From a56518aa77167b37bbebd7a9c86eaf42d5ec1a60 Mon Sep 17 00:00:00 2001 From: Your Name Date: Fri, 5 Dec 2025 08:14:54 +0000 Subject: [PATCH] debian@ap-33ans --- ansible/apdb.yml | 0 ansible/apdbdump.yml | 0 ansible/compose.yml | 21 ++++++++++++++++++ ansible/hosts.ini | 2 ++ ansible/payara.yml | 32 +++++++++++++++++++++++++++ vpn/endpoint-a.key | 0 vpn/mkwgconf.sh | 52 ++++++++++++++++++++++++++++++++++++++++++++ vpn/wp.yml | 22 +++++++++++++++++++ 8 files changed, 129 insertions(+) create mode 100644 ansible/apdb.yml create mode 100644 ansible/apdbdump.yml create mode 100644 ansible/compose.yml create mode 100644 ansible/hosts.ini create mode 100644 ansible/payara.yml create mode 100644 vpn/endpoint-a.key create mode 100644 vpn/mkwgconf.sh create mode 100644 vpn/wp.yml diff --git a/ansible/apdb.yml b/ansible/apdb.yml new file mode 100644 index 0000000..e69de29 diff --git a/ansible/apdbdump.yml b/ansible/apdbdump.yml new file mode 100644 index 0000000..e69de29 diff --git a/ansible/compose.yml b/ansible/compose.yml new file mode 100644 index 0000000..4d60404 --- /dev/null +++ b/ansible/compose.yml @@ -0,0 +1,21 @@ +services: + payara: + image: payara/server-full:6.2025.9-jdk17 + container_name: payara + ports: + - "8080:8080" + - "4848:4848" + - "8181:8181" + env_file: + - "variables.env" + + db: + image: mariadb + container_name: db + ports: + - "3336:3306" + env_file: + - "variables.env" + volumes: + - ./data/db_data:/var/lib/mysql + - ./init:/docker-entrypoint-initdb.d diff --git a/ansible/hosts.ini b/ansible/hosts.ini new file mode 100644 index 0000000..2f432c0 --- /dev/null +++ b/ansible/hosts.ini @@ -0,0 +1,2 @@ +[ap33-pt] +ap33-pt ansible_host=172.16.0.125 diff --git a/ansible/payara.yml b/ansible/payara.yml new file mode 100644 index 0000000..cadd4ea --- /dev/null +++ b/ansible/payara.yml @@ -0,0 +1,32 @@ +--- +- name: + hosts: ap33-pt + become: yes + + tasks: + - name: download docker + ansible.builtin.get_url: + url: http://depl.sio.lan/store/get-docker.sh + dest: /tmp + + - name: execution script get docker + ansible.builtin.shell: + cmd: export https_proxy=http://10.121.38.1:8080 ; bash /tmp/get-docker.sh + + - name: creation dossier payara + ansible.builtin.file: + path: /home/debian/payara + state: directory + mode: '0755' + become: no + + - name: importation + ansible.builtin.copy: + src: ./compose.yml + dest: ~/paraya/compose.yml + mode: '0755' + become: no + + - name: docker pull + ansible.builtin.script: + cmd: cd ~/payara ; docker compose pull diff --git a/vpn/endpoint-a.key b/vpn/endpoint-a.key new file mode 100644 index 0000000..e69de29 diff --git a/vpn/mkwgconf.sh b/vpn/mkwgconf.sh new file mode 100644 index 0000000..cab796d --- /dev/null +++ b/vpn/mkwgconf.sh @@ -0,0 +1,52 @@ +#!/bin/bash +set -u +set -e + +AddressAwg=10.0.0.1/32 # Adresse VPN Wireguard extremite A +EndpointA=172.16.0.121 # Adresse extremite A +PortA=51820 # Port ecoute extremite A +AddressBwg=10.0.0.2/32 # Adresse VPN Wireguard extremite B +EndpointB=172.16.0.120 # Adresse extremite B +PortB=51820 # Port ecoute extremite B + +umask 077 ; +wg genkey > endpoint-a.key +wg pubkey < endpoint-a.key > endpoint-a.pub + +wg genkey > endpoint-b.key +wg pubkey < endpoint-b.key > endpoint-b.pub + +PKA=$(cat endpoint-a.key) +pKA=$(cat endpoint-a.pub) +PKB=$(cat endpoint-b.key) +pKB=$(cat endpoint-b.pub) + +cat < wg0-a.conf +# local settings for Endpoint A +[Interface] +PrivateKey = $PKA +Address = $AddressAwg +ListenPort = $PortA + +# remote settings for Endpoint B +[Peer] +PublicKey = $pKB +Endpoint = ${EndpointB}:$PortB +AllowedIPs = $AddressBwg +FINI + + +cat < wg0-b.conf +# local settings for Endpoint B +[Interface] +PrivateKey = $PKB +Address = $AddressBwg +ListenPort = $PortB + +# remote settings for Endpoint A +[Peer] +PublicKey = $pKA +Endpoint = ${EndpointA}:$PortA +AllowedIPs = $AddressAwg +FINI + diff --git a/vpn/wp.yml b/vpn/wp.yml new file mode 100644 index 0000000..bcabec4 --- /dev/null +++ b/vpn/wp.yml @@ -0,0 +1,22 @@ +--- +- name: + hosts: ap33-test + become: yes + + tasks: + + - name: Installer Wireguard et Wireguardtools + apt: + - wireguard + - wireguard-tools + state: present + update_cache: yes + + - name: Copie fichier mkwgconfsh + ansible.builtin.copy: + src: mkwgconf.sh + dest: /tmp/ + + - name: Lancement du script + ansible.builtin.shell: + cmd: bash /tmp/mkwgconf.sh