Merge branch 'main' of https://gitea.lyc-lecastel.fr/gadmin/gsb2023

haproxy FINAL correc
mise a jour goss r-vp2
2023-01-25 15:33:10 +01:00 · 2023-01-25 15:31:26 +01:00 · 2023-01-25 15:25:07 +01:00 · 2023-01-25 15:24:53 +01:00 · 2023-01-25 15:17:18 +01:00 · 2023-01-25 11:29:48 +01:00
9 changed files with 134 additions and 128 deletions
--- a/goss/r-vp1.yaml
+++ b/goss/r-vp1.yaml
@ -1,76 +1,56 @@
 file:
  /etc/wireguard/wg0.conf:
    exists: true
    mode: "0644"
    owner: root
    group: root
    filetype: file
    contains:
    - AllowedIPs = 10.0.0.2/32, 172.16.128.0/24
 package:
 #  ferm:
 #    installed: true
  wireguard:
    installed: true
    versions:
    - 1.0.20210223-1
  wireguard-tools:
    installed: true
-port:
+    versions:
-  udp:68:
+    - 1.0.20210223-1
    listening: true
 service:
-#  dnsmasq:
+  wg-quick@wg0:
 #    enabled: true
 #    running: true
   wireguard:
    enabled: true
    running: true
  ssh:
    enabled: true
    running: true
 command:
-  sysctl net.ipv4.ip_forward:
+  host 192.168.99.99:
    exit-status: 0
    stdout:
-    - net.ipv4.ip_forward = 1
+    - 99.99.168.192.in-addr.arpa domain name pointer s-adm.gsb.adm.
    stderr: []
    timeout: 10000
 command:  
  ping -c 4 192.168.0.52:
    exit-status: 0
    stdout:
    - 4 received = 1
    stderr: []
    timeout: 10000
 command:
  ping -c 4 192.168.1.1:
    exit-status: 0
    stdout:
    - 4 received = 1
    stderr: []
    timeout: 10000
 command:
  ping -c 4 192.168.200.254:
    exit-status: 0
    stdout:
    - 4 received = 1
    stderr: []
    timeout: 10000
 command:
  ping -c 4 172.16.0.1:
    exit-status: 0
    stdout:
    - 4 received = 1
    stderr: []
    timeout: 10000
 command:
  ping -c4  10.0.0.2:
    exit-status: 0
    stdout:
-    - 4 received = 1
+    - 0% packet loss
    stderr: []
    timeout: 10000
 #process:
 #  dnsmasq:
 #    running: true
 #  squid:
 #    running: true
 interface:
  enp0s3:
    exists: true
    addrs:
    - 192.168.99.112/24
    mtu: 1500
  enp0s8:
    exists: true
    addrs:
-    - 192.168.0.51/24
+    - 192.168.1.2/24
    mtu: 1500
  enp0s9:
    exists: true
    addrs:
-    - 192.168.1.2/24
+    - 192.168.0.51/24
    mtu: 1500
  wg0:
    exists: true
    addrs:
    - 10.0.0.1/32
    mtu: 1420
--- a/goss/r-vp2.yaml
+++ b/goss/r-vp2.yaml
@ -0,0 +1,52 @@
 file:
  /etc/wireguard/wg0.conf:
    exists: true
    mode: "0644"
    owner: root
    group: root
    filetype: file
    contains: []
 package:
  wireguard:
    installed: true
    versions:
    - 1.0.20210223-1
  wireguard-tools:
    installed: true
    versions:
    - 1.0.20210223-1
 service:
  isc-dhcp-server:
    enabled: true
    running: true
  wg-quick@wg0:
    enabled: true
    running: true
 command:
  ping -c4 10.0.0.1:
    exit-status: 0
    stdout:
    - 0% packet loss
    stderr: []
    timeout: 10000
 interface:
  enp0s3:
    exists: true
    addrs:
    - 192.168.99.102/24
    mtu: 1500
  enp0s8:
    exists: true
    addrs:
    - 172.16.128.254/24
    mtu: 1500
  enp0s9:
    exists: true
    addrs:
    - 192.168.0.52/24
    mtu: 1500
  wg0:
    exists: true
    addrs:
    - 10.0.0.2/32
    mtu: 1420
--- a/goss/r-vp2goss.yaml
+++ b/goss/r-vp2goss.yaml
@ -1,67 +0,0 @@
 package:
  ferm:
    installed: true
  ipsec:
    installed: true
 port:
  tcp:53: 
    listening: true
  udp:67:
    listening: true
  udp:68:
    listening: true
 service:
  dnsmasq:
    enabled: true
    running: true
  ferm:
    enabled: true
    running: true
  ssh:
    enabled: true
    running: true
 command:
  sysctl net.ipv4.ip_forward:
    exit-status: 0
    stdout:
    - net.ipv4.ip_forward = 1
    stderr: []
    timeout: 10000
  sysctl ping -c 4 192.168.0.51:
    exit-status: 0
    stdout:
    - 4 received = 1
    stderr: []
    timeout: 10000
  sysctl ping -c 4 192.168.1.1:
    exit-status: 0
    stdout:
    - 4 received = 1
    stderr: []
    timeout: 10000
  sysctl ping -c 4 192.168.200.254:
    exit-status: 0
    stdout:
    - 4 received = 1
    stderr: []
    timeout: 10000
  sysctl ping -c 4 172.16.0.1:
    exit-status: 0
    stdout:
    - 4 received = 1
    stderr: []
    timeout: 10000
 process:
  dnsmasq:
    running: true
  squid3:
    running: true
 interface:
  enp0s8:
    exists: true
    addrs:
    - 172.16.128.254/24
  enp0s9:
    exists: true
    addrs:
    - 192.168.0.52/24
--- a/goss/s-backup.yaml
+++ b/goss/s-backup.yaml
@ -0,0 +1,41 @@
 package:
  bind9:
    installed: true
  cifs-utils:
    installed: true
  rsync:
    installed: true
  smbclient:
    installed: true
 service:
  bind9:
    enabled: true
    running: true
  rsync:
    enabled: true
    running: false
 command:
  ping -c4 ns.gsb.lan:
    exit-status: 0
    stdout:
    - 0% packet loss
    stderr: []
    timeout: 10000
 #check si partage windows accesible
  smbclient -L //s-win --user=uBackup%Azerty1+ | grep 'public':
    exit-status: 0
    stdout:
    - public
    stderr: []
    timeout: 10000
 interface:
  enp0s3:
    exists: true
    addrs:
    - 192.168.99.4/24
    mtu: 1500
  enp0s8:
    exists: true
    addrs:
    - 172.16.0.4/24
    mtu: 1500
--- a/goss/s-mon.yaml
+++ b/goss/s-mon.yaml
@ -49,7 +49,7 @@ interface:
  enp0s3:
    exists: true
    addrs:
-    - 192.168.99.104/24
+    - 192.168.99.8/24
  enp0s8:
    exists: true
    addrs:
--- a/roles/lb-front/files/haproxy.cfg
+++ b/roles/lb-front/files/haproxy.cfg
@ -44,7 +44,6 @@ backend fermeweb
 	#option httpchk HEAD / HTTP/1.0
 	server s-lb-web1 192.168.101.1:80 check
 	server s-lb-web2 192.168.101.2:80 check
 	#server s-lb-web3 192.168.101.3:80 check
 listen stats
--- a/roles/lb-front/tasks/main.yml
+++ b/roles/lb-front/tasks/main.yml
@ -8,18 +8,18 @@
    path: /etc/haproxy/haproxy.cfg
    block: |
      frontend proxypublic
-        bind 192.168.56.2:80
+        bind 192.168.100.10:80
        default_backend fermeweb
      backend fermeweb
        balance roundrobin
        option httpclose
        #option httpchk HEAD / HTTP/1.0
-        server web1.test 192.168.56.3:80 check
+        server s-lb-web1 192.168.101.1:80 check
-        #server web2.test 192.168.56.4:80 check
+        server s-lb-web2 192.168.101.2:80 check
 - name: redemarre haproxy
  service:
    name: haproxy
-    state: restarted
+#    state: restarted
    enabled: yes
--- a/s-backup.yml
+++ b/s-backup.yml
@ -4,6 +4,7 @@
  roles:
    - base
    - goss
 #   - proxy3
    - snmp-agent
 #   - ssh-cli
--- a/s-lb.yml
+++ b/s-lb.yml
@ -5,7 +5,7 @@
   roles:
     - base
     - goss
-     - s-lb-ab
+     - lb-front
     - snmp-agent
     - post
Author	SHA1	Message	Date
root	5981b67dd9	Merge branch 'main' of https://gitea.lyc-lecastel.fr/gadmin/gsb2023	2023-01-25 15:33:10 +01:00
Elam Monnot	36336384e6	haproxy FINAL correc	2023-01-25 15:31:26 +01:00
root	0da9fc0d5a	mise a jour goss r-vp2	2023-01-25 15:25:07 +01:00
root	62f9591c62	goss s-backup	2023-01-25 15:24:53 +01:00
Elam Monnot	c32cf92cf5	correction role lb-front	2023-01-25 15:17:18 +01:00
root	d0ba31e795	Merge branch 'main' of https://gitea.lyc-lecastel.fr/gadmin/gsb2023	2023-01-25 11:29:48 +01:00
root	69aa1ac739	update test goss	2023-01-25 11:29:45 +01:00
Elam Monnot	90222678ce	correction haproxy	2023-01-25 11:26:54 +01:00
root	1fc84c8f19	goss s-mon correction	2023-01-25 11:21:09 +01:00