Merge branch 'develop' into benvin/almalinux9.6
This commit is contained in:
@@ -1,6 +1,6 @@
|
||||
---
|
||||
timezone::timezone: 'Australia/Sydney'
|
||||
certbot::client::webserver: ausyd1nxvm1021.main.unkin.net
|
||||
certbot::client::webserver: ausyd1nxvm2057.main.unkin.net
|
||||
profiles_dns_upstream_forwarder_unkin:
|
||||
- 198.18.19.15
|
||||
profiles_dns_upstream_forwarder_consul:
|
||||
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.12
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.13
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.14
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.15
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.16
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.17
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.19
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.20
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.21
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.22
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.23
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.24
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.29
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.30
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.44
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.45
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,14 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.47
|
||||
ens19:
|
||||
ensure: present
|
||||
family: inet
|
||||
method: static
|
||||
ipaddress: 10.18.15.47
|
||||
netmask: 255.255.255.0
|
||||
onboot: true
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,14 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.50
|
||||
ens19:
|
||||
ensure: present
|
||||
family: inet
|
||||
method: static
|
||||
ipaddress: 10.18.15.50
|
||||
netmask: 255.255.255.0
|
||||
onboot: true
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,14 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.51
|
||||
ens19:
|
||||
ensure: present
|
||||
family: inet
|
||||
method: static
|
||||
ipaddress: 10.18.15.51
|
||||
netmask: 255.255.255.0
|
||||
onboot: true
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,14 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.52
|
||||
ens19:
|
||||
ensure: present
|
||||
family: inet
|
||||
method: static
|
||||
ipaddress: 10.18.15.52
|
||||
netmask: 255.255.255.0
|
||||
onboot: true
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,14 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.53
|
||||
ens19:
|
||||
ensure: present
|
||||
family: inet
|
||||
method: static
|
||||
ipaddress: 10.18.15.53
|
||||
netmask: 255.255.255.0
|
||||
onboot: true
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.54
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.55
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.56
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,14 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.58
|
||||
ens19:
|
||||
ensure: present
|
||||
family: inet
|
||||
method: static
|
||||
ipaddress: 10.18.15.58
|
||||
netmask: 255.255.255.0
|
||||
onboot: true
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.60
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.61
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.65
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.66
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.71
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.72
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.73
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.80
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,7 +0,0 @@
|
||||
---
|
||||
networking::interfaces:
|
||||
eth0:
|
||||
ipaddress: 198.18.13.81
|
||||
networking::routes:
|
||||
default:
|
||||
gateway: 198.18.13.254
|
||||
@@ -1,12 +0,0 @@
|
||||
---
|
||||
profiles::puppet::server::dns_alt_names:
|
||||
- puppetca.main.unkin.net
|
||||
- puppetca.service.consul
|
||||
- puppetca.query.consul
|
||||
- puppetca
|
||||
|
||||
profiles::puppet::puppetca::is_puppetca: false
|
||||
profiles::puppet::puppetca::allow_subject_alt_names: true
|
||||
|
||||
hiera_exclude:
|
||||
- networking
|
||||
@@ -27,7 +27,7 @@ profiles::puppet::cobbler_enc::packages:
|
||||
- 'PyYAML'
|
||||
profiles::puppet::enc::repo: https://git.service.au-syd1.consul/unkinben/puppet-enc.git
|
||||
profiles::puppet::r10k::r10k_repo: https://git.service.au-syd1.consul/unkin/puppet-r10k.git
|
||||
profiles::puppet::g10k::bin_path: '/opt/puppetlabs/bin/g10k'
|
||||
profiles::puppet::g10k::bin_path: '/usr/bin/g10k'
|
||||
profiles::puppet::g10k::cfg_path: '/etc/puppetlabs/r10k/r10k.yaml'
|
||||
profiles::puppet::g10k::environments_path: '/etc/puppetlabs/code/environments'
|
||||
profiles::puppet::g10k::default_environment: 'develop'
|
||||
|
||||
@@ -0,0 +1,41 @@
|
||||
---
|
||||
hiera_include:
|
||||
- profiles::reposync::webserver
|
||||
|
||||
profiles::ssh::sign::principals:
|
||||
- packagerepo.service.consul
|
||||
- packagerepo.query.consul
|
||||
- "packagerepo.service.%{facts.country}-%{facts.region}.consul"
|
||||
|
||||
# additional altnames
|
||||
profiles::pki::vault::alt_names:
|
||||
- packagerepo.main.unkin.net
|
||||
- packagerepo.service.consul
|
||||
- packagerepo.query.consul
|
||||
- "packagerepo.service.%{facts.country}-%{facts.region}.consul"
|
||||
|
||||
# configure consul service
|
||||
consul::services:
|
||||
jupyterhub:
|
||||
service_name: 'packagerepo'
|
||||
tags:
|
||||
- 'packagerepo'
|
||||
address: "%{facts.networking.ip}"
|
||||
port: 443
|
||||
checks:
|
||||
- id: 'packagerepo_http_check'
|
||||
name: 'packagerepo HTTP Check'
|
||||
http: "https://%{facts.networking.fqdn}"
|
||||
method: 'GET'
|
||||
tls_skip_verify: true
|
||||
interval: '10s'
|
||||
timeout: '1s'
|
||||
profiles::consul::client::node_rules:
|
||||
- resource: service
|
||||
segment: packagerepo
|
||||
disposition: write
|
||||
|
||||
profiles::reposync::webserver::nginx_listen_mode: both
|
||||
profiles::reposync::webserver::nginx_cert_type: vault
|
||||
profiles::reposync::webserver::www_root: /shared/apps/packagerepo/snap
|
||||
profiles::reposync::webserver::cache_root: /data/repos/cache
|
||||
@@ -2,41 +2,6 @@
|
||||
profiles::packages::include:
|
||||
createrepo: {}
|
||||
|
||||
profiles::ssh::sign::principals:
|
||||
- packagerepo.service.consul
|
||||
- packagerepo.query.consul
|
||||
- "packagerepo.service.%{facts.country}-%{facts.region}.consul"
|
||||
|
||||
# additional altnames
|
||||
profiles::pki::vault::alt_names:
|
||||
- packagerepo.main.unkin.net
|
||||
- packagerepo.service.consul
|
||||
- packagerepo.query.consul
|
||||
- "packagerepo.service.%{facts.country}-%{facts.region}.consul"
|
||||
|
||||
# configure consul service
|
||||
consul::services:
|
||||
jupyterhub:
|
||||
service_name: 'packagerepo'
|
||||
tags:
|
||||
- 'packagerepo'
|
||||
address: "%{facts.networking.ip}"
|
||||
port: 443
|
||||
checks:
|
||||
- id: 'packagerepo_http_check'
|
||||
name: 'packagerepo HTTP Check'
|
||||
http: "https://%{facts.networking.fqdn}"
|
||||
method: 'GET'
|
||||
tls_skip_verify: true
|
||||
interval: '10s'
|
||||
timeout: '1s'
|
||||
profiles::consul::client::node_rules:
|
||||
- resource: service
|
||||
segment: packagerepo
|
||||
disposition: write
|
||||
|
||||
profiles::reposync::webserver::nginx_listen_mode: both
|
||||
profiles::reposync::webserver::nginx_cert_type: vault
|
||||
profiles::reposync::repos_list:
|
||||
almalinux_9.6_baseos:
|
||||
repository: 'baseos'
|
||||
|
||||
Reference in New Issue
Block a user