $host;
+  	 }
+
+	location /ficlients {
+		root /var/www/html;
+		autoindex on;
+	}
+}

script/restauration/rest43

@@ -1,26 +1,53 @@
 #!/bin/bash
 HOST=root@onfarbo43
-restore () {
+
-ssh "${HOST}" "mysql -u ap45 -pAzerty1+ bdarbre" < bdarbre43.sql
+usage() { 
+echo -e "Usage: $0 [-f] <compressed dumpfile>\n\t-f: force mode\n\t-h: this help\n" 1>&2; exit 1; }
+
+restore() {
+	zcat "${filename}" | ssh "${HOST}"  "mysql -u ap43 -pAzerty1+ bdarbre" 
 }
-while getopts "f" OPT
-do
-    case "${OPT}" in
-      f)
-          restore
-          exit 0;
-          ;;
-    esac
-done
 
 confirm() {
     read -r -n 1 -p "${1:-Confirmer?} [o/n]: " REPLY
-    case $REPLY in
+    case "${REPLY}" in
       [oO]) echo ; restore ;;
       [nN]) echo ; exit 1 ;;
       *) printf " \033[31m %s \n\033[0m" "Entrée non valide"
     esac 
 }
-confirm
 
+while getopts "fh" OPT
+do
+    case "${OPT}" in
+      f)
+          forcemode=1
+          ;;
+
+      h)
+	  usage
+	  exit 0
+          ;;
+    esac
+done
+shift $((OPTIND-1))
+
+filename="${1}"
+
+if [[ -z "${filename}" ]] ; then
+	usage
+fi
+
+if [[ ! -r "${filename}" ]] ; then
+	echo "erreur ouverture fichier"
+	exit 2
+fi
+
+if [[ "${forcemode}" == 1 ]]; then
+	restore
+	exit 0
+else
+	confirm
+	exit 0
+fi
 exit 0

script/restauration/rest45

@@ -1,26 +1,53 @@
 #!/bin/bash
 HOST=root@onfarbo45
-restore () {
+
-ssh "${HOST}" "mysql -u ap45 -pAzerty1+ bdarbre" < bdarbre45.sql
+usage() { 
+echo -e "Usage: $0 [-f] <compressed dumpfile>\n\t-f: force mode\n\t-h: this help\n" 1>&2; exit 1; }
+
+restore() {
+	zcat "${filename}" | ssh "${HOST}"  "mysql -u ap45 -pAzerty1+ bdarbre" 
 }
-while getopts "f" OPT
-do
-    case "${OPT}" in
-      f)
-          restore
-          exit 0;
-          ;;
-    esac
-done
 
 confirm() {
     read -r -n 1 -p "${1:-Confirmer?} [o/n]: " REPLY
-    case $REPLY in
+    case "${REPLY}" in
       [oO]) echo ; restore ;;
-      [nN]) echo ; exit 0 ;;
+      [nN]) echo ; exit 1 ;;
       *) printf " \033[31m %s \n\033[0m" "Entrée non valide"
     esac 
 }
-confirm
 
+while getopts "fh" OPT
+do
+    case "${OPT}" in
+      f)
+          forcemode=1
+          ;;
+
+      h)
+	  usage
+	  exit 0
+          ;;
+    esac
+done
+shift $((OPTIND-1))
+
+filename="${1}"
+
+if [[ -z "${filename}" ]] ; then
+	usage
+fi
+
+if [[ ! -r "${filename}" ]] ; then
+	echo "erreur ouverture fichier"
+	exit 2
+fi
+
+if [[ "${forcemode}" == 1 ]]; then
+	restore
+	exit 0
+else
+	confirm
+	exit 0
+fi
 exit 0

script/sauvegarde/php43/ONF/getLesInterventions.php

@@ -1,19 +0,0 @@
-<?php
-
-include_once 'include/chargementClasses.php';
-
-try{
-    
-    $laConnexion = new ConnexionBDD();
-    $sql = 'SELECT * FROM intervention INNER JOIN arbre ON arbre.id = intervention.idArbre;';
-    $reponse = $laConnexion->dbh()->query($sql);
-    
-    $output = array("lesInterventions"=>$reponse->fetchAll(PDO::FETCH_ASSOC));
-    
-}catch (Exception $e){
-    
-    die('Erreur : '.$e->getMessage());
-    
-}
-    
-echo(json_encode($output));    

script/sauvegarde/php43/ONF/include/ConnexionBDD.php

@@ -1,45 +0,0 @@
-<?php
-
-/* 
- * To change this license header, choose License Headers in Project Properties.
- * To change this template file, choose Tools | Templates
- * and open the template in the editor.
- */
-
-class ConnexionBDD {
-    
-    private $_dbh;   // Chaine de connexion
-    
-    /**
-     * Connexion persistante au serveur
-     * @return \PDO Connexion
-     */    
-    public function __construct(){
-        // Définition des variables de connexion
-        $user = "ap43";
-        $pass = "Azerty1+";
-        $dsn ='mysql:host=localhost;dbname=bdarbre'; //Data Source Name
-
-        // Connexion 
-        try {
-            $this->_dbh = new PDO($dsn, $user, $pass, array(PDO::ATTR_PERSISTENT=>true, 
-            PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES \'UTF8\''));  // Connexion persistante            
-        }
-        catch (PDOException $e) {
-            die("Erreur : " . $e->getMessage());
-        }        
-    }
-    /** afficherErreurSQL : 
-     *  Affichage de messages lors l'accès à la bdd avec une requete SQL
-     *  @param $message	: message a afficher
-    */		
-    function afficherErreurSQL($message, $sql="") {
-        echo $message . "<br />" . $sql . "<br />"; 
-        $info = $this->_dbh->errorInfo();
-        echo "Code erreur : " . $info[0] . ", Message : " . $info[2];      
-        die();
-    }
-    function dbh() {
-        return $this->_dbh;
-    }
-}

script/sauvegarde/php43/ONF/include/chargementClasses.php

@@ -1,7 +0,0 @@
-<?php
-spl_autoload_register('chargerClasse');
-function chargerClasse($classe){
-    
-    require "include/".$classe.".php";
-    
-}

script/sauvegarde/php43/ONF/index.php

@@ -1,17 +0,0 @@
-<!DOCTYPE html>
-<!--
-To change this license header, choose License Headers in Project Properties.
-To change this template file, choose Tools | Templates
-and open the template in the editor.
--->
-<html>
-    <head>
-        <meta charset="UTF-8">
-        <title></title>
-    </head>
-    <body>
-        <?php
-        // put your code here
-        ?>
-    </body>
-</html>

script/sauvegarde/php43/ONF/nbproject/private/private.properties

@@ -1,6 +0,0 @@
-copy.src.files=false
-copy.src.on.open=false
-copy.src.target=/var/www/PhpProject1
-index.file=index.php
-run.as=LOCAL
-url=http://localhost/PHPProjects/ONF/

script/sauvegarde/php43/ONF/nbproject/project.properties

@@ -1,7 +0,0 @@
-include.path=${php.global.include.path}
-php.version=PHP_80
-source.encoding=UTF-8
-src.dir=.
-tags.asp=false
-tags.short=false
-web.root=.

script/sauvegarde/php43/ONF/nbproject/project.xml

@@ -1,9 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://www.netbeans.org/ns/project/1">
-    <type>org.netbeans.modules.php.project</type>
-    <configuration>
-        <data xmlns="http://www.netbeans.org/ns/php-project/1">
-            <name>ONF</name>
-        </data>
-    </configuration>
-</project>

script/sauvegarde/sauvegarde43.sh

@@ -1,14 +1,15 @@
 #!/bin/bash
 HOST=root@onfarbo43
 DATEJ=$(date +%u)
-DATES=(date +%W)
+DATES=$(date +%W)
 semaineMod=$(("${DATES}" % 4))
 
 ssh "${HOST}" "mysqldump -u ap43 -pAzerty1+ bdarbre | gzip" > /root/sauv/jour/bdarbre43-"${DATEJ}".sql.gz
 
 ssh "${HOST}" "mysqldump -u ap43 -pAzerty1+ bdarbre | gzip" > /root/sauv/semaine/bdarbre43-"${semaineMod}".sql.gz
 
-scp -r "${HOST}":/var/www/html/PHPProjects/ONF /root/sauv/php43
+scp -r "${HOST}":/var/www/html/PHPProjectsAM/ /root/sauv/php43/AM
+scp -r "${HOST}":/var/www/html/PHPProjectsAS/ /root/sauv/php43/AS
 
 
 exit 0

script/sauvegarde/sauvegarde45.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 HOST=root@onfarbo45
 DATEJ=$(date +%u)
-DATES=(date +%W)
+DATES=$(date +%W)
 semaineMod=$(("${DATES}" % 4))
 
 ssh "${HOST}" "mysqldump -u ap45 -pAzerty1+ bdarbre | gzip" > /root/sauv/jour/bdarbre45-"${DATEJ}".sql.gz

wireguard/wg0.conf

@@ -0,0 +1,18 @@
+# local settings for Endpoint A
+[Interface]
+PrivateKey = kJfPU7pqldy6d7K+8Gbby7Hbw1zh7amdIIccmC9NY1s=
+Address = 10.0.0.1/32
+ListenPort = 51820
+ 
+# remote settings for Endpoint B
+[Peer]
+PublicKey = pMaLJGkdgcT3jwPC7F/EUlr9U8VbkZli9Ru65zkXH2U=
+#Endpoint = 192.168.1.82:51820
+AllowedIPs = 10.0.0.2/32
+ 
+# remote settings for Endpoint C
+[Peer]
+PublicKey = HuwPkFzi25gAovg+Ni7lpCK6TvcK1HBdbgg3lVRK+zY=
+#Endpoint = x.y.z.t:51820
+AllowedIPs = 10.0.0.3/32
+ 

wireguard/wgap4.sh

@@ -0,0 +1,79 @@
+#!/bin/bash
+set -u
+set -e
+ 
+AddressAwg=10.0.0.1/32  # Adresse VPN Wireguard extremite A
+EndpointA=10.121.38.70  # Adresse extremite A
+PortA=51820             # Port ecoute extremite A
+AddressBwg=10.0.0.2/32  # Adresse VPN Wireguard extremite B
+EndpointB=192.168.1.82  # Adresse extremite B
+PortB=51820             # Port ecoute extremite B
+AddressCwg=10.0.0.3/32
+EndpointC=x.y.z.t
+PortC=51820
+
+umask 077 ;  
+wg genkey > endpoint-a.key
+wg pubkey < endpoint-a.key > endpoint-a.pub
+ 
+wg genkey > endpoint-b.key
+wg pubkey < endpoint-b.key > endpoint-b.pub
+ 
+wg genkey > endpoint-c.key
+wg pubkey < endpoint-c.key > endpoint-c.pub
+PKA=$(cat endpoint-a.key)
+pKA=$(cat endpoint-a.pub)
+PKB=$(cat endpoint-b.key)
+pKB=$(cat endpoint-b.pub)
+PKC=$(cat endpoint-c.key)
+pKC=$(cat endpoint-c.pub)
+
+
+cat <<FINI > wg0-a.conf
+# local settings for Endpoint A
+[Interface]
+PrivateKey = $PKA
+Address = $AddressAwg
+ListenPort = $PortA
+ 
+# remote settings for Endpoint B
+[Peer]
+PublicKey = $pKB
+#Endpoint = ${EndpointB}:$PortB
+AllowedIPs = $AddressBwg
+ 
+# remote settings for Endpoint C
+[Peer]
+PublicKey = $pKC
+#Endpoint = ${EndpointC}:$PortC
+AllowedIPs = $AddressCwg
+ 
+FINI
+cat <<FINI > wg0-b.conf
+# local settings for Endpoint B
+[Interface]
+PrivateKey = $PKB
+Address = $AddressBwg
+ListenPort = $PortB
+ 
+# remote settings for Endpoint A
+[Peer]
+PublicKey = $pKA
+Endpoint = ${EndpointA}:$PortA
+AllowedIPs = $AddressAwg
+
+FINI
+cat <<FINI > wg0-c.conf
+# local settings for Endpoint C
+[Interface]
+PrivateKey = $PKC
+Address = $AddressCwg
+ListenPort = $PortC
+ 
+# remote settings for Endpoint A
+[Peer]
+PublicKey = $pKA
+Endpoint = ${EndpointA}:$PortA
+AllowedIPs = $AddressAwg
+
+FINI