Merge branch 'develop' into neoloc/prometheus

2023-11-21 19:40:17 +11:00 · 2023-11-21 19:40:17 +11:00 · 663b10e5a5
commit 663b10e5a5
parent a5207eb717 530ffed55a
16 changed files with 34 additions and 20 deletions
--- a/hieradata/common.yaml
+++ b/hieradata/common.yaml
@ -1,7 +1,10 @@
 ---
 profiles::ntp::client::ntp_role: 'roles::infra::ntp::server'
 profiles::ntp::client::peers:
-  - ntp01.main.unkin.net
+  - 0.pool.ntp.org
-  - ntp02.main.unkin.net
+  - 1.pool.ntp.org
  - 2.pool.ntp.org
  - 3.pool.ntp.org
 profiles::base::puppet_servers:
  - 'prodinf01n01.main.unkin.net'
--- a/hieradata/roles/apps.yaml
+++ b/hieradata/roles/apps.yaml
@ -0,0 +1 @@
 ---
--- a/hieradata/roles/puppet.yaml
+++ b/hieradata/roles/puppet.yaml
--- a/hieradata/roles/infra/dns/resolver.yaml
+++ b/hieradata/roles/infra/dns/resolver.yaml
@ -18,6 +18,13 @@ profiles::dns::resolver::zones:
    forwarders:
      - 10.10.8.1
    forward: 'only'
  17.18.198.in-addr.arpa-forward:
    domain: '17.18.198.in-addr.arpa'
    zone_type: 'forward'
    forwarders:
      - 198.18.17.23
      - 198.18.17.24
    forward: 'only'
 profiles::dns::resolver::views:
  openforwarder:
@ -25,5 +32,6 @@ profiles::dns::resolver::views:
    zones:
      - main.unkin.net-forward
      - prod.unkin.net-forward
      - 17.18.198.in-addr.arpa-forward
    match_clients:
      - acl-main.unkin.net
--- a/hieradata/roles/infra/ntp/server.yaml
+++ b/hieradata/roles/infra/ntp/server.yaml
--- a/hieradata/roles/infra/puppet/master.yaml
+++ b/hieradata/roles/infra/puppet/master.yaml
@ -9,8 +9,6 @@ profiles::puppet::autosign::domains:
 #  - 'somenode.main.unkin.net'
 profiles::puppet::enc::repo: https://git.unkin.net/unkinben/puppet-enc.git
 profiles::puppet::enc::release: '0.7'
 profiles::puppet::enc::force: true
 profiles::puppet::r10k::r10k_repo: https://git.unkin.net/unkinben/puppet-r10k.git
 profiles::puppet::g10k::bin_path: '/opt/puppetlabs/bin/g10k'
 profiles::puppet::g10k::cfg_path: '/etc/puppetlabs/r10k/r10k.yaml'
--- a/hieradata/roles/infra/reposync/syncer.yaml
+++ b/hieradata/roles/infra/reposync/syncer.yaml
--- a/site/profiles/manifests/ntp/client.pp
+++ b/site/profiles/manifests/ntp/client.pp
@ -2,6 +2,10 @@
 # use exported resources from profiles::ntp::server if they are available
 class profiles::ntp::client (
  Array     $peers,
  Variant[
    String,
    Undef
  ]         $ntp_role = undef,
  Boolean   $wait_enable = true,
  Enum[
    'running',
@ -14,16 +18,23 @@ class profiles::ntp::client (
  # through the profiles::ntp::server class.
  if $client_only {
    # if ntp_role is set, find all hosts matching that enc_role
    if $ntp_role == undef {
      $ntpserver_array = $peers
    }else{
      $ntpserver_array = query_nodes("enc_role='${ntp_role}'", 'networking.fqdn')
    }
    # Define the client configuration based on OS family
    if $facts['os']['family'] == 'RedHat' {
      class { 'chrony':
-        servers     => $peers,
+        servers     => $ntpserver_array,
        wait_enable => $wait_enable,
        wait_ensure => $wait_ensure,
      }
    } else {
      class { 'chrony':
-        servers    => $peers,
+        servers    => $ntpserver_array,
      }
    }
  }
--- a/site/profiles/manifests/ntp/server.pp
+++ b/site/profiles/manifests/ntp/server.pp
@ -19,7 +19,7 @@ class profiles::ntp::server (
  # check the enc_role has been set, it can take two puppet runs to do this
  # TODO: change away from external fact
-  if $facts['enc_role'] == 'roles::infra::ntpserver' {
+  if $facts['enc_role'] == 'roles::infra::ntp::server' {
    # define the server
    if $facts['os']['family'] == 'RedHat' {
--- a/site/roles/manifests/infra/ntp/server.pp
+++ b/site/roles/manifests/infra/ntp/server.pp
@ -1,5 +1,5 @@
 # a role to deploy a ntp server
-class roles::infra::ntpserver {
+class roles::infra::ntp::server {
  include profiles::defaults
  include profiles::base
  include profiles::ntp::server
--- a/site/roles/manifests/infra/puppet/master.pp
+++ b/site/roles/manifests/infra/puppet/master.pp
@ -1,6 +1,6 @@
 # a role to deploy the puppetmaster
 # work in progress
-class roles::puppet::puppetmaster {
+class roles::infra::puppet::master {
    include profiles::defaults
    include profiles::base
    include profiles::puppet::puppetmaster
--- a/site/roles/manifests/infra/puppetboard/server.pp
+++ b/site/roles/manifests/infra/puppetboard/server.pp
@ -1,5 +1,5 @@
 # a role to deploy the puppetboard
-class roles::puppet::puppetboard {
+class roles::infra::puppetboard::server {
    include profiles::defaults
    include profiles::base
    include profiles::puppet::puppetboard
--- a/site/roles/manifests/puppet/puppetdb_api.pp
+++ b/site/roles/manifests/puppet/puppetdb_api.pp
@ -1,5 +1,5 @@
 # a role to deploy the puppetdb api service
-class roles::puppet::puppetdb_api {
+class roles::infra::puppetdb::api {
    include profiles::defaults
    include profiles::base
    include profiles::puppet::puppetdb_api
--- a/site/roles/manifests/puppet/puppetdb_sql.pp
+++ b/site/roles/manifests/puppet/puppetdb_sql.pp
@ -1,5 +1,5 @@
 # a role to deploy the puppetdb postgresql service
-class roles::puppet::puppetdb_sql {
+class roles::infra::puppetdb::sql {
    include profiles::defaults
    include profiles::base
    include profiles::puppet::puppetdb_sql
--- a/site/roles/manifests/infra/reposync/syncer.pp
+++ b/site/roles/manifests/infra/reposync/syncer.pp
@ -1,5 +1,5 @@
 # a role to deploy a packagerepo
-class roles::infra::packagerepo {
+class roles::infra::reposync::syncer {
  include profiles::defaults
  include profiles::base
  include profiles::base::datavol
--- a/site/roles/manifests/puppet/puppetdb.pp
+++ b/site/roles/manifests/puppet/puppetdb.pp
@ -1,7 +0,0 @@
 # a role to deploy the puppetdb
 # work in progress
 class roles::puppet::puppetdb {
    include profiles::defaults
    include profiles::base
    include profiles::puppet::puppetdb
  }