Différences

Ci-dessous, les différences entre deux révisions de la page.

--- recherche:cis-projets [21/02/2024 12:19] – mancuso
+++ recherche:cis-projets [12/03/2024 16:44] (Version actuelle) – [Logiciels installés post-installation] mancuso
@@ Ligne 10: / Ligne 10: @@
 * //Base de données//
-<code>cis-lab:~$ apt install nginx mariadb-server </code>
+<code>cis-lab:~ # apt install nginx mariadb-server </code>
+<code>cis-lab: ~  # systemctl start mariadb.service </code>
+<code>cis-lab:~ # systemctl enable mariadb.service
+Synchronizing state of mariadb.service with SysV service script with /lib/systemd/systemd-sysv-install.
+Executing: /lib/systemd/systemd-sysv-install enable mariadb </code>
+<code>cis-lab: ~  # mysql_secure_installation
+NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
+      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!
+In order to log into MariaDB to secure it, we'll need the current
+password for the root user. If you've just installed MariaDB, and
+haven't set the root password yet, you should just press enter here.
+Enter current password for root (enter for none):
+OK, successfully used password, moving on...
+Setting the root password or using the unix_socket ensures that nobody
+can log into the MariaDB root user without the proper authorisation.
+You already have your root account protected, so you can safely answer 'n'.
+Switch to unix_socket authentication [Y/n] n
+ ... skipping.
+You already have your root account protected, so you can safely answer 'n'.
+Change the root password? [Y/n] Y
+New password:
+Re-enter new password:
+Password updated successfully!
+Reloading privilege tables..
+ ... Success!
+By default, a MariaDB installation has an anonymous user, allowing anyone
+to log into MariaDB without having to have a user account created for
+them.  This is intended only for testing, and to make the installation
+go a bit smoother.  You should remove them before moving into a
+production environment.
+Remove anonymous users? [Y/n] Y
+ ... Success!
+Normally, root should only be allowed to connect from 'localhost'.  This
+ensures that someone cannot guess at the root password from the network.
+Disallow root login remotely? [Y/n] Y
+ ... Success!
+By default, MariaDB comes with a database named 'test' that anyone can
+access.  This is also intended only for testing, and should be removed
+before moving into a production environment.
+Remove test database and access to it? [Y/n] Y
+ - Dropping test database...
+ ... Success!
+ - Removing privileges on test database...
+ ... Success!
+Reloading the privilege tables will ensure that all changes made so far
+will take effect immediately.
+Reload privilege tables now? [Y/n] Y
+ ... Success!
+Cleaning up...
+All done!  If you've completed all of the above steps, your MariaDB
+installation should now be secure.
+Thanks for using MariaDB!
+</code>
 * //Contener Docker//
@@ Ligne 19: / Ligne 90: @@
 $ sudo apt-get update
 $ sudo apt-get install ca-certificates curl
-$ sudo install -m 0755 -d /etc/apt/keyrings
+# $ sudo install -m 0755 -d /etc/apt/keyrings #
 $ sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
 $ sudo chmod a+r /etc/apt/keyrings/docker.asc
@@ Ligne 43: / Ligne 114: @@
 <code>cis-lab:~$ apt install  inotify-tools </code>
+<code>root@cis-lab: ~  # useradd docker -g docker </code>
+* Mot de passe défini par Riviere.
+* création rep docker pour les fichiers compose et données registry
+<code>cis-lab: ~  # mkdir -p /opt/docker
+cis-lab: ~  # chown -R docker: /opt/docker/
+</code>
+* création rep docker pour fichiers statiques générés par les dockers.
+<code>cis-lab: ~  # mkdir -p /var/www/docker
+cis-lab: ~  # chown -R docker: /var/www/docker/ </code>
+<code>cis-lab: ~  #/etc/nginx  # mkdir -p sites-docker
+cis-lab: ~  #/etc/nginx  # chown -R docker: sites-docker/
+</code>
+* //editer nginx.conf pour configuration nginx lancé par les dockers //
+* //ajout ligne : include /etc/nginx/sites-docker/*; //