https://redmine.april.org/https://redmine.april.org/favicon.ico?15861920342012-11-22T10:15:58ZGestionnaire de projets de l'AprilAdmins - Demande #1048: plage d'IP 192.168.5.0/24 pour l'integration continuehttps://redmine.april.org/issues/1048?journal_id=33332012-11-22T10:15:58ZLoïc Dachary
<ul><li><strong>% réalisé</strong> changé de <i>0</i> à <i>30</i></li></ul><pre>
root@pavot:/tmp# cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/ /tmp && cd /tmp/2.0/ # Copie locale
root@pavot:/tmp/2.0# . vars
NOTE: If you run ./clean-all, I will be doing a rm -rf on /tmp/2.0/keys
root@pavot:/tmp/2.0# KEY_CONFIG=/tmp/2.0/openssl.cnf KEY_DIR=/etc/openvpn/keys EASY_RSA=/tmp/2.0 bash -x /tmp/2.0/pkitool --interact april-ci
Generating a 1024 bit RSA private key
........++++++
...........++++++
writing new private key to 'april-ci.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [US]:FR
State or Province Name (full name) [CA]:Paris
Locality Name (eg, city) [SanFrancisco]:Paris
Organization Name (eg, company) [Fort-Funston]:April
Organizational Unit Name (eg, section) []:Sysadmin
Common Name (eg, your name or your server's hostname) [april-ci]:
Email Address [me@myhost.mydomain]:admins@april.org
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
+ '[' 1 -eq 0 ']'
+ openssl ca -days 3650 -out april-ci.crt -in april-ci.csr -md sha1 -config /tmp/2.0/openssl.cnf
Using configuration from /tmp/2.0/openssl.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'FR'
stateOrProvinceName :PRINTABLE:'Paris'
localityName :PRINTABLE:'Paris'
organizationName :PRINTABLE:'April'
organizationalUnitName:PRINTABLE:'Sysadmin'
commonName :PRINTABLE:'april-ci'
emailAddress :IA5STRING:'admins@april.org'
Certificate is to be certified until Nov 20 10:13:05 2022 GMT (3650 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
</pre> Admins - Demande #1048: plage d'IP 192.168.5.0/24 pour l'integration continuehttps://redmine.april.org/issues/1048?journal_id=33342012-11-22T10:21:57ZLoïc Dachary
<ul><li><strong>Tâche parente</strong> mis à <i>#1035</i></li></ul> Admins - Demande #1048: plage d'IP 192.168.5.0/24 pour l'integration continuehttps://redmine.april.org/issues/1048?journal_id=33352012-11-22T12:15:56ZLoïc Dachary
<ul></ul><pre>
root@bm0001:~# nova boot --image 'Debian Squeeze 6.0.5' --flavor e.1-cpu.10GB-disk.256MB-ram --key_name\
loic --availability_zone=bm0008 --poll vpn-client
</pre>
<pre>
root@april-ci:~# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug eth0
iface eth0 inet dhcp
up ip addr add 192.168.5.1/24 dev eth0
up echo 1 > /proc/sys/net/ipv4/ip_forward
</pre> Admins - Demande #1048: plage d'IP 192.168.5.0/24 pour l'integration continuehttps://redmine.april.org/issues/1048?journal_id=33362012-11-22T12:19:26ZLoïc Dachary
<ul></ul><p>copie des certificats sur la VM <br /><pre>
scp pavot.april.org:/etc/openvpn/keys/{april-ci.*,ca.crt} 10.145.9.3:/tmp/
</pre><br />et configuration du client VPN<br /><pre>
cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn
</pre><br />et configuration avec<br /><pre>
remote pavot.april.org 1194
cert april-ci.crt
key april-ci.key
</pre></p> Admins - Demande #1048: plage d'IP 192.168.5.0/24 pour l'integration continuehttps://redmine.april.org/issues/1048?journal_id=33382012-11-22T12:27:26ZLoïc Dachary
<ul><li><strong>Statut</strong> changé de <i>En cours de traitement</i> à <i>Résolu</i></li><li><strong>% réalisé</strong> changé de <i>30</i> à <i>100</i></li></ul><pre>
dns:/etc/bind/zones/masters# git show
commit 900702b38f30facfa84e0438452ccdc45cb86d73
Author: Loic Dachary <loic@dachary.org>
Date: Thu Nov 22 13:25:49 2012 +0100
suppression de zabbix.vm.april-int en attendant la conclusion de l'utilisation ou non de zabbix http
diff --git a/bind/zones/masters/vm.april-int b/bind/zones/masters/vm.april-int
index 1cb6308..d73422e 100644
--- a/bind/zones/masters/vm.april-int
+++ b/bind/zones/masters/vm.april-int
@@ -13,4 +13,4 @@ $TTL 1D
controller IN A 192.168.4.1
puppet IN A 192.168.4.2
jenkins IN A 192.168.4.3
-zabbix IN A 192.168.4.4
+april-ci IN A 192.168.5.1
</pre> Admins - Demande #1048: plage d'IP 192.168.5.0/24 pour l'integration continuehttps://redmine.april.org/issues/1048?journal_id=138982019-05-29T10:19:00ZQuentin Gibeauxapril.quentin@gibeaux.eu
<ul><li><strong>Statut</strong> changé de <i>Résolu</i> à <i>Fermé</i></li></ul>