KAZ/kaz-vagrant
12
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Compare commits

base: KAZ:fafefe10ff063aacc3dafc8b25795c1072fd6079
Branches Tags
KAZ:master
KAZ:v1.0.0
...
compare: KAZ:7cb69d1880428b70558849d3500a121ac522695d
Branches Tags
KAZ:master
KAZ:v1.0.0

2 Commits
fafefe10ff ... 7cb69d1880

Author SHA1 Message Date
Fanch
7cb69d1880 config sshd 2025-07-24 17:17:05 +02:00
Fanch
f907a5c422 fix vm 2025-07-17 17:56:33 +02:00
5 changed files with 13 additions and 5 deletions
Expand all files Collapse all files

4
files/snster-kaz/hoster-a/kaz1/kaz.sh
View File

@@ -36,6 +36,10 @@ export DebugLog="${OUTPUT_DIR}/log/log-kaz-$(date +%y-%m-%d-%T)-"
echo -e "\n #### secretGen\n" echo -e "\n #### secretGen\n"
/kaz/bin/secretGen.sh /kaz/bin/secretGen.sh
# echo "0 2 * * * root /kaz/bin/getX509Certificates.sh" >> /etc/cron.d/kaz-certs
#ln -sf /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/certs/mail.pem
#ln -sf /etc/ssl/private/ssl-cert-snakeoil.key /etc/ssl/private/mail.key
echo -e "\n #### install\n" echo -e "\n #### install\n"
/kaz/bin/install.sh /kaz/bin/install.sh

1
files/snster-kaz/hoster-a/kaz1/kaz.sns.zone
View File

@@ -23,6 +23,7 @@ dashboard IN CNAME kaz1
dashboard2 IN CNAME kaz2 dashboard2 IN CNAME kaz2
sondage IN CNAME kaz1 sondage IN CNAME kaz1
webmail IN CNAME kaz1 webmail IN CNAME kaz1
roundcube IN CNAME kaz1
garradin IN CNAME kaz1 garradin IN CNAME kaz1
wiki IN CNAME kaz1 wiki IN CNAME kaz1
git IN CNAME kaz1 git IN CNAME kaz1

4
files/snster-kaz/hoster-a/kaz1/provision.sh
View File

@@ -65,6 +65,10 @@ cp -ar tls/root_ca.crt /usr/local/share/ca-certificates/
mkdir -p /etc/letsencrypt/live/kaz.sns mkdir -p /etc/letsencrypt/live/kaz.sns
cp tls/wildcard.crt /etc/letsencrypt/live/kaz.sns/fullchain.pem cp tls/wildcard.crt /etc/letsencrypt/live/kaz.sns/fullchain.pem
cp tls/wildcard.key /etc/letsencrypt/live/kaz.sns/privkey.pem cp tls/wildcard.key /etc/letsencrypt/live/kaz.sns/privkey.pem
cp tls/wildcard.crt /etc/ssl/certs/mail.pem
cp tls/wildcard.key /etc/ssl/private/mail.key
cp tls/wildcard.crt /etc/ssl/certs/listes.pem
cp tls/wildcard.key /etc/ssl/private/listes.key
# On sauve le proxy APT # On sauve le proxy APT
proxy=$(/sbin/ip route | awk '/default/ { print $3 }' | head -1) proxy=$(/sbin/ip route | awk '/default/ { print $3 }' | head -1)

2
files/sshd.conf Normal file
View File

@@ -0,0 +1,2 @@
PasswordAuthentication yes
PermitRootLogin yes

7
files/vm-provision.sh
View File

@@ -87,11 +87,8 @@ http_port 3142" >> /etc/squid/squid.conf
#faut virer exim, inutile #faut virer exim, inutile
DEBIAN_FRONTEND=noninteractive apt-get remove --purge -y exim4-base exim4-config exim4-daemon-light DEBIAN_FRONTEND=noninteractive apt-get remove --purge -y exim4-base exim4-config exim4-daemon-light
#login ssh avec mot de passe # config sshd
sed -i "s/PasswordAuthentication no/PasswordAuthentication yes/" /etc/ssh/sshd_config cp "${VAGRANT_SRC_DIR}/sshd.conf" /etc/ssh/sshd_config.d/kaz.conf
if ! grep -q "PasswordAuthentication yes" /etc/ssh/sshd_config 2>/dev/null; then
echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config
fi
# autorisation du routing et augmentation inotify # autorisation du routing et augmentation inotify
if ! grep -q "net.ipv4.ip_forward" /etc/sysctl.conf 2>/dev/null; then if ! grep -q "net.ipv4.ip_forward" /etc/sysctl.conf 2>/dev/null; then