KAZ/kaz-vagrant
12
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Compare commits

base: KAZ:fafefe10ff063aacc3dafc8b25795c1072fd6079
Branches Tags
KAZ:master
KAZ:v1.0.0
..
compare: KAZ:7cb69d1880428b70558849d3500a121ac522695d
Branches Tags
KAZ:master
KAZ:v1.0.0

2 Commits
fafefe10ff ... 7cb69d1880

Author SHA1 Message Date
Fanch
7cb69d1880 config sshd 2025-07-24 17:17:05 +02:00
Fanch
f907a5c422 fix vm 2025-07-17 17:56:33 +02:00
5 changed files with 13 additions and 5 deletions
Expand all files Collapse all files

4
files/snster-kaz/hoster-a/kaz1/kaz.sh
View File

@@ -36,6 +36,10 @@ export DebugLog="${OUTPUT_DIR}/log/log-kaz-$(date +%y-%m-%d-%T)-"
echo -e "\n #### secretGen\n"
/kaz/bin/secretGen.sh
# echo "0 2 * * * root /kaz/bin/getX509Certificates.sh" >> /etc/cron.d/kaz-certs
#ln -sf /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/certs/mail.pem
#ln -sf /etc/ssl/private/ssl-cert-snakeoil.key /etc/ssl/private/mail.key
echo -e "\n #### install\n"
/kaz/bin/install.sh

1
files/snster-kaz/hoster-a/kaz1/kaz.sns.zone
View File

@@ -23,6 +23,7 @@ dashboard IN CNAME kaz1
dashboard2 IN CNAME kaz2
sondage IN CNAME kaz1
webmail IN CNAME kaz1
roundcube IN CNAME kaz1
garradin IN CNAME kaz1
wiki IN CNAME kaz1
git IN CNAME kaz1

4
files/snster-kaz/hoster-a/kaz1/provision.sh
View File

@@ -65,6 +65,10 @@ cp -ar tls/root_ca.crt /usr/local/share/ca-certificates/
mkdir -p /etc/letsencrypt/live/kaz.sns
cp tls/wildcard.crt /etc/letsencrypt/live/kaz.sns/fullchain.pem
cp tls/wildcard.key /etc/letsencrypt/live/kaz.sns/privkey.pem
cp tls/wildcard.crt /etc/ssl/certs/mail.pem
cp tls/wildcard.key /etc/ssl/private/mail.key
cp tls/wildcard.crt /etc/ssl/certs/listes.pem
cp tls/wildcard.key /etc/ssl/private/listes.key
# On sauve le proxy APT
proxy=$(/sbin/ip route | awk '/default/ { print $3 }' | head -1)

2
files/sshd.conf Normal file
View File

@@ -0,0 +1,2 @@
PasswordAuthentication yes
PermitRootLogin yes

7
files/vm-provision.sh
View File

@@ -87,11 +87,8 @@ http_port 3142" >> /etc/squid/squid.conf
#faut virer exim, inutile
DEBIAN_FRONTEND=noninteractive apt-get remove --purge -y exim4-base exim4-config exim4-daemon-light
#login ssh avec mot de passe
sed -i "s/PasswordAuthentication no/PasswordAuthentication yes/" /etc/ssh/sshd_config
if ! grep -q "PasswordAuthentication yes" /etc/ssh/sshd_config 2>/dev/null; then
echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config
fi
# config sshd
cp "${VAGRANT_SRC_DIR}/sshd.conf" /etc/ssh/sshd_config.d/kaz.conf
# autorisation du routing et augmentation inotify
if ! grep -q "net.ipv4.ip_forward" /etc/sysctl.conf 2>/dev/null; then