commentaire mkvm.ps1 pour executer le script sous windows

README.md

@@ -1,6 +1,6 @@
 # gsb2023
 
-2023-01-25 ps 
+2023-01-30 ps 
 
 Environnement et playbooks ansible pour le projet GSB 2023
 
@@ -34,7 +34,7 @@ Prérequis :
   * **s-lb-web1** : Serveur Wordpress 1 Load Balancer
   * **s-lb-web2** : Serveur Wordpress 2 Load Balancer
   * **s-lb-db** : Serveur Mariadb pour Wordpress
-  * **s-lb-nfs** : Serveur NFS pour application Wordpress
+  * **s-nas** : Serveur NFS pour application Wordpress avec LB
 
 
 ## Les playbooks

r-vp1.yml

@@ -13,9 +13,9 @@
    - goss
 #   - snmp-agent
 #   - firewall-vpn-r
+   - post
    - wireguard-r
-#   - x509-r
    - fw-ferm
    - ssh-cli
    - syslog-cli
-   - post
+   

roles/dhcp-fog/files/dhcpd.conf

@@ -109,12 +109,12 @@ log-facility local7;
 #DHCP pour le réseau wifi
 #subnet 172.16.65.0 netmask 255.255.255.0 {
 #	range 172.16.65.1 172.16.65.100;
-#  	option domain-name-servers ns1.internal.example.org;
+#	option domain-name-servers ns1.internal.example.org;
-#  	option domain-name "internal.example.org";
+#	option domain-name "internal.example.org";
-#  	option routers 10.5.5.1;
+#	option routers 10.5.5.1;
-#  	option broadcast-address 10.5.5.31;
+#	option broadcast-address 10.5.5.31;
-#  	default-lease-time 600;
+#	default-lease-time 600;
-#  	max-lease-time 7200;
+#	max-lease-time 7200;
 #}
 
 #DHCP pour le réseau USER

roles/dhcp-fog/tasks/main.yml

@@ -10,5 +10,3 @@
   copy: src=dhcpd.conf dest=/etc/dhcp/
   notify:
     - restart isc-dhcp-server
-  
- 

roles/fog/tasks/main.yml

@@ -1,17 +1,15 @@
 ---
-- name: creation d'un repertoire fog
-  file:
-    path: /root/tools/fog
-    state: directory
-
 - name: recuperation de l'archive d'installation fog sur git
   git:
     repo: https://gitea.lyc-lecastel.fr/gadmin/fog.git
     dest: /root/tools/fog/
     clone: yes
     update: yes
+    force: yes
 
-#- name: Instructions
+- name: Modification fichier bash (desac UDPCast)
-#  tags: msg
+  ansible.builtin.lineinfile:
-#    debug: msg='{{instructions}}'
+    path: /root/tools/fog/lib/common/functions.sh
-
+    regexp: '^configureUDPCast\(\).*'
+    line: "configureUDPCast() {\nreturn"
+    backup: yes

roles/lb-nfs-client/tasks/main.yml

@@ -10,4 +10,4 @@
     dest: /etc/fstab
     regexp: ''
     insertafter: EOF
-    line: '192.168.102.253:/home/wordpress /var/www/html/wordpress nfs soft,timeo=5,intr,rsize=8192,wsize=8192,wsize=8192 0 0'
+    line: '192.168.102.253:/home/ /var/www/html/wordpress nfs soft,timeo=5,intr,rsize=8192,wsize=8192,wsize=8192 0 0'

roles/lb-nfs-server/tasks/main.yml

@@ -60,7 +60,7 @@
   replace:
     path: /home/wordpress/wp-config.php
     regexp: "localhost"
-    replace: "192.168.102.253"
+    replace: "192.168.102.254"
     backup: yes
 
 - name: 55 - relance nfs

roles/lb-web/tasks/main.yml

@@ -1,11 +1,13 @@
 ---
-- name:
+- name: installation des paquets web
-  - apache2
+  apt:
-  - php
+    name:
-  - php-mbstring
+      - apache2
-  - php-mysql
+      - php
-  - mariadb-client
+      - php-mbstring
-  state: present
+      - php-mysql
+      - mariadb-client
+    state: present
 
 - name: install nfs-common
   apt:
@@ -16,11 +18,11 @@
   blockinfile:
     path: /etc/fstab
     block: |
-      192.168.56.6:/exports/wordpress /var/www/html nfs soft,timeo=5,intr,rsize=8192,wsize=8192,wsize=8192 0 0
+      192.168.102.253:/home/wordpress /var/www/html nfs soft,timeo=5,intr,rsize=8192,wsize=8192,wsize=8192 0 0
 
-- name: monte export wordpress
+      #- name: monte export wordpress
-  ansible.posix.mount:
+      #  ansible.posix.mount:
-    path: /var/www/html
+      #    path: /var/www/html
-    state: mounted
+      #    state: mounted
-    fstype: nfs
+      #    fstype: nfs
-    src: 192.168.56.6:/exports/wordpress
+      #    src: 192.168.102.253:/exports/wordpress

roles/wireguard-l/tasks/main.yml

@@ -14,8 +14,7 @@
     name: wireguard-tools
     state: present
 
-#- name: copie du fichier de configuration depuis r-vp1
+
-#  command: "sshpass -p 'root' scp -r root@192.168.99.112:/root/confwg/wg0-b.conf /etc/wireguard/"
 
 #- name: renommage du fichier de configuration
 #  command: "mv /etc/wireguard/wg0-b.conf /etc/wireguard/wg0.conf"

roles/wireguard-r/tasks/main.yml

@@ -39,3 +39,4 @@
     name: wg-quick@wg0
     enabled: yes
     state: restarted
+

s-lb-web1.yml

@@ -4,6 +4,6 @@
 
   roles:
     - base
+    - post
     - lb-web
     - snmp-agent
-    - post

s-lb-web2.yml

@@ -4,6 +4,6 @@
 
   roles:
     - base
+    - post
     - lb-web
     - snmp-agent
-    - post

scripts/mkvm.ps1

@@ -0,0 +1,158 @@
+# POUR POUVOIR EXECUTER DES SCRIPTS POWERSHELL SOUS WINDOWS LANCER COMMANDE SUIVANTE EN ADMIN SOUS POWERSHELL
+# set-executionpolicy unrestricted
+
+#mkvm pour toutes les vms
+
+$mkvmrelease="v1.2"
+$ovarelease="2023a"
+$ovafogrelease="2023a"
+$ovafile="$HOME\Downloads\debian-bullseye-gsb-${ovarelease}.ova"
+$ovafilefog="$HOME\Downloads\debian-buster-gsb-${ovafogrelease}.ova"
+$vboxmanage="C:\Program Files\Oracle\VirtualBox\VBoxManage.exe"
+$deletemode=0
+
+#FONCTIONS
+
+function create_vm{ param([string]$nomvm)
+	#Importation depuis l'ova
+	& "$vboxmanage" import "$ovafile"  --vsys 0 --vmname "$nomvm"
+	Write-Host "Machine $nomvm importée"
+}
+
+function create_if{ param([string]$nomvm, [string]$nic, [int]$rang, [string]$reseau)
+	#Création d'une interface
+	if ($nomvm -and $nic -and $rang -and $reseau) {
+	#if ("1" -eq "1") {
+		if ($nic -eq "bridge") {
+			#Création d'une interface en pont
+			& "$vboxmanage" modifyvm  "$nomvm" --nic"$rang" bridged
+			& "$vboxmanage" modifyvm  "$nomvm" --nictype"$rang" 82540EM
+			& "$vboxmanage" modifyvm  "$nomvm" --cableconnected"$rang" on
+			& "$vboxmanage" modifyvm  "$nomvm" --nicpromisc"$rang" allow-all
+			Write-Host "$nomvm : IF$rang $nic"
+		}
+		elseif ($nic -eq "int") {
+			#Création d'une interface en reseau interne
+			& "$vboxmanage" modifyvm  "$nomvm" --nic"$rang" intnet
+			& "$vboxmanage" modifyvm  "$nomvm" --intnet"$rang" "$reseau"
+			& "$vboxmanage" modifyvm  "$nomvm" --nictype"$rang" 82540EM
+			& "$vboxmanage" modifyvm  "$nomvm" --cableconnected"$rang" on
+			& "$vboxmanage" modifyvm  "$nomvm" --nicpromisc"$rang" allow-all
+			Write-Host "$nomvm : IF$rang $nic $reseau"
+		}
+	}
+}
+
+
+if ($args[0] -eq "s-adm") {
+
+	create_vm $args[0]
+	create_if $args[0] "bridge" 1 "null"
+	create_if $args[0] "int" 2 "n-adm"
+	
+}
+
+elseif ($args[0] -eq "s-infra") {
+
+	create_vm $args[0]
+	create_if $args[0] "int" 1 "n-adm"
+	create_if $args[0] "int" 2 "n-infra"
+
+#création de la première interface
+& "$vboxmanage" modifyvm  "s-infra" --nic1 intnet
+& "$vboxmanage" modifyvm  "s-infra" --intnet1 "n-adm"
+& "$vboxmanage" modifyvm  "s-infra" --nictype1 82540EM
+& "$vboxmanage" modifyvm  "s-infra" --cableconnected1 on
+& "$vboxmanage" modifyvm  "s-infra" --nicpromisc1 allow-all
+
+#création de la deuxième interface
+& "$vboxmanage" modifyvm  "s-infra" --nic2 intnet
+& "$vboxmanage" modifyvm  "s-infra" --intnet2 "n-infra"
+& "$vboxmanage" modifyvm  "s-infra" --nictype2 82540EM
+& "$vboxmanage" modifyvm  "s-infra" --cableconnected2 on
+& "$vboxmanage" modifyvm  "s-infra" --nicpromisc2 allow-all
+}
+
+elseif ($args[0] -eq "r-int") {
+
+	create_vm($args[0])
+
+#interface 1
+& "$vboxmanage" modifyvm  "r-int" --nic1 intnet
+& "$vboxmanage" modifyvm  "r-int" --intnet1 "n-adm"
+& "$vboxmanage" modifyvm  "r-int" --nictype1 82540EM
+& "$vboxmanage" modifyvm  "r-int" --cableconnected1 on
+& "$vboxmanage" modifyvm  "r-int" --nicpromisc1 allow-all
+
+#interface 2
+& "$vboxmanage" modifyvm  "r-int" --nic2 intnet
+& "$vboxmanage" modifyvm  "r-int" --intnet2 "n-link"
+& "$vboxmanage" modifyvm  "r-int" --nictype2 82540EM
+& "$vboxmanage" modifyvm  "r-int" --cableconnected2 on
+& "$vboxmanage" modifyvm  "r-int" --nicpromisc2 allow-all
+
+#interface 3
+& "$vboxmanage" modifyvm  "r-int" --nic3 intnet
+& "$vboxmanage" modifyvm  "r-int" --intnet3 "n-wifi"
+& "$vboxmanage" modifyvm  "r-int" --nictype3 82540EM
+& "$vboxmanage" modifyvm  "r-int" --cableconnected3 on
+& "$vboxmanage" modifyvm  "r-int" --nicpromisc3 allow-all
+
+#interface 4
+& "$vboxmanage" modifyvm  "r-int" --nic4 intnet
+& "$vboxmanage" modifyvm  "r-int" --intnet4 "n-user"
+& "$vboxmanage" modifyvm  "r-int" --nictype4 82540EM
+& "$vboxmanage" modifyvm  "r-int" --cableconnected4 on
+& "$vboxmanage" modifyvm  "r-int" --nicpromisc4 allow-all
+
+#interface 5
+& "$vboxmanage" modifyvm  "r-int" --nic5 intnet
+& "$vboxmanage" modifyvm  "r-int" --intnet5 "n-infra"
+& "$vboxmanage" modifyvm  "r-int" --nictype5 82540EM
+& "$vboxmanage" modifyvm  "r-int" --cableconnected5 on
+& "$vboxmanage" modifyvm  "r-int" --nicpromisc5 allow-all
+}
+
+elseif ($args[0] -eq "r-ext") {
+
+	create_vm($args[0])
+
+#interface 1
+& "$vboxmanage" modifyvm  "r-ext" --nic1 intnet
+& "$vboxmanage" modifyvm  "r-ext" --intnet1 "n-adm"
+& "$vboxmanage" modifyvm  "r-ext" --nictype1 82540EM
+& "$vboxmanage" modifyvm  "r-ext" --cableconnected1 on
+& "$vboxmanage" modifyvm  "r-ext" --nicpromisc1 allow-all
+
+#interface 2
+& "$vboxmanage" modifyvm  "r-ext" --nic2 intnet
+& "$vboxmanage" modifyvm  "r-ext" --intnet2 "n-dmz"
+& "$vboxmanage" modifyvm  "r-ext" --nictype2 82540EM
+& "$vboxmanage" modifyvm  "r-ext" --cableconnected2 on
+& "$vboxmanage" modifyvm  "r-ext" --nicpromisc2 allow-all
+
+#interface 3
+& "$vboxmanage" modifyvm  "r-ext" --nic3 bridged
+& "$vboxmanage" modifyvm  "r-ext" --nictype3 82540EM
+& "$vboxmanage" modifyvm  "r-ext" --cableconnected3 on
+& "$vboxmanage" modifyvm  "r-ext" --nicpromisc3 allow-all
+
+#interface 4
+& "$vboxmanage" modifyvm  "r-ext" --nic4 intnet
+& "$vboxmanage" modifyvm  "r-ext" --intnet4 "n-linkv"
+& "$vboxmanage" modifyvm  "r-ext" --nictype4 82540EM
+& "$vboxmanage" modifyvm  "r-ext" --cableconnected4 on
+& "$vboxmanage" modifyvm  "r-ext" --nicpromisc4 allow-all
+
+#interface 5
+& "$vboxmanage" modifyvm  "r-ext" --nic5 intnet
+& "$vboxmanage" modifyvm  "r-ext" --intnet5 "n-link"
+& "$vboxmanage" modifyvm  "r-ext" --nictype5 82540EM
+& "$vboxmanage" modifyvm  "r-ext" --cableconnected5 on
+& "$vboxmanage" modifyvm  "r-ext" --nicpromisc5 allow-all
+}
+
+elseif ($args[0] -eq "test") {
+
+fonction1 $args[0] $args[1]
+}

scripts/r-vp1-post.sh

@@ -0,0 +1,2 @@
+#!/bin/bash
+cd /root/confwg/ && python3 -m http.server 8000 &

scripts/r-vp2-post.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+wget http://r-vp1.gsb.adm:8000/wg0-b.qconf