maj goss r-vp2

maj mvkm.ps1: ajout kea1 et kea2
update
2024-01-16 11:03:44 +01:00 · 2024-01-16 10:38:55 +01:00 · 2024-01-16 10:32:09 +01:00 · 2024-01-16 10:24:04 +01:00 · 2024-01-15 21:47:44 +01:00 · 2024-01-15 21:34:04 +01:00
20 changed files with 133 additions and 55 deletions
--- a/README.md
+++ b/README.md
@ -90,8 +90,8 @@ bash chname <nouveau_nom_de_machine>` , puis redémarrer
    cd gsb2024/pre
    bash inst-depl
    cd /root/tools/ansible/gsb2024/pre
-    bash gsbboot
+    DEPL=192.168.99.99 bash gsbboot
-    cd .. ; bash pull-config
+    cd ../.. ; bash pull-config
 ```
  - redémarrer
  - la machine **s-adm** doit etre opérationnelle
@ -121,8 +121,7 @@ mkdir -p tools/ansible ; cd tools/ansible
 git clone https://gitea.lyc-lecastel.fr/gsb/gsb2024.git
 cd gsb2024/pre
 DEPL=192.168.99.99 bash gsbboot
-cd ../..
+cd ../.. ; bash pull-config
 bash pull-config
 ```
 #### Etape 3
--- a/goss/r-vp2.yaml
+++ b/goss/r-vp2.yaml
@ -1,7 +1,7 @@
 file:
  /etc/wireguard/wg0.conf:
    exists: true
-    mode: "0644"
+    mode: "0600"
    owner: root
    group: root
    filetype: file
@ -10,11 +10,11 @@ package:
  wireguard:
    installed: true
    versions:
-    - 1.0.20210223-1
+    - 1.0.20210914-1
  wireguard-tools:
    installed: true
    versions:
-    - 1.0.20210223-1
+    - 1.0.20210914-1+b1
 service:
  isc-dhcp-server:
    enabled: true
--- a/roles/base/templates/hosts.j2
+++ b/roles/base/templates/hosts.j2
@ -22,6 +22,8 @@
 192.168.99.14	s-nas.gsb.adm
 192.168.99.15	s-san.gsb.adm
 192.168.99.16	s-fog.gsb.adm
 192.168.99.20	s-kea1.gsb.adm
 192.168.99.21	s-kea2.gsb.adm
 192.168.99.50	s-lb-bd.gsb.adm
 192.168.99.101	s-lb-web1.gsb.adm
 192.168.99.102	s-lb-web2.gsb.adm
--- a/roles/base/templates/hosts.s-proxy.j2
+++ b/roles/base/templates/hosts.s-proxy.j2
@ -21,6 +21,8 @@
 192.168.99.12	r-int.gsb.adm
 192.168.99.13	r-ext.gsb.adm
 192.168.99.14	s-nas.gsb.adm
 192.168.99.20	s-kea1.gsb.adm
 192.168.99.21	s-kea2.gsb.adm
 192.168.99.50	s-lb-bd.gsb.adm
 192.168.99.101	s-lb-web1.gsb.adm
 192.168.99.102	s-lb-web2.gsb.adm
--- a/roles/dns-master/files/db.gsb.lan
+++ b/roles/dns-master/files/db.gsb.lan
@ -5,7 +5,7 @@
 ;
 $TTL    604800
@       IN      SOA     s-infra.gsb.lan. root.s-infra.gsb.lan. (
-                        2023051000      ; Serial
+                        2024011500      ; Serial
                        7200	        ; Refresh
                        86400           ; Retry
                        8419200         ; Expire
@ -27,6 +27,8 @@ s-mon    	IN      A       172.16.0.8
 s-itil		IN	A	172.16.0.9
 s-elk		IN	A	172.16.0.11
 s-gestsup	IN	A	172.16.0.17
 s-kea1		IN	A	172.16.0.20
 s-kea2		IN	A	172.16.0.21
 r-int    	IN      A       172.16.0.254
 r-int-lnk    	IN      A       192.168.200.254
 r-ext  		IN      A       192.168.200.253
--- a/roles/dns-master/files/db.gsb.lan.rev
+++ b/roles/dns-master/files/db.gsb.lan.rev
@ -5,7 +5,7 @@
 ;
 $TTL    604800
@       IN      SOA     s-infra.gsb.lan. root.s-infra.gsb.lan. (
-                        2023040501      ; Serial
+                        2024011500      ; Serial
                        7200            ; Refresh
                        86400           ; Retry
                        8419200         ; Expire
@ -21,6 +21,8 @@ $TTL    604800
 7.0       IN      PTR     s-nxc.gsb.lan.
 8.0       IN      PTR     s-mon.gsb.lan.
 9.0	  IN	  PTR	  s-itil.gsb.lan.
 20.0	  IN	  PTR	  s-kea1.gsb.lan.
 21.0	  IN	  PTR	  s-kea2.gsb.lan.
 101.1     IN      PTR     s-web1
 101.2     IN      PTR     s-web2
 100.10   IN      PTR      s-lb
--- a/roles/fog/files/fogsettings
+++ b/roles/fog/files/fogsettings
@ -42,7 +42,7 @@ tftpAdvOpts=''
 sslpath='/opt/fog/snapins/ssl/'
 backupPath='/home/'
 armsupport='0'
-php_ver='8.2'
+php_ver='7.4'
 #php_verAdds='-7.4'
 sslprivkey='/opt/fog/snapins/ssl//.srvprivate.key'
 sendreports='Y'
--- a/roles/journald-rcv/README.md
+++ b/roles/journald-rcv/README.md
@ -4,7 +4,7 @@
 Ce role a pour objectif d'installer et d'éditer les fichiers de configuration de systemd journal remote afin que les machines lançant ce rôle puissent recevoir les logs des autres machine du parc.
-##  Opérations réaliser par le role:
+##  Opérations réalisées par le role:
 Le role réalise les opération suivante:
 * installation du paquet **systemd-journal-remote**.
 * Démarrage et activation (au démarrage) du service **systemd-journal-remote.socket.
--- a/roles/post/files/interfaces.s-kea1
+++ b/roles/post/files/interfaces.s-kea1
@ -0,0 +1,26 @@
 # This file describes the network interfaces available on your system
 # and how to activate them. For more information, see interfaces(5).
 # The loopback network interface
 auto lo
 iface lo inet loopback
 # cote N-adm
 allow-hotplug enp0s3
 iface enp0s3 inet static
 	address 192.168.99.20
 	netmask 255.255.255.0
 	gateway 192.168.99.99
 # cote N-infra
 allow-hotplug enp0s8
 iface enp0s8 inet static
 	address 172.16.0.20
 	netmask 255.255.255.0
 #cote N-user
 allow-hotplug enp0s9
 iface enp0s9 inet static
 	address 172.16.64.20
 	netmask 255.255.255.0
--- a/roles/post/files/interfaces.s-kea2
+++ b/roles/post/files/interfaces.s-kea2
@ -0,0 +1,26 @@
 # This file describes the network interfaces available on your system
 # and how to activate them. For more information, see interfaces(5).
 # The loopback network interface
 auto lo
 iface lo inet loopback
 # cote N-adm
 allow-hotplug enp0s3
 iface enp0s3 inet static
 	address 192.168.99.21
 	netmask 255.255.255.0
 	gateway 192.168.99.99
 # cote N-infra
 allow-hotplug enp0s8
 iface enp0s8 inet static
 	address 172.16.0.21
 	netmask 255.255.255.0
 #cote N-user
 allow-hotplug enp0s9
 iface enp0s9 inet static
 	address 172.16.64.21
 	netmask 255.255.255.0
--- a/roles/zabbix-cli/tasks/main.yml
+++ b/roles/zabbix-cli/tasks/main.yml
@ -18,25 +18,19 @@
        state: present
    - name: Enable Zabbix agent service
-      systemd:
+      service:
        name: zabbix-agent
        state: restarted
        enabled: yes
-    - name: Rm package
+    - name: Replace Zabbix agent config
-      file:
+      replace:
-        path: "/tmp/zabbix-release_6.4-1+debian12_all.deb"
+        path: /etc/zabbix/zabbix_agentd.conf
-        state: absent
+        regexp: '{{ item.regexp }}'
-
+        replace: '{{ item.replace }}'
-    - name: config
+        backup: true
-      template:
+      loop:
-        src: zabbix_agentd.conf.temp
+        - { regexp: '^(Server\s*=\s*).*$', replace: 'Server = 127.0.0.1' }
-        dest: /etc/zabbix/zabbix_agentd.conf
+        - { regexp: '^(ServerActive\s*=\s*).*$', replace: 'ServerActive = 192.168.99.8' }
-      vars:
+        - { regexp: '^(Hostname\s*=\s*).*$', replace: 'Hostname = {{ ansible_hostname }}' }
-        PidFile: "/run/zabbix/zabbix_agentd.pid"
+        - { regexp: '^(Include\s*=\s*).*$', replace: 'Include = /etc/zabbix/zabbix_agentd.d/*.conf' }
        LogFile: "/var/log/zabbix/zabbix_agentd.log"
        LogFileSize: "0"
        Server: "127.0.0.1"
        ServerActive: "192.168.99.8"
        Hostname: "{{ ansible_hostname }}"
        Include: "/etc/zabbix/zabbix_agentd.d/*.conf"
--- a/roles/zabbix-cli/templates/zabbix_agentd.conf.temp
+++ b/roles/zabbix-cli/templates/zabbix_agentd.conf.temp
@ -1,7 +0,0 @@
 PidFile={{ PidFile }}
 LogFile={{ LogFile }}
 LogFileSize={{ LogFileSize }}
 Server={{ Server }}
 ServerActive={{ ServerActive }}
 Hostname={{ Hostname }}
 Include={{ Include }}
--- a/s-adm.yml
+++ b/s-adm.yml
@ -8,7 +8,7 @@
    - dnsmasq
    - squid
 #    - local-store
-#    - zabbix-cli
+#    #- zabbix-cli
    ## - syslog-cli
    - post
 #    - goss
--- a/s-appli.yml
+++ b/s-appli.yml
@ -8,7 +8,7 @@
    - appli
    - ssh-cli
    # - syslog-cli
-    - zabbix-cli
+    #- zabbix-cli
    - ssl-apache
    - post
--- a/s-backup.yml
+++ b/s-backup.yml
@ -6,7 +6,7 @@
    - base
    - goss
 #   - proxy3
-    - zabbix-cli
+    #- zabbix-cli
 #   - ssh-cli
    # - syslog-cli
    - smb-backup
--- a/s-fog.yml
+++ b/s-fog.yml
@ -5,10 +5,10 @@
  roles:
    - base
    - goss
-    - dhcp-fog
+      #- dhcp-fog
-    - ssh-cli
+      #    - ssh-cli
-    - snmp-agent
+#    - snmp-agent
    # - syslog-cli
    #    - fog
-   - journald-snd  
+    #-   - journald-snd  
    - post
--- a/s-infra.yml
+++ b/s-infra.yml
@ -4,7 +4,7 @@
  #  include: config.yml
  roles:
    - base
-    - zabbix-cli 
+    #- zabbix-cli 
    - goss  
    - dns-master
    - webautoconf
--- a/s-proxy.yml
+++ b/s-proxy.yml
@ -6,7 +6,7 @@
    - base
    - goss
    - squid
-    - zabbix-cli
+    #- zabbix-cli
    - ssh-cli
    # - syslog-cli
    - post
--- a/scripts/mkvm
+++ b/scripts/mkvm
@ -1,19 +1,21 @@
 #!/bin/bash
-mkvmrelease="v1.3.1"
+mkvmrelease="v1.3.2"
 ovarelease="2023c"
 ovafogrelease="2024a"
 #ovafile="$HOME/Téléchargements/debian-bullseye-gsb-${ovarelease}.ova"
 ovafile="$HOME/Téléchargements/debian-bookworm-gsb-${ovarelease}.ova"
 ovafilefog="$HOME/Téléchargements/debian-bullseye-gsb-${ovafogrelease}.ova"
 startmode=0
 deletemode=0
 usage () {
 	echo "$0 - version ${mkvmrelease} - Ova version ${ovarelease}"
 	echo "$0 : creation VM et parametrage interfaces"
-	echo "usage : $0 [-r] <s-adm|s-infra|r-int|r-ext|s-proxy|s-mon|s-appli|s-backup|s-itil|s-ncx|s-fog>"
+	echo "usage : $0 [-r] [-s] <s-adm|s-infra|r-int|r-ext|s-proxy|s-mon|s-appli|s-backup|s-itil|s-ncx|s-fog>"
-	echo "       option -r : efface vm existante avant creation nouvelle"
+	echo "       option -r : efface VM existante avant creation nouvelle"
 	echo "       option -s : start VM apres creation"
 	exit 1
 }
@ -59,12 +61,19 @@ fi
 if [[ $1 == "--help" ]] || [[ $1 == "-h" ]] || [[ $1 == "-V" ]] ; then
 	usage
 fi
-if [[ $1 == "-r" ]] ; then
+while [[ -n "$1" ]] ; do
 	if [[ "$1" == "-s" ]] ; then
 		startmode=1
 		shift
 	elif [[ "$1" == "-r" ]] ; then
 		deletemode=1
 		shift
 	else
 		parm=$1
 		shift
 	fi
-vm="$1"
+done
-
+vm="${parm}"
 create_vm "${vm}"
 if [[ "${vm}" == "s-adm" ]] ; then
 	bash addint.s-adm
@ -91,6 +100,10 @@ elif [[ "${vm}" == "s-nxc" ]] ; then
        create_if "${vm}" "n-adm" "n-infra"
 elif [[ "${vm}" == "s-fog" ]] ; then
        create_if "${vm}" "n-adm" "n-infra" "n-user"
 elif [[ "${vm}" == "s-kea1" ]] ; then
        create_if "${vm}" "n-adm" "n-infra" "n-user"
 elif [[ "${vm}" == "s-kea2" ]] ; then
        create_if "${vm}" "n-adm" "n-infra" "n-user"
 elif [[ "${vm}" == "s-dns-ext" ]] ; then
        create_if "${vm}" "n-adm" "n-dmz"
 elif [[ "${vm}" == "s-web-ext" ]] ; then
@ -123,3 +136,6 @@ else
 	echo "$0 : vm ${vm} non prevue "
        exit 2	
 fi	
 if [[ $startmode == 1 ]] ; then
 	vboxmanage startvm "${vm}" --type headless
 fi
--- a/scripts/mkvm.ps1
+++ b/scripts/mkvm.ps1
@ -102,6 +102,22 @@ elseif ($args[0] -eq "s-fog") {
 	create_if $args[0] "int" 3 "n-user"
 }
 elseif ($args[0] -eq "s-kea1") {
 	create_vm $args[0]
 	create_if $args[0] "int" 1 "n-adm"
 	create_if $args[0] "int" 2 "n-infra"
 	create_if $args[0] "int" 3 "n-user"
 }
 elseif ($args[0] -eq "s-kea2") {
 	create_vm $args[0]
 	create_if $args[0] "int" 1 "n-adm"
 	create_if $args[0] "int" 2 "n-infra"
 	create_if $args[0] "int" 3 "n-user"
 }
 elseif ($args[0] -eq "s-agence") {
 	create_vm $args[0]
Author	SHA1	Message	Date
root	262b7bdb13	maj goss r-vp2	2024-01-16 11:03:44 +01:00
Alhassane Kone	c45dc50d12	maj mvkm.ps1: ajout kea1 et kea2	2024-01-16 10:38:55 +01:00
Jimmy Chevanne	d1116a91c3	update	2024-01-16 10:32:09 +01:00
Jimmy Chevanne	9c8dca44c9	mise à jour mkvm	2024-01-16 10:24:04 +01:00
root	ce3b6e0a77	nettoyage s-fog	2024-01-15 21:47:44 +01:00
phil	a03298ed54	php version dans fogsettings	2024-01-15 21:34:04 +01:00
sio user	80b54a50df	ajout entrée dnas base, post et dns-master pour s-kea1 et s-kea2	2024-01-15 17:54:31 +01:00
root	045af9bea2	maj zabbix cli	2024-01-15 17:22:15 +01:00
gsb	6b10b981f4	Actualiser roles/journald-rcv/README.md	2024-01-15 13:57:01 +01:00
root	3811e2df5c	README.md	2024-01-15 00:49:40 +01:00
root	27aad0dcb5	commente appel role zabbix-cli non fonctionnel	2024-01-15 00:42:05 +01:00
phil	c03c066d41	mkvm options	2024-01-15 00:02:43 +01:00
phil	beca7dbdcc	ajout option -s pour mkvm	2024-01-14 23:19:06 +01:00