Update : GLPI module
This commit is contained in:
parent
8587224cde
commit
828a49c7a3
30
README.md
30
README.md
@ -1,4 +1,4 @@
|
||||
# 1. Prerequis-install-deb
|
||||
# 1. Hardening
|
||||
|
||||
Depuis un terminal, faire un copié/collé du code ci-dessous
|
||||
|
||||
@ -21,47 +21,55 @@ chmod +x * -R
|
||||
sudo ./main.sh
|
||||
```
|
||||
|
||||
## 01-ssh
|
||||
## package_management.sh
|
||||
|
||||
Configuration du SSH sur la VM
|
||||
Et rajout de l'interface motd
|
||||
|
||||
## 02-apt
|
||||
## ssh_hardening.sh
|
||||
|
||||
Mise en place de la configuration proxy, puis lancement de l'update
|
||||
|
||||
## 03-cortex
|
||||
## firewall.s
|
||||
|
||||
Installation de l'agent Cortex
|
||||
|
||||
## 04-agent-glpi
|
||||
## fail2ban.sh
|
||||
|
||||
Installation de l'agent GLPI
|
||||
|
||||
## 05-manageEngine
|
||||
## auditing.sh
|
||||
|
||||
Installation de l'agent ManageEngine
|
||||
|
||||
## 06-SNMP
|
||||
## dns_config.sh
|
||||
|
||||
Installation du service SNMP avec la configuration
|
||||
|
||||
## 07-DNS
|
||||
## ntp.sh
|
||||
|
||||
Installation du paramétrage DNS
|
||||
|
||||
## 08-NRPE
|
||||
## auto_updates.sh
|
||||
|
||||
Installation du paramétrage nrpe
|
||||
|
||||
## 09-Firewall
|
||||
## antivirus.sh
|
||||
|
||||
Installation du Firewall + paramétrage
|
||||
|
||||
## 10-Fail2Ban
|
||||
## custom_prompt.sh
|
||||
|
||||
Installation du Faild2Ban + paramétrage
|
||||
|
||||
## glpi_agent.sh
|
||||
|
||||
## wazuh_agent.sh
|
||||
|
||||
## monitoring.sh
|
||||
|
||||
## additional_hardening.sh
|
||||
|
||||
# 3. Update
|
||||
|
||||
Depuis un terminal, Aller dans le dossier.
|
||||
|
||||
@ -46,6 +46,8 @@ log_message() {
|
||||
echo "============================================================================================"
|
||||
echo ""
|
||||
echo -e "${BLUE}[$LEVEL]${NC} $MESSAGE"
|
||||
echo ""
|
||||
echo "============================================================================================"
|
||||
echo
|
||||
;;
|
||||
"INFO")
|
||||
|
||||
@ -1 +1,2 @@
|
||||
#
|
||||
# variables
|
||||
GLPI_SERVER="glpi.tips-of-mine.fr"
|
||||
@ -8,6 +8,7 @@ SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||
|
||||
# Source common functions and variables
|
||||
source "./common.sh"
|
||||
source "./custom/custom_glpi"
|
||||
|
||||
# Function to install GLPI agent
|
||||
install_glpi_agent() {
|
||||
@ -25,7 +26,7 @@ install_glpi_agent() {
|
||||
libxml-treepp-perl libyaml-perl libnet-cups-perl libnet-ip-perl libwww-perl \
|
||||
libparse-edid-perl libproc-daemon-perl libfile-which-perl libhttp-daemon-perl \
|
||||
libio-socket-ssl-perl libnet-snmp-perl libcrypt-des-perl libnet-nbname-perl \
|
||||
libdigest-hmac-perl libfusioninventory-agent-task-network-perl
|
||||
libdigest-hmac-perl
|
||||
|
||||
if [ $? -ne 0 ]; then
|
||||
log_message "ERROR" "Failed to install dependencies for GLPI agent"
|
||||
@ -38,19 +39,32 @@ install_glpi_agent() {
|
||||
# Determine system architecture
|
||||
ARCH=$(dpkg --print-architecture)
|
||||
|
||||
# URL
|
||||
URL="https://github.com/glpi-project/glpi-agent/releases"
|
||||
|
||||
# latest version
|
||||
LATEST_VERSION=$(curl -s "$URL" | grep -oP '(?<=/glpi-project/glpi-agent/releases/tag/)[^"]*' | head -1)
|
||||
|
||||
# check
|
||||
if [ -z "$LATEST_VERSION" ]; then
|
||||
log_message "ERROR" "Failed to version GLPI agent"
|
||||
fi
|
||||
|
||||
# Prepare GLPI agent installation
|
||||
TEMP_DIR=$(mktemp -d)
|
||||
cd "$TEMP_DIR" || return 1
|
||||
|
||||
# Download the latest GLPI agent package
|
||||
if [ "$ARCH" = "amd64" ]; then
|
||||
DOWNLOAD_URL="https://github.com/glpi-project/glpi-agent/releases/download/1.4/glpi-agent_1.4-1_all.deb"
|
||||
DOWNLOAD_URL="https://github.com/glpi-project/glpi-agent/releases/download/$LATEST_VERSION/glpi-agent_$LATEST_VERSION.deb"
|
||||
else
|
||||
DOWNLOAD_URL="https://github.com/glpi-project/glpi-agent/releases/download/1.4/glpi-agent_1.4-1_all.deb"
|
||||
DOWNLOAD_URL="https://github.com/glpi-project/glpi-agent/releases/download/$LATEST_VERSION/glpi-agent_$LATEST_VERSION.deb"
|
||||
fi
|
||||
|
||||
log_message "INFO" "Downloading GLPI agent from $DOWNLOAD_URL"
|
||||
wget "$DOWNLOAD_URL" -O glpi-agent.deb
|
||||
|
||||
#wget "$DOWNLOAD_URL" -O glpi-agent.deb
|
||||
curl -L -o "glpi-agent_$LATEST_VERSION.deb" "$DOWNLOAD_URL"
|
||||
|
||||
if [ $? -ne 0 ]; then
|
||||
log_message "ERROR" "Failed to download GLPI agent"
|
||||
@ -60,12 +74,12 @@ install_glpi_agent() {
|
||||
|
||||
# Install the GLPI agent package
|
||||
log_message "INFO" "Installing GLPI agent package"
|
||||
dpkg -i glpi-agent.deb
|
||||
dpkg -i glpi-agent_$LATEST_VERSION.deb
|
||||
|
||||
if [ $? -ne 0 ]; then
|
||||
log_message "ERROR" "Failed to install GLPI agent package"
|
||||
apt-get install -f -y # Try to fix broken dependencies
|
||||
dpkg -i glpi-agent.deb
|
||||
dpkg -i glpi-agent_$LATEST_VERSION.deb
|
||||
|
||||
if [ $? -ne 0 ]; then
|
||||
log_message "ERROR" "Failed to install GLPI agent package after fixing dependencies"
|
||||
@ -94,7 +108,7 @@ install_glpi_agent() {
|
||||
# Generated by security hardening script
|
||||
|
||||
# Server URL - Replace with your actual GLPI server URL
|
||||
server = http://glpi-server/glpi/api/inventory
|
||||
server = https://"$GLPI_SERVER"/glpi/api/inventory
|
||||
# Disable SSL certificate validation for testing (set to 1 for production)
|
||||
no-ssl-check = 0
|
||||
# Run as daemon (0 = no, 1 = yes)
|
||||
@ -103,8 +117,8 @@ daemon = 1
|
||||
logger = File
|
||||
logfile = /var/log/glpi-agent/glpi-agent.log
|
||||
# Scan local network
|
||||
scan-homedirs = 0
|
||||
scan-profiles = 0
|
||||
scan-homedirs = 1
|
||||
scan-profiles = 1
|
||||
# Inventory frequency (in hours)
|
||||
delaytime = 24
|
||||
# Tag for the agent
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user