CESI: Sécurité des entreprises, infrastructure Vagrant avec supervision Prometheus

2018-02-04 15:55:09 +01:00
parent 708bed3a16
commit 13e4a95892
18 changed files with 951 additions and 58 deletions
--- a/cesi/securite_entreprise/ressources/intranet-demo/Vagrantfile
+++ b/cesi/securite_entreprise/ressources/intranet-demo/Vagrantfile
@ -10,8 +10,8 @@ Vagrant.configure("2") do |config|
  # For a complete reference, please see the online documentation at
  # https://docs.vagrantup.com.

-  config.vbguest.auto_update = false
-  config.vbguest.no_remote = true
+  # config.vbguest.auto_update = false
+  # config.vbguest.no_remote = true

  config.vm.provision :shell,
    inline: "localectl set-keymap fr"
@ -23,9 +23,10 @@ Vagrant.configure("2") do |config|

    firewall.vm.network "public_network"

-    firewall.vm.network "private_network", ip: "192.168.200.254", virtualbox_intnet: "accounting"
+    # firewall.vm.network "private_network", ip: "192.168.200.254", virtualbox_intnet: "accounting"
    firewall.vm.network "private_network", ip: "192.168.201.254", virtualbox_intnet: "developer"
-    firewall.vm.network "private_network", ip: "192.168.202.254", virtualbox_intnet: "intra-services"
+    firewall.vm.network "private_network", ip: "192.168.202.254", virtualbox_intnet: "extranet-services"
+    firewall.vm.network "private_network", ip: "192.168.203.254", virtualbox_intnet: "intranet-services"

    firewall.vm.provision :shell, path: "provisioning/common/disable_predictable_interfaces.sh"
    firewall.vm.provision :reload
@ -35,29 +36,49 @@ Vagrant.configure("2") do |config|

  end

-  config.vm.define "intranet-portal" do |portal|
-    portal.vm.box = "ubuntu/xenial64"
-    portal.vm.hostname = "intranet-portal"
-    portal.vm.network "private_network", ip: "192.168.202.10", virtualbox_intnet: "intra-services"
-    portal.vm.provision :shell, :inline => "ip route delete default 2>&1 >/dev/null || true; ip route add default via 192.168.202.254"
+  config.vm.define "extranet-wordpress" do |wordpress|
+    wordpress.vm.box = "ubuntu/xenial64"
+    wordpress.vm.hostname = "extranet-wordpress"
+    wordpress.vm.network "private_network", ip: "192.168.202.10", virtualbox_intnet: "extranet-services"
+    wordpress.vm.provision :shell, :inline => "ip route delete default 2>&1 >/dev/null || true; ip route add default via 192.168.202.254"
+    wordpress.vm.provision :shell, path: "provisioning/wordpress/configure_wordpress.sh"
+    wordpress.vm.provision :shell, path: "provisioning/wordpress/configure_apache_exporter.sh"
  end

-  config.vm.define "workstation1-developer-linux" do |workstation|
+  config.vm.define "intranet-backup" do |intranet|
+    intranet.vm.box = "ubuntu/xenial64"
+    intranet.vm.hostname = "intranet-backup"
+    intranet.vm.network "private_network", ip: "192.168.203.10", virtualbox_intnet: "intranet-services"
+    intranet.vm.provision :shell, :inline => "ip route delete default 2>&1 >/dev/null || true; ip route add default via 192.168.203.254"
+    intranet.vm.provision :shell, path: "provisioning/backup/configure_backup.sh"
+  end
+
+  config.vm.define "intranet-supervision" do |supervision|
+    supervision.vm.box = "ubuntu/xenial64"
+    supervision.vm.hostname = "intranet-supervision"
+    supervision.vm.network "private_network", ip: "192.168.203.20", virtualbox_intnet: "intranet-services"
+    supervision.vm.provision :shell, :inline => "ip route delete default 2>&1 >/dev/null || true; ip route add default via 192.168.203.254"
+    supervision.vm.provision :shell, path: "provisioning/supervision/configure_supervision.sh"
+    supervision.vm.provision :shell, path: "provisioning/supervision/configure_fakesmtp.sh"
+  end
+
+  config.vm.define "workstation-developer-linux" do |workstation|
    workstation.vm.box = "ubuntu/xenial64"
    workstation.vm.hostname = "developer-ws1"
-    workstation.vm.network "private_network", ip: "192.168.201.10", virtualbox_intnet: "developer", auto_config: false 
+    workstation.vm.network "private_network", ip: "192.168.201.10", virtualbox_intnet: "developer", auto_config: false
    workstation.vm.provision :shell, path: "provisioning/workstation/configure_desktop.sh"
    workstation.vm.provision :reload
    workstation.vm.provision :shell, path: "provisioning/workstation/configure_network.sh"
+    workstation.vm.provision :shell, path: "provisioning/developer/configure_account.sh"
  end

-  config.vm.define "workstation1-accounting-linux" do |workstation|
-    workstation.vm.box = "ubuntu/xenial64"
-    workstation.vm.hostname = "accounting-ws1"
-    workstation.vm.network "private_network", ip: "192.168.200.10", virtualbox_intnet: "accounting", auto_config: false
-    workstation.vm.provision :shell, path: "provisioning/workstation/configure_desktop.sh"
-    workstation.vm.provision :reload
-    workstation.vm.provision :shell, path: "provisioning/workstation/configure_network.sh"
-  end
+  # config.vm.define "workstation1-accounting-linux" do |workstation|
+  #   workstation.vm.box = "ubuntu/xenial64"
+  #   workstation.vm.hostname = "accounting-ws1"
+  #   workstation.vm.network "private_network", ip: "192.168.200.10", virtualbox_intnet: "accounting", auto_config: false
+  #   workstation.vm.provision :shell, path: "provisioning/workstation/configure_desktop.sh"
+  #   workstation.vm.provision :reload
+  #   workstation.vm.provision :shell, path: "provisioning/workstation/configure_network.sh"
+  # end

 end