admin/demo2026-1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update notepad.txt

Browse Source
This commit is contained in:
shiraorie
2026-03-10 08:36:18 +05:00
parent bb43dcdb75
commit 7e0d902de8
1 changed files with 238 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

274
files/notepad.txt
View File

@@ -1,30 +1,38 @@
ÌÎÄÓËÜ 2 ÌÎÄÓËÜ 2
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
1)BR-SRV: 1)BR-SRV:
apt update && apt install -y samba* krb5* winbind smbclient && apt install -y ansible && apt install -y chrony && apt install -y curl && apt install -y dos2unix apt update && apt install -y samba* krb5* winbind smbclient && apt install -y ansible && apt install -y chrony && apt install -y curl && apt install -y dos2unix
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
2)HQ-CLI: 2)HQ-CLI:
apt-get update && apt-get remove -y alterator-datetime && apt-get install -y task-auth-ad-sssd && apt-get install -y admc && apt-get install -y openssh-server && apt-get install -y chrony && apt-get install -y yandex-browser-stable apt-get update && apt-get remove -y alterator-datetime && apt-get install -y task-auth-ad-sssd && apt-get install -y admc && apt-get install -y openssh-server && apt-get install -y chrony && apt-get install -y yandex-browser-stable
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
3)HQ-RTR: 3)HQ-RTR:
apt update && apt install -y curl && apt install -y dos2unix apt update && apt install -y curl && apt install -y dos2unix
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
4)ISP, BR-RTR è HQ-SRV: 4)ISP, BR-RTR è HQ-SRV:
apt update && apt install -y chrony && apt install -y curl && apt install -y dos2unix apt update && apt install -y chrony && apt install -y curl && apt install -y dos2unix
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
5)BR-SRV: 5)BR-SRV:
hostname && domainname au-team.irpo && rm -f /etc/samba/smb.conf && rm -rf /var/lib/samba/ && rm -rf /var/cache/samba/ && mkdir -p /var/lib/samba/sysvol && reboot hostname && domainname au-team.irpo && rm -f /etc/samba/smb.conf && rm -rf /var/lib/samba/ && rm -rf /var/cache/samba/ && mkdir -p /var/lib/samba/sysvol
reboot
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
6)BR-SRV: 6)BR-SRV:
@@ -34,6 +42,7 @@ reboot
samba-tool domain info 127.0.0.1 samba-tool domain info 127.0.0.1
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
7)HQ-CLI: 7)HQ-CLI:
@@ -47,6 +56,9 @@ id && klist && admc
nano /etc/sudoers nano /etc/sudoers
%hq ALL=(ALL) NOPASSWD: /bin/cat, /bin/grep, /usr/bin/id
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
8)HQ-SRV: 8)HQ-SRV:
@@ -64,51 +76,95 @@ sudo mkfs.ext4 /dev/md0
mkdir -p /raid0 mkdir -p /raid0
nano /etc/fstab
/dev/md0 /raid0 ext4 defaults 0 0
sudo mount -av && sudo df -h
apt-get update && apt-get install -y nfs-server cifs-utils apt-get update && apt-get install -y nfs-server cifs-utils
mkdir /raid0/nfs && chmod 777 /raid0/nfs mkdir /raid0/nfs && chmod 777 /raid0/nfs
nano /etc/exports
/raid0/nfs 192.168.10.0/28(rw,no_root_squash) /raid0/nfs 192.168.10.0/28(rw,no_root_squash)
sudo exportfs -arv
sudo update-initramfs -u
systemctl enable --now nfs-server
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
9)HQ-CLI: 9)HQ-CLI:
apt-get update && apt-get install -y nfs-utils nfs-clients
mkdir /mnt/nfs && chmod 777 /mnt/nfs
nano /etc/fstab
192.168.100.2:raid0/nfs /mnt/nfs nfs defaults 0 0 192.168.100.2:raid0/nfs /mnt/nfs nfs defaults 0 0
sudo mount -av && sudo df -h
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
10)CHRONY:ISP: 10)CHRONY:ISP:
apt update && apt install -y chrony
nano /etc/chrony/chrony.conf
server 127.0.0.1 iburst prefer server 127.0.0.1 iburst prefer
hwtimestamp hwtimestamp *
local stratum 5 local stratum 5
allow 0/0 allow 0/0
systemctl enable --now chrony && systemctl restart chrony systemctl enable --now chrony && systemctl restart chrony
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
11)CHRONY:BR-RTR, HQ-SRV è BR-SRV: 11)CHRONY:BR-RTR, HQ-SRV è BR-SRV:
apt update && apt install -y chrony
nano /etc/chrony/chrony.conf
server 172.16.1.1 iburst prefer server 172.16.1.1 iburst prefer
systemctl enable --now chrony && systemctl restart chrony systemctl enable --now chrony && systemctl restart chrony
chronyc sources
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
12)CHRONY:HQ-CLI: 12)CHRONY:HQ-CLI:
apt-get update && apt-get install -y chrony
nano /etc/chrony.conf nano /etc/chrony.conf
server 172.16.1.1 iburst prefer server 172.16.1.1 iburst prefer
systemctl enable --now chronyd && systemctl restart chronyd systemctl enable --now chronyd && systemctl restart chronyd
chronyc sources
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
13)CHRONY:ISP: 13)CHRONY:ISP:
chronyc clients chronyc clients
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
14)BR-SRV: 14)BR-SRV:
apt update && apt install -y ansible
mkdir -p /etc/ansible mkdir -p /etc/ansible
curl -o /etc/ansible/hosts https://raw.githubusercontent.com/shiraorie/demo2026-1/main/files/hosts.file && dos2unix /etc/ansible/hosts curl -o /etc/ansible/hosts https://raw.githubusercontent.com/shiraorie/demo2026-1/main/files/hosts.file && dos2unix /etc/ansible/hosts
@@ -117,6 +173,8 @@ nano /etc/ansible/hosts
ssh-keygen -t rsa -b 2048 ssh-keygen -t rsa -b 2048
!systemctl restart sshd íà HQ-CLI!
ssh-copy-id hq-rtr.au-team.irpo ssh-copy-id hq-rtr.au-team.irpo
ssh-copy-id br-rtr.au-team.irpo ssh-copy-id br-rtr.au-team.irpo
@@ -127,19 +185,25 @@ ssh-copy-id -p 2026 sshuser@hq-srv.au-team.irpo
ansible all -m ping ansible all -m ping
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
15)BR-SRV: 15)BR-SRV:
apt update && apt install -y docker.io docker-compose && systemctl enable --now docker.service && mount /dev/sr0 /mnt/ && docker load < /mnt/docker/site_latest.tar && docker load < /mnt/docker/mariadb_latest.tar && curl -o ~/compose.yaml https://raw.githubusercontent.com/shiraorie/demo2026-1/main/files/compose.yaml
Äàëåå íàñòðîéêà ïðîâîäèòñÿ íàïðÿìóþ íà BR-SRV apt update && apt install -y docker.io docker-compose && systemctl enable --now docker.service && mount /dev/sr0 /mnt/ && docker load < /mnt/docker/site_latest.tar && docker load < /mnt/docker/mariadb_latest.tar && docker image ls && curl -o ~/compose.yaml https://raw.githubusercontent.com/shiraorie/demo2026-1/main/files/compose.yaml
!Äàëåå íàñòðîéêà ïðîâîäèòñÿ íàïðÿìóþ íà BR-SRV!
HQ-CLI --> 192.168.200.2:8080
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
16)HQ-SRV: 16)HQ-SRV:
apt update && apt install -y apache* && apt install -y php php8.2 php-curl php-zip php-xml libapache2-mod-php php-mysql php-mbstring php-gd php-intl php-soap && apt install -y mariadb-* && systemctl enable --now mariadb && systemctl enable --now apache2 && mount /dev/sr0 /mnt/ && cp /mnt/web/index.php /var/www/html && cp /mnt/web/logo.png /var/www/html apt update && apt install -y apache* && apt install -y php php8.2 php-curl php-zip php-xml libapache2-mod-php php-mysql php-mbstring php-gd php-intl php-soap && apt install -y mariadb-* && systemctl enable --now mariadb && systemctl enable --now apache2 && mount /dev/sr0 /mnt/ && cp /mnt/web/index.php /var/www/html && cp /mnt/web/logo.png /var/www/html
Äàëåå íàñòðîéêà ïðîâîäèòñÿ íàïðÿìóþ íà HQ-SRV !Äàëåå íàñòðîéêà ïðîâîäèòñÿ íàïðÿìóþ íà HQ-SRV!
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
17)HQ-SRV:nano /var/www/html/index.php: 17)HQ-SRV:nano /var/www/html/index.php:
@@ -149,13 +213,19 @@ $username = "webc";
$password = "P@ssw0rd"; $password = "P@ssw0rd";
$dbname = "webdb"; $dbname = "webdb";
Äàëåå íàñòðîéêà ïðîâîäèòñÿ íàïðÿìóþ íà HQ-SRV !Äàëåå íàñòðîéêà ïðîâîäèòñÿ íàïðÿìóþ íà HQ-SRV!
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
18)HQ-SRV: 18)HQ-SRV:
mariadb u webc p D webdb < ~/dump.sql
rm /var/www/html/index.html && systemctl enable --now apache2 && systemctl restart apache2 rm /var/www/html/index.html && systemctl enable --now apache2 && systemctl restart apache2
HQ-CLI --> 192.168.100.2
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
19)NFTABLES:HQ-RTR: 19)NFTABLES:HQ-RTR:
@@ -165,6 +235,7 @@ nano /etc/nftables.conf
systemctl restart nftables && systemctl enable --now nftables && /etc/nftables.conf systemctl restart nftables && systemctl enable --now nftables && /etc/nftables.conf
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
20)NFTABLES:BR-RTR: 20)NFTABLES:BR-RTR:
@@ -174,6 +245,7 @@ nano /etc/nftables.conf
systemctl restart nftables && systemctl enable --now nftables && /etc/nftables.conf systemctl restart nftables && systemctl enable --now nftables && /etc/nftables.conf
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
21)ISP: 21)ISP:
@@ -185,35 +257,51 @@ ln -s /etc/nginx/sites-available/default /etc/nginx/sites-enabled/ && ln -s /etc
nginx -t && systemctl enable --now nginx nginx -t && systemctl enable --now nginx
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
22)HQ-CLI: 22)HQ-CLI:
nano /etc/hosts
172.16.1.1 web.au-team.irpo 172.16.1.1 web.au-team.irpo
172.16.2.1 docker.au-team.irpo 172.16.2.1 docker.au-team.irpo
192.168.100.2 hq-srv.au-team.irpo hq-srv 192.168.100.2 hq-srv.au-team.irpo hq-srv
http://web.au-team.irpo/
http://docker.au-team.irpo/
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
23)ISP: 23)ISP:
apt update && apt install -y apache2 apt update && apt install -y apache2
Äàëåå íàñòðîéêà ïðîâîäèòñÿ íàïðÿìóþ íà ISP !Äàëåå íàñòðîéêà ïðîâîäèòñÿ íàïðÿìóþ íà ISP!
nano /etc/nginx/sites-available/default
nginx -t && systemctl restart nginx nginx -t && systemctl restart nginx
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
24)BR-SRV: 24)BR-SRV:
cp /mnt/Users.csv /opt/ && curl -o /opt/import_users.sh https://raw.githubusercontent.com/shiraorie/demo2026-1/main/files/import_users.sh && dos2unix /opt/import_users.sh && ls /opt cp /mnt/Users.csv /opt/ && curl -o /opt/import_users.sh https://raw.githubusercontent.com/shiraorie/demo2026-1/main/files/import_users.sh && dos2unix /opt/import_users.sh && ls /opt
nano /opt/import_users.sh
chmod +x /opt/import_users.sh chmod +x /opt/import_users.sh
Èìïîðò ïîëüçîâàòåëåé ëó÷øå ïðîâîäèòü íàïðÿìóþ íà BR-SRV !Èìïîðò ïîëüçîâàòåëåé ëó÷øå ïðîâîäèòü íàïðÿìóþ íà BR-SRV!
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
25)HQ-SRV: 25)HQ-SRV:
apt update && apt install -y openssl ca-certificates && mkdir -p /etc/pki/CA/{private,certs,newcerts,crl} && touch /etc/pki/CA/index.txt && echo 1000 > /etc/pki/CA/serial && chmod 700 /etc/pki/CA/private apt update && apt install -y openssl ca-certificates
mkdir -p /etc/pki/CA/{private,certs,newcerts,crl} && touch /etc/pki/CA/index.txt && echo 1000 > /etc/pki/CA/serial && chmod 700 /etc/pki/CA/private
openssl req -x509 -new -nodes -keyout /etc/pki/CA/private/ca.key -out /etc/pki/CA/certs/ca.crt -days 3650 -sha256 -subj "/CN=AU-TEAM Root CA" && openssl genrsa -out /etc/pki/CA/private/web.au-team.irpo.key 2048 && openssl req -new -key /etc/pki/CA/private/web.au-team.irpo.key -out /etc/pki/CA/web.au-team.irpo.csr -subj "/CN=web.au-team.irpo" && openssl genrsa -out /etc/pki/CA/private/docker.au-team.irpo.key 2048 && openssl req -new -key /etc/pki/CA/private/docker.au-team.irpo.key -out /etc/pki/CA/docker.au-team.irpo.csr -subj "/CN=docker.au-team.irpo" openssl req -x509 -new -nodes -keyout /etc/pki/CA/private/ca.key -out /etc/pki/CA/certs/ca.crt -days 3650 -sha256 -subj "/CN=AU-TEAM Root CA" && openssl genrsa -out /etc/pki/CA/private/web.au-team.irpo.key 2048 && openssl req -new -key /etc/pki/CA/private/web.au-team.irpo.key -out /etc/pki/CA/web.au-team.irpo.csr -subj "/CN=web.au-team.irpo" && openssl genrsa -out /etc/pki/CA/private/docker.au-team.irpo.key 2048 && openssl req -new -key /etc/pki/CA/private/docker.au-team.irpo.key -out /etc/pki/CA/docker.au-team.irpo.csr -subj "/CN=docker.au-team.irpo"
@@ -223,17 +311,25 @@ nano /etc/ssl/openssl-ca.cnf
openssl ca -config /etc/ssl/openssl-ca.cnf -in /etc/pki/CA/web.au-team.irpo.csr -out /etc/pki/CA/certs/web.au-team.irpo.crt -extensions server_cert -days 30 -batch && openssl ca -config /etc/ssl/openssl-ca.cnf -in /etc/pki/CA/docker.au-team.irpo.csr -out /etc/pki/CA/certs/docker.au-team.irpo.crt -extensions server_cert -days 30 -batch openssl ca -config /etc/ssl/openssl-ca.cnf -in /etc/pki/CA/web.au-team.irpo.csr -out /etc/pki/CA/certs/web.au-team.irpo.crt -extensions server_cert -days 30 -batch && openssl ca -config /etc/ssl/openssl-ca.cnf -in /etc/pki/CA/docker.au-team.irpo.csr -out /etc/pki/CA/certs/docker.au-team.irpo.crt -extensions server_cert -days 30 -batch
Äàëåå íàñòðîéêà ïðîâîäèòñÿ íàïðÿìóþ íà HQ-SRV !Äàëåå íàñòðîéêà ïðîâîäèòñÿ íàïðÿìóþ íà HQ-SRV!
nano /etc/ssh/sshd_config
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
26)HQ-CLI: 26)HQ-CLI:
cp /mnt/nfs/ca.crt /etc/pki/ca-trust/source/anchors/ && update-ca-trust cp /mnt/nfs/ca.crt /etc/pki/ca-trust/source/anchors/ && update-ca-trust
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
27)ISP: 27)HQ-SRV:
nano /etc/ssh/sshd_config
systemctl restart sshd
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
28)ISP:
curl -o /etc/nginx/sites-available/default https://raw.githubusercontent.com/shiraorie/demo2026-1/main/files/reverse-proxy-ssl.conf curl -o /etc/nginx/sites-available/default https://raw.githubusercontent.com/shiraorie/demo2026-1/main/files/reverse-proxy-ssl.conf
@@ -243,10 +339,19 @@ scp -P 2026 root@172.16.1.2:/etc/pki/CA/certs/web.au-team.irpo.crt /etc/nginx/ss
chown root:root /etc/nginx/ssl/* && chmod 600 /etc/nginx/ssl/*.key && nginx -t && systemctl reload nginx chown root:root /etc/nginx/ssl/* && chmod 600 /etc/nginx/ssl/*.key && nginx -t && systemctl reload nginx
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
28)HQ-RTR: 29)HQ-CLI:
ÂÀÆÍÎ! Çàéòè íà HQ-SRV è ðàñêîìåíòèòü ñòðî÷êè ssh â ôàéëå - nano /etc/ssh/sshd_config è ïåðåçàãðóçèòü - systemctl restart sshd https://docker.au-team.irpo/
https://web.au-team.irpo/
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
30)HQ-RTR:
!ÂÀÆÍÎ! Çàéòè íà HQ-SRV è ðàñêîìåíòèòü ñòðî÷êè ssh â ôàéëå - nano /etc/ssh/sshd_config è ïåðåçàãðóçèòü - systemctl restart sshd!
apt update && apt install -y strongswan apt update && apt install -y strongswan
@@ -268,10 +373,13 @@ nano /etc/ipsec.secrets
nano /etc/strongswan.d/charon.conf nano /etc/strongswan.d/charon.conf
!"Ctrl" + "Shift" + "-" = 133!
ipsec restart ipsec restart
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
29)BR-RTR: 31)BR-RTR:
apt update && apt install -y strongswan apt update && apt install -y strongswan
@@ -293,19 +401,55 @@ nano /etc/ipsec.secrets
nano /etc/strongswan.d/charon.conf nano /etc/strongswan.d/charon.conf
!"Ctrl" + "Shift" + "-" = 133!
ipsec restart ipsec restart
apt update && apt install -y tcpdump && tcpdump -i ens18 -n -p esp apt update && apt install -y tcpdump
tcpdump -i ens18 -n -p esp
30)HQ-SRV: .............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
32)HQ-RTR:
ping 192.168.200.2
ipsec status
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
33)HQ-CLI:
ping 192.168.200.2
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
34)HQ-SRV:
apt update && apt install -y cups cups-pdf apt update && apt install -y cups cups-pdf
systemctl enable now cups && cupsctl --share-printers --remote-any && systemctl restart cups systemctl enable --now cups
sudo cupsctl --share-printers --remote-any
31)HQ-SRV: systemctl restart cups
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
35)HQ-CLI:
apt-get update && apt-get install -y cups system-config-printer
nano /etc/hosts
192.168.100.2 hq-srv.au-team.irpo hq-srv
http://192.168.100.2:631/printers/PDF
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
36)HQ-SRV:
apt update && apt install -y rsyslog apt update && apt install -y rsyslog
@@ -317,8 +461,9 @@ $template RemoteLogs, "/opt/%HOSTNAME%/rsyslog.txt"
systemctl enable rsyslog && systemctl restart rsyslog systemctl enable rsyslog && systemctl restart rsyslog
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
32)HQ-RTR: 37)HQ-RTR:
apt update && apt install -y rsyslog apt update && apt install -y rsyslog
@@ -332,8 +477,9 @@ module(load="imjournal")
systemctl restart rsyslog systemctl restart rsyslog
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
33)BR-RTR: 38)BR-RTR:
apt update && apt install -y rsyslog apt update && apt install -y rsyslog
@@ -347,8 +493,9 @@ module(load="imjournal")
systemctl restart rsyslog systemctl restart rsyslog
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
34)BR-SRV: 39)BR-SRV:
apt update && apt install -y rsyslog apt update && apt install -y rsyslog
@@ -360,18 +507,21 @@ module(load="imjournal")
systemctl enable rsyslog && systemctl restart rsyslog systemctl enable rsyslog && systemctl restart rsyslog
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
35)HQ-SRV: 40)HQ-SRV:
ls /opt/ ls /opt/
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
36)BR-SRV: 41)BR-SRV:
logger -p user.info “Test info” && logger -p user.warning “Test warning” && logger -p user.error “Test error” logger -p user.info “Test info” && logger -p user.warning “Test warning” && logger -p user.error “Test error”
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
37)HQ-SRV: 42)HQ-SRV:
sudo cat /opt/br-srv/rsyslog.txt sudo cat /opt/br-srv/rsyslog.txt
@@ -387,8 +537,9 @@ nano /etc/logrotate.d/rsyslog
rotate 4 rotate 4
} }
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
38)HQ-SRV: 43)HQ-SRV:
wget https://repo.zabbix.com/zabbix/7.4/release/debian/pool/main/z/zabbix-release/zabbix-release_7.4-0.2+debian12_all.deb wget https://repo.zabbix.com/zabbix/7.4/release/debian/pool/main/z/zabbix-release/zabbix-release_7.4-0.2+debian12_all.deb
@@ -396,21 +547,25 @@ sudo dpkg -i zabbix-release_7.4-0.2+debian12_all.deb
sudo apt update && sudo apt install -y zabbix-server-mysql zabbix-frontend-php zabbix-agent php php-mysql php-bcmath php-mbstring zabbix-sql-scripts zabbix-apache-conf mariadb-server sudo apt update && sudo apt install -y zabbix-server-mysql zabbix-frontend-php zabbix-agent php php-mysql php-bcmath php-mbstring zabbix-sql-scripts zabbix-apache-conf mariadb-server
Äàëåå íàñòðîéêà ïðîâîäèòñÿ íàïðÿìóþ íà HQ-SRV !Äàëåå íàñòðîéêà ïðîâîäèòñÿ íàïðÿìóþ íà HQ-SRV!
zcat /usr/share/zabbix/sql-scripts/mysql/server.sql.gz | sudo mysql -u zabbix -p zabbix zcat /usr/share/zabbix/sql-scripts/mysql/server.sql.gz | sudo mysql -u zabbix -p zabbix
sudo nano /etc/zabbix/zabbix_server.conf sudo nano /etc/zabbix/zabbix_server.conf
!"Ctrl" + "Shift" + "-" = 100, 116, 124!
sudo systemctl enable --now zabbix-server sudo systemctl enable --now zabbix-server
ln -s /usr/share/zabbix /var/www/html/mon ln -s /usr/share/zabbix /var/www/html/mon
sudo nano /etc/php/8.2/apache2/php.ini sudo nano /etc/php/8.2/apache2/php.ini
systemctl restart apache2 !"Ctrl" + "Shift" + "-" = 409, 419, 703!
!zabbix.conf íå äîñòóïåí äëÿ êîïèðîâàíèÿ ÷åðåç moodle.conf! curl -o /etc/apache2/sites-avaliable/zabbix.conf https://raw.githubusercontent.com/shiraorie/demo2026-1/main/files/zabbix.conf
systemctl restart apache2
nano /etc/apache2/sites-available/zabbix.conf nano /etc/apache2/sites-available/zabbix.conf
@@ -425,14 +580,15 @@ nano /etc/apache2/sites-available/zabbix.conf
</Directory> </Directory>
</VirtualHost> </VirtualHost>
rm -rf /etc/apache2/sites-available/000-default.conf sudo rm -rf /etc/apache2/sites-available/000-default.conf
ln -s /etc/apache2/sites-available/zabbix.conf /etc/apache2/sites-enabled/ ln -s /etc/apache2/sites-available/zabbix.conf /etc/apache2/sites-enabled/
sudo systemctl restart apache2 sudo systemctl restart apache2
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
39)HQ-SRV: 44)HQ-SRV:
!Ñòàðûå IP-àäðåñà web è docker ìåíÿþòñÿ íà íîâûå! !Ñòàðûå IP-àäðåñà web è docker ìåíÿþòñÿ íà íîâûå!
@@ -445,6 +601,12 @@ cname=mon.au-team.irpo,hq-srv.au-team.irpo
systemctl restart dnsmasq systemctl restart dnsmasq
HQ-CLI --> http://mon.au-team.irpo/zabbix
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
45)BR-SRV:
wget https://repo.zabbix.com/zabbix/7.4/release/debian/pool/main/z/zabbix-release/zabbix-release_7.4-0.2+debian12_all.deb wget https://repo.zabbix.com/zabbix/7.4/release/debian/pool/main/z/zabbix-release/zabbix-release_7.4-0.2+debian12_all.deb
sudo dpkg -i zabbix-release_7.4-0.2+debian12_all.deb sudo dpkg -i zabbix-release_7.4-0.2+debian12_all.deb
@@ -453,14 +615,47 @@ sudo apt update && apt install -y zabbix-agent
nano /etc/zabbix/zabbix_agentd.conf nano /etc/zabbix/zabbix_agentd.conf
!"Ctrl" + "Shift" + "-" = 117 - Server=192.168.100.2!
!"Ctrl" + "Shift" + "-" = 173 - ServerActive=192.168.100.2!
!"Ctrl" + "Shift" + "-" = 184 - Hostname=br-srv
systemctl restart zabbix-agent.service systemctl restart zabbix-agent.service
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
40)BR-SRV: 46)HQ-CLI:
Monitoring --> Hosts --> Create host
Host name=br-srv
Templates=Linux by Zabbix agent
Host groups=Linux servers, Zabbix servers
Add --> Agent --> IP address=192.168.200.2, DNS name=br-srv.au-team.irpo
Add
Dashboards --> Edit dashboard --> +Add
Type=Graph
host patterns --> Select --> Host group=Zabbix servers --> br-srv --> Select
item patterns --> Select --> Host=br-srv --> Available memory in %, Free swap space, Load average (1m avg) --> Select
Add
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
47)BR-SRV:
mkdir /etc/ansible/PC_INFO mkdir /etc/ansible/PC_INFO
curl -o /etc/ansible/inventory.yml https://raw.githubusercontent.com/shiraorie/dewmo2026-1/main/files/inventory.yml && dos2unix /etc/ansible/inventory.yml curl -o /etc/ansible/inventory.yml https://raw.githubusercontent.com/shiraorie/demo2026-1/main/files/inventory.yml && dos2unix /etc/ansible/inventory.yml
nano /etc/ansible/inventory.yml nano /etc/ansible/inventory.yml
@@ -472,8 +667,9 @@ cat /etc/ansible/PC_INFO/hq-cli.yml
cat /etc/ansible/PC_INFO/hq-srv.yml cat /etc/ansible/PC_INFO/hq-srv.yml
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
41)BR-SRV: 48)BR-SRV:
mkdir /etc/ansible/NETWORK_INFO mkdir /etc/ansible/NETWORK_INFO
@@ -481,13 +677,15 @@ curl -o /etc/ansible/backup.yml https://raw.githubusercontent.com/shiraorie/demo
nano /etc/ansible/backup.yml nano /etc/ansible/backup.yml
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
42)HQ-RTR è BR-RTR: 49)HQ-RTR è BR-RTR:
apt update && apt install -y sudo apt update && apt install -y sudo
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
43)BR-SRV: 50)BR-SRV:
ansible-playbook /etc/ansible/backup.yml ansible-playbook /etc/ansible/backup.yml
@@ -498,3 +696,5 @@ ls -la /etc/ansible/NETWORK_INFO/HQ-RTR
ls -la /etc/ansible/NETWORK_INFO/BR-RTR ls -la /etc/ansible/NETWORK_INFO/BR-RTR
cat /etc/ansible/NETWORK_INFO/HQ-RTR/interfaces cat /etc/ansible/NETWORK_INFO/HQ-RTR/interfaces
.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................