From 63bd14a2219a7751790c6399f26173b2dd54a34f Mon Sep 17 00:00:00 2001 From: fatalerrors Date: Tue, 25 Mar 2025 11:20:37 +0100 Subject: [PATCH] conf update --- conf/geoffray-levasseur.org/biliran.conf.sh | 74 +++++++++++++ conf/geoffray-levasseur.org/mariveles.conf.sh | 21 +--- conf/includes/gl.conf.sh | 3 +- repo/hosts/biliran/rsyslog.conf | 103 ++++++++++++++++++ 4 files changed, 182 insertions(+), 19 deletions(-) create mode 100644 conf/geoffray-levasseur.org/biliran.conf.sh create mode 100644 repo/hosts/biliran/rsyslog.conf diff --git a/conf/geoffray-levasseur.org/biliran.conf.sh b/conf/geoffray-levasseur.org/biliran.conf.sh new file mode 100644 index 0000000..b73e7de --- /dev/null +++ b/conf/geoffray-levasseur.org/biliran.conf.sh @@ -0,0 +1,74 @@ +# Fichier de configuration principal + +# ------------------------------------------------------------------------------ +# -------------------- Importation de paramêtres globaux ----------------------- +# ------------------------------------------------------------------------------ + +# Importe les paramètres geoffray-levasseur.org +. $MYPATH/conf/includes/gl.conf.sh + +# Importe la sélection de paquets par défaut +. $MYPATH/conf/includes/pkgsel.base.conf.sh + +# Les paramètres précédemment importés sont surchargeable après cette ligne + +# ------------------------------------------------------------------------------ +# ------------------------------ General Section ------------------------------- +# ------------------------------------------------------------------------------ + +# User of the machine (must exists) +MAINUSER=root + +# Pilotes X11 non libre à installer ? +#X11_DRV="virtualbox-guest-dkms virtualbox-guest-utils virtualbox-guest-x11" + +# Authentication: use LDAP+Kerberos ? +WITH_LDAP_KERB=no + +# Users to create, add or remove +#LOCAL_USERS="$MAINUSER" +#REMOTE_USERS="kroot" +REMOVE_USERS=fatal + +# Network +IPV4_IFACES="eth0 eth1 eth2" + +NET4_MODE_eth0="static" +NET4_IP_eth0="192.168.1.202/24" +NET4_GW_eth0="192.168.1.230" +NET4_NS_eth0="192.168.1.205 192.168.1.206" +NET4_NS_SEARCH_eth0=$REALM + +NET4_MODE_eth1="static" +NET4_IP_eth1="192.168.74.220/24" + +NET4_MODE_eth2="static" +NET4_IP_eth2="10.42.250.220/16" + +IPV6_IFACES="" + +NET6_MODE_eth0="static" +NET6_IP_eth0="2a03:7220:8081:b301::cd/64" +NET6_GW_eth0="2a03:7220:8081:b301::e6" +NET6_NS_eth0="2a03:7220:8081:b301::cd 2a03:7220:8081:b301::ce" +NET6_NS_SEARCH_eth0=$REALM + +NET6_MODE_eth1="static" +NET6_IP_eth1="2a03:7220:8081:b34a::ce/64" + +# Mode d'installation : +# * dev : installe les paquets un par un avec apt (lent) +# * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide) +INTALL_MODE=full + +# Paquets additionnels +PKGSEL="$PKGSEL" + +# ------------------------------------------------------------------------------ +# -------------------------- Section modules d'init ---------------------------- +# ------------------------------------------------------------------------------ + +# Liste des modules à executer (surchargeable en ligne de commande) +MODULE_LIST="conf_ntp upgrade_dist conf_ceph authnz conf_locale conf_ssh \ + conf_mail install_pkg install_profile patch_snmp install_mkagent \ + conf_syslog conf_network" diff --git a/conf/geoffray-levasseur.org/mariveles.conf.sh b/conf/geoffray-levasseur.org/mariveles.conf.sh index 771fda7..9db385d 100644 --- a/conf/geoffray-levasseur.org/mariveles.conf.sh +++ b/conf/geoffray-levasseur.org/mariveles.conf.sh @@ -26,37 +26,24 @@ MAINUSER=root WITH_LDAP_KERB=no # Users to create, add or remove -#LOCAL_USERS="$MAINUSER" -#REMOTE_USERS="kroot" REMOVE_USERS=fatal # Network -IPV4_IFACES="eth0" +IPV4_IFACES="eth0 " NET4_MODE_eth0="static" NET4_IP_eth0="192.168.1.241/24" -NET4_GW_eth0="192.168.1.230" -NET4_NS_eth0="192.168.1.205 192.168.1.206" +NET4_GW_eth0="192.168.1.232" +NET4_NS_eth0="192.168.1.202 192.168.1.206" NET4_NS_SEARCH_eth0=$REALM -NET4_MODE_eth1="static" -NET4_IP_eth1="10.0.254.241/16" - -IPV6_IFACES="eth0" - -NET6_MODE_eth0="static" -NET6_IP_eth0="2a03:7220:8081:b301::f1/64" -NET6_GW_eth0="2a03:7220:8081:b301::e6" -NET6_NS_eth0="2a03:7220:8081:b301::cd 2a03:7220:8081:b301::ce" -NET6_NS_SEARCH_eth0=$REALM - # Mode d'installation : # * dev : installe les paquets un par un avec apt (lent) # * full : envoie d'un seul coup la liste de tous les paquets à apt (rapide) INTALL_MODE=full # Paquets additionnels -PKGSEL="$PKGSEL cups printer-driver-hpcups printer-driver-postscript-hp hplip avahi-daemon printer-driver-gutenprint cups-browsed policykit-1" +PKGSEL="$PKGSEL qbittorrent xhost falkon" # ------------------------------------------------------------------------------ # -------------------------- Section modules d'init ---------------------------- diff --git a/conf/includes/gl.conf.sh b/conf/includes/gl.conf.sh index ccfed3a..0e832ef 100644 --- a/conf/includes/gl.conf.sh +++ b/conf/includes/gl.conf.sh @@ -24,7 +24,6 @@ export CEPHIP_mayon="192.168.1.254" export CEPHIP_pinatubo="192.168.1.253" export CEPHIP_ragang="192.168.1.252" export CEPHIP_taal="192.168.1.251" -#export CEPHIP_jolo="192.168.1.30" export CEPH_SECRET="AQAxSf5c2A/CMxAAnOu1RrSf7Yr2h60CLttq4g==" export SHARED_HOME="false" @@ -32,7 +31,7 @@ export SHARED_HOME="false" export SSHD_PERMITROOT_RANGE="192.168.1.0/24" # Check MK -export MK_VERSION="2.3.0p15-1" +export MK_VERSION="2.3.0p27-1" export MK_URL="http://192.168.1.201/check_mk/check_mk/agents/check-mk-agent_${MK_VERSION}_all.deb" export MK_SERVER_IP="192.168.1.201" diff --git a/repo/hosts/biliran/rsyslog.conf b/repo/hosts/biliran/rsyslog.conf new file mode 100644 index 0000000..f919be4 --- /dev/null +++ b/repo/hosts/biliran/rsyslog.conf @@ -0,0 +1,103 @@ +# /etc/rsyslog.conf Configuration file for rsyslog. +# +# For more information see +# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html + + +################# +#### MODULES #### +################# + +module(load="imuxsock") # provides support for local system logging +module(load="imklog") # provides kernel logging support +#module(load="immark") # provides --MARK-- message capability + +# provides UDP syslog reception +module(load="imudp") +input(type="imudp" port="514") + +# provides TCP syslog reception +module(load="imtcp") +input(type="imtcp" port="514") + + +########################### +#### GLOBAL DIRECTIVES #### +########################### + +# +# Use traditional timestamp format. +# To enable high precision timestamps, comment out the following line. +# +$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat + +# +# Set the default permissions for all log files. +# +$FileOwner root +$FileGroup adm +$FileCreateMode 0640 +$DirCreateMode 0755 +$Umask 0022 + +# +# Where to place spool and state files +# +$WorkDirectory /var/spool/rsyslog + +# +# Include all config files in /etc/rsyslog.d/ +# +$IncludeConfig /etc/rsyslog.d/*.conf + + +############### +#### RULES #### +############### + +# +# First some standard log files. Log by facility. +# +auth,authpriv.* /share/services/syslog/auth.log +*.*;auth,authpriv.none -/share/services/syslog/syslog +cron.* /share/services/syslog/cron.log +daemon.* -/share/services/syslog/daemon.log +kern.* -/share/services/syslog/kern.log +lpr.* -/share/services/syslog/lpr.log +mail.* -/share/services/syslog/mail.log +user.* -/share/services/syslog/user.log + +# +# Logging for the mail system. Split it up so that +# it is easy to write scripts to parse these files. +# +mail.info -/share/services/syslog/mail.info +mail.warn -/share/services/syslog/mail.warn +mail.err /share/services/syslog/mail.err + +# Miscelanious logging facilities + +local0.* /share/services/syslog/local0.log +local1.* /share/services/syslog/local1.log +local2.* /share/services/syslog/local2.log +local3.* /share/services/syslog/local3.log +local4.* /share/services/syslog/local4.log +local5.* /share/services/syslog/local5.log +local6.* /share/services/syslog/local6.log +local7.* /share/services/syslog/local7.log + +# +# Some "catch-all" log files. +# +*.=debug;\ + auth,authpriv.none;\ + news.none;mail.none -/share/services/syslog/debug +*.=info;*.=notice;*.=warn;\ + auth,authpriv.none;\ + cron,daemon.none;\ + mail,news.none -/share/services/syslog/messages + +# +# Emergencies are sent to everybody logged in. +# +*.emerg :omusrmsg:*