nemo/recipe_gentoo
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
No description
45 commits 1 branch 0 tags 924 KiB
Find a file
Exact
nemo 3450cb61c4 Update README TODO list
2019-06-29 12:45:09 +02:00
recipes Update IPAM recipe 2019-06-29 12:30:40 +02:00
.gitignore add git ignore 2019-06-29 12:32:53 +02:00
LICENSE Initial commit 2019-03-24 15:56:17 +01:00
README.md Update README TODO list 2019-06-29 12:45:09 +02:00
recipe_gentoo.sh Active all recipes 2019-06-29 12:34:38 +02:00
vars.example Update package list to check 2019-06-29 11:45:41 +02:00

README.md

recipe_gentoo

Check system configuration for a Gentoo machine (VM or PHYSICAL) based on GRIFON's architecture.
It's a Gentoo OS configuration recipe.
This script normally doesn't modify anything on the system.

To use (with root user) :

mv ./vars.example ./vars.sh  
vim  ./vars.sh # Edit all values which will be used by the script  
./recipe_gentoo.sh [--physical]

If you cannot execute the script, add the 'x' permission for the user

chmod u+x ./recipe_gentoo.sh

Not finished, in progress....

TO DO :

  • Check if host can join IPAM before test the API
  • Test the recipe check auto-backup (OK, not fully tested)
  • Others (script design, documentation...)

Checked points :

  • User is root to run the script
  • Check requirements
  • Installed packages
  • Hostname configuration
  • DNS configuration (resolve external name, configured nameserver, check if all IPs (scope global) are configured in DNS and check if the hostname has A and AAAA recods in DNS)
  • Ping external machine for IPv4 and IPv6
  • If Admin IPs are configured
  • Services status
  • SSH configuration (PasswordAuthentication no, PermitRootLogin no, and ListenAddress only on Admin LAN)
  • NRPE basic configuration (allowed_hosts, nrpe_user and nrpe_group)
  • MUNIN basic configuration (allow and port)
  • SNMP basic config (agentAddress, rocommunity, trap2sink, informsink, sysLocation and sysContact)
  • Mail alias configuration (root and operator mail alias configured)
  • Check postfix config (inet_protocols, mail_owner)
  • Add to check service if they are enabled
  • Check portage configuration (FEATURES, PORTAGE_BINHOST, ACCEPT_LICENSE, USE, CHOST, GRUB_PLATFORMS, CPU_FLAGS_X86 and if GENTOO_MIRRORS includes organization mirror)
  • Check if IPs (scope global) are recorded in IPAM
  • Check if the selected Gentoo profile is the expected profile
  • Check if auto-update script is configured (presence, executable and if cron task is configured)
  • Check if auto-backup script is configured (presence, executable, content, connection to remote service, if cron task is configured ...)
  • Print additional manual verifications (send reporting mail, if /etc conf file need to be updated, if a new kernel can be installed, if server-side for Icinga / SNMP / Munin are configured)