From 828a49c7a388de78c2ece7aa5cebe98290b86ef4 Mon Sep 17 00:00:00 2001
From: hcornet <hcornet@tips-of-mine.fr>
Date: Fri, 25 Apr 2025 13:42:35 +0200
Subject: [PATCH] Update : GLPI module

---
 README.md             | 30 +++++++++++++++++++-----------
 common.sh             |  2 ++
 custom/custom_glpi    |  3 ++-
 modules/glpi_agent.sh | 34 ++++++++++++++++++++++++----------
 4 files changed, 47 insertions(+), 22 deletions(-)

diff --git a/README.md b/README.md
index c0a66b7..5d5ad2e 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-# 1. Prerequis-install-deb
+# 1. Hardening
 
 Depuis un terminal, faire un copié/collé du code ci-dessous
 
@@ -21,47 +21,55 @@ chmod +x * -R
 sudo ./main.sh
 ```
 
-## 01-ssh
+## package_management.sh
 
 Configuration du SSH sur la VM
 Et rajout de l'interface motd
 
-## 02-apt
+## ssh_hardening.sh
 
 Mise en place de la configuration proxy, puis lancement de l'update
 
-## 03-cortex
+## firewall.s
 
 Installation de l'agent Cortex
 
-## 04-agent-glpi
+## fail2ban.sh
 
 Installation de l'agent GLPI
 
-## 05-manageEngine
+## auditing.sh
 
 Installation de l'agent ManageEngine
 
-## 06-SNMP
+## dns_config.sh
 
 Installation du service SNMP avec la configuration
 
-## 07-DNS
+## ntp.sh
 
 Installation du paramétrage DNS
 
-## 08-NRPE
+## auto_updates.sh
 
 Installation du paramétrage nrpe
 
-## 09-Firewall
+## antivirus.sh
 
 Installation du Firewall + paramétrage
 
-## 10-Fail2Ban
+## custom_prompt.sh
 
 Installation du Faild2Ban + paramétrage
 
+## glpi_agent.sh
+
+## wazuh_agent.sh
+
+## monitoring.sh
+
+## additional_hardening.sh
+
 # 3. Update
 
 Depuis un terminal, Aller dans le dossier.
diff --git a/common.sh b/common.sh
index e1410c4..6c681de 100644
--- a/common.sh
+++ b/common.sh
@@ -46,6 +46,8 @@ log_message() {
       echo "============================================================================================"
       echo ""
       echo -e "${BLUE}[$LEVEL]${NC} $MESSAGE"
+      echo ""
+      echo "============================================================================================"
       echo
       ;;
     "INFO")
diff --git a/custom/custom_glpi b/custom/custom_glpi
index 4287ca8..cc8c2f0 100644
--- a/custom/custom_glpi
+++ b/custom/custom_glpi
@@ -1 +1,2 @@
-#
\ No newline at end of file
+# variables
+GLPI_SERVER="glpi.tips-of-mine.fr"
\ No newline at end of file
diff --git a/modules/glpi_agent.sh b/modules/glpi_agent.sh
index 8fe67e1..fae8cff 100644
--- a/modules/glpi_agent.sh
+++ b/modules/glpi_agent.sh
@@ -8,6 +8,7 @@ SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 
 # Source common functions and variables
 source "./common.sh"
+source "./custom/custom_glpi"
 
 # Function to install GLPI agent
 install_glpi_agent() {
@@ -25,7 +26,7 @@ install_glpi_agent() {
     libxml-treepp-perl libyaml-perl libnet-cups-perl libnet-ip-perl libwww-perl \
     libparse-edid-perl libproc-daemon-perl libfile-which-perl libhttp-daemon-perl \
     libio-socket-ssl-perl libnet-snmp-perl libcrypt-des-perl libnet-nbname-perl \
-    libdigest-hmac-perl libfusioninventory-agent-task-network-perl
+    libdigest-hmac-perl
   
   if [ $? -ne 0 ]; then
     log_message "ERROR" "Failed to install dependencies for GLPI agent"
@@ -38,20 +39,33 @@ install_glpi_agent() {
   # Determine system architecture
   ARCH=$(dpkg --print-architecture)
   
+  # URL 
+  URL="https://github.com/glpi-project/glpi-agent/releases"
+
+  # latest version
+  LATEST_VERSION=$(curl -s "$URL" | grep -oP '(?<=/glpi-project/glpi-agent/releases/tag/)[^"]*' | head -1)
+
+  # check
+  if [ -z "$LATEST_VERSION" ]; then
+    log_message "ERROR" "Failed to version GLPI agent"
+  fi
+
   # Prepare GLPI agent installation
   TEMP_DIR=$(mktemp -d)
   cd "$TEMP_DIR" || return 1
   
   # Download the latest GLPI agent package
   if [ "$ARCH" = "amd64" ]; then
-    DOWNLOAD_URL="https://github.com/glpi-project/glpi-agent/releases/download/1.4/glpi-agent_1.4-1_all.deb"
+    DOWNLOAD_URL="https://github.com/glpi-project/glpi-agent/releases/download/$LATEST_VERSION/glpi-agent_$LATEST_VERSION.deb"
   else
-    DOWNLOAD_URL="https://github.com/glpi-project/glpi-agent/releases/download/1.4/glpi-agent_1.4-1_all.deb"
+    DOWNLOAD_URL="https://github.com/glpi-project/glpi-agent/releases/download/$LATEST_VERSION/glpi-agent_$LATEST_VERSION.deb"
   fi
   
   log_message "INFO" "Downloading GLPI agent from $DOWNLOAD_URL"
-  wget "$DOWNLOAD_URL" -O glpi-agent.deb
-  
+
+  #wget "$DOWNLOAD_URL" -O glpi-agent.deb
+  curl -L -o "glpi-agent_$LATEST_VERSION.deb" "$DOWNLOAD_URL"
+
   if [ $? -ne 0 ]; then
     log_message "ERROR" "Failed to download GLPI agent"
     rm -rf "$TEMP_DIR"
@@ -60,12 +74,12 @@ install_glpi_agent() {
   
   # Install the GLPI agent package
   log_message "INFO" "Installing GLPI agent package"
-  dpkg -i glpi-agent.deb
+  dpkg -i glpi-agent_$LATEST_VERSION.deb
   
   if [ $? -ne 0 ]; then
     log_message "ERROR" "Failed to install GLPI agent package"
     apt-get install -f -y  # Try to fix broken dependencies
-    dpkg -i glpi-agent.deb
+    dpkg -i glpi-agent_$LATEST_VERSION.deb
     
     if [ $? -ne 0 ]; then
       log_message "ERROR" "Failed to install GLPI agent package after fixing dependencies"
@@ -94,7 +108,7 @@ install_glpi_agent() {
 # Generated by security hardening script
 
 # Server URL - Replace with your actual GLPI server URL
-server = http://glpi-server/glpi/api/inventory
+server = https://"$GLPI_SERVER"/glpi/api/inventory
 # Disable SSL certificate validation for testing (set to 1 for production)
 no-ssl-check = 0
 # Run as daemon (0 = no, 1 = yes)
@@ -103,8 +117,8 @@ daemon = 1
 logger = File
 logfile = /var/log/glpi-agent/glpi-agent.log
 # Scan local network
-scan-homedirs = 0
-scan-profiles = 0
+scan-homedirs = 1
+scan-profiles = 1
 # Inventory frequency (in hours)
 delaytime = 24
 # Tag for the agent