recipe_gentoo/README.md

# recipe_gentoo

Check system configuration for a gentoo machine (VM or PHYSICAL) based on GRIFON's architecture.
It's a Gentoo OS configuration recipe. This script normally doesn't modify anything on the system.

To use (with root user) : 
mv ./vars.example ./vars.sh
vim  ./vars.sh # Edit all values which will be used by the script
./recipe_gentoo.sh [--physical]

If you cannot execute the script, add the 'x' permission for the user (chmod u+x ./recipe_gentoo.sh).

Not finished, in progress....

TO DO :
- Check if borgbackup is configured (OK, need to be fully tested)
- Check if auto-update script is configured
- Portage configuration (for VM and Physical)
- Others (script design, documentation...)

Checked point :
- User is root to run the script
- Check requirements
- Installed packages
- Hostname configuration
- DNS configuration (resolve external name, configured nameserver, check if all IPs (scope global) are configured in DNS and check if the hostname has A and AAAA recods in DNS)
- Ping external machine for IPv4 and IPv6
- If Admin IPs are configured
- Services status
- SSH configuration (PasswordAuthentication no, PermitRootLogin no, and ListenAddress only on Admin LAN)
- NRPE basic configuration (allowed_hosts, nrpe_user and nrpe_group)
- MUNIN basic configuration (allow and port)
- SNMP basic config (agentAddress, rocommunity, trap2sink, informsink, sysLocation and sysContact)
- Mail alias configuration (root and operator mail alias configured)
- Check postfix config (inet_protocols, mail_owner)
- Add to check service if they are enabled
- Check if IPs (scope global) are recorded in IPAM
- Check if the selected Gentoo profile is the expected profile
- Print additional manuel verification (send reporting mail, if /etc conf file need to be updated, if a new kernel can be installed, if server-side for Icinga, SNMP and Munin are configured)
Initial commit 2019-03-24 15:56:17 +01:00			`# recipe_gentoo`

			`Check system configuration for a gentoo machine (VM or PHYSICAL) based on GRIFON's architecture.`
			`It's a Gentoo OS configuration recipe. This script normally doesn't modify anything on the system.`

Some updates, 2 new recipes.... 2019-06-15 17:15:10 +02:00			`To use (with root user) :`
			`mv ./vars.example ./vars.sh`
			`vim ./vars.sh # Edit all values which will be used by the script`
			`./recipe_gentoo.sh [--physical]`

			`If you cannot execute the script, add the 'x' permission for the user (chmod u+x ./recipe_gentoo.sh).`
Initial commit 2019-03-24 15:56:17 +01:00
			`Not finished, in progress....`

			`TO DO :`
Update Todolist 2019-06-01 17:34:39 +02:00			`- Check if borgbackup is configured (OK, need to be fully tested)`
Initial commit 2019-03-24 15:56:17 +01:00			`- Check if auto-update script is configured`
Minor updates 2019-03-30 16:37:21 +01:00			`- Portage configuration (for VM and Physical)`
Some updates, 2 new recipes.... 2019-06-15 17:15:10 +02:00			`- Others (script design, documentation...)`
Initial commit 2019-03-24 15:56:17 +01:00
			`Checked point :`
Update TODO list 2019-03-29 20:21:09 +01:00			`- User is root to run the script`
			`- Check requirements`
Initial commit 2019-03-24 15:56:17 +01:00			`- Installed packages`
			`- Hostname configuration`
Some updates, 2 new recipes.... 2019-06-15 17:15:10 +02:00			`- DNS configuration (resolve external name, configured nameserver, check if all IPs (scope global) are configured in DNS and check if the hostname has A and AAAA recods in DNS)`
Initial commit 2019-03-24 15:56:17 +01:00			`- Ping external machine for IPv4 and IPv6`
			`- If Admin IPs are configured`
			`- Services status`
			`- SSH configuration (PasswordAuthentication no, PermitRootLogin no, and ListenAddress only on Admin LAN)`
Modification : script design, lots of minor updates 2019-06-01 13:40:22 +02:00			`- NRPE basic configuration (allowed_hosts, nrpe_user and nrpe_group)`
			`- MUNIN basic configuration (allow and port)`
			`- SNMP basic config (agentAddress, rocommunity, trap2sink, informsink, sysLocation and sysContact)`
			`- Mail alias configuration (root and operator mail alias configured)`
			`- Check postfix config (inet_protocols, mail_owner)`
Add check configured protocol in postfix config 2019-03-31 18:32:28 +02:00			`- Add to check service if they are enabled`
Modification : script design, lots of minor updates 2019-06-01 13:40:22 +02:00			`- Check if IPs (scope global) are recorded in IPAM`
Some updates, 2 new recipes.... 2019-06-15 17:15:10 +02:00			`- Check if the selected Gentoo profile is the expected profile`
			`- Print additional manuel verification (send reporting mail, if /etc conf file need to be updated, if a new kernel can be installed, if server-side for Icinga, SNMP and Munin are configured)`