maj post-lb web2

update
modif reseau proxy
2024-01-18 11:45:25 +01:00 · 2024-01-18 11:34:02 +01:00 · 2024-01-18 11:19:52 +01:00 · 2024-01-18 11:11:34 +01:00
6 changed files with 19 additions and 8 deletions
--- a/roles/fw-ferm/files/ferm.conf.r-vp1
+++ b/roles/fw-ferm/files/ferm.conf.r-vp1
@ -4,7 +4,6 @@
@def $DEV_PRIVATE = enp0s8;
@def $DEV_WORLD = enp0s9;
@def $DEV_WORLD = enp0s9;
@def $DEV_VPN= wg0;
@def $NET_PRIVATE = 172.16.0.0/24;
@ -32,7 +31,7 @@ table filter {
        # well-known internet hosts
        saddr ($NET_PRIVATE) proto tcp dport ssh ACCEPT;
-        # we provide DNS and SMTP services for the internal net
+        # we provide DNS services for the internal net
        interface $DEV_PRIVATE saddr $NET_PRIVATE {
            proto (udp tcp) dport domain ACCEPT;
            proto udp dport bootps ACCEPT;
--- a/roles/fw-ferm/files/ferm.conf.r-vp2
+++ b/roles/fw-ferm/files/ferm.conf.r-vp2
@ -29,7 +29,7 @@ table filter {
        # well-known internet hosts
        saddr ($NET_PRIVATE) proto tcp dport ssh ACCEPT;
-        # we provide DNS and SMTP services for the internal net
+        # we provide DNS services for the internal net
        interface $DEV_PRIVATE saddr $NET_PRIVATE {
            proto (udp tcp) dport domain ACCEPT;
            proto udp dport bootps ACCEPT;
--- a/roles/nxc-traefik/tasks/main.yml
+++ b/roles/nxc-traefik/tasks/main.yml
@ -69,8 +69,13 @@
  args:
    chdir: /root/nxc
- name: Creation reseau docker proxy
+- name: vérification si le réseau proxy existe
  command: docker network ls --filter name=proxy
  register:  net_proxy
 - name: création du réseau proxy
  command: docker network create proxy
  when: net_proxy.stdout.find('proxy') == -1
    #- name: Démarrage du docker-compose...
    #command: /bin/bash docker-compose up -d
--- a/roles/post-lb/files/interfaces.s-lb-web2
+++ b/roles/post-lb/files/interfaces.s-lb-web2
@ -7,15 +7,15 @@ iface lo inet loopback
 # carte n-adm
 allow-hotplug enp0s3
 iface enp0s3 inet static
-	address 192.168.99.101/24
+	address 192.168.99.102/24
 # Réseau n-dmz-lb
 allow-hotplug enp0s8
 iface enp0s8 inet static
-        address 192.168.101.1/24
+        address 192.168.101.2/24
 # réseau n-dmz-db
 allow-hotplug enp0s9
 iface enp0s9 inet static
-        address 192.168.102.1/24
+        address 192.168.102.2/24
 	post-up mount -o rw 192.168.102.253:/home/wordpress /var/www/html
--- a/roles/zabbix-cli/tasks/main.yml
+++ b/roles/zabbix-cli/tasks/main.yml
@ -34,3 +34,10 @@
        - { regexp: '^(ServerActive\s*=\s*).*$', replace: 'ServerActive = 192.168.99.8' }
        - { regexp: '^(Hostname\s*=\s*).*$', replace: 'Hostname = {{ ansible_hostname }}' }
        - { regexp: '^(Include\s*=\s*).*$', replace: 'Include = /etc/zabbix/zabbix_agentd.d/*.conf' }
    - name: Enable Zabbix agent service
      service:
        name: zabbix-agent
        state: restarted
        enabled: yes
--- a/wireguard/ping-sinfra.sh
+++ b/wireguard/ping-sinfra.sh
@ -18,4 +18,4 @@ echo ping  r-vp2 interface interface interne
 ping -c3 172.16.128.254
 echo ping  s-agence
-ping -c3 172.16.128.11
+ping -c3 172.16.128.10
Author	SHA1	Message	Date
Jimmy Chevanne	8b59a5553f	maj post-lb web2	2024-01-18 11:45:25 +01:00
Florian Ribeiro	5f1b04fd96	update	2024-01-18 11:34:02 +01:00
root	3b88857c0b	modif reseau proxy	2024-01-18 11:19:52 +01:00
root	72c5498e64	maj role fw	2024-01-18 11:11:34 +01:00