route ok r-vp1

route ok s-agence
fw-ferm role r-vpX ok
2023-06-05 17:59:42 +02:00 · 2023-06-05 17:32:22 +02:00 · 2023-06-04 12:48:40 +02:00 · 2023-06-04 12:46:57 +02:00 · 2023-06-01 19:06:16 +02:00 · 2023-06-01 14:37:53 +02:00
36 changed files with 194 additions and 51 deletions
--- a/goss/s-webcom.yaml
+++ b/goss/s-webcom.yaml
@ -0,0 +1,24 @@
+package:
+  apache2:
+    installed: true
+addr:
+  tcp://depl.sio.lan:80:
+    reachable: true
+    timeout: 500
+port:
+  tcp:80:
+    listening: true
+service:
+  apache2:
+dns:
+  depl.sio.lan:
+    resolveable: true
+    timeout: 500
+process:
+  apache2:
+    running: true
+interface:
+  enp0s8:
+    exists: true
+    addrs:
+    - 172.16.0.12/24
--- a/pre/pull-config
+++ b/pre/pull-config
@ -5,7 +5,7 @@ prj=gsb2023
 opt=""

 if [ -z ${UREP+x} ]; then 
-	UREP=https://gitea.lyc-lecastel.fr/gadmin/gsb2023.git 
+	UREP=https://gitea.lyc-lecastel.fr/anthony.arnoux/gsb2023.git 
 fi

 dir=/root/tools/ansible
--- a/2
+++ b/2
@ -1,7 +1,7 @@
 #!/bin/bash

 if [ -z ${UREP+x} ]; then 
-	UREP=https://gitea.lyc-lecastel.fr/gadmin/gsb2023.git 
+	UREP=https://gitea.lyc-lecastel.fr/anthony.arnoux/gsb2023.git 
 fi

 dir=/root/tools/ansible
--- a/r-vp1.yml
+++ b/r-vp1.yml
@ -16,4 +16,5 @@
   - wireguard-r
   - ssh-cli
   - syslog-cli
+   - fw-ferm
   
--- a/r-vp2.yml
+++ b/r-vp2.yml
@ -19,3 +19,4 @@
   - post
   - ssh-cli
   - syslog-cli
+   - fw-ferm
--- a/roles/apache2only/handlers/main.yml
+++ b/roles/apache2only/handlers/main.yml
@ -0,0 +1,5 @@
+---
+- name: restart apache2
+  service:
+    name: apache2
+    state: restarted
--- a/roles/apache2only/tasks/main.yml
+++ b/roles/apache2only/tasks/main.yml
@ -0,0 +1,10 @@
+---
+- name: apt update
+  apt:
+    update_cache: yes
+    cache_valid_time: 3600
+
+- name: Install apache2
+  apt:
+    pkg:
+    - apache2
--- a/roles/base/templates/hosts.j2
+++ b/roles/base/templates/hosts.j2
@ -28,7 +28,7 @@
 192.168.99.103	s-lb-web3.gsb.adm
 192.168.99.112  r-vp1.gsb.adm
 192.168.99.102  r-vp2.gsb.adm
-
+192.168.99.120  s-peertube.gsb.adm

 192.168.99.8	syslog.gsb.adm

--- a/roles/base/templates/hosts.s-proxy.j2
+++ b/roles/base/templates/hosts.s-proxy.j2
@ -27,6 +27,6 @@
 192.168.99.103	s-lb-web3.gsb.adm
 192.168.99.112  r-vp1.gsb.adm
 192.168.99.102  r-vp2.gsb.adm
-
+192.168.99.120  s-peertube.gsb.adm
 192.168.99.8	syslog.gsb.adm

--- a/roles/dns-master/files/db.gsb.lan
+++ b/roles/dns-master/files/db.gsb.lan
@ -5,7 +5,7 @@
 ;
 $TTL    604800
@       IN      SOA     s-infra.gsb.lan. root.s-infra.gsb.lan. (
-                        2023012500      ; Serial
+                        2023060100      ; Serial
                        7200	        ; Refresh
                        86400           ; Retry
                        8419200         ; Expire
@ -26,6 +26,7 @@ s-docker	IN	A	172.16.0.7
 s-mon    	IN      A       172.16.0.8
 s-itil		IN	A	172.16.0.9
 s-elk		IN	A	172.16.0.11
+s-webcom	IN	A	172.16.0.12
 s-gestsup	IN	A	172.16.0.17
 r-int    	IN      A       172.16.0.254
 r-int-lnk    	IN      A       192.168.200.254
@ -36,3 +37,5 @@ s-web2          IN      A       192.168.101.2
 s-lb.gsb.lan    IN      A       192.168.100.10
 ns   	        IN      CNAME   s-infra.gsb.lan.
 wpad		IN	CNAME	s-infra.gsb.lan.
+s-peertube	IN	A	192.168.100.20
+peertube 	IN 	CNAME 	s-peertube
--- a/roles/dns-master/files/db.gsb.lan.rev
+++ b/roles/dns-master/files/db.gsb.lan.rev
@ -5,7 +5,7 @@
 ;
 $TTL    604800
@       IN      SOA     s-infra.gsb.lan. root.s-infra.gsb.lan. (
-                        2023012500      ; Serial
+                        2023060100      ; Serial
                        7200            ; Refresh
                        86400           ; Retry
                        8419200         ; Expire
@ -26,6 +26,6 @@ $TTL    604800
 100.10   IN      PTR      s-lb
 100.10   IN      PTR      s-lb.gsb.lan
 11.0	  IN	  PTR	  s-elk.gsb.lan.
+12.0	  IN	  PTR	  s-webcom.gsb.lan.
 17.0	  IN	  PTR	  s-gestsup.lan
 254.0     IN      PTR     r-int.gsb.lan.
-
--- a/roles/fog/tasks/main.yml
+++ b/roles/fog/tasks/main.yml
@ -22,5 +22,5 @@
  command: "cp /root/tools/ansible/roles/fog/files/fogsettings /opt/fog/"

 - name: fichier fogsettings en .fogsettings
-command: "mv /opt/fog/fogsettings /opt/fog/.fogsettings"
+  command: "mv /opt/fog/fogsettings /opt/fog/.fogsettings"

--- a/roles/fw-ferm/files/ferm.conf.r-vp1
+++ b/roles/fw-ferm/files/ferm.conf.r-vp1
@ -4,10 +4,12 @@

@def $DEV_PRIVATE = enp0s8;
@def $DEV_WORLD = enp0s9;
+@def $DEV_WORLD = enp0s9;
@def $DEV_VPN= wg0;
@def $NET_PRIVATE = 172.16.0.0/24;

 table filter {
+
    chain (INPUT OUTPUT){
        # allow VPN
 	proto udp dport 51820 ACCEPT;
@ -28,22 +30,22 @@ table filter {

        # allow SSH connections from the private network and from some
        # well-known internet hosts
-        saddr ($NET_PRIVATE 81.209.165.42) proto tcp dport ssh ACCEPT;
+        saddr ($NET_PRIVATE) proto tcp dport ssh ACCEPT;

        # we provide DNS and SMTP services for the internal net
        interface $DEV_PRIVATE saddr $NET_PRIVATE {
            proto (udp tcp) dport domain ACCEPT;
            proto udp dport bootps ACCEPT;
        }
-        # interface réseau

        # the rest is dropped by the above policy
+
    }#FIN INPUT

    # outgoing connections are not limited
+
    chain OUTPUT {
        policy ACCEPT;
-#	interface $DEV_VPN proto ssh dport 22 ACCEPT;

    }#FIN OUTPUT

@ -59,6 +61,9 @@ table filter {
        # internal nets are allowed
        interface $DEV_PRIVATE ACCEPT;

+	interface $DEV_VPN daddr $NET_PRIVATE {
+ 	proto tcp dport ssh DROP;
+        }
        # the rest is dropped by the above policy
    }
 }
--- a/roles/fw-ferm/files/ferm.conf.r-vp2
+++ b/roles/fw-ferm/files/ferm.conf.r-vp2
@ -51,6 +51,7 @@ table filter {
    chain FORWARD {
        policy ACCEPT;

+	proto icmp icmp-type echo-request ACCEPT;
        # connection tracking
        mod state state INVALID DROP;
        mod state state (ESTABLISHED RELATED) ACCEPT;
--- a/roles/nagios/files/cfg/s-webcom.cfg
+++ b/roles/nagios/files/cfg/s-webcom.cfg
@ -0,0 +1,14 @@
+# A simple configuration file for monitoring the local host
+# This can serve as an example for configuring other servers;
+# Custom services specific to this host are added here, but services
+# defined in nagios2-common_services.cfg may also apply.
+# 
+
+define host{
+        use                     linux-server            ; Name of host template to use
+        host_name               s-webcom
+        alias                   debian-servers, http-servers
+        address                 172.16.0.12
+		parents			r-int
+        }
+
--- a/roles/nagios/files/hostgroups.cfg
+++ b/roles/nagios/files/hostgroups.cfg
@ -2,7 +2,7 @@ define hostgroup {

    hostgroup_name          debian-servers           ; The name of the hostgroup
    alias                   Linux Servers           ; Long name of the group
-    members                 s-infra, s-proxy, s-adm, s-nxc, s-appli, s-backup, s-itil, s-fog, r-int, r-ext               ; Comma separated list of hosts that belong to this group
+    members                 s-infra, s-proxy, s-adm, s-nxc, s-appli, s-backup, s-itil, s-fog, r-int, r-ext, s-webcom               ; Comma separated list of hosts that belong to this group
 }

 define hostgroup {
@ -14,7 +14,7 @@ define hostgroup {
 define hostgroup {
 	hostgroup_name		http-servers
 	alias			Serveurs web
-	members			s-itil
+	members			s-itil, s-webcom
 }

 define hostgroup {
--- a/roles/nxc-traefik/README.md
+++ b/roles/nxc-traefik/README.md
@ -35,3 +35,24 @@ Nextcloud est alors fonctionnel avec le proxy inverse **traefik** assurant la re
 ATTENTION : Après avoir relancé la VM, executez le script "nxc-start.sh" afin d'installer les piles applicatives.
 
 Une fois le script terminé, le site est disponible ici : https://s-nxc.gsb.lan
+
+
+## 5. Ajout authentification LDAP
+
+Pour ajouter l'authentification LDAP au Nextcloud, il faut :
+* Une fois l'installation de Nextcloud terminé, cliquez sur le profil et Application
+* Dans vos applications, descendre et activer "LDAP user and group backend"
+* Puis cliquer sur le profil, puis Paramètres d'administration et dans Administration cliquer sur Intégration LDAP/AD
+* Une fois sur la page d'intégration LDAP/AD :
+    * Dans Hôte mettre : 
+        > ldap://s-win.gsb.lan
+    * Cliquer sur Détecter le port (normalement le port 389 apparait)
+    * Dans DN Utilisateur mettre :
+        > CN=nextcloud,CN=Users,DC=GSB,DC=LAN
+    * Mot de passe : 
+        > Azerty1+
+    * Et dans Un DN de base par ligne : 
+        > DC=GSB,DC=LAN
+* Après la configuration passe OK
+* Une fois la configuration finie, cliquer 3 fois sur continuer
+* Une fois arrivé sur Groupes, vous pouvez vous déconnecter du compte Admin et vous connecter avec un compte qui est dans l'AD.
--- a/roles/peertube-k3s/tasks/main.yml
+++ b/roles/peertube-k3s/tasks/main.yml
@ -8,16 +8,15 @@
  - name: installation de docker...
    shell: curl https://releases.rancher.com/install-docker/20.10.sh | sh

-  - name: attente de l'installation...
+  - name: attente de l'installation de docker...
    wait_for:
      timeout: 30
      host: localhost

  - name: installation de k3s...
-    shell: curl -sfL https://get.k3s.io | sh -s - --docker
+    shell: curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="--node-ip=192.168.100.20 --flannel-iface=enp0s8" sh -s - --docker

-  - name: mise a jour de resolv.conf...
-    copy:
-      src: /root/tools/ansible/gsb2023/roles/peertube/files/resolv.conf
-      dest: /etc/
-      mode: '0644'
+  - name: attente de l'installation de k3s...
+    wait_for:
+      timeout: 25
+      host: localhost
--- a/roles/peertube/files/finish
+++ b/roles/peertube/files/finish
@ -0,0 +1,9 @@
+MYHOST=peertube.gsb.lan;
+export KUBECONFIG=/etc/rancher/k3s/k3s.yaml;
+openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout tls.key -out tls.cert -subj /CN="${MYHOST}"/O="${MYHOST}" -addext "subjectAltName = DNS:${MYHOST}";
+kubectl create secret tls tls-peertube --key tls.key --cert tls.cert;
+helm repo add postgresql https://charts.bitnami.com/bitnami;
+helm repo add redis https://charts.bitnami.com/bitnami;
+helm repo add mail https://bokysan.github.io/docker-postfix;
+helm install --create-namespace -n peertube peertube-gsb /root/tools/peertube/helm/ ;
+kubectl config view --raw > ~/.kube/config
--- a/roles/peertube/files/resolv.conf
+++ b/roles/peertube/files/resolv.conf
@ -1 +1,4 @@
+domain gsb.lan
+search gsb.lan
+nameserver 172.16.0.1
 nameserver 192.168.99.99
--- a/roles/peertube/files/values.yaml
+++ b/roles/peertube/files/values.yaml
@ -45,9 +45,9 @@ peertube:
    dbPasswd: user # must be consistent with postgresql configuration
    dbSsl: false # disabled by default WARNING: ssl connection feature not tested, use at your own risk
    dbHostname: peertube-gsb-postgresql # must be consistent with postgresql configuration
-    webHostname: peertube # must be changed to your local setup
+    webHostname: peertube.gsb.lan # must be changed to your local setup
    secret: b2753b0f37444974de0e81f04815e6a889fcf8960bd203a01b624d8fa8a37683
-    smtpHostname: peertube-mail # must be consistent with mail configuration
+    smtpHostname: peertube-gsb-mail # must be consistent with mail configuration
    smtpPort: 587 # must be consistent with mail configuration
    smtpFrom: noreply@lan.lan # not configured by default, add something meaningfull if you want
    smtpTls: false # disabled by default WARNING: tls connection feature not tested, use at your own risk
@ -98,21 +98,21 @@ redis:

 ## ingress configuration is very specific this part must be configured or else you'll get 503 or 404 errors
 ingress:
-  enabled: false
+  enabled: true
  className: ""
  annotations: 
-    kubernetes.io/ingress.class: nginx
-    nginx.ingress.kubernetes.io/proxy-body-size: 4G # this caps the size of imported videos, if set low this might prevent you from uploading videos
+    kubernetes.io/ingress.class: traefik
+    traefik.ingress.kubernetes.io/proxy-body-size: 6G # this caps the size of imported videos, if set low this might prevent you from uploading videos
    # kubernetes.io/tls-acme: "true"
  hosts:
-    - host: # your domain here
+    - host: peertube.gsb.lan
      paths:
        - path: /
          pathType: ImplementationSpecific
  tls:
-  #  - secretName: chart-example-tls
+    - secretName: tls-peertube
    - hosts:
-      -  # your domain here
+      - peertube.gsb.lan

 resources: {}
 autoscaling:
--- a/roles/peertube/tasks/main.yml
+++ b/roles/peertube/tasks/main.yml
@ -18,14 +18,11 @@
      dest: /root/tools/peertube/helm/
      mode: '0644'

+  - name: copie du script finish...
+    copy:
+      src: /root/tools/ansible/gsb2023/roles/peertube/files/finish
+      dest: /root
+      mode: '0644'
+
  - name: installation de helm...
    shell: curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
-
-  - name: exposition du cluster...
-    shell: export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
-
-  - name: installation de peertube...
-    shell: helm repo add postgresql https://charts.bitnami.com/bitnami && helm repo add redis https://charts.bitnami.com/bitnami && helm repo add mail https://bokysan.github.io/docker-postfix
-
-  - name: lancement du helm chart peertube...
-    shell: helm install --create-namespace -n peertube peertube-gsb /root/tools/peertube/helm
--- a/roles/post/files/interfaces.r-int
+++ b/roles/post/files/interfaces.r-int
@ -34,4 +34,4 @@ iface enp0s10 inet static
 allow-hotplug enp0s16
 iface enp0s16 inet static
 	address 172.16.0.254/24
-	
+	post-up sleep 10 && systemctl restart isc-dhcp-server	
--- a/roles/post/files/interfaces.r-vp1
+++ b/roles/post/files/interfaces.r-vp1
@ -15,6 +15,7 @@ allow-hotplug enp0s8
 iface enp0s8 inet static
 	address 192.168.1.2
 	netmask 255.255.255.0
+	post-up route add default gw 192.168.1.1

 # accés par pont et entre vpn
 allow-hotplug enp0s9
--- a/roles/post/files/interfaces.s-agence
+++ b/roles/post/files/interfaces.s-agence
@ -11,4 +11,4 @@ iface enp0s3 inet dhcp

 allow-hotplug enp0s8
 iface enp0s8 inet dhcp
-
+	post-up route add default gw 172.16.128.254
--- a/roles/post/files/interfaces.s-peertube
+++ b/roles/post/files/interfaces.s-peertube
@ -14,4 +14,4 @@ iface enp0s3 inet static
 allow-hotplug enp0s8
 iface enp0s8 inet static
        address 192.168.100.20/24
-	post-up systemctl start k3s && sleep 20 && export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
+	post-up systemctl start k3s 
--- a/roles/post/files/interfaces.s-webcom
+++ b/roles/post/files/interfaces.s-webcom
@ -0,0 +1,21 @@
+#This file describes the network interfaces available on your system
+# and how to activate them. For more information, see interfaces(5).
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# cote N-adm
+allow-hotplug enp0s3
+iface enp0s3 inet static
+	address 192.168.99.12
+	netmask 255.255.255.0
+    gateway 192.168.99.99
+
+
+# cote N-infra
+allow-hotplug enp0s8
+iface enp0s8 inet static
+	address 172.16.0.12
+	netmask 255.255.255.0
+	post-up route add -net 172.16.64.0/24 gw 172.16.0.254
--- a/roles/r-int/tasks/main.yml
+++ b/roles/r-int/tasks/main.yml
@ -17,3 +17,13 @@

  #- name: extraction fog.tar.gz
  #unarchive: src=/tmp/fog.tar.gz  dest=/var/www/ copy=no
+
+#- name: delais 2 secondes isc-dhcp-service
+#  become: yes
+#  lineinfile:
+#    path: /etc/init.d/isc-dhcp-server
+#    insertafter: '^\s+start\)$'
+#    line: "                sleep 2"
+#    firstmatch: yes
+#    state: present
+#    backup: yes
--- a/roles/wireguard-l/README.md
+++ b/roles/wireguard-l/README.md
@ -1,5 +1,5 @@
-#ajout du sleep 5
+# ajout du sleep 5

-éditer "/etc/init.d/isc-dhcp-server"
-aller au "case \"$1\" in" et rajouter "sleep 5" avant le "if"
+~~éditer "/etc/init.d/isc-dhcp-server"~~
+~~aller au "case \"$1\" in" et rajouter "sleep 5" avant le "if"~~

--- a/s-webcom.yml
+++ b/s-webcom.yml
@ -0,0 +1,11 @@
+---
+- hosts: localhost
+  connection: local
+
+  roles:
+    - base
+    - ssh-cli
+    - syslog-cli
+    - snmp-agent
+    - apache2only
+    - post
--- a/scripts/mkvm
+++ b/scripts/mkvm
@ -11,7 +11,7 @@ deletemode=0
 usage () {
 	echo "$0 - version ${mkvmrelease} - Ova version ${ovarelease}"
 	echo "$0 : creation VM et parametrage interfaces"
-	echo "usage : $0 [-r] <s-adm|s-infra|r-int|r-ext|s-proxy|s-mon|s-appli|s-backup|s-itil|s-ncx|s-fog>"
+	echo "usage : $0 [-r] <s-adm|s-infra|r-int|r-ext|s-proxy|s-mon|s-appli|s-backup|s-itil|s-ncx|s-fog|s-webcom>"
 	echo "       option -r : efface vm existante avant creation nouvelle"
 	exit 1
 }
@ -80,6 +80,8 @@ elif [[ "${vm}" == "r-ext" ]] ; then
 	./addint.r-ext
 elif [[ "${vm}" == "s-mon" ]] ; then
        create_if "${vm}" "n-adm" "n-infra"
+elif [[ "${vm}" == "s-webcom" ]] ; then
+        create_if "${vm}" "n-adm" "n-infra"
 elif [[ "${vm}" == "s-appli" ]] ; then
        create_if "${vm}" "n-adm" "n-infra"
 elif [[ "${vm}" == "s-backup" ]] ; then
--- a/scripts/mkvm.ps1
+++ b/scripts/mkvm.ps1
@ -43,7 +43,7 @@ function create_if{ param([string]$nomvm, [string]$nic, [int]$rang, [string]$res
 }

 function usage{
-	Write-Host "usage : mkvm ${myInvocation.ScriptName} <s-adm|s-infra|r-int|r-ext|s-proxy|s-mon|s-agence|s-appli|s-backup|s-itil|s-ncx|s-fog|s-dns-ext|s-web-ext|s-lb|s-lb-bd|s-lb-web1|s-lb-web2|s-lb-web3>"
+	Write-Host "usage : mkvm ${myInvocation.ScriptName} <s-adm|s-infra|r-int|r-ext|s-proxy|s-mon|s-agence|s-appli|s-backup|s-itil|s-ncx|s-fog|s-dns-ext|s-web-ext|s-lb|s-lb-bd|s-lb-web1|s-lb-web2|s-lb-web3|s-webcom>"
 }

 if ($args[0] -eq "s-adm") {
@ -80,6 +80,7 @@ elseif (((((((($args[0] -eq "s-elk") `
 -or ($args[0] -eq "s-appli") `
 -or ($args[0] -eq "s-infra") `
 -or ($args[0] -eq "s-proxy") `
+-or ($args[0] -eq "s-webcom") `
 -or ($args[0] -eq "s-itil") `
 -or ($args[0] -eq "s-nxc") `
 ))))))) {
--- a/windows/mkusr-backup.cmd
+++ b/windows/mkusr-backup.cmd
@ -1,3 +1,4 @@
+@echo off
 net group gg-backup /ADD
 call mkusr uBackup "u-backup" gg-backup
 icacls "C:\gsb\partages\public" /Grant:r uBackup:M /T
--- a/windows/mkusr-compta.cmd
+++ b/windows/mkusr-compta.cmd
@ -1,3 +1,4 @@
+@echo off
 call mkusr aDupont "Albert Dupon" gg-compta
 call mkusr cSeum "Claire Seum" gg-compta
 call mkusr nPaul "Nicolas Paul" gg-compta
--- a/windows/mkusr-nextcloud.cmd
+++ b/windows/mkusr-nextcloud.cmd
@ -0,0 +1,2 @@
+@echo off
+call mkusr nextcloud "nextcloud" nextcloud
Author	SHA1	Message	Date
sio user	261c2d5fdd	route ok r-vp1	2023-06-05 17:59:42 +02:00
sio user	4ef9572db1	route ok s-agence	2023-06-05 17:32:22 +02:00
unknown	908e8431a9	fw-ferm role r-vpX ok	2023-06-04 12:48:40 +02:00
unknown	c8e333984d	mkvm linux webcom ok	2023-06-04 12:46:57 +02:00
unknown	bf53efbe7e	role apache2only pour s-webcom	2023-06-01 19:06:16 +02:00
unknown	b24ffddff7	s-webcom goss	2023-06-01 14:37:53 +02:00
unknown	4b48f80fb2	s-webcom ok juste gsbstart bricole a faire	2023-06-01 14:22:45 +02:00
unknown	6575af3778	s-webcom	2023-06-01 13:42:29 +02:00
gadmin	35c46449fa	fix: fixed multiple issues in the values.yaml of peertube package	2023-05-10 16:47:13 +02:00
gadmin	575a2fa87a	fix: added s-adm to resolv.conf for s-peertube	2023-05-10 11:26:27 +02:00
Elam Monnot	30b74c50e2	fix: edites dns entries and peertube role	2023-05-10 11:02:40 +02:00
gadmin	597ff383f7	feat: tried to add peertube domain entry in CNAME	2023-05-10 09:08:03 +02:00
gadmin	c482540de6	fix: removed peertube from dns rev file	2023-05-10 08:51:57 +02:00
gadmin	ce37973f9d	feat: added s-infra to peertube role	2023-05-10 08:45:11 +02:00
andgel sassignol	a2c1636a0f	correction bug Arnoux	2023-04-30 20:27:14 +02:00
Anthony Arnoux	d107c26449	délais dhcp r-int dhcp	2023-04-28 09:39:52 +02:00
Elam Monnot	d0efb480c8	feat: specified k3s install on enp0s8	2023-04-28 09:00:47 +02:00
Elam Monnot	be47dbabd2	fix: fixed peertube ingress and dns record	2023-04-26 11:09:42 +02:00
gadmin	24d8892b4c	Mise à jour de 'roles/fog/tasks/main.yml'	2023-04-23 17:47:58 +02:00
Elam Monnot	2c828574ef	fix: dhcp start correctly on r-int	2023-04-07 09:50:59 +02:00
Elam Monnot	a5f0d258a5	feat: peertube work	2023-04-07 08:49:45 +02:00
Elam Monnot	52b9f3af87	feat: changed ingress for peertube	2023-04-06 11:39:09 +02:00
Louis DÉPRÉS	8dc1f9a891	Ajout creation utilisateur nextcloud Windows	2023-04-06 10:58:52 +02:00
Anthony Arnoux	0d3860211b	readme wireguard-l était bancal	2023-04-06 10:48:27 +02:00
Anthony Arnoux	7a2311ae25	readme wireguard-l	2023-04-06 10:43:54 +02:00
Anthony Arnoux	ebcd50bf69	elam qui fait nimporte quoi encore une fois !	2023-04-06 09:19:45 +02:00
Elam Monnot	30eeabb58b	feat: added nginx ingress	2023-04-06 09:15:43 +02:00
Anthony Arnoux	542978fd75	correctif filtrage r-vp2	2023-04-06 08:42:14 +02:00
Louis DÉPRÉS	b7d8e6e9d4	Merge branch 'main' of https://gitea.lyc-lecastel.fr/gadmin/gsb2023	2023-04-05 17:22:11 +02:00
Louis DÉPRÉS	5526eab214	Ajout intégration AD Nextcloud	2023-04-05 17:20:26 +02:00
Elam Monnot	ea4ecb2fae	feat: changed the way the playbook behave	2023-04-05 17:17:15 +02:00
Elam Monnot	58f4556a53	fix: tried to make peertube role work	2023-04-05 16:54:11 +02:00
Elam Monnot	86e7124f24	fix: edited values.yaml so postfix will work	2023-04-05 16:39:02 +02:00
Elam Monnot	c99642eae3	fix: made cluster finally reachable	2023-04-05 16:35:35 +02:00
Elam Monnot	5b759a24c9	Merge branch 'main' of https://gitea.lyc-lecastel.fr/gadmin/gsb2023	2023-04-05 10:57:07 +02:00
Elam Monnot	a64004d713	feat: added dns records for peertube	2023-04-05 10:56:43 +02:00
root	dd6d34986b	fw filtrage int ok	2023-04-05 10:49:31 +02:00