modif docker compose ajout proxy

ajout s-lb-web3
Merge branch 'master' of https://gitea.lyc-lecastel.fr/gadmin/gsb2021
2021-01-27 11:18:18 +01:00 · 2021-01-27 09:13:04 +01:00 · 2021-01-27 08:51:11 +01:00 · 2021-01-27 08:50:13 +01:00 · 2021-01-27 08:25:54 +01:00 · 2021-01-26 16:46:04 +01:00
11 changed files with 133 additions and 13 deletions
--- a/roles/docker-nextcloud/files/docker-compose.yml
+++ b/roles/docker-nextcloud/files/docker-compose.yml
@ -21,11 +21,11 @@ services:
    image: nextcloud
    restart: always
    ports:
-      - 8080:80
+      - 5678:80
    links:
      - db
    volumes:
-      - nextcloud:/var/www/html
+      - ./nextcloud:/var/www/html
    environment:
      - MYSQL_PASSWORD=root
      - MYSQL_DATABASE=nextcloud
--- a/roles/docker-nextcloud/files/proxy
+++ b/roles/docker-nextcloud/files/proxy
@ -0,0 +1,100 @@
 ##
 # You should look at the following URL's in order to grasp a solid understanding
 # of Nginx configuration files in order to fully unleash the power of Nginx.
 # https://www.nginx.com/resources/wiki/start/
 # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
 # https://wiki.debian.org/Nginx/DirectoryStructure
 #
 # In most cases, administrators will remove this file from sites-enabled/ and
 # leave it as reference inside of sites-available where it will continue to be
 # updated by the nginx packaging team.
 #
 # This file will automatically load configuration files provided by other
 # applications, such as Drupal or Wordpress. These applications will be made
 # available underneath a path with that package name, such as /drupal8.
 #
 # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
 ##
 # Default server configuration
 #
 server {
 	listen 8080 default_server;
 	listen [::]:8080 default_server;
 	location / {
 		proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
 		proxy_pass http://localhost:5678;
 		proxy_connect_timeout 900;
 		proxy_send_timeout 900;
 		proxy_read_timeout 900;
 	}
 	# SSL configuration
 	#
 	# listen 443 ssl default_server;
 	# listen [::]:443 ssl default_server;
 	#
 	# Note: You should disable gzip for SSL traffic.
 	# See: https://bugs.debian.org/773332
 	#
 	# Read up on ssl_ciphers to ensure a secure configuration.
 	# See: https://bugs.debian.org/765782
 	#
 	# Self signed certs generated by the ssl-cert package
 	# Don't use them in a production server!
 	#
 	# include snippets/snakeoil.conf;
 #	root /var/www/html;
 	# Add index.php to the list if you are using PHP
 #	index index.html index.htm index.nginx-debian.html;
 #	server_name _;
 #	location / {
 		# First attempt to serve request as file, then
 		# as directory, then fall back to displaying a 404.
 #		try_files $uri $uri/ =404;
 #	}
 	# pass PHP scripts to FastCGI server
 	#
 	#location ~ \.php$ {
 	#	include snippets/fastcgi-php.conf;
 	#
 	#	# With php-fpm (or other unix sockets):
 	#	fastcgi_pass unix:/run/php/php7.3-fpm.sock;
 	#	# With php-cgi (or other tcp sockets):
 	#	fastcgi_pass 127.0.0.1:9000;
 	#}
 	# deny access to .htaccess files, if Apache's document root
 	# concurs with nginx's one
 	#
 	#location ~ /\.ht {
 	#	deny all;
 	#}
 }
 # Virtual Host configuration for example.com
 #
 # You can move that to a different file under sites-available/ and symlink that
 # to sites-enabled/ to enable it.
 #
 #server {
 #	listen 80;
 #	listen [::]:80;
 #
 #	server_name example.com;
 #
 #	root /var/www/example.com;
 #	index index.html;
 #
 #	location / {
 #		try_files $uri $uri/ =404;
 #	}
 #}
--- a/roles/mariadb-ab/tasks/main.yml
+++ b/roles/mariadb-ab/tasks/main.yml
@ -5,6 +5,7 @@
    - python3-mysqldb
    - mariadb-server
    - python3-passlib
    - python3-pymysql
    state: present
 - name: python3 par defaut
@ -24,13 +25,19 @@
  mysql_user:
    name: "{{ maria_dbuser }}"
    password: "{{ maria_dbpasswd }}"
-    priv: "*.*:ALL,GRANT"
+    priv: '*.*:ALL,GRANT'
    login_unix_socket: /var/run/mysqld/mysqld.sock
  with_items:
-    - 127.0.0.1
+    - "127.0.0.1"
 #    - ::1
 #    - localhost
 - name: Copie du fichier my.cnf pour autorises toutes les adresses sur le port 3306
-  copy : src=my.cnf dest=/etc/mysql/
+  copy:
    src: my.cnf
    dest: /etc/mysql/
 - name: Redemarrage du service mariadb
-  shell: service mariadb restart
+  service: 
    name: mariadb
    state: restarted
--- a/roles/post/files/interfaces.r-vp1
+++ b/roles/post/files/interfaces.r-vp1
@ -21,9 +21,9 @@ allow-hotplug enp0s9
 iface enp0s9 inet static
 	address 192.168.1.2
 	netmask 255.255.255.0
-	post-up ip route add 172.16.128.0/24 via 192.168.1.2
+	post-up /usr/sbin/ip route add 172.16.128.0/24 via 192.168.1.2
-	post-up ip route add 172.16.0.0/24 via 192.168.1.1
+	post-up /usr/sbin/ip route add 172.16.0.0/24 via 192.168.1.1
-	post-up ip route add 192.168.200.0/24 via 192.168.1.1
+	post-up /usr/sbin/ip route add 192.168.200.0/24 via 192.168.1.1
 #	up route add -net 172.16.128.0/24 gw 192.168.0.52
 #	up route add default gw 192.168.1.1
--- a/roles/post/files/interfaces.r-vp2
+++ b/roles/post/files/interfaces.r-vp2
@ -21,8 +21,8 @@ allow-hotplug enp0s9
 iface enp0s9 inet static
 	address 192.168.0.52
 	netmask 255.255.255.0
-	post-up ip route add 192.168.1.0/24 via 172.16.128.254/24
+	post-up /usr/sbin/ip route add 192.168.1.0/24 via 172.16.128.254/24
-	post-up ip route add 172.16.0.0/24 via 172.16.128.254/24
+	post-up /usr/sbin/ip route add 172.16.0.0/24 via 172.16.128.254/24
 #	up route add -net 192.168.1.0/24 gw 192.168.0.52
 #	post-up /bin/bash /root/iptables-vpn
--- a/roles/post/files/interfaces.s-agence
+++ b/roles/post/files/interfaces.s-agence
@ -9,3 +9,6 @@ iface lo inet loopback
 allow-hotplug enp0s3
 iface enp0s3 inet dhcp
 allow-hotplug enp0s8
 iface enp0s8 inet dhcp
--- a/roles/s-lb-ab/files/haproxy.cfg
+++ b/roles/s-lb-ab/files/haproxy.cfg
@ -44,7 +44,7 @@ backend fermeweb
 	#option httpchk HEAD / HTTP/1.0
 	server s-lb-web1 192.168.101.1:80 check
 	server s-lb-web2 192.168.101.2:80 check
-
+#	server s-lb-web3 192.168.101.2:80 check
 listen stats
 	bind	*:8080
--- a/roles/s-lb-bd-ab/files/installmysql.sh
+++ b/roles/s-lb-bd-ab/files/installmysql.sh
@ -4,7 +4,7 @@ apt-get update && apt-get upgrade -y
 # Install MySQL Server in a Non-Interactive mode. Default root password will be "root"
 echo "mysql-server mysql-server/root_password password root" | debconf-set-selections
 echo "mysql-server mysql-server/root_password_again password root" | debconf-set-selections
-apt-get -y install mariadb-server
+apt-get -y install mysql-server
 # Run the MySQL Secure Installation wizard
--- a/roles/s-lb-wordpress/tasks/main.yml
+++ b/roles/s-lb-wordpress/tasks/main.yml
@ -25,6 +25,14 @@
     - {'regexp': "define\\('DB_USER', '(.)+'\\);", 'line': "define('DB_USER', '{{wp_mysql_user}}');"}        
     - {'regexp': "define\\('DB_PASSWORD', '(.)+'\\);", 'line': "define('DB_PASSWORD', '{{wp_mysql_password}}');"}
 - name: Attributions des permissions
   file:
     path: /home/wordpress
     recurse: yes
     owner: 33
     group: 33
 # - name: Fix permissions
 #   shell: chown -R www-data /var/www/wordpress/*
 #
--- a/roles/vpn-stg-l/files/ipsec.conf
+++ b/roles/vpn-stg-l/files/ipsec.conf
@ -20,3 +20,4 @@ conn tunnel #
        auto=start
        keyexchange=ikev2
        type=tunnel
 #
--- a/roles/vpn-stg-r/files/ipsec.conf
+++ b/roles/vpn-stg-r/files/ipsec.conf
@ -20,3 +20,4 @@ conn tunnel #
        auto=start
        keyexchange=ikev2
        type=tunnel
 #
Author	SHA1	Message	Date
am	e36173b079	modif docker compose ajout proxy	2021-01-27 11:18:18 +01:00
tl	575eaea422	ajout s-lb-web3	2021-01-27 09:13:04 +01:00
bb	8ea91004f8	Merge branch 'master' of https://gitea.lyc-lecastel.fr/gadmin/gsb2021	2021-01-27 08:51:11 +01:00
bb	6844d05974	chemin absolu + interface dhcp agence	2021-01-27 08:50:13 +01:00
tl	d8371a0973	attribution des permissions www-data sur /home/wordpress	2021-01-27 08:25:54 +01:00
theo vallet	4621000ce1	backup script	2021-01-26 16:46:04 +01:00
theo vallet	f030228008	modif mariadb	2021-01-26 16:04:18 +01:00
bb	d953531bf8	Ajustement de /etc/ipsec.conf au niveau des routes indiquées	2021-01-26 15:52:25 +01:00