From 059197500ff3fc53de8008797cf99838c301d10d Mon Sep 17 00:00:00 2001
From: greg <greg.lebreton@hotmail.com>
Date: Wed, 25 Feb 2026 12:29:46 +0100
Subject: [PATCH] update ssh + README . todo

---
 README.md                                   | 12 ++++++++++--
 hosts                                       |  4 ++--
 tasks/create_user.yml                       |  2 +-
 templates/{sshd_config.j2 => ssh_config.j2} |  0
 vars.yml                                    | 12 ++++++------
 5 files changed, 19 insertions(+), 11 deletions(-)
 rename templates/{sshd_config.j2 => ssh_config.j2} (100%)

diff --git a/README.md b/README.md
index ff4d00a..9bba895 100644
--- a/README.md
+++ b/README.md
@@ -59,8 +59,14 @@ sudo apt install ansible -y
 - Editer le fichier `vars.yml` et renseigner le `user`, `ssh_port`, `admin_password` et l'`admin_email`
 
 ```bash
+python3 -m venv venv \
+    && . venv/bin/activate \
+    && pip install passlib
 # Générer l'admin password:
-python3 -c "import crypt; print(crypt.crypt('monmotdepasse', crypt.mksalt(crypt.METHOD_SHA512)))"
+python3 - <<'EOF'
+from passlib.hash import sha512_crypt
+print(sha512_crypt.hash("monmotdepasse"))
+EOF
 ```
 > Remplacer `monmotdepasse` par le mot de passe voulu
 
@@ -91,4 +97,6 @@ ansible-playbook -i hosts playbook.yml --user=username --extra-vars "ansible_sud
 ## TO DO
 
 - [x] update sources.list for Debian 13
-- [x] test
\ No newline at end of file
+- [x] test
+- [ ] add remove gdm
+- [ ] fail2ban ssh_dos port correction
\ No newline at end of file
diff --git a/hosts b/hosts
index 0883e19..89410c4 100644
--- a/hosts
+++ b/hosts
@@ -1,8 +1,8 @@
 #hosts
 
 [garage-server]
-92.243.24.17:22
+192.168.1.50:22
 
 [garage-server.vars]
-ansible_user=debian
+ansible_user=visiteur
 #ansible_private_key_file=/home/greg/.ssh/private-key
diff --git a/tasks/create_user.yml b/tasks/create_user.yml
index 660c470..6ae0a27 100644
--- a/tasks/create_user.yml
+++ b/tasks/create_user.yml
@@ -3,7 +3,7 @@
 - name: Créer un utilisateur
   ansible.builtin.user:
     name: "{{ admin_user }}"
-    comment: "Utilisateur administrateur"
+    comment: "Administrateur"
     shell: /bin/bash
     groups: sudo
     append: yes
diff --git a/templates/sshd_config.j2 b/templates/ssh_config.j2
similarity index 100%
rename from templates/sshd_config.j2
rename to templates/ssh_config.j2
diff --git a/vars.yml b/vars.yml
index 94a9319..f13dcc4 100644
--- a/vars.yml
+++ b/vars.yml
@@ -1,15 +1,15 @@
 ---
 
 # User pour se connecter la première fois (sudoer)
-user: debian
+user: visiteur
 # User final (sudoers)
-admin_user: user
-# Obtenu avec la command: python3 -c "import crypt; print(crypt.crypt('monmotdepasse', crypt.mksalt(crypt.METHOD_SHA512)))"
-admin_user_password: ''
+admin_user: garage
+# Obtenu avec la command de génération du mdp admin
+admin_user_password: '$6$rounds=656000$SP1RLfw/.rwGDJrU$cbVw4rh395OAk.pgEjw3Apru4Af3Y3vgfRWXt1ihSSH2b.e6DcRsPerjPtTam8AuoBiCGrMxLXPxbPkvoSabA.'
 # SSH port après configuration
-ssh_port: 47490
+ssh_port: 22555
 # Bantime pour la prison SSh (fail2ban)
 bantime_seconds: 600
-admin_email: contact@domain.tld
+admin_email: admin@lgn.dev
 ansible_python_interpreter: /usr/bin/python3
 domain: 
\ No newline at end of file