2.9 KiB
hostname yndx-ansible
Задание - 1
sudo systemctl stop systemd-resolved sudo systemctl disable systemd-resolved sudo rm -f /etc/resolv.conf echo "nameserver 10.10.1.200" | sudo tee /etc/resolv.conf sudo apt install -y chrony sudo nano /etc/chrony/chrony.conf
Conig
server 10.10.1.200 iburst
Задание - 2
sudo apt update sudo apt install -y ansible
User
sudo adduser --disabled-password --gecos "" anscfg
SSH - to
sudo -u anscfg ssh-keygen -t rsa -b 2048 -f /home/anscfg/.ssh/id_rsa -N "" root@yndx-ansible:~# sudo cat /home/anscfg/.ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJmlCFxkUQNJOJoOdpSFS0eikNpPPeV28rNkXq8ulRe5gKtTW9YmzRfwL/uQh8xXP58kXm04r0btPrYWx/1ZGA4T0yHBEVAkO4ECxGFh6M3zulnpQ+CuSLAbUEdSQOCoCvR5D9OxOnONx+osly/QjaI/3mPYOc6i6VZXPJWHPMNM7BzyDLqlG80nP+xFMfd4An2X/hTsLKcIRdjSrweqr+jqzpeOSA1HbbZgSqN6Fjy4zCVV7sdVaDxOqaV9CH9zN+1hS3yYUoEkCCX8YrsgggG4cmeQUR3MxNmoyr+Sm5hbkoK8ON45O8MvmxYL1hDqaS1BpG8ffz3SZ1mftGRwq9 anscfg@yndx-ansible
Test
sudo -u anscfg ssh -o StrictHostKeyChecking=no anscfg@yndx-client.practicumsuperstore.ru
Ansible
sudo -u anscfg mkdir -p /home/anscfg/ansible cd /home/anscfg/ansible sudo -iu anscfg cd /home/anscfg/ansible nano inventory.ini (посмотреть в папке ansible-playbook -> inventory.ini) nano setup_services.yml (посмотреть в папке ansible-playbook -> setup_services.yml) nano create_user.yml (посмотреть в папке ansible-playbook -> create_user.yml) nano configure_backup.yml (посмотреть в папке ansible-playbook -> configure_backup.yml) ansible-playbook -i inventory.ini setup_services.yml ansible-playbook -i inventory.ini create_user.yml ansible-playbook -i inventory.ini configure_backup.yml
Задание - 4
sudo apt install -y vsftpd sudo adduser --disabled-password --gecos "" ftpuser echo "ftpuser:securepass" | sudo chpasswd sudo mkdir -p /home/ftpuser/ftp/files sudo chown ftpuser:ftpuser /home/ftpuser/ftp/files sudo chmod 755 /home/ftpuser/ftp sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.bak sudo nano /etc/vsftpd.conf
<Config
listen=YES listen_ipv6=NO anonymous_enable=NO local_enable=YES write_enable=YES chroot_local_user=YES local_root=/mnt/ftp allow_writeable_chroot=YES dirlist_enable=YES download_enable=YES
Config>
sudo systemctl restart vsftpd sudo systemctl enable vsftpd sudo chown root:ftpshared /mnt/ftp sudo chown ftpuser:ftpshared /mnt/ftp/files sudo chmod 775 /mnt/ftp/files sudo chmod g+s /mnt/ftp/files
Задание 5
sudo apt update sudo apt install -y nginx apache2-utils cd /home/geseas tar -xf nginx2.tar.gz cd nginx sudo cp default /etc/nginx/sites-available/ sudo ln -sf /etc/nginx/sites-available/default /etc/nginx/sites-enabled/ sudo cp index.html 404.html 500.html /var/www/html/ sudo cp -r secure /var/www/html/ sudo chown -R www-data:www-data /var/www/html/secure sudo chmod 750 /var/www/html/secure sudo htpasswd -c /etc/nginx/.htpasswd admin