1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
- name: Installation des unités systemd divers
copy:
src: "{{ item }}.service"
dest: /etc/systemd/system/
mode: 0644
loop:
- capslock-led-heartbeat
- cgroup-freezer-controller
notify: reload systemd
- name: Suppression des unités systemd de monitoring
file:
path: "/etc/systemd/system/{{ item[0] }}-{{ item[1] }}.service"
state: absent
loop: "{{ ['arp-poisoning', 'arp-watcher'] |product(['eno1', 'enp8s0'])|list }}"
notify: reload systemd
- name: Suppression des unités systemd de capture
file:
path: "/etc/systemd/system/passerelle-dump-{{ item }}.service"
state: absent
loop:
- eno1
- enp8s0
- virbr0
notify: reload systemd
- name: Suppression des unités systemd des sites
file:
path: "/etc/systemd/system/{{ item[0] }}-{{ item[1] }}.service"
state: absent
loop: "{{ ['apache', 'mariadb', 'memcached', 'php-fpm'] |product(['casper-site', 'jays-site'])|list }}"
notify: reload systemd
- name: Suppression des unités systemd pour dev
file:
path: "/etc/systemd/system/{{ item[0] }}-{{ item[1] }}.service"
state: absent
loop: "{{ ['apache-dev', 'php-fpm'] |product(['56', '70', '71', '72', '73', '74'])|list }}"
- name: Suppression des variables credentials
file:
path: "/etc/mariadb-{{ item }}.env"
state: absent
loop:
- casper-site
- jays-site
notify: reload systemd
- name: Configuration leds de dracut
copy:
src: led_modules.conf
dest: /etc/dracut.conf.d/led_modules.conf
mode: 0644
- name: Configuration leds modules du noyau
copy:
src: modules-load.d_led_modules.conf
dest: /etc/modules-load.d/led_modules.conf
mode: 0644
- name: Configuration lecteur NFC
copy:
src: modprobe.d_pn533-blacklist.conf
dest: /etc/modprobe.d/pn533-blacklist.conf
mode: 0644
- name: Ettercap redirection iptables on
lineinfile:
path: /etc/ettercap/etter.conf
create: yes
state: present
mode: 0644
line: 'redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"'
- name: Ettercap redirection iptables off
lineinfile:
path: /etc/ettercap/etter.conf
create: yes
state: present
mode: 0644
line: 'redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"'
- name: Ettercap redirection iptables6 on
lineinfile:
path: /etc/ettercap/etter.conf
create: yes
state: present
mode: 0644
line: 'redir6_command_on = "ip6tables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"'
- name: Ettercap redirection iptables6 off
lineinfile:
path: /etc/ettercap/etter.conf
create: yes
state: present
mode: 0644
line: 'redir6_command_off = "ip6tables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"'
- name: Configuration audio de libvirtd
lineinfile:
path: /etc/libvirt/qemu.conf
create: yes
state: present
mode: 0644
line: "vnc_allow_host_audio = 1"
- name: Installation service arpwatcher
template:
src: arpwatcher.service.j2
dest: /etc/systemd/system/arpwatcher.service
mode: 0644
notify: reload systemd
|
