This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
настройка_стендов_слушателей [2017/12/04 09:39] val [Ubuntu] |
настройка_стендов_слушателей [2018/10/04 13:47] val [KOMM] |
||
---|---|---|---|
Line 131: | Line 131: | ||
</code> | </code> | ||
- | ===== Дополнительные материалы ===== | + | ===== Скрипты автоконфигурации ===== |
+ | |||
+ | ==== gate.corpX.un ==== | ||
<code> | <code> | ||
- | cat gate.sh | + | # cat net_gate.sh |
</code><code> | </code><code> | ||
- | rm /etc/udev/rules.d/70-persistent-net.rules | + | X=$1 |
+ | |||
+ | if test -z $X | ||
+ | then | ||
+ | echo -n "enter X: " | ||
+ | read X | ||
+ | fi | ||
cat > /etc/hosts <<EOF | cat > /etc/hosts <<EOF | ||
127.0.0.1 localhost | 127.0.0.1 localhost | ||
- | 192.168.${1}.1 gate.corp${1}.un gate | + | 192.168.$X.1 gate.corp$X.un gate |
172.16.1.254 proxy | 172.16.1.254 proxy | ||
Line 147: | Line 155: | ||
cat > /etc/resolv.conf <<EOF | cat > /etc/resolv.conf <<EOF | ||
- | search corp${1}.un | + | search corp$X.un |
nameserver 172.16.1.254 | nameserver 172.16.1.254 | ||
+ | #nameserver 192.168.$X.10 | ||
EOF | EOF | ||
- | echo gate.corp${1}.un > /etc/hostname | + | echo gate.corp$X.un > /etc/hostname |
cat > /etc/network/interfaces <<EOF | cat > /etc/network/interfaces <<EOF | ||
Line 159: | Line 168: | ||
auto eth0 | auto eth0 | ||
iface eth0 inet static | iface eth0 inet static | ||
- | address 192.168.${1}.1 | + | address 192.168.$X.1 |
netmask 255.255.255.0 | netmask 255.255.255.0 | ||
auto eth1 | auto eth1 | ||
iface eth1 inet static | iface eth1 inet static | ||
- | address 172.16.1.${1} | + | address 172.16.1.$X |
netmask 255.255.255.0 | netmask 255.255.255.0 | ||
gateway 172.16.1.254 | gateway 172.16.1.254 | ||
+ | |||
+ | #auto eth2 | ||
+ | #iface eth2 inet static | ||
+ | # address 192.168.$((100+$X)).1 | ||
+ | # netmask 255.255.255.0 | ||
EOF | EOF | ||
- | echo net.ipv4.ip_forward = 1 >> /etc/sysctl.conf | + | echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf |
+ | |||
+ | timedatectl set-timezone Europe/Moscow | ||
+ | |||
+ | echo Success | ||
+ | exit 0 | ||
+ | </code> | ||
+ | |||
+ | ==== server.corpX.un ==== | ||
+ | |||
+ | <code> | ||
+ | # cat net_server.sh | ||
</code><code> | </code><code> | ||
- | cat server.sh | + | X=$1 |
- | </code><code> | + | |
- | rm /etc/udev/rules.d/70-persistent-net.rules | + | if test -z $X |
+ | then | ||
+ | echo -n "enter X: " | ||
+ | read X | ||
+ | fi | ||
cat > /etc/hosts <<EOF | cat > /etc/hosts <<EOF | ||
127.0.0.1 localhost | 127.0.0.1 localhost | ||
- | 192.168.${1}.10 server.corp${1}.un server | + | 192.168.$X.10 server.corp$X.un server |
172.16.1.254 proxy | 172.16.1.254 proxy | ||
Line 185: | Line 214: | ||
cat > /etc/resolv.conf <<EOF | cat > /etc/resolv.conf <<EOF | ||
- | search corp${1}.un | + | search corp$X.un |
nameserver 172.16.1.254 | nameserver 172.16.1.254 | ||
+ | #nameserver 192.168.$X.10 | ||
EOF | EOF | ||
- | echo server.corp${1}.un > /etc/hostname | + | echo server.corp$X.un > /etc/hostname |
cat > /etc/network/interfaces <<EOF | cat > /etc/network/interfaces <<EOF | ||
Line 197: | Line 227: | ||
auto eth0 | auto eth0 | ||
iface eth0 inet static | iface eth0 inet static | ||
- | address 192.168.${1}.10 | + | address 192.168.$X.10 |
netmask 255.255.255.0 | netmask 255.255.255.0 | ||
- | gateway 192.168.${1}.1 | + | gateway 192.168.$X.1 |
EOF | EOF | ||
+ | |||
+ | timedatectl set-timezone Europe/Moscow | ||
+ | |||
+ | echo Success | ||
+ | exit 0 | ||
+ | </code> | ||
+ | |||
+ | ==== dhcp ==== | ||
+ | |||
+ | <code> | ||
+ | # cat dhcp.sh | ||
+ | </code><code> | ||
+ | X=$1 | ||
+ | |||
+ | if test -z $X | ||
+ | then | ||
+ | echo -n "enter X: " | ||
+ | read X | ||
+ | fi | ||
+ | |||
+ | apt update | ||
+ | apt install -y isc-dhcp-server | ||
+ | |||
+ | echo 'INTERFACES="eth0"' > /etc/default/isc-dhcp-server | ||
+ | echo '#INTERFACES="eth0 eth2"' >> /etc/default/isc-dhcp-server | ||
+ | |||
+ | cat > /etc/dhcp/dhcpd.conf <<EOF | ||
+ | ddns-update-style none; | ||
+ | |||
+ | default-lease-time 600; | ||
+ | max-lease-time 7200; | ||
+ | |||
+ | option domain-name "corp$X.un"; | ||
+ | option domain-name-servers 192.168.$X.10; | ||
+ | |||
+ | #### For provisioning #### | ||
+ | #option tftp-server-name code 66 = string; # RFC 2132 | ||
+ | #option tftp-server-address code 150 = ip-address; # RFC 5859 | ||
+ | #option tftp-server-name "server.corp$X.un"; | ||
+ | #option tftp-server-address 192.168.$X.10; | ||
+ | |||
+ | |||
+ | shared-network LAN1 { | ||
+ | subnet 192.168.$X.0 netmask 255.255.255.0 { | ||
+ | range 192.168.$X.101 192.168.$X.199; | ||
+ | option routers 192.168.$X.1; | ||
+ | } | ||
+ | } | ||
+ | |||
+ | #shared-network LAN2 { | ||
+ | # subnet 192.168.$((100 + $X)).0 netmask 255.255.255.0 { | ||
+ | # range 192.168.$((100 + $X)).101 192.168.$((100 + $X)).199; | ||
+ | # option routers 192.168.$((100 + $X)).1; | ||
+ | # } | ||
+ | #} | ||
+ | |||
+ | |||
+ | EOF | ||
+ | |||
+ | dhcpd -t && service isc-dhcp-server start | ||
+ | |||
+ | echo Success | ||
+ | exit 0 | ||
+ | </code> | ||
+ | |||
+ | ==== dns ==== | ||
+ | |||
+ | <code> | ||
+ | # cat dns.sh | ||
+ | </code><code> | ||
+ | X=$1 | ||
+ | |||
+ | if test -z $X | ||
+ | then | ||
+ | echo -n "enter X: " | ||
+ | read X | ||
+ | fi | ||
+ | |||
+ | apt update | ||
+ | apt install -y bind9 dnsutils | ||
+ | |||
+ | cat > /etc/bind/named.conf <<EOF | ||
+ | options { | ||
+ | directory "/var/cache/bind"; | ||
+ | |||
+ | allow-recursion { any; }; | ||
+ | |||
+ | forwarders { | ||
+ | 172.16.1.254; | ||
+ | }; | ||
+ | empty-zones-enable no; | ||
+ | }; | ||
+ | |||
+ | view "inside" { | ||
+ | match-clients { | ||
+ | // 192.168.$X/24; | ||
+ | // 127/8; | ||
+ | 0/0; | ||
+ | }; | ||
+ | zone "corp$X.un" { | ||
+ | type master; | ||
+ | file "/etc/bind/corp$X.un"; | ||
+ | }; | ||
+ | }; | ||
+ | |||
+ | view "outside" { | ||
+ | zone "corp$X.un" { | ||
+ | type master; | ||
+ | file "/etc/bind/corp$X.un.out"; | ||
+ | }; | ||
+ | }; | ||
+ | EOF | ||
+ | |||
+ | cat > /etc/bind/corp$X.un <<EOF | ||
+ | \$TTL 3h | ||
+ | @ SOA ns root.ns 1 1d 12h 1w 3h | ||
+ | NS ns | ||
+ | |||
+ | A 192.168.$X.10 | ||
+ | MX 1 server | ||
+ | |||
+ | ns A 192.168.$X.10 | ||
+ | gate A 192.168.$X.1 | ||
+ | server A 192.168.$X.10 | ||
+ | |||
+ | ;_sip._udp SRV 0 0 5060 server | ||
+ | |||
+ | ;_xmpp-client._tcp SRV 0 0 5222 server | ||
+ | |||
+ | ;_kerberos._udp SRV 01 00 88 server | ||
+ | ;_kerberos._tcp SRV 01 00 88 server | ||
+ | ;_kerberos TXT CORP$X.UN | ||
+ | EOF | ||
+ | |||
+ | cat > /etc/bind/corp$X.un.out <<EOF | ||
+ | \$TTL 3h | ||
+ | @ SOA ns root.ns 1 1d 12h 1w 3h | ||
+ | NS ns | ||
+ | |||
+ | ns A 172.16.1.$X | ||
+ | gate A 172.16.1.$X | ||
+ | server A 172.16.1.$X | ||
+ | |||
+ | ;_sip._udp SRV 00 00 6050 server | ||
+ | EOF | ||
+ | |||
+ | named-checkconf -z && service bind9 restart | ||
+ | |||
+ | echo Success | ||
+ | exit 0 | ||
+ | </code> | ||
+ | |||
+ | ===== Ansible конфигурация ===== | ||
+ | |||
+ | ==== server.corpX.un ==== | ||
+ | |||
+ | * АСТЕРИСК1,3 ЛИН5 | ||
+ | |||
+ | <code> | ||
+ | |||
+ | </code> | ||
+ | |||
+ | ==== mail.corpX.un ==== | ||
+ | |||
+ | * KOMM | ||
+ | |||
+ | <code> | ||
+ | |||
</code> | </code> |