[{"id":705,"date":"2023-09-30T17:41:44","date_gmt":"2023-09-30T15:41:44","guid":{"rendered":"https:\/\/hugues.lepesant.com\/?p=705"},"modified":"2023-09-30T17:41:44","modified_gmt":"2023-09-30T15:41:44","slug":"installation-arch","status":"publish","type":"post","link":"https:\/\/hugues.lepesant.com\/2023\/09\/30\/installation-arch\/","title":{"rendered":"installation Arch"},"content":{"rendered":"\n
loadkey fr-latin1
iwctl
station wlan0 scan
station wlan0 get-networks
station wlan0 connect SSID
station wlan0 show
quit
timedatectl<\/p>\n\n\n\n
reflector –country France –age 12 –protocol https –sort rate –save \/etc\/pacman.d\/mirrorlist<\/p>\n\n\n\n exit <\/p>\n","protected":false},"excerpt":{"rendered":" loadkey fr-latin1iwctlstation wlan0 scanstation wlan0 get-networksstation wlan0 connect SSIDstation wlan0 showquittimedatectl mkfs.fat -F32 \/dev\/sda1mkfs.ext4 \/dev\/sda2mkfs.ext4 \/dev\/sdb1mkswap \/dev\/sda3swapon \/dev\/sda3 mount \/dev\/sda2 \/mntmkdir \/mnt\/homemount \/dev\/sdb1 \/mnt\/home reflector –country France –age 12 –protocol https –sort rate –save \/etc\/pacman.d\/mirrorlist pacstrap -i \/mnt base linux … Continuer la lecture →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[20,1],"tags":[12],"_links":{"self":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/705"}],"collection":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/comments?post=705"}],"version-history":[{"count":2,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/705\/revisions"}],"predecessor-version":[{"id":707,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/705\/revisions\/707"}],"wp:attachment":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/media?parent=705"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/categories?post=705"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/tags?post=705"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}},{"id":694,"date":"2023-03-19T13:47:57","date_gmt":"2023-03-19T12:47:57","guid":{"rendered":"https:\/\/hugues.lepesant.com\/?p=694"},"modified":"2023-03-19T14:30:52","modified_gmt":"2023-03-19T13:30:52","slug":"coreos-reconfiguration-reseau","status":"publish","type":"post","link":"https:\/\/hugues.lepesant.com\/2023\/03\/19\/coreos-reconfiguration-reseau\/","title":{"rendered":"CoreOS : (re)configuration r\u00e9seau"},"content":{"rendered":"\n Je monte un cluster Kubernetes en mode \u00ab\u00a0bare metal\u00a0\u00bb. Une fois la VM reboot\u00e9e elle affiche une adresse IP attribu\u00e9e par DHCP. Heureusement que l’auto-compl\u00e9tion fonctionne \u00e0 merveille.<\/p>\n\n\n\n On reparlera du fichier coreos.ign (aka ignition plus tard)<\/p>\n","protected":false},"excerpt":{"rendered":" Je monte un cluster Kubernetes en mode \u00ab\u00a0bare metal\u00a0\u00bb.En faite des VMs.Pour monter le cluster je vais utiliser RKE de Rancher.Pour les nodes du cluster, je veux partir sur CoreOS.L’installation des VMs se fait sans probl\u00e8me. sudo coreos-installer install \/dev\/xvda … Continuer la lecture →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[63,60],"tags":[],"_links":{"self":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/694"}],"collection":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/comments?post=694"}],"version-history":[{"count":5,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/694\/revisions"}],"predecessor-version":[{"id":702,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/694\/revisions\/702"}],"wp:attachment":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/media?parent=694"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/categories?post=694"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/tags?post=694"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}},{"id":674,"date":"2018-10-26T16:43:07","date_gmt":"2018-10-26T14:43:07","guid":{"rendered":"http:\/\/hugues.lepesant.com\/?p=674"},"modified":"2018-10-26T16:55:03","modified_gmt":"2018-10-26T14:55:03","slug":"renouvellement-des-certificats-ssl-fournit-par-letsencryt","status":"publish","type":"post","link":"https:\/\/hugues.lepesant.com\/2018\/10\/26\/renouvellement-des-certificats-ssl-fournit-par-letsencryt\/","title":{"rendered":"Renouvellement des certificats SSL fournit par LetsEncryt"},"content":{"rendered":" Ce script test le d\u00e9lai avant expiration de vos certificats SSL. Votre serveur web est nginx….dans cet exemple.<\/p>\n Ce script test le d\u00e9lai avant expiration de vos certificats SSL. Le renouvellement est demand\u00e9 si l’expiration intervient dans les 10 jours (par d\u00e9faut). Votre serveur web est nginx….dans cet exemple.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/674"}],"collection":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/comments?post=674"}],"version-history":[{"count":3,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/674\/revisions"}],"predecessor-version":[{"id":677,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/674\/revisions\/677"}],"wp:attachment":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/media?parent=674"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/categories?post=674"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/tags?post=674"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}},{"id":658,"date":"2018-07-31T23:33:29","date_gmt":"2018-07-31T21:33:29","guid":{"rendered":"http:\/\/hugues.lepesant.com\/?p=658"},"modified":"2018-08-01T00:01:34","modified_gmt":"2018-07-31T22:01:34","slug":"oracle-xe-sur-debian-9","status":"publish","type":"post","link":"https:\/\/hugues.lepesant.com\/2018\/07\/31\/oracle-xe-sur-debian-9\/","title":{"rendered":"Oracle XE sur Debian 9"},"content":{"rendered":" Sur une Debian 9 fra\u00eechement install\u00e9e, avec Alien.<\/p>\n C’est par ici<\/a>.<\/p>\n L’option \u00ab\u00a0–scripts\u00a0\u00bb permet de conserver les scripts de pre\/post installation et d\u00e9sinstallation. Parce que bon. 2G de SWAP c’est bien.<\/p>\n Ce qui est p\u00e9nible avec Oracle c’est qu’il y a un paquet de variable d’environnement \u00e0 d\u00e9finir avant de pouvoir jouer avec. Comme j’utilise bash comme shell, je place la ligne suivante en fin de \u00ab\u00a0~\/.bashrc\u00a0\u00bb<\/p>\n Je me d\u00e9connecte\/reconnecte, et je lance la commande \u00ab\u00a0env\u00a0\u00bb :<\/p>\n Voil\u00e0 maintenant je peux lancer SQLPlus.<\/p>\n Dans un prochain article on verra la cr\u00e9ation d’un tablespace, et celui d’un user\/schema. Installation d’Oracle Express sur une Debian 9 Sur une Debian 9 fra\u00eechement install\u00e9e, avec Alien. Installation de quelques d\u00e9pendances T\u00e9l\u00e9charger Oracle Database Express Edition 11g Release 2 C’est par ici. D\u00e9compresser l’archive Convertir le RPM en DEB L’option \u00ab\u00a0–scripts\u00a0\u00bb permet … Continuer la lecture →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[58,57,20],"tags":[],"_links":{"self":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/658"}],"collection":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/comments?post=658"}],"version-history":[{"count":9,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/658\/revisions"}],"predecessor-version":[{"id":669,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/658\/revisions\/669"}],"wp:attachment":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/media?parent=658"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/categories?post=658"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/tags?post=658"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}},{"id":654,"date":"2018-02-07T11:20:20","date_gmt":"2018-02-07T10:20:20","guid":{"rendered":"http:\/\/hugues.lepesant.com\/?p=654"},"modified":"2018-02-07T11:20:20","modified_gmt":"2018-02-07T10:20:20","slug":"systemctl","status":"publish","type":"post","link":"https:\/\/hugues.lepesant.com\/2018\/02\/07\/systemctl\/","title":{"rendered":"systemctl"},"content":{"rendered":" Bon on va y aller franchement, je d\u00e9teste ce truc. Donc voici quelques astuces pour :<\/p>\n Bon on va y aller franchement, je d\u00e9teste ce truc. Il m’apporte plus d’emmerde qu’il m’en solutionne. Donc voici quelques astuces pour : Supprimer un service proprement systemctl list-units |grep <nom du service> systemctl disable <le service \u00e0 supprimer> systemctl … Continuer la lecture →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[4,5,1],"tags":[],"_links":{"self":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/654"}],"collection":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/comments?post=654"}],"version-history":[{"count":3,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/654\/revisions"}],"predecessor-version":[{"id":657,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/654\/revisions\/657"}],"wp:attachment":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/media?parent=654"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/categories?post=654"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/tags?post=654"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}},{"id":598,"date":"2016-01-13T10:05:24","date_gmt":"2016-01-13T09:05:24","guid":{"rendered":"http:\/\/hugues.lepesant.com\/?p=598"},"modified":"2016-01-13T10:37:38","modified_gmt":"2016-01-13T09:37:38","slug":"installation-solr-sur-debian-8","status":"publish","type":"post","link":"https:\/\/hugues.lepesant.com\/2016\/01\/13\/installation-solr-sur-debian-8\/","title":{"rendered":"Installation Solr sur Debian 8"},"content":{"rendered":" <\/p>\n <\/p>\n <\/p>\n <\/p>\n Il vous reste \u00e0 v\u00e9rifier dans votre navigateur : http:\/\/localhost:8983\/solr<\/p>\n <\/p>\n Installation de Java8 Installation de Solr 5.x Quelques modifications Cr\u00e9ation d’une Collection Il vous reste \u00e0 v\u00e9rifier dans votre navigateur : http:\/\/localhost:8983\/solr Sources : https:\/\/www.drupal.org\/node\/2502221 https:\/\/www.digitalocean.com\/community\/tutorials\/how-to-install-solr-5-2-1-on-ubuntu-14-04<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[20,5],"tags":[54,55,53],"_links":{"self":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/598"}],"collection":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/comments?post=598"}],"version-history":[{"count":5,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/598\/revisions"}],"predecessor-version":[{"id":604,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/598\/revisions\/604"}],"wp:attachment":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/media?parent=598"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/categories?post=598"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/tags?post=598"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}},{"id":594,"date":"2016-01-05T12:32:23","date_gmt":"2016-01-05T11:32:23","guid":{"rendered":"http:\/\/hugues.lepesant.com\/?p=594"},"modified":"2016-01-05T12:32:23","modified_gmt":"2016-01-05T11:32:23","slug":"dans-ma-cave-cave-cave","status":"publish","type":"post","link":"https:\/\/hugues.lepesant.com\/2016\/01\/05\/dans-ma-cave-cave-cave\/","title":{"rendered":"Dans ma cave, cave, cave"},"content":{"rendered":" Cela fait quelques ann\u00e9es que je suis en home hosting pour ce blog mais aussi ma messagerie perso. Ce n’est pas de la parano\u00efa anti-patriotAct mais l’envie de tout ma\u00eetriser.<\/p>\n Ceci est d’autant plus possible que ma connexion ADSL Free b\u00e9n\u00e9ficie d’une IP fixe.<\/p>\n Afin de valider la pertinence de la solution j’avais mis en place un \u00ab\u00a0monitoring\u00a0\u00bb ultra light par l’interm\u00e9diaire de Pingdom.<\/p>\n <\/a><\/p>\n Voici le dernier report.<\/p>\n C’est la premi\u00e8re fois, et j’en suis pas peu fier \ud83d\ude09<\/p>\n","protected":false},"excerpt":{"rendered":" Cela fait quelques ann\u00e9es que je suis en home hosting pour ce blog mais aussi ma messagerie perso. Ce n’est pas de la parano\u00efa anti-patriotAct mais l’envie de tout ma\u00eetriser. Ceci est d’autant plus possible que ma connexion ADSL Free … Continuer la lecture →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[7,1],"tags":[],"_links":{"self":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/594"}],"collection":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/comments?post=594"}],"version-history":[{"count":1,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/594\/revisions"}],"predecessor-version":[{"id":596,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/posts\/594\/revisions\/596"}],"wp:attachment":[{"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/media?parent=594"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/categories?post=594"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hugues.lepesant.com\/wp-json\/wp\/v2\/tags?post=594"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}},{"id":549,"date":"2015-11-25T00:00:14","date_gmt":"2015-11-24T23:00:14","guid":{"rendered":"http:\/\/hugues.lepesant.com\/?p=549"},"modified":"2017-05-05T11:07:15","modified_gmt":"2017-05-05T09:07:15","slug":"firewall-transparent-en-haute-disponibilite-avec-pfsense","status":"publish","type":"post","link":"https:\/\/hugues.lepesant.com\/2015\/11\/25\/firewall-transparent-en-haute-disponibilite-avec-pfsense\/","title":{"rendered":"Firewall transparent en haute-disponibilit\u00e9 avec PfSense"},"content":{"rendered":" pfSense est une distribution bas\u00e9e sur FreeBSD, qui permet de transformer n’importe quel PC x86 en firewall.<\/p>\n Je me suis mis en t\u00eate d’installer et de configurer deux serveurs Dell PowerEdge R200 avec chacun 8Go de RAM et 4 cartes r\u00e9seaux en firewall transparent redondant.<\/p>\n Ca doit ressembler \u00e0 \u00e7a.<\/p>\n \n\n<\/p>\n Dans ma configuration, et pour plus de claret\u00e9 les interfaces pfSense sont renomm\u00e9es:<\/p>\n L’avantage d’un firewall en mode transparent c’est qu’il permet de fournir un adressage public \u00e0 vos clients, mais il peut aussi s’intercaler dans un r\u00e9seau existant sans avoir \u00e0 renum\u00e9roter toutes les machines du client comme dans un NAT.<\/p>\n L’installation de pfSense est des plus simples \u00e0 partir de l’ISO (download here<\/a>).<\/p>\n Ensuite il faut proc\u00e9der par \u00e9tapes :<\/p>\n Op\u00e9ration r\u00e9alis\u00e9e \u00e0 travers la console une fois l’installation termin\u00e9e. Je ne configure que la patte « lan » pour acc\u00e9der \u00e0 l’interface d’administration.<\/p>\n pfSense est une firewall qui NAT. La configuration d’origine est faite en ce sens. Aller dans Firewall -> NAT -> Outbound<\/strong>, et cocher : Disable Outbound NAT rule generation (No Outbound NAT rules)<\/strong><\/p>\n <\/a><\/p>\n Interfaces -> (assign)<\/strong><\/p>\n Toutes les interfaces sont activ\u00e9es. Nous allons configurer CARP<\/a>. Pour que CARP est un r\u00f4le \u00e0 jouer dans notre plateforme cible, il faudra assigner une IP (VIP) \u00e0 l’interface CARP. Ce sera le seul objectif car nous ne nous servirons pas de cette IP. Dans une configuration en mode bridge ce seront les interfaces MGMT qui porteront cette VIP.<\/p>\n Firewall -> Virtual IP Addresses<\/strong><\/p>\n Cr\u00e9er une Virtual IP de type CARP, port\u00e9e par l’interface MGMT et qui aura une IP en \/32.<\/p>\n <\/a><\/p>\n <\/a><\/p>\n System: High Availability Sync<\/strong> ou cliquer sur « CARP Settings »<\/strong><\/p>\n State Synchronization Settings (pfsync)<\/strong><\/p>\nmkfs.fat -F32 \/dev\/sda1<\/code>
mkfs.ext4 \/dev\/sda2<\/code>
mkfs.ext4 \/dev\/sd<\/code>b1
mkswap \/dev\/sda3
swapon \/dev\/sda3<\/p>\n\n\n\nmount \/dev\/sda2 \/mnt<\/code>
mkdir \/mnt\/home<\/code>
mount \/dev\/sdb1 \/mnt\/home<\/p>\n\n\n\npacstrap -i \/mnt base<\/code> linux linux-headers<\/p>\n\n\n\n
genfstab -U -p \/mnt >> \/mnt\/etc\/fstab<\/code><\/p>\n\n\n\n
arch-chroot \/mnt<\/code><\/p>\n\n\n\n
ln -sf \/usr\/share\/zoneinfo\/Europe\/Paris \/etc\/localtime<\/code><\/p>\n\n\n\n
hwclock --systohc<\/code><\/p>\n\n\n\n
pacman -S grub efibootmgr dosfstools openssh os-prober mtools linux-headers linux-lts linux-lts-headers<\/code> vim iwd linux-firmware reflector dhclient<\/p>\n\n\n\n
sed -i 's\/#en_US.UTF-8\/en_US.UTF-8\/g' \/etc\/locale.gen<\/code>
sed -i 's\/#fr_FR.UTF-8\/fr_FR.UTF-8\/g' \/etc\/locale.gen<\/code>
locale-gen<\/p>\n\n\n\nsed -i 's\/#PermitRootLogin prohibit-password\/PermitRootLogin yes\/g' \/etc\/ssh\/sshd_config<\/code>
systemctl enable sshd.service<\/code>
passwd<\/code><\/p>\n\n\n\n
mkdir \/boot\/EFI<\/code>
mount \/dev\/sda1 \/boot\/EFI<\/code>
grub-install --target=x86_64-efi --bootloader-id=grub_uefi --recheck<\/code>
cp \/usr\/share\/locale\/en\\@quot\/LC_MESSAGES\/grub.mo \/boot\/grub\/locale\/en.mo<\/code>
grub-mkconfig -o \/boot\/grub\/grub.cfg<\/code><\/p>\n\n\n\n
umount -a
reboot<\/p>\n\n\n\n
En faite des VMs.
Pour monter le cluster je vais utiliser RKE de Rancher.
Pour les nodes du cluster, je veux partir sur CoreOS<\/a>.
L’installation des VMs se fait sans probl\u00e8me.<\/p>\n\n\n\nsudo coreos-installer install \/dev\/xvda \\
--ignition-url https:\/\/lepesant.com\/coreos.ign<\/pre>\n\n\n\n
Or je veux que mes nodes aient des IP fixes.
La configuration de l’interface enX0 est modifi\u00e9e \u00e0 l’aide de nmcli<\/a> :<\/p>\n\n\n\nsudo nmcli connection modify Wired\\ connection\\ 1 \\
ipv4.method manual \\
ipv4.gateway 192.168.0.254 \\
ipv4.dns 192.168.0.1 \\
ipv4.addresses 192.168.0.41<\/pre>\n\n\n\n
\nLe renouvellement est demand\u00e9 si l’expiration intervient dans les 10 jours (par d\u00e9faut).<\/p>\n\r\n#!\/bin\/sh\r\n\r\n#DEBUG=true\r\nDEBUG=false\r\n\r\nSSL_CHECK=\/usr\/bin\/ssl-cert-check\r\nCERBOT=\/usr\/bin\/certbot\r\nAWK=\/usr\/bin\/awk\r\n\r\nMIN_EXP=${1:-10}\r\nMUST_RENEW=false\r\n\r\n# Test and install ssl-cert-check if needed\r\nif [[ ! -f ${SSL_CHECK} ]]; then\r\n if ${DEBUG} ; then echo -e "\\e[93m INFO : Installing ssl-cert-check \\e[0m" ; fi\r\n\t\tapt-get -qq update\r\n apt-get -qq -y install ssl-cert-check\r\nfi\r\n\r\n# Test each cert.pem find in \/etc\/letsencrypt\r\nfor FOLDER in `find \/etc\/letsencrypt\/archive\/ -maxdepth 1 -mindepth 1 -type d`\r\ndo\r\n CERTIFICAT=${FOLDER##*\/}\r\n day_before_expiry=$(${SSL_CHECK} -b -c \/etc\/letsencrypt\/live\/${CERTIFICAT}\/cert.pem | ${AWK} '{print $NF}')\r\n\r\n if ${DEBUG} ; then echo "${CERTIFICAT} expire in ${day_before_expiry} days" ; fi\r\n\r\n if [[ "${MIN_EXP}" -gt "${day_before_expiry}" ]]\r\n then\r\n MUST_RENEW=true\r\n fi\r\ndone\r\n\r\n# Run certbot renew if at least one certificat is going to expire soon\r\nif ${MUST_RENEW} ; then\r\n if ${DEBUG} ; then\r\n echo -e "\\e[93m INFO : Renewing certificats in DRY RUN MODE \\e[0m"\r\n ${CERBOT} --nginx renew --dry-run\r\n exit 0\r\n fi\r\n\r\n ${CERBOT} --nginx renew\r\n service nginx restart\r\n exit 0\r\nfi\r\n\r\nif ${DEBUG} ; then echo -e "\\e[32m No need to renew \\e[0m" ; fi\r\n\r\nexit 0\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"
Installation d’Oracle Express sur une Debian 9<\/h1>\n
Installation de quelques d\u00e9pendances<\/h2>\n
\r\napt install unzip libaio1 bc initscripts net-tools openssl dnsutils alien\r\n<\/pre>\n
T\u00e9l\u00e9charger Oracle Database Express Edition 11g Release 2<\/h2>\n
D\u00e9compresser l’archive<\/h2>\n
\r\nunzip oracle-xe-11.2.0-1.0.x86_64.rpm.zip\r\n<\/pre>\n
Convertir le RPM en DEB<\/h2>\n
\r\nalien --scripts Disk1\/oracle-xe-11.2.0-1.0.x86_64.rpm\r\n<\/pre>\n
\nCeux-ci vont cr\u00e9er l’utilisateur et les r\u00e9pertoires n\u00e9cessaires au bon fonctionnement de l’application.<\/p>\nGruger le script d’install<\/h2>\n
\r\nfree() { echo "Swap: 2048 0 2048"; } && export -f free\r\n<\/pre>\n
Installer le paquet<\/h2>\n
\r\ndpkg -i oracle-xe_11.2.0-2_amd64.deb\r\n<\/pre>\n
Modifier le script \u00ab\u00a0\/etc\/init.d\/oracle-xe\u00a0\u00bb<\/h2>\n
\r\n--- oracle-xe\t2018-07-31 22:54:06.574880947 +0200\r\n+++ oracle-xe\t2018-07-31 22:54:44.948982205 +0200\r\n@@ -50,7 +50,7 @@\r\n if [ -z "$GREP" ]; then GREP=\/usr\/bin\/grep; fi\r\n if [ ! -f "$GREP" ]; then GREP=\/bin\/grep; fi\r\n if [ -z "$SED" ]; then SED=\/bin\/sed; fi\r\n-if [ -z "$AWK" ]; then AWK=\/bin\/awk; fi\r\n+if [ -z "$AWK" ]; then AWK=\/usr\/bin\/awk; fi\r\n if [ -z "$SU" ];then SU=\/bin\/su; fi\r\n \r\n export LC_ALL=C\r\n<\/pre>\n
Lancer la configuration<\/h2>\n
\r\n# \/etc\/init.d\/oracle-xe configure\r\n\r\nOracle Database 11g Express Edition Configuration\r\n-------------------------------------------------\r\nThis will configure on-boot properties of Oracle Database 11g Express \r\nEdition. The following questions will determine whether the database should \r\nbe starting upon system boot, the ports it will use, and the passwords that \r\nwill be used for database accounts. Press <Enter> to accept the defaults. \r\nCtrl-C will abort.\r\n\r\nSpecify the HTTP port that will be used for Oracle Application Express [8080]:\r\n\r\nSpecify a port that will be used for the database listener [1521]:\r\n\r\nSpecify a password to be used for database accounts. Note that the same\r\npassword will be used for SYS and SYSTEM. Oracle recommends the use of \r\ndifferent passwords for each database account. This can be done after \r\ninitial configuration:\r\nConfirm the password:\r\n\r\nDo you want Oracle Database 11g Express Edition to be started on boot (y\/n) [y]:\r\n\r\nStarting Oracle Net Listener...Done\r\nConfiguring database...Done\r\nStarting Oracle Database 11g Express Edition instance...Done\r\nInstallation completed successfully.\r\nroot@www:\/home\/hugues#\r\n<\/pre>\n
Unset de la fonction free<\/h2>\n
\r\nunset -f free\r\n<\/pre>\n
Setting de l\u2019environnement Oracle<\/h2>\n
\nHeureusement il y a deux scripts dans le r\u00e9pertoire \u00ab\u00a0\/u01\/app\/oracle\/product\/11.2.0\/xe\/bin\/\u00a0\u00bb :<\/p>\n\n
\r\n. \/u01\/app\/oracle\/product\/11.2.0\/xe\/bin\/oracle_env.sh\r\n<\/pre>\n
\r\nORACLE_SID=XE\r\nORACLE_HOME=\/u01\/app\/oracle\/product\/11.2.0\/xe\r\nPATH=\/u01\/app\/oracle\/product\/11.2.0\/xe\/bin:\/usr\/local\/bin:\/usr\/bin:\/bin:\/usr\/local\/games:\/usr\/games\r\n<\/pre>\n
\r\n$ sqlplus system@localhost\r\n\r\nSQL*Plus: Release 11.2.0.2.0 Production on Tue Jul 31 23:58:44 2018\r\n\r\nCopyright (c) 1982, 2011, Oracle. All rights reserved.\r\n\r\nEnter password: \r\n\r\nConnected to:\r\nOracle Database 11g Express Edition Release 11.2.0.2.0 - 64bit Production\r\n\r\nSQL> Disconnected from Oracle Database 11g Express Edition Release 11.2.0.2.0 - 64bit Production\r\n<\/pre>\n
\nEt enfin l’import d’un dump oracle dans notre instance XE.<\/p>\n","protected":false},"excerpt":{"rendered":"
\nIl m’apporte plus d’emmerde qu’il m’en solutionne.<\/p>\n\n
\nsystemctl list-units |grep <nom du service>
\nsystemctl disable <le service \u00e0 supprimer>
\nsystemctl daemon-reload
\nsystemctl list-units |grep redis
\n<\/code><\/p>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<\/a>Installation de Java8<\/h2>\n
\r\n\r\necho "deb http:\/\/ppa.launchpad.net\/webupd8team\/java\/ubuntu trusty main" | tee \/etc\/apt\/sources.list.d\/webupd8team-java.list\r\necho "deb-src http:\/\/ppa.launchpad.net\/webupd8team\/java\/ubuntu trusty main" | tee -a \/etc\/apt\/sources.list.d\/webupd8team-java.list\r\napt-key adv --keyserver hkp:\/\/keyserver.ubuntu.com:80 --recv-keys EEA14886\r\napt-get update\r\napt-get install oracle-java8-installer\r\napt-get install oracle-java8-set-default\r\njava -version\r\n<\/pre>\n
Installation de Solr 5.x<\/h2>\n
\r\nwget http:\/\/apache.crihan.fr\/dist\/lucene\/solr\/5.4.0\/solr-5.4.0.tgz\r\ntar xzf solr-5.4.0.tgz solr-5.4.0\/bin\/install_solr_service.sh --strip-components=2\r\nbash .\/install_solr_service.sh solr-5.4.0.tgz \r\n<\/pre>\n
Quelques modifications<\/h2>\n
\r\nservice solr status\r\nservice solr stop\r\nchown -R solr:solr \/var\/solr\r\nservice solr start\r\n<\/pre>\n
Cr\u00e9ation d’une Collection<\/h2>\n
\r\nsu - solr -c "\/opt\/solr\/bin\/solr create -c drupal"\r\n<\/pre>\n
Sources :<\/h2>\n
\n
\n
1. D\u00e9finitions de l’IP de l’interface « lan » de pfSense<\/h3>\n
\nOption 1 : attribution des cartes r\u00e9seaux
\nOption 2 : d\u00e9finition des IP des cartes r\u00e9seaux<\/p>\n2. Modification du comportement par d\u00e9faut<\/h3>\n
\nIl faut donc proc\u00e9der \u00e0 quelques modifications pour avoir un fonctionnement optimal en mode transparent.<\/p>\n3. Assignation et activation des autres cartes r\u00e9seaux<\/h3>\n
\nSeules les interfaces lan(MGMT) et opt1(SYNC) auront une adresse IP.
\nL’interface SYNC servira \u00e0 synchroniser les 2 firewalls.<\/p>\n4. Mise en place de la redondance<\/h3>\n
4.1. Cr\u00e9ation de l’adresse IP virtuelle<\/h4>\n
4.2. Configurer la synchronisation.<\/h4>\n