Suppression des fichiers .backup
This commit is contained in:
parent
b9e49d3933
commit
15212e0654
@ -1,32 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
|
|
||||||
# Vérifie si Zenity est installé, sinon l'installe
|
|
||||||
if ! command -v zenity &> /dev/null; then
|
|
||||||
echo "Zenity non trouvé, installation..."
|
|
||||||
sudo apt update && sudo apt install -y zenity
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Demande les infos via Zenity
|
|
||||||
IP_SERVER=$(zenity --entry --title "Configuration Serveur" --text "Entrez l'adresse IP du serveur :")
|
|
||||||
SSH_USER=$(zenity --entry --title "Configuration Serveur" --text "Entrez l'utilisateur SSH :")
|
|
||||||
SSH_PASS=$(zenity --password --title "Configuration Serveur" --text "Entrez le mot de passe SSH :")
|
|
||||||
SSH_PORT=$(zenity --entry --title "Configuration Serveur" --text "Entrez le port SSH (ex: 22) :" --entry-text "")
|
|
||||||
MATTERMOST_WEBHOOK=$(zenity --entry --title "Mattermost" --text "Entrez l'URL du webhook Mattermost :" --entry-text "https://mattermost.yeagerdan.com/hooks/c5nmzrf64fd33b1iqnm6zmt48o")
|
|
||||||
|
|
||||||
# Vérifie si les variables sont vides
|
|
||||||
if [[ -z "$IP_SERVER" || -z "$SSH_USER" || -z "$SSH_PASS" || -z "$SSH_PORT" || -z "$MATTERMOST_WEBHOOK" ]]; then
|
|
||||||
zenity --error --title "Erreur" --text "Toutes les informations sont requises !"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Crée le fichier d'inventaire dynamique
|
|
||||||
cat > inventory.ini <<EOL
|
|
||||||
[servers]
|
|
||||||
$IP_SERVER ansible_host=$IP_SERVER ansible_user=$SSH_USER ansible_password=$SSH_PASS ansible_port=$SSH_PORT ansible_become_password=$SSH_PASS
|
|
||||||
EOL
|
|
||||||
|
|
||||||
# Lancer le playbook Ansible
|
|
||||||
ansible-playbook -i inventory.ini playbooks/fail2ban.yml --extra-vars "ssh_port=$SSH_PORT mattermost_webhook=$MATTERMOST_WEBHOOK"
|
|
||||||
|
|
||||||
zenity --info --title "Installation terminée" --text "Fail2ban a été installé et configuré sur $IP_SERVER."
|
|
||||||
|
|
||||||
@ -1,49 +0,0 @@
|
|||||||
---
|
|
||||||
- name: Install and configure Fail2ban with Mattermost notifications
|
|
||||||
hosts: servers
|
|
||||||
become: yes
|
|
||||||
vars:
|
|
||||||
ssh_port: "{{ ssh_port }}"
|
|
||||||
ban_time: 1800
|
|
||||||
max_retry: 3
|
|
||||||
find_time: 600
|
|
||||||
mattermost_webhook: "{{ mattermost_webhook }}"
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
- name: Install Fail2ban
|
|
||||||
apt:
|
|
||||||
name: fail2ban
|
|
||||||
state: present
|
|
||||||
update_cache: yes
|
|
||||||
|
|
||||||
- name: Configure Fail2ban jail.local
|
|
||||||
copy:
|
|
||||||
dest: /etc/fail2ban/jail.local
|
|
||||||
content: |
|
|
||||||
[sshd]
|
|
||||||
enabled = true
|
|
||||||
port = {{ ssh_port }}
|
|
||||||
logpath = /var/log/auth.log
|
|
||||||
maxretry = 3
|
|
||||||
bantime = 1800
|
|
||||||
action = iptables-multiport[name=SSH, port={{ ssh_port }}, protocol=tcp]
|
|
||||||
mattermost
|
|
||||||
notify:
|
|
||||||
- Restart Fail2ban
|
|
||||||
|
|
||||||
- name: Create Mattermost action file
|
|
||||||
copy:
|
|
||||||
dest: /etc/fail2ban/action.d/mattermost.conf
|
|
||||||
content: |
|
|
||||||
[Definition]
|
|
||||||
actionstart =
|
|
||||||
actionstop =
|
|
||||||
actionban = curl -X POST -H 'Content-Type: application/json' --data '{"text": "🚨 Fail2ban a banni <ip> après trop d'échecs SSH 🚨"}' {{ mattermost_webhook }}
|
|
||||||
actionunban =
|
|
||||||
notify: Restart Fail2ban
|
|
||||||
|
|
||||||
handlers:
|
|
||||||
- name: Restart Fail2ban
|
|
||||||
systemd:
|
|
||||||
name: fail2ban
|
|
||||||
state: restarted
|
|
||||||
Loading…
x
Reference in New Issue
Block a user