diff --git a/goss/r-vp2.yaml b/goss/r-vp2.yaml new file mode 100644 index 0000000..cb0669d --- /dev/null +++ b/goss/r-vp2.yaml @@ -0,0 +1,52 @@ +file: + /etc/wireguard/wg0.conf: + exists: true + mode: "0644" + owner: root + group: root + filetype: file + contains: [] +package: + wireguard: + installed: true + versions: + - 1.0.20210223-1 + wireguard-tools: + installed: true + versions: + - 1.0.20210223-1 +service: + isc-dhcp-server: + enabled: true + running: true + wg-quick@wg0: + enabled: true + running: true +command: + ping -c4 10.0.0.1: + exit-status: 0 + stdout: + - 0% packet loss + stderr: [] + timeout: 10000 +interface: + enp0s3: + exists: true + addrs: + - 192.168.99.102/24 + mtu: 1500 + enp0s8: + exists: true + addrs: + - 172.16.128.254/24 + mtu: 1500 + enp0s9: + exists: true + addrs: + - 192.168.0.52/24 + mtu: 1500 + wg0: + exists: true + addrs: + - 10.0.0.2/32 + mtu: 1420 diff --git a/goss/r-vp2goss.yaml b/goss/r-vp2goss.yaml deleted file mode 100644 index 0035b48..0000000 --- a/goss/r-vp2goss.yaml +++ /dev/null @@ -1,67 +0,0 @@ -package: - ferm: - installed: true - ipsec: - installed: true -port: - tcp:53: - listening: true - udp:67: - listening: true - udp:68: - listening: true -service: - dnsmasq: - enabled: true - running: true - ferm: - enabled: true - running: true - ssh: - enabled: true - running: true -command: - sysctl net.ipv4.ip_forward: - exit-status: 0 - stdout: - - net.ipv4.ip_forward = 1 - stderr: [] - timeout: 10000 - sysctl ping -c 4 192.168.0.51: - exit-status: 0 - stdout: - - 4 received = 1 - stderr: [] - timeout: 10000 - sysctl ping -c 4 192.168.1.1: - exit-status: 0 - stdout: - - 4 received = 1 - stderr: [] - timeout: 10000 - sysctl ping -c 4 192.168.200.254: - exit-status: 0 - stdout: - - 4 received = 1 - stderr: [] - timeout: 10000 - sysctl ping -c 4 172.16.0.1: - exit-status: 0 - stdout: - - 4 received = 1 - stderr: [] - timeout: 10000 -process: - dnsmasq: - running: true - squid3: - running: true -interface: - enp0s8: - exists: true - addrs: - - 172.16.128.254/24 - enp0s9: - exists: true - addrs: - - 192.168.0.52/24 \ No newline at end of file diff --git a/goss/s-agence.yaml b/goss/s-agence.yaml index 5ed9d25..5565f72 100644 --- a/goss/s-agence.yaml +++ b/goss/s-agence.yaml @@ -1,39 +1,19 @@ command: - ip r: + ip route |grep default: exit-status: 0 stdout: - default via 172.16.128.254 dev enp0s8 - - 172.16.128.0/24 - - 192.168.99.0/24 stderr: [] timeout: 10000 - ping -c 2 172.16.128.254: + ping -c4 172.16.0.1: exit-status: 0 stdout: - 0% packet loss stderr: [] timeout: 10000 - ping -c 2 192.168.1.2: + ping -c4 172.16.128.254: exit-status: 0 stdout: - - 0% packet loss - stderr: [] - timeout: 10000 - ping -c 2 192.168.1.1: - exit-status: 0 - stdout: - - 0% packet loss - stderr: [] - timeout: 10000 - ping -c 2 192.168.200.254: - exit-status: 0 - stdout: - - 0% packet loss - stderr: [] - timeout: 10000 - ping -c 2 172.16.0.1: - exit-status: 0 - stdout: - - 0% packet loss + - 0% packet loss stderr: [] timeout: 10000 diff --git a/goss/s-backup.yaml b/goss/s-backup.yaml new file mode 100644 index 0000000..7c71428 --- /dev/null +++ b/goss/s-backup.yaml @@ -0,0 +1,41 @@ +package: + bind9: + installed: true + cifs-utils: + installed: true + rsync: + installed: true + smbclient: + installed: true +service: + bind9: + enabled: true + running: true + rsync: + enabled: true + running: false +command: + ping -c4 ns.gsb.lan: + exit-status: 0 + stdout: + - 0% packet loss + stderr: [] + timeout: 10000 +#check si partage windows accesible + smbclient -L //s-win --user=uBackup%Azerty1+ | grep 'public': + exit-status: 0 + stdout: + - public + stderr: [] + timeout: 10000 +interface: + enp0s3: + exists: true + addrs: + - 192.168.99.4/24 + mtu: 1500 + enp0s8: + exists: true + addrs: + - 172.16.0.4/24 + mtu: 1500 diff --git a/pre/inst-depl b/pre/inst-depl index 7421be7..922eedb 100644 --- a/pre/inst-depl +++ b/pre/inst-depl @@ -9,16 +9,23 @@ apt update && apt upgrade apt install -y apache2 git STOREREP="/var/www/html/gsbstore" -GLPIREL=10.0.5 +GLPIREL=10.0.6 str="wget -nc https://github.com/glpi-project/glpi/releases/download/${GLPIREL}/glpi-${GLPIREL}.tgz" -FIREL=10.0.3+1.0 -str2="https://github.com/fusioninventory/fusioninventory-for-glpi/releases/download/glpi${FIREL}/fusioninventory-${FIREL}.tar.bz2" -FIAGREL=2.6 -str31="wget -nc https://github.com/fusioninventory/fusioninventory-agent/releases/download/${FIAGREL}/fusioninventory-agent_windows-x64_${FIAGREL}.exe" +#Fusion Inventory + +#FIREL=10.0.3+1.0 +#str2="https://github.com/fusioninventory/fusioninventory-for-glpi/releases/download/glpi${FIREL}/fusioninventory-${FIREL}.tar.bz2" + + +#GLPI Agent + +GLPIAGVER=1.4 +str31="wget -nc https://github.com/glpi-project/glpi-agent/releases/download/${GLPIAGVER}/GLPI-Agent-${GLPIAGVER}-x64.msi" + +str32="wget -nc https://github.com/glpi-project/glpi-agent/releases/download/${GLPIAGVER}/GLPI-Agent-${GLPIAGVER}-x86.msi" -str32="wget -nc https://github.com/fusioninventory/fusioninventory-agent/releases/download/${FIAGREL}/fusioninventory-agent_windows-x86_${FIAGREL}.exe" FOGREL=1.5.9 str4="wget -nc https://github.com/FOGProject/fogproject/archive/${FOGREL}.tar.gz -O fogproject-${FOGREL}.tar.gz" diff --git a/roles/itil/README.md b/roles/glpi/README.md similarity index 100% rename from roles/itil/README.md rename to roles/glpi/README.md diff --git a/roles/glpi/defaults/main.yml b/roles/glpi/defaults/main.yml new file mode 100644 index 0000000..43b3138 --- /dev/null +++ b/roles/glpi/defaults/main.yml @@ -0,0 +1,6 @@ +depl_url: "http://s-adm.gsb.adm/gsbstore" +#depl_glpi: "glpi-9.5.6.tgz" +depl_glpi: "glpi-10.0.6.tgz" +#depl_fusioninventory: "fusioninventory-9.5+3.0.tar.bz2" +depl_glpi_agentx64: "GLPI-Agent-1.4-x64.msi" +depl_glpi_agentx86: "GLPI-Agent-1.4-x86.msi" diff --git a/roles/itil/files/.my.cnf b/roles/glpi/files/.my.cnf similarity index 100% rename from roles/itil/files/.my.cnf rename to roles/glpi/files/.my.cnf diff --git a/roles/itil/files/dbdump b/roles/glpi/files/dbdump similarity index 100% rename from roles/itil/files/dbdump rename to roles/glpi/files/dbdump diff --git a/roles/itil/files/glpi.conf b/roles/glpi/files/glpi.conf similarity index 100% rename from roles/itil/files/glpi.conf rename to roles/glpi/files/glpi.conf diff --git a/roles/itil/handlers/main.yml b/roles/glpi/handlers/main.yml similarity index 100% rename from roles/itil/handlers/main.yml rename to roles/glpi/handlers/main.yml diff --git a/roles/itil/tasks/main.yml b/roles/glpi/tasks/main.yml similarity index 86% rename from roles/itil/tasks/main.yml rename to roles/glpi/tasks/main.yml index fe619d5..1e8d3c4 100644 --- a/roles/itil/tasks/main.yml +++ b/roles/glpi/tasks/main.yml @@ -105,12 +105,12 @@ # - name: copy .my.cnf file with root password credentials # copy: src=.my.cnf dest=/root/tools/ansible/.my.cnf owner=root mode=0600 - - name: Installation de Fusioninventory pour Linux - unarchive: - src: "{{ depl_url }}/{{ depl_fusioninventory }}" - #src: http://depl/gsbstore/fusioninventory-{{ fd_version }}.tar.bz2 - dest: /var/www/html/glpi/plugins - remote_src: yes +# - name: Installation de Fusioninventory pour Linux +# unarchive: +# src: "{{ depl_url }}/{{ depl_fusioninventory }}" +#src: http://depl/gsbstore/fusioninventory-{{ fd_version }}.tar.bz2 +# dest: /var/www/html/glpi/plugins +# remote_src: yes - name: Creation de ficlient file: @@ -127,15 +127,15 @@ group: www-data mode: 0775 - - name: Installation de FusionInventory windows x64 + - name: Installation de GLPI Agent windows x64 get_url: - url: "{{ depl_url }}/{{ depl_fusioninventory_agentx64 }}" + url: "{{ depl_url }}/{{ depl_glpi_agentx64 }}" dest: "/var/www/html/ficlients" - - name: Installation de FusionInventory windows x86 - get_url: - url: "{{ depl_url }}/{{ depl_fusioninventory_agentx86 }}" - dest: "/var/www/html/ficlients" +# - name: Installation de GLPI Agent windows x86 +# get_url: +# url: "{{ depl_url }}/{{ depl_glpi_agentx86 }}" +# dest: "/var/www/html/ficlients" - name: Attribution des permissions sur repertoire /plugins/fusioninventory file: diff --git a/roles/itil/templates/block.j2 b/roles/glpi/templates/block.j2 similarity index 100% rename from roles/itil/templates/block.j2 rename to roles/glpi/templates/block.j2 diff --git a/roles/itil/defaults/main.yml b/roles/itil/defaults/main.yml deleted file mode 100644 index 39b876e..0000000 --- a/roles/itil/defaults/main.yml +++ /dev/null @@ -1,6 +0,0 @@ -depl_url: "http://s-adm.gsb.adm/gsbstore" -#depl_glpi: "glpi-9.5.6.tgz" -depl_glpi: "glpi-10.0.5.tgz" -depl_fusioninventory: "fusioninventory-9.5+3.0.tar.bz2" -depl_fusioninventory_agentx64: "fusioninventory-agent_windows-x64_2.6.exe" -depl_fusioninventory_agentx86: "fusioninventory-agent_windows-x86_2.6.exe" diff --git a/roles/lb-front/tasks/main.yml b/roles/lb-front/tasks/main.yml index a419b51..ce787ca 100644 --- a/roles/lb-front/tasks/main.yml +++ b/roles/lb-front/tasks/main.yml @@ -8,7 +8,7 @@ path: /etc/haproxy/haproxy.cfg block: | frontend proxypublic - bind 192.168.56.2:80 + bind 192.168.100.10:80 default_backend fermeweb backend fermeweb @@ -21,5 +21,5 @@ - name: redemarre haproxy service: name: haproxy - state: restarted +# state: restarted enabled: yes diff --git a/roles/lb-web/tasks/main.yml b/roles/lb-web/tasks/main.yml index d1c92d8..e04d326 100644 --- a/roles/lb-web/tasks/main.yml +++ b/roles/lb-web/tasks/main.yml @@ -1,38 +1,29 @@ ---- - - name: creation repertoir - file: - path: /home/ - state: directory - - name: download and extract wordpress - unarchive: - src: "{{ depl_url }}/{{ depl_wordpress }}" +--- +- name: installation php et apache ... + apt: + name: + - apache2 + - php + - php-mbstring + - php-mysql + - mariadb-client + state: present + +- name: download and extract wordpress + unarchive: + src: https://fr.wordpress.org/latest-fr_FR.tar.gz dest: /home/ remote_src: yes - owner: www-data - group: www-data - - name: Copy sample config file - command: mv /home/wordpress/wp-config-sample.php /home/wordpress/wp-config.php creates=/home/wordpress/wp-config.php +- name: Copy sample config file + command: mv /home/wordpress/wp-config-sample.php /home/wordpress/wp-config.php creates=/home/wordpress/wp-config.php - - name: Changement du fichier de conf - copy: - src: wp-config.php - dest: /home/wordpress/wp-config.php +- name: Changement du fichier de conf + copy: + src: wp-config.php + dest: /home/wordpress/wp-config.php - - name: Attributions des permissions - file: - path: /home/wordpress - recurse: yes - owner: 33 - group: 33 - -# - name: Fix permissions -# shell: chown -R www-data /var/www/wordpress/* -# -# - name: Update default Apache site -# lineinfile: -# dest=/etc/apache2/sites-enabled/000-default.conf -# regexp="(.)+DocumentRoot /var/www/html" -# line="DocumentRoot /var/www/wordpress" -# notify: -# - restart apache2 +- name: Attributions des permissions + file: + path: /home/wordpress + recurse: yes diff --git a/s-backup.yml b/s-backup.yml index 983e4d3..b89ab9d 100644 --- a/s-backup.yml +++ b/s-backup.yml @@ -4,6 +4,7 @@ roles: - base + - goss # - proxy3 - snmp-agent # - ssh-cli diff --git a/s-itil.yml b/s-itil.yml index 5bab648..238fb64 100644 --- a/s-itil.yml +++ b/s-itil.yml @@ -2,23 +2,20 @@ - hosts: localhost connection: local - vars: + #vars: - glpi_version: "9.4.5" - fd_version: "9.4+1.1" - fd_version64: "x64_2.5.2" - fd_version86: "x86_2.5.2" - glpi_dir: "/var/www/html/glpi" - glpi_dbhost: "127.0.0.1" - glpi_dbname: "glpi" - glpi_dbuser: "glpi" - glpi_dbpasswd: "glpi" + #glpi_version: "9.4.5" + #glpi_dir: "/var/www/html/glpi" + #glpi_dbhost: "127.0.0.1" + #glpi_dbname: "glpi" + #glpi_dbuser: "glpi" + #glpi_dbpasswd: "glpi" roles: - base - goss - snmp-agent - - itil + - glpi - ssh-cli - syslog-cli - post diff --git a/s-lb-web1.yml b/s-lb-web1.yml index 67f50d3..7a7d540 100644 --- a/s-lb-web1.yml +++ b/s-lb-web1.yml @@ -8,4 +8,3 @@ - snmp-agent - lb-nfs-client - post -