prepa role fog

nettoyage pull-config
chgt plage adresse pour n-user : 100-150
2024-01-16 23:55:52 +01:00 · 2024-01-16 23:14:22 +01:00 · 2024-01-16 22:05:56 +01:00 · 2024-01-16 15:34:41 +01:00 · 2024-01-16 12:41:50 +01:00 · 2024-01-16 12:06:22 +01:00
34 changed files with 395 additions and 164 deletions
--- a/README.md
+++ b/README.md
@@ -90,8 +90,8 @@ bash chname <nouveau_nom_de_machine>` , puis redémarrer
    cd gsb2024/pre
    bash inst-depl
    cd /root/tools/ansible/gsb2024/pre
-    bash gsbboot
+    DEPL=192.168.99.99 bash gsbboot
-    cd .. ; bash pull-config
+    cd ../.. ; bash pull-config
 ```
  - redémarrer
  - la machine **s-adm** doit etre opérationnelle
@@ -121,8 +121,7 @@ mkdir -p tools/ansible ; cd tools/ansible
 git clone https://gitea.lyc-lecastel.fr/gsb/gsb2024.git
 cd gsb2024/pre
 DEPL=192.168.99.99 bash gsbboot
-cd ../..
+cd ../.. ; bash pull-config
 bash pull-config
 ```
 #### Etape 3
--- a/goss/r-vp1.yaml
+++ b/goss/r-vp1.yaml
@@ -1,21 +1,20 @@
 file:
  /etc/wireguard/wg0.conf:
    exists: true
-    mode: "0644"
+    mode: "0600"
    owner: root
    group: root
    filetype: file
-    contains:
+    contains: []
    - AllowedIPs = 10.0.0.2/32, 172.16.128.0/24
 package:
  wireguard:
    installed: true
    versions:
-    - 1.0.20210223-1
+    - 1.0.20210914-1
  wireguard-tools:
    installed: true
    versions:
-    - 1.0.20210223-1
+    - 1.0.20210914-1+b1
 service:
  wg-quick@wg0:
    enabled: true
--- a/goss/r-vp2.yaml
+++ b/goss/r-vp2.yaml
@@ -1,7 +1,8 @@
 file:
  /etc/wireguard/wg0.conf:
    exists: true
-    mode: "0644"
+    mode: "0600"
    size: 374
    owner: root
    group: root
    filetype: file
@@ -10,11 +11,11 @@ package:
  wireguard:
    installed: true
    versions:
-    - 1.0.20210223-1
+    - 1.0.20210914-1
  wireguard-tools:
    installed: true
    versions:
-    - 1.0.20210223-1
+    - 1.0.20210914-1+b1
 service:
  isc-dhcp-server:
    enabled: true
--- a/83
+++ b/83
@@ -1,83 +0,0 @@
 # Ce fichier viminfo a été généré par Vim 9.0.
 # Vous pouvez l'éditer, mais soyez prudent.
 # Viminfo version
 |1,4
 # 'encoding' dans lequel ce fichier a été écrit
 *encoding=utf-8
 # hlsearch on (H) or off (h):
 ~h
 # Historique ligne de commande (chronologie décroissante) :
 :q!
 |2,0,1703236388,,"q!"
 :x
 |2,0,1703236381,,"x"
 :x!
 |2,0,1703236221,,"x!"
 # Historique chaîne de recherche (chronologie décroissante) :
 # Historique expression (chronologie décroissante) :
 # Historique ligne de saisie (chronologie décroissante) :
 # Historique Ligne de débogage (chronologie décroissante) :
 # Registres :
 ""1	LINE	0
 	  connection: local
 |3,1,1,1,1,0,1703236374,"  connection: local"
 "2	LINE	0
 	  hosts: localhost
 |3,0,2,1,1,0,1703236374,"  hosts: localhost"
 # Marques dans le fichier :
 '0  1  2  ~/tools/ansible/gsb2024/s-mon.yml
 |4,48,1,2,1703236388,"~/tools/ansible/gsb2024/s-mon.yml"
 '1  1  9  ~/tools/ansible/gsb2024/s-mon.yml
 |4,49,1,9,1703236339,"~/tools/ansible/gsb2024/s-mon.yml"
 '2  9  9  ~/tools/ansible/gsb2024/s-mon.yml
 |4,50,9,9,1703236221,"~/tools/ansible/gsb2024/s-mon.yml"
 '3  9  9  ~/tools/ansible/gsb2024/s-mon.yml
 |4,51,9,9,1703236221,"~/tools/ansible/gsb2024/s-mon.yml"
 '4  11  9  ~/tools/ansible/gsb2024/s-mon.yml
 |4,52,11,9,1703236221,"~/tools/ansible/gsb2024/s-mon.yml"
 '5  11  9  ~/tools/ansible/gsb2024/s-mon.yml
 |4,53,11,9,1703236221,"~/tools/ansible/gsb2024/s-mon.yml"
 '6  1  13  ~/tools/ansible/gsb2024/s-mon.yml
 |4,54,1,13,1703236013,"~/tools/ansible/gsb2024/s-mon.yml"
 '7  1  13  ~/tools/ansible/gsb2024/s-mon.yml
 |4,55,1,13,1703236013,"~/tools/ansible/gsb2024/s-mon.yml"
 '8  1  13  ~/tools/ansible/gsb2024/s-mon.yml
 |4,56,1,13,1703236013,"~/tools/ansible/gsb2024/s-mon.yml"
 '9  1  13  ~/tools/ansible/gsb2024/s-mon.yml
 |4,57,1,13,1703236013,"~/tools/ansible/gsb2024/s-mon.yml"
 # Liste de sauts (le plus récent en premier) :
 -'  1  2  ~/tools/ansible/gsb2024/s-mon.yml
 |4,39,1,2,1703236388,"~/tools/ansible/gsb2024/s-mon.yml"
 -'  1  9  ~/tools/ansible/gsb2024/s-mon.yml
 |4,39,1,9,1703236339,"~/tools/ansible/gsb2024/s-mon.yml"
 -'  9  9  ~/tools/ansible/gsb2024/s-mon.yml
 |4,39,9,9,1703236318,"~/tools/ansible/gsb2024/s-mon.yml"
 -'  11  9  ~/tools/ansible/gsb2024/s-mon.yml
 |4,39,11,9,1703236318,"~/tools/ansible/gsb2024/s-mon.yml"
 -'  11  9  ~/tools/ansible/gsb2024/s-mon.yml
 |4,39,11,9,1703236221,"~/tools/ansible/gsb2024/s-mon.yml"
 -'  1  13  ~/tools/ansible/gsb2024/s-mon.yml
 |4,39,1,13,1703236018,"~/tools/ansible/gsb2024/s-mon.yml"
 -'  1  13  ~/tools/ansible/gsb2024/s-mon.yml
 |4,39,1,13,1703236013,"~/tools/ansible/gsb2024/s-mon.yml"
 # Historique des marques dans les fichiers (les plus récentes en premier) :
 > ~/tools/ansible/gsb2024/s-mon.yml
 	*	1703236386	0
 	"	1	2
 	^	9	10
 	.	2	0
 	+	10	0
 	+	2	0
--- a/pre/pull-config
+++ b/pre/pull-config
@@ -14,15 +14,15 @@ dir=/root/tools/ansible
 cd  "${dir}" || exit 1
 hostname  > hosts
 if [[ $# == 1 ]] ; then
 	opt=$1
 fi
 if [[ "${opt}" == '-l'  ]] ; then
-   cd "${dir}/${prj}" || exit 2	
+	cd "${dir}/${prj}" || exit 2
-   ansible-playbook -i localhost, -c local  "$(hostname).yml"
+	echo "Execution locale ...."
 	ansible-playbook -i localhost, -c local  "$(hostname).yml"
 else
-   ansible-pull -i "${dir}/hosts"  -C main -U "${UREP}"
+	ansible-pull -i "$(hostname)," -U "${UREP}"
 fi
 exit 0
--- a/18
+++ b/18
@@ -1,7 +1,11 @@
 #!/bin/bash
 dir=/root/tools/ansible
 prj=gsb2024
 opt=""
 if [ -z ${UREP+x} ]; then 
-	UREP=https://gitea.lyc-lecastel.fr/gsb/gsb2024.git 
+	UREP=https://gitea.lyc-lecastel.fr/gsb/gsb2024.git
 fi
 dir=/root/tools/ansible
@@ -10,7 +14,15 @@ dir=/root/tools/ansible
 cd  "${dir}" || exit 1
-hostname  > hosts
+if [[ $# == 1 ]] ; then
-ansible-pull -i "${dir}/hosts"  -C main -U "${UREP}"
+	opt=$1
 fi
 if [[ "${opt}" == '-l'  ]] ; then
 	cd "${dir}/${prj}" || exit 2
 	echo "Execution locale ...."
 	ansible-playbook -i localhost, -c local  "$(hostname).yml"
 else
 	ansible-pull -i "$(hostname)," -U "${UREP}"
 fi
 exit 0
--- a/roles/base/templates/hosts.j2
+++ b/roles/base/templates/hosts.j2
@@ -22,6 +22,8 @@
 192.168.99.14	s-nas.gsb.adm
 192.168.99.15	s-san.gsb.adm
 192.168.99.16	s-fog.gsb.adm
 192.168.99.20	s-kea1.gsb.adm
 192.168.99.21	s-kea2.gsb.adm
 192.168.99.50	s-lb-bd.gsb.adm
 192.168.99.101	s-lb-web1.gsb.adm
 192.168.99.102	s-lb-web2.gsb.adm
--- a/roles/base/templates/hosts.s-proxy.j2
+++ b/roles/base/templates/hosts.s-proxy.j2
@@ -21,6 +21,8 @@
 192.168.99.12	r-int.gsb.adm
 192.168.99.13	r-ext.gsb.adm
 192.168.99.14	s-nas.gsb.adm
 192.168.99.20	s-kea1.gsb.adm
 192.168.99.21	s-kea2.gsb.adm
 192.168.99.50	s-lb-bd.gsb.adm
 192.168.99.101	s-lb-web1.gsb.adm
 192.168.99.102	s-lb-web2.gsb.adm
--- a/roles/dhcp/files/dhcpd.conf
+++ b/roles/dhcp/files/dhcpd.conf
@@ -120,7 +120,7 @@ subnet 172.16.65.0 netmask 255.255.255.0 {
 #DHCP pour le réseau USER
 subnet 172.16.64.0 netmask 255.255.255.0 {
-        range 172.16.64.20 172.16.64.120;
+        range 172.16.64.100 172.16.64.150;
        option domain-name-servers 172.16.0.1 ;
        option routers 172.16.64.254;
        option broadcast-address 172.16.64.255;
--- a/roles/dns-master/files/db.gsb.lan
+++ b/roles/dns-master/files/db.gsb.lan
@@ -5,7 +5,7 @@
 ;
 $TTL    604800
@       IN      SOA     s-infra.gsb.lan. root.s-infra.gsb.lan. (
-                        2023051000      ; Serial
+                        2024011500      ; Serial
                        7200	        ; Refresh
                        86400           ; Retry
                        8419200         ; Expire
@@ -27,6 +27,8 @@ s-mon    	IN      A       172.16.0.8
 s-itil		IN	A	172.16.0.9
 s-elk		IN	A	172.16.0.11
 s-gestsup	IN	A	172.16.0.17
 s-kea1		IN	A	172.16.0.20
 s-kea2		IN	A	172.16.0.21
 r-int    	IN      A       172.16.0.254
 r-int-lnk    	IN      A       192.168.200.254
 r-ext  		IN      A       192.168.200.253
--- a/roles/dns-master/files/db.gsb.lan.rev
+++ b/roles/dns-master/files/db.gsb.lan.rev
@@ -5,7 +5,7 @@
 ;
 $TTL    604800
@       IN      SOA     s-infra.gsb.lan. root.s-infra.gsb.lan. (
-                        2023040501      ; Serial
+                        2024011500      ; Serial
                        7200            ; Refresh
                        86400           ; Retry
                        8419200         ; Expire
@@ -21,10 +21,12 @@ $TTL    604800
 7.0       IN      PTR     s-nxc.gsb.lan.
 8.0       IN      PTR     s-mon.gsb.lan.
 9.0	  IN	  PTR	  s-itil.gsb.lan.
 20.0	  IN	  PTR	  s-kea1.gsb.lan.
 21.0	  IN	  PTR	  s-kea2.gsb.lan.
 101.1     IN      PTR     s-web1
 101.2     IN      PTR     s-web2
 100.10   IN      PTR      s-lb
 100.10   IN      PTR      s-lb.gsb.lan
 11.0	  IN	  PTR	  s-elk.gsb.lan.
 17.0	  IN	  PTR	  s-gestsup.lan
-254.0     IN      PTR     r-int.gsb.lan.
+254.0     IN      PTR     r-int.gsb.lan.
--- a/roles/fog/files/.fogsettings.single-if
+++ b/roles/fog/files/.fogsettings.single-if
@@ -0,0 +1,46 @@
 ## Start of FOG Settings
 ## Created by the FOG Installer
 ## Find more information about this file in the FOG Project wiki:
 ##     https://wiki.fogproject.org/wiki/index.php?title=.fogsettings
 ## Version: 1.5.10
 ## Install time: mar. 16 janv. 2024 15:27:57
 ipaddress='192.168.99.100'
 copybackold='0'
 interface='enp0s3'
 submask='255.255.255.0'
 hostname='s-fog.gsb.lan'
 routeraddress='192.168.99.99'
 plainrouter='192.168.99.99'
 dnsaddress='192.168.99.99'
 username='fogproject'
 password='zbSw#FaGPS7O1bJ5tpfj'
 osid='2'
 osname='Debian'
 dodhcp='Y'
 bldhcp='0'
 dhcpd='isc-dhcp-server'
 blexports='1'
 installtype='N'
 snmysqluser='fogmaster'
 snmysqlpass='cbZjO*gCONbbldV4a6l1'
 snmysqlhost='localhost'
 mysqldbname='fog'
 installlang='0'
 storageLocation='/images'
 fogupdateloaded=1
 docroot='/var/www/html/'
 webroot='/fog/'
 caCreated='yes'
 httpproto='http'
 startrange=''
 endrange=''
 packages='apache2 bc build-essential cpp curl g++ gawk gcc genisoimage git gzip htmldoc isolinux lftp libapache2-mod-php libc6 libcurl4 liblzma-dev m4 mariadb-client mariadb-server net-tools nfs-kernel-server openssh-server php php-bcmath php-cli php-curl php-fpm php-gd php-json php-ldap php-mbstring php-mysql tar tftpd-hpa tftp-hpa unzip vsftpd wget zlib1g'
 noTftpBuild=''
 tftpAdvOpts=''
 sslpath='/opt/fog/snapins/ssl/'
 backupPath='/home/'
 armsupport=''
 php_ver='7.4'
 sslprivkey='/opt/fog/snapins/ssl//.srvprivate.key'
 sendreports='Y'
 ## End of FOG Settings
--- a/roles/fog/files/fogsettings
+++ b/roles/fog/files/fogsettings
@@ -3,18 +3,17 @@
 ## Find more information about this file in the FOG Project wiki:
 ##     https://wiki.fogproject.org/wiki/index.php?title=.fogsettings
 ## Version: 1.5.10
-## Install time: jeu. 11 janv. 2024
+## Install time: Mon Jan 15 23:16:31 2024
-## Install time: jeu. 11 janv. 2024 11:41:05
+ipaddress='172.16.0.8'
 ipaddress='172.16.64.16'
 copybackold='0'
-interface='enp0s9'
+interface='eth2'
 submask='255.255.255.0'
 hostname='s-fog.gsb.lan'
 routeraddress='172.16.64.254'
 plainrouter='172.16.64.254'
 dnsaddress='172.16.0.1'
 username='fogproject'
-password='/7ElC1OHrP47EN2w59xl'
+password='0lEyBKxcrQxseHLB#Cbg'
 osid='2'
 osname='Debian'
 dodhcp='y'
@@ -23,27 +22,26 @@ dhcpd='isc-dhcp-server'
 blexports='1'
 installtype='N'
 snmysqluser='fogmaster'
-snmysqlpass='HHO5vSGqFiHE_9d2lja3'
+snmysqlpass='DQG@4PU31F9vOE4bX6V2'
 snmysqlhost='localhost'
 mysqldbname='fog'
 installlang='1'
 storageLocation='/images'
 fogupdateloaded=1
-docroot='/var/www/'
+docroot='/var/www/html/'
 webroot='/fog/'
 caCreated='yes'
 httpproto='https'
-startrange='172.16.64.10'
+startrange='172.16.64.120'
-endrange='172.16.64.254'
+endrange='172.16.64.140'
-#bootfilename='undionly.kpxe'
+packages='apache2 bc build-essential cpp curl g++ gawk gcc genisoimage gettext git gzip htmldoc isc-dhcp-server isolinux lftp libapache2-mod-php libc6 libcurl4 liblzma-dev m4 mariadb-client mariadb-server net-tools nfs-kernel-server openssh-server php php-bcmath php-cli php-curl php-fpm php-gd php-intl php-json php-ldap php-mbstring php-mysql tar tftp-hpa tftpd-hpa unzip vsftpd wget zlib1g'
 packages='apache2 bc build-essential cpp curl g++ gawk gcc genisoimage gettext git gzip htmldoc isc-dhcp-server isolinux lftp libapache2-mod-php libc6 libcurl4 liblzma-dev m4 mariadb-client mariadb-server net-tools nfs-kernel-server openssh-server php php-bcmath php-cli php-curl php-fpm php-gd php-intl php-json php-ldap php-mbstring php-mysql tar tftpd-hpa tftp-hpa unzip vsftpd wget zlib1g'
 noTftpBuild=''
 tftpAdvOpts=''
 sslpath='/opt/fog/snapins/ssl/'
 backupPath='/home/'
 armsupport='0'
-php_ver='8.2'
+php_ver='7.4'
 #php_verAdds='-7.4'
 sslprivkey='/opt/fog/snapins/ssl//.srvprivate.key'
-sendreports='Y'
+sendreports='N'
 ## End of FOG Settings
--- a/roles/fog/files/fogsettings.old
+++ b/roles/fog/files/fogsettings.old
@@ -0,0 +1,49 @@
 ## Start of FOG Settings
 ## Created by the FOG Installer
 ## Find more information about this file in the FOG Project wiki:
 ##     https://wiki.fogproject.org/wiki/index.php?title=.fogsettings
 ## Version: 1.5.10
 ## Install time: jeu. 11 janv. 2024
 ## Install time: jeu. 11 janv. 2024 11:41:05
 ipaddress='172.16.64.16'
 copybackold='0'
 interface='enp0s9'
 submask='255.255.255.0'
 hostname='s-fog.gsb.lan'
 routeraddress='172.16.64.254'
 plainrouter='172.16.64.254'
 dnsaddress='172.16.0.1'
 username='fogproject'
 password='/7ElC1OHrP47EN2w59xl'
 osid='2'
 osname='Debian'
 dodhcp='y'
 bldhcp='1'
 dhcpd='isc-dhcp-server'
 blexports='1'
 installtype='N'
 snmysqluser='fogmaster'
 snmysqlpass='HHO5vSGqFiHE_9d2lja3'
 snmysqlhost='localhost'
 mysqldbname='fog'
 installlang='1'
 storageLocation='/images'
 fogupdateloaded=1
 docroot='/var/www/'
 webroot='/fog/'
 caCreated='yes'
 httpproto='https'
 startrange='172.16.64.10'
 endrange='172.16.64.254'
 #bootfilename='undionly.kpxe'
 packages='apache2 bc build-essential cpp curl g++ gawk gcc genisoimage gettext git gzip htmldoc isc-dhcp-server isolinux lftp libapache2-mod-php libc6 libcurl4 liblzma-dev m4 mariadb-client mariadb-server net-tools nfs-kernel-server openssh-server php php-bcmath php-cli php-curl php-fpm php-gd php-intl php-json php-ldap php-mbstring php-mysql tar tftpd-hpa tftp-hpa unzip vsftpd wget zlib1g'
 noTftpBuild=''
 tftpAdvOpts=''
 sslpath='/opt/fog/snapins/ssl/'
 backupPath='/home/'
 armsupport='0'
 php_ver='7.4'
 #php_verAdds='-7.4'
 sslprivkey='/opt/fog/snapins/ssl//.srvprivate.key'
 sendreports='Y'
 ## End of FOG Settings
--- a/roles/fog/files/fogsettings1
+++ b/roles/fog/files/fogsettings1
@@ -0,0 +1,51 @@
 ## Start of FOG Settings
 ## Created by the FOG Installer
 ## Find more information about this file in the FOG Project wiki:
 ##     https://wiki.fogproject.org/wiki/index.php?title=.fogsettings
 ## Version: 1.5.10
 ## Install time: Mon Jan 15 23:16:31 2024
 ipaddress='192.168.56.10'
 copybackold='0'
 interface='eth2'
 submask='255.255.255.0'
 hostname='fog'
 routeraddress='192.168.1.1'
 plainrouter='192.168.1.1'
 dnsaddress='192.168.1.1'
 username='fogproject'
 password='0lEyBKxcrQxseHLB#Cbg'
 osid='2'
 osname='Debian'
 dodhcp='y'
 bldhcp='1'
 dhcpd='isc-dhcp-server'
 blexports='1'
 installtype='N'
 snmysqluser='fogmaster'
 snmysqlpass='DQG@4PU31F9vOE4bX6V2'
 snmysqlhost='localhost'
 mysqldbname='fog'
 installlang='1'
 storageLocation='/images'
 fogupdateloaded=1
 docroot='/var/www/html/'
 webroot='/fog/'
 caCreated='yes'
 httpproto='https'
 startrange='192.168.56.10'
 endrange='192.168.56.254'
 packages='apache2 bc build-essential cpp curl g++ gawk gcc genisoimage gettext git gzip htmldoc i
 sc-dhcp-server isolinux lftp libapache2-mod-php libc6 libcurl4 liblzma-dev m4 mariadb-client mari
 adb-server net-tools nfs-kernel-server openssh-server php php-bcmath php-cli php-curl php-fpm php
 -gd php-intl php-json php-ldap php-mbstring php-mysql tar tftp-hpa tftpd-hpa unzip vsftpd wget zl
 ib1g '
 noTftpBuild=''
 tftpAdvOpts=''
 sslpath='/opt/fog/snapins/ssl/'
 backupPath='/home/'
 armsupport='0'
 php_ver='7.4'
 sslprivkey='/opt/fog/snapins/ssl//.srvprivate.key'
 sendreports='N'
 ## End of FOG Settings
--- a/roles/fog/tasks/main.yml
+++ b/roles/fog/tasks/main.yml
@@ -42,8 +42,8 @@
    src: "/tmp/{{ depl_fog }}"
    dest: "/tmp/"
- name: Exécution du script d'installation Fog
+      #- name: Exécution du script d'installation Fog
-  ansible.builtin.shell: sudo bash /tmp/fogproject-1.5.10/bin/installfog.sh --recreate-keys -f /tmp/fogsettings -y
+      #  ansible.builtin.shell: sudo bash /tmp/fogproject-1.5.10/bin/installfog.sh --recreate-keys -f /tmp/fogsettings -y
-  args:
+      #  args:
-    chdir: "/tmp/fogproject-1.5.10/"
+      #    chdir: "/tmp/fogproject-1.5.10/"
--- a/roles/journald-rcv/README.md
+++ b/roles/journald-rcv/README.md
@@ -4,7 +4,7 @@
 Ce role a pour objectif d'installer et d'éditer les fichiers de configuration de systemd journal remote afin que les machines lançant ce rôle puissent recevoir les logs des autres machine du parc.
-##  Opérations réaliser par le role:
+##  Opérations réalisées par le role:
 Le role réalise les opération suivante:
 * installation du paquet **systemd-journal-remote**.
 * Démarrage et activation (au démarrage) du service **systemd-journal-remote.socket.
--- a/roles/kea/README.md
+++ b/roles/kea/README.md
@@ -0,0 +1,14 @@
 # Rôle Kea
 ***
 Rôle du Kea pour la haute disponibilité dhcp
 ## Tables des matières
    1. [Que fait le rôle Kea ?]
 ## Que fait le rôle Kea ?
 Il permet de configurer les serveur kea en mode haute disponibilité.
 ### Installation et configuration de kea
 Le rôle kea va installer les packets kea dhcp4, hook, admin une fois les packets installer. Nous allons configurer les 2 serveurs kea pour qu'il distribut les ip de n-user et soit en haute disponibilité.
--- a/roles/kea/default/main.yml
+++ b/roles/kea/default/main.yml
@@ -0,0 +1,8 @@
 #variable kea
 kea_ver: "2.4.1"
 kea_dbname: ""
 kea_dbuser: ""
 kea_dbpasswd: ""
 kea_dhcp4_dir: "/etc/kea/kea-dhcp4.conf"
 kea_ctrl_dir: "/etc/kea/kea-ctrl-agent.conf"
--- a/roles/kea/handlers/main.yml
+++ b/roles/kea/handlers/main.yml
@@ -0,0 +1,5 @@
 - name: restart zabbix agent
   service:
     name: zabbix-agent
     state: restarted
     enabled: yes
--- a/roles/kea/tasks/main.yml
+++ b/roles/kea/tasks/main.yml
@@ -0,0 +1,65 @@
    - name: installation des dépendances
      apt:
        name:
        - liblog4cplus-2.0.5
        - libmariadb3
        - libpq5
        - mariadb-common
        - mysql-common
        state: present
    - name: telechargemement du paquet isc-kea-common 
      get_url:
        url: "https://dl.cloudsmith.io/public/isc/kea-2-4/deb/debian/pool/bookworm/main/i/is/isc-kea-common_2.4.1-isc20231123184533/isc-kea-common_2.4.1-isc20231123184533_amd64.deb" 
        dest: "/tmp"
    - name: telechargement du paquet isc-kea-dhcp4
      get_url:
        url: "https://dl.cloudsmith.io/public/isc/kea-2-4/deb/debian/pool/bookworm/main/i/is/isc-kea-dhcp4_2.4.1-isc20231123184533/isc-kea-dhcp4_2.4.1-isc20231123184533_amd64.deb" 
        dest: "/tmp"
    - name: telechargement du paquet isc-kea-ctrl-agent
      get_url:
        url: "https://dl.cloudsmith.io/public/isc/kea-2-4/deb/debian/pool/bookworm/main/i/is/isc-kea-ctrl-agent_2.4.1-isc20231123184533/isc-kea-ctrl-agent_2.4.1-isc20231123184533_amd64.deb" 
        dest: "/tmp"
    - name: telechargement du  paquet isc-kea-hooks
      get_url:
        url: "https://dl.cloudsmith.io/public/isc/kea-2-4/deb/debian/pool/bookworm/main/i/is/isc-kea-hooks_2.4.1-isc20231123184533/isc-kea-hooks_2.4.1-isc20231123184533_amd64.deb" 
        dest: "/tmp"
    - name: Update apt
      apt:
        update_cache: yes
    - name: Installation paquet isc-kea-common
      apt:
        deb: "/tmp/isc-kea-common_2.4.1-isc20231123184533_amd64.deb"
        state: present
    - name: Installation isc-kea-dhcp4
      apt:
        deb: "/tmp/isc-kea-dhcp4_2.4.1-isc20231123184533_amd64.deb"
        state: present
    - name: Installation isc-kea-ctrl-agent
      apt:
        deb: "/tmp/isc-kea-ctrl-agent_2.4.1-isc20231123184533_amd64.deb"
        state: present
    - name: Installation isc-kea-ctrl-agent
      apt:
        deb: "/tmp/isc-kea-ctrl-agent_2.4.1-isc20231123184533_amd64.deb"
        state: present
    - name: Installation isc-kea-hooks
      apt:
        deb: "/tmp/isc-kea-ctrl-agent_2.4.1-isc20231123184533_amd64.deb"
        state: present
    - name: Installation isc-kea-hooks
      apt:
        deb: "/tmp/isc-kea-ctrl-agent_2.4.1-isc20231123184533_amd64.deb"
        state: present
--- a/roles/post/files/interfaces.s-kea1
+++ b/roles/post/files/interfaces.s-kea1
@@ -0,0 +1,26 @@
 # This file describes the network interfaces available on your system
 # and how to activate them. For more information, see interfaces(5).
 # The loopback network interface
 auto lo
 iface lo inet loopback
 # cote N-adm
 allow-hotplug enp0s3
 iface enp0s3 inet static
 	address 192.168.99.20
 	netmask 255.255.255.0
 	gateway 192.168.99.99
 # cote N-infra
 allow-hotplug enp0s8
 iface enp0s8 inet static
 	address 172.16.0.20
 	netmask 255.255.255.0
 #cote N-user
 allow-hotplug enp0s9
 iface enp0s9 inet static
 	address 172.16.64.20
 	netmask 255.255.255.0
--- a/roles/post/files/interfaces.s-kea2
+++ b/roles/post/files/interfaces.s-kea2
@@ -0,0 +1,26 @@
 # This file describes the network interfaces available on your system
 # and how to activate them. For more information, see interfaces(5).
 # The loopback network interface
 auto lo
 iface lo inet loopback
 # cote N-adm
 allow-hotplug enp0s3
 iface enp0s3 inet static
 	address 192.168.99.21
 	netmask 255.255.255.0
 	gateway 192.168.99.99
 # cote N-infra
 allow-hotplug enp0s8
 iface enp0s8 inet static
 	address 172.16.0.21
 	netmask 255.255.255.0
 #cote N-user
 allow-hotplug enp0s9
 iface enp0s9 inet static
 	address 172.16.64.21
 	netmask 255.255.255.0
--- a/roles/zabbix-cli/tasks/main.yml
+++ b/roles/zabbix-cli/tasks/main.yml
@@ -18,25 +18,19 @@
        state: present
    - name: Enable Zabbix agent service
-      systemd:
+      service:
        name: zabbix-agent
        state: restarted
        enabled: yes
-    - name: Rm package
+    - name: Replace Zabbix agent config
-      file:
+      replace:
-        path: "/tmp/zabbix-release_6.4-1+debian12_all.deb"
+        path: /etc/zabbix/zabbix_agentd.conf
-        state: absent
+        regexp: '{{ item.regexp }}'
-
+        replace: '{{ item.replace }}'
-    - name: config
+        backup: true
-      template:
+      loop:
-        src: zabbix_agentd.conf.temp
+        - { regexp: '^(Server\s*=\s*).*$', replace: 'Server = 127.0.0.1' }
-        dest: /etc/zabbix/zabbix_agentd.conf
+        - { regexp: '^(ServerActive\s*=\s*).*$', replace: 'ServerActive = 192.168.99.8' }
-      vars:
+        - { regexp: '^(Hostname\s*=\s*).*$', replace: 'Hostname = {{ ansible_hostname }}' }
-        PidFile: "/run/zabbix/zabbix_agentd.pid"
+        - { regexp: '^(Include\s*=\s*).*$', replace: 'Include = /etc/zabbix/zabbix_agentd.d/*.conf' }
        LogFile: "/var/log/zabbix/zabbix_agentd.log"
        LogFileSize: "0"
        Server: "127.0.0.1"
        ServerActive: "192.168.99.8"
        Hostname: "{{ ansible_hostname }}"
        Include: "/etc/zabbix/zabbix_agentd.d/*.conf"
--- a/roles/zabbix-cli/templates/zabbix_agentd.conf.temp
+++ b/roles/zabbix-cli/templates/zabbix_agentd.conf.temp
@@ -1,7 +0,0 @@
 PidFile={{ PidFile }}
 LogFile={{ LogFile }}
 LogFileSize={{ LogFileSize }}
 Server={{ Server }}
 ServerActive={{ ServerActive }}
 Hostname={{ Hostname }}
 Include={{ Include }}
--- a/s-adm.yml
+++ b/s-adm.yml
@@ -8,7 +8,7 @@
    - dnsmasq
    - squid
 #    - local-store
-#    - zabbix-cli
+#    #- zabbix-cli
    ## - syslog-cli
    - post
 #    - goss
--- a/s-appli.yml
+++ b/s-appli.yml
@@ -8,7 +8,7 @@
    - appli
    - ssh-cli
    # - syslog-cli
-    - zabbix-cli
+    #- zabbix-cli
    - ssl-apache
    - post
--- a/s-backup.yml
+++ b/s-backup.yml
@@ -6,7 +6,7 @@
    - base
    - goss
 #   - proxy3
-    - zabbix-cli
+    #- zabbix-cli
 #   - ssh-cli
    # - syslog-cli
    - smb-backup
--- a/s-fog.yml
+++ b/s-fog.yml
@@ -5,10 +5,10 @@
  roles:
    - base
    - goss
-    - dhcp-fog
+      #- dhcp-fog
-    - ssh-cli
+      #    - ssh-cli
-    - snmp-agent
+#    - snmp-agent
    # - syslog-cli
-    #    - fog
+    - fog
-   - journald-snd  
+    #-   - journald-snd  
-    - post
+    #- post
--- a/s-infra.yml
+++ b/s-infra.yml
@@ -4,7 +4,7 @@
  #  include: config.yml
  roles:
    - base
-    - zabbix-cli 
+    #- zabbix-cli 
    - goss  
    - dns-master
    - webautoconf
--- a/s-mon.yml
+++ b/s-mon.yml
@@ -1,8 +1,8 @@
 ---
 - name: Zabbix
-  hosts: all
+  hosts: localhost
-  #  become: yes
+  become: yes
-  #  become_method: sudo
+  become_method: sudo
  #  become_user: root
  #  vars:
  #  access: "Restricted Nagios4 Access"
--- a/s-proxy.yml
+++ b/s-proxy.yml
@@ -6,7 +6,7 @@
    - base
    - goss
    - squid
-    - zabbix-cli
+    #- zabbix-cli
    - ssh-cli
    # - syslog-cli
    - post
--- a/scripts/mkvm
+++ b/scripts/mkvm
@@ -100,6 +100,10 @@ elif [[ "${vm}" == "s-nxc" ]] ; then
        create_if "${vm}" "n-adm" "n-infra"
 elif [[ "${vm}" == "s-fog" ]] ; then
        create_if "${vm}" "n-adm" "n-infra" "n-user"
 elif [[ "${vm}" == "s-kea1" ]] ; then
        create_if "${vm}" "n-adm" "n-infra" "n-user"
 elif [[ "${vm}" == "s-kea2" ]] ; then
        create_if "${vm}" "n-adm" "n-infra" "n-user"
 elif [[ "${vm}" == "s-dns-ext" ]] ; then
        create_if "${vm}" "n-adm" "n-dmz"
 elif [[ "${vm}" == "s-web-ext" ]] ; then
--- a/scripts/mkvm.ps1
+++ b/scripts/mkvm.ps1
@@ -102,6 +102,22 @@ elseif ($args[0] -eq "s-fog") {
 	create_if $args[0] "int" 3 "n-user"
 }
 elseif ($args[0] -eq "s-kea1") {
 	create_vm $args[0]
 	create_if $args[0] "int" 1 "n-adm"
 	create_if $args[0] "int" 2 "n-infra"
 	create_if $args[0] "int" 3 "n-user"
 }
 elseif ($args[0] -eq "s-kea2") {
 	create_vm $args[0]
 	create_if $args[0] "int" 1 "n-adm"
 	create_if $args[0] "int" 2 "n-infra"
 	create_if $args[0] "int" 3 "n-user"
 }
 elseif ($args[0] -eq "s-agence") {
 	create_vm $args[0]
Author	SHA1	Message	Date
phil	0d2968b2c8	prepa role fog	2024-01-16 23:55:52 +01:00
phil	86afa7c616	nettoyage pull-config	2024-01-16 23:14:22 +01:00
phil	00071b1c67	chgt plage adresse pour n-user : 100-150	2024-01-16 22:05:56 +01:00
root	b5237811e1	s-fog.yaml et fogsettings single interface	2024-01-16 15:34:41 +01:00
Jimmy Chevanne	25bb47afd3	Creation role kea a continuer	2024-01-16 12:41:50 +01:00
root	addabae478	maj s-mon : become	2024-01-16 12:06:22 +01:00
root	a57998f5de	maj goss r-vp2.yaml	2024-01-16 11:39:57 +01:00
root	262b7bdb13	maj goss r-vp2	2024-01-16 11:03:44 +01:00
Alhassane Kone	c45dc50d12	maj mvkm.ps1: ajout kea1 et kea2	2024-01-16 10:38:55 +01:00
Jimmy Chevanne	d1116a91c3	update	2024-01-16 10:32:09 +01:00
Jimmy Chevanne	9c8dca44c9	mise à jour mkvm	2024-01-16 10:24:04 +01:00
root	ce3b6e0a77	nettoyage s-fog	2024-01-15 21:47:44 +01:00
phil	a03298ed54	php version dans fogsettings	2024-01-15 21:34:04 +01:00
sio user	80b54a50df	ajout entrée dnas base, post et dns-master pour s-kea1 et s-kea2	2024-01-15 17:54:31 +01:00
root	045af9bea2	maj zabbix cli	2024-01-15 17:22:15 +01:00
gsb	6b10b981f4	Actualiser roles/journald-rcv/README.md	2024-01-15 13:57:01 +01:00
root	3811e2df5c	README.md	2024-01-15 00:49:40 +01:00
root	27aad0dcb5	commente appel role zabbix-cli non fonctionnel	2024-01-15 00:42:05 +01:00