roles/clients/tasks/config.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98

- name: Installation des unités systemd divers
  copy:
    src: "{{ item }}"
    dest: /etc/systemd/system/
    mode: 0644
  with_items:
    - capslock-led-heartbeat.service
    - dnf-makecache.timer
  notify: reload systemd

- name: Installation des unités systemd de monitoring
  copy:
    src: "{{ item[0] }}-{{ item[1] }}.service"
    dest: /etc/systemd/system/
    mode: 0644
  with_nested:
    - [ 'arp-poisoning', 'arp-watcher' ]
    - [ 'eno1', 'enp6s0' ]
  notify: reload systemd

- name: Installation des unités systemd de capture
  copy:
    src: "passerelle-dump-{{ item }}.service"
    dest: /etc/systemd/system/
    mode: 0644
  with_items:
    - eno1
    - enp6s0
    - virbr0
  notify: reload systemd

- name: Installation des unités systemd de dev
  copy:
    src: "{{ item[0] }}-{{ item[1] }}.service"
    dest: /etc/systemd/system/
    mode: 0644
  with_nested:
    - [ 'apache', 'mariadb', 'memcached', 'php-fpm' ]
    - [ 'casper-site', 'cirrus', 'jays-site' ]
  notify: reload systemd

- name: Installation des variables credentials
  copy:
    src: "credentials/mariadb-{{ item }}.env"
    dest: /etc/
    mode: 0400
  with_items:
    - casper-site
    - cirrus
    - jays-site
  notify: reload systemd

- name: Configuration leds de dracut
  copy:
    src: led_modules.conf
    dest: /etc/dracut.conf.d/led_modules.conf
    mode: 0644

- name: Configuration leds modules du noyau
  copy:
    src: modules-load.d_led_modules.conf
    dest: /etc/modules-load.d/led_modules.conf
    mode: 0644

- name: Ettercap redirection iptables on
  lineinfile:
    dest: /etc/ettercap/etter.conf
    create: yes
    state: present
    line: 'redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"'

- name: Ettercap redirection iptables off
  lineinfile:
    dest: /etc/ettercap/etter.conf
    create: yes
    state: present
    line: 'redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"'

- name: Ettercap redirection iptables6 on
  lineinfile:
    dest: /etc/ettercap/etter.conf
    create: yes
    state: present
    line: 'redir6_command_on = "ip6tables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"'

- name: Ettercap redirection iptables6 off
  lineinfile:
    dest: /etc/ettercap/etter.conf
    create: yes
    state: present
    line: 'redir6_command_off = "ip6tables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"'

- name: Configuration audio de libvirtd
  lineinfile:
    dest: /etc/libvirt/qemu.conf
    create: yes
    state: present
    line: "vnc_allow_host_audio = 1"