yann/yannstatic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2206546b76
yannstatic/static/2020/04/03/Machine-virtuelle-(Qemu-KVM)-yunohost-sur-srvxo-(hoteserveur.tld).html

2862 lines
229 KiB
HTML
Raw Normal View History

first commit
2024-10-31 20:18:37 +01:00
<!DOCTYPE html><html lang="fr">
<head><meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no"><title>KVM/QEMU - Virtualisation vmserveur.tld yunohost sur srvxo hoteserveur.tld - YannStatic</title>
<meta name="description" content="Virtualisation linux KVM/QEMU">
<link rel="canonical" href="https://static.rnmkcy.eu/2020/04/03/Machine-virtuelle-(Qemu-KVM)-yunohost-sur-srvxo-(hoteserveur.tld).html"><link rel="alternate" type="application/rss+xml" title="YannStatic" href="/feed.xml">
<!-- - include head/favicon.html - -->
<link rel="shortcut icon" type="image/png" href="/assets/favicon/favicon.png"><link rel="stylesheet" href="/assets/css/main.css"><link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.0.13/css/all.css" ><!-- start custom head snippets --><link rel="stylesheet" href="/assets/css/expand.css">
<!-- end custom head snippets --><script>(function() {
window.isArray = function(val) {
return Object.prototype.toString.call(val) === '[object Array]';
};
window.isString = function(val) {
return typeof val === 'string';
};
window.hasEvent = function(event) {
return 'on'.concat(event) in window.document;
};
window.isOverallScroller = function(node) {
return node === document.documentElement || node === document.body || node === window;
};
window.isFormElement = function(node) {
var tagName = node.tagName;
return tagName === 'INPUT' || tagName === 'SELECT' || tagName === 'TEXTAREA';
};
window.pageLoad = (function () {
var loaded = false, cbs = [];
window.addEventListener('load', function () {
var i;
loaded = true;
if (cbs.length > 0) {
for (i = 0; i < cbs.length; i++) {
cbs[i]();
}
}
});
return {
then: function(cb) {
cb && (loaded ? cb() : (cbs.push(cb)));
}
};
})();
})();
(function() {
window.throttle = function(func, wait) {
var args, result, thisArg, timeoutId, lastCalled = 0;
function trailingCall() {
lastCalled = new Date;
timeoutId = null;
result = func.apply(thisArg, args);
}
return function() {
var now = new Date,
remaining = wait - (now - lastCalled);
args = arguments;
thisArg = this;
if (remaining <= 0) {
clearTimeout(timeoutId);
timeoutId = null;
lastCalled = now;
result = func.apply(thisArg, args);
} else if (!timeoutId) {
timeoutId = setTimeout(trailingCall, remaining);
}
return result;
};
};
})();
(function() {
var Set = (function() {
var add = function(item) {
var i, data = this._data;
for (i = 0; i < data.length; i++) {
if (data[i] === item) {
return;
}
}
this.size ++;
data.push(item);
return data;
};
var Set = function(data) {
this.size = 0;
this._data = [];
var i;
if (data.length > 0) {
for (i = 0; i < data.length; i++) {
add.call(this, data[i]);
}
}
};
Set.prototype.add = add;
Set.prototype.get = function(index) { return this._data[index]; };
Set.prototype.has = function(item) {
var i, data = this._data;
for (i = 0; i < data.length; i++) {
if (this.get(i) === item) {
return true;
}
}
return false;
};
Set.prototype.is = function(map) {
if (map._data.length !== this._data.length) { return false; }
var i, j, flag, tData = this._data, mData = map._data;
for (i = 0; i < tData.length; i++) {
for (flag = false, j = 0; j < mData.length; j++) {
if (tData[i] === mData[j]) {
flag = true;
break;
}
}
if (!flag) { return false; }
}
return true;
};
Set.prototype.values = function() {
return this._data;
};
return Set;
})();
window.Lazyload = (function(doc) {
var queue = {js: [], css: []}, sources = {js: {}, css: {}}, context = this;
var createNode = function(name, attrs) {
var node = doc.createElement(name), attr;
for (attr in attrs) {
if (attrs.hasOwnProperty(attr)) {
node.setAttribute(attr, attrs[attr]);
}
}
return node;
};
var end = function(type, url) {
var s, q, qi, cbs, i, j, cur, val, flag;
if (type === 'js' || type ==='css') {
s = sources[type], q = queue[type];
s[url] = true;
for (i = 0; i < q.length; i++) {
cur = q[i];
if (cur.urls.has(url)) {
qi = cur, val = qi.urls.values();
qi && (cbs = qi.callbacks);
for (flag = true, j = 0; j < val.length; j++) {
cur = val[j];
if (!s[cur]) {
flag = false;
}
}
if (flag && cbs && cbs.length > 0) {
for (j = 0; j < cbs.length; j++) {
cbs[j].call(context);
}
qi.load = true;
}
}
}
}
};
var load = function(type, urls, callback) {
var s, q, qi, node, i, cur,
_urls = typeof urls === 'string' ? new Set([urls]) : new Set(urls), val, url;
if (type === 'js' || type ==='css') {
s = sources[type], q = queue[type];
for (i = 0; i < q.length; i++) {
cur = q[i];
if (_urls.is(cur.urls)) {
qi = cur;
break;
}
}
val = _urls.values();
if (qi) {
callback && (qi.load || qi.callbacks.push(callback));
callback && (qi.load && callback());
} else {
q.push({
urls: _urls,
callbacks: callback ? [callback] : [],
load: false
});
for (i = 0; i < val.length; i++) {
node = null, url = val[i];
if (s[url] === undefined) {
(type === 'js' ) && (node = createNode('script', { src: url }));
(type === 'css') && (node = createNode('link', { rel: 'stylesheet', href: url }));
if (node) {
node.onload = (function(type, url) {
return function() {
end(type, url);
};
})(type, url);
(doc.head || doc.body).appendChild(node);
s[url] = false;
}
}
}
}
}
};
return {
js: function(url, callback) {
load('js', url, callback);
},
css: function(url, callback) {
load('css', url, callback);
}
};
})(this.document);
})();
</script><script>
(function() {
var TEXT_VARIABLES = {
version: '2.2.6',
sources: {
font_awesome: 'https://use.fontawesome.com/releases/v5.0.13/css/all.css',
jquery: '/assets/js/jquery.min.js',
leancloud_js_sdk: '//cdn.jsdelivr.net/npm/leancloud-storage@3.13.2/dist/av-min.js',
chart: 'https://cdn.bootcss.com/Chart.js/2.7.2/Chart.bundle.min.js',
gitalk: {
js: 'https://cdn.bootcss.com/gitalk/1.2.2/gitalk.min.js',
css: 'https://cdn.bootcss.com/gitalk/1.2.2/gitalk.min.css'
},
valine: 'https://unpkg.com/valine/dist/Valine.min.js'
},
site: {
toc: {
selectors: 'h1,h2,h3'
}
},
paths: {
search_js: '/assets/search.js'
}
};
window.TEXT_VARIABLES = TEXT_VARIABLES;
})();
</script>
</head>
<body>
<div class="root" data-is-touch="false">
<div class="layout--page js-page-root"><!----><div class="page__main js-page-main page__viewport hide-footer has-aside has-aside cell cell--auto">
<div class="page__main-inner"><div class="page__header d-print-none"><header class="header"><div class="main">
<div class="header__title">
<div class="header__brand"><svg id="svg" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="400" height="478.9473684210526" viewBox="0, 0, 400,478.9473684210526"><g id="svgg"><path id="path0" d="M308.400 56.805 C 306.970 56.966,303.280 57.385,300.200 57.738 C 290.906 58.803,278.299 59.676,269.200 59.887 L 260.600 60.085 259.400 61.171 C 258.010 62.428,256.198 63.600,255.645 63.600 C 255.070 63.600,252.887 65.897,252.598 66.806 C 252.460 67.243,252.206 67.600,252.034 67.600 C 251.397 67.600,247.206 71.509,247.202 72.107 C 247.201 72.275,246.390 73.190,245.400 74.138 C 243.961 75.517,243.598 76.137,243.592 77.231 C 243.579 79.293,241.785 83.966,240.470 85.364 C 239.176 86.740,238.522 88.365,237.991 91.521 C 237.631 93.665,236.114 97.200,235.554 97.200 C 234.938 97.200,232.737 102.354,232.450 104.472 C 232.158 106.625,230.879 109.226,229.535 110.400 C 228.933 110.926,228.171 113.162,226.434 119.500 C 226.178 120.435,225.795 121.200,225.584 121.200 C 225.373 121.200,225.200 121.476,225.200 121.813 C 225.200 122.149,224.885 122.541,224.500 122.683 C 223.606 123.013,223.214 123.593,223.204 124.600 C 223.183 126.555,220.763 132.911,219.410 134.562 C 218.443 135.742,217.876 136.956,217.599 138.440 C 217.041 141.424,215.177 146.434,214.532 146.681 C 214.240 146.794,214.000 147.055,214.000 147.261 C 214.000 147.467,213.550 148.086,213.000 148.636 C 212.450 149.186,212.000 149.893,212.000 150.208 C 212.000 151.386,208.441 154.450,207.597 153.998 C 206.319 153.315,204.913 150.379,204.633 147.811 C 204.365 145.357,202.848 142.147,201.759 141.729 C 200.967 141.425,199.200 137.451,199.200 135.974 C 199.200 134.629,198.435 133.224,196.660 131.311 C 195.363 129.913,194.572 128.123,193.870 125.000 C 193.623 123.900,193.236 122.793,193.010 122.540 C 190.863 120.133,190.147 118.880,188.978 115.481 C 188.100 112.928,187.151 111.003,186.254 109.955 C 185.358 108.908,184.518 107.204,183.847 105.073 C 183.280 103.273,182.497 101.329,182.108 100.753 C 181.719 100.177,180.904 98.997,180.298 98.131 C 179.693 97.265,178.939 95.576,178.624 94.378 C 178.041 92.159,177.125 90.326,175.023 87.168 C 174.375 86.196,173.619 84.539,173.342 83.486 C 172.800 81.429,171.529 79.567,170.131 78.785 C 169.654 78.517,168.697 77.511,168.006 76.549 C 167.316 75.587,166.594 74.800,166.402 74.800 C 166.210 74.800,164.869 73.633,163.421 72.206 C 160.103 68.936,161.107 69.109,146.550 69.301 C 133.437 69.474,128.581 70.162,126.618 72.124 C 126.248 72.495,125.462 72.904,124.872 73.033 C 124.282 73.163,123.088 73.536,122.219 73.863 C 121.349 74.191,119.028 74.638,117.061 74.858 C 113.514 75.254,109.970 76.350,108.782 77.419 C 107.652 78.436,100.146 80.400,97.388 80.400 C 95.775 80.400,93.167 81.360,91.200 82.679 C 90.430 83.195,89.113 83.804,88.274 84.031 C 85.875 84.681,78.799 90.910,74.400 96.243 L 73.400 97.456 73.455 106.028 C 73.526 117.055,74.527 121.238,77.820 124.263 C 78.919 125.273,80.400 127.902,80.400 128.842 C 80.400 129.202,81.075 130.256,81.900 131.186 C 83.563 133.059,85.497 136.346,86.039 138.216 C 86.233 138.886,87.203 140.207,88.196 141.153 C 89.188 142.098,90.000 143.104,90.000 143.388 C 90.000 144.337,92.129 148.594,92.869 149.123 C 93.271 149.410,93.600 149.831,93.600 150.059 C 93.600 150.286,93.932 150.771,94.337 151.136 C 94.743 151.501,95.598 153.004,96.237 154.475 C 96.877 155.947,97.760 157.351,98.200 157.596 C 98.640 157.841,99.900 159.943,101.000 162.267 C 102.207 164.817,103.327 166.644,103.825 166.876 C 104.278 167.087,105.065 168.101,105.573 169.130 C 107.658 173.348,108.097 174.093,110.006 176.647 C 111.103 178.114,112.000 179.725,112.000 180.227 C 112.000 181.048,113.425 183.163,114.678 184.200 C 115.295 184.711,117.396 188.733,117.720 190.022 C 117.855 190.562,118.603 191.633,119.381 192.402 C 120.160 193.171,121.496 195.258,122.351 197.039 C 123.206 198.820,124.167 200.378,124.487 200.501 C 124.807 200.624,125.953 202.496,127.034 204.662 C 128.114 206.828,129.676 209.299,130.505 210.153 C 131.333 211.007,132.124 212.177,132.262 212.753 C 132.618 214.239,134.291 217.048,136.288 219.5
" href="/">YannStatic</a></div><!--<button class="button button--secondary button--circle search-button js-search-toggle"><i class="fas fa-search"></i></button>--><!-- <li><button class="button button--secondary button--circle search-button js-search-toggle"><i class="fas fa-search"></i></button></li> -->
<!-- Champ de recherche -->
<div id="searchbox" class="search search--dark" style="visibility: visible">
<div class="main">
<div class="search__header"></div>
<div class="search-bar">
<div class="search-box js-search-box">
<div class="search-box__icon-search"><i class="fas fa-search"></i></div>
<input id="search-input" type="text" />
<!-- <div class="search-box__icon-clear js-icon-clear">
<a><i class="fas fa-times"></i></a>
</div> -->
</div>
</div>
</div>
</div>
<!-- Script pointing to search-script.js -->
<script>/*!
* Simple-Jekyll-Search
* Copyright 2015-2020, Christian Fei
* Licensed under the MIT License.
*/
(function(){
'use strict'
var _$Templater_7 = {
compile: compile,
setOptions: setOptions
}
const options = {}
options.pattern = /\{(.*?)\}/g
options.template = ''
options.middleware = function () {}
function setOptions (_options) {
options.pattern = _options.pattern || options.pattern
options.template = _options.template || options.template
if (typeof _options.middleware === 'function') {
options.middleware = _options.middleware
}
}
function compile (data) {
return options.template.replace(options.pattern, function (match, prop) {
const value = options.middleware(prop, data[prop], options.template)
if (typeof value !== 'undefined') {
return value
}
return data[prop] || match
})
}
'use strict';
function fuzzysearch (needle, haystack) {
var tlen = haystack.length;
var qlen = needle.length;
if (qlen > tlen) {
return false;
}
if (qlen === tlen) {
return needle === haystack;
}
outer: for (var i = 0, j = 0; i < qlen; i++) {
var nch = needle.charCodeAt(i);
while (j < tlen) {
if (haystack.charCodeAt(j++) === nch) {
continue outer;
}
}
return false;
}
return true;
}
var _$fuzzysearch_1 = fuzzysearch;
'use strict'
/* removed: const _$fuzzysearch_1 = require('fuzzysearch') */;
var _$FuzzySearchStrategy_5 = new FuzzySearchStrategy()
function FuzzySearchStrategy () {
this.matches = function (string, crit) {
return _$fuzzysearch_1(crit.toLowerCase(), string.toLowerCase())
}
}
'use strict'
var _$LiteralSearchStrategy_6 = new LiteralSearchStrategy()
function LiteralSearchStrategy () {
this.matches = function (str, crit) {
if (!str) return false
str = str.trim().toLowerCase()
crit = crit.trim().toLowerCase()
return crit.split(' ').filter(function (word) {
return str.indexOf(word) >= 0
}).length === crit.split(' ').length
}
}
'use strict'
var _$Repository_4 = {
put: put,
clear: clear,
search: search,
setOptions: __setOptions_4
}
/* removed: const _$FuzzySearchStrategy_5 = require('./SearchStrategies/FuzzySearchStrategy') */;
/* removed: const _$LiteralSearchStrategy_6 = require('./SearchStrategies/LiteralSearchStrategy') */;
function NoSort () {
return 0
}
const data = []
let opt = {}
opt.fuzzy = false
opt.limit = 10
opt.searchStrategy = opt.fuzzy ? _$FuzzySearchStrategy_5 : _$LiteralSearchStrategy_6
opt.sort = NoSort
opt.exclude = []
function put (data) {
if (isObject(data)) {
return addObject(data)
}
if (isArray(data)) {
return addArray(data)
}
return undefined
}
function clear () {
data.length = 0
return data
}
function isObject (obj) {
return Boolean(obj) && Object.prototype.toString.call(obj) === '[object Object]'
}
function isArray (obj) {
return Boolean(obj) && Object.prototype.toString.call(obj) === '[object Array]'
}
function addObject (_data) {
data.push(_data)
return data
}
function addArray (_data) {
const added = []
clear()
for (let i = 0, len = _data.length; i < len; i++) {
if (isObject(_data[i])) {
added.push(addObject(_data[i]))
}
}
return added
}
function search (crit) {
if (!crit) {
return []
}
return findMatches(data, crit, opt.searchStrategy, opt).sort(opt.sort)
}
function __setOptions_4 (_opt) {
opt = _opt || {}
opt.fuzzy = _opt.fuzzy || false
opt.limit = _opt.limit || 10
opt.searchStrategy = _opt.fuzzy ? _$FuzzySearchStrategy_5 : _$LiteralSearchStrategy_6
opt.sort = _opt.sort || NoSort
opt.exclude = _opt.exclude || []
}
function findMatches (data, crit, strategy, opt) {
const matches = []
for (let i = 0; i < data.length && matches.length < opt.limit; i++) {
const match = findMatchesInObject(data[i], crit, strategy, opt)
if (match) {
matches.push(match)
}
}
return matches
}
function findMatchesInObject (obj, crit, strategy, opt) {
for (const key in obj) {
if (!isExcluded(obj[key], opt.exclude) && strategy.matches(obj[key], crit)) {
return obj
}
}
}
function isExcluded (term, excludedTerms) {
for (let i = 0, len = excludedTerms.length; i < len; i++) {
const excludedTerm = excludedTerms[i]
if (new RegExp(excludedTerm).test(term)) {
return true
}
}
return false
}
/* globals ActiveXObject:false */
'use strict'
var _$JSONLoader_2 = {
load: load
}
function load (location, callback) {
const xhr = getXHR()
xhr.open('GET', location, true)
xhr.onreadystatechange = createStateChangeListener(xhr, callback)
xhr.send()
}
function createStateChangeListener (xhr, callback) {
return function () {
if (xhr.readyState === 4 && xhr.status === 200) {
try {
callback(null, JSON.parse(xhr.responseText))
} catch (err) {
callback(err, null)
}
}
}
}
function getXHR () {
return window.XMLHttpRequest ? new window.XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP')
}
'use strict'
var _$OptionsValidator_3 = function OptionsValidator (params) {
if (!validateParams(params)) {
throw new Error('-- OptionsValidator: required options missing')
}
if (!(this instanceof OptionsValidator)) {
return new OptionsValidator(params)
}
const requiredOptions = params.required
this.getRequiredOptions = function () {
return requiredOptions
}
this.validate = function (parameters) {
const errors = []
requiredOptions.forEach(function (requiredOptionName) {
if (typeof parameters[requiredOptionName] === 'undefined') {
errors.push(requiredOptionName)
}
})
return errors
}
function validateParams (params) {
if (!params) {
return false
}
return typeof params.required !== 'undefined' && params.required instanceof Array
}
}
'use strict'
var _$utils_9 = {
merge: merge,
isJSON: isJSON
}
function merge (defaultParams, mergeParams) {
const mergedOptions = {}
for (const option in defaultParams) {
mergedOptions[option] = defaultParams[option]
if (typeof mergeParams[option] !== 'undefined') {
mergedOptions[option] = mergeParams[option]
}
}
return mergedOptions
}
function isJSON (json) {
try {
if (json instanceof Object && JSON.parse(JSON.stringify(json))) {
return true
}
return false
} catch (err) {
return false
}
}
var _$src_8 = {};
(function (window) {
'use strict'
let options = {
searchInput: null,
resultsContainer: null,
json: [],
success: Function.prototype,
searchResultTemplate: '<li><a href="{url}" title="{desc}">{title}</a></li>',
templateMiddleware: Function.prototype,
sortMiddleware: function () {
return 0
},
noResultsText: 'No results found',
limit: 10,
fuzzy: false,
debounceTime: null,
exclude: []
}
let debounceTimerHandle
const debounce = function (func, delayMillis) {
if (delayMillis) {
clearTimeout(debounceTimerHandle)
debounceTimerHandle = setTimeout(func, delayMillis)
} else {
func.call()
}
}
const requiredOptions = ['searchInput', 'resultsContainer', 'json']
/* removed: const _$Templater_7 = require('./Templater') */;
/* removed: const _$Repository_4 = require('./Repository') */;
/* removed: const _$JSONLoader_2 = require('./JSONLoader') */;
const optionsValidator = _$OptionsValidator_3({
required: requiredOptions
})
/* removed: const _$utils_9 = require('./utils') */;
window.SimpleJekyllSearch = function (_options) {
const errors = optionsValidator.validate(_options)
if (errors.length > 0) {
throwError('You must specify the following required options: ' + requiredOptions)
}
options = _$utils_9.merge(options, _options)
_$Templater_7.setOptions({
template: options.searchResultTemplate,
middleware: options.templateMiddleware
})
_$Repository_4.setOptions({
fuzzy: options.fuzzy,
limit: options.limit,
sort: options.sortMiddleware,
exclude: options.exclude
})
if (_$utils_9.isJSON(options.json)) {
initWithJSON(options.json)
} else {
initWithURL(options.json)
}
const rv = {
search: search
}
typeof options.success === 'function' && options.success.call(rv)
return rv
}
function initWithJSON (json) {
_$Repository_4.put(json)
registerInput()
}
function initWithURL (url) {
_$JSONLoader_2.load(url, function (err, json) {
if (err) {
throwError('failed to get JSON (' + url + ')')
}
initWithJSON(json)
})
}
function emptyResultsContainer () {
options.resultsContainer.innerHTML = ''
}
function appendToResultsContainer (text) {
options.resultsContainer.innerHTML += text
}
function registerInput () {
options.searchInput.addEventListener('input', function (e) {
if (isWhitelistedKey(e.which)) {
emptyResultsContainer()
debounce(function () { search(e.target.value) }, options.debounceTime)
}
})
}
function search (query) {
if (isValidQuery(query)) {
emptyResultsContainer()
render(_$Repository_4.search(query), query)
}
}
function render (results, query) {
const len = results.length
if (len === 0) {
return appendToResultsContainer(options.noResultsText)
}
for (let i = 0; i < len; i++) {
results[i].query = query
appendToResultsContainer(_$Templater_7.compile(results[i]))
}
}
function isValidQuery (query) {
return query && query.length > 0
}
function isWhitelistedKey (key) {
return [13, 16, 20, 37, 38, 39, 40, 91].indexOf(key) === -1
}
function throwError (message) {
throw new Error('SimpleJekyllSearch --- ' + message)
}
})(window)
}());
</script>
<!-- Configuration -->
<script>
SimpleJekyllSearch({
searchInput: document.getElementById('search-input'),
resultsContainer: document.getElementById('results-container'),
json: '/search.json',
//searchResultTemplate: '<li><a href="https://static.rnmkcy.eu{url}">{date}&nbsp;{title}</a></li>'
searchResultTemplate: '<li><a href="{url}">{date}&nbsp;{title}</a></li>'
})
</script>
<!-- Fin déclaration champ de recherche --></div><nav class="navigation">
<ul><li class="navigation__item"><a href="/archive.html">Etiquettes</a></li><li class="navigation__item"><a href="/htmldoc.html">Documents</a></li><li class="navigation__item"><a href="/liens_ttrss.html">Liens</a></li><li class="navigation__item"><a href="/aide-jekyll-text-theme.html">Aide</a></li></ul>
</nav></div>
</header>
</div><div class="page__content"><div class ="main"><div class="grid grid--reverse">
<div class="col-main cell cell--auto"><!-- start custom main top snippet --><div id="results-container" class="search-result js-search-result"></div><!-- end custom main top snippet -->
<article itemscope itemtype="http://schema.org/Article"><div class="article__header"><header><h1 style="color:Tomato;">KVM/QEMU - Virtualisation vmserveur.tld yunohost sur srvxo hoteserveur.tld</h1></header></div><meta itemprop="headline" content="KVM/QEMU - Virtualisation vmserveur.tld yunohost sur srvxo hoteserveur.tld"><div class="article__info clearfix"><ul class="left-col menu"><li>
<a class="button button--secondary button--pill button--sm"
href="/archive.html?tag=virtuel">virtuel</a>
</li></ul><ul class="right-col menu"><li>
<i class="far fa-calendar-alt"></i>&nbsp;<span title="Création" style="color:#FF00FF">&nbsp;3&nbsp;avr.&nbsp;&nbsp;2020</span></li></ul></div><meta itemprop="datePublished" content="2020-04-03T00:00:00+02:00">
<meta itemprop="keywords" content="virtuel"><div class="js-article-content">
<div class="layout--article"><!-- start custom article top snippet -->
<style>
#myBtn {
display: none;
position: fixed;
bottom: 10px;
right: 10px;
z-index: 99;
font-size: 12px;
font-weight: bold;
border: none;
outline: none;
background-color: white;
color: black;
cursor: pointer;
padding: 5px;
border-radius: 4px;
}
#myBtn:hover {
background-color: #555;
}
</style>
<button onclick="topFunction()" id="myBtn" title="Haut de page">&#8679;</button>
<script>
//Get the button
var mybutton = document.getElementById("myBtn");
// When the user scrolls down 20px from the top of the document, show the button
window.onscroll = function() {scrollFunction()};
function scrollFunction() {
if (document.body.scrollTop > 20 || document.documentElement.scrollTop > 20) {
mybutton.style.display = "block";
} else {
mybutton.style.display = "none";
}
}
// When the user clicks on the button, scroll to the top of the document
function topFunction() {
document.body.scrollTop = 0;
document.documentElement.scrollTop = 0;
}
</script>
<!-- end custom article top snippet -->
<div class="article__content" itemprop="articleBody"><details>
<summary><b>Afficher/cacher Sommaire</b></summary>
<!-- affichage sommaire -->
<div class="toc-aside js-toc-root"></div>
</details><h1 id="virtualisation-linux-kvmqemu">Virtualisation linux KVM/QEMU</h1>
<p><img src="/images/kvm-logo.png" alt="KVM" width="80" /> <img src="/images/qemulogo.png" alt="Qemu" /></p>
<ul>
<li><a href="https://computingforgeeks.com/how-to-install-kvm-virtualization-on-debian/">How To Install KVM Hypervisor on Debian 10 (Buster)</a></li>
<li><a href="https://linuxhint.com/install_kvm_debian_10/">Installing KVM on Debian 10</a></li>
<li><a href="https://wiki.libvirt.org/page/VirtualNetworking">VirtualNetworking (libvirt virsh)</a></li>
<li><a href="https://wiki.archlinux.fr/Qemu">Qemu (archlinux)</a></li>
<li><a href="https://chrtophe.developpez.com/tutoriels/gestion-reseau-machine-virtuelle/#L4-2-2">La Gestion réseau dans une machine virtuelle</a></li>
</ul>
<h2 id="prérequis">Prérequis</h2>
<ul>
<li><u>Poste linux</u> avec tous les utilitaires graphiques QEMU/KVM
<ul>
<li>Voir <a href="/2019/08/15/KVM-QEMU-virtualisation-linux-Virtual-Machine-Manager-VMM-virsh-montage-disque-VDI.html">KVM/QEMU (virtualisation linux),Virtual Machine Manager (VMM),virsh , montage disque VDI,etc…</a></li>
</ul>
</li>
<li><u>Serveur hoteserveur.tld</u> sur lequel les vm vont être lancées
<ul>
<li>Voir <a href="404.html">Serveur srvxo Debian10 hoteserveur.tld</a></li>
</ul>
</li>
<li>
<font color="red">**A MODIFIER SUIVANT VOTRE CONFIGURATION**</font>
<ul>
<li>Adresses IP publiques et domaines
<ul>
<li>IP Publique Box IPV4 : <font color="red">**79.45.252.154**</font></li>
<li>IP Publique Box IPV6 : <font color="red">**2bef:a51:ced9:fc3::**</font></li>
<li>Serveur hôte : <font color="red">**hoteserveur.tld**</font></li>
<li>Virtual Machine : <font color="red">**vmserveur.tld**</font></li>
</ul>
</li>
</ul>
</li>
</ul>
<h2 id="1---terminal-serveur">1 - Terminal serveur</h2>
<h3 id="kvm-supporté-par-le-cpu-">KVM supporté par le CPU ?</h3>
<p>Exécutez la commande <em>egrep</em> suivante pour vérifier que <strong>Intel VMX</strong> ou <strong>AMD SVM</strong> est supporté sur votre CPU</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>egrep --color 'vmx|svm' /proc/cpuinfo
</code></pre></div></div>
<p>vmx (Intel) ou svm (Amd) doit apparaître dune autre couleur dans le résultat</p>
<h3 id="installer-kvmqemu-sur-le-serveur">Installer KVM/QEMU sur le serveur</h3>
<p>Serveur hoteserveur.tld (srvxo 192.168.0.45)</p>
<p>On utilise ssh pour se connecter au serveur<br />
Installation, exécuter la commande suivante</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo apt install qemu-kvm libvirt-clients libvirt-daemon-system bridge-utils libguestfs-tools genisoimage virtinst libosinfo-bin
</code></pre></div></div>
<p>Chargez et activez le module vhost_net</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo modprobe vhost_net
lsmod | grep vhost
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>vhost_net 24576 0
tun 49152 1 vhost_net
vhost 49152 1 vhost_net
tap 28672 1 vhost_net
</code></pre></div></div>
<p>Vérifier si le service <strong>libvirtd</strong> est lancé et activé (enabled)</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo systemctl status libvirtd
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>● libvirtd.service - Virtualization daemon
Loaded: loaded (/lib/systemd/system/libvirtd.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2019-12-12 11:28:02 CET; 2 days ago
Docs: man:libvirtd(8)
https://libvirt.org
Main PID: 759 (libvirtd)
Tasks: 17 (limit: 32768)
Memory: 34.7M
CGroup: /system.slice/libvirtd.service
└─759 /usr/sbin/libvirtd
déc. 12 11:28:00 hoteserveur.tld systemd[1]: Starting Virtualization daemon...
déc. 12 11:28:02 hoteserveur.tld systemd[1]: Started Virtualization daemon.
</code></pre></div></div>
<h3 id="ajout-utilisateur-au-groupe-libvirt">Ajout utilisateur au groupe libvirt</h3>
<p>Si vous voulez que lutilisateur normal/régulier puisse gérer les machines virtuelles. Ajouter lutilisateur $USER à libvirt et libvirt-qemu en utilisant la commande <em>usermod</em></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo adduser $USER libvirt
sudo adduser $USER libvirt-qemu
</code></pre></div></div>
<p>Recharger ladhésion à un groupe avec laide de la commande <em>newgrp</em></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>newgrp libvirt
newgrp libvirt-qemu
</code></pre></div></div>
<p>Vérifiez votre appartenance à un groupe à laide de la commande <em>id</em></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>$ id
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>gid=64055(libvirt-qemu) groupes=64055(libvirt-qemu),118(libvirt)
</code></pre></div></div>
<p>Veuillez noter que vous devez utiliser une des commandes suivantes pour vous connecter au serveur KVM</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>virsh --connect qemu:///system
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Welcome to virsh, the virtualization interactive terminal.
Type: 'help' for help with commands
'quit' to quit
virsh #
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>virsh --connect qemu:///system list --all # avec la commande list par exemple
</code></pre></div></div>
<h3 id="réseau-par-défaut">Réseau par défaut</h3>
<p>Il nest pas actif</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo virsh net-list --all
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> Name State Autostart Persistent
----------------------------------------------
default inactive no yes
</code></pre></div></div>
<p>Editer et modifier la configuration par défaut</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo virsh net-edit default
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>&lt;network&gt;
&lt;name&gt;default&lt;/name&gt;
&lt;uuid&gt;81e35158-b288-46bb-9536-53b0f97d1748&lt;/uuid&gt;
&lt;forward mode='nat'/&gt;
&lt;bridge name='virbr0' stp='on' delay='0'/&gt;
&lt;mac address='52:54:00:06:87:ba'/&gt;
&lt;ip address='192.168.55.1' netmask='255.255.255.0'&gt;
&lt;dhcp&gt;
&lt;range start='192.168.55.2' end='192.168.55.10'/&gt;
&lt;/dhcp&gt;
&lt;/ip&gt;
&lt;/network&gt;
</code></pre></div></div>
<p>Avant la création dune machine virtuelle, le réseau doit être actif</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo virsh net-start default # virsh net-autostart default
</code></pre></div></div>
<p>Configurer le réseau pour un lancement au démarrage du serveur</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo virsh net-autostart default # Network default marked as autostarted
</code></pre></div></div>
<p>Vérifications</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo virsh net-list --all
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> Name State Autostart Persistent
--------------------------------------------
default active yes yes
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ip a
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>[...]
3: virbr0: &lt;NO-CARRIER,BROADCAST,MULTICAST,UP&gt; mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 52:54:00:06:87:ba brd ff:ff:ff:ff:ff:ff
inet 192.168.55.1/24 brd 192.168.55.255 scope global virbr0
valid_lft forever preferred_lft forever
4: virbr0-nic: &lt;BROADCAST,MULTICAST&gt; mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
link/ether 52:54:00:06:87:ba brd ff:ff:ff:ff:ff:ff
</code></pre></div></div>
<p>Arrêt du réseau</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo virsh net-destroy default # Network default destroyed
</code></pre></div></div>
<p>Pas de lancement au démarrage</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo virsh net-autostart default --disable # Network default unmarked as autostarted
</code></pre></div></div>
<h3 id="création-machine-virtuelle-yunohost">Création machine virtuelle “yunohost”</h3>
<p>Image iso <strong>yunohost-stretch-3.6.4.6-amd64-stable.iso</strong> dans le dossier <strong>/srv/data/virtuel/iso/</strong></p>
<p>Virtuel <strong>yunouest</strong><br />
Linux Debian 9<br />
Ram 4 Go
Disque 12 Go SSD /srv/data/virtuel/vm/yunouest.img<br />
cdrom /srv/data/virtuel/iso/yunohost-stretch-3.6.4.6-amd64-stable.iso<br />
boot cdrom,hd</p>
<p>Ouvrir un terminal en mode su sur hoteserveur.tld copier/coller ce qui suit puis entrée</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo virt-install --name yunouest \
--os-type linux \
--os-variant debian9 \
--ram=4096 \
--disk /srv/data/virtuel/vm/yunouest.img,device=disk,bus=virtio,size=12,format=qcow2 \
--graphics vnc,listen=0.0.0.0 \
--noautoconsole \
--hvm \
--cdrom /srv/data/virtuel/iso/yunohost-stretch-3.6.4.6-amd64-stable.iso \
--boot cdrom,hd
</code></pre></div></div>
<h2 id="2---poste-linux">2 - Poste linux</h2>
<h3 id="poursuite-installation-yunohost-via-vncssh">Poursuite installation “yunohost” via VNC/SSH</h3>
<p>Après quelques minutes , on poursuit linstallation</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> ssh -p 55035 -i /home/yannick/.ssh/vbox-srvbust-ed25519 -L 55444:localhost:5900 -N -f -l xoyi 192.168.0.45
vncviewer localhost:55444
</code></pre></div></div>
<p><img src="/images/yunouest001.png" alt="" width="600" /><br />
Lancement installation</p>
<h3 id="virtual-manager">Virtual Manager</h3>
<p>Saisir <strong>Alt F2</strong> sur poste client linux , puis saisir:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>virt-manager -c 'qemu+ssh://xoyi@192.168.0.45:55035/system?keyfile=/home/yannick/.ssh/vbox-srvbust-ed25519'
</code></pre></div></div>
<p><img src="/images/ynh0001.png" alt="" width="400" /> <br />
Démarrer la machine</p>
<p><img src="/images/ynh0002bis.png" alt="" width="600" /> <br />
Démarrage de la machine virtuelle au démarrage de lhôte</p>
<p><img src="/images/ynh0002.png" alt="" width="600" /> <br />
Mettre le disque dur en premier au boot
Arrêter puis redémarrer la machine</p>
<h3 id="connexion-vncssh">Connexion VNC/SSH</h3>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> ssh -p 55035 -i /home/yannick/.ssh/vbox-srvbust-ed25519 -L 55444:localhost:5900 -N -f -l xoyi 192.168.0.45
vncviewer localhost:55444
</code></pre></div></div>
<p><img src="/images/ynh0003.png" alt="ynh0001" width="600" /> <br />
Lancer la <strong>post-installation</strong><br />
domaine : <strong>vmserveur.tld</strong><br />
Mot de passe <strong>admin</strong> : *****</p>
<p>Après reboot , relever ladresses ip : 192.168.55.9</p>
<p>NE PAS OUBLIER de tuer la tâche après fermeture du “viewer” VNC</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>kill $(pidof -s ssh)
</code></pre></div></div>
<h2 id="3---terminal-serveur">3 - Terminal serveur</h2>
<h3 id="connexion-ssh-avec-clés-entre-le-serveur-hoteserveurtld-et-la-vm-yunohost">Connexion SSH (avec clés) entre le serveur hoteserveur.tld et la vm “yunohost”</h3>
<p>Depuis le terminal hoteserveur.tld , on se connecte SSH sur la VM 192.168.55.9</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh admin@192.168.55.9
</code></pre></div></div>
<p><img src="/images/ssh_logo1.png" alt="OpenSSH" width="50px" /><strong>connexion avec clé</strong></p>
<p><u>**hoteserveur.tld**</u><br />
Générer une paire de clé curve25519-sha256 (ECDH avec Curve25519 et SHA2) nommé <strong>vm-ouestline</strong> pour une liaison SSH avec le serveur KVM.</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh-keygen -t ed25519 -o -a 100 -f ~/.ssh/vm-ouestline
</code></pre></div></div>
<p>Envoyer la clé publique sur la VM</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>scp ~/.ssh/vm-ouestline.pub admin@192.168.55.9:/home/admin/
</code></pre></div></div>
<p><u>**VM 192.168.55.9 (vmserveur.tld)**</u><br />
On se connecte</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh admin@192.168.55.9
</code></pre></div></div>
<p>Copier le contenu de la clé publique dans /home/$USER/.ssh/authorized_keys</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>cd ~
</code></pre></div></div>
<p>Sur le KVM ,créer un dossier .ssh</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>mkdir .ssh
cat /home/$USER/vm-ouestline.pub &gt;&gt; /home/$USER/.ssh/authorized_keys
</code></pre></div></div>
<p>et donner les droits</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>chmod 600 /home/$USER/.ssh/authorized_keys
</code></pre></div></div>
<p>effacer le fichier de la clé</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>rm /home/$USER/vm-ouestline.pub
</code></pre></div></div>
<p>Modifier la configuration serveur SSH</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo nano /etc/ssh/sshd_config
</code></pre></div></div>
<p>Modifier</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>#Port = 22 # si changement de port, oter le commentaire (#)
PermitRootLogin no
PasswordAuthentication no
</code></pre></div></div>
<p><u>session SSH ne se termine pas correctement lors d'un "reboot" à distance</u><br />
Si vous tentez de <strong>redémarrer/éteindre</strong> une machine distance par <strong>ssh</strong>, vous pourriez constater que votre session ne se termine pas correctement, vous laissant avec un terminal inactif jusquà lexpiration dun long délai dinactivité. Il existe un bogue 751636 à ce sujet. Pour linstant, la solution de contournement à ce problème est dinstaller :</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> sudo apt install libpam-systemd
</code></pre></div></div>
<p>cela terminera la session ssh avant que le réseau ne tombe.<br />
Veuillez noter quil est nécessaire que PAM soit activé dans sshd.</p>
<p><strong>UNIQUEMENT si changement de port</strong>
Ouvrir le port 55040 et fermer le port 22</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo yunohost firewall allow TCP 55040
sudo yunohost firewall disallow TCP 22
</code></pre></div></div>
<p>Relancer openSSH</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo systemctl restart sshd
</code></pre></div></div>
<p><u>**hoteserveur.tld**</u><br />
Accès depuis srvxo (192.168.0.45) avec la clé privée</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh -i ~/.ssh/vm-ouestline admin@192.168.55.9
</code></pre></div></div>
<h2 id="4---poste-linux">4 - Poste linux</h2>
<h3 id="connexion-ssh-entre-le-poste-linux-et-la-vm-yunohost--via-proxy-serveur-hoteserveurtld">Connexion ssh entre le “Poste linux” et la vm “yunohost via proxy serveur hoteserveur.tld</h3>
<p><a href="/files/html/Perform multiple SSH hops with SSH config and a jump host.html">Effectuer plusieurs sauts SSH avec la configuration SSH et un hôte de saut-Lien HS</a></p>
<p><img src="/images/vm-yuno01.png" alt="" width="700" /> <br />
<strong>Poste client linux &gt; Bastion (hoteserveur.tld 192.168.0.45) &gt; VM vmserveur.tld 192.168.55.9</strong></p>
<p><strong>Poste client</strong><br />
1- Il faut copier la clé privée daccès au VM depuis hoteserveur.tld (~/.ssh/vm-ouestline) dans le dossier <strong>~/.ssh/</strong> du poste client avec un autre nom ( vm-proxy-ouestline)</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>cat &gt;&gt; ~/.ssh/vm-proxy-ouestline
</code></pre></div></div>
<p>Copier/coller le contenu du fichier du fichier de clé privée (fichier ~/.ssh/vm-ouestline de la machine hoteserveur.tld ) dans ce terminal, et presser [Ctrl]+[D] pour valider.</p>
<p>Modifier les droits</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>chmod 600 ~/.ssh/vm-proxy-ouestline
</code></pre></div></div>
<p>2- Modifier ou créer la configuration SSH <strong>~/.ssh/config</strong> du poste client (PC1 , Portable,etc…)</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Host bastion
Hostname hoteserveur.tld
User xoyi
IdentityFile ~/.ssh/vbox-srvbust-ed25519
Port 55035
Host vmyuno
Hostname 192.168.55.9
User admin
IdentityFile ~/.ssh/vm-proxy-ouestline
ProxyCommand ssh bastion -W %h:%p
</code></pre></div></div>
<p>La connexion du poste client vers la vm se fera via le proxy bastion (xoxize.xyz) avec la commande suivante :</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sshm vmyuno
</code></pre></div></div>
<p>La ligne de commande pour un proxy ssh</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>---------------- ------------------ -------------------
| Poste client | | Proxy SSH | | Destinataire |
| Linux |&lt;--------&gt;| hoteserveur.tld|&lt;---------&gt;| vm vmserveur.tld|
| | | 192.168.0.45 | | 192.168.55.9 |
---------------- ------------------ -------------------
</code></pre></div></div>
<p>Syntaxe</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh -o ProxyCommand="ssh -W %h:%p userprox@proxy.tld" userdest@destinataire.tld
</code></pre></div></div>
<p>La commande complète avec les clés</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh -o ProxyCommand="ssh -W %h:%p -p 55035 -i /home/yannick/.ssh/vbox-srvbust-ed25519 xoyi@192.168.0.45" -i /home/yannick/.ssh/vm-proxy-ouestline admin@192.168.55.9
</code></pre></div></div>
<h3 id="vmm-virtual-machine-manager-gestion-graphique-des-vm">VMM (Virtual Machine Manager, gestion graphique des vm)</h3>
<p>Ouvrir “Virtual Machine Manager” , pour afficher les information sur la vm “yunouest”</p>
<p><img src="/images/yunouest002.png" alt="" width="600" /></p>
<p>Se connecter SSH sur vmserveur.tld directement depuis lun terminal du “poste linux”</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>ssh vmyuno
</code></pre></div></div>
<h2 id="réseau">Réseau</h2>
<p><a href="404.html">KVM/QEMU - Réseau IPV4/IPV6 accessible depuis linternet via box free.fr</a></p>
<h2 id="partage-de-dossiersfichiers-entre-le-lhôte-et-la-vm">Partage de dossiers/fichiers entre le lhôte et la vm</h2>
<p><a href="/2020/04/04/KVM_QEMU-Partage-de-repertoires-avec-des-machines-virtuelles-et-libvirt.html">KVM/QEMU - Partage de répertoires avec des machines virtuelles et libvirt</a></p>
<hr />
<h1 id="yunohost">Yunohost</h1>
<p><img src="/images/yunohost.png" alt="Yunohost" width="50px" /></p>
<p>Connexion ssh et passage en su</p>
<h2 id="système">Système</h2>
<h3 id="dns">DNS</h3>
<p>Le domaine <strong>vmserveur.tld</strong> pointe sur ladresse IPV6 <strong>2bef:a51:ced9:fc3::3</strong></p>
<p><img src="/images/dns-logo.png" alt="" width="30" /></p>
<p>Ajout MX ,spf,dmarc et dkim (gestion Mail)<br />
Ajout CAA pour letst encrypt</p>
<p>Les infos pour la mise à jour DNS</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>yunohost domain dns-conf vmserveur.tld
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Info : Cette page montre la configuration *recommandée*. Elle ne configure *pas* le DNS pour vous. Il est de votre responsabilité que de configurer votre zone DNS chez votre fournisseur/registrar DNS avec cette recommandation.
; Basic ipv4/ipv6 records
@ 3600 IN A 79.45.252.154
* 3600 IN A 79.45.252.154
@ 3600 IN AAAA 2bef:a51:ced9:fc3::3
* 3600 IN AAAA 2bef:a51:ced9:fc3::3
; XMPP
_xmpp-client._tcp 3600 IN SRV 0 5 5222 vmserveur.tld.
_xmpp-server._tcp 3600 IN SRV 0 5 5269 vmserveur.tld.
muc 3600 IN CNAME @
pubsub 3600 IN CNAME @
vjud 3600 IN CNAME @
; Mail
@ 3600 IN MX 10 vmserveur.tld.
@ 3600 IN TXT "v=spf1 a mx ip4:79.45.252.154 ip6:2bef:a51:ced9:fc3::3 -all"
mail._domainkey 3600 IN TXT "v=DKIM1; h=sha256; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/mZh/yIqQDzO3eAqD7AMA6FPzhOqlw+VEbkPTvrV0vS5qZseJ9gtefgKQi+gj63eU4WUjxmMacX+X25ERPRxkdnDR1P13IIy/ujz0nzfg6wK46Dn/wp86L2P4nV77WT8lXVP0yf+b21ZdqKMI9JhKEwqlwLiFW9nXhQrRMRlfqQIDAQAB"
_dmarc 3600 IN TXT "v=DMARC1; p=none"
; Extra
@ 3600 IN CAA 128 issue "letsencrypt.org"
</code></pre></div></div>
<p><strong>DNS OVH</strong> , les ajouts</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>$TTL 3600
@ IN SOA dns111.ovh.net. tech.ovh.net. (2020040300 86400 3600 3600000 300)
IN NS ns111.ovh.net.
IN NS dns111.ovh.net.
IN MX 10 vmserveur.tld.
IN AAAA 2bef:a51:ced9:fc3::3
IN CAA 128 issue "letsencrypt.org"
600 IN TXT "v=spf1 mx ip4:79.45.252.154 ip6:2bef:a51:ced9:fc3::3 -all"
* IN CNAME vmserveur.tld.
_dmarc IN TXT "v=DMARC1;p=none;"
mail._domainkey IN TXT ( "v=DKIM1;h=sha256;k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/mZh/yIqQDzO3eAqD7AMA6FPzhOqlw+VEbkPTvrV0vS5qZseJ9gtefgKQi+gj63eU4WUjxmMacX+X25ERPRxkdnDR1P13IIy/ujz0nzfg6wK46Dn/wp86L2P4nV77WT8lXVP0yf+b21ZdqKMI9JhKEwqlwLiFW9nXhQrRMRlfqQIDAQAB;" )
</code></pre></div></div>
<h3 id="créer-un-utilisateur">Créer un utilisateur</h3>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>yunohost user create ouest
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>fullname: ouest line
mail: ouest@vmserveur.tld
username: ouest
</code></pre></div></div>
<h3 id="bash-motd">Bash ,motd</h3>
<p><strong>Affichage informations</strong></p>
<p>Exécuter un fichier <em>utilisateur</em> nommé <strong>$HOME/.ssh/rc</strong> si <em>présent (NON PRESENT)</em><br />
Pour <em>tous les utilisateurs</em> exécuter un fichier nommé <strong>/etc/ssh/sshrc</strong> si <em>présent (NON PRESENT)</em><br />
Installer les utilitaires <em>curl jq figlet tmux</em></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo apt install curl jq figlet tmux tree # outils supplémentaires
</code></pre></div></div>
<p>Créer le fichier <strong>~/ssh_rc_bash</strong></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>#!/bin/bash
get_infos() {
seconds="$(&lt; /proc/uptime)"
seconds="${seconds/.*}"
days="$((seconds / 60 / 60 / 24)) jour(s)"
hours="$((seconds / 60 / 60 % 24)) heure(s)"
mins="$((seconds / 60 % 60)) minute(s)"
# Remove plural if &lt; 2.
((${days/ *} == 1)) &amp;&amp; days="${days/s}"
((${hours/ *} == 1)) &amp;&amp; hours="${hours/s}"
((${mins/ *} == 1)) &amp;&amp; mins="${mins/s}"
# Hide empty fields.
((${days/ *} == 0)) &amp;&amp; unset days
((${hours/ *} == 0)) &amp;&amp; unset hours
((${mins/ *} == 0)) &amp;&amp; unset mins
uptime="${days:+$days, }${hours:+$hours, }${mins}"
uptime="${uptime%', '}"
uptime="${uptime:-${seconds} seconds}"
if [[ -f "/sys/devices/virtual/dmi/id/board_vendor" ||
-f "/sys/devices/virtual/dmi/id/board_name" ]]; then
model="$(&lt; /sys/devices/virtual/dmi/id/board_vendor)"
model+=" $(&lt; /sys/devices/virtual/dmi/id/board_name)"
fi
if [[ -f "/sys/devices/virtual/dmi/id/bios_vendor" ||
-f "/sys/devices/virtual/dmi/id/bios_version" ]]; then
bios="$(&lt; /sys/devices/virtual/dmi/id/bios_vendor)"
bios+=" $(&lt; /sys/devices/virtual/dmi/id/bios_version)"
bios+=" $(&lt; /sys/devices/virtual/dmi/id/bios_date)"
fi
}
#clear
PROCCOUNT=`ps -Afl | wc -l` # nombre de lignes
PROCCOUNT=`expr $PROCCOUNT - 5` # on ote les non concernées
GROUPZ=`users`
ipinfo=$(curl -s ipinfo.io) # info localisation format json
#ipinfo=$(curl -s iplocality.com) # info localisation format json
publicip=$(echo $ipinfo | jq -r '.ip') # extraction des données , installer préalablement "jq"
ville=$(echo $ipinfo | jq -r '.city')
pays=$(echo $ipinfo | jq -r '.country')
cpuname=`cat /proc/cpuinfo |grep 'model name' | cut -d: -f2 | sed -n 1p`
iplink=`ip link show |grep -m 1 "2:" | awk '{print $2}' | cut -d: -f1`
if [[ $GROUPZ == *irc* ]]; then
ENDSESSION=`cat /etc/security/limits.conf | grep "@irc" | grep maxlogins | awk {'print $4'}`
PRIVLAGED="IRC Account"
else
ENDSESSION="Unlimited"
PRIVLAGED="Regular User"
fi
get_infos
logo=$(figlet "`hostname --fqdn`")
meteo=$(curl fr.wttr.in/$ville?0)
lvm_entet="Sys. fichiers\tTaille\tUtilisé\tDispo\tUti%\tMonté sur"
lvm=$(df -h |grep mapper) # les montages lvm
sdx=$(df -h |grep "/dev/sd") # les montages /dev/sd
distri=$(lsb_release -sd)
distri+=" $(uname -m)"
echo -e "
\e[1;31m$logo
\e[1;35m \e[1;37mHostname \e[1;35m= \e[1;32m`hostname`
\e[1;35m \e[1;37mWired IpV4 \e[1;35m= \e[1;32m`ip addr show $iplink | grep 'inet\b' | awk '{print $2}' | cut -d/ -f1`
\e[1;35m \e[1;37mWired IpV6 \e[1;35m= \e[1;32m`ip addr show $iplink | grep -E 'inet6' |grep -E 'scope link' | awk '{print $2}' | cut -d/ -f1`
\e[1;35m \e[1;37mKernel \e[1;35m= \e[1;32m`uname -r`
\e[1;35m \e[1;37mDistrib \e[1;35m= \e[1;32m$distri
\e[1;35m \e[1;37mUptime \e[1;35m= \e[1;32m`echo $uptime`
\e[1;35m \e[1;37mBios \e[1;35m= \e[1;32m`echo $bios`
\e[1;35m \e[1;37mBoard \e[1;35m= \e[1;32m`echo $model`
\e[1;35m \e[1;37mCPU \e[1;35m= \e[1;32m`echo $cpuname`
\e[1;35m \e[1;37mMemory Use \e[1;35m= \e[1;32m`free -m | awk 'NR==2{printf "%s/%sMB (%.2f%%)\n", $3,$2,$3*100/$2 }'`
\e[1;35m \e[1;37mUsername \e[1;35m= \e[1;32m`whoami`
\e[1;35m \e[1;37mSessions \e[1;35m= \e[1;32m`who | grep $USER | wc -l`
\e[1;35m\e[1;37mPublic IpV4 \e[1;35m= \e[1;32m`echo $publicip`
\e[1;35m\e[1;37mPublic IpV6 \e[1;35m= \e[1;32m`ip addr show $iplink | grep -m 1 'inet6\b' | awk '{print $2}' | cut -d/ -f1`
\e[1;35m\e[1;96m$lvm_entet\e[1;35m\e[1;49m
\e[1;35m\e[1;33m$sdx
\e[1;35m\e[1;33m$lvm
\e[1;35m\e[1;32m$meteo
\e[1;0m
"
</code></pre></div></div>
<p>Le rendre exécutable</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>chmod +x ~/ssh_rc_bash
</code></pre></div></div>
<p>Recréer motd</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo rm /etc/motd &amp;&amp; sudo nano /etc/motd
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> __ __ __ __ _
\ \ / /| \/ | _ _ _ _ _ _ ___ _ _ ___ ___| |_
\ V / | |\/| | | || || || || ' \ / _ \| || |/ -_)(_-&lt;| _|
\_/ |_| |_| \_, | \_,_||_||_|\___/ \_,_|\___|/__/ \__|
___ _ _ ___ |__/ |_ | |(_) _ _ ___ _ _ ___ | |_
/ _ \| || |/ -_)(_-&lt;| _|| || || ' \ / -_) _ | ' \ / -_)| _|
\___/ \_,_|\___|/__/ \__||_||_||_||_|\___|(_)|_||_|\___| \__|
</code></pre></div></div>
<p>Déconnexion puis connexion</p>
<h3 id="certificats-ssl-letsencrypt-acme">Certificats SSL letsencrypt (acme)</h3>
<p><img src="/images/letsencrypt-logo1.png" alt="SSL Letsencrypt" width="100" /></p>
<p>On ne peut valider pas les certificats par la commande yunohost car elle utilise le lien publique IPV4 qui nexiste pas var le domaine est seulement accessible en IPV6</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>yunohost domain cert-install
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Info : Now attempting install of certificate for domain vmserveur.tld!
Erreur : Aucun enregistrement DNS 'A' na été trouvé pour vmserveur.tld. Vous devez faire pointer votre nom de domaine vers votre machine pour être en mesure dinstaller un certificat Lets Encrypt ! (Si vous savez ce que vous faites, utilisez --no-checks pour désactiver ces contrôles)
</code></pre></div></div>
<blockquote>
<p>laccès est uniquement IPV6 !!!</p>
</blockquote>
<p>On utilise acme qui installe les certificats DNS via une API OVH</p>
<p>Prérequis</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo apt install socat # prérequis
</code></pre></div></div>
<p>Installation gestionnaire des certificats Lets Encrypt</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>cd ~
git clone https://github.com/Neilpang/acme.sh.git
cd acme.sh
./acme.sh --install
</code></pre></div></div>
<blockquote>
<p>Se déconnecter puis se reconnecter pou la prise en compte</p>
</blockquote>
<p>Se connecter sur lapi OVH pour les paramètres (clé et secret)</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>export OVH_AK="votre application key"
export OVH_AS="votre application secret"
</code></pre></div></div>
<p>Domaine ouestline.xyz</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>acme.sh --dns dns_ovh --issue --keylength ec-384 -d 'vmserveur.tld' -d '*.vmserveur.tld'
</code></pre></div></div>
<p>Les certificats</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>[vendredi 3 avril 2020, 14:21:51 (UTC+0200)] Your cert is in /home/admin/.acme.sh/vmserveur.tld_ecc/vmserveur.tld.cer
[vendredi 3 avril 2020, 14:21:51 (UTC+0200)] Your cert key is in /home/admin/.acme.sh/vmserveur.tld_ecc/vmserveur.tld.key
[vendredi 3 avril 2020, 14:21:51 (UTC+0200)] The intermediate CA cert is in /home/admin/.acme.sh/vmserveur.tld_ecc/ca.cer
[vendredi 3 avril 2020, 14:21:51 (UTC+0200)] And the full chain certs is there: /home/admin/.acme.sh/vmserveur.tld_ecc/fullchain.cer
</code></pre></div></div>
<p>On ne peut pas installer des certificats lets encrypt sans adresse IPV4 ,erreur <code class="language-plaintext highlighter-rouge">Aucun enregistrement DNS 'A' na été trouvé pour vmserveur.tld</code><br />
<u>Solution</u></p>
<p>Pour contourner le problème , on va créer un dossier de la forme <strong>aaaammdd.hhmmss-letsencrypt</strong> (en mode su),avec la date et heure du jour</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo mkdir -p /etc/yunohost/certs/vmserveur.tld-history/20200403.142000-letsencrypt
</code></pre></div></div>
<p>Puis on va créer les liens</p>
<p>Les liens pour les certificats</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo ln -s /home/admin/.acme.sh/vmserveur.tld_ecc/vmserveur.tld.key /etc/yunohost/certs/vmserveur.tld-history/20200403.142000-letsencrypt/key.pem # cert key
sudo ln -s /home/admin/.acme.sh/vmserveur.tld_ecc/fullchain.cer /etc/yunohost/certs/vmserveur.tld-history/20200403.142000-letsencrypt/crt.pem # full chain certs
</code></pre></div></div>
<p>Enfin on va informer yunohost par un lien que lon utilise des certificats lets encrypt</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo rm /etc/yunohost/certs/vmserveur.tld # efface le lien certificat non signé
sudo ln -s /etc/yunohost/certs/vmserveur.tld-history/20200403.142000-letsencrypt /etc/yunohost/certs/vmserveur.tld # Création lien sur les certificats let's encrypt
</code></pre></div></div>
<p>Structure yunohost pour les certificats</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>/etc/yunohost/certs/
/etc/yunohost/certs/
├── vmserveur.tld -&gt; /etc/yunohost/certs/vmserveur.tld-history/20200403.142000-letsencrypt
├── vmserveur.tld-history
│   ├── 20200402.212217-selfsigned
│   │   ├── ca.pem -&gt; /etc/ssl/certs/ca-yunohost_crt.pem
│   │   ├── crt.pem
│   │   ├── key.pem
│   │   └── openssl.cnf
│   └── 20200403.142000-letsencrypt
│   ├── crt.pem -&gt; /home/admin/.acme.sh/vmserveur.tld_ecc/fullchain.cer
│   └── key.pem -&gt; /home/admin/.acme.sh/vmserveur.tld_ecc/vmserveur.tld.key
└── yunohost.org
├── ca.pem
├── crt.pem
└── key.pem
</code></pre></div></div>
<h3 id="ssl--diffie-hellmann--entêtes">SSL + Diffie-Hellmann + Entêtes</h3>
<p><img src="/images/certificat-ssl.png" alt="SSL" width="60" /></p>
<p>Toutes les commandes se font en mode su</p>
<p>Générer Diffie-Hellman</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>openssl dhparam -out /etc/ssl/private/dh2048.pem -outform PEM -2 2048
</code></pre></div></div>
<p>Modification fichier de configuration <strong>/etc/nginx/conf.d/vmserveur.tld.conf</strong></p>
<ul>
<li>Décommenter la ligne <code class="language-plaintext highlighter-rouge">ssl_dhparam /etc/ssl/private/dh2048.pem;</code></li>
</ul>
<p>Le fichier <strong>/etc/nginx/conf.d/vmserveur.tld.conf</strong> après les modifications</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
listen [::]:80;
server_name vmserveur.tld;
access_by_lua_file /usr/share/ssowat/access.lua;
include /etc/nginx/conf.d/vmserveur.tld.d/*.conf;
location /yunohost/admin {
return 301 https://$http_host$request_uri;
}
location /.well-known/autoconfig/mail/ {
alias /var/www/.well-known/vmserveur.tld/autoconfig/mail/;
}
access_log /var/log/nginx/vmserveur.tld-access.log;
error_log /var/log/nginx/vmserveur.tld-error.log;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name vmserveur.tld;
ssl_certificate /etc/yunohost/certs/vmserveur.tld/crt.pem;
ssl_certificate_key /etc/yunohost/certs/vmserveur.tld/key.pem;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:50m;
# As suggested by Mozilla : https://wiki.mozilla.org/Security/Server_Side_TLS and https://en.wikipedia.org/wiki/Curve25519
ssl_ecdh_curve secp521r1:secp384r1:prime256v1;
ssl_prefer_server_ciphers on;
# Ciphers with intermediate compatibility
# https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=nginx-1.6.2&amp;openssl=1.0.1t&amp;hsts=yes&amp;profile=intermediate
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
# Uncomment the following directive after DH generation
# &gt; openssl dhparam -out /etc/ssl/private/dh2048.pem -outform PEM -2 2048
ssl_dhparam /etc/ssl/private/dh2048.pem;
# Follows the Web Security Directives from the Mozilla Dev Lab and the Mozilla Obervatory + Partners
# https://wiki.mozilla.org/Security/Guidelines/Web_Security
# https://observatory.mozilla.org/
more_set_headers "Content-Security-Policy : upgrade-insecure-requests";
more_set_headers "Content-Security-Policy-Report-Only : default-src https: data: 'unsafe-inline' 'unsafe-eval'";
more_set_headers "X-Content-Type-Options : nosniff";
more_set_headers "X-XSS-Protection : 1; mode=block";
more_set_headers "X-Download-Options : noopen";
more_set_headers "X-Permitted-Cross-Domain-Policies : none";
more_set_headers "X-Frame-Options : SAMEORIGIN";
# Disable gzip to protect against BREACH
# Read https://trac.nginx.org/nginx/ticket/1720 (text/html cannot be disabled!)
gzip off;
access_by_lua_file /usr/share/ssowat/access.lua;
include /etc/nginx/conf.d/vmserveur.tld.d/*.conf;
include /etc/nginx/conf.d/yunohost_admin.conf.inc;
include /etc/nginx/conf.d/yunohost_api.conf.inc;
access_log /var/log/nginx/vmserveur.tld-access.log;
error_log /var/log/nginx/vmserveur.tld-error.log;
</code></pre></div></div>
<p>Vérifier et relancer nginx</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>nginx -t
systemctl restart nginx
</code></pre></div></div>
<p>Vérifier ssl sur le lien https://vmserveur.tld</p>
<p><img src="/images/vbox-ouestline001.png" alt="SSL" width="400" /><br />
<img src="/images/vbox-ouestline002.png" alt="SSL" width="400" /></p>
<h3 id="ajouter-un-domaine">Ajouter un domaine</h3>
<p>Il faut ajouter le domaine avec certificat auto signé</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>yunohost domain add nc.vmserveur.tld
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Attention : Le fichier de configuration '/etc/nginx/conf.d/vmserveur.tld.conf' a été modifié manuellement et ne sera pas mis à jour
Succès ! Le certificat auto-signé est maintenant installé pour le domaine « nc.vmserveur.tld »
Succès ! La configuration a été mise à jour pour 'postfix'
Attention : Le fichier de configuration '/etc/nginx/conf.d/vmserveur.tld.conf' a été modifié manuellement et ne sera pas mis à jour
Succès ! La configuration a été mise à jour pour 'dnsmasq'
Succès ! La configuration a été mise à jour pour 'metronome'
Succès ! Le domaine a été créé
</code></pre></div></div>
<p><strong>Yunohost erreur DNS A</strong><br />
On ne peut pas installer des certificats <strong>lets encrypt</strong> sans adresse IPV4 ,erreur</p>
<font color="red">**Aucun enregistrement DNS 'A' na été trouvé pour vmserveur.tld**</font>
<p><u>**Solution**</u></p>
<p>Pour contourner le problème , on va créer un dossier de la forme <strong>domaine-history/aaaammdd.hhmmss-letsencrypt</strong> (en mode su),avec la date et heure du jour</p>
<p><strong>Exemple</strong><br />
Créer un domaine <strong>nc.vmserveur.tld</strong> le 3 avril à 17h40<br />
Le dossier se nomme <strong>nc.vmserveur.tld-history/20200403.165000-letsencrypt</strong></p>
<p>en mode su , procédure semi auto</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">DOMAIN</span><span class="o">=</span><span class="s2">"nc.vmserveur.tld"</span>
<span class="nv">DATE</span><span class="o">=</span><span class="s2">"20200403"</span>
<span class="nv">HEURE</span><span class="o">=</span><span class="s2">"174000"</span>
<span class="c"># Créer le dossier sur le système</span>
<span class="nb">mkdir</span> <span class="nt">-p</span> /etc/yunohost/certs/<span class="nv">$DOMAIN</span><span class="nt">-history</span>/<span class="nv">$DATE</span>.<span class="nv">$HEURE</span><span class="nt">-letsencrypt</span>
<span class="c"># Les liens pour les certificats</span>
<span class="c">#</span>
<span class="c"># efface le lien certificat non signé si existant</span>
<span class="nb">rm</span> <span class="nt">-f</span> /etc/yunohost/certs/<span class="nv">$DOMAIN</span>
<span class="c"># Création lien sur les certificats let's encrypt </span>
<span class="nb">ln</span> <span class="nt">-s</span> /etc/yunohost/certs/<span class="nv">$DOMAIN</span><span class="nt">-history</span>/<span class="nv">$DATE</span>.<span class="nv">$HEURE</span><span class="nt">-letsencrypt</span> /etc/yunohost/certs/<span class="nv">$DOMAIN</span>
<span class="c">#</span>
<span class="c"># créer les liens key et cert</span>
<span class="c"># cert key</span>
<span class="nb">ln</span> <span class="nt">-s</span> /home/admin/.acme.sh/vmserveur.tld_ecc/vmserveur.tld.key /etc/yunohost/certs/<span class="nv">$DOMAIN</span><span class="nt">-history</span>/<span class="nv">$DATE</span>.<span class="nv">$HEURE</span><span class="nt">-letsencrypt</span>/key.pem
<span class="c"># full chain certs</span>
<span class="nb">ln</span> <span class="nt">-s</span> /home/admin/.acme.sh/vmserveur.tld_ecc/fullchain.cer /etc/yunohost/certs/<span class="nv">$DOMAIN</span><span class="nt">-history</span>/<span class="nv">$DATE</span>.<span class="nv">$HEURE</span><span class="nt">-letsencrypt</span>/crt.pem
<span class="c">#</span>
<span class="c"># Vérification</span>
tree /etc/yunohost/certs/<span class="nv">$DOMAIN</span><span class="k">*</span>
<span class="c"># </span>
yunohost domain list
</code></pre></div></div>
<h2 id="applications">Applications</h2>
<h3 id="nextcloud">Nextcloud</h3>
<p><a href="https://github.com/YunoHost-apps/nextcloud_ynh">YunoHost-Apps /nextcloud_ynh</a></p>
<p>Installation</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>yunohost app install https://github.com/YunoHost-Apps/nextcloud_ynh
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>root@ouestline:/home/admin# yunohost app install https://github.com/YunoHost-Apps/nextcloud_ynh
Domaines disponibles :
- vmserveur.tld
- nc.vmserveur.tld
Choisissez un domaine pour Nextcloud (default: vmserveur.tld) : nc.vmserveur.tld
Choisissez un chemin pour Nextcloud (default: /nextcloud) : /
Liste des utilisateurs disponibles :
- ouest
Choisissez l'administrateur de Nextcloud (doit être un utilisateur YunoHost existant) : ouest
Accéder au dossier personnel des utilisateurs depuis Nextcloud ? [yes | no] (default: no) : yes
Info : Installation de l'application nextcloud …
[...]
Attention : warning: commands will be executed using /bin/sh
Attention : job 1 at Fri Apr 3 18:17:00 2020
Info : [#################+..] &gt; Adding multimedia directories...
Attention : 2020-04-03 18:07:13 URL:https://codeload.github.com/YunoHost-Apps/yunohost.multimedia/tar.gz/v1.2 [15921] -&gt; "v1.2.tar.gz" [1]
Info : [##################..] &gt; Configuring log rotation...
Info : [##################+.] &gt; Configuring fail2ban...
Info : [###################.] &gt; Configuring SSOwat...
Attention : /!\ Packagers! This app is still using the skipped/protected/unprotected_uris/regex settings which are now obsolete and deprecated... Instead, you should use the new helpers 'ynh_permission_{create,urls,update,delete}' and the 'visitors' group to initialize the public/private access. Check out the documentation at the bottom of yunohost.org/groups_and_permissions to learn how to use the new permission mechanism.
Attention : /!\ Packagers! This app is still using the skipped/protected/unprotected_uris/regex settings which are now obsolete and deprecated... Instead, you should use the new helpers 'ynh_permission_{create,urls,update,delete}' and the 'visitors' group to initialize the public/private access. Check out the documentation at the bottom of yunohost.org/groups_and_permissions to learn how to use the new permission mechanism.
Info : [###################.] &gt; Reloading nginx web server...
Info : [####################] &gt; Installation of nextcloud completed
Succès ! Installation terminée
</code></pre></div></div>
<h2 id="maintenance-yunohost">Maintenance yunohost</h2>
<h3 id="nextcloud-1">Nextcloud</h3>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> Avertissements de sécurité &amp; configuration
Il est important pour la sécurité et la performance de votre instance que celle-ci soit correctement configurée. Afin de vous aider, votre instance Nextcloud effectue des vérifications automatiques. Pour de plus amples informations, veuillez consulter la documentation liée.
Il y a quelques avertissements concernant votre configuration.
MySQL est utilisée comme base de données mais ne supporte pas les caractères codés sur 4 octets. Pour pouvoir manipuler les caractères sur 4 octets (comme les émoticônes) sans problème dans les noms de fichiers ou les commentaires par exemple, il est recommandé d'activer le support 4 octets dans MySQL. Pour plus de détails, lisez la page de documentation à ce sujet
Merci de consulter les guides d'installation ↗ et de vérifier les erreurs ou avertissements des logs.
Vérifier la sécurité de votre Nextcloud grâce à notre scan de sécurité ↗
</code></pre></div></div>
<p><strong>Corrections MariaDb/nextcloud</strong></p>
<ul>
<li><a href="https://docs.nextcloud.com/server/18/go.php?to=admin-mysql-utf8mb4">Enabling MySQL 4-byte support</a></li>
</ul>
<p>Ouvrir 2 terminaux sur le site <br />
Respecter lordre des opérations</p>
<p><strong>→ PREMIER TERMINAL</strong></p>
<p>mysql -uroot -p$(cat /etc/yunohost/mysql )</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 76
Server version: 10.1.44-MariaDB-0+deb9u1 Debian 9.11
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]&gt; show variables like 'innodb_file_format';
+--------------------+----------+
| Variable_name | Value |
+--------------------+----------+
| innodb_file_format | Antelope |
+--------------------+----------+
1 row in set (0.01 sec)
MariaDB [nextcloud]&gt; SET GLOBAL innodb_file_format=Barracuda;
Query OK, 0 rows affected (0.00 sec)
MariaDB [nextcloud]&gt; show variables like 'innodb_file_per_table';
+-----------------------+-------+
| Variable_name | Value |
+-----------------------+-------+
| innodb_file_per_table | ON |
+-----------------------+-------+
1 row in set (0.00 sec)
MariaDB [(none)]&gt; quit
</code></pre></div></div>
<p><strong>→ SECOND TERMINAL</strong></p>
<p>ATTENTION /usr/bin/php7.3 est utilisé pour nextcloud</p>
<p>On passe en mode maintenance</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>cd /var/www/nextcloud
sudo -u nextcloud /usr/bin/php7.3 occ maintenance:mode --on
</code></pre></div></div>
<p>Maintenance mode enabled</p>
<p>Redémarrer mysql suite aux manipulations effectuées dans le premier terminal</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>systemctl restart mysqld
</code></pre></div></div>
<p><strong>→ PREMIER TERMINAL</strong></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>mysql -uroot -p$(cat /etc/yunohost/mysql )
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>MariaDB [(none)]&gt; ALTER DATABASE nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]&gt; quit
</code></pre></div></div>
<p>Pour éviter lERREUR</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>An exception occurred while executing ALTER TABLE [TABLE_NAME] CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_bin;:
SQLSTATE[42000]: Syntax error or access violation: 1071 Specified key was too long; max key length is 767 bytes
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>mysql -uroot -p$(cat /etc/yunohost/mysql ) nextcloud
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>MariaDB [nextcloud]&gt; set global innodb_large_prefix=on;
Query OK, 0 rows affected (0.00 sec)
MariaDB [nextcloud]&gt; set global innodb_file_format=Barracuda;
Query OK, 0 rows affected (0.00 sec)
MariaDB [nextcloud]&gt; quit
Bye
</code></pre></div></div>
<p><strong>→ SECOND TERMINAL</strong></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo -u nextcloud /usr/bin/php7.3 occ config:system:set mysql.utf8mb4 --type boolean --value="true"
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Nextcloud is in maintenance mode - no apps have been loaded
System config value mysql.utf8mb4 set to boolean true
</code></pre></div></div>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo -u nextcloud /usr/bin/php7.3 occ maintenance:repair # patienter
</code></pre></div></div>
<p>désactiver la maintenance</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo -u nextcloud /usr/bin/php7.3 occ maintenance:mode --off
</code></pre></div></div>
<p>Maintenance mode disabled</p>
<p><strong>Correction tâche cron</strong></p>
<p>La tâche cron nest jamais exécuté (normalement tous les 5 minutes) car elle nexiste pas</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> Avertissements de sécurité &amp; configuration
Il est important pour la sécurité et la performance de votre instance que celle-ci soit correctement configurée. Afin de vous aider, votre instance Nextcloud effectue des vérifications automatiques. Pour de plus amples informations, veuillez consulter la documentation liée.
Il y a quelques erreurs concernant votre configuration.
Dernière tâche de fond a fonctionné il y a Il y a 1 heure. Quelque chose s'est mal passé. Vérifier les paramètres des tâches de fond
Merci de consulter les guides d'installation ↗ et de vérifier les erreurs ou avertissements des logs.
Vérifier la sécurité de votre Nextcloud grâce à notre scan de sécurité ↗
</code></pre></div></div>
<p>Créer la tâche dans un “scheduleur” cron</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>sudo -s
crontab -u nextcloud -e
</code></pre></div></div>
<p>Ajouter</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>*/5 * * * * /usr/bin/php7.3 -f /var/www/nextcloud/cron.php &gt; /dev/null 2&gt;&amp;1
</code></pre></div></div>
<p>Vérifier sur le site nextcloud</p>
<p><img src="/images/nextcloud-cinay.xyz.png" alt="" /></p>
<hr />
</div>
<div class="d-print-none"><footer class="article__footer"><meta itemprop="dateModified" content="2020-04-03T00:00:00+02:00"><!-- start custom article footer snippet -->
<!-- end custom article footer snippet -->
<!--
<div align="right"><a type="application/rss+xml" href="/feed.xml" title="S'abonner"><i class="fa fa-rss fa-2x"></i></a>
&emsp;</div>
-->
</footer>
<div class="article__section-navigator clearfix"><div class="previous"><span>PRÉCÉDENT</span><a href="/2020/04/02/Comment-installer-hyperviseur-KVM-sur-Debian10(Buster).html">Comment installer l'hyperviseur KVM sur Debian 10 (Buster)</a></div><div class="next"><span>SUIVANT</span><a href="/2020/04/04/KVM_QEMU-Reseau-IPV4_IPV6-accessible-internet-via-box-free.html">KVM/QEMU - Réseau IPV4/IPV6 accessible depuis l'internet via box free.fr</a></div></div></div>
</div>
<script>(function() {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
$(function() {
var $this ,$scroll;
var $articleContent = $('.js-article-content');
var hasSidebar = $('.js-page-root').hasClass('layout--page--sidebar');
var scroll = hasSidebar ? '.js-page-main' : 'html, body';
$scroll = $(scroll);
$articleContent.find('.highlight').each(function() {
$this = $(this);
$this.attr('data-lang', $this.find('code').attr('data-lang'));
});
$articleContent.find('h1[id], h2[id], h3[id], h4[id], h5[id], h6[id]').each(function() {
$this = $(this);
$this.append($('<a class="anchor d-print-none" aria-hidden="true"></a>').html('<i class="fas fa-anchor"></i>'));
});
$articleContent.on('click', '.anchor', function() {
$scroll.scrollToAnchor('#' + $(this).parent().attr('id'), 400);
});
});
});
})();
</script>
</div><section class="page__comments d-print-none"></section></article><!-- start custom main bottom snippet -->
<!-- end custom main bottom snippet -->
</div>
</div></div></div></div>
</div><script>(function() {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
var $body = $('body'), $window = $(window);
var $pageRoot = $('.js-page-root'), $pageMain = $('.js-page-main');
var activeCount = 0;
function modal(options) {
var $root = this, visible, onChange, hideWhenWindowScroll = false;
var scrollTop;
function setOptions(options) {
var _options = options || {};
visible = _options.initialVisible === undefined ? false : show;
onChange = _options.onChange;
hideWhenWindowScroll = _options.hideWhenWindowScroll;
}
function init() {
setState(visible);
}
function setState(isShow) {
if (isShow === visible) {
return;
}
visible = isShow;
if (visible) {
activeCount++;
scrollTop = $(window).scrollTop() || $pageMain.scrollTop();
$root.addClass('modal--show');
$pageMain.scrollTop(scrollTop);
activeCount === 1 && ($pageRoot.addClass('show-modal'), $body.addClass('of-hidden'));
hideWhenWindowScroll && window.hasEvent('touchstart') && $window.on('scroll', hide);
$window.on('keyup', handleKeyup);
} else {
activeCount > 0 && activeCount--;
$root.removeClass('modal--show');
$window.scrollTop(scrollTop);
activeCount === 0 && ($pageRoot.removeClass('show-modal'), $body.removeClass('of-hidden'));
hideWhenWindowScroll && window.hasEvent('touchstart') && $window.off('scroll', hide);
$window.off('keyup', handleKeyup);
}
onChange && onChange(visible);
}
function show() {
setState(true);
}
function hide() {
setState(false);
}
function handleKeyup(e) {
// Char Code: 27 ESC
if (e.which === 27) {
hide();
}
}
setOptions(options);
init();
return {
show: show,
hide: hide,
$el: $root
};
}
$.fn.modal = modal;
});
})();
</script><div class="modal modal--overflow page__search-modal d-print-none js-page-search-modal"><script>
(function () {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
// search panel
var search = (window.search || (window.search = {}));
var useDefaultSearchBox = window.useDefaultSearchBox === undefined ?
true : window.useDefaultSearchBox ;
var $searchModal = $('.js-page-search-modal');
var $searchToggle = $('.js-search-toggle');
var searchModal = $searchModal.modal({ onChange: handleModalChange, hideWhenWindowScroll: true });
var modalVisible = false;
search.searchModal = searchModal;
var $searchBox = null;
var $searchInput = null;
var $searchClear = null;
function getModalVisible() {
return modalVisible;
}
search.getModalVisible = getModalVisible;
function handleModalChange(visible) {
modalVisible = visible;
if (visible) {
search.onShow && search.onShow();
useDefaultSearchBox && $searchInput[0] && $searchInput[0].focus();
} else {
search.onShow && search.onHide();
useDefaultSearchBox && $searchInput[0] && $searchInput[0].blur();
setTimeout(function() {
useDefaultSearchBox && ($searchInput.val(''), $searchBox.removeClass('not-empty'));
search.clear && search.clear();
window.pageAsideAffix && window.pageAsideAffix.refresh();
}, 400);
}
}
$searchToggle.on('click', function() {
modalVisible ? searchModal.hide() : searchModal.show();
});
// Char Code: 83 S, 191 /
$(window).on('keyup', function(e) {
if (!modalVisible && !window.isFormElement(e.target || e.srcElement) && (e.which === 83 || e.which === 191)) {
modalVisible || searchModal.show();
}
});
if (useDefaultSearchBox) {
$searchBox = $('.js-search-box');
$searchInput = $searchBox.children('input');
$searchClear = $searchBox.children('.js-icon-clear');
search.getSearchInput = function() {
return $searchInput.get(0);
};
search.getVal = function() {
return $searchInput.val();
};
search.setVal = function(val) {
$searchInput.val(val);
};
$searchInput.on('focus', function() {
$(this).addClass('focus');
});
$searchInput.on('blur', function() {
$(this).removeClass('focus');
});
$searchInput.on('input', window.throttle(function() {
var val = $(this).val();
if (val === '' || typeof val !== 'string') {
search.clear && search.clear();
} else {
$searchBox.addClass('not-empty');
search.onInputNotEmpty && search.onInputNotEmpty(val);
}
}, 400));
$searchClear.on('click', function() {
$searchInput.val(''); $searchBox.removeClass('not-empty');
search.clear && search.clear();
});
}
});
})();
</script><div class="search search--dark">
<div class="main">
<div class="search__header">Recherche</div>
<div class="search-bar">
<div class="search-box js-search-box">
<div class="search-box__icon-search"><i class="fas fa-search"></i></div>
<input id="search-input" type="text" />
<div class="search-box__icon-clear js-icon-clear">
<a><i class="fas fa-times"></i></a>
</div>
</div>
<button class="button button--theme-dark button--pill search__cancel js-search-toggle">
Annuler</button>
</div>
<div id="results-container" class="search-result js-search-result"></div>
</div>
</div>
<!-- Script pointing to search-script.js -->
<script>/*!
* Simple-Jekyll-Search
* Copyright 2015-2020, Christian Fei
* Licensed under the MIT License.
*/
(function(){
'use strict'
var _$Templater_7 = {
compile: compile,
setOptions: setOptions
}
const options = {}
options.pattern = /\{(.*?)\}/g
options.template = ''
options.middleware = function () {}
function setOptions (_options) {
options.pattern = _options.pattern || options.pattern
options.template = _options.template || options.template
if (typeof _options.middleware === 'function') {
options.middleware = _options.middleware
}
}
function compile (data) {
return options.template.replace(options.pattern, function (match, prop) {
const value = options.middleware(prop, data[prop], options.template)
if (typeof value !== 'undefined') {
return value
}
return data[prop] || match
})
}
'use strict';
function fuzzysearch (needle, haystack) {
var tlen = haystack.length;
var qlen = needle.length;
if (qlen > tlen) {
return false;
}
if (qlen === tlen) {
return needle === haystack;
}
outer: for (var i = 0, j = 0; i < qlen; i++) {
var nch = needle.charCodeAt(i);
while (j < tlen) {
if (haystack.charCodeAt(j++) === nch) {
continue outer;
}
}
return false;
}
return true;
}
var _$fuzzysearch_1 = fuzzysearch;
'use strict'
/* removed: const _$fuzzysearch_1 = require('fuzzysearch') */;
var _$FuzzySearchStrategy_5 = new FuzzySearchStrategy()
function FuzzySearchStrategy () {
this.matches = function (string, crit) {
return _$fuzzysearch_1(crit.toLowerCase(), string.toLowerCase())
}
}
'use strict'
var _$LiteralSearchStrategy_6 = new LiteralSearchStrategy()
function LiteralSearchStrategy () {
this.matches = function (str, crit) {
if (!str) return false
str = str.trim().toLowerCase()
crit = crit.trim().toLowerCase()
return crit.split(' ').filter(function (word) {
return str.indexOf(word) >= 0
}).length === crit.split(' ').length
}
}
'use strict'
var _$Repository_4 = {
put: put,
clear: clear,
search: search,
setOptions: __setOptions_4
}
/* removed: const _$FuzzySearchStrategy_5 = require('./SearchStrategies/FuzzySearchStrategy') */;
/* removed: const _$LiteralSearchStrategy_6 = require('./SearchStrategies/LiteralSearchStrategy') */;
function NoSort () {
return 0
}
const data = []
let opt = {}
opt.fuzzy = false
opt.limit = 10
opt.searchStrategy = opt.fuzzy ? _$FuzzySearchStrategy_5 : _$LiteralSearchStrategy_6
opt.sort = NoSort
opt.exclude = []
function put (data) {
if (isObject(data)) {
return addObject(data)
}
if (isArray(data)) {
return addArray(data)
}
return undefined
}
function clear () {
data.length = 0
return data
}
function isObject (obj) {
return Boolean(obj) && Object.prototype.toString.call(obj) === '[object Object]'
}
function isArray (obj) {
return Boolean(obj) && Object.prototype.toString.call(obj) === '[object Array]'
}
function addObject (_data) {
data.push(_data)
return data
}
function addArray (_data) {
const added = []
clear()
for (let i = 0, len = _data.length; i < len; i++) {
if (isObject(_data[i])) {
added.push(addObject(_data[i]))
}
}
return added
}
function search (crit) {
if (!crit) {
return []
}
return findMatches(data, crit, opt.searchStrategy, opt).sort(opt.sort)
}
function __setOptions_4 (_opt) {
opt = _opt || {}
opt.fuzzy = _opt.fuzzy || false
opt.limit = _opt.limit || 10
opt.searchStrategy = _opt.fuzzy ? _$FuzzySearchStrategy_5 : _$LiteralSearchStrategy_6
opt.sort = _opt.sort || NoSort
opt.exclude = _opt.exclude || []
}
function findMatches (data, crit, strategy, opt) {
const matches = []
for (let i = 0; i < data.length && matches.length < opt.limit; i++) {
const match = findMatchesInObject(data[i], crit, strategy, opt)
if (match) {
matches.push(match)
}
}
return matches
}
function findMatchesInObject (obj, crit, strategy, opt) {
for (const key in obj) {
if (!isExcluded(obj[key], opt.exclude) && strategy.matches(obj[key], crit)) {
return obj
}
}
}
function isExcluded (term, excludedTerms) {
for (let i = 0, len = excludedTerms.length; i < len; i++) {
const excludedTerm = excludedTerms[i]
if (new RegExp(excludedTerm).test(term)) {
return true
}
}
return false
}
/* globals ActiveXObject:false */
'use strict'
var _$JSONLoader_2 = {
load: load
}
function load (location, callback) {
const xhr = getXHR()
xhr.open('GET', location, true)
xhr.onreadystatechange = createStateChangeListener(xhr, callback)
xhr.send()
}
function createStateChangeListener (xhr, callback) {
return function () {
if (xhr.readyState === 4 && xhr.status === 200) {
try {
callback(null, JSON.parse(xhr.responseText))
} catch (err) {
callback(err, null)
}
}
}
}
function getXHR () {
return window.XMLHttpRequest ? new window.XMLHttpRequest() : new ActiveXObject('Microsoft.XMLHTTP')
}
'use strict'
var _$OptionsValidator_3 = function OptionsValidator (params) {
if (!validateParams(params)) {
throw new Error('-- OptionsValidator: required options missing')
}
if (!(this instanceof OptionsValidator)) {
return new OptionsValidator(params)
}
const requiredOptions = params.required
this.getRequiredOptions = function () {
return requiredOptions
}
this.validate = function (parameters) {
const errors = []
requiredOptions.forEach(function (requiredOptionName) {
if (typeof parameters[requiredOptionName] === 'undefined') {
errors.push(requiredOptionName)
}
})
return errors
}
function validateParams (params) {
if (!params) {
return false
}
return typeof params.required !== 'undefined' && params.required instanceof Array
}
}
'use strict'
var _$utils_9 = {
merge: merge,
isJSON: isJSON
}
function merge (defaultParams, mergeParams) {
const mergedOptions = {}
for (const option in defaultParams) {
mergedOptions[option] = defaultParams[option]
if (typeof mergeParams[option] !== 'undefined') {
mergedOptions[option] = mergeParams[option]
}
}
return mergedOptions
}
function isJSON (json) {
try {
if (json instanceof Object && JSON.parse(JSON.stringify(json))) {
return true
}
return false
} catch (err) {
return false
}
}
var _$src_8 = {};
(function (window) {
'use strict'
let options = {
searchInput: null,
resultsContainer: null,
json: [],
success: Function.prototype,
searchResultTemplate: '<li><a href="{url}" title="{desc}">{title}</a></li>',
templateMiddleware: Function.prototype,
sortMiddleware: function () {
return 0
},
noResultsText: 'No results found',
limit: 10,
fuzzy: false,
debounceTime: null,
exclude: []
}
let debounceTimerHandle
const debounce = function (func, delayMillis) {
if (delayMillis) {
clearTimeout(debounceTimerHandle)
debounceTimerHandle = setTimeout(func, delayMillis)
} else {
func.call()
}
}
const requiredOptions = ['searchInput', 'resultsContainer', 'json']
/* removed: const _$Templater_7 = require('./Templater') */;
/* removed: const _$Repository_4 = require('./Repository') */;
/* removed: const _$JSONLoader_2 = require('./JSONLoader') */;
const optionsValidator = _$OptionsValidator_3({
required: requiredOptions
})
/* removed: const _$utils_9 = require('./utils') */;
window.SimpleJekyllSearch = function (_options) {
const errors = optionsValidator.validate(_options)
if (errors.length > 0) {
throwError('You must specify the following required options: ' + requiredOptions)
}
options = _$utils_9.merge(options, _options)
_$Templater_7.setOptions({
template: options.searchResultTemplate,
middleware: options.templateMiddleware
})
_$Repository_4.setOptions({
fuzzy: options.fuzzy,
limit: options.limit,
sort: options.sortMiddleware,
exclude: options.exclude
})
if (_$utils_9.isJSON(options.json)) {
initWithJSON(options.json)
} else {
initWithURL(options.json)
}
const rv = {
search: search
}
typeof options.success === 'function' && options.success.call(rv)
return rv
}
function initWithJSON (json) {
_$Repository_4.put(json)
registerInput()
}
function initWithURL (url) {
_$JSONLoader_2.load(url, function (err, json) {
if (err) {
throwError('failed to get JSON (' + url + ')')
}
initWithJSON(json)
})
}
function emptyResultsContainer () {
options.resultsContainer.innerHTML = ''
}
function appendToResultsContainer (text) {
options.resultsContainer.innerHTML += text
}
function registerInput () {
options.searchInput.addEventListener('input', function (e) {
if (isWhitelistedKey(e.which)) {
emptyResultsContainer()
debounce(function () { search(e.target.value) }, options.debounceTime)
}
})
}
function search (query) {
if (isValidQuery(query)) {
emptyResultsContainer()
render(_$Repository_4.search(query), query)
}
}
function render (results, query) {
const len = results.length
if (len === 0) {
return appendToResultsContainer(options.noResultsText)
}
for (let i = 0; i < len; i++) {
results[i].query = query
appendToResultsContainer(_$Templater_7.compile(results[i]))
}
}
function isValidQuery (query) {
return query && query.length > 0
}
function isWhitelistedKey (key) {
return [13, 16, 20, 37, 38, 39, 40, 91].indexOf(key) === -1
}
function throwError (message) {
throw new Error('SimpleJekyllSearch --- ' + message)
}
})(window)
}());
</script>
<!-- Configuration -->
<script>
SimpleJekyllSearch({
searchInput: document.getElementById('search-input'),
resultsContainer: document.getElementById('results-container'),
noResultsText: '<p>Aucun résultat!</p>',
json: '/search.json',
searchResultTemplate: '<li><a href="{url}">{date}&nbsp;{title}</a>&nbsp;(Création {create})</li>'
})
</script>
</div></div>
<script>(function() {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
function scrollToAnchor(anchor, duration, callback) {
var $root = this;
$root.animate({ scrollTop: $(anchor).position().top }, duration, function() {
window.history.replaceState(null, '', window.location.href.split('#')[0] + anchor);
callback && callback();
});
}
$.fn.scrollToAnchor = scrollToAnchor;
});
})();
(function() {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
function affix(options) {
var $root = this, $window = $(window), $scrollTarget, $scroll,
offsetBottom = 0, scrollTarget = window, scroll = window.document, disabled = false, isOverallScroller = true,
rootTop, rootLeft, rootHeight, scrollBottom, rootBottomTop,
hasInit = false, curState;
function setOptions(options) {
var _options = options || {};
_options.offsetBottom && (offsetBottom = _options.offsetBottom);
_options.scrollTarget && (scrollTarget = _options.scrollTarget);
_options.scroll && (scroll = _options.scroll);
_options.disabled !== undefined && (disabled = _options.disabled);
$scrollTarget = $(scrollTarget);
isOverallScroller = window.isOverallScroller($scrollTarget[0]);
$scroll = $(scroll);
}
function preCalc() {
top();
rootHeight = $root.outerHeight();
rootTop = $root.offset().top + (isOverallScroller ? 0 : $scrollTarget.scrollTop());
rootLeft = $root.offset().left;
}
function calc(needPreCalc) {
needPreCalc && preCalc();
scrollBottom = $scroll.outerHeight() - offsetBottom - rootHeight;
rootBottomTop = scrollBottom - rootTop;
}
function top() {
if (curState !== 'top') {
$root.removeClass('fixed').css({
left: 0,
top: 0
});
curState = 'top';
}
}
function fixed() {
if (curState !== 'fixed') {
$root.addClass('fixed').css({
left: rootLeft + 'px',
top: 0
});
curState = 'fixed';
}
}
function bottom() {
if (curState !== 'bottom') {
$root.removeClass('fixed').css({
left: 0,
top: rootBottomTop + 'px'
});
curState = 'bottom';
}
}
function setState() {
var scrollTop = $scrollTarget.scrollTop();
if (scrollTop >= rootTop && scrollTop <= scrollBottom) {
fixed();
} else if (scrollTop < rootTop) {
top();
} else {
bottom();
}
}
function init() {
if(!hasInit) {
var interval, timeout;
calc(true); setState();
// run calc every 100 millisecond
interval = setInterval(function() {
calc();
}, 100);
timeout = setTimeout(function() {
clearInterval(interval);
}, 45000);
window.pageLoad.then(function() {
setTimeout(function() {
clearInterval(interval);
clearTimeout(timeout);
}, 3000);
});
$scrollTarget.on('scroll', function() {
disabled || setState();
});
$window.on('resize', function() {
disabled || (calc(true), setState());
});
hasInit = true;
}
}
setOptions(options);
if (!disabled) {
init();
}
$window.on('resize', window.throttle(function() {
init();
}, 200));
return {
setOptions: setOptions,
refresh: function() {
calc(true, { animation: false }); setState();
}
};
}
$.fn.affix = affix;
});
})();
(function() {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
function toc(options) {
var $root = this, $window = $(window), $scrollTarget, $scroller, $tocUl = $('<ul class="toc toc--ellipsis"></ul>'), $tocLi, $headings, $activeLast, $activeCur,
selectors = 'h1,h2,h3', container = 'body', scrollTarget = window, scroller = 'html, body', disabled = false,
headingsPos, scrolling = false, hasRendered = false, hasInit = false;
function setOptions(options) {
var _options = options || {};
_options.selectors && (selectors = _options.selectors);
_options.container && (container = _options.container);
_options.scrollTarget && (scrollTarget = _options.scrollTarget);
_options.scroller && (scroller = _options.scroller);
_options.disabled !== undefined && (disabled = _options.disabled);
$headings = $(container).find(selectors).filter('[id]');
$scrollTarget = $(scrollTarget);
$scroller = $(scroller);
}
function calc() {
headingsPos = [];
$headings.each(function() {
headingsPos.push(Math.floor($(this).position().top));
});
}
function setState(element, disabled) {
var scrollTop = $scrollTarget.scrollTop(), i;
if (disabled || !headingsPos || headingsPos.length < 1) { return; }
if (element) {
$activeCur = element;
} else {
for (i = 0; i < headingsPos.length; i++) {
if (scrollTop >= headingsPos[i]) {
$activeCur = $tocLi.eq(i);
} else {
$activeCur || ($activeCur = $tocLi.eq(i));
break;
}
}
}
$activeLast && $activeLast.removeClass('active');
($activeLast = $activeCur).addClass('active');
}
function render() {
if(!hasRendered) {
$root.append($tocUl);
$headings.each(function() {
var $this = $(this);
$tocUl.append($('<li></li>').addClass('toc-' + $this.prop('tagName').toLowerCase())
.append($('<a></a>').text($this.text()).attr('href', '#' + $this.prop('id'))));
});
$tocLi = $tocUl.children('li');
$tocUl.on('click', 'a', function(e) {
e.preventDefault();
var $this = $(this);
scrolling = true;
setState($this.parent());
$scroller.scrollToAnchor($this.attr('href'), 400, function() {
scrolling = false;
});
});
}
hasRendered = true;
}
function init() {
var interval, timeout;
if(!hasInit) {
render(); calc(); setState(null, scrolling);
// run calc every 100 millisecond
interval = setInterval(function() {
calc();
}, 100);
timeout = setTimeout(function() {
clearInterval(interval);
}, 45000);
window.pageLoad.then(function() {
setTimeout(function() {
clearInterval(interval);
clearTimeout(timeout);
}, 3000);
});
$scrollTarget.on('scroll', function() {
disabled || setState(null, scrolling);
});
$window.on('resize', window.throttle(function() {
if (!disabled) {
render(); calc(); setState(null, scrolling);
}
}, 100));
}
hasInit = true;
}
setOptions(options);
if (!disabled) {
init();
}
$window.on('resize', window.throttle(function() {
init();
}, 200));
return {
setOptions: setOptions
};
}
$.fn.toc = toc;
});
})();
/*(function () {
})();*/
</script><script>
/* toc must before affix, since affix need to konw toc' height. */(function() {
var SOURCES = window.TEXT_VARIABLES.sources;
var TOC_SELECTOR = window.TEXT_VARIABLES.site.toc.selectors;
window.Lazyload.js(SOURCES.jquery, function() {
var $window = $(window);
var $articleContent = $('.js-article-content');
var $tocRoot = $('.js-toc-root'), $col2 = $('.js-col-aside');
var toc;
var tocDisabled = false;
var hasSidebar = $('.js-page-root').hasClass('layout--page--sidebar');
var hasToc = $articleContent.find(TOC_SELECTOR).length > 0;
function disabled() {
return $col2.css('display') === 'none' || !hasToc;
}
tocDisabled = disabled();
toc = $tocRoot.toc({
selectors: TOC_SELECTOR,
container: $articleContent,
scrollTarget: hasSidebar ? '.js-page-main' : null,
scroller: hasSidebar ? '.js-page-main' : null,
disabled: tocDisabled
});
$window.on('resize', window.throttle(function() {
tocDisabled = disabled();
toc && toc.setOptions({
disabled: tocDisabled
});
}, 100));
});
})();
(function() {
var SOURCES = window.TEXT_VARIABLES.sources;
window.Lazyload.js(SOURCES.jquery, function() {
var $window = $(window), $pageFooter = $('.js-page-footer');
var $pageAside = $('.js-page-aside');
var affix;
var tocDisabled = false;
var hasSidebar = $('.js-page-root').hasClass('layout--page--sidebar');
affix = $pageAside.affix({
offsetBottom: $pageFooter.outerHeight(),
scrollTarget: hasSidebar ? '.js-page-main' : null,
scroller: hasSidebar ? '.js-page-main' : null,
scroll: hasSidebar ? $('.js-page-main').children() : null,
disabled: tocDisabled
});
$window.on('resize', window.throttle(function() {
affix && affix.setOptions({
disabled: tocDisabled
});
}, 100));
window.pageAsideAffix = affix;
});
})();
</script><!---->
</div>
<script>(function () {
var $root = document.getElementsByClassName('root')[0];
if (window.hasEvent('touchstart')) {
$root.dataset.isTouch = true;
document.addEventListener('touchstart', function(){}, false);
}
})();
</script>
</body>
</html>
Reference in New Issue Copy Permalink