#!/usr/bin/env bash # Configuration # -> base (cadoles' servermodel) # |-> cluster (servermodel) # | '-> node1.cadoles.com (server) # | # |-> aca (servermodel) + unbound (AS) + openssh (AS) # | '-> etab1 (servermodel) -------------------, # | | # '-> fedora-32 (cadoles' servermodel) | # '-> unbound (servermodel) + unbound (AS) --| # '-> unbound_etab1 (servermodel) # '-> dns.cadoles.com (server) # Site and zone # + = = = = = = = = = = = = = = = = = = = = = = = + # " SITE cluster " # " " # " +-------------------+ " # " | node1.cadoles.com | "-----------+ # " | | " | # " +-------------------+ " | # " " +~~~~~~~~+ # + = = = = = = = = = = = = = = = = = = = = = = = + ! ZONE ! # ! pedago ! # + = = = = = = = = = = = = = = = = = = = = = = = + +~~~~~~~~+ # " SITE etab1 " | # " +-----------------+ " | # " | dns.cadoles.com | "-----------+ # " | | " # " +-----------------+ " # " " # + = = = = = = = = = = = = = = = = = = = = = = = + # # Cluster description: # +-----------------------------+ # + cluster.cadoles.com + # + + # + +--------------------+ + # + + node1.cadoles.com + + # + + + + # + + + + # + +--------------------+ + # + + # +-----------------------------+ # Cluster execution: # +-----------------------------+ # + cluster.cadoles.com + # + + # + +--------------------+ + # + + dns.cadoles.com + + # + + + + # + + + + # + +--------------------+ + # + + # +-----------------------------+ set -xe verif() { i=0 argv=("$@") for V in configuration.reseau.unbound_route_address configuration.reseau.unbound_domain_name configuration.serveur_dns.unbound_local_zones configuration.reseau.unbound_ip_address_cidr; do i=$((i+1)) R=$(cucchiaiata-cli "setting.session.$1.get" -s "$S" -n "$V" | jq -Mcr .content[]) [ "$R" = "${argv[i]}" ] done } # Import Cadoles seed cucchiaiata-cli setting.source.create -o cadoles -d /srv/risotto/seed/cadoles # Create a new user and set role 'server_rw' for the server dns.cadoles.com cucchiaiata-cli user.user.create -u gnunux -n gnunux -s gnunux cucchiaiata-cli user.role.create -u gnunux -o 'server_rw' -a 'Server.ServerName' -v dns.cadoles.com # Heritage ## ACA cucchiaiata-cli setting.servermodel.create -m aca -d Aca -p base -o cadoles -e last cucchiaiata-cli setting.servermodel.dependency.add -m aca -a unbound -o cadoles -e last S=$(cucchiaiata-cli setting.session.servermodel.start -m aca -e last| jq -r .session_id) verif servermodel null null [] null cucchiaiata-cli setting.session.servermodel.configure -s "$S" --configuration.reseau.unbound_route_address 192.168.1.2 cucchiaiata-cli setting.session.servermodel.configure -s "$S" --configuration.serveur_dns.unbound_allowed_client_cidr 192.168.1.0/24 verif servermodel 192.168.1.2 null [] null cucchiaiata-cli setting.session.servermodel.stop -s "$S" -a ## etab1 cucchiaiata-cli setting.servermodel.create -m etab1 -d "Etab 1" -p aca -o internal -e last S=$(cucchiaiata-cli setting.session.servermodel.start -m etab1 -e last| jq -r .session_id) cucchiaiata-cli setting.session.servermodel.configure -s "$S" --configuration.reseau.unbound_domain_name dns.cadoles.com verif servermodel 192.168.1.2 dns.cadoles.com [] null cucchiaiata-cli setting.session.servermodel.stop -s "$S" -a ## unbound cucchiaiata-cli setting.servermodel.create -m unbound -d "generic unbound configuration" -p fedora-32 -o cadoles -e last cucchiaiata-cli setting.servermodel.dependency.add -m unbound -a unbound -o cadoles -e last S=$(cucchiaiata-cli setting.session.servermodel.start -m unbound -e last| jq -r .session_id) cucchiaiata-cli setting.session.servermodel.configure -s "$S" --configuration.serveur_dns.unbound_local_zones cadoles.com cucchiaiata-cli setting.session.servermodel.filter -s "$S" -n unbound cucchiaiata-cli setting.session.servermodel.configure -s "$S" --unbound.unbound_zone_cadoles_com.hostname_cadoles_com.hostname_cadoles_com toto titi cucchiaiata-cli setting.session.servermodel.configure -s "$S" --unbound.unbound_zone_cadoles_com.hostname_cadoles_com.ip_cadoles_com 0 192.168.1.25 cucchiaiata-cli setting.session.servermodel.configure -s "$S" --unbound.unbound_zone_cadoles_com.hostname_cadoles_com.type_cadoles_com 1 CNAME cucchiaiata-cli setting.session.servermodel.configure -s "$S" --unbound.unbound_zone_cadoles_com.hostname_cadoles_com.cname_cadoles_com 1 toto.cadoles.com cucchiaiata-cli setting.session.servermodel.filter -s "$S" -n configuration verif servermodel null null '["cadoles.com"]' null cucchiaiata-cli setting.session.servermodel.stop -s "$S" -a ## unbound_etab1 cucchiaiata-cli setting.servermodel.create -m unbound_etab1 -d "unbound configuration for etab1" -p etab1 unbound -o internal -e last S=$(cucchiaiata-cli setting.session.servermodel.start -m unbound_etab1 -e last | jq -r .session_id) verif servermodel 192.168.1.2 dns.cadoles.com '["cadoles.com"]' null cucchiaiata-cli setting.session.servermodel.stop -s "$S" -a # Create sites and zone cucchiaiata-cli infra.site.create -i cluster -d "Cluster" cucchiaiata-cli infra.site.create -i etab1 -d "Etab 1" cucchiaiata-cli infra.zone.create -z pedago -d "Pedago" -s etab1 cluster -n "192.168.1.0/24" -t "192.168.1.10" -e "192.168.1.100" -q 192.168.1.1 -g 192.168.1.254 # Create a servermodel for node in cluster and a server "node1" cucchiaiata-cli setting.servermodel.create -m cluster -d "Node in the cluster" -p base -o cadoles -e last cucchiaiata-cli infra.server.create -s node1.cadoles.com -d node1 -m cluster -e last -i cluster -z pedago # Create a new server "dns" cucchiaiata-cli infra.server.create -s dns.cadoles.com -d description -m unbound_etab1 -e last -i etab1 -z pedago # Create a cluster with one node and one VM cucchiaiata-cli provider.factory.cluster.create -c cluster.cadoles.com -d toto -v 192.168.1.1 -z pedago cucchiaiata-cli provider.factory.cluster.join -c cluster.cadoles.com -n node1.cadoles.com cucchiaiata-cli provider.factory.server.add -s dns.cadoles.com -c cluster.cadoles.com -p 0.2 -v 2 -m 2 # Configure server S=$(cucchiaiata-cli setting.session.server.start -s dns.cadoles.com | jq -r .session_id) cucchiaiata-cli setting.session.server.configure -s "$S" --configuration.reseau.unbound_ip_address_cidr 192.168.1.1/24 cucchiaiata-cli setting.session.server.validate -s $S verif server 192.168.1.2 dns.cadoles.com '["cadoles.com"]' 192.168.1.1/24 cucchiaiata-cli setting.session.server.stop -s "$S" -a # Generate configuration cucchiaiata-cli setting.config.configuration.server.deploy -s dns.cadoles.com cucchiaiata-cli setting.template.generate -s dns.cadoles.com # Add OpenSSH dependency cucchiaiata-cli setting.servermodel.dependency.add -m aca -a openssh -o cadoles -e last S=$(cucchiaiata-cli setting.session.server.start -s dns.cadoles.com | jq -r .session_id) R=$(cucchiaiata-cli setting.session.server.get -s "$S" -n configuration.serveur_ssh.ssh_allow_networks | jq -Mcr .content[]) [ "$R" = "[]" ] cucchiaiata-cli setting.session.server.stop -s "$S" S=$(cucchiaiata-cli setting.session.servermodel.start -m aca -e last| jq -r .session_id) cucchiaiata-cli setting.session.servermodel.configure -s "$S" --configuration.serveur_ssh.ssh_allow_networks admin.cadoles.com cucchiaiata-cli setting.session.servermodel.stop -s "$S" -a S=$(cucchiaiata-cli setting.session.server.start -s dns.cadoles.com | jq -r .session_id) R=$(cucchiaiata-cli setting.session.server.get -s "$S" -n configuration.serveur_ssh.ssh_allow_networks | jq -Mcr .content[]) [ "$R" = '["admin.cadoles.com"]' ] cucchiaiata-cli setting.session.server.stop -s "$S" # Regenerate configuration cucchiaiata-cli setting.config.configuration.server.deploy -s dns.cadoles.com cucchiaiata-cli setting.template.generate -s dns.cadoles.com # Generate cluster's configurtion cucchiaiata-cli provider.factory.configure -c cluster.cadoles.com echo "fin"