readme wireguard-l

elam qui fait nimporte quoi encore une fois !
feat: added nginx ingress
2023-04-06 10:43:54 +02:00 · 2023-04-06 09:19:45 +02:00 · 2023-04-06 09:15:43 +02:00 · 2023-04-06 08:42:14 +02:00
5 changed files with 15 additions and 8 deletions
--- a/lisezmoi.txt
+++ b/lisezmoi.txt
@ -7,7 +7,7 @@ Ce document décrit les divers élements du projet GSB du BTS SIO utilisé pour
 Le projet GSB décrit les diférents playbooks permttant d'installer les
 machines du projet GSB

-Les répertoires :
+Les répertoires : 

 - roles : les roles
 - goss : les outils de test
--- a/roles/fw-ferm/files/ferm.conf.r-vp2
+++ b/roles/fw-ferm/files/ferm.conf.r-vp2
@ -51,6 +51,7 @@ table filter {
    chain FORWARD {
        policy ACCEPT;

+	proto icmp icmp-type echo-request ACCEPT;
        # connection tracking
        mod state state INVALID DROP;
        mod state state (ESTABLISHED RELATED) ACCEPT;
--- a/roles/peertube/files/finish
+++ b/roles/peertube/files/finish
@ -1,4 +1,10 @@
 export KUBECONFIG=/etc/rancher/k3s/k3s.yaml;
+helm upgrade --install ingress-nginx ingress-nginx \
+  --repo https://kubernetes.github.io/ingress-nginx \
+  --namespace ingress-nginx --create-namespace;
+sleep 15;
+openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ${KEY_FILE} -out ${CERT_FILE} -subj "/CN=${HOST}/O=${HOST}" -addext "subjectAltName = DNS:${HOST}";
+kubectl create secret tls tls-peertube --key ${KEY_FILE} --cert ${CERT_FILE};
 helm repo add postgresql https://charts.bitnami.com/bitnami;
 helm repo add redis https://charts.bitnami.com/bitnami;
 helm repo add mail https://bokysan.github.io/docker-postfix;
--- a/roles/peertube/files/values.yaml
+++ b/roles/peertube/files/values.yaml
@ -98,21 +98,21 @@ redis:

 ## ingress configuration is very specific this part must be configured or else you'll get 503 or 404 errors
 ingress:
-  enabled: false
+  enabled: true
  className: ""
  annotations: 
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/proxy-body-size: 4G # this caps the size of imported videos, if set low this might prevent you from uploading videos
    # kubernetes.io/tls-acme: "true"
  hosts:
-    - host: # your domain here
+    - host: s-peertube.gsb.lan
      paths:
        - path: /
          pathType: ImplementationSpecific
-  tls: 
-  #  - secretName: chart-example-tls
+  tls:
+    - secretName: tls-peertube
    - hosts:
-      -  # your domain here
+      -  s-peertube.gsb.lan

 resources: {}
 autoscaling:
--- a/roles/wireguard-l/README.md
+++ b/roles/wireguard-l/README.md
@ -1,5 +1,5 @@
 #ajout du sleep 5

-éditer "/etc/init.d/isc-dhcp-server"
-aller au "case \"$1\" in" et rajouter "sleep 5" avant le "if"
+~~éditer "/etc/init.d/isc-dhcp-server"
+~~aller au "case \"$1\" in" et rajouter "sleep 5" avant le "if"
Author	SHA1	Message	Date
Anthony Arnoux	7a2311ae25	readme wireguard-l	2023-04-06 10:43:54 +02:00
Anthony Arnoux	ebcd50bf69	elam qui fait nimporte quoi encore une fois !	2023-04-06 09:19:45 +02:00
Elam Monnot	30eeabb58b	feat: added nginx ingress	2023-04-06 09:15:43 +02:00
Anthony Arnoux	542978fd75	correctif filtrage r-vp2	2023-04-06 08:42:14 +02:00