Initialisation depot

2026-02-10 12:12:11 +01:00
commit c3176e8d79
818 changed files with 52573 additions and 0 deletions
--- a/Migration/Ansible/roles/samba4-dc/templates/resolv.conf.j2
+++ b/Migration/Ansible/roles/samba4-dc/templates/resolv.conf.j2
@@ -0,0 +1,6 @@
+# DNS resolver configuration
+{% for dns_server in dns_servers %}
+nameserver {{ dns_server }}
+{% endfor %}
+search {{ samba_realm }}
+domain {{ samba_realm }}
--- a/Migration/Ansible/roles/samba4-dc/templates/samba-backup.sh.j2
+++ b/Migration/Ansible/roles/samba4-dc/templates/samba-backup.sh.j2
@@ -0,0 +1,83 @@
+#!/bin/bash
+# Samba4 Backup Script
+# Generated by Ansible
+
+TIMESTAMP=$(date '+%Y-%m-%d_%H-%M-%S')
+DATE=$(date +%Y%m%d_%H%M%S)  # Kept for compatibility
+HOSTNAME="{{ target_hostname }}"
+NFS_SERVER="{{ nfs_server | default('192.168.100.210') }}"
+NFS_MOUNT="/backup"
+BACKUP_BASE_DIR="{{ backup_dir | default('/backup/samba') }}"
+RETENTION_DAYS="28"
+
+# End of configuration
+
+BACKUP_FILE="$BACKUP_BASE_DIR/$HOSTNAME-$TIMESTAMP.tgz"
+
+{% raw %}
+# Colors for output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m' # No Color
+
+echo -e "${CYAN}🔄 Samba4 Backup Script"
+echo "==============================${NC}"
+
+# Function to check NFS availability
+echo "Checking NFS availability..."
+# Test 1: Check if backup directory is mounted
+if ! mountpoint -q "$NFS_MOUNT"; then
+  echo -e "${RED}❌ ERROR: NFS mount point $NFS_MOUNT is not mounted!${NC}"
+  exit 1
+fi
+
+echo "[$(date '+%Y-%m-%d %H:%M:%S')] Starting backup : $BACKUP_FILE" >> "$BACKUP_BASE_DIR/backup.log"
+
+# Create backup folder
+mkdir -p "$BACKUP_BASE_DIR"
+if [ ! -d "$BACKUP_BASE_DIR" ]; then
+  echo -e "${RED}❌ ERROR: cannot create $BACKUP_BASE_DIR${NC}"
+  echo "[$(date '+%Y-%m-%d %H:%M:%S')] ERROR: cannot create $BACKUP_BASE_DIR" >> "$BACKUP_BASE_DIR/backup.log"
+  exit 2
+fi
+
+# Create backup file
+touch $BACKUP_FILE
+if [ ! -f "$BACKUP_FILE" ]; then
+  echo -e "${RED}❌ ERROR: Cannot create backup file${NC}"
+  echo "[$(date '+%Y-%m-%d %H:%M:%S')] ERROR: Cannot create backup file" >> "$BACKUP_BASE_DIR/backup.log"
+  exit 3
+fi
+
+# Stop samba
+echo "[$(date '+%Y-%m-%d %H:%M:%S')] Stopping Samba service" >> "$BACKUP_BASE_DIR/backup.log"
+systemctl stop samba-ad-dc
+
+tar -czf "$BACKUP_FILE" \
+    /var/lib/samba \
+    /etc/samba \
+    /etc/krb5.conf \
+    /etc/resolv.conf 2>/dev/null
+
+# Restart Samba
+echo -e "${YELLOW}🔄 Restarting Samba service${NC}"
+echo "[$(date '+%Y-%m-%d %H:%M:%S')] Starting Samba service" >> "$BACKUP_BASE_DIR/backup.log"
+systemctl start samba-ad-dc
+
+# Wait for Samba to be fully operational
+sleep 10
+if ! systemctl is-active --quiet samba-ad-dc; then
+    echo -e "${YELLOW}⚠️  WARNING: Samba service may not be fully operational${NC}"
+    echo "[$(date '+%Y-%m-%d %H:%M:%S')] WARNING: Samba service may not be fully operational" >> "$BACKUP_BASE_DIR/backup.log"
+fi
+
+
+# Clean old backups
+echo "[$(date '+%Y-%m-%d %H:%M:%S')] Clean old backups" >> "$BACKUP_BASE_DIR/backup.log"
+find "$BACKUP_BASE_DIR" -type f -mtime +$RETENTION_DAYS -delete
+
+echo "[$(date '+%Y-%m-%d %H:%M:%S')] Backup done" >> "$BACKUP_BASE_DIR/backup.log"
+echo -e "${GREEN}Backup done${NC}"
+{% endraw %}
--- a/Migration/Ansible/roles/samba4-dc/templates/samba-changenextrid.sh.j2
+++ b/Migration/Ansible/roles/samba4-dc/templates/samba-changenextrid.sh.j2
@@ -0,0 +1,109 @@
+#!/bin/bash
+# Script to modify the next RID
+
+# Configuration variables from Ansible
+TARGET_HOSTNAME="{{ target_hostname }}"
+DOMAIN_DN="{{ samba_realm.split('.') | map('regex_replace', '^(.*)$', 'DC=\\1') | join(',') }}"
+
+{% raw %}
+# Colors for output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+CYAN='\033[0;36m'
+NC='\033[0m' # No Color
+
+set_next_rid() {
+    local new_rid=$1
+    local pool_size=500
+
+    if [ -z "$new_rid" ]; then
+        echo -e "${RED}Usage: set_next_rid <new_rid>${NC}"
+        return 1
+    fi
+
+    if [ $new_rid -lt 1000 ]; then
+        echo -e "${RED}❌ Error: RID must be >= 1000 (RIDs < 1000 are reserved for system)${NC}"
+        return 1
+    fi
+
+    echo -e "${CYAN}🎯 Current configuration:${NC}"
+    ldbsearch -H /var/lib/samba/private/sam.ldb \
+      -b "CN=RID Set,CN=${TARGET_HOSTNAME},OU=Domain Controllers,${DOMAIN_DN}" \
+      rIDNextRID rIDAllocationPool | grep -E "(rIDNextRID|rIDAllocationPool)"
+
+    echo ""
+    echo -e "${YELLOW}🔄 New configuration:${NC}"
+    echo -e "  ${CYAN}rIDNextRID:${NC} $new_rid"
+    echo -e "  ${CYAN}rIDAllocationPool:${NC} $new_rid-$((new_rid + pool_size - 1))"
+    echo ""
+
+    echo -n -e "${YELLOW}Continue? (y/N): ${NC}"
+    read confirm
+    if [ "$confirm" != "y" ]; then
+        echo -e "${YELLOW}🚫 Cancelled${NC}"
+        return 1
+    fi
+
+    echo -e "${CYAN}🛑 Stopping Samba...${NC}"
+    systemctl stop samba-ad-dc
+
+    # Create LDIF file
+    cat > /tmp/set-next-rid.ldif << EOF
+dn: CN=RID Set,CN=${TARGET_HOSTNAME},OU=Domain Controllers,${DOMAIN_DN}
+changetype: modify
+replace: rIDNextRID
+rIDNextRID: $new_rid
+-
+replace: rIDAllocationPool
+rIDAllocationPool: $new_rid-$((new_rid + pool_size - 1))
+-
+replace: rIDPreviousAllocationPool
+rIDPreviousAllocationPool: $new_rid-$((new_rid + pool_size - 1))
+EOF
+
+    # Apply changes
+    if ldbmodify -H /var/lib/samba/private/sam.ldb /tmp/set-next-rid.ldif; then
+        echo -e "${GREEN}✅ RID modified successfully${NC}"
+    else
+        echo -e "${RED}❌ Error during modification${NC}"
+        systemctl start samba-ad-dc
+        return 1
+    fi
+
+    echo -e "${CYAN}🚀 Restarting Samba...${NC}"
+    systemctl start samba-ad-dc
+
+    # Verification
+    sleep 3
+    echo ""
+    echo -e "${CYAN}🔍 Verification:${NC}"
+    ldbsearch -H /var/lib/samba/private/sam.ldb \
+      -b "CN=RID Set,CN=${TARGET_HOSTNAME},OU=Domain Controllers,${DOMAIN_DN}" \
+      rIDNextRID rIDAllocationPool | grep -E "(rIDNextRID|rIDAllocationPool)"
+
+    rm -f /tmp/set-next-rid.ldif
+}
+
+# Usage
+case "$1" in
+    "show")
+        echo -e "${CYAN}📊 Current RID status:${NC}"
+        ldbsearch -H /var/lib/samba/private/sam.ldb \
+          -b "CN=RID Set,CN=${TARGET_HOSTNAME},OU=Domain Controllers,${DOMAIN_DN}" \
+          rIDNextRID rIDAllocationPool rIDUsedPool | \
+          grep -E "(rIDNextRID|rIDAllocationPool|rIDUsedPool)"
+        ;;
+    "set")
+        set_next_rid $2
+        ;;
+    *)
+        echo -e "${YELLOW}Usage: $0 {show|set <new_rid>}${NC}"
+        echo ""
+        echo -e "${CYAN}Examples:${NC}"
+        echo -e "  ${GREEN}$0 show${NC}          # Show current status"
+        echo -e "  ${GREEN}$0 set 2000${NC}      # Force next RID to 2000"
+        echo -e "  ${GREEN}$0 set 5000${NC}      # Force next RID to 5000"
+        ;;
+esac
+{% endraw %}
--- a/Migration/Ansible/roles/samba4-dc/templates/samba-restore.sh.j2
+++ b/Migration/Ansible/roles/samba4-dc/templates/samba-restore.sh.j2
@@ -0,0 +1,135 @@
+#!/bin/bash
+# Samba4 Simple Restore Script
+# Generated by Ansible
+
+BASE_BACKUP_DIR="{{ backup_dir | default('/backup/samba') }}"
+HOSTNAME="{{ target_hostname }}"
+SAMBA_DIR="/var/lib/samba"
+ETC_DIR="/etc/samba"
+
+{% raw %}
+# Colors for output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+CYAN='\033[0;36m'
+NC='\033[0m' # No Color
+
+echo -e "${CYAN}🔄 Samba4 Restore Script"
+echo "==============================${NC}"
+
+# Check if backup directory exists
+if [ ! -d "$BASE_BACKUP_DIR" ]; then
+    echo -e "${RED}❌ Backup directory not found: $BASE_BACKUP_DIR${NC}"
+    exit 1
+fi
+
+# List available backups
+echo -e "${YELLOW}📁 Available backups for ${HOSTNAME}:${NC}"
+echo ""
+
+backup_files=($(ls -1t "$BASE_BACKUP_DIR"/${HOSTNAME}*.tgz 2>/dev/null))
+
+if [ ${#backup_files[@]} -eq 0 ]; then
+    echo -e "${RED}❌ No backup files found for ${HOSTNAME}${NC}"
+    exit 1
+fi
+
+# Display backup files with index and timestamp
+for i in "${!backup_files[@]}"; do
+    file="${backup_files[$i]}"
+    filename=$(basename "$file")
+    filesize=$(du -h "$file" | cut -f1)
+    timestamp=$(stat -c %y "$file" | cut -d'.' -f1)
+    
+    echo -e "${GREEN}[$((i+1))]${NC} $filename"
+    echo "    📅 Created: $timestamp"
+    echo "    📦 Size: $filesize"
+    echo ""
+done
+
+# Ask user which backup to restore
+echo -n -e "${YELLOW}Select backup to restore [1-${#backup_files[@]}]: ${NC}"
+read -r selection
+
+# Validate selection
+if ! [[ "$selection" =~ ^[0-9]+$ ]] || [ "$selection" -lt 1 ] || [ "$selection" -gt ${#backup_files[@]} ]; then
+    echo -e "${RED}❌ Invalid selection${NC}"
+    exit 1
+fi
+
+selected_backup="${backup_files[$((selection-1))]}"
+echo -e "${GREEN}✅ Selected: $(basename "$selected_backup")${NC}"
+echo ""
+
+# Ask for restore location
+echo -e "${YELLOW}Restore options:${NC}"
+echo "1) In place (replace current Samba installation)"
+echo "2) To custom directory"
+echo ""
+echo -n -e "${YELLOW}Choose option [1-2]: ${NC}"
+read -r restore_option
+
+case "$restore_option" in
+    1)
+        # In-place restore
+        echo -e "${YELLOW}⚠️  WARNING: This will replace your current Samba installation!${NC}"
+        echo -n -e "${RED}Are you sure? Type 'YES' to continue: ${NC}"
+        read -r confirmation
+        
+        if [ "$confirmation" != "YES" ]; then
+            echo -e "${YELLOW}🚫 Restore cancelled${NC}"
+            exit 0
+        fi
+        
+        echo -e "${CYAN}🛑 Stopping Samba service...${NC}"
+        systemctl stop samba-ad-dc
+        
+        echo -e "${CYAN}📦 Restoring backup directly to filesystem...${NC}"
+        tar -xzf "$selected_backup" -C /
+        
+        echo -e "${GREEN}✅ Samba directories restored${NC}"
+        
+        echo -e "${CYAN}🚀 Starting Samba service...${NC}"
+        systemctl start samba-ad-dc
+        
+        # Check service status
+        sleep 3
+        if systemctl is-active --quiet samba-ad-dc; then
+            echo -e "${GREEN}✅ Samba restore completed successfully!${NC}"
+            echo -e "${GREEN}✅ Samba service is running${NC}"
+        else
+            echo -e "${RED}❌ Samba service failed to start${NC}"
+            echo "Check logs: journalctl -u samba-ad-dc"
+        fi
+        ;;
+        
+    2)
+        # Custom directory restore
+        echo -n -e "${YELLOW}Enter target directory: ${NC}"
+        read -r target_dir
+        
+        if [ -z "$target_dir" ]; then
+            echo -e "${RED}❌ Target directory cannot be empty${NC}"
+            exit 1
+        fi
+        
+        mkdir -p "$target_dir"
+        
+        echo -e "${CYAN}📦 Extracting backup to $target_dir...${NC}"
+        tar -xzf "$selected_backup" -C "$target_dir"
+        
+        echo -e "${GREEN}✅ Backup extracted to: $target_dir${NC}"
+        echo -e "${CYAN}📁 Contents:${NC}"
+        ls -la "$target_dir"
+        ;;
+        
+    *)
+        echo -e "${RED}❌ Invalid option${NC}"
+        exit 1
+        ;;
+esac
+
+echo ""
+echo -e "${GREEN}🎉 Restore operation completed!${NC}"
+{% endraw %}