diff --git a/files/website.html b/files/index.html
similarity index 100%
rename from files/website.html
rename to files/index.html
diff --git a/hosts-init.inv b/hosts-init.inv
index 0380c3c..6c40f26 100644
--- a/hosts-init.inv
+++ b/hosts-init.inv
@@ -1 +1,2 @@
-roger-skyline-1 ansible_host=192.168.99.2 ansible_port=2230 ansible_user=tanguy
+e3r4p2.42.fr ansible_port=2230 ansible_user=tanguy
+roger-skyline-1 ansible_host=192.168.99.2 ansible_port=2230 ansible_user=tanguy
diff --git a/init.yml b/init.yml
index 897031c..94cd5a6 100644
--- a/init.yml
+++ b/init.yml
@@ -1,42 +1,29 @@
- name: "Initialise network config, packages & user tanguy"
- hosts: roger-skyline-1
+ hosts: "e3r4p2.42.fr"
become: yes
become_user: root
become_method: su
tasks:
- - name: "Install necessary packages"
- apt:
- name: ['sudo', 'mailutils', 'fail2ban']
- update_cache: "yes"
- state: "present"
- - name: "Add tanguy to sudoers"
- user:
- name: "tanguy"
- groups: "sudo"
- append: yes
- - name: "Upload firewall config"
+ - name: "Set up networking"
copy:
- src: "files/firewall.conf"
- dest: "/etc/"
+ src: "files/interfaces"
+ dest: "/etc/network/"
owner: "root"
group: "root"
- - name: "Apply firewall config"
- command: "iptables-restore /etc/firewall.conf"
- - name: "Upload public key for tanguy"
- authorized_key:
- user: "tanguy"
- state: "present"
- key: "{{ lookup('file', '/Users/tmaze/.ssh/id_rsa.pub') }}"
- name: "Upload ssh config"
copy:
src: "files/sshd_config"
dest: "/etc/ssh/"
owner: "root"
group: "root"
- - name: "Restart ssh service"
- service:
- name: "ssh"
- state: "restarted"
- enabled: yes
+ - name: "Upload public key for tanguy"
+ authorized_key:
+ user: "tanguy"
+ state: "present"
+ key: "{{ lookup('file', '/Users/tmaze/.ssh/id_rsa.pub') }}"
+ - name: "Reboot VM"
+ reboot:
+ reboot_timeout: 180
+
diff --git a/provision.yml b/provision.yml
new file mode 100644
index 0000000..9dd4463
--- /dev/null
+++ b/provision.yml
@@ -0,0 +1,70 @@
+- name: "Initialise packages, user tanguy & webserver"
+ hosts: "roger-skyline-1"
+ become: yes
+ become_user: root
+ become_method: su
+ tasks:
+ - name: "Install necessary packages"
+ apt:
+ name: ['sudo', 'mailutils', 'fail2ban', 'apache2']
+ update_cache: "yes"
+ state: "present"
+ - name: "Add tanguy to sudoers"
+ user:
+ name: "tanguy"
+ groups: "sudo"
+ append: yes
+ - name: "Upload firewall config"
+ copy:
+ src: "files/firewall.conf"
+ dest: "/etc/"
+ owner: "root"
+ group: "root"
+ - name: "Apply firewall config"
+ command: "iptables-restore -! /etc/firewall.conf"
+ - name: "Create .ssl directory"
+ file:
+ path: "/home/tanguy/.ssl"
+ state: "directory"
+ - name: "Generate ssl private key"
+ openssl_privatekey:
+ path: "/home/tanguy/.ssl/server.pem"
+ - name: "Generate ssl certficate signing request"
+ openssl_certificate:
+ path: "/home/tanguy/.ssl/server.csr"
+ privatekey_path: "/home/tanguy/.ssl/server.pem"
+ common_name: "tmaze"
+ email_address: "tmaze@student.42.fr"
+ contry_name: "FR"
+ locality_name: "Paris"
+ organization_name: "42.fr"
+ - name: "Generate ssl selfsigned certificate"
+ openssl_certificate:
+ path: "/home/tanguy/.ssl/server.crt"
+ csr_path: "/home/tanguy/.ssl/server.csr"
+ privatekey_path: "/home/tanguy/.ssl/server.pem"
+ provider: "selfsigned"
+ - name: "Upload website"
+ copy:
+ src: "files/default-ssl.conf"
+ dest: "/etc/apache2/sites-available"
+ owner: "root"
+ group: "root"
+ - name: "Create webiste dir"
+ file:
+ path: "/var/www/nice_website"
+ state: "directory"
+ - name: "Upload website"
+ copy:
+ src: "files/index.html"
+ dest: "/var/www/nice_website/"
+ owner: "root"
+ group: "root"
+ - name: "Activate ssl mod"
+ apache2_module:
+ state: "present"
+ name: "ssl"
+ - name: "Restart apache2"
+ service:
+ name: "apache2"
+ state: "restarted"