GARAGENUM/ansible-server-garage
GARAGENUM/ansible-server-garage
15
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update ssh + README . todo

Browse Source
This commit is contained in:
Grégory Lebreton 2026-02-25 12:29:46 +01:00
parent 21ab63beaa
commit 059197500f
5 changed files with 19 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
README.md
View File

@ -59,8 +59,14 @@ sudo apt install ansible -y
- Editer le fichier `vars.yml` et renseigner le `user`, `ssh_port`, `admin_password` et l'`admin_email` - Editer le fichier `vars.yml` et renseigner le `user`, `ssh_port`, `admin_password` et l'`admin_email`
```bash ```bash
python3 -m venv venv \
&& . venv/bin/activate \
&& pip install passlib
# Générer l'admin password: # Générer l'admin password:
python3 -c "import crypt; print(crypt.crypt('monmotdepasse', crypt.mksalt(crypt.METHOD_SHA512)))" python3 - <<'EOF'
from passlib.hash import sha512_crypt
print(sha512_crypt.hash("monmotdepasse"))
EOF
``` ```
> Remplacer `monmotdepasse` par le mot de passe voulu > Remplacer `monmotdepasse` par le mot de passe voulu
@ -91,4 +97,6 @@ ansible-playbook -i hosts playbook.yml --user=username --extra-vars "ansible_sud
## TO DO ## TO DO
- [x] update sources.list for Debian 13 - [x] update sources.list for Debian 13
- [x] test - [x] test
- [ ] add remove gdm
- [ ] fail2ban ssh_dos port correction

4
hosts
View File

@ -1,8 +1,8 @@
#hosts #hosts
[garage-server] [garage-server]
92.243.24.17:22 192.168.1.50:22
[garage-server.vars] [garage-server.vars]
ansible_user=debian ansible_user=visiteur
#ansible_private_key_file=/home/greg/.ssh/private-key #ansible_private_key_file=/home/greg/.ssh/private-key

2
tasks/create_user.yml
View File

@ -3,7 +3,7 @@
- name: Créer un utilisateur - name: Créer un utilisateur
ansible.builtin.user: ansible.builtin.user:
name: "{{ admin_user }}" name: "{{ admin_user }}"
comment: "Utilisateur administrateur" comment: "Administrateur"
shell: /bin/bash shell: /bin/bash
groups: sudo groups: sudo
append: yes append: yes

0
templates/sshd_config.j2 → templates/ssh_config.j2
View File

12
vars.yml
View File

@ -1,15 +1,15 @@
--- ---
# User pour se connecter la première fois (sudoer) # User pour se connecter la première fois (sudoer)
user: debian user: visiteur
# User final (sudoers) # User final (sudoers)
admin_user: user admin_user: garage
# Obtenu avec la command: python3 -c "import crypt; print(crypt.crypt('monmotdepasse', crypt.mksalt(crypt.METHOD_SHA512)))" # Obtenu avec la command de génération du mdp admin
admin_user_password: '' admin_user_password: '$6$rounds=656000$SP1RLfw/.rwGDJrU$cbVw4rh395OAk.pgEjw3Apru4Af3Y3vgfRWXt1ihSSH2b.e6DcRsPerjPtTam8AuoBiCGrMxLXPxbPkvoSabA.'
# SSH port après configuration # SSH port après configuration
ssh_port: 47490 ssh_port: 22555
# Bantime pour la prison SSh (fail2ban) # Bantime pour la prison SSh (fail2ban)
bantime_seconds: 600 bantime_seconds: 600
admin_email: contact@domain.tld admin_email: admin@lgn.dev
ansible_python_interpreter: /usr/bin/python3 ansible_python_interpreter: /usr/bin/python3
domain: domain: