uap35-r/Projet
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: uap35-r:v0.2
Branches Tags
uap35-r:master
uap35-r:v4.4 uap35-r:v4.3 uap35-r:v4.2 uap35-r:v4.1 uap35-r:v1.0 uap35-r:v0.5 uap35-r:v0.4 uap35-r:v0.3 uap35-r:v0.2
...
compare: uap35-r:v1.0
Branches Tags
uap35-r:master
uap35-r:v4.4 uap35-r:v4.3 uap35-r:v4.2 uap35-r:v4.1 uap35-r:v1.0 uap35-r:v0.5 uap35-r:v0.4 uap35-r:v0.3 uap35-r:v0.2

8 Commits
v0.2 ... v1.0

Author SHA1 Message Date
“cameron.desrayaud”
d9bb729bc1 ajout des fichiers ansible 2021-12-13 17:09:50 +01:00
uap35-r
34833c4478 déplacement des fichiers 2021-12-13 10:27:14 +01:00
uap35-r
8582924003 wiki 2021-10-21 13:40:41 +00:00
uap35-r
09e6d312e7 renom 2021-10-21 15:38:37 +02:00
uap35-r
1443aa2a0c rsyslog 2021-10-20 11:03:35 +02:00
root
5d8481c197 syslog 2021-10-20 09:01:09 +00:00
uap35-r
9029d95440 syslog 2021-10-20 10:58:40 +02:00
uap35-r
8a0f0d9f79 nagios cfg 2021-10-20 10:39:18 +02:00
40 changed files with 3266 additions and 0 deletions
Expand all files Collapse all files

4
Mission1/Syslog/redirectiongw5.sh Executable file
View File

@ -0,0 +1,4 @@
#!/bin/bash
echo "1" > /proc/sys/net/ipv4/ip_forward
sudo iptables -t nat -A PREROUTING -d 10.121.38.35 -p udp --dport 517 -j DNAT --to 192.168.0.22:514
sudo iptables -t nat -A POSTROUTING -d 192.168.0.22 -p udp --dport 517 -j SNAT --to 10.121.38.35

95
Mission1/Syslog/rsyslogprod.conf Normal file
View File

@ -0,0 +1,95 @@
# /etc/rsyslog.conf configuration file for rsyslog
#
# For more information install rsyslog-doc and see
# /usr/share/doc/rsyslog-doc/html/configuration/index.html
#################
#### MODULES ####
#################
module(load="imuxsock") # provides support for local system logging
module(load="imklog") # provides kernel logging support
#module(load="immark") # provides --MARK-- message capability
# provides UDP syslog reception
#module(load="imudp")
#input(type="imudp" port="517")
# provides TCP syslog reception
#module(load="imtcp")
#input(type="imtcp" port="514")
###########################
#### GLOBAL DIRECTIVES ####
###########################
#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
#
# Set the default permissions for all log files.
#
$FileOwner root
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
#
# Where to place spool and state files
#
$WorkDirectory /var/spool/rsyslog
#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf
###############
#### RULES ####
###############
#
# First some standard log files. Log by facility.
#
auth,authpriv.* /var/log/auth.log
*.*;auth,authpriv.none -/var/log/syslog
#cron.* /var/log/cron.log
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
lpr.* -/var/log/lpr.log
mail.* -/var/log/mail.log
user.* -/var/log/user.log
#
# Logging for the mail system. Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info -/var/log/mail.info
mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
#
# Some "catch-all" log files.
#
*.=debug;\
auth,authpriv.none;\
mail.none -/var/log/debug
*.=info;*.=notice;*.=warn;\
auth,authpriv.none;\
cron,daemon.none;\
mail.none -/var/log/messages
#
# Emergencies are sent to everybody logged in.
#
*.emerg :omusrmsg:*
*.* @10.121.38.35:517

92
Mission1/Syslog/rsyslogsyslog.conf Normal file
View File

@ -0,0 +1,92 @@
# /etc/rsyslog.conf configuration file for rsyslog
#
# For more information install rsyslog-doc and see
# /usr/share/doc/rsyslog-doc/html/configuration/index.html
#################
#### MODULES ####
#################
module(load="imuxsock") # provides support for local system logging
module(load="imklog") # provides kernel logging support
#module(load="immark") # provides --MARK-- message capability
# provides UDP syslog reception
module(load="imudp")
input(type="imudp" port="514")
# provides TCP syslog reception
#module(load="imtcp")
#input(type="imtcp" port="514")
###########################
#### GLOBAL DIRECTIVES ####
###########################
#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
#
# Set the default permissions for all log files.
#
$FileOwner root
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
#
# Where to place spool and state files
#
$WorkDirectory /var/spool/rsyslog
#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf
###############
#### RULES ####
###############
#
# First some standard log files. Log by facility.
#
auth,authpriv.* /var/log/auth.log
*.*;auth,authpriv.none -/var/log/syslog
#cron.* /var/log/cron.log
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
lpr.* -/var/log/lpr.log
mail.* -/var/log/mail.log
user.* -/var/log/user.log
#
# Logging for the mail system. Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info -/var/log/mail.info
mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
#
# Some "catch-all" log files.
#
*.=debug;\
auth,authpriv.none;\
mail.none -/var/log/debug
*.=info;*.=notice;*.=warn;\
auth,authpriv.none;\
cron,daemon.none;\
mail.none -/var/log/messages
#
# Emergencies are sent to everybody logged in.
#
*.emerg :omusrmsg:*

94
Mission1/Syslog/rsyslogwiki.conf Normal file
View File

@ -0,0 +1,94 @@
# /etc/rsyslog.conf configuration file for rsyslog
#
# For more information install rsyslog-doc and see
# /usr/share/doc/rsyslog-doc/html/configuration/index.html
#################
#### MODULES ####
#################
module(load="imuxsock") # provides support for local system logging
module(load="imklog") # provides kernel logging support
#module(load="immark") # provides --MARK-- message capability
# provides UDP syslog reception
#module(load="imudp")
#input(type="imudp" port="514")
# provides TCP syslog reception
#module(load="imtcp")
#input(type="imtcp" port="514")
###########################
#### GLOBAL DIRECTIVES ####
###########################
#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
#
# Set the default permissions for all log files.
#
$FileOwner root
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
#
# Where to place spool and state files
#
$WorkDirectory /var/spool/rsyslog
#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf
###############
#### RULES ####
###############
#
# First some standard log files. Log by facility.
#
auth,authpriv.* /var/log/auth.log
*.*;auth,authpriv.none -/var/log/syslog
#cron.* /var/log/cron.log
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
lpr.* -/var/log/lpr.log
mail.* -/var/log/mail.log
user.* -/var/log/user.log
#
# Logging for the mail system. Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info -/var/log/mail.info
mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
#
# Some "catch-all" log files.
#
*.=debug;\
auth,authpriv.none;\
mail.none -/var/log/debug
*.=info;*.=notice;*.=warn;\
auth,authpriv.none;\
cron,daemon.none;\
mail.none -/var/log/messages
#
# Emergencies are sent to everybody logged in.
#
*.emerg :omusrmsg:*
*.* 10.121.38.35:514

0
goss/goss.yaml → Mission1/goss-prod/goss.yaml
View File

38
Mission1/goss-wiki/goss.yaml Normal file
View File

@ -0,0 +1,38 @@
package:
git:
installed: true
versions:
- 1:2.30.2-1
snmpd:
installed: true
versions:
- 5.9+dfsg-3+b1
ssh:
installed: true
versions:
- 1:8.4p1-5
service:
apache2:
enabled: true
running: true
ssh:
enabled: true
running: false
group:
ssh:
exists: true
gid: 108
interface:
eth0:
exists: true
addrs:
- 10.121.38.75/24
- fe80::5877:9eff:fef2:d478/64
mtu: 1500
http:
http://10.121.38.75/dokuwiki:
status: 200
allow-insecure: false
no-follow-redirects: false
timeout: 5000
body: []

1395
Mission1/nagios/nagios.cfg Normal file
View File

File diff suppressed because it is too large Load Diff

37
Mission1/nagios/objects/ap35prod.cfg Normal file
View File

@ -0,0 +1,37 @@
define host {
use linux-server
host_name ap35prod
alias ap35prod
address 10.121.38.74
parents pxap35
}
define service{
use generic-service
hostgroup_name linux-servers
service_description SSH
check_command check_ssh
}
define service{
use generic-service ;Use generic-service template
host_name ap35prod ; S'applique au groupe en question
service_description chk-lin-load ; Nom du service
check_command check_lin_load!public!--v2c!netsl!3,2,2!5,4,3 ; Command
}
define service{
use generic-service
host_name ap35prod
service_description port_8080
check_command check_http_port!8080
}
define service{
use generic-service
host_name ap35prod
service_description chk-mem-load
check_command check_mem!public!--v2c!-N!90,20!99,70
}
define service{
use generic-service
host_name ap35prod
service_description chk-storage
check_command check_storage!public!--v2c!"^/$|tmp|usr|var|home"!85!95
}

37
Mission1/nagios/objects/ap35wiki.cfg Normal file
View File

@ -0,0 +1,37 @@
define host {
use linux-server
host_name ap35wiki
alias ap35wiki
address 10.121.38.75
parents pxap35
}
define service{
use generic-service
hostgroup_name linux-servers
service_description SSH
check_command check_ssh
}
define service{
use generic-service ;Use generic-service template
host_name ap35wiki; S'applique au groupe en question
service_description chk-lin-load ; Nom du service
check_command check_lin_load!public!--v2c!netsl!3,2,2!5,4,3 ; Command
}
define service{
use generic-service
host_name ap35wiki
service_description chk-mem-load
check_command check_mem!public!--v2c!-N!90,20!99,70
}
define service{
use generic-service
host_name ap35wiki
service_description chk-storage
check_command check_storage!public!--v2c!"^/$|tmp|usr|var|home"!85!95
}
define service{
use generic-service
host_name ap35wiki
service_description HTTP
check_command check_http
}

311
Mission1/nagios/objects/commands.cfg Normal file
View File

@ -0,0 +1,311 @@
###############################################################################
# COMMANDS.CFG - SAMPLE COMMAND DEFINITIONS FOR NAGIOS 4.4.6
#
#
# NOTES: This config file provides you with some example command definitions
# that you can reference in host, service, and contact definitions.
#
# You don't need to keep commands in a separate file from your other
# object definitions. This has been done just to make things easier to
# understand.
#
###############################################################################
################################################################################
#
# SAMPLE NOTIFICATION COMMANDS
#
# These are some example notification commands. They may or may not work on
# your system without modification. As an example, some systems will require
# you to use "/usr/bin/mailx" instead of "/usr/bin/mail" in the commands below.
#
################################################################################
define command {
command_name notify-host-by-email
command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" $CONTACTEMAIL$
}
define command {
command_name notify-service-by-email
command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$
}
define command {
command_name check_http_port
command_line /usr/lib/nagios/plugins/check_http -p '$ARG1$' '$HOSTADDRESS$'
}
define command {
command_name check_lin_load
command_line $USER1$/check_snmp_load.pl -H $HOSTADDRESS$ -C $ARG1$ $ARG2$ -T $ARG3$ -w $ARG4$ -c $ARG5$
}
define command {
command_name check_mem
command_line $USER1$/check_snmp_mem.pl -H $HOSTADDRESS$ -C $ARG1$ $ARG2$ $ARG3$ -w $ARG4$ -c $ARG5$
}
define command {
command_name check_storage
command_line $USER1$/check_snmp_storage.pl -H $HOSTADDRESS$ -C $ARG1$ $ARG2$ -m $ARG3$ -w $ARG4$ -c $ARG5$
}
################################################################################
#
# SAMPLE HOST CHECK COMMANDS
#
################################################################################
# Removed in Debian because it conflicts with the command of the same name
# defined in ping.cfg, which is part of monitoring-plugins-basic.
#
## This command checks to see if a host is "alive" by pinging it
## The check must result in a 100% packet loss or 5 second (5000ms) round trip
## average time to produce a critical error.
## Note: Five ICMP echo packets are sent (determined by the '-p 5' argument)
#
#define command {
#
# command_name check-host-alive
# command_line $USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5
#}
################################################################################
#
# SAMPLE SERVICE CHECK COMMANDS
#
# These are some example service check commands. They may or may not work on
# your system, as they must be modified for your plugins. See the HTML
# documentation on the plugins for examples of how to configure command definitions.
#
# NOTE: The following 'check_local_...' functions are designed to monitor
# various metrics on the host that Nagios is running on (i.e. this one).
################################################################################
define command {
command_name check_local_disk
command_line $USER1$/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
}
define command {
command_name check_local_load
command_line $USER1$/check_load -w $ARG1$ -c $ARG2$
}
define command {
command_name check_local_procs
command_line $USER1$/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$
}
define command {
command_name check_local_users
command_line $USER1$/check_users -w $ARG1$ -c $ARG2$
}
define command {
command_name check_local_swap
command_line $USER1$/check_swap -w $ARG1$ -c $ARG2$
}
define command {
command_name check_local_mrtgtraf
command_line $USER1$/check_mrtgtraf -F $ARG1$ -a $ARG2$ -w $ARG3$ -c $ARG4$ -e $ARG5$
}
################################################################################
# NOTE: The following 'check_...' commands are used to monitor services on
# both local and remote hosts.
################################################################################
# Removed in Debian because it conflicts with the command of the same of
# defined in ftp.cfg, which is part of monitoring-plugins-basic.
#
#define command {
#
# command_name check_ftp
# command_line $USER1$/check_ftp -H $HOSTADDRESS$ $ARG1$
#}
# Removed in Debian because it conflicts with the command of the same of
# defined in hppjd.cfg, which is part of monitoring-plugins-standard.
#
#define command {
#
# command_name check_hpjd
# command_line $USER1$/check_hpjd -H $HOSTADDRESS$ $ARG1$
#}
define command {
command_name check_snmp
command_line $USER1$/check_snmp -H $HOSTADDRESS$ $ARG1$
}
# Removed in Debian because it conflicts with the command of the same of
# defined in http.cfg, which is part of monitoring-plugins-basic.
#
#define command {
#
# command_name check_http
# command_line $USER1$/check_http -I $HOSTADDRESS$ $ARG1$
#}
# Removed in Debian because it conflicts with the command of the same of
# defined in ssh.cfg, which is part of monitoring-plugins-basic.
#
#define command {
#
# command_name check_ssh
# command_line $USER1$/check_ssh $ARG1$ $HOSTADDRESS$
#}
# Removed in Debian because it conflicts with the command of the same of
# defined in dhcp.cfg, which is part of monitoring-plugins-basic.
#
#define command {
#
# command_name check_dhcp
# command_line $USER1$/check_dhcp $ARG1$
#}
# Removed in Debian because it conflicts with the command of the same of
# defined in ping.cfg, which is part of monitoring-plugins-basic.
#
#define command {
#
# command_name check_ping
# command_line $USER1$/check_ping -H $HOSTADDRESS$ -w $ARG1$ -c $ARG2$ -p 5
#}
# Removed in Debian because it conflicts with the command of the same of
# defined in mail.cfg, which is part of monitoring-plugins-basic.
#
#define command {
#
# command_name check_pop
# command_line $USER1$/check_pop -H $HOSTADDRESS$ $ARG1$
#}
# Removed in Debian because it conflicts with the command of the same of
# defined in mail.cfg, which is part of monitoring-plugins-basic.
#
#define command {
#
# command_name check_imap
# command_line $USER1$/check_imap -H $HOSTADDRESS$ $ARG1$
#}
# Removed in Debian because it conflicts with the command of the same of
# defined in mail.cfg, which is part of monitoring-plugins-basic.
#
#define command {
#
# command_name check_smtp
# command_line $USER1$/check_smtp -H $HOSTADDRESS$ $ARG1$
#}
# Removed in Debian because it conflicts with the command of the same of
# defined in tcp_ucp.cfg, which is part of monitoring-plugins-basic.
#
#define command {
#
# command_name check_tcp
# command_line $USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ $ARG2$
#}
# Removed in Debian because it conflicts with the command of the same of
# defined in tcp_ucp.cfg, which is part of monitoring-plugins-basic.
#
#define command {
#
# command_name check_udp
# command_line $USER1$/check_udp -H $HOSTADDRESS$ -p $ARG1$ $ARG2$
#}
# Removed in Debian because it conflicts with the command of the same of
# defined in nt.cfg, which is part of monitoring-plugins-standard.
#
#define command {
#
# command_name check_nt
# command_line $USER1$/check_nt -H $HOSTADDRESS$ -p 12489 -v $ARG1$ $ARG2$
#}
################################################################################
#
# SAMPLE PERFORMANCE DATA COMMANDS
#
# These are sample performance data commands that can be used to send performance
# data output to two text files (one for hosts, another for services). If you
# plan on simply writing performance data out to a file, consider using the
# host_perfdata_file and service_perfdata_file options in the main config file.
#
################################################################################
define command {
command_name process-host-perfdata
command_line /usr/bin/printf "%b" "$LASTHOSTCHECK$\t$HOSTNAME$\t$HOSTSTATE$\t$HOSTATTEMPT$\t$HOSTSTATETYPE$\t$HOSTEXECUTIONTIME$\t$HOSTOUTPUT$\t$HOSTPERFDATA$\n" >> /var/lib/nagios4/host-perfdata.out
}
define command {
command_name process-service-perfdata
command_line /usr/bin/printf "%b" "$LASTSERVICECHECK$\t$HOSTNAME$\t$SERVICEDESC$\t$SERVICESTATE$\t$SERVICEATTEMPT$\t$SERVICESTATETYPE$\t$SERVICEEXECUTIONTIME$\t$SERVICELATENCY$\t$SERVICEOUTPUT$\t$SERVICEPERFDATA$\n" >> /var/lib/nagios4/service-perfdata.out
}

51
Mission1/nagios/objects/contacts.cfg Normal file
View File

@ -0,0 +1,51 @@
###############################################################################
# CONTACTS.CFG - SAMPLE CONTACT/CONTACTGROUP DEFINITIONS
#
#
# NOTES: This config file provides you with some example contact and contact
# group definitions that you can reference in host and service
# definitions.
#
# You don't need to keep these definitions in a separate file from your
# other object definitions. This has been done just to make things
# easier to understand.
#
###############################################################################
###############################################################################
#
# CONTACTS
#
###############################################################################
# Just one contact defined by default - the Nagios admin (that's you)
# This contact definition inherits a lot of default values from the
# 'generic-contact' template which is defined elsewhere.
define contact {
contact_name nagiosadmin ; Short name of user
use generic-contact ; Inherit default values from generic-contact template (defined above)
alias Nagios Admin ; Full name of user
email lucas.dubief01@gmail.com ; <<***** CHANGE THIS TO YOUR EMAIL ADDRESS ******
}
###############################################################################
#
# CONTACT GROUPS
#
###############################################################################
# We only have one contact in this simple configuration file, so there is
# no need to create more than one contact group.
define contactgroup {
contactgroup_name admins
alias Nagios Administrators
members nagiosadmin
}

6
Mission1/nagios/objects/gwsio5.cfg Normal file
View File

@ -0,0 +1,6 @@
define host {
use linux-server
host_name gwsio5
alias gwsio5
address 192.168.0.1
}

7
Mission1/nagios/objects/hostgroup.cfg Normal file
View File

@ -0,0 +1,7 @@
define hostgroup {
hostgroup_name linux-servers
alias Linux Servers
members ap35prod, ap35wiki, pxap35, gwsio5, pve
}

127
Mission1/nagios/objects/localhost.cfg Normal file
View File

@ -0,0 +1,127 @@
###############################################################################
# LOCALHOST.CFG - SAMPLE OBJECT CONFIG FILE FOR MONITORING THIS MACHINE
#
#
# NOTE: This config file is intended to serve as an *extremely* simple
# example of how you can create configuration entries to monitor
# the local (Linux) machine.
#
###############################################################################
define host {
use linux-server ; Name of host template to use
host_name localhost
alias localhost
address 127.0.0.1
}
###############################################################################
#
# SERVICE DEFINITIONS
#
###############################################################################
# Define a service to "ping" the local machine
define service {
use local-service ; Name of service template to use
host_name localhost
service_description PING
check_command check_ping!100.0,20%!500.0,60%
}
# Define a service to check the disk space of the root partition
# on the local machine. Warning if < 20% free, critical if
# < 10% free space on partition.
define service {
use local-service ; Name of service template to use
host_name localhost
service_description Root Partition
check_command check_local_disk!20%!10%!/
}
# Define a service to check the number of currently logged in
# users on the local machine. Warning if > 20 users, critical
# if > 50 users.
define service {
use local-service ; Name of service template to use
host_name localhost
service_description Current Users
check_command check_local_users!20!50
}
# Define a service to check the number of currently running procs
# on the local machine. Warning if > 250 processes, critical if
# > 400 processes.
define service {
use local-service ; Name of service template to use
host_name localhost
service_description Total Processes
check_command check_local_procs!250!400!RSZDT
}
# Define a service to check the load on the local machine.
define service {
use local-service ; Name of service template to use
host_name localhost
service_description Current Load
check_command check_local_load!5.0,4.0,3.0!10.0,6.0,4.0
}
# Define a service to check the swap usage the local machine.
# Critical if less than 10% of swap is free, warning if less than 20% is free
define service {
use local-service ; Name of service template to use
host_name localhost
service_description Swap Usage
check_command check_local_swap!20%!10%
}
# Define a service to check SSH on the local machine.
# Disable notifications for this service by default, as not all users may have SSH enabled.
define service {
use local-service ; Name of service template to use
host_name localhost
service_description SSH
check_command check_ssh
notifications_enabled 0
}
# Define a service to check HTTP on the local machine.
# Disable notifications for this service by default, as not all users may have HTTP enabled.
define service {
use local-service ; Name of service template to use
host_name localhost
service_description HTTP
check_command check_http
notifications_enabled 0
}

82
Mission1/nagios/objects/printer.cfg Normal file
View File

@ -0,0 +1,82 @@
###############################################################################
# PRINTER.CFG - SAMPLE CONFIG FILE FOR MONITORING A NETWORK PRINTER
#
#
# NOTES: This config file assumes that you are using the sample configuration
# files that get installed with the Nagios quickstart guide.
#
###############################################################################
###############################################################################
#
# HOST DEFINITIONS
#
###############################################################################
# Define a host for the printer we'll be monitoring
# Change the host_name, alias, and address to fit your situation
define host {
use generic-printer ; Inherit default values from a template
host_name hplj2605dn ; The name we're giving to this printer
alias HP LaserJet 2605dn ; A longer name associated with the printer
address 192.168.1.30 ; IP address of the printer
hostgroups network-printers ; Host groups this printer is associated with
}
###############################################################################
#
# HOST GROUP DEFINITIONS
#
###############################################################################
# A hostgroup for network printers
define hostgroup {
hostgroup_name network-printers ; The name of the hostgroup
alias Network Printers ; Long name of the group
}
###############################################################################
#
# SERVICE DEFINITIONS
#
###############################################################################
# Create a service for monitoring the status of the printer
# Change the host_name to match the name of the host you defined above
# If the printer has an SNMP community string other than "public",
# change the check_command directive to reflect that
define service {
use generic-service ; Inherit values from a template
host_name hplj2605dn ; The name of the host the service is associated with
service_description Printer Status ; The service description
check_command check_hpjd!-C public ; The command used to monitor the service
check_interval 10 ; Check the service every 10 minutes under normal conditions
retry_interval 1 ; Re-check the service every minute until its final/hard state is determined
}
# Create a service for "pinging" the printer occasionally.
# Useful for monitoring RTA, packet loss, etc.
define service {
use generic-service
host_name hplj2605dn
service_description PING
check_command check_ping!3000.0,80%!5000.0,100%
check_interval 10
retry_interval 1
}

7
Mission1/nagios/objects/pve.cfg Normal file
View File

@ -0,0 +1,7 @@
define host {
use linux-server
host_name pve
alias pve
address 10.121.38.35
parents gwsio5
}

7
Mission1/nagios/objects/pxap35.cfg Normal file
View File

@ -0,0 +1,7 @@
define host {
use linux-server
host_name pxap35
alias pxap35
address 10.121.38.65
parents pve
}

99
Mission1/nagios/objects/switch.cfg Normal file
View File

@ -0,0 +1,99 @@
###############################################################################
# SWITCH.CFG - SAMPLE CONFIG FILE FOR MONITORING A SWITCH
#
#
# NOTES: This config file assumes that you are using the sample configuration
# files that get installed with the Nagios quickstart guide.
#
###############################################################################
###############################################################################
#
# HOST DEFINITIONS
#
###############################################################################
# Define the switch that we'll be monitoring
define host {
use generic-switch ; Inherit default values from a template
host_name linksys-srw224p ; The name we're giving to this switch
alias Linksys SRW224P Switch ; A longer name associated with the switch
address 192.168.1.253 ; IP address of the switch
hostgroups switches ; Host groups this switch is associated with
}
###############################################################################
#
# HOST GROUP DEFINITIONS
#
###############################################################################
# Create a new hostgroup for switches
define hostgroup {
hostgroup_name switches ; The name of the hostgroup
alias Network Switches ; Long name of the group
}
###############################################################################
#
# SERVICE DEFINITIONS
#
###############################################################################
# Create a service to PING to switch
define service {
use generic-service ; Inherit values from a template
host_name linksys-srw224p ; The name of the host the service is associated with
service_description PING ; The service description
check_command check_ping!200.0,20%!600.0,60% ; The command used to monitor the service
check_interval 5 ; Check the service every 5 minutes under normal conditions
retry_interval 1 ; Re-check the service every minute until its final/hard state is determined
}
# Monitor uptime via SNMP
define service {
use generic-service ; Inherit values from a template
host_name linksys-srw224p
service_description Uptime
check_command check_snmp!-C public -o sysUpTime.0
}
# Monitor Port 1 status via SNMP
define service {
use generic-service ; Inherit values from a template
host_name linksys-srw224p
service_description Port 1 Link Status
check_command check_snmp!-C public -o ifOperStatus.1 -r 1 -m RFC1213-MIB
}
# Monitor bandwidth via MRTG logs
define service {
use generic-service ; Inherit values from a template
host_name linksys-srw224p
service_description Port 1 Bandwidth Usage
check_command check_local_mrtgtraf!/var/lib/mrtg/192.168.1.253_1.log!AVG!1000000,1000000!5000000,5000000!10
}

198
Mission1/nagios/objects/templates.cfg Normal file
View File

@ -0,0 +1,198 @@
###############################################################################
# TEMPLATES.CFG - SAMPLE OBJECT TEMPLATES
#
#
# NOTES: This config file provides you with some example object definition
# templates that are referred by other host, service, contact, etc.
# definitions in other config files.
#
# You don't need to keep these definitions in a separate file from your
# other object definitions. This has been done just to make things
# easier to understand.
#
###############################################################################
###############################################################################
#
# CONTACT TEMPLATES
#
###############################################################################
# Generic contact definition template
# This is NOT a real contact, just a template!
define contact {
name generic-contact ; The name of this contact template
service_notification_period 24x7 ; service notifications can be sent anytime
host_notification_period 24x7 ; host notifications can be sent anytime
service_notification_options w,u,c,r,f,s ; send notifications for all service states, flapping events, and scheduled downtime events
host_notification_options d,u,r,f,s ; send notifications for all host states, flapping events, and scheduled downtime events
service_notification_commands notify-service-by-email ; send service notifications via email
host_notification_commands notify-host-by-email ; send host notifications via email
register 0 ; DON'T REGISTER THIS DEFINITION - ITS NOT A REAL CONTACT, JUST A TEMPLATE!
}
###############################################################################
#
# HOST TEMPLATES
#
###############################################################################
# Generic host definition template
# This is NOT a real host, just a template!
define host {
name generic-host ; The name of this host template
notifications_enabled 1 ; Host notifications are enabled
event_handler_enabled 1 ; Host event handler is enabled
flap_detection_enabled 1 ; Flap detection is enabled
process_perf_data 1 ; Process performance data
retain_status_information 1 ; Retain status information across program restarts
retain_nonstatus_information 1 ; Retain non-status information across program restarts
notification_period 24x7 ; Send host notifications at any time
register 0 ; DON'T REGISTER THIS DEFINITION - ITS NOT A REAL HOST, JUST A TEMPLATE!
}
# Linux host definition template
# This is NOT a real host, just a template!
define host {
name linux-server ; The name of this host template
use generic-host ; This template inherits other values from the generic-host template
check_period 24x7 ; By default, Linux hosts are checked round the clock
check_interval 5 ; Actively check the host every 5 minutes
retry_interval 1 ; Schedule host check retries at 1 minute intervals
max_check_attempts 10 ; Check each Linux host 10 times (max)
check_command check-host-alive ; Default command to check Linux hosts
notification_period workhours ; Linux admins hate to be woken up, so we only notify during the day
; Note that the notification_period variable is being overridden from
; the value that is inherited from the generic-host template!
notification_interval 120 ; Resend notifications every 2 hours
notification_options d,u,r ; Only send notifications for specific host states
contact_groups admins ; Notifications get sent to the admins by default
register 0 ; DON'T REGISTER THIS DEFINITION - ITS NOT A REAL HOST, JUST A TEMPLATE!
}
# Windows host definition template
# This is NOT a real host, just a template!
define host {
name windows-server ; The name of this host template
use generic-host ; Inherit default values from the generic-host template
check_period 24x7 ; By default, Windows servers are monitored round the clock
check_interval 5 ; Actively check the server every 5 minutes
retry_interval 1 ; Schedule host check retries at 1 minute intervals
max_check_attempts 10 ; Check each server 10 times (max)
check_command check-host-alive ; Default command to check if servers are "alive"
notification_period 24x7 ; Send notification out at any time - day or night
notification_interval 30 ; Resend notifications every 30 minutes
notification_options d,r ; Only send notifications for specific host states
contact_groups admins ; Notifications get sent to the admins by default
hostgroups windows-servers ; Host groups that Windows servers should be a member of
register 0 ; DON'T REGISTER THIS - ITS JUST A TEMPLATE
}
# We define a generic printer template that can
# be used for most printers we monitor
define host {
name generic-printer ; The name of this host template
use generic-host ; Inherit default values from the generic-host template
check_period 24x7 ; By default, printers are monitored round the clock
check_interval 5 ; Actively check the printer every 5 minutes
retry_interval 1 ; Schedule host check retries at 1 minute intervals
max_check_attempts 10 ; Check each printer 10 times (max)
check_command check-host-alive ; Default command to check if printers are "alive"
notification_period workhours ; Printers are only used during the workday
notification_interval 30 ; Resend notifications every 30 minutes
notification_options d,r ; Only send notifications for specific host states
contact_groups admins ; Notifications get sent to the admins by default
register 0 ; DON'T REGISTER THIS - ITS JUST A TEMPLATE
}
# Define a template for switches that we can reuse
define host {
name generic-switch ; The name of this host template
use generic-host ; Inherit default values from the generic-host template
check_period 24x7 ; By default, switches are monitored round the clock
check_interval 5 ; Switches are checked every 5 minutes
retry_interval 1 ; Schedule host check retries at 1 minute intervals
max_check_attempts 10 ; Check each switch 10 times (max)
check_command check-host-alive ; Default command to check if routers are "alive"
notification_period 24x7 ; Send notifications at any time
notification_interval 30 ; Resend notifications every 30 minutes
notification_options d,r ; Only send notifications for specific host states
contact_groups admins ; Notifications get sent to the admins by default
register 0 ; DON'T REGISTER THIS - ITS JUST A TEMPLATE
}
###############################################################################
#
# SERVICE TEMPLATES
#
###############################################################################
# Generic service definition template
# This is NOT a real service, just a template!
define service {
name generic-service ; The 'name' of this service template
active_checks_enabled 1 ; Active service checks are enabled
passive_checks_enabled 1 ; Passive service checks are enabled/accepted
parallelize_check 1 ; Active service checks should be parallelized (disabling this can lead to major performance problems)
obsess_over_service 1 ; We should obsess over this service (if necessary)
check_freshness 0 ; Default is to NOT check service 'freshness'
notifications_enabled 1 ; Service notifications are enabled
event_handler_enabled 1 ; Service event handler is enabled
flap_detection_enabled 1 ; Flap detection is enabled
process_perf_data 1 ; Process performance data
retain_status_information 1 ; Retain status information across program restarts
retain_nonstatus_information 1 ; Retain non-status information across program restarts
is_volatile 0 ; The service is not volatile
check_period 24x7 ; The service can be checked at any time of the day
max_check_attempts 3 ; Re-check the service up to 3 times in order to determine its final (hard) state
check_interval 10 ; Check the service every 10 minutes under normal conditions
retry_interval 2 ; Re-check the service every two minutes until a hard state can be determined
contact_groups admins ; Notifications get sent out to everyone in the 'admins' group
notification_options w,u,c,r ; Send notifications about warning, unknown, critical, and recovery events
notification_interval 60 ; Re-notify about service problems every hour
notification_period 24x7 ; Notifications can be sent out at any time
register 0 ; DON'T REGISTER THIS DEFINITION - ITS NOT A REAL SERVICE, JUST A TEMPLATE!
}
# Local service definition template
# This is NOT a real service, just a template!
define service {
name local-service ; The name of this service template
use generic-service ; Inherit default values from the generic-service definition
max_check_attempts 4 ; Re-check the service up to 4 times in order to determine its final (hard) state
check_interval 5 ; Check the service every 5 minutes under normal conditions
retry_interval 1 ; Re-check the service every minute until a hard state can be determined
register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL SERVICE, JUST A TEMPLATE!
}

112
Mission1/nagios/objects/timeperiods.cfg Normal file
View File

@ -0,0 +1,112 @@
###############################################################################
# TIMEPERIODS.CFG - SAMPLE TIMEPERIOD DEFINITIONS
#
#
# NOTES: This config file provides you with some example timeperiod definitions
# that you can reference in host, service, contact, and dependency
# definitions.
#
# You don't need to keep timeperiods in a separate file from your other
# object definitions. This has been done just to make things easier to
# understand.
#
###############################################################################
###############################################################################
#
# TIMEPERIOD DEFINITIONS
#
###############################################################################
# This defines a timeperiod where all times are valid for checks,
# notifications, etc. The classic "24x7" support nightmare. :-)
define timeperiod {
name 24x7
timeperiod_name 24x7
alias 24 Hours A Day, 7 Days A Week
sunday 00:00-24:00
monday 00:00-24:00
tuesday 00:00-24:00
wednesday 00:00-24:00
thursday 00:00-24:00
friday 00:00-24:00
saturday 00:00-24:00
}
# This defines a timeperiod that is normal workhours for
# those of us monitoring networks and such in the U.S.
define timeperiod {
name workhours
timeperiod_name workhours
alias Normal Work Hours
monday 09:00-17:00
tuesday 09:00-17:00
wednesday 09:00-17:00
thursday 09:00-17:00
friday 09:00-17:00
}
# This defines the *perfect* check and notification
# timeperiod
define timeperiod {
name none
timeperiod_name none
alias No Time Is A Good Time
}
# Some U.S. holidays
# Note: The timeranges for each holiday are meant to *exclude* the holidays from being
# treated as a valid time for notifications, etc. You probably don't want your pager
# going off on New Year's. Although your employer might... :-)
define timeperiod {
name us-holidays
timeperiod_name us-holidays
alias U.S. Holidays
january 1 00:00-00:00 ; New Years
monday -1 may 00:00-00:00 ; Memorial Day (last Monday in May)
july 4 00:00-00:00 ; Independence Day
monday 1 september 00:00-00:00 ; Labor Day (first Monday in September)
thursday 4 november 00:00-00:00 ; Thanksgiving (4th Thursday in November)
december 25 00:00-00:00 ; Christmas
}
# This defines a modified "24x7" timeperiod that covers every day of the
# year, except for U.S. holidays (defined in the timeperiod above).
define timeperiod {
name 24x7_sans_holidays
timeperiod_name 24x7_sans_holidays
alias 24x7 Sans Holidays
use us-holidays ; Get holiday exceptions from other timeperiod
sunday 00:00-24:00
monday 00:00-24:00
tuesday 00:00-24:00
wednesday 00:00-24:00
thursday 00:00-24:00
friday 00:00-24:00
saturday 00:00-24:00
}

141
Mission1/nagios/objects/windows.cfg Normal file
View File

@ -0,0 +1,141 @@
###############################################################################
# WINDOWS.CFG - SAMPLE CONFIG FILE FOR MONITORING A WINDOWS MACHINE
#
#
# NOTES: This config file assumes that you are using the sample configuration
# files that get installed with the Nagios quickstart guide.
#
###############################################################################
###############################################################################
#
# HOST DEFINITIONS
#
###############################################################################
# Define a host for the Windows machine we'll be monitoring
# Change the host_name, alias, and address to fit your situation
define host {
use windows-server ; Inherit default values from a template
host_name winserver ; The name we're giving to this host
alias My Windows Server ; A longer name associated with the host
address 192.168.1.2 ; IP address of the host
}
###############################################################################
#
# HOST GROUP DEFINITIONS
#
###############################################################################
# Define a hostgroup for Windows machines
# All hosts that use the windows-server template will automatically be a member of this group
define hostgroup {
hostgroup_name windows-servers ; The name of the hostgroup
alias Windows Servers ; Long name of the group
}
###############################################################################
#
# SERVICE DEFINITIONS
#
###############################################################################
# Create a service for monitoring the version of NSCLient++ that is installed
# Change the host_name to match the name of the host you defined above
define service {
use generic-service
host_name winserver
service_description NSClient++ Version
check_command check_nt!CLIENTVERSION
}
# Create a service for monitoring the uptime of the server
# Change the host_name to match the name of the host you defined above
define service {
use generic-service
host_name winserver
service_description Uptime
check_command check_nt!UPTIME
}
# Create a service for monitoring CPU load
# Change the host_name to match the name of the host you defined above
define service {
use generic-service
host_name winserver
service_description CPU Load
check_command check_nt!CPULOAD!-l 5,80,90
}
# Create a service for monitoring memory usage
# Change the host_name to match the name of the host you defined above
define service {
use generic-service
host_name winserver
service_description Memory Usage
check_command check_nt!MEMUSE!-w 80 -c 90
}
# Create a service for monitoring C:\ disk usage
# Change the host_name to match the name of the host you defined above
define service {
use generic-service
host_name winserver
service_description C:\ Drive Space
check_command check_nt!USEDDISKSPACE!-l c -w 80 -c 90
}
# Create a service for monitoring the W3SVC service
# Change the host_name to match the name of the host you defined above
define service {
use generic-service
host_name winserver
service_description W3SVC
check_command check_nt!SERVICESTATE!-d SHOWALL -l W3SVC
}
# Create a service for monitoring the Explorer.exe process
# Change the host_name to match the name of the host you defined above
define service {
use generic-service
host_name winserver
service_description Explorer
check_command check_nt!PROCSTATE!-d SHOWALL -l Explorer.exe
}

0
Prod/script.sh → Mission1/script-prod/script.sh
View File

9
Mission2/hosts Normal file
View File

@ -0,0 +1,9 @@
[localhost]
localhost
[test]
tomcattest
[proxsrv]
10.121.38.65

9
Mission2/mariadb-setup.yml Normal file
View File

@ -0,0 +1,9 @@
---
- name: Tomcat playbook
hosts: test
become: yes
become_method: sudo
remote_user: root
roles:
- mysql

13
Mission2/playbook.yml Normal file
View File

@ -0,0 +1,13 @@
---
- hosts: test
remote_user: root
become: yes
become_method: sudo
roles:
- tomcat
- mariadb
- mariadb_create_dump
- mariadb_create_usr
- mariadb_inject_dump
- openjdk

6
Mission2/roles/mariadb_create_dump/tasks/main.yml Normal file
View File

@ -0,0 +1,6 @@
- name: exportation du dump
copy:
src: db-sauv.sql.gz
dest: /tmp

5
Mission2/roles/mariadb_inject_dump/tasks/main.yml Normal file
View File

@ -0,0 +1,5 @@
- name: Restoration la base de données
community.mysql.mysql_db:
name: my_db
state: import
target: /tmp/db-sauv.sql.gz

22
Mission2/roles/mysql/handlers/main.yml Normal file
View File

@ -0,0 +1,22 @@
---
# handlers file for mariadb
- name: set mariadb log selinux
sefcontext:
target: '/var/log/mariadb(/.*)?'
setype: mysqld_log_t
state: present
- name: restart mariadb server
systemd:
name: "{{ mariadb_service }}"
state: restarted
enabled: yes
- name: Remove test database priviledges
command: mysql -u root -p{{ mysql_root_password }} -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'"
- name: Flush Priviliges
command: mysql -u root -p{{ mysql_root_password }} -e "FLUSH PRIVILEGES"
- name: Update repo cache
apt:
update_cache: yes

39
Mission2/roles/mysql/tasks/main.yml Normal file
View File

@ -0,0 +1,39 @@
- name: "[MYSQL] - update cache"
apt:
update_cache: yes
- name: "[MYSQL] - install"
apt:
name: mariadb-server
state: latest
- name: "[Python] - install"
apt:
name: python
state: latest
- name: "[MYSQL] - start mysql"
service:
name: "mysqld"
state: started
enabled: yes
- name: "[MYSQL] - create database"
community.mysql.mysql_db:
name:
- sdis29
state: present
- name: "[MYSQL] - create user"
mysql_user:
name: "dev"
password: "Azerty1+"
priv: "*.*:ALL"
host: "127.0.0.1"
become: yes
- name: Restoration la base de données
community.mysql.mysql_db:
name: my_db
state: import
target: /tmp/db-sauv.sql.gz

12
Mission2/roles/mysql/vars/debian.yml Normal file
View File

@ -0,0 +1,12 @@
mariadb_packages:
- mariadb-server
- mariadb-common
- python-mysqldb
- python-openssl
repo_software_package:
- software-properties-common
- dirmngr
- apt-transport-https
key_url: "https://mariadb.org/mariadb_release_signing_key.asc"
repo_deb: deb [arch=amd64] https://mirror.klaus-uwe.me/mariadb/repo/10.4/debian
mariadb_socket: /run/mysqld/mysqld.sock

8
Mission2/roles/openjdk/tasks/main.yml Normal file
View File

@ -0,0 +1,8 @@
---
- hosts: all
tasks:
- name: install openjdk-17
apt :
name: openjdk-17-jdk
state: present

3
Mission2/roles/tomcat/defaults/main.yml Normal file
View File

@ -0,0 +1,3 @@
---
tomcat_archive_url: https://dlcdn.apache.org/tomcat/tomcat-10/v10.0.13/bin/apache-tomcat-10.0.13.tar.gz
tomcat_archive_dest: /tmp/apache-tomcat-{{ tomcat_ver }}.tar.gz

4
Mission2/roles/tomcat/handlers/main.yml Normal file
View File

@ -0,0 +1,4 @@
- name: restart tomcat
service:
name: tomcat
state: restarted

8
Mission2/roles/tomcat/tasks/main.yaml Normal file
View File

@ -0,0 +1,8 @@
---
- name: Add the OS specific variables
include_vars: "{{ item }}"
with_first_found:
- "{{ ansible_distribution }}{{ ansible_distribution_major_version }}.yml"
- "{{ ansible_os_family }}.yml"
- include_tasks: "tomcat-setup-{{ ansible_os_family }}.yml"

85
Mission2/roles/tomcat/tasks/tomcat-setup-Debian.yml Normal file
View File

@ -0,0 +1,85 @@
- name: S'assurer que le système utilise le port HTTPS pour APT.
stat:
path: /usr/lib/apt/methods/https
register: apt_https_transport
- name: Installation APT HTTPS transport.
apt:
name: "apt-transport-https"
state: present
update_cache: yes
when: not apt_https_transport.stat.exists
- name: Installation packages basique
package:
name: ['vim','aptitude','bash-completion','tmux','tree','htop','wget','unzip','curl','git','python']
state: present
update_cache: yes
- name: Installation Java (Debian/Ubuntu)
apt:
name: default-jdk
state: present
- name: Ajout tomcat dans un groupe
group:
name: tomcat
- name: Ajout "tomcat" au user
user:
name: tomcat
group: tomcat
home: /usr/share/tomcat
createhome: no
system: yes
- name: Installation Tomcat
get_url:
url: "https://dlcdn.apache.org/tomcat/tomcat-10/v10.0.14/bin/apache-tomcat-10.0.14.tar.gz"
dest: "{{ tomcat_archive_dest }}"
- name: Création du répertoire tomcat
file:
path: /usr/share/tomcat
state: directory
owner: tomcat
group: tomcat
- name: Extraction archive de tomcat
unarchive:
src: "{{ tomcat_archive_dest }}"
dest: /usr/share/tomcat
owner: tomcat
group: tomcat
remote_src: yes
extra_opts: "--strip-components=1"
creates: /usr/share/tomcat/bin
- name: Copie tomcat fichier service*
template:
src: templates/tomcat.service.j2
dest: /etc/systemd/system/tomcat.service
when: ansible_service_mgr == "systemd"
- name: Démarrer et activé tomcat
service:
daemon_reload: yes
name: tomcat
state: started
enabled: yes
when: ansible_service_mgr == "systemd"
- name: Définir l'accès a l'interface utilisateur authentifié
template:
src: tomcat-users.xml.j2
dest: /usr/share/tomcat/conf/tomcat-users.xml
notify: restart tomcat
- name: Autoriser l'accès aux applications du gestionnaire et gestionnaire d'hote sur n'importe qu'elle IP
template:
src: context.xml.j2
dest: "{{ item }}"
with_items:
- /usr/share/tomcat/webapps/host-manager/META-INF/context.xml
- /usr/share/tomcat/webapps/manager/META-INF/context.xml
notify: restart tomcat

19
Mission2/roles/tomcat/templates/context.xml.j2 Normal file
View File

@ -0,0 +1,19 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<Context antiResourceLocking="false" privileged="true" >
</Context>

45
Mission2/roles/tomcat/templates/tomcat-users.xml.j2 Normal file
View File

@ -0,0 +1,45 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<tomcat-users xmlns="http://tomcat.apache.org/xml"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
version="1.0">
<!--
NOTE: By default, no user is included in the "manager-gui" role required
to operate the "/manager/html" web application. If you wish to use this app,
you must define such a user - the username and password are arbitrary. It is
strongly recommended that you do NOT use one of the users in the commented out
section below since they are intended for use with the examples web
application.
-->
<!--
NOTE: The sample user and role entries below are intended for use with the
examples web application. They are wrapped in a comment and thus are ignored
when reading this file. If you wish to configure these users for use with the
examples web application, do not forget to remove the <!.. ..> that surrounds
them. You will also need to set the passwords to something appropriate.
-->
<!-- user manager can access only manager section -->
<role rolename="manager-gui" />
<user username="{{ ui_manager_user }}" password="{{ ui_manager_pass }}" roles="manager-gui" />
<!-- user admin can access manager and admin section both -->
<role rolename="admin-gui" />
<user username="{{ ui_admin_username }}" password="{{ ui_admin_pass }}" roles="manager-gui,admin-gui" />
</tomcat-users>

22
Mission2/roles/tomcat/templates/tomcat.service.j2 Normal file
View File

@ -0,0 +1,22 @@
[Unit]
Description=Tomcat
After=syslog.target network.target
[Service]
Type=forking
User=tomcat
Group=tomcat
Environment=JAVA_HOME={{ JAVA_HOME }}
Environment='JAVA_OPTS=-Djava.awt.headless=true'
Environment=CATALINA_HOME=/usr/share/tomcat
Environment=CATALINA_BASE=/usr/share/tomcat
Environment=CATALINA_PID=/usr/share/tomcat/temp/tomcat.pid
ExecStart=/usr/share/tomcat/bin/catalina.sh start
ExecStop=/usr/share/tomcat/bin/catalina.sh stop
[Install]
WantedBy=multi-user.target

2
Mission2/roles/tomcat/vars/Debian.yml Normal file
View File

@ -0,0 +1,2 @@
---
JAVA_HOME: /usr/lib/jvm/default-java

15
Mission2/tomcat-setup.yml Normal file
View File

@ -0,0 +1,15 @@
---
- name: Tomcat playbook
hosts: test
become: yes
become_method: sudo
remote_user: root
vars:
tomcat_ver: 10.0.13
ui_manager_user: manager
ui_manager_pass: root
ui_admin_username: admin
ui_admin_pass: root
roles:
- tomcat