uap35-r/Projet
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

ajout des fichiers ansible

Browse Source
This commit is contained in:
“cameron.desrayaud”
2021-12-13 17:09:50 +01:00
parent 34833c4478
commit d9bb729bc1
18 changed files with 326 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
Mission2/hosts Normal file
View File

@@ -0,0 +1,9 @@
[localhost]
localhost
[test]
tomcattest
[proxsrv]
10.121.38.65

9
Mission2/mariadb-setup.yml Normal file
View File

@@ -0,0 +1,9 @@
---
- name: Tomcat playbook
hosts: test
become: yes
become_method: sudo
remote_user: root
roles:
- mysql

13
Mission2/playbook.yml Normal file
View File

@@ -0,0 +1,13 @@
---
- hosts: test
remote_user: root
become: yes
become_method: sudo
roles:
- tomcat
- mariadb
- mariadb_create_dump
- mariadb_create_usr
- mariadb_inject_dump
- openjdk

6
Mission2/roles/mariadb_create_dump/tasks/main.yml Normal file
View File

@@ -0,0 +1,6 @@
- name: exportation du dump
copy:
src: db-sauv.sql.gz
dest: /tmp

5
Mission2/roles/mariadb_inject_dump/tasks/main.yml Normal file
View File

@@ -0,0 +1,5 @@
- name: Restoration la base de données
community.mysql.mysql_db:
name: my_db
state: import
target: /tmp/db-sauv.sql.gz

22
Mission2/roles/mysql/handlers/main.yml Normal file
View File

@@ -0,0 +1,22 @@
---
# handlers file for mariadb
- name: set mariadb log selinux
sefcontext:
target: '/var/log/mariadb(/.*)?'
setype: mysqld_log_t
state: present
- name: restart mariadb server
systemd:
name: "{{ mariadb_service }}"
state: restarted
enabled: yes
- name: Remove test database priviledges
command: mysql -u root -p{{ mysql_root_password }} -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'"
- name: Flush Priviliges
command: mysql -u root -p{{ mysql_root_password }} -e "FLUSH PRIVILEGES"
- name: Update repo cache
apt:
update_cache: yes

39
Mission2/roles/mysql/tasks/main.yml Normal file
View File

@@ -0,0 +1,39 @@
- name: "[MYSQL] - update cache"
apt:
update_cache: yes
- name: "[MYSQL] - install"
apt:
name: mariadb-server
state: latest
- name: "[Python] - install"
apt:
name: python
state: latest
- name: "[MYSQL] - start mysql"
service:
name: "mysqld"
state: started
enabled: yes
- name: "[MYSQL] - create database"
community.mysql.mysql_db:
name:
- sdis29
state: present
- name: "[MYSQL] - create user"
mysql_user:
name: "dev"
password: "Azerty1+"
priv: "*.*:ALL"
host: "127.0.0.1"
become: yes
- name: Restoration la base de données
community.mysql.mysql_db:
name: my_db
state: import
target: /tmp/db-sauv.sql.gz

12
Mission2/roles/mysql/vars/debian.yml Normal file
View File

@@ -0,0 +1,12 @@
mariadb_packages:
- mariadb-server
- mariadb-common
- python-mysqldb
- python-openssl
repo_software_package:
- software-properties-common
- dirmngr
- apt-transport-https
key_url: "https://mariadb.org/mariadb_release_signing_key.asc"
repo_deb: deb [arch=amd64] https://mirror.klaus-uwe.me/mariadb/repo/10.4/debian
mariadb_socket: /run/mysqld/mysqld.sock

8
Mission2/roles/openjdk/tasks/main.yml Normal file
View File

@@ -0,0 +1,8 @@
---
- hosts: all
tasks:
- name: install openjdk-17
apt :
name: openjdk-17-jdk
state: present

3
Mission2/roles/tomcat/defaults/main.yml Normal file
View File

@@ -0,0 +1,3 @@
---
tomcat_archive_url: https://dlcdn.apache.org/tomcat/tomcat-10/v10.0.13/bin/apache-tomcat-10.0.13.tar.gz
tomcat_archive_dest: /tmp/apache-tomcat-{{ tomcat_ver }}.tar.gz

4
Mission2/roles/tomcat/handlers/main.yml Normal file
View File

@@ -0,0 +1,4 @@
- name: restart tomcat
service:
name: tomcat
state: restarted

8
Mission2/roles/tomcat/tasks/main.yaml Normal file
View File

@@ -0,0 +1,8 @@
---
- name: Add the OS specific variables
include_vars: "{{ item }}"
with_first_found:
- "{{ ansible_distribution }}{{ ansible_distribution_major_version }}.yml"
- "{{ ansible_os_family }}.yml"
- include_tasks: "tomcat-setup-{{ ansible_os_family }}.yml"

85
Mission2/roles/tomcat/tasks/tomcat-setup-Debian.yml Normal file
View File

@@ -0,0 +1,85 @@
- name: S'assurer que le système utilise le port HTTPS pour APT.
stat:
path: /usr/lib/apt/methods/https
register: apt_https_transport
- name: Installation APT HTTPS transport.
apt:
name: "apt-transport-https"
state: present
update_cache: yes
when: not apt_https_transport.stat.exists
- name: Installation packages basique
package:
name: ['vim','aptitude','bash-completion','tmux','tree','htop','wget','unzip','curl','git','python']
state: present
update_cache: yes
- name: Installation Java (Debian/Ubuntu)
apt:
name: default-jdk
state: present
- name: Ajout tomcat dans un groupe
group:
name: tomcat
- name: Ajout "tomcat" au user
user:
name: tomcat
group: tomcat
home: /usr/share/tomcat
createhome: no
system: yes
- name: Installation Tomcat
get_url:
url: "https://dlcdn.apache.org/tomcat/tomcat-10/v10.0.14/bin/apache-tomcat-10.0.14.tar.gz"
dest: "{{ tomcat_archive_dest }}"
- name: Création du répertoire tomcat
file:
path: /usr/share/tomcat
state: directory
owner: tomcat
group: tomcat
- name: Extraction archive de tomcat
unarchive:
src: "{{ tomcat_archive_dest }}"
dest: /usr/share/tomcat
owner: tomcat
group: tomcat
remote_src: yes
extra_opts: "--strip-components=1"
creates: /usr/share/tomcat/bin
- name: Copie tomcat fichier service*
template:
src: templates/tomcat.service.j2
dest: /etc/systemd/system/tomcat.service
when: ansible_service_mgr == "systemd"
- name: Démarrer et activé tomcat
service:
daemon_reload: yes
name: tomcat
state: started
enabled: yes
when: ansible_service_mgr == "systemd"
- name: Définir l'accès a l'interface utilisateur authentifié
template:
src: tomcat-users.xml.j2
dest: /usr/share/tomcat/conf/tomcat-users.xml
notify: restart tomcat
- name: Autoriser l'accès aux applications du gestionnaire et gestionnaire d'hote sur n'importe qu'elle IP
template:
src: context.xml.j2
dest: "{{ item }}"
with_items:
- /usr/share/tomcat/webapps/host-manager/META-INF/context.xml
- /usr/share/tomcat/webapps/manager/META-INF/context.xml
notify: restart tomcat

19
Mission2/roles/tomcat/templates/context.xml.j2 Normal file
View File

@@ -0,0 +1,19 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<Context antiResourceLocking="false" privileged="true" >
</Context>

45
Mission2/roles/tomcat/templates/tomcat-users.xml.j2 Normal file
View File

@@ -0,0 +1,45 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<tomcat-users xmlns="http://tomcat.apache.org/xml"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
version="1.0">
<!--
NOTE: By default, no user is included in the "manager-gui" role required
to operate the "/manager/html" web application. If you wish to use this app,
you must define such a user - the username and password are arbitrary. It is
strongly recommended that you do NOT use one of the users in the commented out
section below since they are intended for use with the examples web
application.
-->
<!--
NOTE: The sample user and role entries below are intended for use with the
examples web application. They are wrapped in a comment and thus are ignored
when reading this file. If you wish to configure these users for use with the
examples web application, do not forget to remove the <!.. ..> that surrounds
them. You will also need to set the passwords to something appropriate.
-->
<!-- user manager can access only manager section -->
<role rolename="manager-gui" />
<user username="{{ ui_manager_user }}" password="{{ ui_manager_pass }}" roles="manager-gui" />
<!-- user admin can access manager and admin section both -->
<role rolename="admin-gui" />
<user username="{{ ui_admin_username }}" password="{{ ui_admin_pass }}" roles="manager-gui,admin-gui" />
</tomcat-users>

22
Mission2/roles/tomcat/templates/tomcat.service.j2 Normal file
View File

@@ -0,0 +1,22 @@
[Unit]
Description=Tomcat
After=syslog.target network.target
[Service]
Type=forking
User=tomcat
Group=tomcat
Environment=JAVA_HOME={{ JAVA_HOME }}
Environment='JAVA_OPTS=-Djava.awt.headless=true'
Environment=CATALINA_HOME=/usr/share/tomcat
Environment=CATALINA_BASE=/usr/share/tomcat
Environment=CATALINA_PID=/usr/share/tomcat/temp/tomcat.pid
ExecStart=/usr/share/tomcat/bin/catalina.sh start
ExecStop=/usr/share/tomcat/bin/catalina.sh stop
[Install]
WantedBy=multi-user.target

2
Mission2/roles/tomcat/vars/Debian.yml Normal file
View File

@@ -0,0 +1,2 @@
---
JAVA_HOME: /usr/lib/jvm/default-java

15
Mission2/tomcat-setup.yml Normal file
View File

@@ -0,0 +1,15 @@
---
- name: Tomcat playbook
hosts: test
become: yes
become_method: sudo
remote_user: root
vars:
tomcat_ver: 10.0.13
ui_manager_user: manager
ui_manager_pass: root
ui_admin_username: admin
ui_admin_pass: root
roles:
- tomcat