From c32cf92cf5085ec867125117ccf2ffa8f4fcbf20 Mon Sep 17 00:00:00 2001 From: Elam Monnot Date: Wed, 25 Jan 2023 15:17:18 +0100 Subject: [PATCH 1/9] correction role lb-front --- roles/lb-front/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lb-front/tasks/main.yml b/roles/lb-front/tasks/main.yml index a419b51..34a3332 100644 --- a/roles/lb-front/tasks/main.yml +++ b/roles/lb-front/tasks/main.yml @@ -21,5 +21,5 @@ - name: redemarre haproxy service: name: haproxy - state: restarted +# state: restarted enabled: yes From 62f9591c627bc0fbe82bb0a50acc336a1e1b3072 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 25 Jan 2023 15:24:53 +0100 Subject: [PATCH 2/9] goss s-backup --- goss/s-backup.yaml | 41 +++++++++++++++++++++++++++++++++++++++++ s-backup.yml | 1 + 2 files changed, 42 insertions(+) create mode 100644 goss/s-backup.yaml diff --git a/goss/s-backup.yaml b/goss/s-backup.yaml new file mode 100644 index 0000000..7c71428 --- /dev/null +++ b/goss/s-backup.yaml @@ -0,0 +1,41 @@ +package: + bind9: + installed: true + cifs-utils: + installed: true + rsync: + installed: true + smbclient: + installed: true +service: + bind9: + enabled: true + running: true + rsync: + enabled: true + running: false +command: + ping -c4 ns.gsb.lan: + exit-status: 0 + stdout: + - 0% packet loss + stderr: [] + timeout: 10000 +#check si partage windows accesible + smbclient -L //s-win --user=uBackup%Azerty1+ | grep 'public': + exit-status: 0 + stdout: + - public + stderr: [] + timeout: 10000 +interface: + enp0s3: + exists: true + addrs: + - 192.168.99.4/24 + mtu: 1500 + enp0s8: + exists: true + addrs: + - 172.16.0.4/24 + mtu: 1500 diff --git a/s-backup.yml b/s-backup.yml index 983e4d3..b89ab9d 100644 --- a/s-backup.yml +++ b/s-backup.yml @@ -4,6 +4,7 @@ roles: - base + - goss # - proxy3 - snmp-agent # - ssh-cli From 0da9fc0d5ad75a696d0cdace0743f08da1a01c15 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 25 Jan 2023 15:25:07 +0100 Subject: [PATCH 3/9] mise a jour goss r-vp2 --- goss/r-vp2.yaml | 52 +++++++++++++++++++++++++++++++++++ goss/r-vp2goss.yaml | 67 --------------------------------------------- 2 files changed, 52 insertions(+), 67 deletions(-) create mode 100644 goss/r-vp2.yaml delete mode 100644 goss/r-vp2goss.yaml diff --git a/goss/r-vp2.yaml b/goss/r-vp2.yaml new file mode 100644 index 0000000..cb0669d --- /dev/null +++ b/goss/r-vp2.yaml @@ -0,0 +1,52 @@ +file: + /etc/wireguard/wg0.conf: + exists: true + mode: "0644" + owner: root + group: root + filetype: file + contains: [] +package: + wireguard: + installed: true + versions: + - 1.0.20210223-1 + wireguard-tools: + installed: true + versions: + - 1.0.20210223-1 +service: + isc-dhcp-server: + enabled: true + running: true + wg-quick@wg0: + enabled: true + running: true +command: + ping -c4 10.0.0.1: + exit-status: 0 + stdout: + - 0% packet loss + stderr: [] + timeout: 10000 +interface: + enp0s3: + exists: true + addrs: + - 192.168.99.102/24 + mtu: 1500 + enp0s8: + exists: true + addrs: + - 172.16.128.254/24 + mtu: 1500 + enp0s9: + exists: true + addrs: + - 192.168.0.52/24 + mtu: 1500 + wg0: + exists: true + addrs: + - 10.0.0.2/32 + mtu: 1420 diff --git a/goss/r-vp2goss.yaml b/goss/r-vp2goss.yaml deleted file mode 100644 index 0035b48..0000000 --- a/goss/r-vp2goss.yaml +++ /dev/null @@ -1,67 +0,0 @@ -package: - ferm: - installed: true - ipsec: - installed: true -port: - tcp:53: - listening: true - udp:67: - listening: true - udp:68: - listening: true -service: - dnsmasq: - enabled: true - running: true - ferm: - enabled: true - running: true - ssh: - enabled: true - running: true -command: - sysctl net.ipv4.ip_forward: - exit-status: 0 - stdout: - - net.ipv4.ip_forward = 1 - stderr: [] - timeout: 10000 - sysctl ping -c 4 192.168.0.51: - exit-status: 0 - stdout: - - 4 received = 1 - stderr: [] - timeout: 10000 - sysctl ping -c 4 192.168.1.1: - exit-status: 0 - stdout: - - 4 received = 1 - stderr: [] - timeout: 10000 - sysctl ping -c 4 192.168.200.254: - exit-status: 0 - stdout: - - 4 received = 1 - stderr: [] - timeout: 10000 - sysctl ping -c 4 172.16.0.1: - exit-status: 0 - stdout: - - 4 received = 1 - stderr: [] - timeout: 10000 -process: - dnsmasq: - running: true - squid3: - running: true -interface: - enp0s8: - exists: true - addrs: - - 172.16.128.254/24 - enp0s9: - exists: true - addrs: - - 192.168.0.52/24 \ No newline at end of file From 36336384e6dab19bf11c81138ac8f11fb3faa99c Mon Sep 17 00:00:00 2001 From: Elam Monnot Date: Wed, 25 Jan 2023 15:31:26 +0100 Subject: [PATCH 4/9] haproxy FINAL correc --- roles/lb-front/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/lb-front/tasks/main.yml b/roles/lb-front/tasks/main.yml index 34a3332..ce787ca 100644 --- a/roles/lb-front/tasks/main.yml +++ b/roles/lb-front/tasks/main.yml @@ -8,7 +8,7 @@ path: /etc/haproxy/haproxy.cfg block: | frontend proxypublic - bind 192.168.56.2:80 + bind 192.168.100.10:80 default_backend fermeweb backend fermeweb From 043a273589c55b8c55df2e155582ede596092c38 Mon Sep 17 00:00:00 2001 From: Elam Monnot Date: Wed, 25 Jan 2023 15:59:35 +0100 Subject: [PATCH 5/9] nouveau role lb-web --- roles/lb-web/tasks/main.yml | 28 +++++++++++----------------- 1 file changed, 11 insertions(+), 17 deletions(-) diff --git a/roles/lb-web/tasks/main.yml b/roles/lb-web/tasks/main.yml index d1c92d8..6765d6d 100644 --- a/roles/lb-web/tasks/main.yml +++ b/roles/lb-web/tasks/main.yml @@ -1,11 +1,16 @@ ---- - - name: creation repertoir - file: - path: /home/ - state: directory +--- + - name: installation php et apache ... + apt: + name: + - apache2 + - php + - php-mbstring + - php-mysql + - mariadb-client + state: present - name: download and extract wordpress unarchive: - src: "{{ depl_url }}/{{ depl_wordpress }}" + src: https://fr.wordpress.org/latest-fr_FR.tar.gz dest: /home/ remote_src: yes owner: www-data @@ -25,14 +30,3 @@ recurse: yes owner: 33 group: 33 - -# - name: Fix permissions -# shell: chown -R www-data /var/www/wordpress/* -# -# - name: Update default Apache site -# lineinfile: -# dest=/etc/apache2/sites-enabled/000-default.conf -# regexp="(.)+DocumentRoot /var/www/html" -# line="DocumentRoot /var/www/wordpress" -# notify: -# - restart apache2 From a3c2d859526def16d576a97d63f619247edc187b Mon Sep 17 00:00:00 2001 From: Elam Monnot Date: Wed, 25 Jan 2023 16:09:44 +0100 Subject: [PATCH 6/9] erreur dans lb-web --- roles/lb-web/tasks/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/lb-web/tasks/main.yml b/roles/lb-web/tasks/main.yml index 6765d6d..20a8677 100644 --- a/roles/lb-web/tasks/main.yml +++ b/roles/lb-web/tasks/main.yml @@ -8,6 +8,7 @@ - php-mysql - mariadb-client state: present + - name: download and extract wordpress unarchive: src: https://fr.wordpress.org/latest-fr_FR.tar.gz From 332c8a2167e6895c00095d14dc9615b8ba741caa Mon Sep 17 00:00:00 2001 From: root Date: Wed, 25 Jan 2023 16:25:40 +0100 Subject: [PATCH 7/9] mise a jour goss s-agence --- goss/s-agence.yaml | 28 ++++------------------------ 1 file changed, 4 insertions(+), 24 deletions(-) diff --git a/goss/s-agence.yaml b/goss/s-agence.yaml index 5ed9d25..5565f72 100644 --- a/goss/s-agence.yaml +++ b/goss/s-agence.yaml @@ -1,39 +1,19 @@ command: - ip r: + ip route |grep default: exit-status: 0 stdout: - default via 172.16.128.254 dev enp0s8 - - 172.16.128.0/24 - - 192.168.99.0/24 stderr: [] timeout: 10000 - ping -c 2 172.16.128.254: + ping -c4 172.16.0.1: exit-status: 0 stdout: - 0% packet loss stderr: [] timeout: 10000 - ping -c 2 192.168.1.2: + ping -c4 172.16.128.254: exit-status: 0 stdout: - - 0% packet loss - stderr: [] - timeout: 10000 - ping -c 2 192.168.1.1: - exit-status: 0 - stdout: - - 0% packet loss - stderr: [] - timeout: 10000 - ping -c 2 192.168.200.254: - exit-status: 0 - stdout: - - 0% packet loss - stderr: [] - timeout: 10000 - ping -c 2 172.16.0.1: - exit-status: 0 - stdout: - - 0% packet loss + - 0% packet loss stderr: [] timeout: 10000 From 61390952969fa26857d2212b73ad7f8e8752b529 Mon Sep 17 00:00:00 2001 From: Elam Monnot Date: Wed, 25 Jan 2023 16:33:56 +0100 Subject: [PATCH 8/9] MAJ role lb-web --- roles/lb-web/tasks/main.yml | 48 +++++++++++++++++-------------------- s-lb-web1.yml | 1 - 2 files changed, 22 insertions(+), 27 deletions(-) diff --git a/roles/lb-web/tasks/main.yml b/roles/lb-web/tasks/main.yml index 20a8677..e04d326 100644 --- a/roles/lb-web/tasks/main.yml +++ b/roles/lb-web/tasks/main.yml @@ -1,33 +1,29 @@ --- - - name: installation php et apache ... - apt: - name: - - apache2 - - php - - php-mbstring - - php-mysql - - mariadb-client - state: present +- name: installation php et apache ... + apt: + name: + - apache2 + - php + - php-mbstring + - php-mysql + - mariadb-client + state: present - - name: download and extract wordpress - unarchive: - src: https://fr.wordpress.org/latest-fr_FR.tar.gz +- name: download and extract wordpress + unarchive: + src: https://fr.wordpress.org/latest-fr_FR.tar.gz dest: /home/ remote_src: yes - owner: www-data - group: www-data - - name: Copy sample config file - command: mv /home/wordpress/wp-config-sample.php /home/wordpress/wp-config.php creates=/home/wordpress/wp-config.php +- name: Copy sample config file + command: mv /home/wordpress/wp-config-sample.php /home/wordpress/wp-config.php creates=/home/wordpress/wp-config.php - - name: Changement du fichier de conf - copy: - src: wp-config.php - dest: /home/wordpress/wp-config.php +- name: Changement du fichier de conf + copy: + src: wp-config.php + dest: /home/wordpress/wp-config.php - - name: Attributions des permissions - file: - path: /home/wordpress - recurse: yes - owner: 33 - group: 33 +- name: Attributions des permissions + file: + path: /home/wordpress + recurse: yes diff --git a/s-lb-web1.yml b/s-lb-web1.yml index 67f50d3..7a7d540 100644 --- a/s-lb-web1.yml +++ b/s-lb-web1.yml @@ -8,4 +8,3 @@ - snmp-agent - lb-nfs-client - post - From 385563b4f251060404d0c932a0d1a07efae1c8f1 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 25 Jan 2023 16:54:29 +0100 Subject: [PATCH 9/9] =?UTF-8?q?Mise=20=C3=A0=20jour=20du=20playbook=20pour?= =?UTF-8?q?=20l'installation=20de=20GLPI?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pre/inst-depl | 19 +++++++++++++------ roles/{itil => glpi}/README.md | 0 roles/glpi/defaults/main.yml | 6 ++++++ roles/{itil => glpi}/files/.my.cnf | 0 roles/{itil => glpi}/files/dbdump | 0 roles/{itil => glpi}/files/glpi.conf | 0 roles/{itil => glpi}/handlers/main.yml | 0 roles/{itil => glpi}/tasks/main.yml | 24 ++++++++++++------------ roles/{itil => glpi}/templates/block.j2 | 0 roles/itil/defaults/main.yml | 6 ------ s-itil.yml | 19 ++++++++----------- 11 files changed, 39 insertions(+), 35 deletions(-) rename roles/{itil => glpi}/README.md (100%) create mode 100644 roles/glpi/defaults/main.yml rename roles/{itil => glpi}/files/.my.cnf (100%) rename roles/{itil => glpi}/files/dbdump (100%) rename roles/{itil => glpi}/files/glpi.conf (100%) rename roles/{itil => glpi}/handlers/main.yml (100%) rename roles/{itil => glpi}/tasks/main.yml (86%) rename roles/{itil => glpi}/templates/block.j2 (100%) delete mode 100644 roles/itil/defaults/main.yml diff --git a/pre/inst-depl b/pre/inst-depl index 7421be7..922eedb 100644 --- a/pre/inst-depl +++ b/pre/inst-depl @@ -9,16 +9,23 @@ apt update && apt upgrade apt install -y apache2 git STOREREP="/var/www/html/gsbstore" -GLPIREL=10.0.5 +GLPIREL=10.0.6 str="wget -nc https://github.com/glpi-project/glpi/releases/download/${GLPIREL}/glpi-${GLPIREL}.tgz" -FIREL=10.0.3+1.0 -str2="https://github.com/fusioninventory/fusioninventory-for-glpi/releases/download/glpi${FIREL}/fusioninventory-${FIREL}.tar.bz2" -FIAGREL=2.6 -str31="wget -nc https://github.com/fusioninventory/fusioninventory-agent/releases/download/${FIAGREL}/fusioninventory-agent_windows-x64_${FIAGREL}.exe" +#Fusion Inventory + +#FIREL=10.0.3+1.0 +#str2="https://github.com/fusioninventory/fusioninventory-for-glpi/releases/download/glpi${FIREL}/fusioninventory-${FIREL}.tar.bz2" + + +#GLPI Agent + +GLPIAGVER=1.4 +str31="wget -nc https://github.com/glpi-project/glpi-agent/releases/download/${GLPIAGVER}/GLPI-Agent-${GLPIAGVER}-x64.msi" + +str32="wget -nc https://github.com/glpi-project/glpi-agent/releases/download/${GLPIAGVER}/GLPI-Agent-${GLPIAGVER}-x86.msi" -str32="wget -nc https://github.com/fusioninventory/fusioninventory-agent/releases/download/${FIAGREL}/fusioninventory-agent_windows-x86_${FIAGREL}.exe" FOGREL=1.5.9 str4="wget -nc https://github.com/FOGProject/fogproject/archive/${FOGREL}.tar.gz -O fogproject-${FOGREL}.tar.gz" diff --git a/roles/itil/README.md b/roles/glpi/README.md similarity index 100% rename from roles/itil/README.md rename to roles/glpi/README.md diff --git a/roles/glpi/defaults/main.yml b/roles/glpi/defaults/main.yml new file mode 100644 index 0000000..43b3138 --- /dev/null +++ b/roles/glpi/defaults/main.yml @@ -0,0 +1,6 @@ +depl_url: "http://s-adm.gsb.adm/gsbstore" +#depl_glpi: "glpi-9.5.6.tgz" +depl_glpi: "glpi-10.0.6.tgz" +#depl_fusioninventory: "fusioninventory-9.5+3.0.tar.bz2" +depl_glpi_agentx64: "GLPI-Agent-1.4-x64.msi" +depl_glpi_agentx86: "GLPI-Agent-1.4-x86.msi" diff --git a/roles/itil/files/.my.cnf b/roles/glpi/files/.my.cnf similarity index 100% rename from roles/itil/files/.my.cnf rename to roles/glpi/files/.my.cnf diff --git a/roles/itil/files/dbdump b/roles/glpi/files/dbdump similarity index 100% rename from roles/itil/files/dbdump rename to roles/glpi/files/dbdump diff --git a/roles/itil/files/glpi.conf b/roles/glpi/files/glpi.conf similarity index 100% rename from roles/itil/files/glpi.conf rename to roles/glpi/files/glpi.conf diff --git a/roles/itil/handlers/main.yml b/roles/glpi/handlers/main.yml similarity index 100% rename from roles/itil/handlers/main.yml rename to roles/glpi/handlers/main.yml diff --git a/roles/itil/tasks/main.yml b/roles/glpi/tasks/main.yml similarity index 86% rename from roles/itil/tasks/main.yml rename to roles/glpi/tasks/main.yml index fe619d5..1e8d3c4 100644 --- a/roles/itil/tasks/main.yml +++ b/roles/glpi/tasks/main.yml @@ -105,12 +105,12 @@ # - name: copy .my.cnf file with root password credentials # copy: src=.my.cnf dest=/root/tools/ansible/.my.cnf owner=root mode=0600 - - name: Installation de Fusioninventory pour Linux - unarchive: - src: "{{ depl_url }}/{{ depl_fusioninventory }}" - #src: http://depl/gsbstore/fusioninventory-{{ fd_version }}.tar.bz2 - dest: /var/www/html/glpi/plugins - remote_src: yes +# - name: Installation de Fusioninventory pour Linux +# unarchive: +# src: "{{ depl_url }}/{{ depl_fusioninventory }}" +#src: http://depl/gsbstore/fusioninventory-{{ fd_version }}.tar.bz2 +# dest: /var/www/html/glpi/plugins +# remote_src: yes - name: Creation de ficlient file: @@ -127,15 +127,15 @@ group: www-data mode: 0775 - - name: Installation de FusionInventory windows x64 + - name: Installation de GLPI Agent windows x64 get_url: - url: "{{ depl_url }}/{{ depl_fusioninventory_agentx64 }}" + url: "{{ depl_url }}/{{ depl_glpi_agentx64 }}" dest: "/var/www/html/ficlients" - - name: Installation de FusionInventory windows x86 - get_url: - url: "{{ depl_url }}/{{ depl_fusioninventory_agentx86 }}" - dest: "/var/www/html/ficlients" +# - name: Installation de GLPI Agent windows x86 +# get_url: +# url: "{{ depl_url }}/{{ depl_glpi_agentx86 }}" +# dest: "/var/www/html/ficlients" - name: Attribution des permissions sur repertoire /plugins/fusioninventory file: diff --git a/roles/itil/templates/block.j2 b/roles/glpi/templates/block.j2 similarity index 100% rename from roles/itil/templates/block.j2 rename to roles/glpi/templates/block.j2 diff --git a/roles/itil/defaults/main.yml b/roles/itil/defaults/main.yml deleted file mode 100644 index 39b876e..0000000 --- a/roles/itil/defaults/main.yml +++ /dev/null @@ -1,6 +0,0 @@ -depl_url: "http://s-adm.gsb.adm/gsbstore" -#depl_glpi: "glpi-9.5.6.tgz" -depl_glpi: "glpi-10.0.5.tgz" -depl_fusioninventory: "fusioninventory-9.5+3.0.tar.bz2" -depl_fusioninventory_agentx64: "fusioninventory-agent_windows-x64_2.6.exe" -depl_fusioninventory_agentx86: "fusioninventory-agent_windows-x86_2.6.exe" diff --git a/s-itil.yml b/s-itil.yml index 5bab648..238fb64 100644 --- a/s-itil.yml +++ b/s-itil.yml @@ -2,23 +2,20 @@ - hosts: localhost connection: local - vars: + #vars: - glpi_version: "9.4.5" - fd_version: "9.4+1.1" - fd_version64: "x64_2.5.2" - fd_version86: "x86_2.5.2" - glpi_dir: "/var/www/html/glpi" - glpi_dbhost: "127.0.0.1" - glpi_dbname: "glpi" - glpi_dbuser: "glpi" - glpi_dbpasswd: "glpi" + #glpi_version: "9.4.5" + #glpi_dir: "/var/www/html/glpi" + #glpi_dbhost: "127.0.0.1" + #glpi_dbname: "glpi" + #glpi_dbuser: "glpi" + #glpi_dbpasswd: "glpi" roles: - base - goss - snmp-agent - - itil + - glpi - ssh-cli - syslog-cli - post