diff --git a/files/LocalSettings.php b/files/LocalSettings.php new file mode 100644 index 0000000..7c29ee0 --- /dev/null +++ b/files/LocalSettings.php @@ -0,0 +1,140 @@ + "$wgResourceBasePath/resources/assets/change-your-logo.svg", + 'icon' => "$wgResourceBasePath/resources/assets/change-your-logo-icon.svg", +]; + +## UPO means: this is also a user preference option + +$wgEnableEmail = true; +$wgEnableUserEmail = true; # UPO + +$wgEmergencyContact = ""; +$wgPasswordSender = ""; + +$wgEnotifUserTalk = false; # UPO +$wgEnotifWatchlist = false; # UPO +$wgEmailAuthentication = true; + +## Database settings +$wgDBtype = "mysql"; +$wgDBserver = "db"; +$wgDBname = "mediawiki"; +$wgDBuser = "wiki"; +$wgDBpassword = "WikiP@ssw0rd"; + +# MySQL specific settings +$wgDBprefix = ""; +$wgDBssl = false; + +# MySQL table options to use during installation or update +$wgDBTableOptions = "ENGINE=InnoDB, DEFAULT CHARSET=binary"; + +# Shared database table +# This has no effect unless $wgSharedDB is also set. +$wgSharedTables[] = "actor"; + +## Shared memory settings +$wgMainCacheType = CACHE_NONE; +$wgMemCachedServers = []; + +## To enable image uploads, make sure the 'images' directory +## is writable, then set this to true: +$wgEnableUploads = false; +$wgUseImageMagick = true; +$wgImageMagickConvertCommand = "/usr/bin/convert"; + +# InstantCommons allows wiki to use images from https://commons.wikimedia.org +$wgUseInstantCommons = false; + +# Periodically send a pingback to https://www.mediawiki.org/ with basic data +# about this MediaWiki instance. The Wikimedia Foundation shares this data +# with MediaWiki developers to help guide future development efforts. +$wgPingback = true; + +# Site language code, should be one of the list in ./includes/languages/data/Names.php +$wgLanguageCode = "ru"; + +# Time zone +$wgLocaltimezone = "UTC"; + +## Set $wgCacheDirectory to a writable directory on the web server +## to make your wiki go slightly faster. The directory should not +## be publicly accessible from the web. +#$wgCacheDirectory = "$IP/cache"; + +$wgSecretKey = "571c5d74d445adbeabea1bc685bada1f3242d49a0e64b728e3a7bde5e5462a2c"; + +# Changing this will log out all existing sessions. +$wgAuthenticationTokenVersion = "1"; + +# Site upgrade key. Must be set to a string (default provided) to turn on the +# web installer while LocalSettings.php is in place +$wgUpgradeKey = "022f9c3306e6a4d9"; + +## For attaching licensing metadata to pages, and displaying an +## appropriate copyright notice / icon. GNU Free Documentation +## License and Creative Commons licenses are supported so far. +$wgRightsPage = ""; # Set to the title of a wiki page that describes your license/copyright +$wgRightsUrl = ""; +$wgRightsText = ""; +$wgRightsIcon = ""; + +# Path to the GNU diff3 utility. Used for conflict resolution. +$wgDiff3 = "/usr/bin/diff3"; + +## Default skin: you can change the default skin. Use the internal symbolic +## names, e.g. 'vector' or 'monobook': +$wgDefaultSkin = "vector-2022"; + +# Enabled skins. +# The following skins were automatically enabled: +wfLoadSkin( 'MinervaNeue' ); +wfLoadSkin( 'MonoBook' ); +wfLoadSkin( 'Timeless' ); +wfLoadSkin( 'Vector' ); + + +# End of automatically generated settings. +# Add more configuration options below. + diff --git a/files/backup.yml b/files/backup.yml new file mode 100644 index 0000000..0360bfe --- /dev/null +++ b/files/backup.yml @@ -0,0 +1,41 @@ +--- +- name: Backup your router configuration HQ-RTR and BR-RTR + hosts: + - HQ-RTR + - BR-RTR + gather_facts: no + tasks: + + - name: Create local folder backup + ansible.builtin.file: + path: "/etc/ansible/NETWORK_INFO/{{ inventory_hostname }}/{{ item }}" + state: directory + loop: + - "frr" + delegate_to: localhost + + - name: Copy configuration FRR + ansible.builtin.fetch: + src: "/etc/frr/{{ item }}" + dest: "/etc/ansible/NETWORK_INFO/{{ inventory_hostname }}/frr/" + flat: yes + loop: + - "daemons" + - "frr.conf" + - "frr.conf.sav" + - "vtysh.conf" + become: yes + + - name: Copy saved rules nftables + ansible.builtin.fetch: + src: /etc/nftables.conf + dest: /etc/ansible/NETWORK_INFO/{{ inventory_hostname }}/nftalbes.conf + flat: yes + become: yes + + - name: Copy configuration network interfaces + ansible.builtin.fetch: + src: /etc/network/interfaces + dest: /etc/ansible/NETWORK_INFO/{{ inventory_hostname }}/interfaces + flat: yes + become: yes diff --git a/files/hosts.txt b/files/hosts.txt new file mode 100644 index 0000000..4dbfe9a --- /dev/null +++ b/files/hosts.txt @@ -0,0 +1,7 @@ +[hq] +HQ-SRV ansible_host=sshuser@hq-srv.au-team.irpo ansible_port=2024 +HQ-CLI ansible_host=hq-cli.au-team.irpo +HQ-RTR ansible_host=hq-rtr.au-team.irpo + +[br] +BR-RTR ansible_host=br-rtr.au-team.irpo diff --git a/files/import_users.sh b/files/import_users.sh new file mode 100644 index 0000000..ff1e3db --- /dev/null +++ b/files/import_users.sh @@ -0,0 +1,32 @@ +#!/bin/bash + +# Path to the CSV file +CSV_FILE="/opt/Users.csv" + +# Check if the CSV file exists +if [ ! -f "$CSV_FILE" ]; then + echo "File $CSV_FILE not found." + exit 1 +fi + +# Read the CSV file +while IFS=';' read -r fname lname role phone ou street zip city country password; do + # Skip the header + if [[ "$fname" == "First Name" ]]; then + continue + fi + + # Generate username + username=$(echo "${fname:0:1}${lname}" | tr '[:upper:]' '[:lower:]') + + # Create OU if it doesn't exist + sudo samba-tool ou create "OU=${ou},DC=AU-TEAM,DC=IRPO" --description="${ou} department" + + # Add user + echo "Adding user: $username in OU=$ou" + sudo samba-tool user add "$username" "$password" --given-name="$fname" --surname="$lname" \ + --job-title="$role" --telephone-number="$phone" \ + --userou="OU=$ou" +done < "$CSV_FILE" + +echo "✅ All users added!" \ No newline at end of file diff --git a/files/inventory.yml b/files/inventory.yml new file mode 100644 index 0000000..dbf10b3 --- /dev/null +++ b/files/inventory.yml @@ -0,0 +1,16 @@ +--- +- name: inventory of machines HQ-SRV and HQ-CLI + hosts: + - HQ-SRV + - HQ-CLI + gather_facts: yes + tasks: + - name: create a report with workplace information + delegate_to: localhost + copy: + dest: "/etc/ansible/PC_INFO/{{ ansible_hostname }}.yml" + content: | + --- + name pc: "{{ ansible_hostname }}" + ip-address pc: "{{ ansible_default_ipv4.address }}" + diff --git a/files/reverse-proxy.conf b/files/reverse-proxy.conf new file mode 100644 index 0000000..c5b8855 --- /dev/null +++ b/files/reverse-proxy.conf @@ -0,0 +1,26 @@ +#proxy moodle.au-team.irpo +server { + listen 80; + server_name moodle.au-team.irpo; + + location / { + proxy_pass http://moodle.au-team.irpo; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwrded-for $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } +} +#proxy wiki.au-team.irpo +server { + listen 8080; + server_name wiki.au-team.irpo; + + location / { + proxy_pass http://wiki.au-team.irpo; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwrded-for $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } +} diff --git a/files/wiki.yml b/files/wiki.yml new file mode 100644 index 0000000..2fc1aca --- /dev/null +++ b/files/wiki.yml @@ -0,0 +1,30 @@ +version: '3' +services: + MediaWiki: + container_name: wiki + image: mediawiki + restart: always + ports: + - 8080:80 + links: + - database + volumes: + - images:/var/www/html/images + - ./LocalSettings.php:/var/www/html/LocalSettings.php + + database: + container_name: db + image: mariadb + restart: always + environment: + MYSQL_DATABASE: mediawiki + MYSQL_USER: wiki + MYSQL_PASSWORD: WikiP@ssw0rd + MYSQL_RANDOM_ROOT_PASSWORD: 'yes' + volumes: + - dbvolume:/var/lib/mariadb + +volumes: + images: + dbvolume: + external: true