cominfra/documentation
cominfra
/
documentation
8
0
Fork 0
Code Issues 5 Pull Requests Activity
documentation/pm/anthea.md

109 lines
2.3 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# anthea, machine physique (fontainebleau)
## Matériel
Carte mère : 1 × Asus KGPN-D16 Rev 1.03G
CPU : 2 × AMD Opteron 6280SE
RAM : 32 Gio
Alimentation : *(à compléter)*
Casier : *(à compléter)*
Stockage de masse : *(à compléter)*
## Logiciel
Micro-programme : Coreboot 4.6 + SeaBIOS, sans blob privateur
Système d'exploitation : Debian GNU/Linux-libre 11 (Bullseye)
Noyau : Linux-libre LTS (`linux-libre-lts` des dépôts https://linux-libre.fsfla.org)
Virtualisation : QEMU/KVM (`libvirt`)
Audit des paquets mensuel : `vrms`
Sécurités de la maintenance : `etckeeper`, `mollyguard`, `tig`, `lm-sensors`, `fancontrol`, `screen`
Mail Transfer Agent : `postfix`
## Caractéristiques notables
Domaine : `anthea.libre-en-communs.org`
Adresse ipv4 publique : `80.67.176.40`
Adresse ipv4 locale : `192.168.1.2`
Adresse ipv6 publique : `2001:910:1028::2`
Emplacement des images de disques des machines virtuelles : `/srv/vmverse`
### Configuration réseau
#### /etc/network/interfaces
<details>
auto lo br0
iface lo inet loopback
# The primary network interface
allow-hotplug ens10
allow-hotplug ens9
# bridge for vm
iface br0 inet static
bridge_ports ens10
address 192.168.1.2
gateway 192.168.0.1
broadcast 192.168.255.255
netmask 255.255.0.0
iface br0 inet6 static
bridge_ports ens10
address 2001:910:1028:0::2/128
gateway 2001:910:1028::1
</details>
## Configuration SSH
### /etc/ssh/sshd_config
<details>
Port 222
AddressFamily any
ListenAddress 0.0.0.0
ListenAddress ::
PubkeyAuthentication yes
PasswordAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
UsePAM yes
AllowAgentForwarding yes
AllowTcpForwarding yes
GatewayPorts yes
X11Forwarding no
PrintMotd no
TCPKeepAlive yes
PermitTunnel yes
AcceptEnv LANG LC_* GIT_*
Subsystem sftp /usr/lib/openssh/sftp-server
Match User admin666 Address *,!192.168.0.0/16,!::1
DenyUsers admin666
</details>
## Configuration MTA
### /etc/postfix/transport
a-lec.org :
* discard:
### /etc/postfix/virtual
@localhost admin@a-lec.org
@anthea.libre-en-communs.org admin@a-lec.org
Reference in New Issue View Git Blame Copy Permalink