Outils pour utilisateurs

Outils du site


admin:services:agir.chapril.org

Ceci est une ancienne révision du document !


Service agir.chapril.org

Redirection vers le projet Chapril dans le Redmine de l'April.

Déploiement

DNS

Configuration du fichier DNS :

=(^-^)=root@dns:/etc/bind/zones/masters# git diff
diff --git a/bind/zones/masters/chapril.org b/bind/zones/masters/chapril.org
index a5368c5..cb20fcd 100644
--- a/bind/zones/masters/chapril.org
+++ b/bind/zones/masters/chapril.org
@@ -3,7 +3,7 @@
 
 $TTL 1h
 @      IN      SOA     fip.chapril.org.        hostmaster.chapril.org. (
-               2019110400              ; Serial  - YYYYMMDDnn
+               2020010801              ; Serial  - YYYYMMDDnn
                4h                      ; Refresh
                1h                      ; Retry
                1w                      ; Expire
@@ -50,6 +50,10 @@ icinga2 CNAME galanga.april.org.
 backup  CNAME   icinga2
 myip    CNAME   icinga2
 
+; redirections
+agir    CNAME   fip
+
 ; XMPP (old)
 muc.xmpp    CNAME   xmpp
 echo.xmpp   CNAME   xmpp

Activation :

rndc reload chapril.org in external

Bastion

Configuration du certificat SSL :

=(^-^)=root@bastion:/etc# git diff dehydrated/domains.txt
diff --git a/dehydrated/domains.txt b/dehydrated/domains.txt
index b53ff9c..662eb8a 100644
--- a/dehydrated/domains.txt
+++ b/dehydrated/domains.txt
@@ -15,3 +15,5 @@ pad.chapril.org
 valise.chapril.org
 xmpp.chapril.org upload-xmpp.chapril.org
 drop.chapril.org
+agir.chapril.org

Activation :

dehydrated -c

Configuration du serveur web sur la vm bastion :

=(^-^)=root@bastion:/etc/nginx/sites-available# cat agir.chapril.org 
server {
    listen 80;
    listen [::]:80;
    
    server_name agir.chapril.org;

    access_log /var/log/nginx/agir.chapril.org/agir.chapril.org.access_log;
    error_log /var/log/nginx/agir.chapril.org/agir.chapril.org.error_log;

#    include /etc/nginx/custom_50x;
    include /etc/nginx/acme-challenge;
    include /etc/nginx/sexy-chapril;
    include /etc/nginx/force-ssl.conf;
}


server {
======= Service agir.chapril.org =======

Redirection vers le projet Chapril dans le Redmine de l'April.


===== Déploiement =====

==== DNS ====
Configuration du fichier DNS :
<code>
=(^-^)=root@dns:/etc/bind/zones/masters# git diff
diff --git a/bind/zones/masters/chapril.org b/bind/zones/masters/chapril.org
index a5368c5..cb20fcd 100644
--- a/bind/zones/masters/chapril.org
+++ b/bind/zones/masters/chapril.org
@@ -3,7 +3,7 @@
 
 $TTL 1h
 @      IN      SOA     fip.chapril.org.        hostmaster.chapril.org. (
-               2019110400              ; Serial  - YYYYMMDDnn
+               2020010801              ; Serial  - YYYYMMDDnn
                4h                      ; Refresh
                1h                      ; Retry
                1w                      ; Expire
@@ -50,6 +50,10 @@ icinga2 CNAME galanga.april.org.
 backup  CNAME   icinga2
 myip    CNAME   icinga2
 
+; redirections
+agir    CNAME   fip
+wiki    CNAME   fip
+
 ; XMPP (old)
 muc.xmpp    CNAME   xmpp
 echo.xmpp   CNAME   xmpp

Activation :

rndc reload chapril.org in external

Bastion

Configuration du certificat SSL :

=(^-^)=root@bastion:/etc# git diff dehydrated/domains.txt
diff --git a/dehydrated/domains.txt b/dehydrated/domains.txt
index b53ff9c..662eb8a 100644
--- a/dehydrated/domains.txt
+++ b/dehydrated/domains.txt
@@ -15,3 +15,5 @@ pad.chapril.org
 valise.chapril.org
 xmpp.chapril.org upload-xmpp.chapril.org
 drop.chapril.org
+agir.chapril.org
+wiki.chapril.org

Activation :

dehydrated -c

Configuration du serveur web sur la vm bastion :

=(^-^)=root@bastion:/etc/nginx/sites-available# cat wiki.chapril.org 
server {
    listen 80;
    listen [::]:80;
    
    server_name wiki.chapril.org;

    access_log /var/log/nginx/wiki.chapril.org/wiki.chapril.org.access_log;
    error_log /var/log/nginx/wiki.chapril.org/wiki.chapril.org.error_log;

#    include /etc/nginx/custom_50x;
    include /etc/nginx/acme-challenge;
    include /etc/nginx/sexy-chapril;
    include /etc/nginx/force-ssl.conf;
}


server {
    listen 443 ssl;
    listen [::]:443 ssl;
    ssl on;
    
    server_name wiki.chapril.org;

    access_log /var/log/nginx/wiki.chapril.org/wiki.chapril.org.access_log;
    error_log /var/log/nginx/wiki.chapril.org/wiki.chapril.org.error_log;

#    include /etc/nginx/custom_50x;
    ssl_certificate     /var/lib/dehydrated/certs/wiki.chapril.org/fullchain.pem;
    ssl_certificate_key /var/lib/dehydrated/certs/wiki.chapril.org/privkey.pem;

    include /etc/nginx/acme-challenge;
    include /etc/nginx/sexy-chapril;

    return 301 https://wiki.april.org/w/Chapril;
}

Création du dossier de logs :

mkdir /var/log/nginx/agir.chapril.org/
ln -sf /etc/nginx/sites-available/wiki.chapril.org /etc/nginx/sites-enabled/

Activation :

nginx -t
systemctl reload nginx

Création du dossier de logs :

mkdir /var/log/nginx/wiki.chapril.org/
ln -sf /etc/nginx/sites-available/agir.chapril.org /etc/nginx/sites-enabled/

Activation :

nginx -t
systemctl reload nginx
admin/services/agir.chapril.org.1578499654.txt.gz · Dernière modification : 2020/01/08 16:07 de admin