X-Git-Url: https://git.cyclocoop.org/?a=blobdiff_plain;f=vm_hosted;h=2e4dc0872209dd0155c9a6c33f95d550dbc6bff7;hb=1612b71dcbc6de9a34c98e755f36b1428ff46d85;hp=62bd86ebae19ee91ef4d8a57892f3a052c46b2d1;hpb=a6b5cbe296ea470a0674fc7ad2edb726850a19c7;p=lhc%2Fateliers.git diff --git a/vm_hosted b/vm_hosted index 62bd86e..2e4dc08 100755 --- a/vm_hosted +++ b/vm_hosted @@ -292,6 +292,13 @@ rule_initramfs_configure () { # NOTE: clefs générées par Debian sudo update-initramfs -u } +rule_time_configure () { + sudo install -m 644 -o root -g root /dev/stdin /etc/timezone <<-EOF + Europe/Paris + EOF + sudo dpkg-reconfigure tzdata + # TODO: NTP + } rule_locale_configure () { sudo install -m 644 -o root -g root /dev/stdin /etc/locale.gen <<-EOF fr_FR.UTF-8 UTF-8 @@ -395,20 +402,52 @@ rule_login_configure () { session optional pam_umask.so EOF } -rule_procmail_configure () { - rule apt_get_install procmail - sudo install -d -m 770 -o root -g adm \ - /etc/skel/etc/mail \ - /etc/skel/var/cache/mail \ - /etc/skel/var/log/mail \ - /etc/skel/var/mail - sudo install -m 660 -o root -g adm \ - "$tool"/etc/skel/etc/mail/delivery.procmailrc \ - /etc/skel/etc/mail/delivery.procmailrc +rule_mail_configure () { + rule postfix_configure + rule postgrey_configure + rule procmail_configure + rule dovecot_configure } -rule_postgrey_configure () { - rule apt_get_install postgrey - sudo service postgrey restart +rule_network_configure () { + sudo install -m 644 -o root -g root /dev/stdin /etc/hostname <<-EOF + $vm + EOF + grep -q " $vm\$" /etc/hosts || + sudo install -m 644 -o root -g root /dev/stdin /etc/hosts <<-EOF + $(cat /etc/hosts) + 127.0.0.1 $vm_fqdn $vm + EOF + sudo install -m 644 -o root -g root /dev/stdin /etc/network/interfaces <<-EOF + auto lo + iface lo inet loopback + + auto eth0=grenode + iface grenode inet static + address $vm_ipv4 + gateway $vm_ipv4 # NOTE: proxy_arp sur la passerelle permet d'utiliser la même adresse + network $vm_ipv4 + broadcast $vm_ipv4 + netmask 255.255.255.255 + mtu 1300 + # NOTE: il y a besoin de ça en l'état actuel du réseau de Grenode + # car la MTU des tunnels GRE/IPsec entre les routeurs de Grenode l'impose. + # + # root@ateliers:~# ping -M do -c 1 -s \$((1500-20-8-200)) soupirail.grenode.net + # PING soupirail.grenode.net (91.216.110.1) 1272(1300) bytes of data. + # 1280 bytes from soupirail.grenode.net (91.216.110.1): icmp_req=1 ttl=63 time=18.0 ms + # + # --- soupirail.grenode.net ping statistics --- + # 1 packets transmitted, 1 received, 0% packet loss, time 0ms + # rtt min/avg/max/mdev = 18.027/18.027/18.027/0.000 ms + # root@ateliers:~# ping -M do -c 1 -s \$((1500-20-8-200+1)) soupirail.grenode.net + # PING soupirail.grenode.net (91.216.110.1) 1273(1301) bytes of data. + # From estran.grenode.net (91.216.110.6) icmp_seq=1 Frag needed and DF set (mtu = 1300) + # + # --- soupirail.grenode.net ping statistics --- + # 0 packets transmitted, 0 received, +1 errors + post-up ip address add $vm_ipv4/32 dev \$IFACE + pre-down ip address delete $vm_ipv4/32 dev \$IFACE + EOF } rule_postfix_configure () { local hint="run vm_remote postfix_key_send before" @@ -497,52 +536,20 @@ rule_postfix_configure () { sudo postmap hash:/etc/postfix/$vm_domainname/virtual_alias sudo service postfix restart } -rule_mail_configure () { - rule postfix_configure - rule postgrey_configure - rule procmail_configure - rule dovecot_configure +rule_postgrey_configure () { + rule apt_get_install postgrey + sudo service postgrey restart } -rule_network_configure () { - sudo install -m 644 -o root -g root /dev/stdin /etc/hostname <<-EOF - $vm - EOF - grep -q " $vm\$" /etc/hosts || - sudo install -m 644 -o root -g root /dev/stdin /etc/hosts <<-EOF - $(cat /etc/hosts) - 127.0.0.1 $vm_fqdn $vm - EOF - sudo install -m 644 -o root -g root /dev/stdin /etc/network/interfaces <<-EOF - auto lo - iface lo inet loopback - - auto eth0=grenode - iface grenode inet static - address $vm_ipv4 - gateway $vm_ipv4 # NOTE: proxy_arp sur la passerelle permet d'utiliser la même adresse - network $vm_ipv4 - broadcast $vm_ipv4 - netmask 255.255.255.255 - mtu 1300 - # NOTE: il y a besoin de ça en l'état actuel du réseau de Grenode - # car la MTU des tunnels GRE/IPsec entre les routeurs de Grenode l'impose. - # - # root@ateliers:~# ping -M do -c 1 -s \$((1500-20-8-200)) soupirail.grenode.net - # PING soupirail.grenode.net (91.216.110.1) 1272(1300) bytes of data. - # 1280 bytes from soupirail.grenode.net (91.216.110.1): icmp_req=1 ttl=63 time=18.0 ms - # - # --- soupirail.grenode.net ping statistics --- - # 1 packets transmitted, 1 received, 0% packet loss, time 0ms - # rtt min/avg/max/mdev = 18.027/18.027/18.027/0.000 ms - # root@ateliers:~# ping -M do -c 1 -s \$((1500-20-8-200+1)) soupirail.grenode.net - # PING soupirail.grenode.net (91.216.110.1) 1273(1301) bytes of data. - # From estran.grenode.net (91.216.110.6) icmp_seq=1 Frag needed and DF set (mtu = 1300) - # - # --- soupirail.grenode.net ping statistics --- - # 0 packets transmitted, 0 received, +1 errors - post-up ip address add $vm_ipv4/32 dev \$IFACE - pre-down ip address delete $vm_ipv4/32 dev \$IFACE - EOF +rule_procmail_configure () { + rule apt_get_install procmail + sudo install -d -m 770 -o root -g adm \ + /etc/skel/etc/mail \ + /etc/skel/var/cache/mail \ + /etc/skel/var/log/mail \ + /etc/skel/var/mail + sudo install -m 660 -o root -g adm \ + "$tool"/etc/skel/etc/mail/delivery.procmailrc \ + /etc/skel/etc/mail/delivery.procmailrc } rule_ssh_configure () { ssh-keygen -F "$vm_fqdn" -f "$tool"/etc/openssh/known_hosts | @@ -685,10 +692,12 @@ rule_configure () { rule git_configure rule etckeeper_configure rule locale_configure + rule time_configure rule network_configure rule filesystem_configure rule login_configure rule ssh_configure + rule mail_configure rule user_root_configure rule boot_configure rule user_configure