Pascal PELISSIER 3 years ago
parent
commit
1ad0f66882
100 changed files with 2298 additions and 0 deletions
  1. 14
    0
      playbooks/Demande/Install-Package-1.yml
  2. 1
    0
      playbooks/Demande/Package-install.retry
  3. 16
    0
      playbooks/Demande/debian-release.yml
  4. 17
    0
      playbooks/Demande/hosts
  5. 1
    0
      playbooks/Developpement/BackupPB-vm/AddVm2SrvBackup1.retry
  6. 53
    0
      playbooks/Developpement/BackupPB-vm/AddVm2SrvBackup1.yml
  7. 12
    0
      playbooks/Developpement/BackupPB-vm/DefaultBackuppcConfigFile
  8. 12
    0
      playbooks/Developpement/BackupPB-vm/DefaultBackuppcConfigFile.j2
  9. 47
    0
      playbooks/Developpement/BackupPB-vm/WorkInProgress/Add2Backuppc.yml
  10. 2
    0
      playbooks/Developpement/BackupPB-vm/WorkInProgress/AddBackuppc2Client.retry
  11. 41
    0
      playbooks/Developpement/BackupPB-vm/WorkInProgress/AddBackuppc2Client.yml
  12. 8
    0
      playbooks/Developpement/BackupPB-vm/hosts
  13. 6
    0
      playbooks/Developpement/BackupPB-vm/srv-backuppc-1-Host.yml
  14. 1
    0
      playbooks/Developpement/BackupPB-vm/test/AddVm2SrvBackup1.retry
  15. 48
    0
      playbooks/Developpement/BackupPB-vm/test/AddVm2SrvBackup1.yml
  16. 12
    0
      playbooks/Developpement/BackupPB-vm/test/DefaultBackuppcConfigFile.j2
  17. 1
    0
      playbooks/Developpement/BackupPB-vm/test/test.retry
  18. 20
    0
      playbooks/Developpement/BackupPB-vm/test/test.yml
  19. 47
    0
      playbooks/Developpement/BackupPB/Add2Backuppc.yml
  20. 2
    0
      playbooks/Developpement/BackupPB/AddBackuppc2Client.retry
  21. 41
    0
      playbooks/Developpement/BackupPB/AddBackuppc2Client.yml
  22. 1
    0
      playbooks/Developpement/BackupPB/AddVm2SrvBackup1.retry
  23. 56
    0
      playbooks/Developpement/BackupPB/AddVm2SrvBackup1.yml
  24. 12
    0
      playbooks/Developpement/BackupPB/DefaultBackuppcConfigFile
  25. 12
    0
      playbooks/Developpement/BackupPB/DefaultBackuppcConfigFile.j2
  26. 6
    0
      playbooks/Developpement/BackupPB/srv-backuppc-1-Host.yml
  27. 45
    0
      playbooks/Developpement/CT-Dev/CHANGELOG
  28. 3
    0
      playbooks/Developpement/CT-Dev/daemon.json
  29. 1
    0
      playbooks/Developpement/CT-Dev/docker-dns.retry
  30. 11
    0
      playbooks/Developpement/CT-Dev/docker-dns.yml
  31. 1
    0
      playbooks/Developpement/CT-Dev/docker-install.retry
  32. 56
    0
      playbooks/Developpement/CT-Dev/docker-install.yml
  33. 14
    0
      playbooks/Developpement/CT-Dev/hosts
  34. 11
    0
      playbooks/Developpement/CT-Dev/onehost
  35. 1
    0
      playbooks/Developpement/CT-Dev/user.retry
  36. 44
    0
      playbooks/Developpement/CT-Dev/user.yml
  37. 2
    0
      playbooks/Developpement/DebianAutoUpdate-Strech/20auto-upgrades
  38. 93
    0
      playbooks/Developpement/DebianAutoUpdate-Strech/50unattended-upgrades
  39. 20
    0
      playbooks/Developpement/DebianAutoUpdate-Strech/DebianAutoUpdate.yml
  40. 60
    0
      playbooks/Developpement/DebianAutoUpdate-Strech/hosts
  41. 7
    0
      playbooks/Developpement/DebianAutoUpdate-Strech/hyp-host
  42. 26
    0
      playbooks/Developpement/DebianAutoUpdate-Strech/on-host
  43. 25
    0
      playbooks/Developpement/DebianAutoUpdate-Strech/on-host.save
  44. 2
    0
      playbooks/Developpement/DebianAutoUpdate-stretch/20auto-upgrades
  45. 92
    0
      playbooks/Developpement/DebianAutoUpdate-stretch/50unattended-upgrades
  46. 20
    0
      playbooks/Developpement/DebianAutoUpdate-stretch/DebianAutoUpdate.yml
  47. 60
    0
      playbooks/Developpement/DebianAutoUpdate-stretch/hosts
  48. 7
    0
      playbooks/Developpement/DebianAutoUpdate-stretch/hyp-host
  49. 24
    0
      playbooks/Developpement/DebianAutoUpdate-stretch/on-host
  50. 2
    0
      playbooks/Developpement/DebianAutoUpdate/20auto-upgrades
  51. 92
    0
      playbooks/Developpement/DebianAutoUpdate/50unattended-upgrades
  52. 1
    0
      playbooks/Developpement/DebianAutoUpdate/DebianAutoUpdate.retry
  53. 20
    0
      playbooks/Developpement/DebianAutoUpdate/DebianAutoUpdate.yml
  54. 60
    0
      playbooks/Developpement/DebianAutoUpdate/hosts
  55. 7
    0
      playbooks/Developpement/DebianAutoUpdate/hyp-host
  56. 22
    0
      playbooks/Developpement/DebianAutoUpdate/on-host
  57. 25
    0
      playbooks/Developpement/DebianAutoUpdate/on-host.save
  58. 18
    0
      playbooks/Developpement/Environement/hosts
  59. 1
    0
      playbooks/Developpement/Environement/pascalpp_rsa_key.pub
  60. 8
    0
      playbooks/Developpement/Environement/ssh-copy-pub.yml
  61. 8
    0
      playbooks/Developpement/Environement/user.yml
  62. 3
    0
      playbooks/Developpement/Fail2ban-debian8/dovecot-pop3imap.conf
  63. 1
    0
      playbooks/Developpement/Fail2ban-debian8/fail2ban-deb8.retry
  64. 52
    0
      playbooks/Developpement/Fail2ban-debian8/fail2ban-deb8.yml
  65. 6
    0
      playbooks/Developpement/Fail2ban-debian8/hosts
  66. 20
    0
      playbooks/Developpement/Fail2ban-debian8/jail.local
  67. 3
    0
      playbooks/Developpement/Fail2ban-debian8/pureftpd.conf
  68. 4
    0
      playbooks/Developpement/IspSetup/Config.yml
  69. 4
    0
      playbooks/Developpement/IspSetup/DebiansourceList.yml
  70. 1
    0
      playbooks/Developpement/IspSetup/DisableSpamassassin.retry
  71. 5
    0
      playbooks/Developpement/IspSetup/DisableSpamassassin.yml
  72. 41
    0
      playbooks/Developpement/IspSetup/ISPconfigSetup.yml
  73. 41
    0
      playbooks/Developpement/IspSetup/ISPconfigSetup.yml.bk
  74. 12
    0
      playbooks/Developpement/IspSetup/MysqlConfig.yml
  75. 28
    0
      playbooks/Developpement/IspSetup/Package-1.yml
  76. 32
    0
      playbooks/Developpement/IspSetup/Package-2.yml
  77. 13
    0
      playbooks/Developpement/IspSetup/Package-Apcu.yml
  78. 1
    0
      playbooks/Developpement/IspSetup/Package-Bind.retry
  79. 45
    0
      playbooks/Developpement/IspSetup/Package-Bind.yml
  80. 17
    0
      playbooks/Developpement/IspSetup/Package-PHP-FPM.yml
  81. 1
    0
      playbooks/Developpement/IspSetup/Package-PureFTPd-Quota.retry
  82. 42
    0
      playbooks/Developpement/IspSetup/Package-PureFTPd-Quota.yml
  83. 52
    0
      playbooks/Developpement/IspSetup/Package-apache.yml
  84. 11
    0
      playbooks/Developpement/IspSetup/Package-certbot.yml
  85. 7
    0
      playbooks/Developpement/IspSetup/PostfixConfig.yml
  86. 31
    0
      playbooks/Developpement/IspSetup/PostfixConfig.yml.test
  87. 8
    0
      playbooks/Developpement/IspSetup/SourceListJessie.j2
  88. 1
    0
      playbooks/Developpement/IspSetup/debianupgrade.retry
  89. 10
    0
      playbooks/Developpement/IspSetup/debianupgrade.yml
  90. 41
    0
      playbooks/Developpement/IspSetup/debianupgrade.yml.v1
  91. 125
    0
      playbooks/Developpement/IspSetup/master.cf.j2
  92. 31
    0
      playbooks/Developpement/Netdata/AddNrpe2Client.yml
  93. 1
    0
      playbooks/Developpement/Netdata/SnmpLibrenms.retry
  94. 32
    0
      playbooks/Developpement/Netdata/SnmpLibrenms.yml
  95. 54
    0
      playbooks/Developpement/Netdata/apt-dater/AddVm2SrvBackup1.yml
  96. 8
    0
      playbooks/Developpement/Netdata/apt-dater/one-host
  97. 114
    0
      playbooks/Developpement/Netdata/distro.j2
  98. 16
    0
      playbooks/Developpement/Netdata/snmpd.conf.j2
  99. 6
    0
      playbooks/Developpement/OSversion/OSversion.retry
  100. 0
    0
      playbooks/Developpement/OSversion/OSversion.yml

+ 14
- 0
playbooks/Demande/Install-Package-1.yml View File

@@ -0,0 +1,14 @@
1
+---
2
+- hosts: phpextension
3
+  tasks:
4
+    - name: Apt Update
5
+      apt: update_cache=yes
6
+
7
+    - name: Install list of packages
8
+      apt: name={{item}} state=installed
9
+      with_items:
10
+           - php5-enchant
11
+           
12
+    - name: Restart Apache
13
+      service: name=apache2 state=restarted enabled=yes
14
+

+ 1
- 0
playbooks/Demande/Package-install.retry View File

@@ -0,0 +1 @@
1
+vm-eres.logipro.com

+ 16
- 0
playbooks/Demande/debian-release.yml View File

@@ -0,0 +1,16 @@
1
+---
2
+- hosts: phpextension
3
+  tasks:
4
+    - name: List php
5
+      shell: php -v | grep cli
6
+      register: result
7
+
8
+    - name: print php version
9
+      debug: var=result.stdout
10
+
11
+    - name: List distribution
12
+      shell: cat /etc/debian_version
13
+      register: result
14
+
15
+    - name: print OS version
16
+      debug: var=result.stdout

+ 17
- 0
playbooks/Demande/hosts View File

@@ -0,0 +1,17 @@
1
+##################################
2
+
3
+# Liste serveur avec Crea ticket glpi #737
4
+
5
+[phpextension]
6
+vm-treelearning.logipro.com
7
+vm-arpege.logipro.com
8
+vm-modturbolead.logipro.com
9
+isp15.logipro.com
10
+vm-eres.logipro.com
11
+vm-ifsi.logipro.com
12
+inpi-vprod.logipro.com:222
13
+inpi-recette.logipro.com:222
14
+vm-ccifrance.logipro.com
15
+vm-opencrea.logipro.com
16
+vm-richemont.logipro.com
17
+isp1.logipro.com:222

+ 1
- 0
playbooks/Developpement/BackupPB-vm/AddVm2SrvBackup1.retry View File

@@ -0,0 +1 @@
1
+vm-htmlpdf.logipro.com

+ 53
- 0
playbooks/Developpement/BackupPB-vm/AddVm2SrvBackup1.yml View File

@@ -0,0 +1,53 @@
1
+---
2
+- hosts: Vm-backup
3
+  tasks:
4
+
5
+  - name: Run the equivalent of "apt-get update" as a separate step
6
+    apt:
7
+     update_cache: yes
8
+
9
+  - name: Install sudo
10
+    apt: name=sudo state=present
11
+
12
+  - name: Install rsync
13
+    apt: name=rsync state=present
14
+
15
+  - name: Add user
16
+    user: name=backuppc state=present
17
+
18
+  - name: Add .ssh directories
19
+    file:
20
+      path=/home/backuppc/.ssh
21
+      state=directory
22
+      mode=0700
23
+      owner=backuppc
24
+      group=backuppc
25
+
26
+  - name: Add keys
27
+    lineinfile:
28
+      dest=/home/backuppc/.ssh/authorized_keys
29
+      state=present
30
+      create=yes
31
+      line="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDBX+Synu15WinuIng6b/2N2M/oNz51eyd5RIqrqT3HalxAkDO8Pb7Zy2hoJ5UZ5G1oV1ad16usERPE+5MzAywIwdOhXtjeCCWE1i4JfrOb+a/ajihHwVhO5RZ4pZcoRK5k8xemELA+QPVuTSlIrOjXt6ZjAq3JKLshCQzACGIdWwFxwQQqgX3hcFoZqNcOKmKmAJlziBrCKnteawy6f0HBf2YHaPriLt25wH1gACq2aACthLg78ibsddcqiwR7B67xZHxYXrVDBVhJYP4rvqkNG8bdevYWRhLJFcxD4d+K0si/LpLpt9UXGhvzMDuAT6Tti7hT0w2YKny4kWbuqnK/JWDMMRiUrcMu9aRbFz6Iu1GOVapmrWTDwJ6PRE7ec2fU76vyeKDfKBgknGxLoJ2gXhTSyyPLUs5xqqioZffSdQlVt74THRItj5k09H6JaL9ASJlx4iI49wWkAK5NygqbK43jGCcRgmTcMTJ2bXkSaeQUu8L0wIdo1euE5tnKhtkQ32Os0rSWn8zbeO6WalH5K4CQcB1XhjrrUyPdD4PxJlxUQ9QYBijTgml46RUKyJWQWmCSi3RvUOaY4dZ1EflbnGESCpobs2gLUXlshRvqOlGKKV7xIXKUFSTlk+iDM8d49h80EivauC7kI7gBFlmIemkAhZieaBkLJGCc6TCXlQ== backuppc@srv-bk"
32
+      owner=backuppc
33
+      group=backuppc
34
+      mode=0640
35
+
36
+  - name: Add to sudo
37
+    lineinfile:
38
+      dest: /etc/sudoers
39
+      state: present
40
+      regexp: '^backuppc\s'
41
+      line: 'backuppc  ALL=NOPASSWD: /usr/bin/rsync'
42
+      validate: 'visudo -cf %s'
43
+
44
+- hosts: Vm-SrvBackup
45
+  tasks:
46
+  - name: Add to hosts file
47
+    lineinfile:
48
+      dest: /etc/backuppc/hosts
49
+      line: "{{ hostvars[item]['ansible_fqdn']}} \t0\tbackuppc"
50
+    with_items: "{{ groups['Vm-backup'] }}"
51
+
52
+  - name: Restart Backuppc
53
+    service: name="backuppc" state=restarted

+ 12
- 0
playbooks/Developpement/BackupPB-vm/DefaultBackuppcConfigFile View File

@@ -0,0 +1,12 @@
1
+$Conf{RsyncClientCmd} = '$sshPath -p 22 -q -x -l backuppc $host nice -n 19 sudo $rsyncPath $argList+';
2
+$Conf{RsyncClientRestoreCmd} = '$sshPath -p 22 -q -x -l backuppc $host nice -n 19 sudo $rsyncPath $argList+';
3
+$Conf{XferMethod} = 'rsync';
4
+$Conf{RsyncShareName} = [
5
+  '/boot',
6
+  '/etc',
7
+  '/home',
8
+  '/root',
9
+  '/opt',
10
+  '/usr/local',
11
+  '/var'
12
+];

+ 12
- 0
playbooks/Developpement/BackupPB-vm/DefaultBackuppcConfigFile.j2 View File

@@ -0,0 +1,12 @@
1
+$Conf{RsyncClientCmd} = '$sshPath -p 22 -q -x -l backuppc $host nice -n 19 sudo $rsyncPath $argList+';
2
+$Conf{RsyncClientRestoreCmd} = '$sshPath -p 22 -q -x -l backuppc $host nice -n 19 sudo $rsyncPath $argList+';
3
+$Conf{XferMethod} = 'rsync';
4
+$Conf{RsyncShareName} = [
5
+  '/boot',
6
+  '/etc',
7
+  '/home',
8
+  '/root',
9
+  '/opt',
10
+  '/usr/local',
11
+  '/var'
12
+];

+ 47
- 0
playbooks/Developpement/BackupPB-vm/WorkInProgress/Add2Backuppc.yml View File

@@ -0,0 +1,47 @@
1
+---
2
+- hosts: Jira
3
+  tasks:
4
+  - name: Run the equivalent of "apt-get update" as a separate step
5
+    apt:
6
+     update_cache: yes
7
+
8
+  - name: Install sudo
9
+    apt: name=sudo state=present
10
+
11
+  - name: Install rsync
12
+    apt: name=rsync state=present
13
+
14
+  - name: Add user
15
+    user: name=backuppc state=present
16
+
17
+  - name: Add .ssh directories
18
+    file:
19
+      path=/home/backuppc/.ssh
20
+      state=directory
21
+      mode=0700
22
+      owner=backuppc
23
+      group=backuppc
24
+
25
+  - name: Add keys
26
+    lineinfile:
27
+      dest=/home/backuppc/.ssh/authorized_keys
28
+      state=present
29
+      create=yes
30
+      line="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDX2WfC38HZ1RRzzzbiAwxvLszMvPkYTHt0cwwYu3R1ZynfN6aTiD7jIPNUFYzQNP7hKHgLyX652JMSNuJR1LACKL8HNGDCwJ2KWWf2FBeHVcnHOE8DVMzr1HYoArFlUy8/7eEKzkKP3SgVYJXQRhWYJ2GPc3n+LHCCWacRCNoJx65hvf8jx4upMgA5XS0eKyd8tidJbcRuF8jIeYclFnl1hYD5cZXgmMQ6Fg7aIOzn3b0XxhgUZCftlyXf7qszkLSJv3ckO/rFROAEMFi1TUT/uD2ZnlReMawunq9xh6MbzfiRwi1E/nHYiepdDC4YlaBzxHWT4bxyDGBkfkLiW3ttQh99p5exL9p57HACt5hM+dQXl/WFVSAT8TdFNfuPNTzQVIPVT41F/pyEPFcRSHpRdxZuZME3Bu6CS6XZ6i7Xy6H5vpHKwglVCdcLr684oSJKO2twbBEALByh3Ul5ZQTzCzZnJJVs5ZJ19kYswwIFB/qmLM7I7ARPgVKQA7VOjWbcbw/KkT5LTzYPPxJwmxGkHVwDEyHu8xLL6GqF8Syy5GOSPSduBbDVbutiJziAaDDRiXSuLMeoicEeLMWln1R3ZiFHoakK5OqXYkwY7tazvMQ9K6fnQwQI4CBVwP4+d/qzcQEZLUWPYyN03Cyn3MCKgE76krox7ZYXzUqPjmkOKw== root@srv-backup-1"
31
+      owner=backuppc
32
+      group=backuppc
33
+      mode=0640
34
+
35
+  - name: Add to sudo
36
+    lineinfile:
37
+      dest: /etc/sudoers
38
+      state: present
39
+      regexp: '^backuppc\s'
40
+      line: 'backuppc  ALL=NOPASSWD: /usr/bin/rsync'
41
+      validate: 'visudo -cf %s'
42
+   
43
+  - name: fetch file from source servers
44
+    hosts: SrvBackup
45
+    copy:
46
+      src: DefaultBackuppcConfigFile.j2
47
+      dest: /tmp/{{ bkfile }}

+ 2
- 0
playbooks/Developpement/BackupPB-vm/WorkInProgress/AddBackuppc2Client.retry View File

@@ -0,0 +1,2 @@
1
+jira.logipro.com
2
+postgresql-jira.logipro.com

+ 41
- 0
playbooks/Developpement/BackupPB-vm/WorkInProgress/AddBackuppc2Client.yml View File

@@ -0,0 +1,41 @@
1
+---
2
+- hosts: Jira
3
+  tasks:
4
+  - name: Run the equivalent of "apt-get update" as a separate step
5
+    apt:
6
+     update_cache: yes
7
+
8
+  - name: Install sudo
9
+    apt: name=sudo state=present
10
+
11
+  - name: Install rsync
12
+    apt: name=rsync state=present
13
+
14
+  - name: Add user
15
+    user: name=backuppc state=present
16
+
17
+  - name: Add .ssh directories
18
+    file:
19
+      path=/home/backuppc/.ssh
20
+      state=directory
21
+      mode=0700
22
+      owner=backuppc
23
+      group=backuppc
24
+
25
+  - name: Add keys
26
+    lineinfile:
27
+      dest=/home/backuppc/.ssh/authorized_keys
28
+      state=present
29
+      create=yes
30
+      line="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMmNIwEmG+OxLhLffXVzYK90xsD1gorlAKKGQisaWkl/mpQKmhClEkLBmsWXxja7zbklL64vJ4IB7YPiAbpseF2wrZ9tNSwOUzySF1zYFTWRX5S/Gboswlq7GSR3EoEz2XHgMzvbbVVrgvFAmdGSiIkSqkT0+EVmhc38YQxeZAT7XIQwAMLy+4m4lEd9TKSS2qJ8hWf8e3NMmDQKFJYykn6h4HxJY5JoNBk4yb1M6xqPhE8t8IrB1pJQrF9JBlIs9Yxfg2ktoJknb9bGQIQljiZAgsdKA1P1NReMjLMYFx7zDRhytW0iUaT/4VBPK0QR2JhLaLHF1em5Te5s6d65Jz backuppc@backup1"
31
+      owner=backuppc
32
+      group=backuppc
33
+      mode=0640
34
+
35
+  - name: Add to sudo
36
+    lineinfile:
37
+      dest: /etc/sudoers
38
+      state: present
39
+      regexp: '^backuppc\s'
40
+      line: 'backuppc  ALL=NOPASSWD: /usr/bin/rsync'
41
+      validate: 'visudo -cf %s'

+ 8
- 0
playbooks/Developpement/BackupPB-vm/hosts View File

@@ -0,0 +1,8 @@
1
+[Vm-backup]
2
+hyp-inpi.logipro.com:222 bkfile=hyp-inpi.logipro.com srvbk=srv-bk.logipro.com
3
+
4
+[Vm-backup:vars]
5
+srvbk=srv-bk.logipro.com
6
+
7
+[Vm-SrvBackup]
8
+srv-bk.logipro.com

+ 6
- 0
playbooks/Developpement/BackupPB-vm/srv-backuppc-1-Host.yml View File

@@ -0,0 +1,6 @@
1
+---
2
+- hosts: SrvBackup
3
+  tasks:
4
+  - name: Run the equivalent of "apt-get update" as a separate step
5
+    apt:
6
+      update_cache: yes

+ 1
- 0
playbooks/Developpement/BackupPB-vm/test/AddVm2SrvBackup1.retry View File

@@ -0,0 +1 @@
1
+srv-bk.logipro.com

+ 48
- 0
playbooks/Developpement/BackupPB-vm/test/AddVm2SrvBackup1.yml View File

@@ -0,0 +1,48 @@
1
+---
2
+- hosts: v2-webcam.inforoute67.fr
3
+  tasks:
4
+
5
+  - name: Run the equivalent of "apt-get update" as a separate step
6
+    apt:
7
+     update_cache: yes
8
+
9
+  - name: Install sudo
10
+    apt: name=sudo state=present
11
+
12
+  - name: Install rsync
13
+    apt: name=rsync state=present
14
+
15
+  - name: Add user
16
+    user: name=backuppc state=present
17
+
18
+  - name: Add .ssh directories
19
+    file:
20
+      path=/home/backuppc/.ssh
21
+      state=directory
22
+      mode=0700
23
+      owner=backuppc
24
+      group=backuppc
25
+
26
+  - name: Add keys
27
+    lineinfile:
28
+      dest=/home/backuppc/.ssh/authorized_keys
29
+      state=present
30
+      create=yes
31
+      line="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDBX+Synu15WinuIng6b/2N2M/oNz51eyd5RIqrqT3HalxAkDO8Pb7Zy2hoJ5UZ5G1oV1ad16usERPE+5MzAywIwdOhXtjeCCWE1i4JfrOb+a/ajihHwVhO5RZ4pZcoRK5k8xemELA+QPVuTSlIrOjXt6ZjAq3JKLshCQzACGIdWwFxwQQqgX3hcFoZqNcOKmKmAJlziBrCKnteawy6f0HBf2YHaPriLt25wH1gACq2aACthLg78ibsddcqiwR7B67xZHxYXrVDBVhJYP4rvqkNG8bdevYWRhLJFcxD4d+K0si/LpLpt9UXGhvzMDuAT6Tti7hT0w2YKny4kWbuqnK/JWDMMRiUrcMu9aRbFz6Iu1GOVapmrWTDwJ6PRE7ec2fU76vyeKDfKBgknGxLoJ2gXhTSyyPLUs5xqqioZffSdQlVt74THRItj5k09H6JaL9ASJlx4iI49wWkAK5NygqbK43jGCcRgmTcMTJ2bXkSaeQUu8L0wIdo1euE5tnKhtkQ32Os0rSWn8zbeO6WalH5K4CQcB1XhjrrUyPdD4PxJlxUQ9QYBijTgml46RUKyJWQWmCSi3RvUOaY4dZ1EflbnGESCpobs2gLUXlshRvqOlGKKV7xIXKUFSTlk+iDM8d49h80EivauC7kI7gBFlmIemkAhZieaBkLJGCc6TCXlQ== backuppc@srv-bk"
32
+      owner=backuppc
33
+      group=backuppc
34
+      mode=0640
35
+
36
+  - name: Add to sudo
37
+    lineinfile:
38
+      dest: /etc/sudoers
39
+      state: present
40
+      regexp: '^backuppc\s'
41
+      line: 'backuppc  ALL=NOPASSWD: /usr/bin/rsync'
42
+      validate: 'visudo -cf %s'
43
+
44
+
45
+- hosts: Vm-SrvBackup
46
+  tasks:
47
+  - name: Print out the result of chown
48
+    debug: msg="{{ hostvars.test }}"

+ 12
- 0
playbooks/Developpement/BackupPB-vm/test/DefaultBackuppcConfigFile.j2 View File

@@ -0,0 +1,12 @@
1
+$Conf{RsyncClientCmd} = '$sshPath -p 22 -q -x -l backuppc $host nice -n 19 sudo $rsyncPath $argList+';
2
+$Conf{RsyncClientRestoreCmd} = '$sshPath -p 22 -q -x -l backuppc $host nice -n 19 sudo $rsyncPath $argList+';
3
+$Conf{XferMethod} = 'rsync';
4
+$Conf{RsyncShareName} = [
5
+  '/boot',
6
+  '/etc',
7
+  '/home',
8
+  '/root',
9
+  '/opt',
10
+  '/usr/local',
11
+  '/var'
12
+];

+ 1
- 0
playbooks/Developpement/BackupPB-vm/test/test.retry View File

@@ -0,0 +1 @@
1
+srv-bk.logipro.com

+ 20
- 0
playbooks/Developpement/BackupPB-vm/test/test.yml View File

@@ -0,0 +1,20 @@
1
+---
2
+- hosts: test
3
+  tasks:
4
+  - name: Install sudo
5
+    apt: name=sudo state=present
6
+
7
+- hosts: Vm-SrvBackup
8
+  tasks:
9
+  - name: Add to hosts file
10
+    lineinfile:
11
+      dest: /tmp/hosts
12
+      line: "{{ hostvars[item]['ansible_fqdn']}} \t0\tbackuppc"
13
+    with_items: "{{ groups['test'] }}"
14
+
15
+  - name: tell the host about our servers it might want to ssh to
16
+    known_hosts:
17
+      path: /var/lib/backuppc/.ssh/known_hosts2
18
+      name: "{{ hostvars[item]['ansible_fqdn']}}"
19
+      key: "{{ lookup('file', 'pubkeys/{{ hostvars[item]['ansible_ssh_host_key_ecdsa_public']}}') }}"
20
+    with_items: "{{ groups['test'] }}"

+ 47
- 0
playbooks/Developpement/BackupPB/Add2Backuppc.yml View File

@@ -0,0 +1,47 @@
1
+---
2
+- hosts: Jira
3
+  tasks:
4
+  - name: Run the equivalent of "apt-get update" as a separate step
5
+    apt:
6
+     update_cache: yes
7
+
8
+  - name: Install sudo
9
+    apt: name=sudo state=present
10
+
11
+  - name: Install rsync
12
+    apt: name=rsync state=present
13
+
14
+  - name: Add user
15
+    user: name=backuppc state=present
16
+
17
+  - name: Add .ssh directories
18
+    file:
19
+      path=/home/backuppc/.ssh
20
+      state=directory
21
+      mode=0700
22
+      owner=backuppc
23
+      group=backuppc
24
+
25
+  - name: Add keys
26
+    lineinfile:
27
+      dest=/home/backuppc/.ssh/authorized_keys
28
+      state=present
29
+      create=yes
30
+      line="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDX2WfC38HZ1RRzzzbiAwxvLszMvPkYTHt0cwwYu3R1ZynfN6aTiD7jIPNUFYzQNP7hKHgLyX652JMSNuJR1LACKL8HNGDCwJ2KWWf2FBeHVcnHOE8DVMzr1HYoArFlUy8/7eEKzkKP3SgVYJXQRhWYJ2GPc3n+LHCCWacRCNoJx65hvf8jx4upMgA5XS0eKyd8tidJbcRuF8jIeYclFnl1hYD5cZXgmMQ6Fg7aIOzn3b0XxhgUZCftlyXf7qszkLSJv3ckO/rFROAEMFi1TUT/uD2ZnlReMawunq9xh6MbzfiRwi1E/nHYiepdDC4YlaBzxHWT4bxyDGBkfkLiW3ttQh99p5exL9p57HACt5hM+dQXl/WFVSAT8TdFNfuPNTzQVIPVT41F/pyEPFcRSHpRdxZuZME3Bu6CS6XZ6i7Xy6H5vpHKwglVCdcLr684oSJKO2twbBEALByh3Ul5ZQTzCzZnJJVs5ZJ19kYswwIFB/qmLM7I7ARPgVKQA7VOjWbcbw/KkT5LTzYPPxJwmxGkHVwDEyHu8xLL6GqF8Syy5GOSPSduBbDVbutiJziAaDDRiXSuLMeoicEeLMWln1R3ZiFHoakK5OqXYkwY7tazvMQ9K6fnQwQI4CBVwP4+d/qzcQEZLUWPYyN03Cyn3MCKgE76krox7ZYXzUqPjmkOKw== root@srv-backup-1"
31
+      owner=backuppc
32
+      group=backuppc
33
+      mode=0640
34
+
35
+  - name: Add to sudo
36
+    lineinfile:
37
+      dest: /etc/sudoers
38
+      state: present
39
+      regexp: '^backuppc\s'
40
+      line: 'backuppc  ALL=NOPASSWD: /usr/bin/rsync'
41
+      validate: 'visudo -cf %s'
42
+   
43
+  - name: fetch file from source servers
44
+    hosts: SrvBackup
45
+    copy:
46
+      src: DefaultBackuppcConfigFile.j2
47
+      dest: /tmp/{{ bkfile }}

+ 2
- 0
playbooks/Developpement/BackupPB/AddBackuppc2Client.retry View File

@@ -0,0 +1,2 @@
1
+jira.logipro.com
2
+postgresql-jira.logipro.com

+ 41
- 0
playbooks/Developpement/BackupPB/AddBackuppc2Client.yml View File

@@ -0,0 +1,41 @@
1
+---
2
+- hosts: Jira
3
+  tasks:
4
+  - name: Run the equivalent of "apt-get update" as a separate step
5
+    apt:
6
+     update_cache: yes
7
+
8
+  - name: Install sudo
9
+    apt: name=sudo state=present
10
+
11
+  - name: Install rsync
12
+    apt: name=rsync state=present
13
+
14
+  - name: Add user
15
+    user: name=backuppc state=present
16
+
17
+  - name: Add .ssh directories
18
+    file:
19
+      path=/home/backuppc/.ssh
20
+      state=directory
21
+      mode=0700
22
+      owner=backuppc
23
+      group=backuppc
24
+
25
+  - name: Add keys
26
+    lineinfile:
27
+      dest=/home/backuppc/.ssh/authorized_keys
28
+      state=present
29
+      create=yes
30
+      line="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMmNIwEmG+OxLhLffXVzYK90xsD1gorlAKKGQisaWkl/mpQKmhClEkLBmsWXxja7zbklL64vJ4IB7YPiAbpseF2wrZ9tNSwOUzySF1zYFTWRX5S/Gboswlq7GSR3EoEz2XHgMzvbbVVrgvFAmdGSiIkSqkT0+EVmhc38YQxeZAT7XIQwAMLy+4m4lEd9TKSS2qJ8hWf8e3NMmDQKFJYykn6h4HxJY5JoNBk4yb1M6xqPhE8t8IrB1pJQrF9JBlIs9Yxfg2ktoJknb9bGQIQljiZAgsdKA1P1NReMjLMYFx7zDRhytW0iUaT/4VBPK0QR2JhLaLHF1em5Te5s6d65Jz backuppc@backup1"
31
+      owner=backuppc
32
+      group=backuppc
33
+      mode=0640
34
+
35
+  - name: Add to sudo
36
+    lineinfile:
37
+      dest: /etc/sudoers
38
+      state: present
39
+      regexp: '^backuppc\s'
40
+      line: 'backuppc  ALL=NOPASSWD: /usr/bin/rsync'
41
+      validate: 'visudo -cf %s'

+ 1
- 0
playbooks/Developpement/BackupPB/AddVm2SrvBackup1.retry View File

@@ -0,0 +1 @@
1
+postgresql-jira.logipro.com

+ 56
- 0
playbooks/Developpement/BackupPB/AddVm2SrvBackup1.yml View File

@@ -0,0 +1,56 @@
1
+---
2
+- hosts: backup
3
+  tasks:
4
+
5
+  - name: Run the equivalent of "apt-get update" as a separate step
6
+    apt:
7
+     update_cache: yes
8
+
9
+  - name: Install sudo
10
+    apt: name=sudo state=present
11
+
12
+  - name: Install rsync
13
+    apt: name=rsync state=present
14
+
15
+  - name: Add user
16
+    user: name=backuppc state=present
17
+
18
+  - name: Add .ssh directories
19
+    file:
20
+      path=/home/backuppc/.ssh
21
+      state=directory
22
+      mode=0700
23
+      owner=backuppc
24
+      group=backuppc
25
+
26
+  - name: Add keys
27
+    lineinfile:
28
+      dest=/home/backuppc/.ssh/authorized_keys
29
+      state=present
30
+      create=yes
31
+      line="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDX2WfC38HZ1RRzzzbiAwxvLszMvPkYTHt0cwwYu3R1ZynfN6aTiD7jIPNUFYzQNP7hKHgLyX652JMSNuJR1LACKL8HNGDCwJ2KWWf2FBeHVcnHOE8DVMzr1HYoArFlUy8/7eEKzkKP3SgVYJXQRhWYJ2GPc3n+LHCCWacRCNoJx65hvf8jx4upMgA5XS0eKyd8tidJbcRuF8jIeYclFnl1hYD5cZXgmMQ6Fg7aIOzn3b0XxhgUZCftlyXf7qszkLSJv3ckO/rFROAEMFi1TUT/uD2ZnlReMawunq9xh6MbzfiRwi1E/nHYiepdDC4YlaBzxHWT4bxyDGBkfkLiW3ttQh99p5exL9p57HACt5hM+dQXl/WFVSAT8TdFNfuPNTzQVIPVT41F/pyEPFcRSHpRdxZuZME3Bu6CS6XZ6i7Xy6H5vpHKwglVCdcLr684oSJKO2twbBEALByh3Ul5ZQTzCzZnJJVs5ZJ19kYswwIFB/qmLM7I7ARPgVKQA7VOjWbcbw/KkT5LTzYPPxJwmxGkHVwDEyHu8xLL6GqF8Syy5GOSPSduBbDVbutiJziAaDDRiXSuLMeoicEeLMWln1R3ZiFHoakK5OqXYkwY7tazvMQ9K6fnQwQI4CBVwP4+d/qzcQEZLUWPYyN03Cyn3MCKgE76krox7ZYXzUqPjmkOKw== root@srv-backup-1"
32
+      owner=backuppc
33
+      group=backuppc
34
+      mode=0640
35
+
36
+  - name: Add to sudo
37
+    lineinfile:
38
+      dest: /etc/sudoers
39
+      state: present
40
+      regexp: '^backuppc\s'
41
+      line: 'backuppc  ALL=NOPASSWD: /usr/bin/rsync'
42
+      validate: 'visudo -cf %s'
43
+
44
+  - name: Add to hosts srv-backyp-1
45
+    local_action: command ssh root@{{ srvbk1 }} echo {{ bkfile }}	0	backuppc >> /etc/backuppc/hosts
46
+
47
+  - name: ssh restart backuppc
48
+    local_action: command ssh root@{{ srvbk1 }} service backuppc restart
49
+
50
+#    notify:
51
+#        - restart backuppc
52
+
53
+#  handlers:
54
+#    - name: restart backuppc
55
+#      service: name=backuppc state=restarted
56
+

+ 12
- 0
playbooks/Developpement/BackupPB/DefaultBackuppcConfigFile View File

@@ -0,0 +1,12 @@
1
+$Conf{RsyncClientCmd} = '$sshPath -p 22 -q -x -l backuppc $host nice -n 19 sudo $rsyncPath $argList+';
2
+$Conf{RsyncClientRestoreCmd} = '$sshPath -p 22 -q -x -l backuppc $host nice -n 19 sudo $rsyncPath $argList+';
3
+$Conf{XferMethod} = 'rsync';
4
+$Conf{RsyncShareName} = [
5
+  '/boot',
6
+  '/etc',
7
+  '/home',
8
+  '/root',
9
+  '/opt',
10
+  '/usr/local',
11
+  '/var'
12
+];

+ 12
- 0
playbooks/Developpement/BackupPB/DefaultBackuppcConfigFile.j2 View File

@@ -0,0 +1,12 @@
1
+$Conf{RsyncClientCmd} = '$sshPath -p 22 -q -x -l backuppc $host nice -n 19 sudo $rsyncPath $argList+';
2
+$Conf{RsyncClientRestoreCmd} = '$sshPath -p 22 -q -x -l backuppc $host nice -n 19 sudo $rsyncPath $argList+';
3
+$Conf{XferMethod} = 'rsync';
4
+$Conf{RsyncShareName} = [
5
+  '/boot',
6
+  '/etc',
7
+  '/home',
8
+  '/root',
9
+  '/opt',
10
+  '/usr/local',
11
+  '/var'
12
+];

+ 6
- 0
playbooks/Developpement/BackupPB/srv-backuppc-1-Host.yml View File

@@ -0,0 +1,6 @@
1
+---
2
+- hosts: SrvBackup
3
+  tasks:
4
+  - name: Run the equivalent of "apt-get update" as a separate step
5
+    apt:
6
+      update_cache: yes

+ 45
- 0
playbooks/Developpement/CT-Dev/CHANGELOG View File

@@ -0,0 +1,45 @@
1
+README
2
+
3
+- v2
4
+Modification pour que vscode soit monté avec le user www-data et ainsi permettre
5
+d'avoir les bon droit lorsque l'on edite des fichiers du volume du docker webserver
6
+
7
+- 1 - Le playbook user.yml se charge de configurer le user www-data :
8
+Son home : /opt/www
9
+Un bash : /bin/bash
10
+la config ssh ~/.ssh/authorized_keys
11
+Le user www-data est ajouté au group "docker" pour faciliter les commandes pour un dev
12
+
13
+- 2 - Sur windows :
14
+- Installtion d'un client ssh intégré à windows : 
15
+Ouvrir un powershell en admin puis entrer :
16
+
17
+Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0
18
+
19
+- copie des clé ssh préalablement créé :
20
+dans un bash ubuntu "windows" entrer :
21
+
22
+sudo cp ~/.ssh/id_rsa* /mnt/c/Users/VOTRE_USER/.ssh/.
23
+sudo tee -a /mnt/c/Users/VOTRE_USER/.ssh/config << END
24
+Host vm
25
+    HostName vm
26
+    User www-data
27
+END
28
+
29
+sudo tee -a /tmp/config << END
30
+Host vm
31
+   HostName vm
32
+   User www-data
33
+END
34
+
35
+Dans vscode aller dans les extensions : CTRL + Shift + X
36
+Rechercher : Remote Developpement
37
+Qui installera une suite d'extension dont Remote SSH
38
+entre dans la console : F1
39
+et entrer :
40
+>Remote-SSH: Connect to Host...
41
+Selectionnez Configure SSH Hosts
42
+Et sélectionnez le fichier de configuration ssh : 
43
+
44
+ c:\Users\VOTRE_USER\.ssh\config
45
+ 

+ 3
- 0
playbooks/Developpement/CT-Dev/daemon.json View File

@@ -0,0 +1,3 @@
1
+{
2
+    "dns": ["192.168.240.254"]
3
+}

+ 1
- 0
playbooks/Developpement/CT-Dev/docker-dns.retry View File

@@ -0,0 +1 @@
1
+192.168.240.10

+ 11
- 0
playbooks/Developpement/CT-Dev/docker-dns.yml View File

@@ -0,0 +1,11 @@
1
+---
2
+- hosts: CT-Dev
3
+  tasks:
4
+
5
+  - name: dns docker
6
+    copy:
7
+      src: ./daemon.json
8
+      dest: /etc/docker/daemon.json
9
+
10
+  - name: docker restarted
11
+    command: systemctl restart docker

+ 1
- 0
playbooks/Developpement/CT-Dev/docker-install.retry View File

@@ -0,0 +1 @@
1
+192.168.240.12

+ 56
- 0
playbooks/Developpement/CT-Dev/docker-install.yml View File

@@ -0,0 +1,56 @@
1
+---
2
+- hosts: CT-Dev
3
+  tasks:
4
+
5
+    - name: Install aptitude using apt
6
+      apt: name=aptitude state=latest update_cache=yes force_apt_get=yes
7
+
8
+    - name: Update and upgrade apt packages
9
+      become: true
10
+      apt:
11
+        upgrade: yes
12
+        update_cache: yes
13
+        cache_valid_time: 3600 #One hour
14
+
15
+    - name: Install required system packages
16
+      apt: name={{ item }} state=latest update_cache=yes
17
+      loop: [ 'apt-transport-https', 'ca-certificates', 'curl', 'software-properties-common', 'python3-pip', 'virtualenv', 'python3-setuptools']
18
+
19
+    - name: Add Docker GPG apt Key
20
+      apt_key:
21
+        url: https://download.docker.com/linux/ubuntu/gpg
22
+        state: present
23
+
24
+    - name: Add Docker Repository
25
+      apt_repository:
26
+        repo: deb https://download.docker.com/linux/ubuntu bionic stable
27
+        state: present
28
+
29
+    - name: Update apt and install docker-ce
30
+      apt: update_cache=yes name=docker-ce state=latest
31
+
32
+    - name: Update apt and install docker-compose
33
+      apt: update_cache=yes name=docker-compose state=latest
34
+
35
+    - name: Install Docker Module for Python
36
+      pip:
37
+        name: docker
38
+
39
+    - name: set docker_portainer_volume
40
+      set_fact: docker_portainer_volume="/opt/portainer"
41
+
42
+    - name: create volume directory for data
43
+      file: path={{docker_portainer_volume}}/data state=directory recurse=yes
44
+
45
+    - name: install container
46
+      docker_container:
47
+        name: "portainer"
48
+        image: "portainer/portainer"
49
+        pull: "yes"
50
+        state: "started"
51
+        restart_policy: "always"
52
+        volumes:
53
+          - /var/run/docker.sock:/var/run/docker.sock
54
+          - "{{docker_portainer_volume}}/data:/data"
55
+        ports:
56
+          - "9000:9000"

+ 14
- 0
playbooks/Developpement/CT-Dev/hosts View File

@@ -0,0 +1,14 @@
1
+##################################
2
+
3
+# Lan negocia
4
+#vm-mutuinforoute.logipro.com:222
5
+
6
+[CT-Dev]
7
+#192.168.240.9 ansible_python_interpreter=/usr/bin/python3
8
+192.168.240.10 ansible_python_interpreter=/usr/bin/python3
9
+192.168.240.11 ansible_python_interpreter=/usr/bin/python3
10
+192.168.240.12 ansible_python_interpreter=/usr/bin/python3
11
+192.168.240.13 ansible_python_interpreter=/usr/bin/python3
12
+192.168.240.14 ansible_python_interpreter=/usr/bin/python3
13
+192.168.240.15 ansible_python_interpreter=/usr/bin/python3
14
+192.168.240.16 ansible_python_interpreter=/usr/bin/python3

+ 11
- 0
playbooks/Developpement/CT-Dev/onehost View File

@@ -0,0 +1,11 @@
1
+##################################
2
+
3
+# Lan negocia
4
+#vm-mutuinforoute.logipro.com:222
5
+
6
+[CT-Dev]
7
+#192.168.240.10 ansible_python_interpreter=/usr/bin/python3
8
+192.168.240.14 ansible_python_interpreter=/usr/bin/python3
9
+#192.168.240.11 ansible_python_interpreter=/usr/bin/python3
10
+#192.168.240.13 ansible_python_interpreter=/usr/bin/python3
11
+#192.168.240.15 ansible_python_interpreter=/usr/bin/python3

+ 1
- 0
playbooks/Developpement/CT-Dev/user.retry View File

@@ -0,0 +1 @@
1
+192.168.240.10

+ 44
- 0
playbooks/Developpement/CT-Dev/user.yml View File

@@ -0,0 +1,44 @@
1
+---
2
+- hosts: CT-Dev
3
+  tasks:
4
+
5
+  - name: create www-data home folder
6
+    file:
7
+      path: /opt/www
8
+      state: directory
9
+      owner: www-data
10
+      group: www-data
11
+
12
+  
13
+  - name: Modify www-data user
14
+    user:
15
+      name: www-data
16
+      home: /opt/www
17
+      shell: /bin/bash
18
+      password: "{{ upassword | password_hash('sha512') }}"
19
+      update_password: always
20
+
21
+  - name: adding existing user to group docker
22
+    user:
23
+      name: www-data
24
+      groups: docker
25
+      append: yes
26
+
27
+  - name: create ssh home folder
28
+    file:
29
+      path: /opt/www/.ssh
30
+      state: directory
31
+      owner: www-data
32
+      group: www-data
33
+      mode: '0700'
34
+
35
+  - name: 
36
+    file:
37
+      path: /opt/www/.ssh/authorized_keys
38
+      state: touch
39
+      owner: www-data
40
+      group: www-data
41
+      mode: '0600'
42
+
43
+  vars:
44
+    upassword: 'logipro'

+ 2
- 0
playbooks/Developpement/DebianAutoUpdate-Strech/20auto-upgrades View File

@@ -0,0 +1,2 @@
1
+APT::Periodic::Update-Package-Lists "1";
2
+APT::Periodic::Unattended-Upgrade "1";

+ 93
- 0
playbooks/Developpement/DebianAutoUpdate-Strech/50unattended-upgrades View File

@@ -0,0 +1,93 @@
1
+// Unattended-Upgrade::Origins-Pattern controls which packages are
2
+// upgraded.
3
+//
4
+// Lines below have the format format is "keyword=value,...".  A
5
+// package will be upgraded only if the values in its metadata match
6
+// all the supplied keywords in a line.  (In other words, omitted
7
+// keywords are wild cards.) The keywords originate from the Release
8
+// file, but several aliases are accepted.  The accepted keywords are:
9
+//   a,archive,suite (eg, "stable")
10
+//   c,component     (eg, "main", "crontrib", "non-free")
11
+//   l,label         (eg, "Debian", "Debian-Security")
12
+//   o,origin        (eg, "Debian", "Unofficial Multimedia Packages")
13
+//   n,codename      (eg, "jessie", "jessie-updates")
14
+//     site          (eg, "http.debian.net")
15
+// The available values on the system are printed by the command
16
+// "apt-cache policy", and can be debugged by running
17
+// "unattended-upgrades -d" and looking at the log file.
18
+//
19
+// Within lines unattended-upgrades allows 2 macros whose values are
20
+// derived from /etc/debian_version:
21
+//   ${distro_id}            Installed origin.
22
+//   ${distro_codename}      Installed codename (eg, "jessie")
23
+Unattended-Upgrade::Origins-Pattern {
24
+        // Codename based matching:
25
+        // This will follow the migration of a release through different
26
+        // archives (e.g. from testing to stable and later oldstable).
27
+//      "o=Debian,n=jessie";
28
+//      "o=Debian,n=jessie-updates";
29
+//      "o=Debian,n=jessie-proposed-updates";
30
+//      "o=Debian,n=jessie,l=Debian-Security";
31
+
32
+        // Archive or Suite based matching:
33
+        // Note that this will silently match a different release after
34
+        // migration to the specified archive (e.g. testing becomes the
35
+        // new stable).
36
+//      "o=Debian,a=stable";
37
+//      "o=Debian,a=stable-updates";
38
+//      "o=Debian,a=proposed-updates";
39
+	"site=packages.sury.org";
40
+        "origin=Debian,codename=${distro_codename},label=Debian-Security";
41
+};
42
+
43
+// List of packages to not update (regexp are supported)
44
+Unattended-Upgrade::Package-Blacklist {
45
+//	"vim";
46
+//	"libc6";
47
+//	"libc6-dev";
48
+//	"libc6-i686";
49
+};
50
+
51
+// This option allows you to control if on a unclean dpkg exit
52
+// unattended-upgrades will automatically run 
53
+//   dpkg --force-confold --configure -a
54
+// The default is true, to ensure updates keep getting installed
55
+//Unattended-Upgrade::AutoFixInterruptedDpkg "false";
56
+
57
+// Split the upgrade into the smallest possible chunks so that
58
+// they can be interrupted with SIGUSR1. This makes the upgrade
59
+// a bit slower but it has the benefit that shutdown while a upgrade
60
+// is running is possible (with a small delay)
61
+//Unattended-Upgrade::MinimalSteps "true";
62
+
63
+// Install all unattended-upgrades when the machine is shuting down
64
+// instead of doing it in the background while the machine is running
65
+// This will (obviously) make shutdown slower
66
+//Unattended-Upgrade::InstallOnShutdown "true";
67
+
68
+// Send email to this address for problems or packages upgrades
69
+// If empty or unset then no email is sent, make sure that you
70
+// have a working mail setup on your system. A package that provides
71
+// 'mailx' must be installed. E.g. "user@example.com"
72
+Unattended-Upgrade::Mail "srv-log@logipro.com";
73
+
74
+// Set this value to "true" to get emails only on errors. Default
75
+// is to always send a mail if Unattended-Upgrade::Mail is set
76
+//Unattended-Upgrade::MailOnlyOnError "true";
77
+
78
+// Do automatic removal of new unused dependencies after the upgrade
79
+// (equivalent to apt-get autoremove)
80
+//Unattended-Upgrade::Remove-Unused-Dependencies "false";
81
+
82
+// Automatically reboot *WITHOUT CONFIRMATION* if
83
+//  the file /var/run/reboot-required is found after the upgrade 
84
+//Unattended-Upgrade::Automatic-Reboot "false";
85
+
86
+// If automatic reboot is enabled and needed, reboot at the specific
87
+// time instead of immediately
88
+//  Default: "now"
89
+//Unattended-Upgrade::Automatic-Reboot-Time "02:00";
90
+
91
+// Use apt bandwidth limit feature, this example limits the download
92
+// speed to 70kb/sec
93
+//Acquire::http::Dl-Limit "70";

+ 20
- 0
playbooks/Developpement/DebianAutoUpdate-Strech/DebianAutoUpdate.yml View File

@@ -0,0 +1,20 @@
1
+---
2
+- hosts: debian_update_security
3
+  tasks:
4
+
5
+  - name: Install unattended-upgrades and apt-listchanges 
6
+    apt: pkg={{ item }} update_cache=yes cache_valid_time=3600
7
+    with_items:
8
+      - unattended-upgrades
9
+      - apt-listchanges
10
+      - rsync
11
+    when: ansible_distribution == "Debian" and ansible_distribution_release == "stretch"
12
+
13
+  - name: Copy 20auto-upgrades
14
+    copy: src=/root/playbooks/Developpement/DebianAutoUpdate/20auto-upgrades dest=/etc/apt/apt.conf.d/20auto-upgrades
15
+    when: ansible_distribution == "Debian" and ansible_distribution_release == "jessie"
16
+
17
+
18
+  - name: Copy 50unattended-upgrades
19
+    copy: src=/root/playbooks/Developpement/DebianAutoUpdate/50unattended-upgrades dest=/etc/apt/apt.conf.d/50unattended-upgrades
20
+    when: ansible_distribution == "Debian" and ansible_distribution_release == "jessie"

+ 60
- 0
playbooks/Developpement/DebianAutoUpdate-Strech/hosts View File

@@ -0,0 +1,60 @@
1
+##################################
2
+
3
+# Lan negocia
4
+#vm-mutuinforoute.logipro.com:222
5
+
6
+[debian_update_security]
7
+vm-mistigri.logipro.com
8
+vm-openagora.logipro.com
9
+vm-htmlpdf.logipro.com:222
10
+vm-alpi.logipro.com
11
+vm-cci.logipro.com
12
+vm-converter.logipro.com:222
13
+vm-inpi.logipro.com
14
+vm-sncf.logipro.com
15
+vm-tchat.logipro.com:222
16
+inpi-rmq.logipro.com
17
+hyp-inpi.logipro.com:222
18
+inpi-vprod.logipro.com:222
19
+inpi-recette.logipro.com:222
20
+phpservermon.logipro.com
21
+vpn-respire.logipro.com:222
22
+hyp-cg43.logipro.com:222
23
+hyp-dirmc.logipro.com:222
24
+hyp-eres.logipro.com:22
25
+hyp-if04.logipro.com:222
26
+hyp-if09.logipro.com:222
27
+hyp-if12.logipro.com:222
28
+hyp-if18.logipro.com:222
29
+hyp-if21.logipro.com:22
30
+hyp-if24.logipro.com:222
31
+hyp-if43.logipro.com:222
32
+hyp-if48.logipro.com:222
33
+hyp-if68.logipro.com:222
34
+hyp-if69.logipro.com:222
35
+hyp-mutu-logipro.logipro.com:222
36
+hyp-pm1.logipro.com:222
37
+isp1.logipro.com:222
38
+pve2.logipro.com
39
+srv-bk.logipro.com:22
40
+vb.logipro.com:222
41
+vb15.logipro.com:222
42
+vm-arpege.logipro.com
43
+vm-campus26.logipro.com:222
44
+vm-ccifrance.logipro.com
45
+vm-cg43.logipro.com
46
+vm-dirmc.logipro.com
47
+vm-ifsi.logipro.com
48
+vm-inforoute04.logipro.com:222
49
+vm-inforoute09.logipro.com
50
+vm-inforoute12.logipro.com
51
+vm-inforoute18.logipro.com:222
52
+vm-inforoute24.logipro.com
53
+vm-inforoute43.logipro.com
54
+vm-inforoute48.logipro.com
55
+vm-inforoute68.logipro.com
56
+vm-inforoute69.logipro.com
57
+vm-occitan.logipro.com:222
58
+vm-richemont.logipro.com
59
+vm-sncf.logipro.com
60
+vpn-respire.logipro.com:222

+ 7
- 0
playbooks/Developpement/DebianAutoUpdate-Strech/hyp-host View File

@@ -0,0 +1,7 @@
1
+##################################
2
+
3
+# Lan negocia
4
+#vm-mutuinforoute.logipro.com:222
5
+
6
+[debian_update_security]
7
+hyp-occitan.logipro.com:222

+ 26
- 0
playbooks/Developpement/DebianAutoUpdate-Strech/on-host View File

@@ -0,0 +1,26 @@
1
+##################################
2
+
3
+# Lan negocia
4
+#vm-mutuinforoute.logipro.com:222
5
+
6
+[debian_update_security]
7
+#phpservermon.logipro.com
8
+#vm-captain.logipro.com:222
9
+#vm-olympiades.logipro.com
10
+#vm-noobelearning.logipro.com:222
11
+#vm-occitan.logipro.com:222
12
+#vm-treelearning.logipro.com
13
+#vm-campus26.logipro.com:222
14
+#svn.logipro.com
15
+#phpservermon.logipro.com
16
+#vm-aiguebelette2015.logipro.com
17
+#vm-arpege.logipro.com
18
+#srv-backup.logipro.com
19
+#vm-macom.logipro.com
20
+#vm-mutuinforoute.logipro.com:222
21
+#vm-eres.logipro.com
22
+#hyp-if43.logipro.com
23
+#hyp-if11.logipro.com:222
24
+#vm-if11.logipro.com:222
25
+vm-agorainfinity.logipro.com:22
26
+

+ 25
- 0
playbooks/Developpement/DebianAutoUpdate-Strech/on-host.save View File

@@ -0,0 +1,25 @@
1
+##################################
2
+
3
+# Lan negocia
4
+#vm-mutuinforoute.logipro.com:222
5
+
6
+[debian_update_security]
7
+#phpservermon.logipro.com
8
+#vm-captain.logipro.com:222
9
+#vm-olympiades.logipro.com
10
+#vm-noobelearning.logipro.com:222
11
+#vm-occitan.logipro.com:222
12
+#vm-treelearning.logipro.com
13
+#vm-campus26.logipro.com:222
14
+#svn.logipro.com
15
+#phpservermon.logipro.com
16
+#vm-aiguebelette2015.logipro.com
17
+#vm-arpege.logipro.com
18
+#srv-backup.logipro.com
19
+#vm-macom.logipro.com
20
+#vm-mutuinforoute.logipro.com:222
21
+#vm-eres.logipro.com
22
+#hyp-if43.logipro.com
23
+#hyp-if11.logipro.com:222
24
+#vm-if11.logipro.com:222
25
+

+ 2
- 0
playbooks/Developpement/DebianAutoUpdate-stretch/20auto-upgrades View File

@@ -0,0 +1,2 @@
1
+APT::Periodic::Update-Package-Lists "1";
2
+APT::Periodic::Unattended-Upgrade "1";

+ 92
- 0
playbooks/Developpement/DebianAutoUpdate-stretch/50unattended-upgrades View File

@@ -0,0 +1,92 @@
1
+// Unattended-Upgrade::Origins-Pattern controls which packages are
2
+// upgraded.
3
+//
4
+// Lines below have the format format is "keyword=value,...".  A
5
+// package will be upgraded only if the values in its metadata match
6
+// all the supplied keywords in a line.  (In other words, omitted
7
+// keywords are wild cards.) The keywords originate from the Release
8
+// file, but several aliases are accepted.  The accepted keywords are:
9
+//   a,archive,suite (eg, "stable")
10
+//   c,component     (eg, "main", "crontrib", "non-free")
11
+//   l,label         (eg, "Debian", "Debian-Security")
12
+//   o,origin        (eg, "Debian", "Unofficial Multimedia Packages")
13
+//   n,codename      (eg, "jessie", "jessie-updates")
14
+//     site          (eg, "http.debian.net")
15
+// The available values on the system are printed by the command
16
+// "apt-cache policy", and can be debugged by running
17
+// "unattended-upgrades -d" and looking at the log file.
18
+//
19
+// Within lines unattended-upgrades allows 2 macros whose values are
20
+// derived from /etc/debian_version:
21
+//   ${distro_id}            Installed origin.
22
+//   ${distro_codename}      Installed codename (eg, "jessie")
23
+Unattended-Upgrade::Origins-Pattern {
24
+        // Codename based matching:
25
+        // This will follow the migration of a release through different
26
+        // archives (e.g. from testing to stable and later oldstable).
27
+//      "o=Debian,n=jessie";
28
+//      "o=Debian,n=jessie-updates";
29
+//      "o=Debian,n=jessie-proposed-updates";
30
+//      "o=Debian,n=jessie,l=Debian-Security";
31
+
32
+        // Archive or Suite based matching:
33
+        // Note that this will silently match a different release after
34
+        // migration to the specified archive (e.g. testing becomes the
35
+        // new stable).
36
+//      "o=Debian,a=stable";
37
+//      "o=Debian,a=stable-updates";
38
+//      "o=Debian,a=proposed-updates";
39
+        "origin=Debian,codename=${distro_codename},label=Debian-Security";
40
+};
41
+
42
+// List of packages to not update (regexp are supported)
43
+Unattended-Upgrade::Package-Blacklist {
44
+//	"vim";
45
+//	"libc6";
46
+//	"libc6-dev";
47
+//	"libc6-i686";
48
+};
49
+
50
+// This option allows you to control if on a unclean dpkg exit
51
+// unattended-upgrades will automatically run 
52
+//   dpkg --force-confold --configure -a
53
+// The default is true, to ensure updates keep getting installed
54
+//Unattended-Upgrade::AutoFixInterruptedDpkg "false";
55
+
56
+// Split the upgrade into the smallest possible chunks so that
57
+// they can be interrupted with SIGUSR1. This makes the upgrade
58
+// a bit slower but it has the benefit that shutdown while a upgrade
59
+// is running is possible (with a small delay)
60
+//Unattended-Upgrade::MinimalSteps "true";
61
+
62
+// Install all unattended-upgrades when the machine is shuting down
63
+// instead of doing it in the background while the machine is running
64
+// This will (obviously) make shutdown slower
65
+//Unattended-Upgrade::InstallOnShutdown "true";
66
+
67
+// Send email to this address for problems or packages upgrades
68
+// If empty or unset then no email is sent, make sure that you
69
+// have a working mail setup on your system. A package that provides
70
+// 'mailx' must be installed. E.g. "user@example.com"
71
+Unattended-Upgrade::Mail "srv-log@logipro.com";
72
+
73
+// Set this value to "true" to get emails only on errors. Default
74
+// is to always send a mail if Unattended-Upgrade::Mail is set
75
+//Unattended-Upgrade::MailOnlyOnError "true";
76
+
77
+// Do automatic removal of new unused dependencies after the upgrade
78
+// (equivalent to apt-get autoremove)
79
+//Unattended-Upgrade::Remove-Unused-Dependencies "false";
80
+
81
+// Automatically reboot *WITHOUT CONFIRMATION* if
82
+//  the file /var/run/reboot-required is found after the upgrade 
83
+//Unattended-Upgrade::Automatic-Reboot "false";
84
+
85
+// If automatic reboot is enabled and needed, reboot at the specific
86
+// time instead of immediately
87
+//  Default: "now"
88
+//Unattended-Upgrade::Automatic-Reboot-Time "02:00";
89
+
90
+// Use apt bandwidth limit feature, this example limits the download
91
+// speed to 70kb/sec
92
+//Acquire::http::Dl-Limit "70";

+ 20
- 0
playbooks/Developpement/DebianAutoUpdate-stretch/DebianAutoUpdate.yml View File

@@ -0,0 +1,20 @@
1
+---
2
+- hosts: debian_update_security
3
+  tasks:
4
+
5
+  - name: Install unattended-upgrades and apt-listchanges 
6
+    apt: pkg={{ item }} update_cache=yes cache_valid_time=3600
7
+    with_items:
8
+      - unattended-upgrades
9
+      - apt-listchanges
10
+      - rsync
11
+    when: ansible_distribution == "Debian" and ansible_distribution_release == "stretch"
12
+
13
+  - name: Copy 20auto-upgrades
14
+    copy: src=/root/playbooks/Developpement/DebianAutoUpdate/20auto-upgrades dest=/etc/apt/apt.conf.d/20auto-upgrades
15
+    when: ansible_distribution == "Debian" and ansible_distribution_release == "stretch"
16
+
17
+
18
+  - name: Copy 50unattended-upgrades
19
+    copy: src=/root/playbooks/Developpement/DebianAutoUpdate/50unattended-upgrades dest=/etc/apt/apt.conf.d/50unattended-upgrades
20
+    when: ansible_distribution == "Debian" and ansible_distribution_release == "jessie"

+ 60
- 0
playbooks/Developpement/DebianAutoUpdate-stretch/hosts View File

@@ -0,0 +1,60 @@
1
+##################################
2
+
3
+# Lan negocia
4
+#vm-mutuinforoute.logipro.com:222
5
+
6
+[debian_update_security]
7
+vm-mistigri.logipro.com
8
+vm-openagora.logipro.com
9
+vm-htmlpdf.logipro.com:222
10
+vm-alpi.logipro.com
11
+vm-cci.logipro.com
12
+vm-converter.logipro.com:222
13
+vm-inpi.logipro.com
14
+vm-sncf.logipro.com
15
+vm-tchat.logipro.com:222
16
+inpi-rmq.logipro.com
17
+hyp-inpi.logipro.com:222
18
+inpi-vprod.logipro.com:222
19
+inpi-recette.logipro.com:222
20
+phpservermon.logipro.com
21
+vpn-respire.logipro.com:222
22
+hyp-cg43.logipro.com:222
23
+hyp-dirmc.logipro.com:222
24
+hyp-eres.logipro.com:22
25
+hyp-if04.logipro.com:222
26
+hyp-if09.logipro.com:222
27
+hyp-if12.logipro.com:222
28
+hyp-if18.logipro.com:222
29
+hyp-if21.logipro.com:22
30
+hyp-if24.logipro.com:222
31
+hyp-if43.logipro.com:222
32
+hyp-if48.logipro.com:222
33
+hyp-if68.logipro.com:222
34
+hyp-if69.logipro.com:222
35
+hyp-mutu-logipro.logipro.com:222
36
+hyp-pm1.logipro.com:222
37
+isp1.logipro.com:222
38
+pve2.logipro.com
39
+srv-bk.logipro.com:22
40
+vb.logipro.com:222
41
+vb15.logipro.com:222
42
+vm-arpege.logipro.com
43
+vm-campus26.logipro.com:222
44
+vm-ccifrance.logipro.com
45
+vm-cg43.logipro.com
46
+vm-dirmc.logipro.com
47
+vm-ifsi.logipro.com
48
+vm-inforoute04.logipro.com:222
49
+vm-inforoute09.logipro.com
50
+vm-inforoute12.logipro.com
51
+vm-inforoute18.logipro.com:222
52
+vm-inforoute24.logipro.com
53
+vm-inforoute43.logipro.com
54
+vm-inforoute48.logipro.com
55
+vm-inforoute68.logipro.com
56
+vm-inforoute69.logipro.com
57
+vm-occitan.logipro.com:222
58
+vm-richemont.logipro.com
59
+vm-sncf.logipro.com
60
+vpn-respire.logipro.com:222

+ 7
- 0
playbooks/Developpement/DebianAutoUpdate-stretch/hyp-host View File

@@ -0,0 +1,7 @@
1
+##################################
2
+
3
+# Lan negocia
4
+#vm-mutuinforoute.logipro.com:222
5
+
6
+[debian_update_security]
7
+hyp-occitan.logipro.com:222

+ 24
- 0
playbooks/Developpement/DebianAutoUpdate-stretch/on-host View File

@@ -0,0 +1,24 @@
1
+##################################
2
+
3
+# Lan negocia
4
+#vm-mutuinforoute.logipro.com:222
5
+
6
+[debian_update_security]
7
+#phpservermon.logipro.com
8
+#vm-captain.logipro.com:222
9
+#vm-olympiades.logipro.com
10
+#vm-noobelearning.logipro.com:222
11
+#vm-occitan.logipro.com:222
12
+#vm-treelearning.logipro.com
13
+#vm-campus26.logipro.com:222
14
+#svn.logipro.com
15
+#phpservermon.logipro.com
16
+#vm-aiguebelette2015.logipro.com
17
+#vm-arpege.logipro.com
18
+#srv-backup.logipro.com
19
+#vm-macom.logipro.com
20
+#vm-mutuinforoute.logipro.com:222
21
+#vm-eres.logipro.com
22
+#hyp-if43.logipro.com
23
+#hyp-if11.logipro.com:222
24
+#vm-if11.logipro.com:222

+ 2
- 0
playbooks/Developpement/DebianAutoUpdate/20auto-upgrades View File

@@ -0,0 +1,2 @@
1
+APT::Periodic::Update-Package-Lists "1";
2
+APT::Periodic::Unattended-Upgrade "1";

+ 92
- 0
playbooks/Developpement/DebianAutoUpdate/50unattended-upgrades View File

@@ -0,0 +1,92 @@
1
+// Unattended-Upgrade::Origins-Pattern controls which packages are
2
+// upgraded.
3
+//
4
+// Lines below have the format format is "keyword=value,...".  A
5
+// package will be upgraded only if the values in its metadata match
6
+// all the supplied keywords in a line.  (In other words, omitted
7
+// keywords are wild cards.) The keywords originate from the Release
8
+// file, but several aliases are accepted.  The accepted keywords are:
9
+//   a,archive,suite (eg, "stable")
10
+//   c,component     (eg, "main", "crontrib", "non-free")
11
+//   l,label         (eg, "Debian", "Debian-Security")
12
+//   o,origin        (eg, "Debian", "Unofficial Multimedia Packages")
13
+//   n,codename      (eg, "jessie", "jessie-updates")
14
+//     site          (eg, "http.debian.net")
15
+// The available values on the system are printed by the command
16
+// "apt-cache policy", and can be debugged by running
17
+// "unattended-upgrades -d" and looking at the log file.
18
+//
19
+// Within lines unattended-upgrades allows 2 macros whose values are
20
+// derived from /etc/debian_version:
21
+//   ${distro_id}            Installed origin.
22
+//   ${distro_codename}      Installed codename (eg, "jessie")
23
+Unattended-Upgrade::Origins-Pattern {
24
+        // Codename based matching:
25
+        // This will follow the migration of a release through different
26
+        // archives (e.g. from testing to stable and later oldstable).
27
+//      "o=Debian,n=jessie";
28
+//      "o=Debian,n=jessie-updates";
29
+//      "o=Debian,n=jessie-proposed-updates";
30
+//      "o=Debian,n=jessie,l=Debian-Security";
31
+
32
+        // Archive or Suite based matching:
33
+        // Note that this will silently match a different release after
34
+        // migration to the specified archive (e.g. testing becomes the
35
+        // new stable).
36
+//      "o=Debian,a=stable";
37
+//      "o=Debian,a=stable-updates";
38
+//      "o=Debian,a=proposed-updates";
39
+        "origin=Debian,codename=${distro_codename},label=Debian-Security";
40
+};
41
+
42
+// List of packages to not update (regexp are supported)
43
+Unattended-Upgrade::Package-Blacklist {
44
+//	"vim";
45
+//	"libc6";
46
+//	"libc6-dev";
47
+//	"libc6-i686";
48
+};
49
+
50
+// This option allows you to control if on a unclean dpkg exit
51
+// unattended-upgrades will automatically run 
52
+//   dpkg --force-confold --configure -a
53
+// The default is true, to ensure updates keep getting installed
54
+//Unattended-Upgrade::AutoFixInterruptedDpkg "false";
55
+
56
+// Split the upgrade into the smallest possible chunks so that
57
+// they can be interrupted with SIGUSR1. This makes the upgrade
58
+// a bit slower but it has the benefit that shutdown while a upgrade
59
+// is running is possible (with a small delay)
60
+//Unattended-Upgrade::MinimalSteps "true";
61
+
62
+// Install all unattended-upgrades when the machine is shuting down
63
+// instead of doing it in the background while the machine is running
64
+// This will (obviously) make shutdown slower
65
+//Unattended-Upgrade::InstallOnShutdown "true";
66
+
67
+// Send email to this address for problems or packages upgrades
68
+// If empty or unset then no email is sent, make sure that you
69
+// have a working mail setup on your system. A package that provides
70
+// 'mailx' must be installed. E.g. "user@example.com"
71
+Unattended-Upgrade::Mail "srv-log@logipro.com";
72
+
73
+// Set this value to "true" to get emails only on errors. Default
74
+// is to always send a mail if Unattended-Upgrade::Mail is set
75
+//Unattended-Upgrade::MailOnlyOnError "true";
76
+
77
+// Do automatic removal of new unused dependencies after the upgrade
78
+// (equivalent to apt-get autoremove)
79
+//Unattended-Upgrade::Remove-Unused-Dependencies "false";
80
+
81
+// Automatically reboot *WITHOUT CONFIRMATION* if
82
+//  the file /var/run/reboot-required is found after the upgrade 
83
+//Unattended-Upgrade::Automatic-Reboot "false";
84
+
85
+// If automatic reboot is enabled and needed, reboot at the specific
86
+// time instead of immediately
87
+//  Default: "now"
88
+//Unattended-Upgrade::Automatic-Reboot-Time "02:00";
89
+
90
+// Use apt bandwidth limit feature, this example limits the download
91
+// speed to 70kb/sec
92
+//Acquire::http::Dl-Limit "70";

+ 1
- 0
playbooks/Developpement/DebianAutoUpdate/DebianAutoUpdate.retry View File

@@ -0,0 +1 @@
1
+vm-if09.logipro.com

+ 20
- 0
playbooks/Developpement/DebianAutoUpdate/DebianAutoUpdate.yml View File

@@ -0,0 +1,20 @@
1
+---
2
+- hosts: debian_update_security
3
+  tasks:
4
+
5
+  - name: Install unattended-upgrades and apt-listchanges 
6
+    apt: pkg={{ item }} update_cache=yes cache_valid_time=3600
7
+    with_items:
8
+      - unattended-upgrades
9
+      - apt-listchanges
10
+      - rsync
11
+    when: ansible_distribution == "Debian" and ansible_distribution_release == "jessie"
12
+
13
+  - name: Copy 20auto-upgrades
14
+    copy: src=/root/playbooks/Developpement/DebianAutoUpdate/20auto-upgrades dest=/etc/apt/apt.conf.d/20auto-upgrades
15
+    when: ansible_distribution == "Debian" and ansible_distribution_release == "jessie"
16
+
17
+
18
+  - name: Copy 50unattended-upgrades
19
+    copy: src=/root/playbooks/Developpement/DebianAutoUpdate/50unattended-upgrades dest=/etc/apt/apt.conf.d/50unattended-upgrades
20
+    when: ansible_distribution == "Debian" and ansible_distribution_release == "jessie"

+ 60
- 0
playbooks/Developpement/DebianAutoUpdate/hosts View File

@@ -0,0 +1,60 @@
1
+##################################
2
+
3
+# Lan negocia
4
+#vm-mutuinforoute.logipro.com:222
5
+
6
+[debian_update_security]
7
+vm-mistigri.logipro.com
8
+vm-openagora.logipro.com
9
+vm-htmlpdf.logipro.com:222
10
+vm-alpi.logipro.com
11
+vm-cci.logipro.com
12
+vm-converter.logipro.com:222
13
+vm-inpi.logipro.com
14
+vm-sncf.logipro.com
15
+vm-tchat.logipro.com:222
16
+inpi-rmq.logipro.com
17
+hyp-inpi.logipro.com:222
18
+inpi-vprod.logipro.com:222
19
+inpi-recette.logipro.com:222
20
+phpservermon.logipro.com
21
+vpn-respire.logipro.com:222
22
+hyp-cg43.logipro.com:222
23
+hyp-dirmc.logipro.com:222
24
+hyp-eres.logipro.com:22
25
+hyp-if04.logipro.com:222
26
+hyp-if09.logipro.com:222
27
+hyp-if12.logipro.com:222
28
+hyp-if18.logipro.com:222
29
+hyp-if21.logipro.com:22
30
+hyp-if24.logipro.com:222
31
+hyp-if43.logipro.com:222
32
+hyp-if48.logipro.com:222
33
+hyp-if68.logipro.com:222
34
+hyp-if69.logipro.com:222
35
+hyp-mutu-logipro.logipro.com:222
36
+hyp-pm1.logipro.com:222
37
+isp1.logipro.com:222
38
+pve2.logipro.com
39
+srv-bk.logipro.com:22
40
+vb.logipro.com:222
41
+vb15.logipro.com:222
42
+vm-arpege.logipro.com
43
+vm-campus26.logipro.com:222
44
+vm-ccifrance.logipro.com
45
+vm-cg43.logipro.com
46
+vm-dirmc.logipro.com
47
+vm-ifsi.logipro.com
48
+vm-inforoute04.logipro.com:222
49
+vm-inforoute09.logipro.com
50
+vm-inforoute12.logipro.com
51
+vm-inforoute18.logipro.com:222
52
+vm-inforoute24.logipro.com
53
+vm-inforoute43.logipro.com
54
+vm-inforoute48.logipro.com
55
+vm-inforoute68.logipro.com
56
+vm-inforoute69.logipro.com
57
+vm-occitan.logipro.com:222
58
+vm-richemont.logipro.com
59
+vm-sncf.logipro.com
60
+vpn-respire.logipro.com:222

+ 7
- 0
playbooks/Developpement/DebianAutoUpdate/hyp-host View File

@@ -0,0 +1,7 @@
1
+##################################
2
+
3
+# Lan negocia
4
+#vm-mutuinforoute.logipro.com:222
5
+
6
+[debian_update_security]
7
+hyp-occitan.logipro.com:222

+ 22
- 0
playbooks/Developpement/DebianAutoUpdate/on-host View File

@@ -0,0 +1,22 @@
1
+[debian_update_security]
2
+#phpservermon.logipro.com
3
+#vm-captain.logipro.com:222
4
+#vm-olympiades.logipro.com
5
+#vm-noobelearning.logipro.com:222
6
+#vm-occitan.logipro.com:222
7
+#vm-treelearning.logipro.com
8
+#vm-campus26.logipro.com:222
9
+#svn.logipro.com
10
+#phpservermon.logipro.com
11
+#vm-aiguebelette2015.logipro.com
12
+#vm-arpege.logipro.com
13
+#srv-backup.logipro.com
14
+#vm-macom.logipro.com
15
+#vm-mutuinforoute.logipro.com:222
16
+#vm-eres.logipro.com
17
+#hyp-if43.logipro.com
18
+#hyp-if11.logipro.com:222
19
+#vm-if11.logipro.com:222
20
+#vm-agorainfinity.logipro.com:22
21
+#vm-inforoute09.logipro.com:22
22
+vb.logipro.com:222

+ 25
- 0
playbooks/Developpement/DebianAutoUpdate/on-host.save View File

@@ -0,0 +1,25 @@
1
+##################################
2
+
3
+# Lan negocia
4
+#vm-mutuinforoute.logipro.com:222
5
+
6
+[debian_update_security]
7
+#phpservermon.logipro.com
8
+#vm-captain.logipro.com:222
9
+#vm-olympiades.logipro.com
10
+#vm-noobelearning.logipro.com:222
11
+#vm-occitan.logipro.com:222
12
+#vm-treelearning.logipro.com
13
+#vm-campus26.logipro.com:222
14
+#svn.logipro.com
15
+#phpservermon.logipro.com
16
+#vm-aiguebelette2015.logipro.com
17
+#vm-arpege.logipro.com
18
+#srv-backup.logipro.com
19
+#vm-macom.logipro.com
20
+#vm-mutuinforoute.logipro.com:222
21
+#vm-eres.logipro.com
22
+#hyp-if43.logipro.com
23
+#hyp-if11.logipro.com:222
24
+#vm-if11.logipro.com:222
25
+

+ 18
- 0
playbooks/Developpement/Environement/hosts View File

@@ -0,0 +1,18 @@
1
+##################################
2
+
3
+# Lan negocia
4
+#vm-mutuinforoute.logipro.com:222
5
+
6
+
7
+[k8s-all]
8
+192.168.220.60 ansible_python_interpreter=/usr/bin/python3
9
+192.168.220.61 ansible_python_interpreter=/usr/bin/python3
10
+192.168.220.62 ansible_python_interpreter=/usr/bin/python3
11
+
12
+[k8s-master]
13
+192.168.220.60 ansible_python_interpreter=/usr/bin/python3
14
+
15
+
16
+[k8s-nodes]
17
+192.168.220.61 ansible_python_interpreter=/usr/bin/python3
18
+192.168.220.62 ansible_python_interpreter=/usr/bin/python3

+ 1
- 0
playbooks/Developpement/Environement/pascalpp_rsa_key.pub View File

@@ -0,0 +1 @@
1
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsDthoNh3a1fzTud4bR7PK1syiDWKl+sgmBq0O5W7FT7s+l2ZVoGxZHRhQP4eUG3vLHY69Hedrj09b4KISXA8I8qKuBA5R+V71Ccxn3TImN9yGbkrJUAbq5GxL0RaaxcxHXjazVA69YRZVuJSLOaiLHG8JGUnZ/aKfS82cXC834uKQxqh4D3BpSYF89EH/jC7ZoJE4TjJeXk9wTEa2h4nCcAWpgnZDXZGPDfzR1x3x6/mQ/HIUL1My39Gz3cid9KZnLNCtllncxNFj9DCowwYaWnWDdRKVsHtySo44Cx71ZNO5Xk3bhz3pHo450Xewnk05wMOQh0VCMSOPYnj7He6PlsivEzSWINkc0uIKz1hMt9qACEQ8xsqguLzkx5L+IqL9SpmDg79ANuaMG+nBoQqdIC4xYhu8OxGrdkykmd/bR1XId+Z4Rg3j8ut64tjPtUoZtLYDoIgdZXi7IA+Es50wpeOeoImhxPLWSxERqDu48VSf1nJ/1E+2ZjeyCI1L5qLGN3rV/Yiomit2uA2Wy2OLg/SlQKN7oJiIccrNDdKQ9WWw7E4Ox8e7qGw9RTCR69SeFtfDF4ODTO/0iKChKqZeG/nAZnTRd7hKS4UvdbM+5q+YuuHbbN9+OZ4SJhVOoCPrzRdfQxJ5INMeSOiN7rIeLS6XX8aYQhthQVFZULqrIw== pascalp@vm-console

+ 8
- 0
playbooks/Developpement/Environement/ssh-copy-pub.yml View File

@@ -0,0 +1,8 @@
1
+---
2
+- hosts: k8s-all
3
+  tasks:
4
+  - name: Set authorized key taken from file
5
+    authorized_key:
6
+      user: root
7
+      state: present
8
+      key: "{{ lookup('file', './pascalpp_rsa_key.pub') }}"

+ 8
- 0
playbooks/Developpement/Environement/user.yml View File

@@ -0,0 +1,8 @@
1
+---
2
+- hosts: CT-Dev
3
+  tasks:
4
+  - name: Set authorized key taken from file
5
+    authorized_key:
6
+      user: root
7
+      state: present
8
+      key: "{{ lookup('file', '/home/pascal/.ssh/pascalpp_rsa_key.pub') }}"

+ 3
- 0
playbooks/Developpement/Fail2ban-debian8/dovecot-pop3imap.conf View File

@@ -0,0 +1,3 @@
1
+[Definition]
2
+failregex = (?: pop3-login|imap-login): .*(?:Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed|Aborted login \(\d+ authentication attempts).*rip=(?P<host>\S*),.*
3
+ignoreregex =

+ 1
- 0
playbooks/Developpement/Fail2ban-debian8/fail2ban-deb8.retry View File

@@ -0,0 +1 @@
1
+vm-eres.logipro.com

+ 52
- 0
playbooks/Developpement/Fail2ban-debian8/fail2ban-deb8.yml View File

@@ -0,0 +1,52 @@
1
+---
2
+- hosts: host2protect
3
+  tasks:
4
+
5
+  - name: Ensure fail2ban server is stop
6
+    service: name="fail2ban" state=stopped
7
+    ignore_errors: yes
8
+    when: ansible_distribution == "Debian" and ansible_distribution_release == "jessie"
9
+
10
+  - name: Remove "fail2ban" package
11
+    apt:
12
+      name: fail2ban
13
+      state: absent
14
+      purge: yes
15
+    ignore_errors: yes
16
+    when: ansible_distribution == "Debian" and ansible_distribution_release == "jessie"
17
+
18
+  - name: Removing old config
19
+    file:
20
+      path: /etc/fail2ban
21
+      state: absent
22
+    ignore_errors: yes
23
+    when: ansible_distribution == "Debian" and ansible_distribution_release == "jessie"
24
+
25
+  - name: Install fail2ban 
26
+    apt: pkg={{ item }} update_cache=yes cache_valid_time=3600
27
+    with_items:
28
+      - fail2ban
29
+      - rsync
30
+    when: ansible_distribution == "Debian" and ansible_distribution_release == "jessie"
31
+
32
+  - name: Copy jail.local
33
+    copy: src=./jail.local dest=/etc/fail2ban/jail.local
34
+    when: ansible_distribution == "Debian" and ansible_distribution_release == "jessie"
35
+  
36
+#  - name: Copy pureftpd.conf
37
+#    copy: src=./pureftpd.conf dest=/etc/fail2ban/filter.d/pureftpd.conf
38
+#    when: ansible_distribution == "Debian" and ansible_distribution_release == "jessie"
39
+  
40
+#   - name: Copy dovecot-pop3imap.conf
41
+#    copy: src=./dovecot-pop3imap.conf dest=/etc/fail2ban/filter.d/dovecot-pop3imap.conf
42
+#    when: ansible_distribution == "Debian" and ansible_distribution_release == "jessie"
43
+
44
+#  - name: the ignoreregex line in the postfix-sasl filter file
45
+#    lineinfile: 
46
+#      dest=/etc/fail2ban/filter.d/postfix-sasl.conf
47
+#      line="ignoreregex ="
48
+#    when: ansible_distribution == "Debian" and ansible_distribution_release == "jessie"
49
+
50
+    # Ensure Fail2ban server is running and will start at boot
51
+  - name: Ensure fail2ban server is running
52
+    service: name="fail2ban" state=restarted enabled=yes

+ 6
- 0
playbooks/Developpement/Fail2ban-debian8/hosts View File

@@ -0,0 +1,6 @@
1
+[host2protect]
2
+#vm-inforoute24.logipro.com
3
+#vm-macom.logipro.com
4
+#vm-modturbolead.logipro.com
5
+#isp15.logipro.com:222
6
+vm-xmpp.logipro.com:222

+ 20
- 0
playbooks/Developpement/Fail2ban-debian8/jail.local View File

@@ -0,0 +1,20 @@
1
+[pureftpd]
2
+enabled  = true
3
+port     = ftp
4
+filter   = pureftpd
5
+logpath  = /var/log/syslog
6
+maxretry = 3
7
+
8
+[dovecot-pop3imap]
9
+enabled = true
10
+filter = dovecot-pop3imap
11
+action = iptables-multiport[name=dovecot-pop3imap, port="pop3,pop3s,imap,imaps", protocol=tcp]
12
+logpath = /var/log/mail.log
13
+maxretry = 5
14
+
15
+[postfix-sasl]
16
+enabled  = true
17
+port     = smtp
18
+filter   = postfix-sasl
19
+logpath  = /var/log/mail.log
20
+maxretry = 3

+ 3
- 0
playbooks/Developpement/Fail2ban-debian8/pureftpd.conf View File

@@ -0,0 +1,3 @@
1
+[Definition]
2
+failregex = .*pure-ftpd: \(.*@<HOST>\) \[WARNING\] Authentication failed for user.*
3
+ignoreregex =

+ 4
- 0
playbooks/Developpement/IspSetup/Config.yml View File

@@ -0,0 +1,4 @@
1
+---
2
+- hosts: IspSetup
3
+  tasks:
4
+  - shell: echo "dash dash/sh boolean false" | debconf-set-selections

+ 4
- 0
playbooks/Developpement/IspSetup/DebiansourceList.yml View File

@@ -0,0 +1,4 @@
1
+---
2
+- hosts: IspSetup
3
+  tasks:
4
+    - template: src=SourceListJessie.j2 dest=/etc/apt/sources.list backup=yes

+ 1
- 0
playbooks/Developpement/IspSetup/DisableSpamassassin.retry View File

@@ -0,0 +1 @@
1
+isp-a1.logipro.com

+ 5
- 0
playbooks/Developpement/IspSetup/DisableSpamassassin.yml View File

@@ -0,0 +1,5 @@
1
+---
2
+- hosts: IspSetup
3
+  tasks:
4
+    - name: Disable spamassassin
5
+      service: name=spamassassin state=stopped enabled=no

+ 41
- 0
playbooks/Developpement/IspSetup/ISPconfigSetup.yml View File

@@ -0,0 +1,41 @@
1
+---
2
+- hosts: test
3
+  tasks:
4
+  - name: Run the equivalent of "apt-get update" as a separate step
5
+    apt:
6
+     update_cache: yes
7
+
8
+  - name: Install sudo
9
+    apt: name=sudo state=present
10
+
11
+  - name: Install rsync
12
+    apt: name=rsync state=present
13
+
14
+  - name: Add user
15
+    user: name=backuppc state=present
16
+
17
+  - name: Add .ssh directories
18
+    file:
19
+      path=/home/backuppc/.ssh
20
+      state=directory
21
+      mode=0700
22
+      owner=backuppc
23
+      group=backuppc
24
+
25
+  - name: Add keys
26
+    lineinfile:
27
+      dest=/home/backuppc/.ssh/authorized_keys
28
+      state=present
29
+      create=yes
30
+      line="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMmNIwEmG+OxLhLffXVzYK90xsD1gorlAKKGQisaWkl/mpQKmhClEkLBmsWXxja7zbklL64vJ4IB7YPiAbpseF2wrZ9tNSwOUzySF1zYFTWRX5S/Gboswlq7GSR3EoEz2XHgMzvbbVVrgvFAmdGSiIkSqkT0+EVmhc38YQxeZAT7XIQwAMLy+4m4lEd9TKSS2qJ8hWf8e3NMmDQKFJYykn6h4HxJY5JoNBk4yb1M6xqPhE8t8IrB1pJQrF9JBlIs9Yxfg2ktoJknb9bGQIQljiZAgsdKA1P1NReMjLMYFx7zDRhytW0iUaT/4VBPK0QR2JhLaLHF1em5Te5s6d65Jz backuppc@backup1"
31
+      owner=backuppc
32
+      group=backuppc
33
+      mode=0640
34
+
35
+  - name: Add to sudo
36
+    lineinfile:
37
+      dest: /etc/sudoers
38
+      state: present
39
+      regexp: '^backuppc\s'
40
+      line: 'backuppc  ALL=NOPASSWD: /usr/bin/rsync'
41
+      validate: 'visudo -cf %s'

+ 41
- 0
playbooks/Developpement/IspSetup/ISPconfigSetup.yml.bk View File

@@ -0,0 +1,41 @@
1
+---
2
+- hosts: test
3
+  tasks:
4
+  - name: Run the equivalent of "apt-get update" as a separate step
5
+    apt:
6
+     update_cache: yes
7
+
8
+  - name: Install sudo
9
+    apt: name=sudo state=present
10
+
11
+  - name: Install rsync
12
+    apt: name=rsync state=present
13
+
14
+  - name: Add user
15
+    user: name=backuppc state=present
16
+
17
+  - name: Add .ssh directories
18
+    file:
19
+      path=/home/backuppc/.ssh
20
+      state=directory
21
+      mode=0700
22
+      owner=backuppc
23
+      group=backuppc
24
+
25
+  - name: Add keys
26
+    lineinfile:
27
+      dest=/home/backuppc/.ssh/authorized_keys
28
+      state=present
29
+      create=yes
30
+      line="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMmNIwEmG+OxLhLffXVzYK90xsD1gorlAKKGQisaWkl/mpQKmhClEkLBmsWXxja7zbklL64vJ4IB7YPiAbpseF2wrZ9tNSwOUzySF1zYFTWRX5S/Gboswlq7GSR3EoEz2XHgMzvbbVVrgvFAmdGSiIkSqkT0+EVmhc38YQxeZAT7XIQwAMLy+4m4lEd9TKSS2qJ8hWf8e3NMmDQKFJYykn6h4HxJY5JoNBk4yb1M6xqPhE8t8IrB1pJQrF9JBlIs9Yxfg2ktoJknb9bGQIQljiZAgsdKA1P1NReMjLMYFx7zDRhytW0iUaT/4VBPK0QR2JhLaLHF1em5Te5s6d65Jz backuppc@backup1"
31
+      owner=backuppc
32
+      group=backuppc
33
+      mode=0640
34
+
35
+  - name: Add to sudo
36
+    lineinfile:
37
+      dest: /etc/sudoers
38
+      state: present
39
+      regexp: '^backuppc\s'
40
+      line: 'backuppc  ALL=NOPASSWD: /usr/bin/rsync'
41
+      validate: 'visudo -cf %s'

+ 12
- 0
playbooks/Developpement/IspSetup/MysqlConfig.yml View File

@@ -0,0 +1,12 @@
1
+---
2
+- hosts: IspSetup
3
+  tasks:
4
+    - name: Mysql bind config
5
+      lineinfile: 
6
+        dest: /etc/mysql/my.cnf
7
+        regexp: "^bind-address"
8
+        line: "#bind-address           = 127.0.0.1"
9
+        state: present
10
+
11
+    - name: mysql | ensure service is running
12
+      service: name=mysql state=restarted

+ 28
- 0
playbooks/Developpement/IspSetup/Package-1.yml View File

@@ -0,0 +1,28 @@
1
+---
2
+- hosts: IspSetup
3
+  tasks:
4
+    - name: Apt Update
5
+      apt: update_cache=yes
6
+
7
+    - name: Install list of packages
8
+      apt: name={{item}} state=installed
9
+      with_items:
10
+           - nano    
11
+           - vim-nox 
12
+           - ntp
13
+           - postfix 
14
+           - postfix-mysql
15
+           - postfix-doc
16
+           - mariadb-client
17
+           - mariadb-server
18
+           - openssl
19
+           - getmail4
20
+           - rkhunter
21
+           - binutils
22
+           - dovecot-imapd
23
+           - dovecot-pop3d
24
+           - dovecot-mysql
25
+           - dovecot-sieve
26
+           - dovecot-lmtpd
27
+           - sudo
28
+

+ 32
- 0
playbooks/Developpement/IspSetup/Package-2.yml View File

@@ -0,0 +1,32 @@
1
+---
2
+- hosts: IspSetup
3
+  tasks:
4
+    - name: Apt Update
5
+      apt: update_cache=yes
6
+
7
+    - name: Install list of packages
8
+      apt: name={{item}} state=installed
9
+      with_items:
10
+           - amavisd-new
11
+           - spamassassin
12
+           - clamav
13
+           - clamav-daemon
14
+           - zoo
15
+           - unzip
16
+           - bzip2
17
+           - arj
18
+           - nomarch
19
+           - lzop
20
+           - cabextract
21
+           - apt-listchanges
22
+           - libnet-ldap-perl
23
+           - libauthen-sasl-perl
24
+           - clamav-docs
25
+           - daemon
26
+           - libio-string-perl
27
+           - libio-socket-ssl-perl
28
+           - libnet-ident-perl
29
+           - zip
30
+           - libnet-dns-perl
31
+           - postgrey
32
+

+ 13
- 0
playbooks/Developpement/IspSetup/Package-Apcu.yml View File

@@ -0,0 +1,13 @@
1
+---
2
+- hosts: IspSetup
3
+  tasks:
4
+    - name: Apt Update
5
+      apt: update_cache=yes
6
+
7
+    - name: Install list of packages
8
+      apt: name={{item}} state=installed
9
+      with_items:
10
+           - php5-apcu
11
+
12
+    - name: Restart Apache
13
+      service: name=apache2 state=restarted enabled=yes

+ 1
- 0
playbooks/Developpement/IspSetup/Package-Bind.retry View File

@@ -0,0 +1 @@
1
+isp-projqtor.logipro.com

+ 45
- 0
playbooks/Developpement/IspSetup/Package-Bind.yml View File

@@ -0,0 +1,45 @@
1
+---
2
+- hosts: IspSetup
3
+  tasks:
4
+    - name: Apt Update
5
+      apt: update_cache=yes
6
+
7
+    - name: Install list of packages
8
+      apt: name={{item}} state=installed
9
+      with_items:
10
+           - bind9 
11
+           - dnsutils
12
+           - haveged
13
+
14
+    - name: Restart Apache
15
+      service: name=bind9 state=restarted enabled=yes
16
+
17
+    - name: Install list of packages
18
+      apt: name={{item}} state=installed
19
+      with_items:
20
+           - webalizer
21
+           - awstats
22
+           - geoip-database
23
+           - libclass-dbi-mysql-perl
24
+           - libtimedate-perl
25
+
26
+
27
+    - name: Ansible lineinfile regexp replace example
28
+      lineinfile:
29
+        dest: /etc/cron.d/awstats
30
+        regexp: '(\*\/10.*)'
31
+        line: '#\1'
32
+        backrefs: yes
33
+
34
+    - name: Ansible lineinfile regexp replace example
35
+      lineinfile:
36
+        dest: /etc/cron.d/awstats
37
+        regexp: '(.*MAILTO=root.*)'
38
+        line: '#\1'
39
+        backrefs: yes
40
+    - name: Ansible lineinfile regexp replace example
41
+      lineinfile:
42
+        dest: /etc/cron.d/awstats
43
+        regexp: '(10 03.*)'
44
+        line: '#\1'
45
+        backrefs: yes

+ 17
- 0
playbooks/Developpement/IspSetup/Package-PHP-FPM.yml View File

@@ -0,0 +1,17 @@
1
+---
2
+- hosts: IspSetup
3
+  tasks:
4
+    - name: Apt Update
5
+      apt: update_cache=yes
6
+
7
+    - name: Install list of packages
8
+      apt: name={{item}} state=installed
9
+      with_items:
10
+           - libapache2-mod-fastcgi
11
+           - php5-fpm
12
+           - php5-apcu
13
+
14
+    - shell: a2enmod actions fastcgi alias
15
+
16
+    - name: Restart Apache
17
+      service: name=apache2 state=restarted enabled=yes

+ 1
- 0
playbooks/Developpement/IspSetup/Package-PureFTPd-Quota.retry View File

@@ -0,0 +1 @@
1
+isp-projqtor.logipro.com

+ 42
- 0
playbooks/Developpement/IspSetup/Package-PureFTPd-Quota.yml View File

@@ -0,0 +1,42 @@
1
+---
2
+- hosts: IspSetup
3
+  tasks:
4
+    - name: Apt Update
5
+      apt: update_cache=yes
6
+
7
+    - name: Install list of packages
8
+      apt: name={{item}} state=installed
9
+      with_items:
10
+           - pure-ftpd-common
11
+           - pure-ftpd-mysql
12
+           - quota
13
+           - quotatool
14
+
15
+    - name: PureFTP VIRTUALCHROOT
16
+      lineinfile:
17
+        dest: /etc/default/pure-ftpd-common
18
+        regexp: "^VIRTUALCHROOT"
19
+        line: "VIRTUALCHROOT=true"
20
+        state: present
21
+
22
+
23
+    - shell: echo 1 > /etc/pure-ftpd/conf/TLS
24
+    - shell: mkdir -p /etc/ssl/private/
25
+
26
+    - name: Generate TLS PEM for pure-ftpd
27
+      expect:
28
+        command: openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem
29
+        responses:
30
+          (?i)country name: "FR"
31
+          (?i)state or province name: "Auvergne"
32
+          (?i)locality name: "Le Puy en Velay"
33
+          (?i)organization name: "Logipro"
34
+          (?i)organizational unit name: "IT"
35
+          (?i)common name: "isp-a1.logipro.com"
36
+          (?i)email address: "tech@logipro.com"
37
+
38
+    - name: Restrict permissions on PEM
39
+      file: state=file path=/etc/ssl/private/pure-ftpd.pem mode=0600 owner=root group=root
40
+
41
+    - name: Restart PureFtp
42
+      service: name=pure-ftpd-mysql state=restarted enabled=yes

+ 52
- 0
playbooks/Developpement/IspSetup/Package-apache.yml View File

@@ -0,0 +1,52 @@
1
+---
2
+- hosts: IspSetup
3
+  tasks:
4
+    - name: Apt Update
5
+      apt: update_cache=yes
6
+
7
+    - name: Install list of packages
8
+      apt: name={{item}} state=installed
9
+      with_items:
10
+           - apache2
11
+           - apache2.2-common
12
+           - apache2-doc
13
+           - apache2-mpm-prefork
14
+           - apache2-utils
15
+           - libexpat1
16
+           - ssl-cert
17
+           - libapache2-mod-php5
18
+           - php5
19
+           - php5-common
20
+           - php5-gd
21
+           - php5-mysql
22
+           - php5-imap
23
+           - phpmyadmin
24
+           - php5-cli
25
+           - php5-cgi
26
+           - libapache2-mod-fcgid
27
+           - apache2-suexec
28
+           - php-pear
29
+           - php-auth
30
+           - php5-mcrypt
31
+           - mcrypt
32
+           - php5-imagick
33
+           - imagemagick
34
+           - libruby
35
+           - libapache2-mod-python
36
+           - php5-curl
37
+           - php5-intl
38
+           - php5-memcache
39
+           - php5-memcached
40
+           - php5-pspell
41
+           - php5-recode
42
+           - php5-sqlite
43
+           - php5-tidy
44
+           - php5-xmlrpc
45
+           - php5-xsl
46
+           - memcached
47
+           - libapache2-mod-passenger
48
+
49
+    - shell: a2enmod suexec rewrite ssl actions include dav_fs dav auth_digest cgi headers
50
+
51
+    - name: Restart Apache
52
+      service: name=apache2 state=restarted enabled=yes

+ 11
- 0
playbooks/Developpement/IspSetup/Package-certbot.yml View File

@@ -0,0 +1,11 @@
1
+---
2
+- hosts: IspSetup
3
+  tasks:
4
+    - name: Apt Update
5
+      apt: update_cache=yes
6
+
7
+    - name: Install list of packages
8
+      apt: name=python-certbot-apache state=present default_release=jessie-backports
9
+
10
+    - name: python-pexpect from backport
11
+      apt: name=python-pexpect state=present default_release=jessie-backports

+ 7
- 0
playbooks/Developpement/IspSetup/PostfixConfig.yml View File

@@ -0,0 +1,7 @@
1
+---
2
+- hosts: IspSetup
3
+  tasks:
4
+    - template: src=master.cf.j2 dest=/etc/postfix/master.cf backup=yes
5
+
6
+    - name: postfix | ensure service is running
7
+      service: name=postfix state=restarted

+ 31
- 0
playbooks/Developpement/IspSetup/PostfixConfig.yml.test View File

@@ -0,0 +1,31 @@
1
+---
2
+- hosts: IspSetup
3
+  tasks:
4
+    - name: Postfix
5
+      lineinfile:
6
+        dest: /etc/postfix/master.cf
7
+        regexp: "{{ item.regexp }}"
8
+        line: "{{ item.line }}"
9
+      with_items:
10
+        - { regexp: '^#submission inet n - - - - smtpd', line: 'submission inet n - - - - smtpd' }
11
+        - { regexp: '^#  -o syslog_name=postfix/submission', line: '  -o syslog_name=postfix/submission' }
12
+        - { regexp: '^#  -o smtpd_tls_security_level=encrypt', line: '  -o smtpd_tls_security_level=encrypt' }
13
+        - { regexp: '^#  -o smtpd_sasl_auth_enable=yes', line: '  -o smtpd_sasl_auth_enable=yes' }
14
+        - { regexp: '^#smtps     inet  n', line: 'smtps     inet  n       -       -       -       -       smtpd' }
15
+        - { regexp: '^#  -o smtpd_tls_wrappermode=yes', line: '  -o smtpd_tls_wrappermode=yes' }
16
+        - { regexp: '^#  -o smtpd_sasl_auth_enable=yes', line: '  -o smtpd_sasl_auth_enable=yes' }
17
+        - { regexp: '^#  -o syslog_name=postfix/submission', line: '  -o syslog_name=postfix/submission' }
18
+
19
+    - name: Isp add to Portix (1)
20
+      lineinfile:
21
+         dest: /etc/postfix/master.cf
22
+         regexp: '^submission inet n - - - - smtpd'
23
+         insertafter: '^submission inet n - - - - smtpd'
24
+         line: ' -o smtpd_client_restrictions=permit_sasl_authenticated,reject'
25
+    - name: Isp add to Portix (2)
26
+      lineinfile:
27
+         dest: /etc/postfix/master.cf
28
+         regexp: '^smtps     inet  n'
29
+         insertafter: '^smtps     inet  n'
30
+         line: ' -o smtpd_client_restrictions=permit_sasl_authenticated,reject'
31
+

+ 8
- 0
playbooks/Developpement/IspSetup/SourceListJessie.j2 View File

@@ -0,0 +1,8 @@
1
+deb http://ftp.fr.debian.org/debian/ jessie main contrib non-free
2
+deb-src http://ftp.fr.debian.org/debian/ jessie main contrib non-free
3
+
4
+deb http://security.debian.org/ jessie/updates main contrib non-free
5
+deb-src http://security.debian.org/ jessie/updates main contrib non-free
6
+
7
+# Backports
8
+deb http://ftp.debian.org/debian jessie-backports main

+ 1
- 0
playbooks/Developpement/IspSetup/debianupgrade.retry View File

@@ -0,0 +1 @@
1
+isp-a1.logipro.com

+ 10
- 0
playbooks/Developpement/IspSetup/debianupgrade.yml View File

@@ -0,0 +1,10 @@
1
+---
2
+
3
+- hosts: IspSetup
4
+#  sudo: yes
5
+  tasks:
6
+    - name: Apt Update
7
+      apt: update_cache=yes
8
+
9
+    - name: Upgrade a server
10
+      apt: upgrade=dist

+ 41
- 0
playbooks/Developpement/IspSetup/debianupgrade.yml.v1 View File

@@ -0,0 +1,41 @@
1
+---
2
+
3
+- hosts: IspSetup
4
+#  sudo: yes
5
+  tasks:
6
+    - name: Update packages list
7
+      apt: update_cache=yes
8
+      when: ansible_os_family == 'Debian'
9
+
10
+    - name: List packages to upgrade (1/2)
11
+      shell: aptitude -q -F%p --disable-columns search "~U"
12
+      register: updates
13
+      changed_when: False
14
+      when: ansible_os_family == 'Debian'
15
+
16
+    - name: List packages to upgrade (2/2)
17
+      debug: msg="{{ updates.stdout_lines | count }} packages to upgrade ({{ updates.stdout_lines | join(', ') }})"
18
+      when: (ansible_os_family == 'Debian' and updates.stdout_lines)
19
+
20
+    - name: Upgrade packages
21
+      apt: upgrade=safe
22
+      when: ansible_os_family == 'Debian'
23
+
24
+    - name: Check what the new version is
25
+      shell:  lsb_release -r | awk '{print $2}'
26
+      changed_when: False
27
+      register: new_release
28
+
29
+    - name: Notify distribution version upgrade
30
+      debug: msg="Debian has been upgraded from {{ ansible_lsb.release }} to {{ new_release.stdout }}"
31
+      when: ansible_lsb.release != new_release.stdout
32
+
33
+    - name: List services to restart (1/2)
34
+      shell: checkrestart | grep ^service | awk '{print $2}'
35
+      register: services
36
+      changed_when: False
37
+      when: ansible_os_family == 'Debian'
38
+
39
+    - name: List services to restart (2/2)
40
+      debug: msg="{{ services.stdout_lines | count }} services to restart ({{ services.stdout_lines | join (', ') }})"
41
+      when: (ansible_os_family == 'Debian' and services.stdout_lines)

+ 125
- 0
playbooks/Developpement/IspSetup/master.cf.j2 View File

@@ -0,0 +1,125 @@
1
+#
2
+# Postfix master process configuration file.  For details on the format
3
+# of the file, see the master(5) manual page (command: "man 5 master" or
4
+# on-line: http://www.postfix.org/master.5.html).
5
+#
6
+# Do not forget to execute "postfix reload" after editing this file.
7
+#
8
+# ==========================================================================
9
+# service type  private unpriv  chroot  wakeup  maxproc command + args
10
+#               (yes)   (yes)   (yes)   (never) (100)
11
+# ==========================================================================
12
+smtp      inet  n       -       -       -       -       smtpd
13
+#smtp      inet  n       -       -       -       1       postscreen
14
+#smtpd     pass  -       -       -       -       -       smtpd
15
+#dnsblog   unix  -       -       -       -       0       dnsblog
16
+#tlsproxy  unix  -       -       -       -       0       tlsproxy
17
+submission inet n       -       -       -       -       smtpd
18
+  -o syslog_name=postfix/submission
19
+  -o smtpd_tls_security_level=encrypt
20
+  -o smtpd_sasl_auth_enable=yes
21
+  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
22
+#  -o smtpd_reject_unlisted_recipient=no
23
+#  -o smtpd_client_restrictions=$mua_client_restrictions
24
+#  -o smtpd_helo_restrictions=$mua_helo_restrictions
25
+#  -o smtpd_sender_restrictions=$mua_sender_restrictions
26
+#  -o smtpd_recipient_restrictions=
27
+#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
28
+#  -o milter_macro_daemon_name=ORIGINATING
29
+smtps     inet  n       -       -       -       -       smtpd
30
+  -o syslog_name=postfix/smtps
31
+  -o smtpd_tls_wrappermode=yes
32
+  -o smtpd_sasl_auth_enable=yes
33
+  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
34
+#  -o smtpd_reject_unlisted_recipient=no
35
+#  -o smtpd_client_restrictions=$mua_client_restrictions
36
+#  -o smtpd_helo_restrictions=$mua_helo_restrictions
37
+#  -o smtpd_sender_restrictions=$mua_sender_restrictions
38
+#  -o smtpd_recipient_restrictions=
39
+#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
40
+#  -o milter_macro_daemon_name=ORIGINATING
41
+#628       inet  n       -       -       -       -       qmqpd
42
+pickup    unix  n       -       -       60      1       pickup
43
+cleanup   unix  n       -       -       -       0       cleanup
44
+qmgr      unix  n       -       n       300     1       qmgr
45
+#qmgr     unix  n       -       n       300     1       oqmgr
46
+tlsmgr    unix  -       -       -       1000?   1       tlsmgr
47
+rewrite   unix  -       -       -       -       -       trivial-rewrite
48
+bounce    unix  -       -       -       -       0       bounce
49
+defer     unix  -       -       -       -       0       bounce
50
+trace     unix  -       -       -       -       0       bounce
51
+verify    unix  -       -       -       -       1       verify
52
+flush     unix  n       -       -       1000?   0       flush
53
+proxymap  unix  -       -       n       -       -       proxymap
54
+proxywrite unix -       -       n       -       1       proxymap
55
+smtp      unix  -       -       -       -       -       smtp
56
+relay     unix  -       -       -       -       -       smtp
57
+#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
58
+showq     unix  n       -       -       -       -       showq
59
+error     unix  -       -       -       -       -       error
60
+retry     unix  -       -       -       -       -       error
61
+discard   unix  -       -       -       -       -       discard
62
+local     unix  -       n       n       -       -       local
63
+virtual   unix  -       n       n       -       -       virtual
64
+lmtp      unix  -       -       -       -       -       lmtp
65
+anvil     unix  -       -       -       -       1       anvil
66
+scache    unix  -       -       -       -       1       scache
67
+#
68
+# ====================================================================
69
+# Interfaces to non-Postfix software. Be sure to examine the manual
70
+# pages of the non-Postfix software to find out what options it wants.
71
+#
72
+# Many of the following services use the Postfix pipe(8) delivery
73
+# agent.  See the pipe(8) man page for information about ${recipient}
74
+# and other message envelope options.
75
+# ====================================================================
76
+#
77
+# maildrop. See the Postfix MAILDROP_README file for details.
78
+# Also specify in main.cf: maildrop_destination_recipient_limit=1
79
+#
80
+maildrop  unix  -       n       n       -       -       pipe
81
+  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
82
+#
83
+# ====================================================================
84
+#
85
+# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
86
+#
87
+# Specify in cyrus.conf:
88
+#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
89
+#
90
+# Specify in main.cf one or more of the following:
91
+#  mailbox_transport = lmtp:inet:localhost
92
+#  virtual_transport = lmtp:inet:localhost
93
+#
94
+# ====================================================================
95
+#
96
+# Cyrus 2.1.5 (Amos Gouaux)
97
+# Also specify in main.cf: cyrus_destination_recipient_limit=1
98
+#
99
+#cyrus     unix  -       n       n       -       -       pipe
100
+#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
101
+#
102
+# ====================================================================
103
+# Old example of delivery via Cyrus.
104
+#
105
+#old-cyrus unix  -       n       n       -       -       pipe
106
+#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
107
+#
108
+# ====================================================================
109
+#
110
+# See the Postfix UUCP_README file for configuration details.
111
+#
112
+uucp      unix  -       n       n       -       -       pipe
113
+  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
114
+#
115
+# Other external delivery methods.
116
+#
117
+ifmail    unix  -       n       n       -       -       pipe
118
+  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
119
+bsmtp     unix  -       n       n       -       -       pipe
120
+  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
121
+scalemail-backend unix	-	n	n	-	2	pipe
122
+  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
123
+mailman   unix  -       n       n       -       -       pipe
124
+  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
125
+  ${nexthop} ${user}

+ 31
- 0
playbooks/Developpement/Netdata/AddNrpe2Client.yml View File

@@ -0,0 +1,31 @@
1
+---
2
+- hosts: v2-webcam.inforoute67.fr
3
+  tasks:
4
+  - name: Run the equivalent of "apt-get update" as a separate step
5
+    apt: update_cache=yes
6
+
7
+  - name: Install nrpe
8
+    apt: name=nagios-nrpe-server state=present
9
+
10
+  - name: Install nagios-plugins [Debian]
11
+    apt: name=nagios-plugins state=present
12
+
13
+  - name: Config Nrpe
14
+    lineinfile:
15
+      dest=/etc/nagios/nrpe.cfg
16
+      state=present
17
+      regexp='^allowed_hosts='
18
+      line='allowed_hosts=centreon.logipro.com'
19
+  
20
+  - name: Config Nrpe Logipro
21
+    blockinfile: |
22
+      dest=/etc/nagios/nrpe.cfg
23
+      content='
24
+        ### Config Logipro
25
+        #command[check_apt]=/usr/lib/nagios/plugins/check_apt
26
+        command[check_disk_root]=/usr/lib/nagios/plugins/check_disk -w 20% -c 10% /
27
+        command[check_disk_var]=/usr/lib/nagios/plugins/check_disk -w 20% -c 10% /var'
28
+
29
+  # Ensure NRPE server is running and will start at boot
30
+  - name: Ensure NRPE server is running
31
+    service: name="nagios-nrpe-server" state=restarted enabled=yes

+ 1
- 0
playbooks/Developpement/Netdata/SnmpLibrenms.retry View File

@@ -0,0 +1 @@
1
+vm-macom.logipro.com

+ 32
- 0
playbooks/Developpement/Netdata/SnmpLibrenms.yml View File

@@ -0,0 +1,32 @@
1
+---
2
+- hosts: vm-mutuinforoute.logipro.com
3
+  tasks:
4
+  - name: Run the equivalent of "apt-get update" as a separate step
5
+    apt: update_cache=yes
6
+
7
+  - name: Install nrpe
8
+    apt: name=snmpd state=present
9
+
10
+  - name: fetch file from source servers
11
+    copy:
12
+      src: snmpd.conf.j2
13
+      dest: /etc/snmp/snmpd.conf
14
+
15
+  - name: fetch distro
16
+    get_url: 
17
+      url: https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro 
18
+      dest: /usr/bin/distro
19
+      mode: 0755
20
+
21
+  - name: Ensure NRPE server is running
22
+    service: name="snmpd" state=restarted enabled=yes
23
+
24
+  - name: Modify Bastille for vpn
25
+    lineinfile:
26
+         dest: /etc/Bastille/bastille-firewall.cfg
27
+         regexp: '^TRUSTED_IFACES="lo"'
28
+         line: 'TRUSTED_IFACES="lo tun0"'
29
+         state: present
30
+
31
+  - name: Ensure bastille-firewall server is restart
32
+    service: name="bastille-firewall" state=restarted enabled=yes

+ 54
- 0
playbooks/Developpement/Netdata/apt-dater/AddVm2SrvBackup1.yml View File

@@ -0,0 +1,54 @@
1
+---
2
+- hosts: Vm-backup
3
+  tasks:
4
+
5
+  - name: Run the equivalent of "apt-get update" as a separate step
6
+    apt:
7
+     update_cache: yes
8
+
9
+  - name: Install sudo
10
+    apt: name=sudo state=present
11
+
12
+  - name: Install rsync
13
+    apt: name=rsync state=present
14
+
15
+  - name: Add user
16
+    user: name=backuppc state=present
17
+
18
+  - name: Add .ssh directories
19
+    file:
20
+      path=/home/backuppc/.ssh
21
+      state=directory
22
+      mode=0700
23
+      owner=backuppc
24
+      group=backuppc
25
+
26
+  - name: Add keys
27
+    lineinfile:
28
+      dest=/home/backuppc/.ssh/authorized_keys
29
+      state=present
30
+      create=yes
31
+      line="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDBX+Synu15WinuIng6b/2N2M/oNz51eyd5RIqrqT3HalxAkDO8Pb7Zy2hoJ5UZ5G1oV1ad16usERPE+5MzAywIwdOhXtjeCCWE1i4JfrOb+a/ajihHwVhO5RZ4pZcoRK5k8xemELA+QPVuTSlIrOjXt6ZjAq3JKLshCQzACGIdWwFxwQQqgX3hcFoZqNcOKmKmAJlziBrCKnteawy6f0HBf2YHaPriLt25wH1gACq2aACthLg78ibsddcqiwR7B67xZHxYXrVDBVhJYP4rvqkNG8bdevYWRhLJFcxD4d+K0si/LpLpt9UXGhvzMDuAT6Tti7hT0w2YKny4kWbuqnK/JWDMMRiUrcMu9aRbFz6Iu1GOVapmrWTDwJ6PRE7ec2fU76vyeKDfKBgknGxLoJ2gXhTSyyPLUs5xqqioZffSdQlVt74THRItj5k09H6JaL9ASJlx4iI49wWkAK5NygqbK43jGCcRgmTcMTJ2bXkSaeQUu8L0wIdo1euE5tnKhtkQ32Os0rSWn8zbeO6WalH5K4CQcB1XhjrrUyPdD4PxJlxUQ9QYBijTgml46RUKyJWQWmCSi3RvUOaY4dZ1EflbnGESCpobs2gLUXlshRvqOlGKKV7xIXKUFSTlk+iDM8d49h80EivauC7kI7gBFlmIemkAhZieaBkLJGCc6TCXlQ== backuppc@srv-bk"
32
+      owner=backuppc
33
+      group=backuppc
34
+      mode=0640
35
+
36
+  - name: Add to sudo
37
+    lineinfile:
38
+      dest: /etc/sudoers
39
+      state: present
40
+      regexp: '^backuppc\s'
41
+      line: 'backuppc  ALL=NOPASSWD: /usr/bin/rsync'
42
+      validate: 'visudo -cf %s'
43
+
44
+- hosts: SrvBackup
45
+  tasks:
46
+  - name: Add to hosts file
47
+    lineinfile:
48
+      backup: yes
49
+      dest: /etc/backuppc/hosts
50
+      line: "{{ hostvars[item]['ansible_fqdn']}} \t0\tbackuppc"
51
+    with_items: "{{ groups['Vm-backup'] }}"
52
+
53
+  - name: Restart Backuppc
54
+    service: name="backuppc" state=restarted

+ 8
- 0
playbooks/Developpement/Netdata/apt-dater/one-host View File

@@ -0,0 +1,8 @@
1
+[Vm-backup]
2
+vm-occitan.logipro.com:222 bkfile=vm-occitan.logipro.com srvbk=srv-bk.logipro.com
3
+
4
+[Vm-backup:vars]
5
+srvbk=srv-bk.logipro.com
6
+
7
+[SrvBackup]
8
+srv-bk.logipro.com

+ 114
- 0
playbooks/Developpement/Netdata/distro.j2 View File

@@ -0,0 +1,114 @@
1
+#!/usr/bin/env bash
2
+# Detects which OS and if it is Linux then it will detect which Linux Distribution.
3
+
4
+OS=`uname -s`
5
+REV=`uname -r`
6
+MACH=`uname -m`
7
+
8
+if [ "${OS}" = "SunOS" ] ; then
9
+  OS=Solaris
10
+  ARCH=`uname -p`
11
+  OSSTR="${OS} ${REV}(${ARCH} `uname -v`)"
12
+
13
+elif [ "${OS}" = "AIX" ] ; then
14
+  OSSTR="${OS} `oslevel` (`oslevel -r`)"
15
+
16
+elif [ "${OS}" = "Linux" ] ; then
17
+  KERNEL=`uname -r`
18
+
19
+  if [ -f /etc/fedora-release ]; then
20
+    DIST=$(cat /etc/fedora-release | awk '{print $1}')
21
+    REV=`cat /etc/fedora-release | sed s/.*release\ // | sed s/\ .*//`
22
+        
23
+  elif [ -f /etc/redhat-release ] ; then
24
+    DIST=$(cat /etc/redhat-release | awk '{print $1}')
25
+    if [ "${DIST}" = "CentOS" ]; then
26
+      DIST="CentOS"
27
+    elif [ "${DIST}" = "Mandriva" ]; then
28
+      DIST="Mandriva"
29
+      PSEUDONAME=`cat /etc/mandriva-release | sed s/.*\(// | sed s/\)//`
30
+      REV=`cat /etc/mandriva-release | sed s/.*release\ // | sed s/\ .*//`
31
+    elif [ -f /etc/oracle-release ]; then
32
+      DIST="Oracle"
33
+    else
34
+      DIST="RedHat"
35
+    fi
36
+
37
+    PSEUDONAME=`cat /etc/redhat-release | sed s/.*\(// | sed s/\)//`
38
+    REV=`cat /etc/redhat-release | sed s/.*release\ // | sed s/\ .*//`
39
+
40
+  elif [ -f /etc/mandrake-release ] ; then
41
+    DIST='Mandrake'
42
+    PSEUDONAME=`cat /etc/mandrake-release | sed s/.*\(// | sed s/\)//`
43
+    REV=`cat /etc/mandrake-release | sed s/.*release\ // | sed s/\ .*//`
44
+
45
+  elif [ -f /etc/devuan_version ] ; then
46
+    DIST="Devuan `cat /etc/devuan_version`"
47
+    REV=""
48
+
49
+  elif [ -f /etc/debian_version ] ; then
50
+    DIST="Debian `cat /etc/debian_version`"
51
+    REV=""
52
+    ID=`lsb_release -i | awk -F ':' '{print $2}' | sed 's/	//g'`
53
+    if [ "${ID}" = "Raspbian" ] ; then
54
+      DIST="Raspbian `cat /etc/debian_version`"
55
+    fi
56
+
57
+  elif [ -f /etc/gentoo-release ] ; then
58
+    DIST="Gentoo"
59
+    REV=$(tr -d '[[:alpha:]]' </etc/gentoo-release | tr -d " ")
60
+
61
+  elif [ -f /etc/arch-release ] ; then
62
+    DIST="Arch Linux"
63
+    REV="" # Omit version since Arch Linux uses rolling releases
64
+    IGNORE_LSB=1 # /etc/lsb-release would overwrite $REV with "rolling"
65
+
66
+  elif [ -f /etc/os-release ] ; then
67
+    DIST=$(grep '^NAME=' /etc/os-release | cut -d= -f2- | tr -d '"')
68