Compare commits
15 Commits
v0.0.5g-em
...
v0.0.5t-aa
| Author | SHA1 | Date | |
|---|---|---|---|
| e3694bb917 | |||
| e9b0ad453b | |||
| 559566e1d1 | |||
| c50ae995f3 | |||
| 218a97a41b | |||
| 016d201057 | |||
| 33b544f465 | |||
| 8d00ae0fdc | |||
| ca787ebe42 | |||
| 9091453119 | |||
| b5e4f05429 | |||
| 4bbd472f44 | |||
| 17be09987f | |||
| 431ebbe1ba | |||
| 44d52b757b |
@ -34,7 +34,7 @@ if [[ $? != 0 ]]; then
|
|||||||
${APT} install -y git-core
|
${APT} install -y git-core
|
||||||
fi
|
fi
|
||||||
${APT} update
|
${APT} update
|
||||||
${APT} upgrade -y
|
#${APT} upgrade -y
|
||||||
|
|
||||||
which ansible >> /dev/null
|
which ansible >> /dev/null
|
||||||
if [[ $? != 0 ]]; then
|
if [[ $? != 0 ]]; then
|
||||||
|
|||||||
@ -45,7 +45,9 @@ str6="curl -L https://github.com/aelsabbahy/goss/releases/download/${GOSSVER}/go
|
|||||||
#str8="wget -nc 'https://gestsup.fr/index.php?page=download&channel=stable&version=${GESTSUPREL}&type=gestsup' -O gestsup_${GESTSUPREL}.zip"
|
#str8="wget -nc 'https://gestsup.fr/index.php?page=download&channel=stable&version=${GESTSUPREL}&type=gestsup' -O gestsup_${GESTSUPREL}.zip"
|
||||||
str8="wget -nc 'https://gestsup.fr/index.php?page=download&channel=stable&version=3.2.30&type=gestsup' -O gestsup_3.2.30.zip"
|
str8="wget -nc 'https://gestsup.fr/index.php?page=download&channel=stable&version=3.2.30&type=gestsup' -O gestsup_3.2.30.zip"
|
||||||
|
|
||||||
ELKREL=8.6.0
|
|
||||||
|
#METRICBEAT ET FILEBEAT
|
||||||
|
ELKREL=8.5.3
|
||||||
str81="wget https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-${ELKREL}-amd64.deb"
|
str81="wget https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-${ELKREL}-amd64.deb"
|
||||||
|
|
||||||
str82="wget https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-${ELKREL}-windows-x86_64.zip"
|
str82="wget https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-${ELKREL}-windows-x86_64.zip"
|
||||||
|
|||||||
@ -22,6 +22,6 @@
|
|||||||
replace: 'xpack.license.self_generated.type: basic'
|
replace: 'xpack.license.self_generated.type: basic'
|
||||||
|
|
||||||
- name: Execution du fichier docker-compose.yml
|
- name: Execution du fichier docker-compose.yml
|
||||||
shell: docker-compose up -d
|
shell: docker compose up -d
|
||||||
args:
|
args:
|
||||||
chdir: /root/elk
|
chdir: /root/elk
|
||||||
|
|||||||
1
roles/filebeat-cli/defaults/main.yml
Normal file
1
roles/filebeat-cli/defaults/main.yml
Normal file
@ -0,0 +1 @@
|
|||||||
|
BEATVER: "8.5.3"
|
||||||
@ -1,4 +1,4 @@
|
|||||||
- name: start filebeat
|
- name: restart filebeat
|
||||||
service:
|
service:
|
||||||
name: filebeat
|
name: filebeat
|
||||||
state: started
|
state: started
|
||||||
|
|||||||
@ -1,12 +1,12 @@
|
|||||||
---
|
---
|
||||||
- name: Récupération de filebeat
|
- name: Récupération de filebeat
|
||||||
get_url:
|
get_url:
|
||||||
url: http://s-adm.gsb.adm/gsbstore/filebeat-7.16.3-amd64.deb
|
url: http://s-adm.gsb.adm/gsbstore/filebeat-${BEATVAR}-amd64.deb
|
||||||
dest: /tmp/
|
dest: /tmp/
|
||||||
|
|
||||||
- name: Installation de filebeat
|
- name: Installation de filebeat
|
||||||
apt:
|
apt:
|
||||||
deb: /tmp/filebeat-7.16.3-amd64.deb
|
deb: /tmp/filebeat-${BEATVEAR}-amd64.deb
|
||||||
|
|
||||||
- name: Changement du fichier de conf
|
- name: Changement du fichier de conf
|
||||||
copy:
|
copy:
|
||||||
@ -15,9 +15,9 @@
|
|||||||
|
|
||||||
- name: Configuration de filebeat
|
- name: Configuration de filebeat
|
||||||
shell: filebeat modules enable system
|
shell: filebeat modules enable system
|
||||||
notify: start filebeat
|
notify: restart filebeat
|
||||||
|
|
||||||
- name: Lancement de la configuration de filebeat
|
- name: Lancement de la configuration de filebeat
|
||||||
shell: filebeat setup -e
|
shell: filebeat setup -e
|
||||||
notify: start filebeat
|
notify: restart filebeat
|
||||||
|
|
||||||
|
|||||||
11
roles/fog/README.md
Normal file
11
roles/fog/README.md
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
# Fog
|
||||||
|
Ce rôle permet l'installation et la modification de Fog.
|
||||||
|
|
||||||
|
## Fog, c'est quoi ?
|
||||||
|
|
||||||
|
Fog permet le déploiement d'images disque tel que Windows ou bien Linux en utilisant PXE (Preboot Execution Environment).
|
||||||
|
|
||||||
|
## Comment l'installer ?
|
||||||
|
|
||||||
|
Avant toute chose, lancer le fichier goss de s-fog ( présent dans gsb2023/goss/s-fog.yaml ) pour vérifier que la configuration réseau est correct et opérationel. Une fois l'installation principal effectué, il faut lancé le playbook ansible s-fog.yaml.
|
||||||
|
Il faudra se rendre dans le dossier **fog** pour lancer le script **installfog.sh** ( fog/bin/ ). La configuration sera déjà établi via le fichier **.fogsettings**
|
||||||
46
roles/fog/files/fogsettings
Normal file
46
roles/fog/files/fogsettings
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
## Start of FOG Settings
|
||||||
|
## Created by the FOG Installer
|
||||||
|
## Find more information about this file in the FOG Project wiki:
|
||||||
|
## https://wiki.fogproject.org/wiki/index.php?title=.fogsettings
|
||||||
|
## Version: 1.5.9
|
||||||
|
## Install time: jeu. 26 janv. 2023 11:41:05
|
||||||
|
ipaddress='172.16.64.16'
|
||||||
|
copybackold='0'
|
||||||
|
interface='enp0s9'
|
||||||
|
submask='255.255.255.0'
|
||||||
|
hostname='s-fog.gsb.lan'
|
||||||
|
routeraddress='192.168.99.99'
|
||||||
|
plainrouter='192.168.99.99'
|
||||||
|
dnsaddress='172.16.0.1'
|
||||||
|
username='fogproject'
|
||||||
|
password='/7ElC1OHrP47EN2w59xl'
|
||||||
|
osid='2'
|
||||||
|
osname='Debian'
|
||||||
|
dodhcp='y'
|
||||||
|
bldhcp='1'
|
||||||
|
dhcpd='isc-dhcp-server'
|
||||||
|
blexports='1'
|
||||||
|
installtype='N'
|
||||||
|
snmysqluser='fogmaster'
|
||||||
|
snmysqlpass='HHO5vSGqFiHE_9d2lja3'
|
||||||
|
snmysqlhost='localhost'
|
||||||
|
mysqldbname='fog'
|
||||||
|
installlang='0'
|
||||||
|
storageLocation='/images'
|
||||||
|
fogupdateloaded=1
|
||||||
|
docroot='/var/www/html/'
|
||||||
|
webroot='/fog/'
|
||||||
|
caCreated='yes'
|
||||||
|
httpproto='http'
|
||||||
|
startrange='172.16.64.10'
|
||||||
|
endrange='172.16.64.254'
|
||||||
|
bootfilename='undionly.kpxe'
|
||||||
|
packages='apache2 bc build-essential cpp curl g++ gawk gcc genisoimage git gzip htmldoc isc-dhcp-server isolinux lftp libapache2-mod-php7.4 libc6 libcurl4 li>
|
||||||
|
noTftpBuild=''
|
||||||
|
sslpath='/opt/fog/snapins/ssl/'
|
||||||
|
backupPath='/home/'
|
||||||
|
armsupport='0'
|
||||||
|
php_ver='7.4'
|
||||||
|
php_verAdds='-7.4'
|
||||||
|
sslprivkey='/opt/fog/snapins/ssl//.srvprivate.key'
|
||||||
|
## End of FOG Settings
|
||||||
@ -1,11 +1,15 @@
|
|||||||
---
|
---
|
||||||
|
- name: creation d'un repertoire fog
|
||||||
|
file:
|
||||||
|
path: /root/tools/fog
|
||||||
|
state: directory
|
||||||
|
|
||||||
- name: recuperation de l'archive d'installation fog sur git
|
- name: recuperation de l'archive d'installation fog sur git
|
||||||
git:
|
git:
|
||||||
repo: https://gitea.lyc-lecastel.fr/gadmin/fog.git
|
repo: https://gitea.lyc-lecastel.fr/gadmin/fog.git
|
||||||
dest: /root/tools/fog/
|
dest: /root/tools/fog/
|
||||||
clone: yes
|
clone: yes
|
||||||
update: yes
|
update: yes
|
||||||
force: yes
|
|
||||||
|
|
||||||
- name: Modification fichier bash (desac UDPCast)
|
- name: Modification fichier bash (desac UDPCast)
|
||||||
ansible.builtin.lineinfile:
|
ansible.builtin.lineinfile:
|
||||||
@ -13,3 +17,10 @@
|
|||||||
regexp: '^configureUDPCast\(\).*'
|
regexp: '^configureUDPCast\(\).*'
|
||||||
line: "configureUDPCast() {\nreturn"
|
line: "configureUDPCast() {\nreturn"
|
||||||
backup: yes
|
backup: yes
|
||||||
|
|
||||||
|
- name: fichier config fogsettings
|
||||||
|
command: "cp /root/tools/ansible/roles/fog/files/fogsettings /opt/fog/"
|
||||||
|
|
||||||
|
- name: fichier fogsettings en .fogsettings
|
||||||
|
command: "mv /opt/fog/fogsettings /opt/fog/.fogsettings"
|
||||||
|
|
||||||
|
|||||||
@ -1,3 +1,2 @@
|
|||||||
depl_url: "http://s-adm.gsb.adm/gsbstore"
|
depl_url: "http://s-adm.gsb.adm/gsbstore"
|
||||||
depl_goss: "goss"
|
depl_goss: "goss"
|
||||||
|
|
||||||
|
|||||||
@ -1,5 +1,4 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
- name: goss binary exists
|
- name: goss binary exists
|
||||||
stat: path=/usr/local/bin/goss
|
stat: path=/usr/local/bin/goss
|
||||||
register: gossbin
|
register: gossbin
|
||||||
@ -18,4 +17,3 @@
|
|||||||
mode: 0755
|
mode: 0755
|
||||||
remote_src: yes
|
remote_src: yes
|
||||||
when: gossbin.stat.exists == false and ansible_hostname == "s-adm"
|
when: gossbin.stat.exists == false and ansible_hostname == "s-adm"
|
||||||
|
|
||||||
|
|||||||
1
roles/metricbeat-cli/defaults/main.yml
Normal file
1
roles/metricbeat-cli/defaults/main.yml
Normal file
@ -0,0 +1 @@
|
|||||||
|
BEATVER: "8.5.3"
|
||||||
@ -1,5 +1,5 @@
|
|||||||
- name: start metricbeat
|
- name: restart metricbeat
|
||||||
service:
|
service:
|
||||||
name: metricbeat
|
name: metricbeat
|
||||||
state: started
|
state: restarted
|
||||||
enabled: yes
|
enabled: yes
|
||||||
|
|||||||
@ -1,12 +1,12 @@
|
|||||||
---
|
---
|
||||||
- name: Récupération de metricbeat
|
- name: Récupération de metricbeat
|
||||||
get_url:
|
get_url:
|
||||||
url: http://s-adm.gsb.adm/gsbstore/metricbeat-7.16.3-amd64.deb
|
url: http://s-adm.gsb.adm/gsbstore/metricbeat-${BEATVER}-amd64.deb
|
||||||
dest: /tmp/
|
dest: /tmp/
|
||||||
|
|
||||||
- name: Installation de metricbeat
|
- name: Installation de metricbeat
|
||||||
apt:
|
apt:
|
||||||
deb: /tmp/metricbeat-7.16.3-amd64.deb
|
deb: /tmp/metricbeat-${BEATVER}-amd64.deb
|
||||||
|
|
||||||
- name: Changement du fichier de conf
|
- name: Changement du fichier de conf
|
||||||
copy:
|
copy:
|
||||||
@ -15,9 +15,9 @@
|
|||||||
|
|
||||||
- name: Configuration de metricbeat
|
- name: Configuration de metricbeat
|
||||||
shell: metricbeat modules enable system
|
shell: metricbeat modules enable system
|
||||||
notify: start metricbeat
|
notify: restart metricbeat
|
||||||
|
|
||||||
- name: Lancement de la configuration de metricbeat
|
- name: Lancement de la configuration de metricbeat
|
||||||
shell: metricbeat setup -e
|
shell: metricbeat setup -e
|
||||||
notify: start metricbeat
|
notify: restart metricbeat
|
||||||
|
|
||||||
|
|||||||
@ -4,7 +4,6 @@
|
|||||||
|
|
||||||
roles:
|
roles:
|
||||||
- base
|
- base
|
||||||
- goss
|
|
||||||
- s-ssh
|
- s-ssh
|
||||||
- dnsmasq
|
- dnsmasq
|
||||||
- squid
|
- squid
|
||||||
@ -12,3 +11,4 @@
|
|||||||
- snmp-agent
|
- snmp-agent
|
||||||
- syslog-cli
|
- syslog-cli
|
||||||
- post
|
- post
|
||||||
|
# - goss
|
||||||
|
|||||||
@ -1,9 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
|
|
||||||
if [[ $1 == "version" ]] ; then
|
|
||||||
echo 'chname v1.0 pour debian 11'
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
sed -i "s/bullseye/$1/g" /etc/host{s,name}
|
|
||||||
echo 'redemarrer pour finaliser le changement du nom'
|
|
||||||
exit 0
|
|
||||||
@ -1 +0,0 @@
|
|||||||
apt update;upgrade -y;mkdir -p /root/tools/ansible;cd /root/tools/ansible;git clone https://gitea.lyc-lecastel.fr/gadmin/gsb2023.git;cd gsb2023/pre;export DEPL=192.168.99.99;bash gsbboot;cd ../..;bash pull-config
|
|
||||||
@ -1,4 +0,0 @@
|
|||||||
apt update;apt upgrade -y;
|
|
||||||
mkdir -p tools/ansible;cd tools/ansible;git clone https://gitea.lyc-lecastel.fr/gadmin/gsb2023.git;
|
|
||||||
cd gsb2023/pre;bash inst-depl;cd /var/www/html/gsbstore;bash getall;
|
|
||||||
cd /root/tools/ansible/gsb2023/pre;bash gsbboot; cd ..;bash pull-config;
|
|
||||||
14
scripts/debian11/chname
Normal file
14
scripts/debian11/chname
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
if [[ $# != 1 ]] ; then
|
||||||
|
echo "$0 - renomme une VM"
|
||||||
|
echo "usage : $0 <nouveaunom> "
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
if [[ $1 == "version" ]] ; then
|
||||||
|
echo 'chname v1.1 pour debian 11'
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
oldname=$(hostname)
|
||||||
|
sed -i "s/${oldname}/$1/g" /etc/host{s,name}
|
||||||
|
echo 'redemarrer pour finaliser le changement du nom'
|
||||||
|
exit 0
|
||||||
11
scripts/debian11/gsb-start
Normal file
11
scripts/debian11/gsb-start
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
apt-get update
|
||||||
|
#upgrade -y
|
||||||
|
mkdir -p /root/tools/ansible
|
||||||
|
cd /root/tools/ansible
|
||||||
|
git clone https://gitea.lyc-lecastel.fr/gadmin/gsb2023.git
|
||||||
|
cd gsb2023/pre
|
||||||
|
export DEPL=192.168.99.99
|
||||||
|
bash gsbboot
|
||||||
|
cd ../..
|
||||||
|
bash pull-config
|
||||||
15
scripts/debian11/s-adm-start
Normal file
15
scripts/debian11/s-adm-start
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
apt-get update
|
||||||
|
#apt upgrade -y;
|
||||||
|
mkdir -p tools/ansible
|
||||||
|
cd tools/ansible
|
||||||
|
git clone https://gitea.lyc-lecastel.fr/gadmin/gsb2023.git;
|
||||||
|
cd gsb2023/pre
|
||||||
|
bash inst-depl
|
||||||
|
cd /var/www/html/gsbstore
|
||||||
|
bash getall
|
||||||
|
cd /root/tools/ansible/gsb2023/pre
|
||||||
|
bash gsbboot
|
||||||
|
cd ..
|
||||||
|
bash pull-config
|
||||||
|
|
||||||
@ -1,9 +1,9 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
mkvmrelease="v1.2.1"
|
mkvmrelease="v1.2.2"
|
||||||
|
|
||||||
ovarelease="2023a"
|
ovarelease="2023b"
|
||||||
ovafogrelease="2023a"
|
ovafogrelease="2023b"
|
||||||
ovafile="$HOME/Téléchargements/debian-bullseye-gsb-${ovarelease}.ova"
|
ovafile="$HOME/Téléchargements/debian-bullseye-gsb-${ovarelease}.ova"
|
||||||
ovafilefog="$HOME/Téléchargements/debian-buster-gsb-${ovafogrelease}.ova"
|
ovafilefog="$HOME/Téléchargements/debian-buster-gsb-${ovafogrelease}.ova"
|
||||||
deletemode=0
|
deletemode=0
|
||||||
@ -96,6 +96,8 @@ elif [[ "${vm}" == "s-web-ext" ]] ; then
|
|||||||
create_if "${vm}" "n-adm" "n-dmz"
|
create_if "${vm}" "n-adm" "n-dmz"
|
||||||
elif [[ "${vm}" == "s-nxc" ]] ; then
|
elif [[ "${vm}" == "s-nxc" ]] ; then
|
||||||
create_if "${vm}" "n-adm" "n-infra"
|
create_if "${vm}" "n-adm" "n-infra"
|
||||||
|
elif [[ "${vm}" == "s-elk" ]] ; then
|
||||||
|
create_if "${vm}" "n-adm" "n-infra"
|
||||||
elif [[ "${vm}" == "s-lb" ]] ; then
|
elif [[ "${vm}" == "s-lb" ]] ; then
|
||||||
create_if "${vm}" "n-adm" "n-dmz" "n-dmz-lb"
|
create_if "${vm}" "n-adm" "n-dmz" "n-dmz-lb"
|
||||||
elif [[ "${vm}" == "s-lb-web1" ]] ; then
|
elif [[ "${vm}" == "s-lb-web1" ]] ; then
|
||||||
|
|||||||
@ -3,9 +3,9 @@
|
|||||||
|
|
||||||
#mkvm pour toutes les vms
|
#mkvm pour toutes les vms
|
||||||
|
|
||||||
$mkvmrelease="v1.2"
|
$mkvmrelease="v1.2.2"
|
||||||
$ovarelease="2023a"
|
$ovarelease="2023b"
|
||||||
$ovafogrelease="2023a"
|
$ovafogrelease="2023b"
|
||||||
$ovafile="$HOME\Downloads\debian-bullseye-gsb-${ovarelease}.ova"
|
$ovafile="$HOME\Downloads\debian-bullseye-gsb-${ovarelease}.ova"
|
||||||
$ovafilefog="$HOME\Downloads\debian-buster-gsb-${ovafogrelease}.ova"
|
$ovafilefog="$HOME\Downloads\debian-buster-gsb-${ovafogrelease}.ova"
|
||||||
$vboxmanage="C:\Program Files\Oracle\VirtualBox\VBoxManage.exe"
|
$vboxmanage="C:\Program Files\Oracle\VirtualBox\VBoxManage.exe"
|
||||||
@ -87,6 +87,11 @@ elseif (((((((($args[0] -eq "s-elk") `
|
|||||||
create_vm $args[0]
|
create_vm $args[0]
|
||||||
create_if $args[0] "int" 1 "n-adm"
|
create_if $args[0] "int" 1 "n-adm"
|
||||||
create_if $args[0] "int" 2 "n-infra"
|
create_if $args[0] "int" 2 "n-infra"
|
||||||
|
if ($args[0] -eq "s-elk") {
|
||||||
|
|
||||||
|
& "$vboxmanage" modifyvm "$args[0]" --memory 4096
|
||||||
|
Write-Host "$args[0] : 4096 RAM OK"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
elseif ($args[0] -eq "s-fog") {
|
elseif ($args[0] -eq "s-fog") {
|
||||||
@ -153,4 +158,4 @@ elseif ($args[0] -eq "r-vp2") {
|
|||||||
|
|
||||||
else {
|
else {
|
||||||
usage
|
usage
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,6 +1,6 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
#recuperation du fichier de config
|
#recuperation du fichier de config
|
||||||
wget http://r-vp1.gsb.adm:8000/wg0-b.qconf
|
wget http://r-vp1.gsb.adm:8800/wg0-b.conf
|
||||||
#renomage fichier et mv
|
#renomage fichier et mv
|
||||||
mv ./wg0-b.conf /etc/wireguard/wg0.conf
|
mv ./wg0-b.conf /etc/wireguard/wg0.conf
|
||||||
#activation interface wg0
|
#activation interface wg0
|
||||||
|
|||||||
Reference in New Issue
Block a user