tuto3: various fixes to help students
This commit is contained in:
parent
4d3b5c42b6
commit
7a72afc81d
@ -19,7 +19,8 @@ RUN echo "deb http://deb.debian.org/debian buster-backports main" >> /etc/apt/so
|
|||||||
udev \
|
udev \
|
||||||
vim.tiny \
|
vim.tiny \
|
||||||
wireguard-tools \
|
wireguard-tools \
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
&& rm -rf /var/lib/apt/lists/* \
|
||||||
|
&& rm -rf /etc/ssh/ssh_host_*_key*
|
||||||
|
|
||||||
RUN rm -rf /etc/init.d/ && \
|
RUN rm -rf /etc/init.d/ && \
|
||||||
mkdir /overlay && \
|
mkdir /overlay && \
|
||||||
|
@ -19,6 +19,7 @@ RUN apt-get update && apt-get install --no-install-recommends -y \
|
|||||||
tcpdump \
|
tcpdump \
|
||||||
udev \
|
udev \
|
||||||
vim.tiny \
|
vim.tiny \
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
&& rm -rf /var/lib/apt/lists/* \
|
||||||
|
&& rm -rf /etc/ssh/ssh_host_*_key*
|
||||||
|
|
||||||
COPY sshd_config /etc/ssh/sshd_config
|
COPY sshd_config /etc/ssh/sshd_config
|
||||||
|
@ -8,7 +8,8 @@ RUN apt-get update && apt-get install --no-install-recommends -y \
|
|||||||
python-apt \
|
python-apt \
|
||||||
systemd-sysv \
|
systemd-sysv \
|
||||||
vim.tiny \
|
vim.tiny \
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
&& rm -rf /var/lib/apt/lists/* \
|
||||||
|
&& rm -rf /etc/ssh/ssh_host_*_key*
|
||||||
|
|
||||||
COPY gai.conf /etc/gai.conf
|
COPY gai.conf /etc/gai.conf
|
||||||
COPY sshd_config /etc/ssh/sshd_config
|
COPY sshd_config /etc/ssh/sshd_config
|
||||||
|
@ -12,7 +12,7 @@ cmdline() {
|
|||||||
[ -f "/var/lib/adlin/wireguard/adlin.token" ] && WGTOKEN=$(cat /var/lib/adlin/wireguard/adlin.token)
|
[ -f "/var/lib/adlin/wireguard/adlin.token" ] && WGTOKEN=$(cat /var/lib/adlin/wireguard/adlin.token)
|
||||||
[ -z "${WGTOKEN}" ] && WGTOKEN=$(cmdline adlin.token)
|
[ -z "${WGTOKEN}" ] && WGTOKEN=$(cmdline adlin.token)
|
||||||
[ -z "${WGTOKEN}" ] && {
|
[ -z "${WGTOKEN}" ] && {
|
||||||
echo -n "You didn't define your token to connect the network. Please copy it into /var/lib/adlin/wireguard/adlin.token and reboot."
|
echo "You didn't define your token to connect the network. Please run here `join-p0m` and then reboot."
|
||||||
exit 1
|
exit 1
|
||||||
}
|
}
|
||||||
[ -f "/var/lib/adlin/wireguard/adlin.conf" ] && WGPRVKEY=$(sed 's/^.*PrivateKey *= *//p;d' /var/lib/adlin/wireguard/adlin.conf)
|
[ -f "/var/lib/adlin/wireguard/adlin.conf" ] && WGPRVKEY=$(sed 's/^.*PrivateKey *= *//p;d' /var/lib/adlin/wireguard/adlin.conf)
|
||||||
|
@ -86,7 +86,7 @@ angular.module("AdLinApp")
|
|||||||
});
|
});
|
||||||
};
|
};
|
||||||
$rootScope.checkLoginState();
|
$rootScope.checkLoginState();
|
||||||
$interval($rootScope.checkLoginState, 20000);
|
$interval($rootScope.checkLoginState, 40000);
|
||||||
|
|
||||||
$rootScope.disconnectCurrentUser = function() {
|
$rootScope.disconnectCurrentUser = function() {
|
||||||
$http({
|
$http({
|
||||||
|
62
tuto3.yml
62
tuto3.yml
@ -207,7 +207,7 @@ services:
|
|||||||
hostname: miniflux
|
hostname: miniflux
|
||||||
capabilities:
|
capabilities:
|
||||||
- all
|
- all
|
||||||
command: ["/bin/sh", "-c", "sleep 5; /usr/bin/miniflux"]
|
command: ["/bin/sh", "-c", "sleep 10; /usr/bin/miniflux"]
|
||||||
env:
|
env:
|
||||||
- DATABASE_URL=postgres://miniflux:adlin2021@db/miniflux?sslmode=disable
|
- DATABASE_URL=postgres://miniflux:adlin2021@db/miniflux?sslmode=disable
|
||||||
- RUN_MIGRATIONS=1
|
- RUN_MIGRATIONS=1
|
||||||
@ -248,6 +248,11 @@ files:
|
|||||||
172.23.42.7 web
|
172.23.42.7 web
|
||||||
mode: "0444"
|
mode: "0444"
|
||||||
|
|
||||||
|
- path: etc/sysctl.d/adlin.conf
|
||||||
|
contents: |
|
||||||
|
net.netfilter.nf_log_all_netns=1
|
||||||
|
mode: "0444"
|
||||||
|
|
||||||
- path: usr/bin/ask.sh
|
- path: usr/bin/ask.sh
|
||||||
source: pkg/wg/ask.sh
|
source: pkg/wg/ask.sh
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
@ -297,10 +302,18 @@ files:
|
|||||||
GRANT ALL PRIVILEGES ON DATABASE matrix TO matrix;
|
GRANT ALL PRIVILEGES ON DATABASE matrix TO matrix;
|
||||||
mode: "0444"
|
mode: "0444"
|
||||||
|
|
||||||
|
- path: /initdb/init-website.sql
|
||||||
|
contents: |
|
||||||
|
CREATE USER website WITH PASSWORD 'adlin2021';
|
||||||
|
CREATE DATABASE website ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' TEMPLATE template0 OWNER website;
|
||||||
|
GRANT ALL PRIVILEGES ON DATABASE website TO website;
|
||||||
|
mode: "0444"
|
||||||
|
|
||||||
- path: etc/init.d/011-init-disk
|
- path: etc/init.d/011-init-disk
|
||||||
contents: |
|
contents: |
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
mkdir -p /var/lib/adlin/
|
mkdir -p /var/lib/adlin/
|
||||||
|
rm -rf /var/lib/adlin/wks1resolv.conf /var/lib/adlin/wks2resolv.conf
|
||||||
touch /var/lib/adlin/wks1resolv.conf /var/lib/adlin/wks2resolv.conf
|
touch /var/lib/adlin/wks1resolv.conf /var/lib/adlin/wks2resolv.conf
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
|
|
||||||
@ -464,7 +477,7 @@ files:
|
|||||||
echo
|
echo
|
||||||
cat /etc/issue.adlin
|
cat /etc/issue.adlin
|
||||||
echo
|
echo
|
||||||
nsenter -n/run/netns/router ip -c a show dev wg0 2> /dev/null || echo "You didn't define your token to connect the network. Please run here `join-p0m` and then reboot."
|
nsenter -n/run/netns/router ip -c a show dev wg0 2> /dev/null || nsenter -n/run/netns/router /usr/bin/ask.sh
|
||||||
nsenter -n/run/netns/router ip -c a show dev eth0
|
nsenter -n/run/netns/router ip -c a show dev eth0
|
||||||
nsenter -n/run/netns/wks1 ip -c a show dev eth1 2> /dev/null || echo "Attachez une seconde carte ethernet à la VM pour pouvoir vous connecter à un poste de travail."
|
nsenter -n/run/netns/wks1 ip -c a show dev eth1 2> /dev/null || echo "Attachez une seconde carte ethernet à la VM pour pouvoir vous connecter à un poste de travail."
|
||||||
exit 0
|
exit 0
|
||||||
@ -513,6 +526,51 @@ files:
|
|||||||
echo "Token saved. You need to reboot now."
|
echo "Token saved. You need to reboot now."
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
|
|
||||||
|
- path: /usr/sbin/diagnostic
|
||||||
|
contents: |
|
||||||
|
#!/bin/sh
|
||||||
|
ok() { [ $# -gt 1 ] && MSG=$2 || MSG="OK"; echo -e $1 "\033[0;32m${MSG}\033[0m"; }
|
||||||
|
ko() { [ $# -gt 1 ] && MSG=$2 || MSG="KO"; echo -e $1 "\033[0;41m${MSG}\033[0m"; }
|
||||||
|
|
||||||
|
echo "TP3 VM diagnostic"
|
||||||
|
echo
|
||||||
|
echo -n "Disque dur monté : "; df /var/lib/adlin/ | grep ^/dev/sd > /dev/null && ok || ko
|
||||||
|
echo
|
||||||
|
echo -n "Token Maatma renseigné : "; [ -s "/var/lib/adlin/wireguard/adlin.token" ] && ok -n || ko -n
|
||||||
|
echo -n " - Tunnel monté : "; nsenter -n/run/netns/router /usr/bin/wg show wg0 > /dev/null 2> /dev/null && ok -n || ko -n
|
||||||
|
echo -n " - Tunnel établit : "; [ "$(nsenter -n/run/netns/router /usr/bin/wg show wg0 dump | tail -1 | cut -f 6 2> /dev/null)" != "0" ] && ok || ko
|
||||||
|
echo -n "Ping Gateway Maatma : "; nsenter -n/run/netns/router ping -w 2 -c 1 2a01:e0a:2b:2252::1 > /dev/null 2> /dev/null && ok -n || ko -n
|
||||||
|
echo -n " - Ping Internet IPv4 : "; nsenter -n/run/netns/router ping -w 2 -c 1 1.1.1.1 > /dev/null 2> /dev/null && ok || ko
|
||||||
|
echo
|
||||||
|
echo -n "États serveurs : ";
|
||||||
|
ctr -n services.linuxkit t ls | grep mainrouter | grep RUNNING > /dev/null && ok -n "Routeur" || ko -n "Routeur"
|
||||||
|
echo -n " "
|
||||||
|
pgrep unbound > /dev/null && ok -n "Résolveur" || ko -n "Résolveur"
|
||||||
|
echo -n " "
|
||||||
|
pgrep openrc > /dev/null && ok -n "NS autoritaire" || ko -n "NS autoritaire"
|
||||||
|
echo -n " "
|
||||||
|
pgrep postgres > /dev/null && ok -n "Database" || ko -n "Database"
|
||||||
|
echo -n " "
|
||||||
|
ctr -n services.linuxkit t ls | grep matrix | grep RUNNING > /dev/null && ok -n "Matrix" || ko -n "Matrix"
|
||||||
|
echo -n " "
|
||||||
|
pgrep miniflux > /dev/null && ok -n "Miniflux" || ko -n "Miniflux"
|
||||||
|
echo -n " "
|
||||||
|
ctr -n services.linuxkit t ls | grep web | grep RUNNING > /dev/null && ok -n "Vitrine" || ko -n "Vitrine"
|
||||||
|
echo
|
||||||
|
echo
|
||||||
|
echo -n "États Workstations : "
|
||||||
|
ctr -n services.linuxkit t ls | grep dhcpcd-wks1 | grep RUNNING > /dev/null && ok -n "WKS-1" || ko -n "WKS-1"
|
||||||
|
echo -n "("
|
||||||
|
ctr -n services.linuxkit t ls | grep sshd-wks1 | grep RUNNING > /dev/null && ok -n "SSH" || ko -n "SSH"
|
||||||
|
echo -n ") "
|
||||||
|
ctr -n services.linuxkit t ls | grep dhcpcd-wks2 | grep RUNNING > /dev/null && ok -n "WKS-2" || ko -n "WKS-2"
|
||||||
|
echo -n "("
|
||||||
|
ctr -n services.linuxkit t ls | grep sshd-wks2 | grep RUNNING > /dev/null && ok -n "SSH" || ko -n "SSH"
|
||||||
|
echo -n ") "
|
||||||
|
echo
|
||||||
|
echo
|
||||||
|
mode: "0755"
|
||||||
|
|
||||||
- path: etc/network/interfaces
|
- path: etc/network/interfaces
|
||||||
contents: |
|
contents: |
|
||||||
auto lo
|
auto lo
|
||||||
|
Reference in New Issue
Block a user