Compare commits
No commits in common. "main" and "v0.1.0a-jc" have entirely different histories.
main
...
v0.1.0a-jc
@ -1,8 +1,7 @@
|
|||||||
# gsb2024
|
# gsb2024
|
||||||
|
|
||||||
* 2024-05-23 16h07 ps
|
2024-04-12 8h55 ps
|
||||||
* 2024-04-12 8h55 ps
|
2024-01-19 11h45 ps
|
||||||
* 2024-01-19 11h45 ps
|
|
||||||
|
|
||||||
Environnement et playbooks **ansible** pour le projet **GSB 2024**
|
Environnement et playbooks **ansible** pour le projet **GSB 2024**
|
||||||
|
|
||||||
@ -13,7 +12,7 @@ Prérequis :
|
|||||||
* VirtualBox
|
* VirtualBox
|
||||||
* git
|
* git
|
||||||
* fichier machines virtuelles **ova** :
|
* fichier machines virtuelles **ova** :
|
||||||
* **debian-bookworm-gsb-2024b.ova**
|
* **debian-bookworm-gsb-2024a.ova**
|
||||||
* **debian-bullseye-gsb-2024b.ova**
|
* **debian-bullseye-gsb-2024b.ova**
|
||||||
|
|
||||||
|
|
||||||
@ -51,7 +50,7 @@ Il existe un playbook ansible pour chaque machine à installer, nommé comme la
|
|||||||
## Installation
|
## Installation
|
||||||
|
|
||||||
On utilisera les images de machines virtuelle suivantes :
|
On utilisera les images de machines virtuelle suivantes :
|
||||||
* **debian-bookworm-gsb-2024b.ova** (2024-05-23)
|
* **debian-bookworm-gsb-2024a.ova** (2024-04-11)
|
||||||
* Debian Bookworm 12.5 - 2 cartes - 1 Go - Stockage 20 Go
|
* Debian Bookworm 12.5 - 2 cartes - 1 Go - Stockage 20 Go
|
||||||
|
|
||||||
et pour **s-fog** :
|
et pour **s-fog** :
|
||||||
|
|||||||
@ -3,38 +3,12 @@
|
|||||||
name: haproxy
|
name: haproxy
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name: Creer le repertoire du certificat
|
|
||||||
file:
|
|
||||||
path: /etc/haproxy/crt
|
|
||||||
state: directory
|
|
||||||
mode: '0755'
|
|
||||||
|
|
||||||
- name: Creer le repertoire de la cle privee
|
|
||||||
file:
|
|
||||||
path: /etc/haproxy/crt/private
|
|
||||||
state: directory
|
|
||||||
mode: '0755'
|
|
||||||
|
|
||||||
- name: Generer une clee privee avec les valeurs par defaut (4096 bits, RSA)
|
|
||||||
openssl_privatekey:
|
|
||||||
path: /etc/haproxy/crt/private/haproxy.pem.key
|
|
||||||
size: 4096
|
|
||||||
type: RSA
|
|
||||||
state: present
|
|
||||||
|
|
||||||
- name: creer un certificat auto-signé
|
- name: creer un certificat auto-signé
|
||||||
openssl_certificate:
|
openssl_certificate:
|
||||||
path: /etc/haproxy/crt/private/haproxy.pem
|
path: /etc/haproxy/crt/haproxy.crt
|
||||||
privatekey_path: /etc/haproxy/crt/private/haproxy.pem.key
|
privatekey_path: /etc/haproxy/crt/private/haproxy.pem
|
||||||
|
csr_path: /etc/haproxy/crt/csr/haproxy.csr
|
||||||
provider: selfsigned
|
provider: selfsigned
|
||||||
state: present
|
|
||||||
|
|
||||||
- name: s'assurer que le certificat a les bonnes permissions
|
|
||||||
file:
|
|
||||||
path: /etc/haproxy/crt/private/haproxy.pem
|
|
||||||
owner: root
|
|
||||||
group: haproxy
|
|
||||||
mode: '0640'
|
|
||||||
|
|
||||||
- name: parametre global
|
- name: parametre global
|
||||||
blockinfile:
|
blockinfile:
|
||||||
@ -57,7 +31,7 @@
|
|||||||
block: |
|
block: |
|
||||||
frontend proxypublic
|
frontend proxypublic
|
||||||
bind 192.168.100.10:80
|
bind 192.168.100.10:80
|
||||||
bind 192.168.100.10:443 ssl crt /etc/haproxy/crt/private/haproxy.pem
|
bind 192.168.100.10:443 ssl crt /etc/haproxy/crt/pritvate/haproxy.pem
|
||||||
http-request redirect scheme https unless { ssl_fc }
|
http-request redirect scheme https unless { ssl_fc }
|
||||||
default_backend fermeweb
|
default_backend fermeweb
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user