You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
nemo 3450cb61c4 Update README TODO list 11 月之前
recipes Update IPAM recipe 11 月之前
.gitignore add git ignore 11 月之前
LICENSE Initial commit 1 年之前
README.md Update README TODO list 11 月之前
recipe_gentoo.sh Active all recipes 11 月之前
vars.example Update package list to check 11 月之前

README.md

recipe_gentoo

Check system configuration for a Gentoo machine (VM or PHYSICAL) based on GRIFON's architecture.
It's a Gentoo OS configuration recipe.
This script normally doesn't modify anything on the system.

To use (with root user) :

mv ./vars.example ./vars.sh  
vim  ./vars.sh # Edit all values which will be used by the script  
./recipe_gentoo.sh [--physical]  

If you cannot execute the script, add the ‘x’ permission for the user

chmod u+x ./recipe_gentoo.sh

Not finished, in progress....

TO DO :

  • Check if host can join IPAM before test the API
  • Test the recipe check auto-backup (OK, not fully tested)
  • Others (script design, documentation...)

Checked points :

  • User is root to run the script
  • Check requirements
  • Installed packages
  • Hostname configuration
  • DNS configuration (resolve external name, configured nameserver, check if all IPs (scope global) are configured in DNS and check if the hostname has A and AAAA recods in DNS)
  • Ping external machine for IPv4 and IPv6
  • If Admin IPs are configured
  • Services status
  • SSH configuration (PasswordAuthentication no, PermitRootLogin no, and ListenAddress only on Admin LAN)
  • NRPE basic configuration (allowed_hosts, nrpe_user and nrpe_group)
  • MUNIN basic configuration (allow and port)
  • SNMP basic config (agentAddress, rocommunity, trap2sink, informsink, sysLocation and sysContact)
  • Mail alias configuration (root and operator mail alias configured)
  • Check postfix config (inet_protocols, mail_owner)
  • Add to check service if they are enabled
  • Check portage configuration (FEATURES, PORTAGE_BINHOST, ACCEPT_LICENSE, USE, CHOST, GRUB_PLATFORMS, CPU_FLAGS_X86 and if GENTOO_MIRRORS includes organization mirror)
  • Check if IPs (scope global) are recorded in IPAM
  • Check if the selected Gentoo profile is the expected profile
  • Check if auto-update script is configured (presence, executable and if cron task is configured)
  • Check if auto-backup script is configured (presence, executable, content, connection to remote service, if cron task is configured ...)
  • Print additional manual verifications (send reporting mail, if /etc conf file need to be updated, if a new kernel can be installed, if server-side for Icinga / SNMP / Munin are configured)