nouveau fichier : dhcp/.playbook.yml.swp

nouveau fichier : dhcp/dhcpd.conf
	nouveau fichier : dhcp/dnsmasq.conf
	nouveau fichier : dhcp/hosts
	nouveau fichier : dhcp/isc-dhcp-server
	nouveau fichier : dhcp/playbook.yml
	nouveau fichier : dns/bind/bind.keys
	nouveau fichier : dns/bind/db.0
	nouveau fichier : dns/bind/db.127
	nouveau fichier : dns/bind/db.255
	nouveau fichier : dns/bind/db.domaine.lan
	nouveau fichier : dns/bind/db.domaine.lan.rev
	nouveau fichier : dns/bind/db.empty
	nouveau fichier : dns/bind/db.local
	nouveau fichier : dns/bind/named.conf
	nouveau fichier : dns/bind/named.conf.default-zones
	nouveau fichier : dns/bind/named.conf.local
	nouveau fichier : dns/bind/named.conf.options
	nouveau fichier : dns/bind/rndc.key
	nouveau fichier : dns/bind/zones.rfc1918
	nouveau fichier : dns/playbook.yml

dns/bind/bind.keys

@@ -0,0 +1,38 @@
+# The bind.keys file is used to override the built-in DNSSEC trust anchors
+# which are included as part of BIND 9.  The only trust anchors it contains
+# are for the DNS root zone (".").  Trust anchors for any other zones MUST
+# be configured elsewhere; if they are configured here, they will not be
+# recognized or used by named.
+#
+# To use the built-in root key, set "dnssec-validation auto;" in the
+# named.conf options, or else leave "dnssec-validation" unset.  If
+# "dnssec-validation" is set to "yes", then the keys in this file are
+# ignored; keys will need to be explicitly configured in named.conf for
+# validation to work.  "auto" is the default setting, unless named is
+# built with "configure --disable-auto-validation", in which case the
+# default is "yes".
+#
+# This file is NOT expected to be user-configured.
+#
+# Servers being set up for the first time can use the contents of this file
+# as initializing keys; thereafter, the keys in the managed key database
+# will be trusted and maintained automatically.
+#
+# These keys are current as of Mar 2019.  If any key fails to initialize
+# correctly, it may have expired.  In that event you should replace this
+# file with a current version.  The latest version of bind.keys can always
+# be obtained from ISC at https://www.isc.org/bind-keys.
+#
+# See https://data.iana.org/root-anchors/root-anchors.xml for current trust
+# anchor information for the root zone.
+
+trust-anchors {
+        # This key (20326) was published in the root zone in 2017.
+        . initial-key 257 3 8 "AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3
+                +/4RgWOq7HrxRixHlFlExOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kv
+                ArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF
+                0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+e
+                oZG+SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfd
+                RUfhHdY6+cn8HFRm+2hM8AnXGXws9555KrUB5qihylGa8subX2Nn6UwN
+                R1AkUTV74bU=";
+};

dns/bind/db.0

@@ -0,0 +1,12 @@
+;
+; BIND reverse data file for broadcast zone
+;
+$TTL	604800
+@	IN	SOA	localhost. root.localhost. (
+			      1		; Serial
+			 604800		; Refresh
+			  86400		; Retry
+			2419200		; Expire
+			 604800 )	; Negative Cache TTL
+;
+@	IN	NS	localhost.

dns/bind/db.127

@@ -0,0 +1,13 @@
+;
+; BIND reverse data file for local loopback interface
+;
+$TTL	604800
+@	IN	SOA	localhost. root.localhost. (
+			      1		; Serial
+			 604800		; Refresh
+			  86400		; Retry
+			2419200		; Expire
+			 604800 )	; Negative Cache TTL
+;
+@	IN	NS	localhost.
+1.0.0	IN	PTR	localhost.

dns/bind/db.255

@@ -0,0 +1,12 @@
+;
+; BIND reverse data file for broadcast zone
+;
+$TTL	604800
+@	IN	SOA	localhost. root.localhost. (
+			      1		; Serial
+			 604800		; Refresh
+			  86400		; Retry
+			2419200		; Expire
+			 604800 )	; Negative Cache TTL
+;
+@	IN	NS	localhost.

dns/bind/db.domaine.lan

@@ -0,0 +1,16 @@
+$ORIGIN .
+$TTL 38400      ; 10 hours 40 minutes
+domaine.lan         IN SOA  ns.domaine.lan. root.ns.domaine.lan. (
+                                2016092901 ; serial
+                                10800      ; refresh (3 hours)
+                                3600       ; retry (1 hour)
+                                604800     ; expire (1 week)
+                                38400      ; minimum (10 hours 40 minutes)
+                                )
+                        NS      ns.domaine.lan.
+                        
+ns.domaine.lan.     A 192.168.1.44
+
+$ORIGIN domaine.lan.
+test		    A 192.168.1.155
+ns	            A 192.168.1.44

dns/bind/db.domaine.lan.rev

@@ -0,0 +1,13 @@
+$TTL 38400	; 10 hours 40 minutes 
+@	IN SOA	ns.domaine.lan. root.ns.domaine.lan. (
+		2016091501 ; serial
+		10800      ; refresh (3 hours)
+		3600       ; retry (1 hour)
+		604800     ; expire (1 week)
+		38400      ; minimum (10 hours 40 minutes)
+	)
+;
+	IN	NS	ns.domaine.lan.
+
+44	IN	PTR	ns.domaine.lan.
+155	IN	PTR	test.domaine.lan.

dns/bind/db.empty

@@ -0,0 +1,14 @@
+; BIND reverse data file for empty rfc1918 zone
+;
+; DO NOT EDIT THIS FILE - it is used for multiple zones.
+; Instead, copy it, edit named.conf, and use that copy.
+;
+$TTL	86400
+@	IN	SOA	localhost. root.localhost. (
+			      1		; Serial
+			 604800		; Refresh
+			  86400		; Retry
+			2419200		; Expire
+			  86400 )	; Negative Cache TTL
+;
+@	IN	NS	localhost.

dns/bind/db.local

@@ -0,0 +1,14 @@
+;
+; BIND data file for local loopback interface
+;
+$TTL	604800
+@	IN	SOA	localhost. root.localhost. (
+			      2		; Serial
+			 604800		; Refresh
+			  86400		; Retry
+			2419200		; Expire
+			 604800 )	; Negative Cache TTL
+;
+@	IN	NS	localhost.
+@	IN	A	127.0.0.1
+@	IN	AAAA	::1

dns/bind/named.conf

@@ -0,0 +1,11 @@
+// This is the primary configuration file for the BIND DNS server named.
+//
+// Please read /usr/share/doc/bind9/README.Debian.gz for information on the 
+// structure of BIND configuration files in Debian, *BEFORE* you customize 
+// this configuration file.
+//
+// If you are just adding zones, please do that in /etc/bind/named.conf.local
+
+include "/etc/bind/named.conf.options";
+include "/etc/bind/named.conf.local";
+include "/etc/bind/named.conf.default-zones";

dns/bind/named.conf.default-zones

@@ -0,0 +1,30 @@
+// prime the server with knowledge of the root servers
+zone "." {
+	type hint;
+	file "/usr/share/dns/root.hints";
+};
+
+// be authoritative for the localhost forward and reverse zones, and for
+// broadcast zones as per RFC 1912
+
+zone "localhost" {
+	type master;
+	file "/etc/bind/db.local";
+};
+
+zone "127.in-addr.arpa" {
+	type master;
+	file "/etc/bind/db.127";
+};
+
+zone "0.in-addr.arpa" {
+	type master;
+	file "/etc/bind/db.0";
+};
+
+zone "255.in-addr.arpa" {
+	type master;
+	file "/etc/bind/db.255";
+};
+
+

dns/bind/named.conf.local

@@ -0,0 +1,20 @@
+//
+// Do any local configuration here
+//
+
+// Consider adding the 1918 zones here, if they are not used in your
+// organization
+//include "/etc/bind/zones.rfc1918";
+
+	// zone directe
+        zone "domaine.lan" {
+             type master;
+             file "/etc/bind/db.domaine.lan";
+        };
+
+	// zone inverse 
+	zone "1.168.192.in-addr.arpa" {
+	     type master;
+	     notify no;
+             file "/etc/bind/db.domaine.lan.rev";
+	};

dns/bind/named.conf.options

@@ -0,0 +1,24 @@
+options {
+	directory "/var/cache/bind";
+
+	// If there is a firewall between you and nameservers you want
+	// to talk to, you may need to fix the firewall to allow multiple
+	// ports to talk.  See http://www.kb.cert.org/vuls/id/800113
+
+	// If your ISP provided one or more IP addresses for stable 
+	// nameservers, you probably want to use them as forwarders.  
+	// Uncomment the following block, and insert the addresses replacing 
+	// the all-0's placeholder.
+
+#	// forwarders {
+#	// 	0.0.0.0;
+#	// };
+
+	//========================================================================
+	// If BIND logs error messages about the root key being expired,
+	// you will need to update your keys.  See https://www.isc.org/bind-keys
+	//========================================================================
+	dnssec-validation no;
+
+	listen-on-v6 { none; };
+};

dns/bind/rndc.key

@@ -0,0 +1,4 @@
+key "rndc-key" {
+	algorithm hmac-sha256;
+	secret "INr9GMVZ0CHFRpKfn3fDl8GeNt6KvUBdxwsbkSIdWZg=";
+};

dns/bind/zones.rfc1918

@@ -0,0 +1,21 @@
+zone "10.in-addr.arpa"      { type master; file "/etc/bind/db.empty"; };
+ 
+zone "16.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "17.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "18.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "19.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "20.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "21.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "22.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "23.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "24.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "25.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "26.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "27.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "28.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "29.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "30.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+zone "31.172.in-addr.arpa"  { type master; file "/etc/bind/db.empty"; };
+
+zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+