From 0e23c415925a28d51b3d0a0ebacdf5227545dd94 Mon Sep 17 00:00:00 2001 From: Stephane M B079 Date: Wed, 12 Feb 2025 11:54:52 +0100 Subject: [PATCH] =?UTF-8?q?Ansible:=20plusieurs=20=C3=A9l=C3=A9ments=20int?= =?UTF-8?q?=C3=A9ressants?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- 11-Ansible/Old/debian_fullserver_web.yml | 149 +++++++++++++++++++++ 11-Ansible/debian_fullserver_web.yml | 161 +++++++++++++++++++++++ 11-Ansible/install_fullserver_web.sh | 22 ++++ 3 files changed, 332 insertions(+) create mode 100644 11-Ansible/Old/debian_fullserver_web.yml create mode 100644 11-Ansible/debian_fullserver_web.yml create mode 100755 11-Ansible/install_fullserver_web.sh diff --git a/11-Ansible/Old/debian_fullserver_web.yml b/11-Ansible/Old/debian_fullserver_web.yml new file mode 100644 index 0000000..c7b8057 --- /dev/null +++ b/11-Ansible/Old/debian_fullserver_web.yml @@ -0,0 +1,149 @@ +- hosts: server_web + vars: + user: "smauro" + root_password: "testtest" + tasks: + # 1. Passer à root et installer sudo (si pas déjà installé) + - name: Passer à root et installer sudo + become: yes + become_user: root + become_method: su + command: apt install sudo -y + vars: + ansible_become_pass: "{{ root_password }}" + register: result + when: ansible_facts.packages['sudo'] is not defined + + - name: Afficher le résultat de l'installation de sudo + debug: + var: result + + # 2. Ajouter l'utilisateur au groupe sudo + - name: Ajouter l'utilisateur au groupe sudo + user: + name: "{{ user }}" + groups: sudo + append: yes + become: yes + become_user: root + when: ansible_facts.packages['sudo'] is defined + + # 3. Modifier le fichier sources.list + - name: Modifier le fichier sources.list + copy: + dest: /etc/apt/sources.list + content: | + deb http://deb.debian.org/debian/ bookworm main non-free-firmware + deb-src http://deb.debian.org/debian/ bookworm main non-free-firmware + + deb http://security.debian.org/debian-security bookworm-security main non-free-firmware + deb-src http://security.debian.org/debian-security bookworm-security main non-free-firmware + + # bookworm-updates, to get updates before a point release is made; + # see https://www.debian.org/doc/manuals/debian-reference/ch02.en.html#_updates_and_backports + deb http://deb.debian.org/debian/ bookworm-updates main non-free-firmware + deb-src http://deb.debian.org/debian/ bookworm-updates main non-free-firmware + become: yes + + # 4. Mettre à jour les paquets + - name: Mettre à jour les paquets + apt: + update_cache: yes + become: yes + + # 5. Configurer le hostname + - name: Configurer le hostname + hostname: + name: "Gitea" + become: yes + + # 6. Changer le mot de passe root + - name: Changer le mot de passe root + user: + name: root + password: "{{ root_password | password_hash('sha512') }}" + become: yes + + # 7. Configurer l'utilisateur smauro + - name: Configurer l'utilisateur smauro + user: + name: "{{ user }}" + password: "{{ root_password | password_hash('sha512') }}" + shell: /bin/bash + groups: sudo + state: present + become: yes + + - name: Installer les paquets nécessaires + apt: + name: ["sudo", "vim", "curl", "git", "htop", "gnupg", "apache2"] + state: present + become: yes + + # 8. Ajouter le dépôt Sury pour PHP 8.3 + #- name: Ajouter le dépôt Sury pour PHP 8.3 + #shell: echo "deb https://packages.sury.org/php/ bookworm main" | tee /etc/apt/sources.list.d/sury-php.list + #become: yes + + # 9. Ajouter la clé GPG du dépôt Sury + #- name: Ajouter la clé GPG du dépôt Sury via apt_key + # apt_key: + #url: https://packages.sury.org/php/apt.gpg + #state: present + #become: yes + + - name: Mettre à jour et upgrader le système + apt: + update_cache: yes + upgrade: dist + become: yes + + # 10. Installer PHP 8.3 et ses extensions + - name: Installer PHP 8.3 et modules requis + apt: + name: + - php8.3-cli + - php8.3-fpm + - php8.3-common + - php8.3-mbstring + - php8.3-xml + - php8.3-curl + - php8.3-zip + - php8.3-gd + - php8.3-mysql + state: present + become: yes + + - name: Redémarrer PHP 8.3-FPM + systemd: + name: php8.3-fpm + state: restarted + become: yes + + # 11. Configurer Apache avec PHP 8.3 + #- name: Activer PHP 8.3 dans Apache + #command: a2enmod php8.3 + #become: yes + + - name: Redémarrer Apache + systemd: + name: apache2 + state: restarted + become: yes + + - name: Activer les modules rewrite et expires dans Apache + command: a2enmod rewrite expires + become: yes + + - name: Redémarrer Apache après activation des modules + systemd: + name: apache2 + state: restarted + become: yes + + - name: Redémarrer la machine + reboot: + msg: "Redémarrage après configuration." + pre_reboot_delay: 5 + become: yes + diff --git a/11-Ansible/debian_fullserver_web.yml b/11-Ansible/debian_fullserver_web.yml new file mode 100644 index 0000000..2fd4ea4 --- /dev/null +++ b/11-Ansible/debian_fullserver_web.yml @@ -0,0 +1,161 @@ +- hosts: server_web + vars: + user: "smauro" + root_password: "testtest" + tasks: + # 1. Passer à root et installer sudo (si pas déjà installé) + - name: Passer à root et installer sudo + become: yes + become_user: root + become_method: su + command: apt install sudo -y + vars: + ansible_become_pass: "{{ root_password }}" + register: result + when: ansible_facts.packages['sudo'] is not defined + + - name: Afficher le résultat de l'installation de sudo + debug: + var: result + + # 2. Ajouter l'utilisateur au groupe sudo + - name: Ajouter l'utilisateur au groupe sudo + user: + name: "{{ user }}" + groups: sudo + append: yes + become: yes + become_user: root + when: ansible_facts.packages['sudo'] is defined + + # 3. Modifier le fichier sources.list + - name: Modifier le fichier sources.list + copy: + dest: /etc/apt/sources.list + content: | + deb http://deb.debian.org/debian/ bookworm main non-free-firmware + deb-src http://deb.debian.org/debian/ bookworm main non-free-firmware + + deb http://security.debian.org/debian-security bookworm-security main non-free-firmware + deb-src http://security.debian.org/debian-security bookworm-security main non-free-firmware + + # bookworm-updates, to get updates before a point release is made; + # see https://www.debian.org/doc/manuals/debian-reference/ch02.en.html#_updates_and_backports + deb http://deb.debian.org/debian/ bookworm-updates main non-free-firmware + deb-src http://deb.debian.org/debian/ bookworm-updates main non-free-firmware + become: yes + + # 4. Mettre à jour les paquets + - name: Mettre à jour les paquets + apt: + update_cache: yes + become: yes + + # 5. Configurer le hostname + - name: Configurer le hostname + hostname: + name: "{{ ansible_hostname }}" + become: yes + + # 6. Changer le mot de passe root + - name: Changer le mot de passe root + user: + name: root + password: "{{ root_password | password_hash('sha512') }}" + become: yes + + # 7. Configurer l'utilisateur smauro + - name: Configurer l'utilisateur smauro + user: + name: "{{ user }}" + password: "{{ root_password | password_hash('sha512') }}" + shell: /bin/bash + groups: sudo + state: present + become: yes + + - name: Installer les paquets nécessaires + apt: + name: ["sudo", "vim", "curl", "git", "htop", "gnupg", "apache2"] + state: present + become: yes + + - name: Installer les dépendances requises pour ajouter un dépôt + apt: + name: ["apt-transport-https", "ca-certificates", "lsb-release", "curl"] + state: present + become: yes + + + # 8. Ajouter le dépôt Sury pour PHP 8.3 + - name: Ajouter le dépôt Sury pour PHP 8.3 + shell: echo "deb https://packages.sury.org/php/ bookworm main" | tee /etc/apt/sources.list.d/sury-php.list + become: yes + + - name: Ajouter la clé GPG du dépôt Sury + shell: curl -fsSL https://packages.sury.org/php/apt.gpg | tee /etc/apt/trusted.gpg.d/sury-php.gpg > /dev/null + become: yes + + + - name: Mettre à jour et upgrader le système + apt: + update_cache: yes + upgrade: dist + become: yes + + # 10. Installer PHP 8.3 et ses extensions + - name: Installer PHP 8.3 et modules requis + apt: + name: + - php8.3-cli + - php8.3-fpm + - php8.3-common + - php8.3-mbstring + - php8.3-xml + - php8.3-curl + - php8.3-zip + - php8.3-gd + - php8.3-mysql + state: present + become: yes + + - name: Redémarrer PHP 8.3-FPM + systemd: + name: php8.3-fpm + state: restarted + become: yes + + # 11. Configurer Apache avec PHP 8.3 + #- name: Activer PHP 8.3 dans Apache + #command: a2enmod php8.3 + #become: yes + + - name: Redémarrer Apache + systemd: + name: apache2 + state: restarted + become: yes + + - name: Activer les modules rewrite et expires dans Apache + command: a2enmod rewrite expires + become: yes + + - name: Redémarrer Apache après activation des modules + systemd: + name: apache2 + state: restarted + become: yes + + - name: Redémarrer la machine + reboot: + msg: "Redémarrage après configuration." + pre_reboot_delay: 5 + become: yes + + - name: Remplacer "clean" par le hostname dans /etc/hosts + replace: + path: /etc/hosts + regexp: '\bclean\b' + replace: "{{ ansible_hostname }}" + become: yes + diff --git a/11-Ansible/install_fullserver_web.sh b/11-Ansible/install_fullserver_web.sh new file mode 100755 index 0000000..a99cc7a --- /dev/null +++ b/11-Ansible/install_fullserver_web.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +# Demande à l'utilisateur l'adresse IP et le hostname +read -p "Entrez l'adresse IP de la machine cible : " target_ip +read -p "Entrez le nouveau hostname : " ansible_hostname + +# Vérification que l'IP et le hostname ne sont pas vides +if [[ -z "$target_ip" || -z "$ansible_hostname" ]]; then + echo "Erreur : L'adresse IP et le hostname ne peuvent pas être vides." + exit 1 +fi + +# Créer un fichier d'inventaire dynamique +inventory_file="dynamic_inventory.ini" +echo "[server_web]" > $inventory_file +echo "$target_ip ansible_user=root ansible_ssh_pass=testtest" >> $inventory_file + +# Exécution du playbook avec les variables dynamiques +ansible-playbook -i "$inventory_file" -u root --ask-become-pass playbooks/debian_fullserver_web.yml -e "ansible_hostname=$ansible_hostname" + +# Supprimer le fichier d'inventaire dynamique après utilisation +rm -f $inventory_file