crans/crans_bcfg2
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
crans_bcfg2/Metadata/groups.xml
Pierre-Elliott Bécue 3900d38ca2 Welcome, stitch
2015-11-17 00:17:16 +01:00

1593 lines
38 KiB
XML
Raw Blame History

<!-- -*- mode: xml; coding: utf-8 -*- -->
<Groups version="3.0">
<!-- +=========================+ -->
<!-- | Definition des serveurs | -->
<!-- +=========================+ -->
<Group name="komaz"
profile="true">
<Group name="crans-jessie"/>
<!--<Group name="router-wifi"/>
<Group name="comptage-upload"/>
<Group name="connection-main"/>
<Group name="firmware-bnx2"/>
<Group name="vlan-ens"/>
<Group name="vlan-wifi"/>
<Group name="connexion-secours"/>-->
</Group>
<Group name="odlyd"
profile="true">
<Group name="crans-jessie"/>
<Group name="connection-main"/>
<Group name="firewall"/>
<Group name="portail-captif"/>
<Group name="pgsql-server"/>
</Group>
<Group name="charybde"
profile="true">
<Group name="crans-wheezy"/>
<Group name="dnssec-validation"/>
<Group name="dns-recursif"/>
<Group name="main-ftp-server"/>
<Group name="debian-mirror"/>
<Group name="ntp-server"/>
<Group name="nginx-extras"/>
<Group name="pxe"/>
</Group>
<Group name="geet"
profile="true">
<Group name="crans-vm-jessie"/>
<Group name="git-main"/>
<Group name="nginx-extras"/>
<Group name="https_cert"/>
<Group name="webmasters"/>
</Group>
<Group name="nem"
profile="true">
<Group name="crans-vm-jessie"/>
<Group name="dnssec-validation"/>
<Group name="dns-recursif"/>
</Group>
<Group name="cups"
profile="true">
<Group name="crans-vm-jessie"/>
<Group name="cups-service-server"/>
</Group>
<Group name="discourse"
profile="true">
<Group name="crans-vm-jessie"/>
</Group>
<Group name="alice"
profile="true">
<Group name="crans-vm-wheezy"/>
<Group name="no-munin" />
</Group>
<Group name="roundcube"
profile="true">
<Group name="crans-vm-wheezy"/>
<Group name="nginx"/> <!-- Pour roundcube -->
<Group name="php"/> <!-- Pour roundcube -->
<Group name="https_cert"/>
</Group>
<Group name="mediadrop"
profile="true">
<Group name="crans-vm-wheezy"/>
</Group>
<Group name="civet"
profile="true">
<Group name="crans-vm-wheezy"/>
</Group>
<Group name="ethercalc"
profile="true">
<Group name="crans-vm-jessie"/>
</Group>
<Group name="horde"
profile="true">
<Group name="crans-vm-jessie"/>
<Group name="horde-groupware"/>
<Group name="nginx"/> <!-- Pour horde -->
<Group name="php"/> <!-- Pour horde -->
<Group name="https_cert"/>
</Group>
<Group name="zbee"
profile="true">
<Group name="firmware-bnx2"/>
<Group name="crans-nfs-wheezy"/>
<Group name="non-vlan-adherent"/>
</Group>
<Group name="kdell" profile="true">
<Group name="firmware-bnx2"/>
<Group name="crans-proxmox-wheezy"/>
</Group>
<Group name="ft" profile="true">
<Group name="crans-proxmox-wheezy"/>
</Group>
<Group name="stitch" profile="true">
<Group name="crans-proxmox-jessie"/>
</Group>
<Group name="sable"
profile="true">
<Group name="crans-wheezy"/>
<Group name="firewall"/>
<Group name="db-replicat"/>
<Group name="dns-primary"/>
<Group name="firmware-bnx2"/>
<Group name="dns-tv"/>
<Group name="connexion-secours-test"/>
</Group>
<Group name="malloc" profile="true">
<Group name="crans-wheezy"/>
<Group name="iscsi"/>
<Group name="no-munin" />
</Group>
<Group name="zamok"
profile="true">
<!-- le serveur des adherents -->
<Group name="firewall"/>
<Group name="digicode"/>
<Group name="crans-jessie"/>
<Group name="users"/>
<Group name="http-server"/>
<Group name="adh-sql-server"/>
<Group name="adh-antispam-filter"/>
<Group name="service-sms"/>
<Bundle name="quota"/>
<!-- <Group name="ups-monitor"/> -->
</Group>
<Group name="bcfg2"
profile="true">
<Group name="crans-vm-jessie"/>
<Group name="non-vlan-adherent"/>
<Group name="bcfg2-server"/>
<Group name="generate"/>
</Group>
<Group name="nat64"
profile="true">
<Group name="crans-vm-wheezy"/>
<Group name="vlan-radin"/>
<Group name="routeur-nat64"/>
</Group>
<Group name="owncloud"
profile="true">
<Group name="crans-vm-wheezy"/>
<Group name="home-permanent"/>
<Bundle name="owncloud"/>
<Group name="nginx"/> <!-- Pour owncloud -->
<Group name="php"/> <!-- Pour owncloud -->
</Group>
<Group name="cas"
profile="true">
<Group name="crans-vm-wheezy"/>
<Group name="nginx"/> <!-- Pour tomcat -->
</Group>
<Group name="vert"
profile="true">
<Group name="db-main"/>
<!-- <Group name="ups-server"/> -->
<Group name="non-vlan-adherent"/>
<Group name="crans-vm-wheezy"/>
</Group>
<Group name="babar"
profile="true">
<Group name="crans-jessie"/>
<Group name="db-replicat"/>
<Group name="backup-server"/>
<Group name="nginx"/> <!-- Pour backuppc -->
<Group name="backup-ftp-server"/>
<Group name="non-vlan-adherent"/>
</Group>
<Group name="omnomnom"
profile="true">
<Group name="crans-jessie"/>
<Group name="nginx"/> <!-- Pour backuppc -->
<Group name="home-permanent"/>
<Group name="backup-homes"/>
</Group>
<Group name="vo"
profile="true">
<Group name="crans-jessie"/>
<Group name="2B"/>
<Group name="server-x"/>
<Group name="bureau"/>
<Group name="cableur"/>
<Group name="non-free"/>
<Group name="db-replicat-test"/>
<Group name="secrets-acl" />
<Group name="intranet2-dev" />
<Group name="pgsql-server-test"/>
<Bundle name="fortunes"/>
</Group>
<Group name="soyouz"
profile="true">
<Group name="crans-jessie"/>
<Group name="db-replicat"/>
<Group name="mail-mx-secondary"/>
<Group name="dns-secondary-no-forward"/>
<Group name="external"/>
<Group name="pgsql-server"/>
<Group name="sqlgrey-localdb"/>
</Group>
<Group name="fy"
profile="true">
<Group name="crans-wheezy"/>
<Group name="autostatus"/>
<Group name="db-replicat"/>
<Group name="sniffer"/>
<Group name="munin-server"/>
<Group name="vlan-wifi"/>
<Group name="firmware-bnx2"/>
<Group name="weathermap"/>
<Group name="getlogwifi"/>
</Group>
<Group name="fz"
profile="true">
<Group name="crans-proxmox-wheezy"/>
</Group>
<Group name="thot"
profile="true">
<Group name="non-free"/>
<Group name="crans-jessie"/>
<Group name="rsyslog-server"/>
<Group name="pgsql-server-main"/>
<Group name="sqlgrey-localdb"/>
<Group name="db-replicat"/>
<Group name="generate"/>
</Group>
<Group name="titanic"
profile="true">
<Group name="mail-mx-secondary"/>
<Group name="dns-secondary-no-forward"/>
<Group name="dns-recursif"/>
<Group name="connection-rescue"/>
<Group name="crans-vm-jessie"/>
</Group>
<Group name="eap"
profile="true">
<Group name="firewall"/>
<Group name="crans-vm-jessie"/>
<Group name="db-replicat"/>
<Group name="nas-auth-server"/>
<Group name="vlan-wifi"/>
<Group name="vlan-federez"/>
<Group name="non-vlan-adherent"/>
</Group>
<Group name="pea"
profile="true">
<Group name="firewall"/>
<Group name="crans-vm-jessie"/>
<Group name="db-replicat"/>
<Group name="nas-auth-server"/>
<Group name="vlan-wifi"/>
<Group name="vlan-federez"/>
<Group name="non-vlan-adherent"/>
</Group>
<Group name="irc"
profile="true">
<Group name="crans-vm-wheezy"/>
<Group name="nginx"/> <!-- Pour web-irc.crans.org -->
<Bundle name="kgb-bot"/>
</Group>
<Group name="xmpp"
profile="true">
<Group name="ejabberd-services"/>
<Group name="crans-vm-wheezy"/>
<Bundle name="check_cert"/> <!-- For jabber's key -->
</Group>
<Group name="niomniom"
profile="true">
<!--
<Group name="http-server"/>
-->
<Group name="nginx"/>
<Group name="https_cert"/>
<Group name="php"/> <!-- Pour le site de l'install party -->
<Group name="wiki"/>
<Group name="crans-vm-wheezy"/>
<Group name="webmasters"/>
<!-- Nécessaire pour un plugin du wiki -->
<Group name="home-permanent"/>
</Group>
<Group name="owl"
profile="true">
<Group name="crans-vm-wheezy"/>
<Group name="home-permanent"/>
<Group name="imap-server"/>
<Bundle name="check_cert"/> <!-- imaps et pop3s -->
</Group>
<Group name="asterisk"
profile="true">
<Group name="crans-vm-jessie"/>
<Bundle name="check_cert"/>
<Group name="asterisk-server"/>
</Group>
<Group name="idefisk"
profile="true">
<Group name="crans-vm-jessie"/>
<Bundle name="check_cert"/>
<Group name="asterisk-server"/>
</Group>
<Group name="cochon"
profile="true">
<Group name="mumudvb"/>
<Group name="crans-wheezy"/>
<Group name="imprimeurs"/>
<Group name="tv"/>
<Group name="radio"/>
</Group>
<Group name="ytrap-llatsni"
profile="true">
<Group name="crans-vm-jessie"/>
<Group name="vlan-evenementiel"/>
<Group name="portail-captif"/>
<Group name="dhcp-dynamique"/>
<Group name="dnsmasq"/>
<Group name="clonepxe"/>
<Bundle name="feteduslip"/>
</Group>
<Group name="news"
profile="true">
<Group name="news-server"/>
<Group name="http-server"/>
<Group name="news-search"/>
<Group name="crans-vm-wheezy"/>
<Group name="apache"/>
<Group name="https_cert"/>
</Group>
<Group name="o2"
profile="true">
<Group name="intranet2-service"/>
<Group name="crans-vm-jessie"/>
<Group name="intranet2-server"/>
<Group name="https_cert"/>
<Group name="cups-service-client"/>
</Group>
<Group name="radius"
profile="true">
<Group name="crans-vm-jessie"/>
<Group name="firewall"/>
<Group name="nas-auth-server"/>
<Group name="non-vlan-adherent"/>
<Group name="vlan-wifi"/>
<Group name="db-replicat"/>
</Group>
<Group name="tracker"
profile="true">
<Group name="crans-vm-jessie"/>
<Group name="https_cert"/>
<Group name="nginx"/>
<Group name="php"/>
<Group name="phabricator"/>
</Group>
<Group name="redisdead"
profile="true">
<Group name="firewall"/>
<Group name="crans-vm-wheezy"/>
<Group name="mail-mx-main"/>
<Group name="mailing-list-manager"/>
<Group name="nginx"/> <!-- Pour mailman -->
</Group>
<Group name="kenobi"
profile="true">
<Group name="crans-vm-wheezy"/>
<Group name="infinoted" />
<Group name="pad" />
<Group name="php"/> <!-- pour zerobin -->
<Group name="nginx"/> <!-- pour zerobin et etherpad -->
</Group>
<Group name="sogo"
profile="true">
<Group name="http-server"/>
<!-- <Group name="nginx"/> --> <!-- Proxy web pour SOGo -->
<Group name="crans-vm-wheezy"/>
<Group name="https_cert"/>
<Bundle name="sogo"/>
</Group>
<Group name="dhcp"
profile="true">
<Group name="crans-vm-jessie"/>
<Group name="vlan-radin"/>
<Group name="vlan-accueil"/>
<Group name="vlan-isolement"/>
<Group name="vlan-ens"/>
<Group name="vlan-wifi"/>
<Group name="vlan-federez"/>
<Group name="dhcp-server-primary"/>
</Group>
<Group name="isc"
profile="true">
<Group name="crans-vm-jessie"/>
<Group name="vlan-radin"/>
<Group name="vlan-accueil"/>
<Group name="vlan-isolement"/>
<Group name="vlan-ens"/>
<Group name="vlan-wifi"/>
<Group name="vlan-federez"/>
<Group name="dhcp-server-secondary"/>
</Group>
<Group name="routeur"
profile="true">
<Group name="firewall"/>
<Group name="crans-vm-wheezy"/>
<Group name="dns-forward-only"/>
<Group name="dnssec-validation"/>
<Group name="vlan-radin"/>
<Group name="vlan-accueil"/>
<Group name="vlan-isolement"/>
<Group name="vlan-ens"/>
<Group name="portail-captif"/>
<Group name="igmpproxy"/>
</Group>
<Group name="puppet"
profile="true">
<Group name="non-vlan-adherent"/>
<Group name="crans-domu-squeeze"/>
<Group name="no-munin" />
</Group>
<!-- Domu template -->
<Group name="template"
profile="true">
<Group name="crans-vm-wheezy"/>
<Group name="no-munin" />
</Group>
<!-- +===================+ -->
<!-- | Version de Debian | -->
<!-- +===================+ -->
<Group name="debian" category="linux-distribution"/>
<Group name="sid" category="debian-version"/>
<Group name="wheezy" category="debian-version"/>
<Group name="jessie" category="debian-version"/>
<Group name="non-free"/>
<!-- +=================+ -->
<!-- | Le groupe crans | -->
<!-- +=================+ -->
<!-- Le groupe crans-common est le groupe dans lequel tous les
serveurs doivent se trouver. Il contient tout ce qui est vital
a un serveur du Cr@ns. -->
<Group name="crans">
<!-- groupe encore plus minimal pour un serveur du Crans -->
<Group name="secrets"/>
<Group name="cacert"/>
<Bundle name="knownhosts"/>
<Bundle name="sshfingerprint"/>
<Bundle name="secrets"/>
<Bundle name="nfs-client"/>
<Bundle name="git"/>
<Bundle name="monit"/>
</Group>
<Group name="crans-common">
<!-- groupe minimal pour un serveur du Crans -->
<Group name="crans"/>
<!-- TODO: passer les serveurs en utf-8 sans tout casser...
<Group name="locale"/>
-->
<Group name="identd"/>
<Group name="ssh"/>
<Group name="sudo"/>
<Group name="home"/>
<Group name="mail"/>
<Group name="apt"/>
<Group name="cron"/>
<Group name="bcfg2-client"/>
<Group name="backup-client"/>
<Group name="munin-node"/>
<Group name="rsyslog-client"/>
<Group name="nslcd"/>
<Bundle name="apt"/>
<Bundle name="apt-keys"/>
<Bundle name="scripts"/>
<Bundle name="molly-guard"/>
<Bundle name="vlock"/>
<Bundle name="python-netifaces"/>
<Bundle name="snmp-utils"/>
</Group>
<Group name="crans-nfs">
<Group name="crans"/>
<Group name="ssh"/>
<Group name="sudo"/>
<Group name="mail"/>
<Group name="apt"/>
<Group name="bcfg2-client"/>
<Group name="backup-client"/>
<Group name="rsyslog-client"/>
<Group name="iscsi"/>
<Group name="nslcd"/>
<Group name="munin-node"/>
<Bundle name="apt"/>
<Bundle name="apt-keys"/>
<Bundle name="ntp"/>
<Bundle name="molly-guard"/>
<Bundle name="nfs-server"/>
<Bundle name="quota"/>
<Group name="generate"/>
</Group>
<Group name="crans-wheezy" public="true">
<!-- profile minimal pour wheezy -->
<Group name="crans-common"/>
<Group name="wheezy"/>
<Group name="ntp"/>
</Group>
<Group name="crans-jessie" public="true">
<!-- profile minimal pour jessie -->
<Group name="crans-common"/>
<Group name="jessie"/>
<Group name="ntp"/>
</Group>
<Group name="crans-vm-wheezy" public="true" >
<Group name="crans-wheezy"/>
<Group name="domu"/>
</Group>
<Group name="crans-vm-jessie" public="true" >
<Group name="crans-jessie"/>
<Group name="domu"/>
</Group>
<Group name="crans-proxmox-wheezy" public="true">
<Group name="crans-proxmox"/>
<Group name="crans-wheezy"/>
</Group>
<Group name="crans-proxmox-jessie" public="true">
<Group name="crans-proxmox"/>
<Group name="crans-jessie"/>
</Group>
<Group name="crans-proxmox" public="true">
<!-- Groupe pour les hôtes proxmox -->
<Group name="iscsi"/>
<Group name="rsyslog-client"/>
<Group name="mail"/>
<Group name="apt"/>
<Group name="bcfg2-client"/>
<Group name="backup-client"/>
<Bundle name="apt"/>
<Bundle name="apt-keys"/>
<Bundle name="iscsi-update"/>
</Group>
<Group name="crans-nfs-wheezy">
<Group name="crans-nfs"/>
<Group name="wheezy"/>
</Group>
<!-- +=============================+ -->
<!-- | Composantes du groupe crans | -->
<!-- +=============================+ -->
<Group name="locale">
<!-- gestion des locales -->
<Bundle name="locale"/>
<Bundle name="locale-generation"/>
</Group>
<Group name="ssh">
<!-- client et serveur ssh -->
<Group name="auth"/>
<Bundle name="ssh"/>
</Group>
<Group name="sudo">
<Group name="auth"/>
<Bundle name="sudo"/>
</Group>
<Group name="home">
<!-- montage automatique des homes -->
<Bundle name="home"/>
<Group name="nfs"/>
</Group>
<Group name="radio">
<Group name="icecast"/>
</Group>
<Group name="icecast">
<Group name="nginx"/>
<Bundle name="icecast"/>
</Group>
<Group name="mail">
<!-- envoi de mail -->
<Group name="mail-backend"/>
</Group>
<Group name="dhcp-server-primary" category="dhcp-server" >
<Group name="isc-dhcp-server"/>
</Group>
<Group name="dhcp-server-secondary" category="dhcp-server" >
<Group name="isc-dhcp-server"/>
</Group>
<Group name="dhcp-dynamique">
<Bundle name="isc-dhcp-server"/>
</Group>
<Group name="isc-dhcp-server">
<Bundle name="isc-dhcp-server"/>
<Group name="generate"/>
</Group>
<Group name="pxe">
<Bundle name="pxe"/>
</Group>
<Group name="clonepxe">
<Group name="pxe"/>
</Group>
<Group name="dnsmasq">
<Bundle name="dnsmasq"/>
</Group>
<Group name="nginx">
<Group name="ldapcert"/>
<Bundle name="nginx"/>
</Group>
<Group name="nginx-extras">
<Group name="nginx"/>
</Group>
<Group name="nginx-full">
<Group name="nginx"/>
</Group>
<Group name="nginx-light">
<Group name="nginx"/>
</Group>
<Group name="php">
<Bundle name="php"/>
</Group>
<Group name="cgi">
<Bundle name="cgi"/>
</Group>
<Group name="ldapcert">
<Bundle name="ldapcert"/>
</Group>
<Group name="git-main">
<Group name="gitweb"/>
<Bundle name="kgb-client"/>
</Group>
<Group name="gitweb">
<Bundle name="gitweb"/>
<Group name="cgi"/>
</Group>
<Group name="identd">
<Bundle name="identd"/>
</Group>
<!-- +==========+ -->
<!-- | Services | -->
<!-- +==========+ -->
<!-- Les groupes suivants sont les seuls qui doivent eventuellement
etres ajoutes a la definition des serveurs. -->
<!-- Ils definissent les services que l'on peut vouloir ajouter a un
serveur, sans se soucier des programmes reellement utilises
pour accomplir leur role. -->
<Group name="firmware-bnx2">
<!-- firmware pour interface réseau hp -->
<Group name="non-free"/>
<Bundle name="firmware-bnx2"/>
</Group>
<!-- *** Mail *** -->
<Group name="mail-mx-main"
category="mail-mx">
<!-- mx principal de l'association -->
<Group name="mail-mx"/>
<!-- Ca c'est pour distinguer les smtp qui ne sont utilise que en
interne comme le serveur des adherents par exemple -->
<Group name="mail-mx-public"/>
<Group name="policyd"/>
</Group>
<Group name="mail-mx-secondary"
category="mail-mx">
<!-- un mx secondaire -->
<Group name="mail-mx"/>
<Group name="mail-mx-public"/>
</Group>
<Group name="mailing-list-manager">
<!-- gestion des listes de diffusion -->
<Group name="mailing-list-manager-backend"/>
<!-- Mailman a besoin d'un smtp -->
<Group name="mail-mx"/>
</Group>
<Group name="adh-antispam-filter">
<!-- filtre antispam pour les adhérents -->
<Group name="antispam-backend"/>
</Group>
<Group name="ups-monitor">
<!-- client ups pour extinction du serveur -->
<Group name="ups-monitor-backend"/>
</Group>
<Group name="ups-server">
<!-- serveur ups pour commander les extinctions -->
<Group name="ups-monitor"/>
</Group>
<!-- *** Base de donnee *** -->
<Group name="db-main"
category="db">
<!-- le serveur qui contient la base du crans -->
<Group name="db-server"/>
</Group>
<Group name="db-replicat"
category="db">
<!-- serveur qui contient un replicat de la base principale -->
<Group name="db-server"/>
</Group>
<Group name="db-replicat-test"
category="db">
<!-- serveur qui contient un replicat de la base principale -->
<Group name="db-server"/>
</Group>
<Group name="adh-sql-server">
<!-- Serveur SQL des adhérents -->
<Group name="sql-server"/>
</Group>
<!-- *** Résolution de noms *** -->
<Group name="dns-primary"
category="dns">
<!-- le serveur DNS primaire de l'association -->
<Group name="dns-server"/>
<Group name="generate"/>
</Group>
<Group name="dns-secondary"
category="dns">
<!-- un serveur DNS secondaire de l'association -->
<Group name="dns-server"/>
</Group>
<Group name="dns-recursif">
<!-- un serveur DNS récursif de l'association -->
<Group name="dns-server"/>
<Group name="connexion-secours"/>
</Group>
<Group name="dns-forward-only">
<!-- un serveur DNS forwardant les requête à un récursif -->
<Group name="dns-server"/>
</Group>
<Group name="dns-secondary-no-forward"
category="dns">
<!-- un serveur DNS secondaire sans forward de l'association -->
<Group name="dns-server"/>
</Group>
<Group name="dns-tv">
<!-- le serveur DNS de la ferme -->
<Group name="dns-server"/>
</Group>
<!-- *** HTTP *** -->
<Group name="http-server">
<!-- un serveur HTTP (port 80) de l'association -->
<Group name="http-server-backend"/>
</Group>
<Group name="https-server">
<!-- un serveur HTTPS (port 443) de l'association -->
<Group name="https-server-backend"/>
<Bundle name="check_cert"/>
</Group>
<Group name="https_cert">
<Group name="ldapcert"/>
<Bundle name="check_cert"/>
</Group>
<Group name="asterisk-server">
<Group name="ldapcert"/>
<Bundle name="asterisk-server"/>
</Group>
<Group name="portail-captif">
<Group name="nginx"/> <!-- Proxy web et pages déco -->
<Group name="gunicorn"/> <!-- backend du proxy (pages déco) -->
<Group name="secrets-acl"/>
</Group>
<Group name="secrets-acl">
<Bundle name="acl"/>
</Group>
<Group name="intranet2-server">
<!-- le serveur HTTPS (port 443) gérant intranet2.crans.org -->
<Group name="nginx"/> <!-- Pour l'intranet -->
<Group name="gunicorn"/>
<Group name="secrets-acl"/>
<Group name="home-permanent"/>
<Bundle name="quota"/>
</Group>
<Group name="wiki">
<Bundle name="moinmoin"/>
<Group name="gunicorn"/>
</Group>
<Group name="gunicorn">
<!-- green unicorn, ce groupe sert principalement
à la génération de monit. -->
<Bundle name="gunicorn"/>
</Group>
<!-- *** FTP *** -->
<Group name="main-ftp-server">
<!-- le serveur ftp principal de l'association -->
<Group name="crans-ftp-server"/>
</Group>
<!-- *** Connexion *** -->
<Group name="external">
<!-- Un serveur à l'éxtérieur du campus -->
<Group name="vpn"/>
</Group>
<Group name="connection-main">
<!-- Le serveur qui est connecté à la la
connection principale du crans (RENATER) -->
<Group name="vpn"/>
<Group name="logall"/>
<Group name="aiccu"/> <!-- tunnel ipv6 -->
<Group name="radvd"/><!-- annonce des routes ipv6 -->
</Group>
<Group name="connection-rescue">
<!-- Le serveur qui à la connexion de secours (par la freebox) -->
<Group name="vpn"/>
</Group>
<Group name="connexion-secours">
<!-- Les services dont la configuration dépents de l'état de la connexion -->
<Bundle name="connexion-secours"/>
</Group>
<Group name="connexion-secours-test">
<!-- Le serveur testant l'état de la connexion -->
<Group name="connexion-secours"/>
</Group>
<!-- *** Divers *** -->
<Group name="users">
<!-- le serveur sur lequel les adherent peuvent se logger -->
<!-- C'est aussi le serveur qui fait la delivrance local des mails -->
<Group name="mail-mx"/>
<Group name="home-permanent"/>
<Group name="non-free" />
<Group name="generate"/>
<Bundle name="usertools"/> <!-- Outils utiles aux adhérents -->
<!--TODO créer un nouveau groupe pour zamok pour placer toutes
les dépendances de gest_crans, whos et cie -->
</Group>
<Group name="news-server">
<!-- serveur de news -->
<Group name="news-server-backend"/>
<Group name="corbeau"/>
<Group name="mail-backend"/>
</Group>
<Group name="corbeau">
<Bundle name="corbeau"/> <!-- Bundle de dépendances -->
<Group name="postfix.transport"/>
</Group>
<Group name="news-search">
<!-- moteur de recherche des news -->
<Group name="news-search-backend"/>
</Group>
<Group name="debian-mirror">
<!-- mirroir de l'archive debian -->
</Group>
<Group name="backup-homes">
<!-- Serveur de sauvegarde -->
<Group name="backup-server-backend"/>
</Group>
<Group name="backup-server">
<!-- Serveur de sauvegarde -->
<Group name="backup-server-backend"/>
</Group>
<Group name="backup-client">
<!-- Un serveur de l'association dont les données sont sauvegardées -->
<Group name="backup-client-backend"/>
</Group>
<Group name="firewall">
<!-- Le firewall de l'association -->
<Group name="generate"/>
<Bundle name="firewall6"/>
<Bundle name="firewall"/>
</Group>
<Group name="generate">
<Bundle name="generate"/>
<Group name="rpcssh"/>
</Group>
<Group name="rpcssh">
<Bundle name="rpcssh"/>
</Group>
<Group name="nas-auth-server" > <!-- Service d'authentification (wifi et fil)
des machines-->
<Group name="radius-server"/>
<Bundle name="check_cert"/> <!-- Certif radius pour wifi -->
</Group>
<Group name="radius-server">
<Group name="radius-server-backend"/>
</Group>
<Group name="name-service-cache">
<!-- Un service de cache pour nss -->
<Group name="nscd"/>
</Group>
<Group name="jabber-server">
<!-- Un serveur Jabber -->
<Bundle name="jabberd"/>
</Group>
<Group name="ejabberd-services">
<!-- Un autre serveur Jabber :) -->
<Bundle name="ejabberd-services"/>
<Group name="ldapcert"/>
<Group name="ejabberd"/> <!-- metagroupe pour monit -->
</Group>
<Group name="ejabberd-extra">
<!-- Services supplémentaires pour xmpp
(passerelle msn, ...) -->
<Bundle name="ejabberd-extra"/>
</Group>
<Group name="multimedia"/>
<!-- machines necessitant le miroir multimedia -->
<Group name="rsyslog-server">
<!-- Serveur de centralisation des logs -->
<Bundle name="rsyslog"/>
</Group>
<Group name="rsyslog-client">
<!-- Serveurs qui ne centralisent pas les logs (cpt Obvious inside) -->
<Bundle name="rsyslog"/>
</Group>
<Group name="autostatus">
<!-- Serveurs qui gènèrent la page d'autostatus -->
<Bundle name="autostatus"/>
<Group name="generate"/>
</Group>
<Group name="infinoted">
<!--TODO: initscript, conf, monitoring etc-->
<Bundle name="check_cert"/><!-- Port 6523 -->
</Group>
<Group name="pad">
<!--TODO: initscript, conf, monitoring, etc-->
</Group>
<Group name="phabricator">
<!-- Serveur faisant tourner Phabricator -->
<Bundle name="phabricator"/>
</Group>
<!-- *** CUPS *** -->
<Group name="cups-service-client">
<Group name="cups-service"/>
<Bundle name="cups-service"/>
</Group>
<Group name="cups-service-server">
<Group name="cups-service"/>
<Bundle name="cups-service"/>
</Group>
<!-- +=================================+ -->
<!-- | Tous les groupes intermediaires | -->
<!-- +=================================+ -->
<!-- Les groupes suivant sont tous ceux qui se trouve entre la
definition abstraite des services et les backends reellement
utilises. -->
<!-- *** Mail *** -->
<Group name="mail-mx">
<!-- serveur qui fait MX (principal, secondaire on interne) -->
<Group name="mail-backend"/>
<Group name="db"/>
<Group name="postfix.transport"/>
<Bundle name="check_cert"/><!-- Certif postfix ssmtp(port 465) -->
<Group name="connexion-secours"/>
</Group>
<Group name="greylisting">
<!-- un serveur de greylisting -->
<Group name="greylisting-backend"/>
</Group>
<Group name="mail-mx-public">
<!-- serveur MX publique (principal ou secondaire mais pas interne) -->
<Group name="greylisting"/>
<Group name="dkim"/>
</Group>
<Group name="dkim">
<Bundle name="dkim"/>
</Group>
<!-- *** Base de donnee *** -->
<Group name="db">
<!-- acces a la base de donnee du crans -->
<Group name="db-backend"/>
<!-- Si le serveur à accès à la base, celle-ci est utilisée pour
les comptes unix. On a donc besoin de nscd pour que les
utilisateur accèdent aux informations sur les comptes -->
<Group name="name-service-cache"/>
</Group>
<Group name="db-server">
<!-- un server qui possede la base en local -->
<Group name="db-backend"/>
<Group name="db-server-backend"/>
</Group>
<Group name="sql-server">
<!-- un serveur SQL -->
<Group name="sql-backend"/>
</Group>
<!-- *** Résolution de noms *** -->
<Group name="dns-server">
<!-- un serveur de résolution de noms -->
<Group name="dns-backend"/>
</Group>
<!-- *** Connexion sécurisée *** -->
<Group name="vpn">
<!-- Un des deux points d'un tunnel sécurisée -->
<Group name="vpn-backend"/>
<Bundle name="check_cert"/><!-- Check vpn cert -->
</Group>
<!-- *** Mumudvb *** -->
<Group name="mumudvb">
<!-- Un serveur qui diffuse la television -->
<Bundle name="mumudvb"/>
</Group>
<!-- *** Divers *** -->
<Group name="auth">
<!-- gestion de l'authentification -->
<Group name="auth-backend"/>
<Group name="db"/>
</Group>
<Group name="imap-server">
<Group name="ldapcert"/>
<Group name="imap-backed"/>
<Group name="home-permanent"/>
<Group name="generate"/>
<Bundle name="check_cert"/>
</Group>
<Group name="pop-server">
<Group name="pop-backed"/>
<Group name="home-permanent"/>
</Group>
<Group name="crans-ftp-server">
<!-- le serveur ftp servant le crans (miroirs) -->
<Group name="ftp-backend"/>
</Group>
<Group name="backup-ftp-server">
<!-- le serveur ftp servant les sauvegardes -->
<Group name="backup-ftp-backend"/>
</Group>
<Group name="file-server">
<!-- Serveur de fichiers -->
<Group name="home-permanent"/>
</Group>
<Group name="console-setup">
<!-- Setup des layouts sur tty -->
<Bundle name="console-setup"/>
</Group>
<Group name="ntp">
<!-- Client NTP en daemon -->
<Bundle name="ntp"/>
</Group>
<Group name="ntpdate">
<!-- Client NTP -->
<Bundle name="ntpdate"/>
</Group>
<!-- +===================================================+ -->
<!-- | Configuration des backends utilises en production | -->
<!-- +===================================================+ -->
<Group name="mail-backend">
<Group name="postfix"/>
</Group>
<Group name="mailing-list-manager-backend">
<Group name="mailman"/>
<Group name="generate"/>
<Group name="cgi"/>
</Group>
<Group name="antispam-backend">
<Group name="spamassassin"/>
</Group>
<Group name="auth-backend">
<Group name="pam"/>
</Group>
<Group name="db-backend">
<Group name="ldap"/>
</Group>
<Group name="db-server-backend">
<Group name="slapd"/>
</Group>
<Group name="news-server-backend">
<Group name="inn"/>
</Group>
<Group name="news-search-backend" > <!-- TODO: à implémenter. -->
</Group>
<Group name="dns-backend">
<Group name="bind"/>
</Group>
<Group name="http-server-backend">
<Group name="apache"/>
</Group>
<Group name="https-server-backend">
<Group name="apache"/>
</Group>
<Group name="backup-server-backend">
<Group name="backuppc-server"/>
</Group>
<Group name="backup-client-backend">
<Group name="rsync"/>
</Group>
<Group name="radius-server-backend">
<Group name="freeradius"/>
</Group>
<Group name="ftp-backend">
<Group name="vsftpd"/>
</Group>
<Group name="backup-ftp-backend">
<Group name="proftpd"/>
</Group>
<Group name="sql-backend">
<Group name="mysql"/>
</Group>
<Group name="adblock-server-backend">
<Group name="privoxy"/>
</Group>
<Group name="greylisting-backend">
<Group name="sqlgrey"/>
</Group>
<Group name="vpn-backend">
<Group name="openvpn"/>
</Group>
<Group name="ups-monitor-backend">
<Group name="nut"/>
</Group>
<!-- +==============+ -->
<!-- | Les backends | -->
<!-- +==============+ -->
<Group name="iscsi" > <!-- Backend iscsi -->
<Bundle name="iscsi"/>
</Group>
<Group name="pam"
category="auth-backend">
<!-- authentification par pam -->
<Bundle name="pam"/>
</Group>
<Group name="ldap">
<!-- base de donnee ldap -->
<Bundle name="ldap"/>
</Group>
<Group name="slapd">
<!-- serveur de base de données ldap -->
<Bundle name="slapd"/>
</Group>
<Group name="pgsql-server">
<!-- Autres serveurs que thot et vo-->
</Group>
<Group name="pgsql-server-main">
<Group name="pgsql-server"/>
<Bundle name="postgresql-9.4"/>
</Group>
<Group name="pgsql-server-test">
<Group name="pgsql-server"/>
<!-- Acl différents : vo-->
</Group>
<Group name="postfix"
category="mail-backend">
<Group name="ldapcert"/>
<Bundle name="postfix"/>
<Bundle name="postfix_aliases"/>
<Bundle name="postfix_transport"/>
<Bundle name="postfix_virtual"/>
<Bundle name="postfix_canonical"/>
<Bundle name="postfix_mime_header_checks"/>
</Group>
<Group name="mailman"
category="mailing-list-manager-backend">
<!-- TODO: a implementer/completer/tester
<Bundle name="mailman"/>
-->
</Group>
<Group name="bcfg2-client">
<Bundle name="bcfg2"/>
</Group>
<Group name="bcfg2-server">
<Group name="ldapcert"/>
<Bundle name="bcfg2"/>
<Bundle name="check_cert"/>
</Group>
<Group name="apt-mirror"
category="debian-mirror-backend">
<Bundle name="apt-mirror"/>
</Group>
<Group name="bind"
category="dns-backend">
<Bundle name="bind"/>
</Group>
<Group name="nfs">
<Bundle name="rpc"/>
</Group>
<Group name="apache"
category="http-server-backend">
<!-- TODO: a implémenter -->
<Group name="ldapcert"/>
</Group>
<Group name="radvd">
<Bundle name="radvd" />
</Group>
<Group name="aiccu">
<!-- TODO -->
</Group>
<Group name="backuppc-server"
category="backup-server-backend">
<Group name="cgi"/>
<Bundle name="backuppc"/>
</Group>
<Group name="rsync"
category="backup-client-backend">
<Bundle name="rsync-client"/>
</Group>
<Group name="freeradius"
category="radius-server-backend">
<Bundle name="freeradius"/>
</Group>
<Group name="inn"
category="news-server-backend">
<!-- La conf est sur le server de news -->
</Group>
<Group name="vsftpd"
category="ftp-server-backend">
<!-- TODO: a implementer -->
</Group>
<Group name="proftpd"
category="ftp-server-backend">
<Bundle name="proftpd"/>
</Group>
<Group name="mysql"
category="sql-backend">
<!-- TODO: a implementer -->
</Group>
<Group name="privoxy"
category="adblock-server-backend">
<!-- Non implémenté -->
</Group>
<Group name="pgsql-sqlgrey">
<Group name="pgsql-server"/>
</Group>
<Group name="sqlgrey">
<Bundle name="sqlgrey"/>
</Group>
<Group name="spamassassin">
<!-- TODO: a implementer -->
</Group>
<Group name="nscd"
category="name-service-cache-backend">
<Bundle name="nscd"/>
</Group>
<Group name="nslcd"
category="name-service-backend">
<Bundle name="nslcd"/>
</Group>
<Group name="openvpn"
category="vpn-backend">
<Bundle name="openvpn"/>
</Group>
<Group name="nut"
category="ups-monitor-backend">
<Bundle name="nut"/>
</Group>
<Group name="munin-node"
category="supervisor-node">
<Bundle name="munin-node"/>
</Group>
<Group name="policyd">
<Group name="php"/> <!-- Pour l'interface d'admin de policyd -->
<Bundle name="policyd"/>
</Group>
<Group name="cacert">
<Bundle name="cacert"/>
</Group>
<Group name="munin-server"
category="supervisor-server">
<Bundle name="munin-server"/>
<Group name="nginx"/>
<!-- <Bundle name="munin"/> -->
</Group>
<Group name="weathermap">
<Bundle name="weathermap"/>
<Group name="nginx"/>
</Group>
<Group name="router-wifi">
<!-- Le firewall de l'association -->
<Group name="vlan-wifi"/>
<!-- rien à implémenter pour le moment -->
</Group>
<Group name="igmpproxy"/> <!-- Routage du multicast, binaire installé main.
Ce paquet sert principalement à monit -->
<Group name="sniffer">
<!-- Le serveur qui surveille le réseau -->
<Group name="arpwatch"/>
<Group name="ramond"/>
</Group>
<Group name="service-sms">
<Group name="gammu"/>
<Group name="smsdaemon"/>
</Group>
<Group name="getlogwifi">
<!-- Récupération des logs wifi -->
<Group name="getlogwifi"/>
</Group>
<Group name="arpwatch" > <!-- arpwatch special crans avec traçage des macs -->
<Group name="non-free"/><!-- Pour snmp-mibs-downloader, pour interrogation switch -->
<Bundle name="arpwatch"/>
</Group>
<Group name="ramond">
<Bundle name="ramond"/>
</Group>
<Group name="gammu">
<Bundle name="gammu"/>
</Group>
<Group name="smsdaemon">
<Bundle name="smsdaemon"/>
</Group>
<Group name="intranet2-dev">
<Group name="intranet2-service"/>
<Group name="nginx"/> <!-- Pour l'intranet -->
<Group name="gunicorn"/>
<Group name="secrets-acl"/>
<Bundle name="quota"/>
</Group>
<Group name="intranet2-service">
<Bundle name="intranet2-service"/>
</Group>
<!-- +====================+ -->
<!-- | Groupes dynamiques | -->
<!-- +====================+ -->
<Group name="rescue-mode"/>
<!-- groupe inclu lorsque l'on est en connexion de secours -->
<Group name="fstab.local"/>
<!-- indique l'exsitence de /etc/fstab.local -->
<Group name="interfaces.local"/>
<!-- indique l'exsitence de /etc/network/interfaces.local -->
<Group name="sysctl.local"/>
<!-- indique l'exsitence de /etc/sysctl.local -->
<Group name="non-vlan-adherent"/>
<!-- pour les serveurs qui sont seulement sur le vlan adm -->
<Group name="imprimeurs"/>
<!-- pour les serveurs avec un acces pour les imprimeurs -->
<Group name="bureau"/>
<!-- pour les serveurs avec un acces pour les gens du bureau -->
</Groups>
Reference in a new issue View git blame Copy permalink