.

README.md

@@ -1,5 +1,5 @@
 
->🚀 Ansible Training: Database & Firewall Deployment
+#### 🚀 Ansible Training: Database & Firewall Deployment
 
 
 Ce projet est un bac à sable (sandbox) destiné à apprendre et pratiquer l'automatisation avec Ansible. L'objectif est de déployer une pile de base de données sécurisée sur une machine virtuelle Linux distante.
@@ -39,8 +39,8 @@ Plaintext
 │   ├── inventory/
 │   │   └── inventory.ini # Liste des hôtes et variables de connexion
 │   ├── playbook/
-│   │   └── site.yml      # Master Playbook (point d'entrée)
-│   └── modules/          # Fichiers de configuration à déployer
+|        └── site.yml      # Master Playbook (point d'entrée)
+└── modules/          # Fichiers de configuration à déployer
 │       └── nftables.conf
 └── README.md            # Cette documentation
 

ansible.cfg

@@ -167,7 +167,7 @@ inventory=./inventory/inventory.ini
 ;log_filter=
 
 # (path) File to which Ansible will log on the controller. When empty logging is disabled.
-log_path=./ansible_log.log
+log_path=ansible.log
 
 # (pathspec) Colon separated paths in which Ansible will search for Lookup Plugins.
 ;lookup_plugins={{ ANSIBLE_HOME ~ "/plugins/lookup:/usr/share/ansible/plugins/lookup" }}

ansible/inventory/inventory.ini

@@ -3,3 +3,6 @@ nftables ansible_host='192.168.1.119'
 
 [Database]
 Database ansible_host='192.168.1.119'
+
+[bashrc]
+bashrc ansible_host="192.168.1.119"

ansible/playbook/deploy_bashrc.yml

@@ -0,0 +1,41 @@
+---
+
+- name: Déploiement du bashrc de maxime 
+  hosts: bashrc
+  become: yes
+
+  tasks:
+    - name: Copie du bashrc 
+      copy:
+        src: ../../modules/.bashrc
+        dest: /home/maxime/.bashrc
+        owner: "{{ ansible_user_id }}"
+        group: "{{ ansible_user_id }}"
+        mode: '775'
+
+    - name: Créer le dossier des scripts
+      file:
+        path: /opt/divers
+        state: directory
+        mode: '0755'
+        owner: "{{ ansible_user_id }}"
+        group: "{{ ansible_user_id }}"    
+
+    - name: Copie du script dépendant de bashrc
+      
+      copy:
+        src: /opt/divers/start_konsole.sh
+        dest: /opt/divers/start_konsole.sh
+        owner: maxime
+        group: maxime
+        mode: '755'
+
+    - name: Installation de sl
+      apt:
+        name: sl
+        state: present
+    - name: Installation de btop    
+      apt:
+        name: btop
+        state: present 
+

ansible/playbook/site.yml

@@ -6,3 +6,6 @@
 - name: Lancement de la configuration nftables
   import_playbook: deploy_firewall.yml  
 
+- name: Préparation du bashrc de maxime
+  import_playbook: deploy_bashrc.yml
+  

modules/.bashrc

@@ -0,0 +1,118 @@
+# ~/.bashrc: executed by bash(1) for non-login shells.
+# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
+# for examples
+
+# If not running interactively, don't do anything
+case $- in
+    *i*) ;;
+      *) return;;
+esac
+
+# don't put duplicate lines or lines starting with space in the history.
+# See bash(1) for more options
+HISTCONTROL=ignoreboth
+
+# append to the history file, don't overwrite it
+shopt -s histappend
+
+# for setting history length see HISTSIZE and HISTFILESIZE in bash(1)
+HISTSIZE=1000
+HISTFILESIZE=2000
+
+# check the window size after each command and, if necessary,
+# update the values of LINES and COLUMNS.
+shopt -s checkwinsize
+
+# If set, the pattern "**" used in a pathname expansion context will
+# match all files and zero or more directories and subdirectories.
+#shopt -s globstar
+
+# make less more friendly for non-text input files, see lesspipe(1)
+#[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"
+
+# set variable identifying the chroot you work in (used in the prompt below)
+if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then
+    debian_chroot=$(cat /etc/debian_chroot)
+fi
+
+# set a fancy prompt (non-color, unless we know we "want" color)
+case "$TERM" in
+    xterm-color|*-256color) color_prompt=yes;;
+esac
+
+# uncomment for a colored prompt, if the terminal has the capability; turned
+# off by default to not distract the user: the focus in a terminal window
+# should be on the output of commands, not on the prompt
+#force_color_prompt=yes
+
+if [ -n "$force_color_prompt" ]; then
+    if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then
+	# We have color support; assume it's compliant with Ecma-48
+	# (ISO/IEC-6429). (Lack of such support is extremely rare, and such
+	# a case would tend to support setf rather than setaf.)
+	color_prompt=yes
+    else
+	color_prompt=
+    fi
+fi
+
+if [ "$color_prompt" = yes ]; then
+    PS1="༼ つ ◕_◕ ༽つ@┌П┐(ಠ_ಠ)\:"    #${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@┌П┐(ಠ_ಠ)' #MaximeWallahOuais\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$
+    bash /opt/divers/start_konsole.sh
+   
+else
+    PS1='${debian_chroot:+($debian_chroot)}\u@#\h:\w\$' 
+fi
+unset color_prompt force_color_prompt
+
+# If this is an xterm set the title to user@host:dir
+case "$TERM" in
+xterm*|rxvt*)
+    PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"
+    ;;
+*)
+    ;;
+esac
+
+# enable color support of ls and also add handy aliases
+if [ -x /usr/bin/dircolors ]; then
+    test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
+    alias ls='ls --color=auto'
+    #alias dir='dir --color=auto'
+    #alias vdir='vdir --color=auto'
+
+    #alias grep='grep --color=auto'
+    #alias fgrep='fgrep --color=auto'
+    #alias egrep='egrep --color=auto'
+fi
+
+# colored GCC warnings and errors
+#export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01'
+
+# some more ls aliases
+#alias ll='ls -l'
+#alias la='ls -A'
+#alias l='ls -CF'
+alias tchoutchou='sl'
+alias bird='curl parrot.live'
+alias cisco='packettracer'
+alias pokemon='sudo ~/PokeMMO/PokeMMO.sh'
+# Alias definitions.
+# You may want to put all your additions into a separate file like
+# ~/.bash_aliases, instead of adding them here directly.
+# See /usr/share/doc/bash-doc/examples in the bash-doc package.
+
+if [ -f ~/.bash_aliases ]; then
+    . ~/.bash_aliases
+fi
+
+# enable programmable completion features (you don't need to enable
+# this, if it's already enabled in /etc/bash.bashrc and /etc/profile
+# sources /etc/bash.bashrc).
+if ! shopt -oq posix; then
+  if [ -f /usr/share/bash-completion/bash_completion ]; then
+    . /usr/share/bash-completion/bash_completion
+  elif [ -f /etc/bash_completion ]; then
+    . /etc/bash_completion
+  fi
+fi

modules/nftables.conf

@@ -8,16 +8,14 @@ table inet filter {
         # 2. Autoriser les connexions déjà établies (réponses au trafic sortant)
         ct state established,related accept
 
-        # 3. Autoriser le SSH (Port 22) - À adapter si tu as changé le port
+        # 3. Autoriser le SSH (Port 22)
         tcp dport 22 accept
 
-        # 4. Autoriser le Ping (optionnel mais utile pour le diagnostic)
+        # 4. Autoriser le Ping 
         icmp type echo-request accept
         icmpv6 type echo-request accept
 
-        # 5. Optionnel : Autoriser MariaDB (Port 3306) 
-        # Uniquement si d'autres serveurs doivent se connecter à la DB
-        # tcp dport 3306 accept
+       
     }
 
     chain forward {

requirement/main.sh

@@ -14,10 +14,6 @@ cat << 'EOF'
                                                       
 EOF
 
-
-
-
-
 set -euo pipefail
 
 SEPARATOR="=============================================="