Premier commit

2023-01-05 11:44:26 +01:00
parent d46e9954ca
commit fb19dc24e5
554 changed files with 46045 additions and 0 deletions
--- a/roles/s-lb-ab/README.md
+++ b/roles/s-lb-ab/README.md
@@ -0,0 +1,4 @@
+##Installation du load-balancer  
+  
+Ce rôle sert à installer HAproxy et de mettre un fichier de configuration avec les serveur web à répartir.  
+Ce rôle est utilisé par s-lb
--- a/roles/s-lb-ab/files/actu.sh
+++ b/roles/s-lb-ab/files/actu.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+while true
+do
+curl 192.168.100.10
+done
--- a/roles/s-lb-ab/files/haproxy.cfg
+++ b/roles/s-lb-ab/files/haproxy.cfg
@@ -0,0 +1,55 @@
+global
+	log /dev/log	local0
+	log /dev/log	local1 notice
+	chroot /var/lib/haproxy
+	stats socket /run/haproxy/admin.sock mode 660 level admin
+	stats timeout 30s
+	user haproxy
+	group haproxy
+	daemon
+
+	# Default SSL material locations
+	ca-base /etc/ssl/certs
+	crt-base /etc/ssl/private
+
+	# Default ciphers to use on SSL-enabled listening sockets.
+	# For more information, see ciphers(1SSL). This list is from:
+	#  https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
+	ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
+	ssl-default-bind-options no-sslv3
+
+defaults
+	log	global
+	mode	http
+	option	httplog
+	option	dontlognull
+        timeout connect 5000
+        timeout client  50000
+        timeout server  50000
+	errorfile 400 /etc/haproxy/errors/400.http
+	errorfile 403 /etc/haproxy/errors/403.http
+	errorfile 408 /etc/haproxy/errors/408.http
+	errorfile 500 /etc/haproxy/errors/500.http
+	errorfile 502 /etc/haproxy/errors/502.http
+	errorfile 503 /etc/haproxy/errors/503.http
+	errorfile 504 /etc/haproxy/errors/504.http
+
+frontend proxypublic
+	bind 192.168.100.10:80
+	default_backend fermeweb
+
+backend fermeweb
+	balance roundrobin
+	option httpclose
+	#option httpchk HEAD / HTTP/1.0
+	server s-lb-web1 192.168.101.1:80 check
+	server s-lb-web2 192.168.101.2:80 check
+	server s-lb-web3 192.168.101.3:80 check
+
+listen stats
+	bind	*:8080
+	stats enable
+	stats uri /haproxy
+	stats auth admin:admin
+
+
--- a/roles/s-lb-ab/handlers/main.yml
+++ b/roles/s-lb-ab/handlers/main.yml
@@ -0,0 +1,3 @@
+---
+ - name: restart haproxy
+   service: name=haproxy state=restarted
--- a/roles/s-lb-ab/tasks/main.yml
+++ b/roles/s-lb-ab/tasks/main.yml
@@ -0,0 +1,29 @@
+---
+- name: Installation d'HAproxy
+  apt:
+    name:
+    - haproxy
+    state: present
+
+- name: Copie du fichier de configuration
+  copy: 
+    src: haproxy.cfg 
+    dest: /etc/haproxy/haproxy.cfg
+  notify:
+    - restart haproxy
+
+- name:
+  file:
+    path: /root/script
+    state: directory
+
+- name: Copie du fichier actu.sh
+  copy: 
+    src: actu.sh
+    dest: /root/script/
+
+- name: On rend exécutable le script actu.sh
+  file:
+    path: /root/script/actu.sh
+    mode: 0777
+