74 lines
2.9 KiB
Markdown
74 lines
2.9 KiB
Markdown
hostname yndx-ansible
|
|
# Задание - 1
|
|
sudo systemctl stop systemd-resolved
|
|
sudo systemctl disable systemd-resolved
|
|
sudo rm -f /etc/resolv.conf
|
|
echo "nameserver 10.10.1.200" | sudo tee /etc/resolv.conf
|
|
sudo apt install -y chrony
|
|
sudo nano /etc/chrony/chrony.conf
|
|
# Conig
|
|
server 10.10.1.200 iburst
|
|
-----------------------------------------------------------------
|
|
# Задание - 2
|
|
sudo apt update
|
|
sudo apt install -y ansible
|
|
# User
|
|
sudo adduser --disabled-password --gecos "" anscfg
|
|
# SSH - to
|
|
sudo -u anscfg ssh-keygen -t rsa -b 2048 -f /home/anscfg/.ssh/id_rsa -N ""
|
|
root@yndx-ansible:~# sudo cat /home/anscfg/.ssh/id_rsa.pub
|
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJmlCFxkUQNJOJoOdpSFS0eikNpPPeV28rNkXq8ulRe5gKtTW9YmzRfwL/uQh8xXP58kXm04r0btPrYWx/1ZGA4T0yHBEVAkO4ECxGFh6M3zulnpQ+CuSLAbUEdSQOCoCvR5D9OxOnONx+osly/QjaI/3mPYOc6i6VZXPJWHPMNM7BzyDLqlG80nP+xFMfd4An2X/hTsLKcIRdjSrweqr+jqzpeOSA1HbbZgSqN6Fjy4zCVV7sdVaDxOqaV9CH9zN+1hS3yYUoEkCCX8YrsgggG4cmeQUR3MxNmoyr+Sm5hbkoK8ON45O8MvmxYL1hDqaS1BpG8ffz3SZ1mftGRwq9 anscfg@yndx-ansible
|
|
# Test
|
|
sudo -u anscfg ssh -o StrictHostKeyChecking=no anscfg@yndx-client.practicumsuperstore.ru
|
|
# Ansible
|
|
sudo -u anscfg mkdir -p /home/anscfg/ansible
|
|
cd /home/anscfg/ansible
|
|
sudo -iu anscfg
|
|
cd /home/anscfg/ansible
|
|
nano inventory.ini (посмотреть в папке ansible-playbook -> inventory.ini)
|
|
nano setup_services.yml (посмотреть в папке ansible-playbook -> setup_services.yml)
|
|
nano create_user.yml (посмотреть в папке ansible-playbook -> create_user.yml)
|
|
nano configure_backup.yml (посмотреть в папке ansible-playbook -> configure_backup.yml)
|
|
ansible-playbook -i inventory.ini setup_services.yml
|
|
ansible-playbook -i inventory.ini create_user.yml
|
|
ansible-playbook -i inventory.ini configure_backup.yml
|
|
# Задание - 4
|
|
sudo apt install -y vsftpd
|
|
sudo adduser --disabled-password --gecos "" ftpuser
|
|
echo "ftpuser:securepass" | sudo chpasswd
|
|
sudo mkdir -p /home/ftpuser/ftp/files
|
|
sudo chown ftpuser:ftpuser /home/ftpuser/ftp/files
|
|
sudo chmod 755 /home/ftpuser/ftp
|
|
sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.bak
|
|
sudo nano /etc/vsftpd.conf
|
|
# <Config
|
|
listen=YES
|
|
listen_ipv6=NO
|
|
anonymous_enable=NO
|
|
local_enable=YES
|
|
write_enable=YES
|
|
chroot_local_user=YES
|
|
local_root=/mnt/ftp
|
|
allow_writeable_chroot=YES
|
|
dirlist_enable=YES
|
|
download_enable=YES
|
|
# Config>
|
|
sudo systemctl restart vsftpd
|
|
sudo systemctl enable vsftpd
|
|
sudo chown root:ftpshared /mnt/ftp
|
|
sudo chown ftpuser:ftpshared /mnt/ftp/files
|
|
sudo chmod 775 /mnt/ftp/files
|
|
sudo chmod g+s /mnt/ftp/files
|
|
# Задание 5
|
|
sudo apt update
|
|
sudo apt install -y nginx apache2-utils
|
|
cd /home/geseas
|
|
tar -xf nginx2.tar.gz
|
|
cd nginx
|
|
sudo cp default /etc/nginx/sites-available/
|
|
sudo ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/
|
|
sudo cp index.html 404.html 500.html /var/www/html/
|
|
sudo cp -r secure /var/www/html/
|
|
sudo chown -R www-data:www-data /var/www/html/secure
|
|
sudo chmod 750 /var/www/html/secure
|
|
sudo htpasswd -c /etc/nginx/.htpasswd admin |