maj goss r-vp2.yaml

maj goss r-vp2
maj mvkm.ps1: ajout kea1 et kea2
2024-01-16 11:39:57 +01:00 · 2024-01-16 11:03:44 +01:00 · 2024-01-16 10:38:55 +01:00 · 2024-01-16 10:32:09 +01:00 · 2024-01-16 10:24:04 +01:00 · 2024-01-15 21:47:44 +01:00
12 changed files with 96 additions and 16 deletions
--- a/goss/r-vp1.yaml
+++ b/goss/r-vp1.yaml
@@ -1,21 +1,20 @@
 file:
  /etc/wireguard/wg0.conf:
    exists: true
-    mode: "0644"
+    mode: "0600"
    owner: root
    group: root
    filetype: file
-    contains:
+    contains: []
    - AllowedIPs = 10.0.0.2/32, 172.16.128.0/24
 package:
  wireguard:
    installed: true
    versions:
-    - 1.0.20210223-1
+    - 1.0.20210914-1
  wireguard-tools:
    installed: true
    versions:
-    - 1.0.20210223-1
+    - 1.0.20210914-1+b1
 service:
  wg-quick@wg0:
    enabled: true
--- a/goss/r-vp2.yaml
+++ b/goss/r-vp2.yaml
@@ -1,7 +1,8 @@
 file:
  /etc/wireguard/wg0.conf:
    exists: true
-    mode: "0644"
+    mode: "0600"
    size: 374
    owner: root
    group: root
    filetype: file
@@ -10,11 +11,11 @@ package:
  wireguard:
    installed: true
    versions:
-    - 1.0.20210223-1
+    - 1.0.20210914-1
  wireguard-tools:
    installed: true
    versions:
-    - 1.0.20210223-1
+    - 1.0.20210914-1+b1
 service:
  isc-dhcp-server:
    enabled: true
--- a/roles/base/templates/hosts.j2
+++ b/roles/base/templates/hosts.j2
@@ -22,6 +22,8 @@
 192.168.99.14	s-nas.gsb.adm
 192.168.99.15	s-san.gsb.adm
 192.168.99.16	s-fog.gsb.adm
 192.168.99.20	s-kea1.gsb.adm
 192.168.99.21	s-kea2.gsb.adm
 192.168.99.50	s-lb-bd.gsb.adm
 192.168.99.101	s-lb-web1.gsb.adm
 192.168.99.102	s-lb-web2.gsb.adm
--- a/roles/base/templates/hosts.s-proxy.j2
+++ b/roles/base/templates/hosts.s-proxy.j2
@@ -21,6 +21,8 @@
 192.168.99.12	r-int.gsb.adm
 192.168.99.13	r-ext.gsb.adm
 192.168.99.14	s-nas.gsb.adm
 192.168.99.20	s-kea1.gsb.adm
 192.168.99.21	s-kea2.gsb.adm
 192.168.99.50	s-lb-bd.gsb.adm
 192.168.99.101	s-lb-web1.gsb.adm
 192.168.99.102	s-lb-web2.gsb.adm
--- a/roles/dns-master/files/db.gsb.lan
+++ b/roles/dns-master/files/db.gsb.lan
@@ -5,7 +5,7 @@
 ;
 $TTL    604800
@       IN      SOA     s-infra.gsb.lan. root.s-infra.gsb.lan. (
-                        2023051000      ; Serial
+                        2024011500      ; Serial
                        7200	        ; Refresh
                        86400           ; Retry
                        8419200         ; Expire
@@ -27,6 +27,8 @@ s-mon    	IN      A       172.16.0.8
 s-itil		IN	A	172.16.0.9
 s-elk		IN	A	172.16.0.11
 s-gestsup	IN	A	172.16.0.17
 s-kea1		IN	A	172.16.0.20
 s-kea2		IN	A	172.16.0.21
 r-int    	IN      A       172.16.0.254
 r-int-lnk    	IN      A       192.168.200.254
 r-ext  		IN      A       192.168.200.253
--- a/roles/dns-master/files/db.gsb.lan.rev
+++ b/roles/dns-master/files/db.gsb.lan.rev
@@ -5,7 +5,7 @@
 ;
 $TTL    604800
@       IN      SOA     s-infra.gsb.lan. root.s-infra.gsb.lan. (
-                        2023040501      ; Serial
+                        2024011500      ; Serial
                        7200            ; Refresh
                        86400           ; Retry
                        8419200         ; Expire
@@ -21,10 +21,12 @@ $TTL    604800
 7.0       IN      PTR     s-nxc.gsb.lan.
 8.0       IN      PTR     s-mon.gsb.lan.
 9.0	  IN	  PTR	  s-itil.gsb.lan.
 20.0	  IN	  PTR	  s-kea1.gsb.lan.
 21.0	  IN	  PTR	  s-kea2.gsb.lan.
 101.1     IN      PTR     s-web1
 101.2     IN      PTR     s-web2
 100.10   IN      PTR      s-lb
 100.10   IN      PTR      s-lb.gsb.lan
 11.0	  IN	  PTR	  s-elk.gsb.lan.
 17.0	  IN	  PTR	  s-gestsup.lan
-254.0     IN      PTR     r-int.gsb.lan.
+254.0     IN      PTR     r-int.gsb.lan.
--- a/roles/fog/files/fogsettings
+++ b/roles/fog/files/fogsettings
@@ -42,7 +42,7 @@ tftpAdvOpts=''
 sslpath='/opt/fog/snapins/ssl/'
 backupPath='/home/'
 armsupport='0'
-php_ver='8.2'
+php_ver='7.4'
 #php_verAdds='-7.4'
 sslprivkey='/opt/fog/snapins/ssl//.srvprivate.key'
 sendreports='Y'
--- a/roles/post/files/interfaces.s-kea1
+++ b/roles/post/files/interfaces.s-kea1
@@ -0,0 +1,26 @@
 # This file describes the network interfaces available on your system
 # and how to activate them. For more information, see interfaces(5).
 # The loopback network interface
 auto lo
 iface lo inet loopback
 # cote N-adm
 allow-hotplug enp0s3
 iface enp0s3 inet static
 	address 192.168.99.20
 	netmask 255.255.255.0
 	gateway 192.168.99.99
 # cote N-infra
 allow-hotplug enp0s8
 iface enp0s8 inet static
 	address 172.16.0.20
 	netmask 255.255.255.0
 #cote N-user
 allow-hotplug enp0s9
 iface enp0s9 inet static
 	address 172.16.64.20
 	netmask 255.255.255.0
--- a/roles/post/files/interfaces.s-kea2
+++ b/roles/post/files/interfaces.s-kea2
@@ -0,0 +1,26 @@
 # This file describes the network interfaces available on your system
 # and how to activate them. For more information, see interfaces(5).
 # The loopback network interface
 auto lo
 iface lo inet loopback
 # cote N-adm
 allow-hotplug enp0s3
 iface enp0s3 inet static
 	address 192.168.99.21
 	netmask 255.255.255.0
 	gateway 192.168.99.99
 # cote N-infra
 allow-hotplug enp0s8
 iface enp0s8 inet static
 	address 172.16.0.21
 	netmask 255.255.255.0
 #cote N-user
 allow-hotplug enp0s9
 iface enp0s9 inet static
 	address 172.16.64.21
 	netmask 255.255.255.0
--- a/s-fog.yml
+++ b/s-fog.yml
@@ -5,10 +5,10 @@
  roles:
    - base
    - goss
-    - dhcp-fog
+      #- dhcp-fog
-    - ssh-cli
+      #    - ssh-cli
-    - snmp-agent
+#    - snmp-agent
    # - syslog-cli
    #    - fog
-   - journald-snd  
+    #-   - journald-snd  
    - post
--- a/scripts/mkvm
+++ b/scripts/mkvm
@@ -100,6 +100,10 @@ elif [[ "${vm}" == "s-nxc" ]] ; then
        create_if "${vm}" "n-adm" "n-infra"
 elif [[ "${vm}" == "s-fog" ]] ; then
        create_if "${vm}" "n-adm" "n-infra" "n-user"
 elif [[ "${vm}" == "s-kea1" ]] ; then
        create_if "${vm}" "n-adm" "n-infra" "n-user"
 elif [[ "${vm}" == "s-kea2" ]] ; then
        create_if "${vm}" "n-adm" "n-infra" "n-user"
 elif [[ "${vm}" == "s-dns-ext" ]] ; then
        create_if "${vm}" "n-adm" "n-dmz"
 elif [[ "${vm}" == "s-web-ext" ]] ; then
--- a/scripts/mkvm.ps1
+++ b/scripts/mkvm.ps1
@@ -102,6 +102,22 @@ elseif ($args[0] -eq "s-fog") {
 	create_if $args[0] "int" 3 "n-user"
 }
 elseif ($args[0] -eq "s-kea1") {
 	create_vm $args[0]
 	create_if $args[0] "int" 1 "n-adm"
 	create_if $args[0] "int" 2 "n-infra"
 	create_if $args[0] "int" 3 "n-user"
 }
 elseif ($args[0] -eq "s-kea2") {
 	create_vm $args[0]
 	create_if $args[0] "int" 1 "n-adm"
 	create_if $args[0] "int" 2 "n-infra"
 	create_if $args[0] "int" 3 "n-user"
 }
 elseif ($args[0] -eq "s-agence") {
 	create_vm $args[0]
Author	SHA1	Message	Date
root	a57998f5de	maj goss r-vp2.yaml	2024-01-16 11:39:57 +01:00
root	262b7bdb13	maj goss r-vp2	2024-01-16 11:03:44 +01:00
Alhassane Kone	c45dc50d12	maj mvkm.ps1: ajout kea1 et kea2	2024-01-16 10:38:55 +01:00
Jimmy Chevanne	d1116a91c3	update	2024-01-16 10:32:09 +01:00
Jimmy Chevanne	9c8dca44c9	mise à jour mkvm	2024-01-16 10:24:04 +01:00
root	ce3b6e0a77	nettoyage s-fog	2024-01-15 21:47:44 +01:00
phil	a03298ed54	php version dans fogsettings	2024-01-15 21:34:04 +01:00
sio user	80b54a50df	ajout entrée dnas base, post et dns-master pour s-kea1 et s-kea2	2024-01-15 17:54:31 +01:00