crans/crans_bcfg2
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Admonly remplacé par nonadherent, et ajout de vlan-wif par endroits

Browse source 
Ignore-this: 3bf49fca4dca8c61aa0eb0dc0128e65a
Une machine qui n'est pas sur vlan adhérent peut être sur d'autres vlans, on remplace adm-only par non-vlan-adherent.

On ajoute aussi des trucs pour les machines sur le vlan-wifi.

darcs-hash:20130117223022-afe24-5191157757322bc0718b6b564f4c7ceea86438e5.gz
This commit is contained in:
Pierre-Elliott Bécue 2013-01-17 23:30:22 +01:00
parent f52247c194
commit a5fe3a1778
7 changed files with 27 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

21
Metadata/groups.xml
View file

@ -30,7 +30,7 @@
<Group name="daath" <Group name="daath"
profile="true"> profile="true">
<Group name="crans-nfs-squeeze"/> <Group name="crans-nfs-squeeze"/>
<Group name="adm-only"/> <Group name="non-vlan-adherent"/>
</Group> </Group>
<Group name="sable" <Group name="sable"
@ -73,6 +73,7 @@
<Group name="autostatus"/> <Group name="autostatus"/>
<Group name="sniffer"/> <Group name="sniffer"/>
<Group name="munin-server"/> <Group name="munin-server"/>
<Group name="vlan-wifi" />
</Group> </Group>
<Group name="zamok" <Group name="zamok"
@ -94,7 +95,7 @@
profile="true"> profile="true">
<Group name="crans-squeeze"/> <Group name="crans-squeeze"/>
<Group name="bcfg2-server"/> <Group name="bcfg2-server"/>
<Group name="adm-only"/> <Group name="non-vlan-adherent"/>
<Group name="domu"/> <Group name="domu"/>
</Group> </Group>
@ -103,7 +104,7 @@
<Group name="crans-squeeze"/> <Group name="crans-squeeze"/>
<Group name="db-main"/> <Group name="db-main"/>
<!-- <Group name="ups-server"/> --> <!-- <Group name="ups-server"/> -->
<Group name="adm-only"/> <Group name="non-vlan-adherent"/>
<Group name="domu"/> <Group name="domu"/>
</Group> </Group>
@ -113,7 +114,7 @@
<Group name="db-replicat"/> <Group name="db-replicat"/>
<Group name="backup-server"/> <Group name="backup-server"/>
<Group name="backup-ftp-server"/> <Group name="backup-ftp-server"/>
<Group name="adm-only"/> <Group name="non-vlan-adherent"/>
</Group> </Group>
<Group name="vo" <Group name="vo"
@ -143,14 +144,14 @@
profile="true"> profile="true">
<Group name="crans-dom0-squeeze"/> <Group name="crans-dom0-squeeze"/>
<Group name="firmware-bnx2"/> <Group name="firmware-bnx2"/>
<Group name="adm-only"/> <Group name="non-vlan-adherent"/>
</Group> </Group>
<Group name="fz" <Group name="fz"
profile="true"> profile="true">
<Group name="crans-dom0-squeeze"/> <Group name="crans-dom0-squeeze"/>
<Group name="firmware-bnx2"/> <Group name="firmware-bnx2"/>
<Group name="adm-only"/> <Group name="non-vlan-adherent"/>
</Group> </Group>
<Group name="thot" <Group name="thot"
@ -282,7 +283,7 @@
<Group name="crans-squeeze"/> <Group name="crans-squeeze"/>
<Group name="domu"/> <Group name="domu"/>
<Group name="radius-server"/> <Group name="radius-server"/>
<Group name="adm-only"/> <Group name="non-vlan-adherent"/>
<Group name="db-replicat"/> <Group name="db-replicat"/>
</Group> </Group>
@ -297,7 +298,7 @@
profile="true"> profile="true">
<Group name="crans-squeeze"/> <Group name="crans-squeeze"/>
<Group name="domu"/> <Group name="domu"/>
<Group name="adm-only"/> <Group name="non-vlan-adherent"/>
<Group name="pgsql-server"/> <Group name="pgsql-server"/>
<Group name="sqlgrey-localdb"/> <Group name="sqlgrey-localdb"/>
</Group> </Group>
@ -360,7 +361,7 @@
<Group name="puppet" <Group name="puppet"
profile="true"> profile="true">
<Group name="adm-only" /> <Group name="non-vlan-adherent" />
<Group name="crans-squeeze"/> <Group name="crans-squeeze"/>
<Group name="domu"/> <Group name="domu"/>
</Group> </Group>
@ -1233,7 +1234,7 @@
<Group name="sysctl.local" <Group name="sysctl.local"
comment="indique l'exsitence de /etc/sysctl.local"/> comment="indique l'exsitence de /etc/sysctl.local"/>
<Group name="adm-only" <Group name="non-vlan-adherent"
comment="pour les serveurs qui sont seulement sur le vlan adm"/> comment="pour les serveurs qui sont seulement sur le vlan adm"/>
<Group name="imprimeurs" <Group name="imprimeurs"

7
Python/etc/hosts
View file

@ -4,11 +4,14 @@ include("ip")
@127.0.0.1 localhost.crans.org localhost @127.0.0.1 localhost.crans.org localhost
if not has('adm-only'): if not has("non-vlan-adherent"):
print pubip(), pubhostname, hostname print pubip(), pubhostname, hostname
print admip(), admhostname print admip(), admhostname, hostname+".adm"
else: else:
print admip(), admhostname, hostname+".adm", hostname print admip(), admhostname, hostname+".adm", hostname
if has("vlan-wifi"):
print wifiip(), wifihostname, hostname+".wifi"
@10.231.136.7 daath.adm.crans.org daath.adm daath @10.231.136.7 daath.adm.crans.org daath.adm daath
if(has("komaz")): if(has("komaz")):
print "138.231.135.5 irts-ext.ens-cachan.fr irts" print "138.231.135.5 irts-ext.ens-cachan.fr irts"

3
Python/etc/monit/services
View file

@ -176,7 +176,7 @@ service("ups-server",
name="upsd", name="upsd",
pidf="nut/upsd") pidf="nut/upsd")
if has('adm-only'): if has('non-vlan-adherent'):
vsftpd_ip = admip() vsftpd_ip = admip()
else: else:
vsftpd_ip = pubip() vsftpd_ip = pubip()
@ -307,3 +307,4 @@ for line in metadata.Probes["fstab_local"].splitlines():
print ' mode passive' print ' mode passive'
print print

2
Python/etc/postfix/canonical
View file

@ -10,5 +10,5 @@ if has("bug-tracker"):
print "/^(.*)@localhost(\.crans\.org)?$/ ${1}@crans.org" print "/^(.*)@localhost(\.crans\.org)?$/ ${1}@crans.org"
print "/^(.*)@%s$/ ${1}@crans.org" % admhostname print "/^(.*)@%s$/ ${1}@crans.org" % admhostname
if not has("adm-only"): if not has("non-vlan-adherent"):
print "/^(.*)@%s$/ ${1}@crans.org" % pubhostname print "/^(.*)@%s$/ ${1}@crans.org" % pubhostname

6
Python/etc/postfix/main.cf
View file

@ -25,8 +25,8 @@ tracker = has("tracker")
# Si vrai, on est sur le tracker debbugs # Si vrai, on est sur le tracker debbugs
bugtracker = has("bug-tracker") bugtracker = has("bug-tracker")
# Si vrai, on est sur un serveur adm-only # Si vrai, on est sur un serveur non-vlan-adherent
admonly = has("adm-only") nonadherent = has("non-vlan-adherent")
# La base de donnee utilise (pour les mx) # La base de donnee utilise (pour les mx)
if has("ldap"): if has("ldap"):
@ -57,7 +57,7 @@ client_networks = ["138.231.136.0/21", "138.231.144.0/21", "138.231.148.0/22"]
@# +------------------+ @# +------------------+
@# Definition par securite (sinon il utilise gethostname) @# Definition par securite (sinon il utilise gethostname)
if admonly: if nonadherent:
myhostname = admhostname myhostname = admhostname
else: else:
myhostname = pubhostname myhostname = pubhostname

5
etc/python/common.py
View file

@ -55,9 +55,12 @@ hostname = metadata.hostname.split('.',1)[0]
# Le nom d'hote sur le vlan public # Le nom d'hote sur le vlan public
pubhostname = hostname + ".crans.org" pubhostname = hostname + ".crans.org"
# Le nom d'hote sur le vlan # Le nom d'hote sur le vlan adm
admhostname = hostname + ".adm.crans.org" admhostname = hostname + ".adm.crans.org"
# Le nom d'hôte sur le vlan wifi
wifihostname = hostname + ".wifi.crans.org"
def has(group): def has(group):
return group in metadata.groups return group in metadata.groups

2
etc/python/ip.py
View file

@ -8,7 +8,7 @@ def pubipof(hostname):
try: try:
return socket.gethostbyname(hostname + ".crans.org") return socket.gethostbyname(hostname + ".crans.org")
except: except:
# Peut-etre un serveur de la ferme ? # Peut-être un serveur de la ferme ?
return socket.gethostbyname(hostname + ".ferme.crans.org") return socket.gethostbyname(hostname + ".ferme.crans.org")
def admipof(hostname): def admipof(hostname):