Outils pour utilisateurs
technique:referentiel:chd-stg2-ng
Différences
Ci-dessous, les différences entre deux révisions de la page.
| Les deux révisions précédentes Révision précédente Prochaine révision | Révision précédente | ||
|
technique:referentiel:chd-stg2-ng [2018/04/22 18:21] admin |
technique:referentiel:chd-stg2-ng [2018/05/12 12:22] (Version actuelle) admin |
||
|---|---|---|---|
| Ligne 24: | Ligne 24: | ||
| update-grub | update-grub | ||
| - | apt install all-knowing-dns apache2 arping bind9 binutils borgbackup dnsutils fail2ban git gt5 htop iftop iotop iperf iperf3 mtr-tiny nmap ntp nullmailer psmisc rsync screen strace sudo sysstat tcpdump tree unzip vim | + | apt install all-knowing-dns apache2 arping bind9 binutils borgbackup dnsutils fail2ban git gt5 htop iftop iotop iperf iperf3 libapache2-mod-php mtr-tiny nmap ntp nullmailer psmisc rsync screen strace sudo sysstat tcpdump tree unzip vim |
| </code> | </code> | ||
| Ligne 44: | Ligne 44: | ||
| # The primary network interface | # The primary network interface | ||
| auto eth0 | auto eth0 | ||
| + | # Public adresses | ||
| iface eth0 inet static | iface eth0 inet static | ||
| - | address 172.16.0.253 | + | address 185.131.40.2 |
| - | netmask 255.255.0.0 | + | netmask 255.255.255.0 |
| - | gateway 172.16.0.254 | + | gateway 185.131.40.1 |
| # accept_dad=0 après que l'interface soit conifugrée en v4 mais avant | # accept_dad=0 après que l'interface soit conifugrée en v4 mais avant | ||
| # qu'elle soit configurée en v6 (ça marche pas si on met ça en pre-up | # qu'elle soit configurée en v6 (ça marche pas si on met ça en pre-up | ||
| # dans la section inet6) | # dans la section inet6) | ||
| up sysctl -w net.ipv6.conf.$IFACE.accept_dad=0 | up sysctl -w net.ipv6.conf.$IFACE.accept_dad=0 | ||
| - | # Allumer le firewall avant de configurer les IP publiques | + | # Allumer le firewall avant d econfigurer les IP publiques |
| up iptables-restore < /etc/network/iptables.conf | up iptables-restore < /etc/network/iptables.conf | ||
| up ip6tables-restore < /etc/network/ip6tables.conf | up ip6tables-restore < /etc/network/ip6tables.conf | ||
| - | |||
| - | |||
| - | # Public adresses | ||
| - | iface eth0 inet static | ||
| - | address 185.131.40.2 | ||
| - | netmask 255.255.255.255 | ||
| iface eth0 inet6 static | iface eth0 inet6 static | ||
| Ligne 67: | Ligne 62: | ||
| up ip -6 r r default via fe80::31 dev $IFACE src 2a03:a0a0::2 | up ip -6 r r default via fe80::31 dev $IFACE src 2a03:a0a0::2 | ||
| + | # Admin network overlay | ||
| + | iface eth0 inet static | ||
| + | address 172.16.0.253 | ||
| + | netmask 255.255.0.0 | ||
| + | |||
| # ns3 all-knowing-dns - reverse DNS IPv6 | # ns3 all-knowing-dns - reverse DNS IPv6 | ||
| iface eth0 inet static | iface eth0 inet static | ||
| address 185.131.40.3 | address 185.131.40.3 | ||
| - | netmask 255.255.255.255 | + | netmask 255.255.255.0 |
| iface eth0 inet6 static | iface eth0 inet6 static | ||
| Ligne 667: | Ligne 667: | ||
| * Control Panel > Firmwares | * Control Panel > Firmwares | ||
| * Upload XM/XW/AF5 et WA | * Upload XM/XW/AF5 et WA | ||
| + | |||
| + | <file bash /opt/Ubiquiti/AirControl2/pgsql/data/pg_hba.conf> | ||
| + | # "local" is for Unix domain socket connections only | ||
| + | local all all ident | ||
| + | local all all md5 | ||
| + | # IPv4 local connections: | ||
| + | host all all 127.0.0.1/32 md5 | ||
| + | # IPv6 local connections: | ||
| + | host all all ::1/128 md5 | ||
| + | </file> | ||
| <file bash /root/ac2-database.sh> | <file bash /root/ac2-database.sh> | ||
| Ligne 698: | Ligne 708: | ||
| print "$t : $l lines (average : $a chars)\n"; | print "$t : $l lines (average : $a chars)\n"; | ||
| </file> | </file> | ||
| + | |||
| + | <file bash /root/.netrc> | ||
| + | machine priv.chd.sx login api password XXXXXXXXXXX | ||
| + | </file> | ||
| + | |||
| + | <file bash /etc/cron.daily/etat_reseau> | ||
| + | #!/bin/sh | ||
| + | wget -O /var/www/html/etat_reseau/index.html https://priv.chd.sx/api/gen_etat_reseau.php | ||
| + | </file> | ||
| + | |||
| + | <code bash> | ||
| + | cd /root | ||
| + | mkdir git | ||
| + | cd git | ||
| + | git clone root@chd.sx:/var/git/chd_gestion | ||
| + | git clone root@chd.sx:/var/git/chd_openwrt | ||
| + | </code> | ||
| + | |||
| + | |||
| + | ===== OpenWRT / LEDE / mise à jour routeur ===== | ||
| + | <code bash> | ||
| + | cd ~/git/chd_openwrt/maj | ||
| + | cp config.default.php config.php | ||
| + | vim config.php | ||
| + | |||
| + | ln -s /root/git/chd_openwrt/build-openwrt.sh /usr/local/bin/ | ||
| + | ln -s /root/git/chd_openwrt/build-openwrt-dev.sh /usr/local/bin/ | ||
| + | |||
| + | chown www-data: /var/cache/build-openwrt* | ||
| + | apt install git-core build-essential libssl-dev libncurses5-dev zlib1g-dev unzip gawk subversion manpages-dev- | ||
| + | </code> | ||
| ===== TODO ===== | ===== TODO ===== | ||
| <code> | <code> | ||
| - | reinstall ssh://root@chd.sx/var/git/chd_openwrt.git | + | documenter le contenu de /var/www/html non git'é |
| configurer munin/multiping | configurer munin/multiping | ||
| netconsole config | netconsole config | ||
| - | apt remove --purge isc-dhcp-dhclient isc-dhcp-common | ||
| backup borg | backup borg | ||
| mailer + mail alert (smartmontools/logcheck ?) | mailer + mail alert (smartmontools/logcheck ?) | ||
| </code> | </code> | ||
technique/referentiel/chd-stg2-ng.1524414092.txt.gz · Dernière modification: 2018/04/22 18:21 par admin
Outils de la page
