Compare commits
3 Commits
pkg/dev/ri
...
develop
| Author | SHA1 | Date | |
|---|---|---|---|
| 1f5a371c38 | |||
| c6aed1043d | |||
| c52586c570 |
@ -25,6 +25,10 @@ cucchiaiata-cli v1.user.role.create --user_login gnunux \
|
|||||||
--role_name 'server_rw' \
|
--role_name 'server_rw' \
|
||||||
--role_attribute 'Server.ServerName' \
|
--role_attribute 'Server.ServerName' \
|
||||||
--role_attribute_value dns.cadoles.com
|
--role_attribute_value dns.cadoles.com
|
||||||
|
cucchiaiata-cli v1.user.role.create --user_login gnunux \
|
||||||
|
--role_name 'server_rw' \
|
||||||
|
--role_attribute 'Server.ServerName' \
|
||||||
|
--role_attribute_value nsd.cadoles.com
|
||||||
|
|
||||||
# Zone
|
# Zone
|
||||||
# +~~~~~~~~~~+
|
# +~~~~~~~~~~+
|
||||||
@ -96,6 +100,7 @@ cucchiaiata-cli v1.setting.servermodel.create --servermodel_name unbound --appli
|
|||||||
cucchiaiata-cli v1.setting.servermodel.create --servermodel_name aca --applicationservices_name openssh-server
|
cucchiaiata-cli v1.setting.servermodel.create --servermodel_name aca --applicationservices_name openssh-server
|
||||||
cucchiaiata-cli v1.setting.servermodel.create --servermodel_name etab1 --parents_name aca
|
cucchiaiata-cli v1.setting.servermodel.create --servermodel_name etab1 --parents_name aca
|
||||||
cucchiaiata-cli v1.setting.servermodel.create --servermodel_name unbound_etab1 --parents_name etab1 unbound
|
cucchiaiata-cli v1.setting.servermodel.create --servermodel_name unbound_etab1 --parents_name etab1 unbound
|
||||||
|
cucchiaiata-cli v1.setting.servermodel.create --servermodel_name nsd_etab1 --parents_name etab1 --applicationservices_name nsd
|
||||||
|
|
||||||
# configuration
|
# configuration
|
||||||
|
|
||||||
@ -106,18 +111,13 @@ cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save
|
|||||||
|
|
||||||
# Servermodel unbound
|
# Servermodel unbound
|
||||||
S=$(get_id "cucchiaiata-cli v1.setting.session.servermodel.start --servermodel_name unbound")
|
S=$(get_id "cucchiaiata-cli v1.setting.session.servermodel.start --servermodel_name unbound")
|
||||||
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.dns_server.unbound_role autorité \
|
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.dns_resolver.unbound_allowed_client_cidr 192.168.0.0/24
|
||||||
--configuration.dns_server.unbound_allowed_client_cidr 192.168.0.0/24 \
|
|
||||||
--configuration.dns_zone.unbound_local_zones cadoles.com
|
|
||||||
cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save
|
cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save
|
||||||
|
|
||||||
# Servermodel unbound_etab1
|
# Servermodel unbound_etab1
|
||||||
S=$(get_id "cucchiaiata-cli v1.setting.session.servermodel.start --servermodel_name unbound_etab1")
|
S=$(get_id "cucchiaiata-cli v1.setting.session.servermodel.start --servermodel_name unbound_etab1")
|
||||||
cucchiaiata-cli v1.setting.session.filter --session_id "$S" --namespace unbound
|
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.dns_resolver.unbound_forward_zones.unbound_forward_zones cadoles.com \
|
||||||
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --unbound.unbound_zone_cadoles_com.hostname_cadoles_com.hostname_cadoles_com toto titi \
|
--configuration.dns_resolver.unbound_forward_zones.unbound_forward_addresses 0 192.168.0.151
|
||||||
--unbound.unbound_zone_cadoles_com.hostname_cadoles_com.ip_cadoles_com 0 192.168.0.25 \
|
|
||||||
--unbound.unbound_zone_cadoles_com.hostname_cadoles_com.type_cadoles_com 1 CNAME \
|
|
||||||
--unbound.unbound_zone_cadoles_com.hostname_cadoles_com.cname_cadoles_com 1 toto.cadoles.com
|
|
||||||
cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save
|
cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save
|
||||||
|
|
||||||
# Server
|
# Server
|
||||||
@ -134,13 +134,31 @@ cucchiaiata-cli v1.infra.server.create --server_name dns.cadoles.com \
|
|||||||
--cluster_name hapy.ac-test.fr \
|
--cluster_name hapy.ac-test.fr \
|
||||||
--zones_name internet \
|
--zones_name internet \
|
||||||
--servermodel_name unbound_etab1
|
--servermodel_name unbound_etab1
|
||||||
|
cucchiaiata-cli v1.infra.server.create --server_name nsd.cadoles.com \
|
||||||
|
--site_name etab1 \
|
||||||
|
--cluster_name hapy.ac-test.fr \
|
||||||
|
--zones_name internet \
|
||||||
|
--servermodel_name nsd_etab1
|
||||||
# configuration
|
# configuration
|
||||||
sleep 1
|
sleep 1
|
||||||
|
S=$(get_id "cucchiaiata-cli v1.setting.session.server.start --server nsd.cadoles.com")
|
||||||
|
#FIXME IP en dure ?
|
||||||
|
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.dns_server.nsd_allowed_client_cidr 192.168.0.150/32 \
|
||||||
|
--configuration.dns_zone.nsd_zones cadoles.com
|
||||||
|
cucchiaiata-cli v1.setting.session.filter --session_id "$S" --namespace nsd
|
||||||
|
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --nsd.nsd_zone_cadoles_com.hostname_cadoles_com.hostname_cadoles_com toto titi \
|
||||||
|
--nsd.nsd_zone_cadoles_com.hostname_cadoles_com.ip_cadoles_com 0 192.168.0.25 \
|
||||||
|
--nsd.nsd_zone_cadoles_com.hostname_cadoles_com.type_cadoles_com 1 CNAME \
|
||||||
|
--nsd.nsd_zone_cadoles_com.hostname_cadoles_com.cname_cadoles_com 1 toto.cadoles.com
|
||||||
|
cucchiaiata-cli v1.setting.session.validate --session_id $S
|
||||||
|
cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save
|
||||||
|
|
||||||
S=$(get_id "cucchiaiata-cli v1.setting.session.server.start --server dns.cadoles.com")
|
S=$(get_id "cucchiaiata-cli v1.setting.session.server.start --server dns.cadoles.com")
|
||||||
|
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.dns_resolver.unbound_default_forwards 192.168.0.1
|
||||||
|
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.dns_resolver.unbound_local_authority "nsd.cadoles.com"
|
||||||
cucchiaiata-cli v1.setting.session.filter --session_id "$S" --namespace opennebula
|
cucchiaiata-cli v1.setting.session.filter --session_id "$S" --namespace opennebula
|
||||||
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --opennebula.cpu 0.2 \
|
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --opennebula.cpu 0.2 \
|
||||||
--opennebula.vcpu 2 \
|
--opennebula.vcpu 2
|
||||||
--opennebula.memory 2048
|
|
||||||
cucchiaiata-cli v1.setting.session.validate --session_id $S
|
cucchiaiata-cli v1.setting.session.validate --session_id $S
|
||||||
cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save
|
cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save
|
||||||
|
|
||||||
@ -151,6 +169,6 @@ cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save
|
|||||||
# Generate configuration
|
# Generate configuration
|
||||||
cucchiaiata-cli v1.infra.cluster.deploy --cluster_name hapy.ac-test.fr
|
cucchiaiata-cli v1.infra.cluster.deploy --cluster_name hapy.ac-test.fr
|
||||||
cucchiaiata-cli v1.infra.zone.deploy --zone_name internet
|
cucchiaiata-cli v1.infra.zone.deploy --zone_name internet
|
||||||
|
cucchiaiata-cli v1.infra.server.deploy --server_name nsd.cadoles.com
|
||||||
cucchiaiata-cli v1.infra.server.deploy --server_name dns.cadoles.com
|
cucchiaiata-cli v1.infra.server.deploy --server_name dns.cadoles.com
|
||||||
|
|
||||||
echo "fin"
|
echo "fin"
|
||||||
|
|||||||
@ -33,7 +33,7 @@ def setting_pki_openssh_client(dico, config):
|
|||||||
add = new - current
|
add = new - current
|
||||||
modify = [key for key in new if key in current and current_data[key] != new_data[key]]
|
modify = [key for key in new if key in current and current_data[key] != new_data[key]]
|
||||||
if add or modify:
|
if add or modify:
|
||||||
print(f'\n\nModifications suggérées de la section "Host {hostname}"du fichier "{config_file}" :')
|
print(f'\n\nModifications suggérées de la section "Host {hostname}" du fichier "{config_file}" :')
|
||||||
for line in add:
|
for line in add:
|
||||||
value = new_data[line]
|
value = new_data[line]
|
||||||
if isinstance(value, list):
|
if isinstance(value, list):
|
||||||
@ -43,17 +43,21 @@ def setting_pki_openssh_client(dico, config):
|
|||||||
value = new_data[line]
|
value = new_data[line]
|
||||||
if isinstance(value, list):
|
if isinstance(value, list):
|
||||||
value = ','.join(value)
|
value = ','.join(value)
|
||||||
print(f' - modifier "{line} {value}"')
|
print(f' - modifier "{line} {current_data[line]}" en "{line} {value}"')
|
||||||
print('\n')
|
print('\n')
|
||||||
else:
|
else:
|
||||||
print(f'\n\nIl faudrait créer le fichier "{config_file}" :')
|
if not isdir(config_dir):
|
||||||
print(f'Host {hostname}')
|
makedirs(config_dir, 0o700)
|
||||||
|
fh = os_open(config_file, O_WRONLY | O_CREAT, 0o400)
|
||||||
|
truncate(fh, 0)
|
||||||
|
write(fh, f'Host {hostname}\n'.encode())
|
||||||
for key, value in new_data.items():
|
for key, value in new_data.items():
|
||||||
if key == 'hostname':
|
if key == 'hostname':
|
||||||
continue
|
continue
|
||||||
print(f' {key} {value}')
|
if isinstance(value, list):
|
||||||
if not isdir(config_dir):
|
value = ','.join(value)
|
||||||
makedirs(config_dir, 0o700)
|
write(fh, f' {key} {value}\n'.encode())
|
||||||
|
close(fh)
|
||||||
fh = os_open(f'{identityfile}.pub', O_WRONLY | O_CREAT, 0o400)
|
fh = os_open(f'{identityfile}.pub', O_WRONLY | O_CREAT, 0o400)
|
||||||
truncate(fh, 0)
|
truncate(fh, 0)
|
||||||
write(fh, dico['certificate'].encode())
|
write(fh, dico['certificate'].encode())
|
||||||
|
|||||||
Reference in New Issue
Block a user