Machine generic
This commit is contained in:
parent
8d0b3f733b
commit
9428ad9cdc
|
@ -21,36 +21,3 @@ Domaine : dns.libre-en-communs.org
|
|||
Adresse ipv4 publique : 80.67.179.96
|
||||
Adresse ipv4 interne : 192.169.1.xxx
|
||||
Adresse ipv6 publique : xxx
|
||||
|
||||
#### Configuration réseau
|
||||
|
||||
##### /etc/network/interfaces
|
||||
<details>
|
||||
|
||||
# The primary network interface
|
||||
allow-hotplug enp1s0
|
||||
iface enp1s0 inet dhcp
|
||||
iface enp1s0 inet6 static
|
||||
address 2001:910:1360::xxx/128
|
||||
gateway 2001:910:1360::
|
||||
</details>
|
||||
|
||||
##### /etc/host.allow
|
||||
|
||||
sshd: 192.169.1.0/24, [2001:910:1360::]/48
|
||||
|
||||
##### /etc/host/deny
|
||||
|
||||
sshd: ALL
|
||||
|
||||
### Configuration MTA
|
||||
|
||||
#### /etc/postfix/transport
|
||||
|
||||
a-lec.org :
|
||||
* discard:
|
||||
|
||||
#### /etc/postfix/virtual
|
||||
|
||||
@localhost admin@a-lec.org
|
||||
@audio.a-lec.org admin@a-lec.org
|
||||
|
|
|
@ -21,37 +21,4 @@ Mail Transfer Agent : `postfix`
|
|||
Domaine : dns.libre-en-communs.org
|
||||
Adresse ipv4 publique : 80.67.179.96
|
||||
Adresse ipv4 interne : 192.169.1.242
|
||||
Adresse ipv6 publique : 2001:910:1360::11c
|
||||
|
||||
#### Configuration réseau
|
||||
|
||||
##### /etc/network/interfaces
|
||||
<details>
|
||||
|
||||
# The primary network interface
|
||||
allow-hotplug enp1s0
|
||||
iface enp1s0 inet dhcp
|
||||
iface enp1s0 inet6 static
|
||||
address 2001:910:1360::11c/128
|
||||
gateway 2001:910:1360::
|
||||
</details>
|
||||
|
||||
##### /etc/host.allow
|
||||
|
||||
sshd: 192.169.1.0/24, [2001:910:1360::]/48
|
||||
|
||||
##### /etc/host/deny
|
||||
|
||||
sshd: ALL
|
||||
|
||||
### Configuration MTA
|
||||
|
||||
#### /etc/postfix/transport
|
||||
|
||||
a-lec.org :
|
||||
* discard:
|
||||
|
||||
#### /etc/postfix/virtual
|
||||
|
||||
@localhost admin@a-lec.org
|
||||
@dns.libre-en-communs.org admin@a-lec.org
|
||||
Adresse ipv6 publique : 2001:910:1360::11c
|
|
@ -0,0 +1,59 @@
|
|||
## Machine virtuelle GENERIC
|
||||
|
||||
#### (c'est-à-dire le modèle de toutes les machines virtuelles)
|
||||
|
||||
...
|
||||
|
||||
### Matériel virtuel
|
||||
|
||||
CPU : xxx
|
||||
RAM : xxx Mio
|
||||
Stockage de masse : 50 Gio
|
||||
|
||||
### Logiciel
|
||||
|
||||
Système d'exploitation : Debian GNU/Linux-libre 11 (Bullseye)
|
||||
Noyau : Linux-libre LTS (`linux-libre-lts` des dépôts https://linux-libre.fsfla.org)
|
||||
Sécurités de la maintenance : `etckeeper`, `mollyguard`, `git`, `tig`, `screen`
|
||||
Mail Transfer Agent : `postfix`
|
||||
|
||||
### Caractéristiques notables
|
||||
|
||||
Domaine : dns.libre-en-communs.org
|
||||
Adresse ipv4 publique : 80.67.179.96
|
||||
Adresse ipv4 interne : 192.169.1.xxx
|
||||
Adresse ipv6 publique : xxx
|
||||
|
||||
#### Configuration réseau
|
||||
|
||||
##### /etc/network/interfaces
|
||||
<details>
|
||||
|
||||
# The primary network interface
|
||||
allow-hotplug enp1s0
|
||||
iface enp1s0 inet dhcp
|
||||
iface enp1s0 inet6 static
|
||||
address 2001:910:1360::xxx/128
|
||||
gateway 2001:910:1360::
|
||||
</details>
|
||||
|
||||
##### /etc/host.allow
|
||||
|
||||
sshd: 192.169.1.0/24, [2001:910:1360::]/48
|
||||
|
||||
##### /etc/host/deny
|
||||
|
||||
sshd: ALL
|
||||
|
||||
### Configuration MTA
|
||||
|
||||
#### /etc/postfix/transport
|
||||
|
||||
a-lec.org :
|
||||
* discard:
|
||||
|
||||
#### /etc/postfix/virtual
|
||||
|
||||
@localhost admin@a-lec.org
|
||||
@generic.a-lec.org admin@a-lec.org
|
||||
|
|
@ -23,39 +23,6 @@ Adresse ipv4 publique : 80.67.179.96
|
|||
Adresse ipv4 interne : 192.169.1.236
|
||||
Adresse ipv6 publique : 2001:910:1360::1ab
|
||||
|
||||
#### Configuration réseau
|
||||
|
||||
##### /etc/network/interfaces
|
||||
<details>
|
||||
|
||||
# The primary network interface
|
||||
allow-hotplug enp1s0
|
||||
iface enp1s0 inet dhcp
|
||||
iface enp1s0 inet6 static
|
||||
address 2001:910:1360::1ab/128
|
||||
gateway 2001:910:1360::
|
||||
</details>
|
||||
|
||||
##### /etc/host.allow
|
||||
|
||||
sshd: 192.169.1.0/24, [2001:910:1360::]/48
|
||||
|
||||
##### /etc/host/deny
|
||||
|
||||
sshd: ALL
|
||||
|
||||
### Configuration MTA
|
||||
|
||||
#### /etc/postfix/transport
|
||||
|
||||
a-lec.org :
|
||||
* discard:
|
||||
|
||||
#### /etc/postfix/virtual
|
||||
|
||||
@localhost admin@a-lec.org
|
||||
@gestion.a-lec.org admin@a-lec.org
|
||||
|
||||
### Configuration serveur web (nginx)
|
||||
<details>
|
||||
|
||||
|
|
|
@ -23,40 +23,6 @@ Adresse ipv4 publique : 80.67.179.96
|
|||
Adresse ipv4 interne : 192.169.1.131
|
||||
Adresse ipv6 publique : 2001:910:1360::42
|
||||
|
||||
#### Configuration réseau
|
||||
|
||||
##### /etc/network/interfaces
|
||||
<details>
|
||||
|
||||
# The primary network interface
|
||||
allow-hotplug enp1s0
|
||||
iface enp1s0 inet dhcp
|
||||
iface enp1s0 inet6 static
|
||||
address 2001:910:1360::42/128
|
||||
gateway 2001:910:1360::
|
||||
|
||||
</details>
|
||||
|
||||
##### /etc/host.allow
|
||||
|
||||
sshd: 192.169.1.0/24, [2001:910:1360::]/48
|
||||
|
||||
##### /etc/host/deny
|
||||
|
||||
sshd: ALL
|
||||
|
||||
### Configuration MTA
|
||||
|
||||
#### /etc/postfix/transport
|
||||
|
||||
a-lec.org :
|
||||
* discard:
|
||||
|
||||
#### /etc/postfix/virtual
|
||||
|
||||
@localhost admin@a-lec.org
|
||||
@git.a-lec.org admin@a-lec.org
|
||||
|
||||
### Configuration serveur web (nginx)
|
||||
<details>
|
||||
|
||||
|
|
|
@ -25,28 +25,6 @@ Adresse ipv4 publique : 80.67.179.96
|
|||
Adresse ipv4 interne : 192.169.1.201
|
||||
Adresse ipv6 publique : 2001:910:1360::148
|
||||
|
||||
#### Configuration réseau
|
||||
|
||||
##### /etc/network/interfaces
|
||||
<details>
|
||||
|
||||
# The primary network interface
|
||||
allow-hotplug enp1s0
|
||||
iface enp1s0 inet dhcp
|
||||
iface enp1s0 inet6 static
|
||||
address 2001:910:1360::148/128
|
||||
gateway 2001:910:1360::
|
||||
|
||||
</details>
|
||||
|
||||
##### /etc/host.allow
|
||||
|
||||
sshd: 192.169.1.0/24, [2001:910:1360::]/48
|
||||
|
||||
##### /etc/host/deny
|
||||
|
||||
sshd: ALL
|
||||
|
||||
### Configuration MTA
|
||||
|
||||
*(à compléter)*
|
||||
|
@ -100,4 +78,4 @@ Adresse ipv6 publique : 2001:910:1360::148
|
|||
}
|
||||
}
|
||||
|
||||
</details>
|
||||
</details>
|
||||
|
|
|
@ -34,44 +34,6 @@ Ouverture de compte: tout membre de l'association
|
|||
|
||||
Instance publique
|
||||
|
||||
#### Configuration réseau
|
||||
|
||||
##### /etc/network/interfaces
|
||||
<details>
|
||||
|
||||
# The loopback network interface
|
||||
auto lo
|
||||
iface lo inet loopback
|
||||
|
||||
# The primary network interface
|
||||
allow-hotplug enp1s0
|
||||
iface enp1s0 inet dhcp
|
||||
iface enp1s0 inet6 static
|
||||
address 2001:910:1360::16a/128
|
||||
gateway 2001:910:1360::
|
||||
|
||||
</details>
|
||||
|
||||
##### /etc/host.allow
|
||||
|
||||
sshd: 192.169.1.0/24, [2001:910:1360::]/48
|
||||
|
||||
##### /etc/host/deny
|
||||
|
||||
sshd: ALL
|
||||
|
||||
### Configuration MTA
|
||||
|
||||
#### /etc/postfix/transport
|
||||
|
||||
a-lec.org :
|
||||
* discard:
|
||||
|
||||
#### /etc/postfix/virtual
|
||||
|
||||
@localhost admin@a-lec.org
|
||||
@toot.a-lec.org admin@a-lec.org
|
||||
|
||||
### Configuration serveur web (nginx)
|
||||
<details>
|
||||
|
||||
|
@ -165,4 +127,4 @@ Instance publique
|
|||
|
||||
error_page 500 501 502 503 504 /500.html;
|
||||
}
|
||||
</details>
|
||||
</details>
|
||||
|
|
|
@ -23,51 +23,3 @@ Domaine : toot.a-lec.org
|
|||
Adresse ipv4 publique : 80.67.179.96
|
||||
Adresse ipv4 interne : 192.169.1.232
|
||||
Adresse ipv6 publique : 2001:910:1360::232
|
||||
|
||||
### Comptes
|
||||
|
||||
Administrateur: admin
|
||||
Modérateurs: neox, echolib
|
||||
Ouverture de compte: tout membre de l'association
|
||||
|
||||
### Visibilité
|
||||
|
||||
Instance publique
|
||||
|
||||
#### Configuration réseau
|
||||
|
||||
##### /etc/network/interfaces
|
||||
<details>
|
||||
|
||||
# The loopback network interface
|
||||
auto lo
|
||||
iface lo inet loopback
|
||||
|
||||
# The primary network interface
|
||||
allow-hotplug enp1s0
|
||||
iface enp1s0 inet dhcp
|
||||
iface enp1s0 inet6 static
|
||||
address 2001:910:1360::232/128
|
||||
gateway 2001:910:1360::
|
||||
|
||||
</details>
|
||||
|
||||
##### /etc/host.allow
|
||||
|
||||
sshd: 192.169.1.0/24, [2001:910:1360::]/48
|
||||
|
||||
##### /etc/host/deny
|
||||
|
||||
sshd: ALL
|
||||
|
||||
### Configuration MTA
|
||||
|
||||
#### /etc/postfix/transport
|
||||
|
||||
a-lec.org :
|
||||
* discard:
|
||||
|
||||
#### /etc/postfix/virtual
|
||||
|
||||
@localhost admin@a-lec.org
|
||||
@tootest.a-lec.org admin@a-lec.org
|
||||
|
|
|
@ -24,44 +24,6 @@ Adresse ipv4 publique : 80.67.179.96
|
|||
Adresse ipv4 interne : 192.169.100.188
|
||||
Adresse ipv6 publique : 2001:910:1360::1ca
|
||||
|
||||
#### Configuration réseau
|
||||
|
||||
##### /etc/network/interfaces
|
||||
<details>
|
||||
|
||||
# The loopback network interface
|
||||
auto lo
|
||||
iface lo inet loopback
|
||||
|
||||
# The primary network interface
|
||||
allow-hotplug enp1s0
|
||||
iface enp1s0 inet dhcp
|
||||
iface enp1s0 inet6 static
|
||||
address 2001:910:1360::1ca/128
|
||||
gateway 2001:910:1360::
|
||||
|
||||
</details>
|
||||
|
||||
##### /etc/host.allow
|
||||
|
||||
sshd: 192.169.1.0/24, [2001:910:1360::]/48
|
||||
|
||||
##### /etc/host/deny
|
||||
|
||||
sshd: ALL
|
||||
|
||||
### Configuration MTA
|
||||
|
||||
#### /etc/postfix/transport
|
||||
|
||||
a-lec.org :
|
||||
* discard:
|
||||
|
||||
#### /etc/postfix/virtual
|
||||
|
||||
@localhost admin@a-lec.org
|
||||
@www.a-lec.org admin@a-lec.org
|
||||
|
||||
### Configuration du serveur web (nginx)
|
||||
<details>
|
||||
|
||||
|
@ -152,4 +114,4 @@ Adresse ipv6 publique : 2001:910:1360::1ca
|
|||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||
}
|
||||
|
||||
</details>
|
||||
</details>
|
||||
|
|
|
@ -22,37 +22,3 @@ Domaine : xmpp.a-lec.org
|
|||
Adresse ipv4 publique : 80.67.179.96
|
||||
Adresse ipv4 interne : 192.169.1.189
|
||||
Adresse ipv6 publique : 2001:910:1360::142
|
||||
|
||||
#### Configuration réseau
|
||||
|
||||
##### /etc/network/interfaces
|
||||
<details>
|
||||
|
||||
# The primary network interface
|
||||
allow-hotplug enp1s0
|
||||
iface enp1s0 inet dhcp
|
||||
iface enp1s0 inet6 static
|
||||
address 2001:910:1360::142/128
|
||||
gateway 2001:910:1360::
|
||||
|
||||
</details>
|
||||
|
||||
##### /etc/hosts.allow
|
||||
|
||||
sshd: 192.169.1.0/24, [2001:910:1360::]/48
|
||||
|
||||
##### /etc/hosts.deny
|
||||
|
||||
sshd: ALL
|
||||
|
||||
### Configuration MTA
|
||||
|
||||
#### /etc/postfix/transport
|
||||
|
||||
a-lec.org :
|
||||
* discard:
|
||||
|
||||
#### /etc/postfix/virtual
|
||||
|
||||
@localhost admin@a-lec.org
|
||||
@xmpp.a-lec.org admin@a-lec.org
|
||||
|
|
|
@ -14,22 +14,26 @@ Pour qu'un nouvel administrateur puisse accéder aux serveurs, il faut :
|
|||
host mother.libre-en-communs.org
|
||||
User cominfra
|
||||
Port 222
|
||||
SendEnv GIT_AUTHOR_NAME GIT_AUTHOR_EMAIL
|
||||
|
||||
host mother666.libre-en-communs.org
|
||||
User admin666
|
||||
Hostname mother.libre-en-communs.org
|
||||
Port 222
|
||||
ProxyCommand ssh -q -W %h:%p mother.libre-en-communs.org
|
||||
SendEnv GIT_AUTHOR_NAME GIT_AUTHOR_EMAIL
|
||||
|
||||
host aunt.libre-en-communs.org
|
||||
User cominfra
|
||||
Port 222
|
||||
SendEnv GIT_AUTHOR_NAME GIT_AUTHOR_EMAIL
|
||||
|
||||
host aunt666.libre-en-communs.org
|
||||
User admin666
|
||||
Hostname aunt.libre-en-communs.org
|
||||
Port 222
|
||||
ProxyCommand ssh -q -W %h:%p mother.libre-en-communs.org
|
||||
SendEnv GIT_AUTHOR_NAME GIT_AUTHOR_EMAIL
|
||||
|
||||
### Procédure de connexion avec config dans ~/.ssh/config
|
||||
|
||||
|
|
|
@ -18,24 +18,28 @@ Soit en passant par `mother`
|
|||
host mother.libre-en-communs.org
|
||||
User cominfra
|
||||
Port 222
|
||||
SendEnv GIT_AUTHOR_NAME GIT_AUTHOR_EMAIL
|
||||
|
||||
host NOM_DE_VM.a-lec.org
|
||||
User admin666
|
||||
Hostname toot
|
||||
Port 22
|
||||
ProxyJump mother.libre-en-communs.org
|
||||
SendEnv GIT_AUTHOR_NAME GIT_AUTHOR_EMAIL
|
||||
|
||||
Ou bien en passant par `aunt`
|
||||
|
||||
host aunt.libre-en-communs.org
|
||||
User cominfra
|
||||
Port 222
|
||||
SendEnv GIT_AUTHOR_NAME GIT_AUTHOR_EMAIL
|
||||
|
||||
host NOM_DE_VM.a-lec.org
|
||||
User admin666
|
||||
Hostname toot
|
||||
Port 22
|
||||
ProxyJump aunt.libre-en-communs.org
|
||||
SendEnv GIT_AUTHOR_NAME GIT_AUTHOR_EMAIL
|
||||
|
||||
Note : avoir les deux configurations peut être utile en cas de panne de l'un ou l'autre des serveurs.
|
||||
|
||||
|
|
Loading…
Reference in New Issue