modif et ajout

goss/goss.yaml

@@ -0,0 +1,61 @@
+package:
+  apache2:
+    installed: true
+    versions:
+    - 2.4.52-1~deb11u2
+  wireguard:
+    installed: true
+    versions:
+    - 1.0.20210223-1
+port:
+  tcp6:80:
+    listening: true
+    ip: []
+  tcp:3306:
+    listening: true
+    ip:
+    - 127.0.0.1
+service:
+  apache2:
+    enabled: true
+    running: true
+  mysql:
+    enabled: true
+    running: true
+  ssh:
+    enabled: true
+    running: true
+user:
+  mysql:
+    exists: true
+    uid: 106
+    gid: 113
+    groups:
+    - mysql
+    home: /nonexistent
+    shell: /bin/false
+group:
+  mysql:
+    exists: true
+    gid: 113
+  ssh:
+    exists: true
+    gid: 111
+process:
+  apache2:
+    running: true
+http:
+  http://onfarbo42/adminer.php:
+    status: 200
+    allow-insecure: false
+    no-follow-redirects: false
+    timeout: 5000
+    body:
+    - Adminer
+  http://onfarbo42/doku/doku.php:
+    status: 200
+    allow-insecure: false
+    no-follow-redirects: false
+    timeout: 5000
+    body:
+    - MISSION

wireguard/android.sh

@@ -0,0 +1,79 @@
+#!/bin/bash
+set -u
+set -e
+ 
+AddressAwg=10.0.0.1/32  # Adresse VPN Wireguard extremite A
+EndpointA=10.121.38.68  # Adresse extremite A
+PortA=51820             # Port ecoute extremite A
+AddressBwg=10.0.0.2/32  # Adresse VPN Wireguard extremite B
+EndpointB=192.168.1.82  # Adresse extremite B
+PortB=51820             # Port ecoute extremite B
+AddressCwg=10.0.0.3/32
+EndpointC=x.y.z.t
+PortC=51820
+
+umask 077 ;  
+wg genkey > endpoint-a.key
+wg pubkey < endpoint-a.key > endpoint-a.pub 
+
+wg genkey > endpoint-b.key
+wg pubkey < endpoint-b.key > endpoint-b.pub
+ 
+wg genkey > endpoint-c.key
+wg pubkey < endpoint-c.key > endpoint-c.pub
+
+PKA=$(cat endpoint-a.key)
+pKA=$(cat endpoint-a.pub)
+PKB=$(cat endpoint-b.key)
+pKB=$(cat endpoint-b.pub)
+PKC=$(cat endpoint-c.key)
+pKC=$(cat endpoint-c.pub)
+
+cat <<FINI > wg0-a.conf
+# local settings for Endpoint A
+[Interface]
+PrivateKey = $PKA
+Address = $AddressAwg
+ListenPort = $PortA
+ 
+# remote settings for Endpoint B
+[Peer]
+PublicKey = $pKB
+#Endpoint = ${EndpointB}:$PortB
+AllowedIPs = $AddressBwg
+
+# remote settings for Endpoint C
+[Peer]
+PublicKey = $pKC
+#EndPoint = ${EndpointC}:$PortC
+AllowedIPs = $AddressCwg
+FINI
+ 
+ 
+cat <<FINI > wg0-b.conf
+# local settings for Endpoint B
+[Interface]
+PrivateKey = $PKB
+Address = $AddressBwg
+ListenPort = $PortB
+ 
+# remote settings for Endpoint A
+[Peer]
+PublicKey = $pKA
+Endpoint = ${EndpointA}:$PortA
+AllowedIPs = $AddressAwg
+FINI
+
+cat <<FINI > wg0-c.conf
+# local settings for Endpoint C
+[Interface]
+PrivateKey = $PKC
+Address = $AddressCwg
+ListenPort = $PortC
+ 
+# remote settings for Endpoint A
+[Peer]
+PublicKey = $pKA
+Endpoint = ${EndpointA}:$PortA
+AllowedIPs = $AddressAwg
+FINI

wireguard/wg0-b.conf

@@ -1,11 +1,15 @@
 # local settings for Endpoint B
 [Interface]
-PrivateKey = 0Nb+sT20LbiRTMk4Ll5FsASVSFTgdA+JyMpd8shxJFA=
+PrivateKey = oMcR7DZkrkUumSdvGgC3F/uuLVYICP8kTF/6BdNsFGU=
 Address = 10.0.0.2/32
 ListenPort = 51820
  
+# IP forwarding
+PreUp = sysctl -w net.ipv4.ip_forward=1
+ 
 # remote settings for Endpoint A
 [Peer]
-PublicKey = uKQUgVq/uud3tIV2Qibth/8YHzDL2Z0SmcsnC+LkAms=
-Endpoint = 10.121.38.68:51820
-AllowedIPs = 10.0.0.1/32
+PublicKey = ihizRzwgz/HEF8QHNPRYa7LYB/HTtnwWZlHltI0ZdDc=
+Endpoint = 192.168.0.51:51820
+AllowedIPs = 10.0.0.1/32, 192.168.1.0/24
+