changement fichier fog

README.md

@@ -1,6 +1,6 @@
 # gsb2023
 
-2023-01-25 ps 
+2023-01-30 ps 
 
 Environnement et playbooks ansible pour le projet GSB 2023
 
@@ -34,7 +34,7 @@ Prérequis :
   * **s-lb-web1** : Serveur Wordpress 1 Load Balancer
   * **s-lb-web2** : Serveur Wordpress 2 Load Balancer
   * **s-lb-db** : Serveur Mariadb pour Wordpress
-  * **s-lb-nfs** : Serveur NFS pour application Wordpress
+  * **s-nas** : Serveur NFS pour application Wordpress avec LB
 
 
 ## Les playbooks

r-vp1.yml

@@ -13,9 +13,9 @@
    - goss
 #   - snmp-agent
 #   - firewall-vpn-r
+   - post
    - wireguard-r
-#   - x509-r
    - fw-ferm
    - ssh-cli
    - syslog-cli
-   - post
+   

roles/dhcp-fog/files/dhcpd.conf

@@ -109,12 +109,12 @@ log-facility local7;
 #DHCP pour le réseau wifi
 #subnet 172.16.65.0 netmask 255.255.255.0 {
 #	range 172.16.65.1 172.16.65.100;
-#  	option domain-name-servers ns1.internal.example.org;
-#  	option domain-name "internal.example.org";
-#  	option routers 10.5.5.1;
-#  	option broadcast-address 10.5.5.31;
-#  	default-lease-time 600;
-#  	max-lease-time 7200;
+#	option domain-name-servers ns1.internal.example.org;
+#	option domain-name "internal.example.org";
+#	option routers 10.5.5.1;
+#	option broadcast-address 10.5.5.31;
+#	default-lease-time 600;
+#	max-lease-time 7200;
 #}
 
 #DHCP pour le réseau USER

roles/dhcp-fog/tasks/main.yml

@@ -10,5 +10,3 @@
   copy: src=dhcpd.conf dest=/etc/dhcp/
   notify:
     - restart isc-dhcp-server
-  
- 

roles/fog/tasks/main.yml

@@ -1,17 +1,15 @@
 ---
-- name: creation d'un repertoire fog
-  file:
-    path: /root/tools/fog
-    state: directory
-
 - name: recuperation de l'archive d'installation fog sur git
   git:
     repo: https://gitea.lyc-lecastel.fr/gadmin/fog.git
     dest: /root/tools/fog/
     clone: yes
     update: yes
+    force: yes
 
-#- name: Instructions
-#  tags: msg
-#    debug: msg='{{instructions}}'
-
+- name: Modification fichier bash (desac UDPCast)
+  ansible.builtin.lineinfile:
+    path: /root/tools/fog/lib/common/functions.sh
+    regexp: '^configureUDPCast\(\).*'
+    line: "configureUDPCast() {\nreturn"
+    backup: yes

roles/lb-web/tasks/main.yml

@@ -1,11 +1,13 @@
 ---
-- name:
-  - apache2
-  - php
-  - php-mbstring
-  - php-mysql
-  - mariadb-client
-  state: present
+- name: installation des paquets web
+  apt:
+    name:
+      - apache2
+      - php
+      - php-mbstring
+      - php-mysql
+      - mariadb-client
+    state: present
 
 - name: install nfs-common
   apt:
@@ -16,11 +18,11 @@
   blockinfile:
     path: /etc/fstab
     block: |
-      192.168.56.6:/exports/wordpress /var/www/html nfs soft,timeo=5,intr,rsize=8192,wsize=8192,wsize=8192 0 0
+      192.168.102.253:/exports/wordpress /var/www/html nfs soft,timeo=5,intr,rsize=8192,wsize=8192,wsize=8192 0 0
 
-- name: monte export wordpress
-  ansible.posix.mount:
-    path: /var/www/html
-    state: mounted
-    fstype: nfs
-    src: 192.168.56.6:/exports/wordpress
+      #- name: monte export wordpress
+      #  ansible.posix.mount:
+      #    path: /var/www/html
+      #    state: mounted
+      #    fstype: nfs
+      #    src: 192.168.102.253:/exports/wordpress

roles/wireguard-l/tasks/main.yml

@@ -14,8 +14,9 @@
     name: wireguard-tools
     state: present
 
-#- name: copie du fichier de configuration depuis r-vp1
-#  command: "sshpass -p 'root' scp -r root@192.168.99.112:/root/confwg/wg0-b.conf /etc/wireguard/"
+
+- name: copie du fichier de configuration depuis r-vp1
+  command: "wget http://r-vp1.gsb.adm:8000/wg0-b.conf"
 
 #- name: renommage du fichier de configuration
 #  command: "mv /etc/wireguard/wg0-b.conf /etc/wireguard/wg0.conf"

roles/wireguard-r/tasks/main.yml

@@ -39,3 +39,6 @@
     name: wg-quick@wg0
     enabled: yes
     state: restarted
+
+- name: ouverture port 8000 pour copie fichier config
+  command: "cd /root/confwg/ && python3 -m http.server 8000 &"

s-lb-web1.yml

@@ -4,6 +4,6 @@
 
   roles:
     - base
+    - post
     - lb-web
     - snmp-agent
-    - post

s-lb-web2.yml

@@ -4,6 +4,6 @@
 
   roles:
     - base
+    - post
     - lb-web
     - snmp-agent
-    - post

scripts/mkvm.ps1

@@ -0,0 +1,128 @@
+#mkvm pour toutes les vms
+
+$mkvmrelease="v1.2"
+$ovarelease="2023a"
+$ovafogrelease="2023a"
+$ovafile="$HOME\Downloads\debian-bullseye-gsb-${ovarelease}.ova"
+$ovafilefog="$HOME\Downloads\debian-buster-gsb-${ovafogrelease}.ova"
+$deletemode=0
+
+if ($args[0] -eq "s-adm") {
+
+#Importation depuis l'ova
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" import "$ovafile"  --vsys 0 --vmname "s-adm"
+
+#création de la première interface
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "s-adm" --nic1 bridged
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "s-adm" --nictype1 82540EM
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "s-adm" --cableconnected1 on
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "s-adm" --nicpromisc1 allow-all
+
+#création de la deuxième interface
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "s-adm" --nic2 intnet
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "s-adm" --intnet2 "n-adm"
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "s-adm" --nictype2 82540EM
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "s-adm" --cableconnected2 on
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "s-adm" --nicpromisc2 allow-all
+}
+
+elseif ($args[0] -eq "s-infra") {
+
+#Importation depuis l'ova
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" import "$ovafile"  --vsys 0 --vmname "s-infra"
+
+#création de la première interface
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "s-infra" --nic1 intnet
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "s-infra" --intnet1 "n-adm"
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "s-infra" --nictype1 82540EM
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "s-infra" --cableconnected1 on
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "s-infra" --nicpromisc1 allow-all
+
+#création de la deuxième interface
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "s-infra" --nic2 intnet
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "s-infra" --intnet2 "n-infra"
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "s-infra" --nictype2 82540EM
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "s-infra" --cableconnected2 on
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "s-infra" --nicpromisc2 allow-all
+}
+
+elseif ($args[0] -eq "r-int") {
+
+#Importation depuis l'ova
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" import "$ovafile"  --vsys 0 --vmname "r-int"
+
+#interface 1
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --nic1 intnet
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --intnet1 "n-adm"
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --nictype1 82540EM
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --cableconnected1 on
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --nicpromisc1 allow-all
+
+#interface 2
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --nic2 intnet
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --intnet2 "n-link"
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --nictype2 82540EM
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --cableconnected2 on
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --nicpromisc2 allow-all
+
+#interface 3
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --nic3 intnet
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --intnet3 "n-wifi"
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --nictype3 82540EM
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --cableconnected3 on
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --nicpromisc3 allow-all
+
+#interface 4
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --nic4 intnet
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --intnet4 "n-user"
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --nictype4 82540EM
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --cableconnected4 on
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --nicpromisc4 allow-all
+
+#interface 5
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --nic5 intnet
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --intnet5 "n-infra"
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --nictype5 82540EM
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --cableconnected5 on
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-int" --nicpromisc5 allow-all
+}
+
+elseif ($args[0] -eq "r-ext") {
+
+#Importation depuis l'ova
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" import "$ovafile"  --vsys 0 --vmname "r-ext"
+
+#interface 1
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --nic1 intnet
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --intnet1 "n-adm"
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --nictype1 82540EM
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --cableconnected1 on
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --nicpromisc1 allow-all
+
+#interface 2
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --nic2 intnet
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --intnet2 "n-dmz"
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --nictype2 82540EM
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --cableconnected2 on
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --nicpromisc2 allow-all
+
+#interface 3
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --nic3 bridged
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --nictype3 82540EM
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --cableconnected3 on
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --nicpromisc3 allow-all
+
+#interface 4
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --nic4 intnet
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --intnet4 "n-linkv"
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --nictype4 82540EM
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --cableconnected4 on
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --nicpromisc4 allow-all
+
+#interface 5
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --nic5 intnet
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --intnet5 "n-link"
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --nictype5 82540EM
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --cableconnected5 on
+& "C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" modifyvm  "r-ext" --nicpromisc5 allow-all
+}