From c446f35aed6e05fd820281cf3e712402fa3ca4da Mon Sep 17 00:00:00 2001
From: Johan Largy <johan.largy@ip-192-168-0-38>
Date: Tue, 4 Apr 2023 10:25:52 +0200
Subject: [PATCH] changement

---
 README.md                                |  2 +-
 r-vp1-fw.yml                             | 13 ++++++++++++
 r-vp1.yml                                |  2 --
 r-vp2.yml                                |  3 ---
 roles/dns-ag-cs/files/named.conf.options | 23 ---------------------
 roles/dns-ag-cs/handlers/main.yml        |  4 ----
 roles/dns-ag-cs/tasks/main.yml           | 11 ----------
 roles/post/files/interfaces.r-vp1-cs     | 26 ------------------------
 roles/post/files/interfaces.r-vp2-cs     | 25 -----------------------
 9 files changed, 14 insertions(+), 95 deletions(-)
 create mode 100644 r-vp1-fw.yml
 delete mode 100644 roles/dns-ag-cs/files/named.conf.options
 delete mode 100644 roles/dns-ag-cs/handlers/main.yml
 delete mode 100644 roles/dns-ag-cs/tasks/main.yml
 delete mode 100644 roles/post/files/interfaces.r-vp1-cs
 delete mode 100644 roles/post/files/interfaces.r-vp2-cs

diff --git a/README.md b/README.md
index 825cef3..8bfcb76 100644
--- a/README.md
+++ b/README.md
@@ -53,7 +53,7 @@ On utilsera le script (bash) **mkvm** ou (PowerShell) **mkvm.ps1** pour créeer
 
 ```shell
 gsb2023>
-cd pre
+cd scripts
 $ mkvm -r s-adm
 
 ```
diff --git a/r-vp1-fw.yml b/r-vp1-fw.yml
new file mode 100644
index 0000000..82e09e7
--- /dev/null
+++ b/r-vp1-fw.yml
@@ -0,0 +1,13 @@
+---
+- hosts: localhost
+  connection: local
+
+  vars:
+   - ip1: 192.168.0.51
+   - remip: 192.168.0.52
+   - mynet: 192.168.1.0
+   - remnet: 172.16.128.0
+
+  roles:
+   - fw-ferm
+   
diff --git a/r-vp1.yml b/r-vp1.yml
index ee4a155..f319d54 100644
--- a/r-vp1.yml
+++ b/r-vp1.yml
@@ -12,10 +12,8 @@
    - base
    - goss
 #   - snmp-agent
-#   - firewall-vpn-r
    - post
    - wireguard-r
-   - fw-ferm
    - ssh-cli
    - syslog-cli
    
diff --git a/r-vp2.yml b/r-vp2.yml
index 25e492e..a07e610 100644
--- a/r-vp2.yml
+++ b/r-vp2.yml
@@ -15,10 +15,7 @@
    - dns-agence
    - ssh-root-access
 #   - snmp-agent
-#   - firewall-vpn-l
    - wireguard-l
-#   - x509-l
    - post
    - ssh-cli
    - syslog-cli
-   - fw-ferm
diff --git a/roles/dns-ag-cs/files/named.conf.options b/roles/dns-ag-cs/files/named.conf.options
deleted file mode 100644
index d0daf3f..0000000
--- a/roles/dns-ag-cs/files/named.conf.options
+++ /dev/null
@@ -1,23 +0,0 @@
-// 0.2 - putconf - vendredi 12 avril 2013, 08:54:33 (UTC+0200)
-
-options {
-        directory "/var/cache/bind";
-
-        // If there is a firewall between you and nameservers you want
-        // to talk to, you may need to fix the firewall to allow multiple
-        // ports to talk.  See http://www.kb.cert.org/vuls/id/800113
-
-        // If your ISP provided one or more IP addresses for stable
-        // nameservers, you probably want to use them as forwarders.
-        // Uncomment the following block, and insert the addresses replacing
-        // the all-0's placeholder.
-
-        forwarders {
-                172.16.0.1;
-
-         };
-
-        auth-nxdomain no;    # conform to RFC1035
-        listen-on-v6 { any; };
-};
-
diff --git a/roles/dns-ag-cs/handlers/main.yml b/roles/dns-ag-cs/handlers/main.yml
deleted file mode 100644
index 33d4f98..0000000
--- a/roles/dns-ag-cs/handlers/main.yml
+++ /dev/null
@@ -1,4 +0,0 @@
----
-  - name: restart bind9
-    service: name=bind9 state=restarted
-
diff --git a/roles/dns-ag-cs/tasks/main.yml b/roles/dns-ag-cs/tasks/main.yml
deleted file mode 100644
index d3a88a6..0000000
--- a/roles/dns-ag-cs/tasks/main.yml
+++ /dev/null
@@ -1,11 +0,0 @@
----
-
-- name: Installation bind9
-  apt:  name=bind9 state=present update_cache=yes
-
-- name: Copie named.conf.options
-  copy: src=named.conf.options dest=/etc/bind
-  notify:
-    - restart bind9
-
-
diff --git a/roles/post/files/interfaces.r-vp1-cs b/roles/post/files/interfaces.r-vp1-cs
deleted file mode 100644
index 4a3abe3..0000000
--- a/roles/post/files/interfaces.r-vp1-cs
+++ /dev/null
@@ -1,26 +0,0 @@
-# This file describes the network interfaces available on your system
-# and how to activate them. For more information, see interfaces(5).
-
-# The loopback network interface
-#auto lo
-#iface lo inet loopback
-
-#cote N-adm
-allow-hotplug enp0s3
-iface enp0s3 inet dhcp
-	
-# reseau entre vpn
-allow-hotplug enp0s8
-iface enp0s8 inet static
-	address 192.168.0.51
-	netmask 255.255.255.0
-
-# reseau interne n-linkv
-allow-hotplug enp0s9
-iface enp0s9 inet static
-	address 192.168.1.2
-	netmask 255.255.255.0
-	up route add -net 172.16.128.0/24 gw 192.168.1.2
-	up route add default gw 192.168.1.1
-#	post-up /bin/bash /root/iptables-vpn
-	post-up /etc/init.d/ipsec restart
\ No newline at end of file
diff --git a/roles/post/files/interfaces.r-vp2-cs b/roles/post/files/interfaces.r-vp2-cs
deleted file mode 100644
index d5f8539..0000000
--- a/roles/post/files/interfaces.r-vp2-cs
+++ /dev/null
@@ -1,25 +0,0 @@
-# This file describes the network interfaces available on your system
-# and how to activate them. For more information, see interfaces(5).
-
-# The loopback network interface
-#auto lo
-#iface lo inet loopback
-
-# cote N-adm
-allow-hotplug enp0s3
-iface enp0s3 inet dhcp
-
-# cote Agence
-allow-hotplug enp0s8
-iface enp0s8 inet static
-	address 172.16.128.254
-	netmask 255.255.255.0
-
-# cote VPN
-allow-hotplug enp0s9
-iface enp0s9 inet static
-	address 192.168.0.52
-	netmask 255.255.255.0
-	up route add -net 192.168.1.0/24 gw 172.16.128.254
-#	post-up /bin/bash /root/iptables-vpn
-	post-up /etc/init.d/ipsec restart
\ No newline at end of file