Changement d'IPs suite à l'arrivée de la FTTH
This commit is contained in:
parent
0d1e2ac60b
commit
818e71eb28
|
@ -19,9 +19,9 @@ Mail Transfer Agent : `postfix`
|
||||||
### Caractéristiques notables
|
### Caractéristiques notables
|
||||||
|
|
||||||
Domaine : dns.libre-en-communs.org
|
Domaine : dns.libre-en-communs.org
|
||||||
Adresse ipv4 publique : 80.67.179.96
|
Adresse ipv4 publique : 80.67.176.33
|
||||||
Adresse ipv4 interne : 192.169.1.186
|
Adresse ipv4 interne : 192.168.1.186
|
||||||
Adresse ipv6 publique : 2001:910:1360::186
|
Adresse ipv6 publique : 2001:910:1021::186
|
||||||
|
|
||||||
## Serveur web (installation basique)
|
## Serveur web (installation basique)
|
||||||
Installation d'un service nginx pour :
|
Installation d'un service nginx pour :
|
||||||
|
|
|
@ -19,6 +19,6 @@ Mail Transfer Agent : `postfix`
|
||||||
### Caractéristiques notables
|
### Caractéristiques notables
|
||||||
|
|
||||||
Domaine : dns.libre-en-communs.org
|
Domaine : dns.libre-en-communs.org
|
||||||
Adresse ipv4 publique : 80.67.179.96
|
Adresse ipv4 publique : 80.67.176.33
|
||||||
Adresse ipv4 interne : 192.169.1.242
|
Adresse ipv4 interne : 192.168.1.242
|
||||||
Adresse ipv6 publique : 2001:910:1360::11c
|
Adresse ipv6 publique : 2001:910:1021::242
|
||||||
|
|
|
@ -20,9 +20,9 @@ Mail Transfer Agent : `postfix`
|
||||||
### Caractéristiques notables
|
### Caractéristiques notables
|
||||||
|
|
||||||
Domaine : dns.libre-en-communs.org
|
Domaine : dns.libre-en-communs.org
|
||||||
Adresse ipv4 publique : 80.67.179.96
|
Adresse ipv4 publique : 80.67.176.33
|
||||||
Adresse ipv4 interne : 192.169.1.195
|
Adresse ipv4 interne : 192.168.1.195
|
||||||
Adresse ipv6 publique : 2001:910:1360::4
|
Adresse ipv6 publique : 2001:910:1021::4
|
||||||
|
|
||||||
### Configuration réseau
|
### Configuration réseau
|
||||||
|
|
||||||
|
@ -33,8 +33,8 @@ Adresse ipv6 publique : 2001:910:1360::4
|
||||||
allow-hotplug enp1s0
|
allow-hotplug enp1s0
|
||||||
iface enp1s0 inet dhcp
|
iface enp1s0 inet dhcp
|
||||||
iface enp1s0 inet6 static
|
iface enp1s0 inet6 static
|
||||||
address 2001:910:1360::4/128
|
address 2001:910:1021::4/128
|
||||||
gateway 2001:910:1360::
|
gateway 2001:910:1021::
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
### Configuration SSH
|
### Configuration SSH
|
||||||
|
@ -76,7 +76,7 @@ Adresse ipv6 publique : 2001:910:1360::4
|
||||||
|
|
||||||
#### /etc/hosts.allow
|
#### /etc/hosts.allow
|
||||||
|
|
||||||
sshd: 192.169.1.0/24, [2001:910:1360::]/48
|
sshd: 192.168.1.0/24, [2001:910:1021::]/48
|
||||||
|
|
||||||
#### /etc/hosts/deny
|
#### /etc/hosts/deny
|
||||||
|
|
||||||
|
|
|
@ -19,9 +19,9 @@ Mail Transfer Agent : `postfix`
|
||||||
### Caractéristiques notables
|
### Caractéristiques notables
|
||||||
|
|
||||||
Domaine : gestion.a-lec.org
|
Domaine : gestion.a-lec.org
|
||||||
Adresse ipv4 publique : 80.67.179.96
|
Adresse ipv4 publique : 80.67.176.33
|
||||||
Adresse ipv4 interne : 192.169.1.236
|
Adresse ipv4 interne : 192.168.1.236
|
||||||
Adresse ipv6 publique : 2001:910:1360::1ab
|
Adresse ipv6 publique : 2001:910:1021::236
|
||||||
|
|
||||||
### Configuration serveur web (nginx)
|
### Configuration serveur web (nginx)
|
||||||
<details>
|
<details>
|
||||||
|
|
|
@ -19,9 +19,9 @@ Mail Transfer Agent : `postfix`
|
||||||
### Caractéristiques notables
|
### Caractéristiques notables
|
||||||
|
|
||||||
Domaine : git.a-lec.org
|
Domaine : git.a-lec.org
|
||||||
Adresse ipv4 publique : 80.67.179.96
|
Adresse ipv4 publique : 80.67.176.33
|
||||||
Adresse ipv4 interne : 192.169.1.131
|
Adresse ipv4 interne : 192.168.1.131
|
||||||
Adresse ipv6 publique : 2001:910:1360::42
|
Adresse ipv6 publique : 2001:910:1021::131
|
||||||
|
|
||||||
### Configuration serveur web (nginx)
|
### Configuration serveur web (nginx)
|
||||||
<details>
|
<details>
|
||||||
|
|
|
@ -21,9 +21,9 @@ Serveur http : `nginx`
|
||||||
### Caractéristiques notables
|
### Caractéristiques notables
|
||||||
|
|
||||||
Domaine : mail.a-lec.org
|
Domaine : mail.a-lec.org
|
||||||
Adresse ipv4 publique : 80.67.179.96
|
Adresse ipv4 publique : 80.67.176.33
|
||||||
Adresse ipv4 interne : 192.169.1.201
|
Adresse ipv4 interne : 192.168.1.201
|
||||||
Adresse ipv6 publique : 2001:910:1360::148
|
Adresse ipv6 publique : 2001:910:1021::201
|
||||||
|
|
||||||
### Configuration MTA
|
### Configuration MTA
|
||||||
|
|
||||||
|
|
|
@ -20,9 +20,9 @@ Serveur Web: NGINX
|
||||||
### Caractéristiques notables
|
### Caractéristiques notables
|
||||||
|
|
||||||
Domaine : toot.a-lec.org
|
Domaine : toot.a-lec.org
|
||||||
Adresse ipv4 publique : 80.67.179.96
|
Adresse ipv4 publique : 80.67.176.33
|
||||||
Adresse ipv4 interne : 192.169.1.173
|
Adresse ipv4 interne : 192.168.1.173
|
||||||
Adresse ipv6 publique : 2001:910:1360::16a
|
Adresse ipv6 publique : 2001:910:1021::173
|
||||||
|
|
||||||
### Comptes
|
### Comptes
|
||||||
|
|
||||||
|
|
|
@ -20,6 +20,6 @@ Serveur Web: NGINX
|
||||||
### Caractéristiques notables
|
### Caractéristiques notables
|
||||||
|
|
||||||
Domaine : toot.a-lec.org
|
Domaine : toot.a-lec.org
|
||||||
Adresse ipv4 publique : 80.67.179.96
|
Adresse ipv4 publique : 80.67.176.33
|
||||||
Adresse ipv4 interne : 192.169.1.232
|
Adresse ipv4 interne : 192.168.1.232
|
||||||
Adresse ipv6 publique : 2001:910:1360::232
|
Adresse ipv6 publique : 2001:910:1021::232
|
||||||
|
|
|
@ -20,9 +20,9 @@ Gestionnaire FastCGI : `php-fpm` version 7.4
|
||||||
### Caractéristiques notables
|
### Caractéristiques notables
|
||||||
|
|
||||||
Domaine : www.a-lec.org
|
Domaine : www.a-lec.org
|
||||||
Adresse ipv4 publique : 80.67.179.96
|
Adresse ipv4 publique : 80.67.176.33
|
||||||
Adresse ipv4 interne : 192.169.100.188
|
Adresse ipv4 interne : 192.168.1.188
|
||||||
Adresse ipv6 publique : 2001:910:1360::1ca
|
Adresse ipv6 publique : 2001:910:1021::188
|
||||||
|
|
||||||
### Configuration du serveur web (nginx)
|
### Configuration du serveur web (nginx)
|
||||||
<details>
|
<details>
|
||||||
|
|
|
@ -19,6 +19,6 @@ Serveur XMPP : `ejabberd`
|
||||||
### Caractéristiques notables
|
### Caractéristiques notables
|
||||||
|
|
||||||
Domaine : xmpp.a-lec.org
|
Domaine : xmpp.a-lec.org
|
||||||
Adresse ipv4 publique : 80.67.179.96
|
Adresse ipv4 publique : 80.67.176.33
|
||||||
Adresse ipv4 interne : 192.169.1.189
|
Adresse ipv4 interne : 192.168.1.211
|
||||||
Adresse ipv6 publique : 2001:910:1360::142
|
Adresse ipv6 publique : 2001:910:1021::211
|
||||||
|
|
|
@ -29,9 +29,9 @@ Réplication de stockage (vm) : `drbd`, `ocfs2`
|
||||||
### Caractéristiques notables
|
### Caractéristiques notables
|
||||||
|
|
||||||
Domaine : aunt.libre-en-communs.org
|
Domaine : aunt.libre-en-communs.org
|
||||||
Adresse ipv4 publique : 80.67.179.96
|
Adresse ipv4 publique : 80.67.176.33
|
||||||
Adresse ipv4 locale : 192.169.1.206
|
Adresse ipv4 locale : 192.168.1.206
|
||||||
Adresse ipv6 publique : 2001:910:1360::3
|
Adresse ipv6 publique : 2001:910:1021::3
|
||||||
|
|
||||||
#### Configuration réseau
|
#### Configuration réseau
|
||||||
|
|
||||||
|
@ -48,18 +48,13 @@ Adresse ipv6 publique : 2001:910:1360::3
|
||||||
# Connexion avec le routeur (bridge sur ens10 avec les VM présentes)
|
# Connexion avec le routeur (bridge sur ens10 avec les VM présentes)
|
||||||
allow-hotplug ens9
|
allow-hotplug ens9
|
||||||
auto br0
|
auto br0
|
||||||
iface br0 inet static
|
iface br0 inet dhcp
|
||||||
bridge_ports ens9
|
bridge_ports ens9
|
||||||
address 192.169.1.206
|
|
||||||
gateway 192.169.1.1
|
|
||||||
bridge_stp off # désactivation du Spanning Tree Protocol
|
|
||||||
bridge_waitport 0 # suppression du délai avant que le port soit disponible pour le bridge
|
|
||||||
bridge_fd 0 # suppression de délai avant que le forwarding du bridge soit établi
|
|
||||||
|
|
||||||
iface br0 inet6 static
|
iface br0 inet6 static
|
||||||
bridge_ports ens9
|
bridge_ports ens9
|
||||||
address 2001:910:1360:0::3/128
|
address 2001:910:1021::3/128
|
||||||
gateway 2001:910:1360::1
|
gateway 2001:910:1021::1
|
||||||
bridge_stp off # désactivation du Spanning Tree Protocol
|
bridge_stp off # désactivation du Spanning Tree Protocol
|
||||||
bridge_waitport 0 # suppression du délai avant que le port soit disponible pour le bridge
|
bridge_waitport 0 # suppression du délai avant que le port soit disponible pour le bridge
|
||||||
bridge_fd 0 # suppression de délai avant que le forwarding du bridge soit établi
|
bridge_fd 0 # suppression de délai avant que le forwarding du bridge soit établi
|
||||||
|
|
|
@ -29,9 +29,9 @@ Réplication de stockage (vm) : `drbd`, `ocfs2`
|
||||||
### Caractéristiques notables
|
### Caractéristiques notables
|
||||||
|
|
||||||
Domaine : mother.libre-en-communs.org
|
Domaine : mother.libre-en-communs.org
|
||||||
Adresse ipv4 publique : 80.67.179.96
|
Adresse ipv4 publique : 80.67.176.33
|
||||||
Adresse ipv4 locale : 192.169.1.108
|
Adresse ipv4 locale : 192.168.1.108
|
||||||
Adresse ipv6 publique : 2001:910:1360::2
|
Adresse ipv6 publique : 2001:910:1021::2
|
||||||
|
|
||||||
#### Configuration réseau
|
#### Configuration réseau
|
||||||
|
|
||||||
|
@ -48,18 +48,13 @@ Adresse ipv6 publique : 2001:910:1360::2
|
||||||
# Connexion avec le routeur (bridge sur ens10 avec les VM présentes)
|
# Connexion avec le routeur (bridge sur ens10 avec les VM présentes)
|
||||||
allow-hotplug ens10
|
allow-hotplug ens10
|
||||||
auto br0
|
auto br0
|
||||||
iface br0 inet static
|
iface br0 inet dhcp
|
||||||
bridge_ports ens10
|
bridge_ports ens10
|
||||||
address 192.169.1.108
|
|
||||||
gateway 192.169.1.1
|
|
||||||
bridge_stp off # désactivation du Spanning Tree Protocol
|
|
||||||
bridge_waitport 0 # suppression du délai avant que le port soit disponible pour le bridge
|
|
||||||
bridge_fd 0 # suppression de délai avant que le forwarding du bridge soit établi
|
|
||||||
|
|
||||||
iface br0 inet6 static
|
iface br0 inet6 static
|
||||||
bridge_ports ens10
|
bridge_ports ens10
|
||||||
address 2001:910:1360:0::2/128
|
address 2001:910:1021::2/128
|
||||||
gateway 2001:910:1360::1
|
gateway 2001:910:1021::1
|
||||||
bridge_stp off # désactivation du Spanning Tree Protocol
|
bridge_stp off # désactivation du Spanning Tree Protocol
|
||||||
bridge_waitport 0 # suppression du délai avant que le port soit disponible pour le bridge
|
bridge_waitport 0 # suppression du délai avant que le port soit disponible pour le bridge
|
||||||
bridge_fd 0 # suppression de délai avant que le forwarding du bridge soit établi
|
bridge_fd 0 # suppression de délai avant que le forwarding du bridge soit établi
|
||||||
|
|
|
@ -17,9 +17,9 @@ Certificats SSL : `acme`
|
||||||
### Caractéristiques notables
|
### Caractéristiques notables
|
||||||
|
|
||||||
Domaine : routeur.libre-en-communs.org
|
Domaine : routeur.libre-en-communs.org
|
||||||
Adresse ipv4 publique : 80.67.179.96
|
Adresse ipv4 publique : 80.67.176.33
|
||||||
Adresse ipv4 locale : 192.169.1.1
|
Adresse ipv4 locale : 192.168.1.1
|
||||||
Adresse ipv6 publique : 2001:910:1360::1
|
Adresse ipv6 publique : 2001:910:1021::1
|
||||||
|
|
||||||
#### Configuration des interfaces
|
#### Configuration des interfaces
|
||||||
|
|
||||||
|
@ -46,12 +46,9 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
config interface 'lan'
|
config interface 'lan'
|
||||||
option device 'br-lan'
|
option device 'br-lan'
|
||||||
option proto 'static'
|
option proto 'static'
|
||||||
option ipaddr '192.169.1.1'
|
|
||||||
option ip6assign '64'
|
|
||||||
list ip6class 'wan6'
|
|
||||||
option netmask '255.255.255.0'
|
option netmask '255.255.255.0'
|
||||||
list dns '80.67.169.12'
|
option ipaddr '192.168.1.1'
|
||||||
list dns '80.67.169.40'
|
option ip6assign '64'
|
||||||
|
|
||||||
config device
|
config device
|
||||||
option name 'wan'
|
option name 'wan'
|
||||||
|
@ -59,13 +56,11 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
|
|
||||||
config interface 'wan'
|
config interface 'wan'
|
||||||
option device 'wan'
|
option device 'wan'
|
||||||
option proto 'dhcp'
|
option proto 'pppoe'
|
||||||
|
option username 'association.libre.en.comm@fdn.ilf.kosc'
|
||||||
|
option password 'zrqk3q6gt'
|
||||||
|
option ipv6 'auto'
|
||||||
|
|
||||||
config interface 'wan6'
|
|
||||||
option device 'wan'
|
|
||||||
option proto 'static'
|
|
||||||
option ip6prefix '2001:910:1360::/48'
|
|
||||||
list ip6addr '2001:910:1360:ffff::1'
|
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
@ -96,7 +91,6 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
config dnsmasq
|
config dnsmasq
|
||||||
option domainneeded '1'
|
|
||||||
option localise_queries '1'
|
option localise_queries '1'
|
||||||
option rebind_protection '1'
|
option rebind_protection '1'
|
||||||
option rebind_localhost '1'
|
option rebind_localhost '1'
|
||||||
|
@ -126,6 +120,7 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
config dhcp 'wan'
|
config dhcp 'wan'
|
||||||
option interface 'wan'
|
option interface 'wan'
|
||||||
option ignore '1'
|
option ignore '1'
|
||||||
|
list ra_flags 'none'
|
||||||
|
|
||||||
config odhcpd 'odhcpd'
|
config odhcpd 'odhcpd'
|
||||||
option maindhcp '0'
|
option maindhcp '0'
|
||||||
|
@ -134,176 +129,130 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
option loglevel '4'
|
option loglevel '4'
|
||||||
|
|
||||||
config domain
|
config domain
|
||||||
option ip '2001:910:1360::1'
|
|
||||||
option name 'routeur'
|
option name 'routeur'
|
||||||
|
option ip '2001:910:1021::1'
|
||||||
config domain
|
|
||||||
option name 'routeur'
|
|
||||||
option ip '192.169.1.1'
|
|
||||||
|
|
||||||
config domain
|
config domain
|
||||||
option name 'mother.libre-en-communs.org'
|
option name 'mother.libre-en-communs.org'
|
||||||
option ip '192.169.1.108'
|
option ip '192.168.1.108'
|
||||||
|
|
||||||
config domain
|
config domain
|
||||||
option name 'mother'
|
option name 'mother'
|
||||||
option ip '2001:910:1360::2'
|
option ip '2001:910:1021::2'
|
||||||
|
|
||||||
config domain
|
|
||||||
option name 'mother'
|
|
||||||
option ip '192.169.1.108'
|
|
||||||
|
|
||||||
config domain
|
config domain
|
||||||
option name 'aunt.libre-en-communs.org'
|
option name 'aunt.libre-en-communs.org'
|
||||||
option ip '192.169.1.206'
|
option ip '192.168.1.206'
|
||||||
|
|
||||||
config domain
|
config domain
|
||||||
option name 'aunt'
|
option name 'aunt'
|
||||||
option ip '2001:910:1360::3'
|
option ip '2001:910:1021::3'
|
||||||
|
|
||||||
config domain
|
|
||||||
option name 'aunt'
|
|
||||||
option ip '192.169.1.206'
|
|
||||||
|
|
||||||
config domain
|
|
||||||
option name 'mail'
|
|
||||||
option ip '2001:910:1360::148'
|
|
||||||
|
|
||||||
config domain
|
|
||||||
option name 'mail'
|
|
||||||
option ip '192.169.1.201'
|
|
||||||
|
|
||||||
config domain
|
|
||||||
option name 'dns'
|
|
||||||
option ip '2001:910:1360::11c'
|
|
||||||
|
|
||||||
config domain
|
|
||||||
option name 'dns'
|
|
||||||
option ip '192.169.1.242'
|
|
||||||
|
|
||||||
config domain
|
|
||||||
option name 'git.a-lec.org'
|
|
||||||
option ip '192.169.1.108'
|
|
||||||
|
|
||||||
config domain
|
|
||||||
option name 'git'
|
|
||||||
option ip '2001:910:1360::42'
|
|
||||||
|
|
||||||
config domain
|
|
||||||
option name 'git'
|
|
||||||
option ip '192.169.1.131'
|
|
||||||
|
|
||||||
config domain
|
|
||||||
option name 'gestion'
|
|
||||||
option ip '2001:910:1360::1ab'
|
|
||||||
|
|
||||||
config domain
|
|
||||||
option name 'gestion'
|
|
||||||
option ip '192.169.1.236'
|
|
||||||
|
|
||||||
config domain
|
|
||||||
option name 'www'
|
|
||||||
option ip '2001:910:1360::1ca'
|
|
||||||
|
|
||||||
config domain
|
|
||||||
option name 'www'
|
|
||||||
option ip '192.169.1.188'
|
|
||||||
|
|
||||||
config domain
|
|
||||||
option name 'xmpp'
|
|
||||||
option ip '2001:910:1360::142'
|
|
||||||
|
|
||||||
config domain
|
|
||||||
option name 'xmpp.a-lec.org'
|
|
||||||
option ip '2001:910:1360::142'
|
|
||||||
|
|
||||||
config domain
|
|
||||||
option name 'xmpp'
|
|
||||||
option ip '192.169.1.211'
|
|
||||||
|
|
||||||
config domain
|
|
||||||
option name 'xmpp.a-lec.org'
|
|
||||||
option ip '192.169.1.211'
|
|
||||||
|
|
||||||
config domain
|
|
||||||
option name 'toot'
|
|
||||||
option ip '2001:910:1360::16a'
|
|
||||||
|
|
||||||
config domain
|
|
||||||
option name 'toot'
|
|
||||||
option ip '192.169.1.179'
|
|
||||||
|
|
||||||
config host
|
config host
|
||||||
option name 'mother'
|
option name 'mother'
|
||||||
option dns '1'
|
option dns '1'
|
||||||
option mac '08:60:6E:11:C3:CA'
|
option ip '192.168.1.108'
|
||||||
option ip '192.169.1.108'
|
option mac '52:C6:86:7C:8F:7E'
|
||||||
|
|
||||||
config host
|
config host
|
||||||
option name 'aunt'
|
option name 'aunt'
|
||||||
option dns '1'
|
option dns '1'
|
||||||
option mac '20:CF:30:67:08:A7'
|
option ip '192.168.1.206'
|
||||||
option ip '192.169.1.206'
|
option mac 'F2:8A:D8:B6:5D:60'
|
||||||
|
|
||||||
config host
|
config host
|
||||||
option mac '52:54:00:C1:D0:69'
|
option mac '52:54:00:C1:D0:69'
|
||||||
option ip '192.169.1.242'
|
|
||||||
option name 'dns'
|
option name 'dns'
|
||||||
option dns '1'
|
option dns '1'
|
||||||
|
option ip '192.168.1.242'
|
||||||
|
|
||||||
config host
|
config host
|
||||||
option name 'gestion'
|
option name 'gestion'
|
||||||
option dns '1'
|
option dns '1'
|
||||||
option mac '52:54:00:C8:83:EC'
|
option mac '52:54:00:C8:83:EC'
|
||||||
option ip '192.169.1.236'
|
option ip '192.168.1.236'
|
||||||
|
|
||||||
config host
|
config host
|
||||||
option name 'git'
|
option name 'git'
|
||||||
option dns '1'
|
option dns '1'
|
||||||
option mac '52:54:00:FD:63:1C'
|
option mac '52:54:00:FD:63:1C'
|
||||||
option ip '192.169.1.131'
|
option ip '192.168.1.131'
|
||||||
|
|
||||||
config host
|
config host
|
||||||
option mac '52:54:00:12:BC:CF'
|
option mac '52:54:00:12:BC:CF'
|
||||||
option ip '192.169.1.201'
|
|
||||||
option name 'mail'
|
option name 'mail'
|
||||||
option dns '1'
|
option dns '1'
|
||||||
|
option ip '192.168.1.201'
|
||||||
|
|
||||||
config host
|
config host
|
||||||
option name 'toot'
|
option name 'toot'
|
||||||
option dns '1'
|
option dns '1'
|
||||||
option mac '52:54:00:E4:2A:97'
|
option mac '52:54:00:E4:2A:97'
|
||||||
option ip '192.169.1.179'
|
option ip '192.168.1.179'
|
||||||
|
|
||||||
config host
|
config host
|
||||||
option mac '52:54:00:07:F1:3C'
|
option mac '52:54:00:07:F1:3C'
|
||||||
option ip '192.169.1.188'
|
|
||||||
option name 'www'
|
option name 'www'
|
||||||
option dns '1'
|
option dns '1'
|
||||||
|
option ip '192.168.1.188'
|
||||||
|
|
||||||
config host
|
config host
|
||||||
option name 'xmpp'
|
option name 'xmpp'
|
||||||
option dns '1'
|
option dns '1'
|
||||||
option mac '52:54:00:0B:A6:ED'
|
option mac '52:54:00:0B:A6:ED'
|
||||||
option ip '192.169.1.211'
|
option ip '192.168.1.211'
|
||||||
|
|
||||||
config host
|
config host
|
||||||
option name 'xmpp.chalec.org'
|
option name 'xmpp.chalec.org'
|
||||||
option dns '1'
|
option dns '1'
|
||||||
option mac '52:54:00:FC:74:4C'
|
option mac '52:54:00:FC:74:4C'
|
||||||
option ip '192.169.1.204'
|
option ip '192.168.1.204'
|
||||||
|
|
||||||
config host
|
|
||||||
option name 'tootest'
|
|
||||||
option dns '1'
|
|
||||||
option mac '52:54:00:25:18:BB'
|
|
||||||
option ip '192.169.1.232'
|
|
||||||
|
|
||||||
config host
|
config host
|
||||||
option name 'audio'
|
option name 'audio'
|
||||||
option dns '1'
|
option dns '1'
|
||||||
option mac '52:54:00:F1:8B:EC'
|
option mac '52:54:00:EE:93:E0'
|
||||||
option ip '192.169.1.186'
|
option ip '192.168.1.186'
|
||||||
|
|
||||||
|
config host
|
||||||
|
option mac '52:54:00:F2:BB:55'
|
||||||
|
option name 'tootest'
|
||||||
|
option dns '1'
|
||||||
|
option ip '192.168.1.232'
|
||||||
|
|
||||||
|
config host
|
||||||
|
option mac '52:54:00:86:69:5F'
|
||||||
|
option name 'generic'
|
||||||
|
option dns '1'
|
||||||
|
option ip '192.168.1.195'
|
||||||
|
|
||||||
|
config domain
|
||||||
|
option name 'mail.a-lec.org'
|
||||||
|
option ip '192.168.1.201'
|
||||||
|
|
||||||
|
config domain
|
||||||
|
option name 'git.a-lec.org'
|
||||||
|
option ip '192.168.1.131'
|
||||||
|
|
||||||
|
config domain
|
||||||
|
option name 'mother.libre-en-communs.org'
|
||||||
|
option ip '192.168.1.108'
|
||||||
|
|
||||||
|
config domain
|
||||||
|
option name 'aunt.libre-en-communs.org'
|
||||||
|
option ip '192.168.1.206'
|
||||||
|
|
||||||
|
config domain
|
||||||
|
option name 'xmpp.a-lec.org'
|
||||||
|
option ip '192.168.1.211'
|
||||||
|
|
||||||
|
config domain
|
||||||
|
option name 'dns.libre-en-communs.org'
|
||||||
|
option ip '192.168.1.242'
|
||||||
|
|
||||||
|
config domain
|
||||||
|
option name 'dns.libre-en-communs.org'
|
||||||
|
option ip '2001:910:1021::242'
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
@ -320,21 +269,21 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
|
|
||||||
config zone
|
config zone
|
||||||
option name 'lan'
|
option name 'lan'
|
||||||
list network 'lan'
|
|
||||||
option input 'ACCEPT'
|
option input 'ACCEPT'
|
||||||
option output 'ACCEPT'
|
option output 'ACCEPT'
|
||||||
option forward 'ACCEPT'
|
option forward 'ACCEPT'
|
||||||
|
list network 'lan'
|
||||||
|
|
||||||
config zone
|
config zone
|
||||||
option name 'wan'
|
option name 'wan'
|
||||||
list network 'wan'
|
|
||||||
list network 'wan6'
|
|
||||||
option output 'ACCEPT'
|
option output 'ACCEPT'
|
||||||
option mtu_fix '1'
|
option mtu_fix '1'
|
||||||
list device 'tun0'
|
|
||||||
option input 'ACCEPT'
|
option input 'ACCEPT'
|
||||||
option forward 'ACCEPT'
|
option forward 'ACCEPT'
|
||||||
option masq '1'
|
option masq '1'
|
||||||
|
list network 'wan'
|
||||||
|
list device 'pppoe-wan'
|
||||||
|
list device 'tun0'
|
||||||
|
|
||||||
config forwarding
|
config forwarding
|
||||||
option src 'lan'
|
option src 'lan'
|
||||||
|
@ -457,7 +406,7 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
option src 'wan'
|
option src 'wan'
|
||||||
option src_dport '222'
|
option src_dport '222'
|
||||||
option dest 'lan'
|
option dest 'lan'
|
||||||
option dest_ip '192.169.1.108'
|
option dest_ip '192.168.1.108'
|
||||||
option dest_port '222'
|
option dest_port '222'
|
||||||
|
|
||||||
config redirect
|
config redirect
|
||||||
|
@ -466,7 +415,7 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
option src 'wan'
|
option src 'wan'
|
||||||
option src_dport '223'
|
option src_dport '223'
|
||||||
option dest 'lan'
|
option dest 'lan'
|
||||||
option dest_ip '192.169.1.206'
|
option dest_ip '192.168.1.206'
|
||||||
option dest_port '223'
|
option dest_port '223'
|
||||||
|
|
||||||
config redirect
|
config redirect
|
||||||
|
@ -476,7 +425,7 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
option src_dport '53'
|
option src_dport '53'
|
||||||
option dest 'lan'
|
option dest 'lan'
|
||||||
option dest_port '53'
|
option dest_port '53'
|
||||||
option dest_ip '192.169.1.242'
|
option dest_ip '192.168.1.242'
|
||||||
|
|
||||||
config redirect
|
config redirect
|
||||||
option target 'DNAT'
|
option target 'DNAT'
|
||||||
|
@ -485,7 +434,7 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
option dest 'lan'
|
option dest 'lan'
|
||||||
option dest_port '25'
|
option dest_port '25'
|
||||||
option name 'smtp -> mail'
|
option name 'smtp -> mail'
|
||||||
option dest_ip '192.169.1.201'
|
option dest_ip '192.168.1.201'
|
||||||
|
|
||||||
config redirect
|
config redirect
|
||||||
option target 'DNAT'
|
option target 'DNAT'
|
||||||
|
@ -494,7 +443,7 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
option dest 'lan'
|
option dest 'lan'
|
||||||
option dest_port '587'
|
option dest_port '587'
|
||||||
option name 'smtps -> mail'
|
option name 'smtps -> mail'
|
||||||
option dest_ip '192.169.1.201'
|
option dest_ip '192.168.1.201'
|
||||||
|
|
||||||
config redirect
|
config redirect
|
||||||
option target 'DNAT'
|
option target 'DNAT'
|
||||||
|
@ -503,7 +452,7 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
option dest 'lan'
|
option dest 'lan'
|
||||||
option dest_port '993'
|
option dest_port '993'
|
||||||
option name 'imaps -> mail'
|
option name 'imaps -> mail'
|
||||||
option dest_ip '192.169.1.201'
|
option dest_ip '192.168.1.201'
|
||||||
|
|
||||||
config redirect
|
config redirect
|
||||||
option target 'DNAT'
|
option target 'DNAT'
|
||||||
|
@ -512,7 +461,7 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
option src_dport '666'
|
option src_dport '666'
|
||||||
option dest 'lan'
|
option dest 'lan'
|
||||||
option dest_port '22'
|
option dest_port '22'
|
||||||
option dest_ip '192.169.1.201'
|
option dest_ip '192.168.1.201'
|
||||||
|
|
||||||
config redirect
|
config redirect
|
||||||
option target 'DNAT'
|
option target 'DNAT'
|
||||||
|
@ -521,7 +470,7 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
option src_dport '22'
|
option src_dport '22'
|
||||||
option dest 'lan'
|
option dest 'lan'
|
||||||
option dest_port '22'
|
option dest_port '22'
|
||||||
option dest_ip '192.169.1.131'
|
option dest_ip '192.168.1.131'
|
||||||
|
|
||||||
config redirect
|
config redirect
|
||||||
option target 'DNAT'
|
option target 'DNAT'
|
||||||
|
@ -530,7 +479,7 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
option src_dport '777'
|
option src_dport '777'
|
||||||
option dest 'lan'
|
option dest 'lan'
|
||||||
option dest_port '22'
|
option dest_port '22'
|
||||||
option dest_ip '192.169.1.188'
|
option dest_ip '192.168.1.188'
|
||||||
|
|
||||||
config redirect
|
config redirect
|
||||||
option target 'DNAT'
|
option target 'DNAT'
|
||||||
|
@ -539,7 +488,7 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
option src_dport '5222'
|
option src_dport '5222'
|
||||||
option dest 'lan'
|
option dest 'lan'
|
||||||
option dest_port '5222'
|
option dest_port '5222'
|
||||||
option dest_ip '192.169.1.211'
|
option dest_ip '192.168.1.211'
|
||||||
|
|
||||||
config redirect
|
config redirect
|
||||||
option target 'DNAT'
|
option target 'DNAT'
|
||||||
|
@ -548,7 +497,7 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
option dest 'lan'
|
option dest 'lan'
|
||||||
option dest_port '5223'
|
option dest_port '5223'
|
||||||
option name 'xmpp c2s tls'
|
option name 'xmpp c2s tls'
|
||||||
option dest_ip '192.169.1.211'
|
option dest_ip '192.168.1.211'
|
||||||
|
|
||||||
config redirect
|
config redirect
|
||||||
option target 'DNAT'
|
option target 'DNAT'
|
||||||
|
@ -557,7 +506,7 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
option src_dport '5269'
|
option src_dport '5269'
|
||||||
option dest 'lan'
|
option dest 'lan'
|
||||||
option dest_port '5269'
|
option dest_port '5269'
|
||||||
option dest_ip '192.169.1.211'
|
option dest_ip '192.168.1.211'
|
||||||
|
|
||||||
config redirect
|
config redirect
|
||||||
option target 'DNAT'
|
option target 'DNAT'
|
||||||
|
@ -566,7 +515,7 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
option src_dport '5443'
|
option src_dport '5443'
|
||||||
option dest 'lan'
|
option dest 'lan'
|
||||||
option dest_port '5443'
|
option dest_port '5443'
|
||||||
option dest_ip '192.169.1.211'
|
option dest_ip '192.168.1.211'
|
||||||
|
|
||||||
config redirect
|
config redirect
|
||||||
option target 'DNAT'
|
option target 'DNAT'
|
||||||
|
@ -575,7 +524,7 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
option src_dport '5280'
|
option src_dport '5280'
|
||||||
option dest 'lan'
|
option dest 'lan'
|
||||||
option dest_port '5280'
|
option dest_port '5280'
|
||||||
option dest_ip '192.169.1.211'
|
option dest_ip '192.168.1.211'
|
||||||
|
|
||||||
config redirect
|
config redirect
|
||||||
option target 'DNAT'
|
option target 'DNAT'
|
||||||
|
@ -584,7 +533,17 @@ Adresse ipv6 publique : 2001:910:1360::1
|
||||||
option src_dport '3478'
|
option src_dport '3478'
|
||||||
option dest 'lan'
|
option dest 'lan'
|
||||||
option dest_port '3478'
|
option dest_port '3478'
|
||||||
option dest_ip '192.169.1.211'
|
option dest_ip '192.168.1.211'
|
||||||
|
|
||||||
|
config redirect
|
||||||
|
option target 'DNAT'
|
||||||
|
option name 'mumble -> audio'
|
||||||
|
option src 'wan'
|
||||||
|
option src_dport '64738'
|
||||||
|
option dest 'lan'
|
||||||
|
option dest_ip '192.168.1.186'
|
||||||
|
option dest_port '64738'
|
||||||
|
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
@ -646,7 +605,6 @@ Note : IPV4 uniquement
|
||||||
return 404;
|
return 404;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
include reverse_proxy.conf;
|
include reverse_proxy.conf;
|
||||||
include conf.d/*.conf;
|
include conf.d/*.conf;
|
||||||
}
|
}
|
||||||
|
@ -668,6 +626,18 @@ Note : IPV4 uniquement
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
server_name audio.a-lec.org;
|
||||||
|
listen 80;
|
||||||
|
proxy_redirect off;
|
||||||
|
proxy_set_header X-Real-IP
|
||||||
|
$remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
location / {
|
||||||
|
proxy_pass http://audio:80;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
server {
|
server {
|
||||||
server_name coffre.a-lec.org;
|
server_name coffre.a-lec.org;
|
||||||
listen 80;
|
listen 80;
|
||||||
|
@ -728,6 +698,115 @@ Note : IPV4 uniquement
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
root@routeur:~# cat /etc/nginx/reverse_proxy.conf
|
||||||
|
server {
|
||||||
|
server_name gestion.a-lec.org;
|
||||||
|
listen 80;
|
||||||
|
proxy_redirect off;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
proxy_pass http://gestion:80;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
server_name audio.a-lec.org;
|
||||||
|
listen 80;
|
||||||
|
proxy_redirect off;
|
||||||
|
proxy_set_header X-Real-IP
|
||||||
|
$remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
location / {
|
||||||
|
proxy_pass http://audio:80;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
server_name coffre.a-lec.org;
|
||||||
|
listen 80;
|
||||||
|
proxy_redirect off;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
proxy_pass http://gestion:80;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
server_name git.a-lec.org;
|
||||||
|
listen 80;
|
||||||
|
proxy_redirect off;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
proxy_pass http://git:80;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
server_name www.a-lec.org;
|
||||||
|
listen 80;
|
||||||
|
proxy_redirect off;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
proxy_pass http://www:80;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
server_name a-lec.org;
|
||||||
|
listen 80;
|
||||||
|
proxy_redirect off;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
proxy_pass http://www:80;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
server_name toot.a-lec.org;
|
||||||
|
listen 80;
|
||||||
|
proxy_redirect off;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
proxy_pass http://toot:80;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
server_name mail.a-lec.org;
|
||||||
|
listen 80;
|
||||||
|
proxy_redirect off;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
proxy_pass http://mail:80;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
server_name tootest.a-lec.org;
|
||||||
|
listen 80;
|
||||||
|
proxy_redirect off;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
location / {
|
||||||
|
proxy_pass http://tootest:80;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
#### /etc/nginx/reverse_proxy_ssl.conf (reverse proxy HTTPS)
|
#### /etc/nginx/reverse_proxy_ssl.conf (reverse proxy HTTPS)
|
||||||
|
@ -746,12 +825,22 @@ Note : IPV4 uniquement
|
||||||
mail.a-lec.org mail_a-lec_443;
|
mail.a-lec.org mail_a-lec_443;
|
||||||
toot.a-lec.org toot_a-lec_443;
|
toot.a-lec.org toot_a-lec_443;
|
||||||
routeur.libre-en-communs.org routeur_444;
|
routeur.libre-en-communs.org routeur_444;
|
||||||
|
audio.a-lec.org audio_a-lec_443;
|
||||||
|
tootest.a-lec.org tootest_a-lec_443;
|
||||||
}
|
}
|
||||||
|
|
||||||
upstream gestion_a-lec_443 {
|
upstream gestion_a-lec_443 {
|
||||||
server gestion:443;
|
server gestion:443;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
upstream tootest_a-lec_443 {
|
||||||
|
server tootest:443;
|
||||||
|
}
|
||||||
|
|
||||||
|
upstream audio_a-lec_443 {
|
||||||
|
server audio:443;
|
||||||
|
}
|
||||||
|
|
||||||
upstream git_a-lec_443 {
|
upstream git_a-lec_443 {
|
||||||
server git:443;
|
server git:443;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue