puppet-prod

Author	SHA1	Message	Date
Ben Vincent	c10a3e49fa	chore: add new user (#301 ) - just jelly access Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/301	2025-05-28 19:46:45 +10:00
Ben Vincent	3d5d40f381	chore: minor jellyfin updates (#300 ) - add jellyfin to video group, for access to gpu - install intel related gpu drivers - export lxc jellyfin to haproxy Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/300	2025-05-27 19:55:55 +10:00
Ben Vincent	b3347f9226	chore: migrate media applications (#299 ) - migrate media applications to new cephfs pool + incus - enable exporting haproxy - move ceph-client-setup to only apply to non-lxc hosts - ensure unrar is installed for nzbget - updated jellyfin use of data_dir - set lxc instances for jellyfin to use /shared/apps/jellyfin Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/299	2025-05-25 20:27:17 +10:00
Ben Vincent	1d23fef82e	feat: update settings for ceph (#298 ) - enable root logins via ssh with keys - add ssh key for ceph to root user Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/298	2025-05-25 20:22:00 +10:00
Ben Vincent	596e498a00	feat: change media arr apps to hiera_include (#296 ) - change profiles::media::* to be hiera_included - this is required to enable it to be hiera_excluded on virtual == lxc Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/296	2025-05-24 20:23:56 +10:00
Ben Vincent	f6694599ef	benvin/media_apps_incus (#295 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/295	2025-05-24 20:18:23 +10:00
Ben Vincent	93cd02deec	chore: update media roles for incus (#294 ) - prevent incus roles from exporting haproxy endpoints (for now) - incus doesnt need to mount cephfs Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/294	2025-05-24 18:59:46 +10:00
Ben Vincent	520e8a34e0	feat: add a nomad agent v2 role (#293 ) - excludes ceph (will be passed from incus) - excludes frrouting (will use host-networking) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/293	2025-05-24 15:35:20 +10:00
Ben Vincent	89a0f329d8	feat: update vault url (#291 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/291	2025-05-21 19:58:12 +10:00
Ben Vincent	6dcc7343e0	feat: updated ceph ssh authorized_key (#290 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/290	2025-05-17 14:05:25 +10:00
Ben Vincent	e7d4c75192	feat: enable ssh access to enp3s0 (#289 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/289	2025-05-17 13:50:35 +10:00
Ben Vincent	d9e8637ad6	feat: manage more ceph requirements (#288 ) - add ceph-common to provide utilities for managing ceph - add root and sysadmin ssh keys for ceph deployments Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/288	2025-05-17 11:14:45 +10:00
Ben Vincent	92f0ae64b9	feat: enable ssh on all loopbacks (#287 ) - required for cephadm to manage roles Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/287	2025-05-16 07:05:31 +10:00
Ben Vincent	c1637d9f43	feat: add cephadm to incus hosts (#286 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/286	2025-05-16 05:56:28 +10:00
Ben Vincent	1aabe21173	feat: manage mon loopback0 (#285 ) - add frrouting - set all ceph nodes to use ospf + loopback0 + networkd - fix ceph repos for mons Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/285	2025-05-15 19:46:59 +10:00
Ben Vincent	2f088c461f	feat: add ceph roles (#284 ) - add hieradata to manage ceph repo Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/284	2025-05-15 19:29:53 +10:00
Ben Vincent	90504e5b02	chore: use alias for nameservers (#283 ) - use an alias for nameservers for dhcp ranges - move aliased nameservers to region-wide hiera Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/283	2025-05-14 20:19:18 +10:00
Ben Vincent	87a6c73578	neoloc/loopback_dns (#281 ) - manage all interfaces in dns (except lo and anycast) - move loopback0 anycast addresses to be anycast0 Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/281	2025-05-11 16:36:04 +10:00
Ben Vincent	3e0141bb1b	feat: change to anycast resolver (#280 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/280	2025-05-11 11:39:00 +10:00
Ben Vincent	bb6f6cbd49	feat: anycast dnsmasters (#279 ) - change dns masters on incus to anycast for bind - change to networkd to support anycast/loopbacks Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/279	2025-05-10 23:00:03 +10:00
Ben Vincent	51d6c1e81d	fix: enable dns resolver access for dmz1 (#278 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/278	2025-05-10 06:57:05 +10:00
Ben Vincent	537a207779	feat: update upstream ip for consul dns (#277 ) - set bind resolvers to use consuls anycast address for forwarding Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/277	2025-05-09 22:10:35 +10:00
Ben Vincent	f322440d01	feat: setup anycast consul dns (#276 ) - manage frrouting repo/ospf - change to systemd-networkd - enable ospf on incus nodes bridges Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/276	2025-05-09 22:07:42 +10:00
Ben Vincent	b05acb23f4	feat: use custom cert for puppetdb access (#271 ) - manually generated certificate using sudo puppetserver ca generate --certname puppetdbapi.query.consul - saved certificate and private_key in eyaml Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/271	2025-05-03 12:41:23 +10:00
Ben Vincent	cdf9456456	feat: update psql15 repos for roles (#269 ) - update patroni to use packagerepo - update puppetdb to use packagerepo Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/269	2025-04-29 21:04:45 +10:00
Ben Vincent	2323ef7749	feat: postgresql15/postgresql17 (#268 ) - add postgresql15 and 17 to reposync Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/268	2025-04-28 21:39:45 +10:00
Ben Vincent	9359b8902e	feat: vault mlock (#266 ) - enable mlock by default - disable mlock on lxd/incus nodes (lxc doesnt support it) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/266	2025-04-26 22:43:20 +10:00
Ben Vincent	496ed12a58	feat: change vault to use package install (#264 ) - vault 18.2 rpm produced by rpmbuilder repo - ensure the /etc/vault directory is managed - ensure service file is managed by puppet - ensure package comes from unkin repo (not hashicorp) - disable_mlock as unprivileged containers cannot use mlock Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/264	2025-04-26 18:40:31 +10:00
Ben Vincent	78f4d2a88f	feat: cleanup mpls configuration (#262 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/262	2025-04-26 00:39:23 +10:00
Ben Vincent	762d980ea8	feat: update dns resolver zone management (#261 ) - move zones to common role path - specify forwarders for each zone in region based hiera Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/261	2025-04-25 01:01:47 +10:00
Ben Vincent	463abe4b9d	feat: add reverse dns zones for incus (#260 ) - add reverse dns zones for incus hosts - update acls for openresolver Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/260	2025-04-24 23:48:34 +10:00
Ben Vincent	ecce93bedb	feat: lxc cannot use chronyd (#259 ) - ensure lxc nodes do not attempt to install chronyd - ensure chrony is removed Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/259	2025-04-24 23:18:45 +10:00
Ben Vincent	9dcaafb8ba	feat: lxc updates (#258 ) - add virtual/lxc.yaml - add crypto crypto-policies-scripts - ensure ssh::server is managed Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/258	2025-04-24 23:03:01 +10:00
Ben Vincent	a21c1b3697	Adding hieradata/node/ausyd1nxvm1072.main.unkin.net.yaml (#257 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/257	2025-04-24 21:25:00 +10:00
Ben Vincent	2321186ad5	neoloc/mpls_ldp_frr (#255 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/255	2025-04-24 16:51:31 +10:00
Ben Vincent	c24babe309	feat: add incus image host (#254 ) - add role - add consul service + checks - manage the datavol as zfs - insure the incus fact exists before attempting to read it Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/254	2025-04-24 01:00:39 +10:00
Ben Vincent	bfda2b628b	feat: enable ip forwarding for gitea runners (#253 ) - required to enable docker containers reach git service Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/253	2025-04-21 18:40:17 +10:00
Ben Vincent	278f8001b0	feat: add frr synced repo (#252 ) - add frr repo to incus hosts Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/252	2025-04-18 21:21:23 +10:00
Ben Vincent	0fe44cf4e2	feat: add frr repos (#251 ) - add frr/stable/el8 - add frr/stable/el9 - add frr/extras/el8 - add frr/extras/el9 Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/251	2025-04-15 02:21:55 +10:00
Ben Vincent	25b06cde22	feat: move bridge management to incus (#250 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/250	2025-04-15 00:04:14 +10:00
Ben Vincent	0e3dd4d7d0	feat: initialise barebones server (#248 ) - manage incus servers init Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/248	2025-04-06 23:56:50 +10:00
Ben Vincent	b6ea353cfb	feat: update dns resolver acls (#246 ) - add dmz acl - add common acl - add loopback/ceph/physical subnets to main acl Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/246	2025-04-06 16:44:16 +10:00
Ben Vincent	c225564bdb	feat: continue incus implementation (#245 ) - migrate to systemd-networkd - setup dummy, bridge and static/ethernet interfaces - manage sshd.service droping to start ssh after networking is online - enable ip forewarding - add fastpool/data/incus dataset - enable ospf and frr - add loopback0 as ssh listenaddress - add loopback1/2 for ceph cluster/public traffic Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/245	2025-04-06 16:38:04 +10:00
Ben Vincent	06666fe488	fix: resolve issue with baseos in el9 (#244 ) - was not correctly provisioning the baseos repo for el9 incus hosts Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/244	2025-04-02 21:02:08 +11:00
Ben Vincent	9dc88e6db6	feat: deep merge zpools/datasets (#243 ) - change prodnxsr0009 to use nvme0n1 as zfs device Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/243	2025-04-02 20:35:04 +11:00
Ben Vincent	95bc2716cf	neoloc/incus_deploy (#241 ) feat: deploy incus - manage sysctl based on incus recommendations - manage limits based on incus recommendations - manage zpools and zfs datasets - add incus hiera settings feat: manage repo for zfs - dont use zfs module to manage repo, use profiles:😋:global::repos Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/241	2025-03-31 23:14:05 +11:00
Ben Vincent	829b1b05fd	feat: cleanup consul from url install (#239 ) - set bind_dir to be /usr/bin for rhel, /usr/local/bin for debian - remove url-installed consul from rhel Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/239	2025-03-30 18:40:09 +11:00
Ben Vincent	427fe352b4	feat: debian package for consul not managed (#237 ) - change debian hosts to use the url method to download consul Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/237	2025-03-30 17:13:54 +11:00
Ben Vincent	45b061a053	feat: change almalinux9 to use packagerepo (#236 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/236	2025-03-30 17:05:03 +11:00
Ben Vincent	d39d25d3f1	feat: add almalinux 9.5 repos using mirrorlist (#235 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/235	2025-03-30 16:24:55 +11:00
Ben Vincent	06b458cb0e	feat: reposync for almalinux 9.4 (in vault) (#234 ) - sync baseos, ha, appstream and crb repos Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/234	2025-03-30 12:31:09 +11:00
Ben Vincent	e3046563a2	chore: install consul from package (#233 ) - upgrade to puppet-consul changed default install method to archive - ensure package method is used - dont manage the repo, consul is packaged by rpmbuilder Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/233	2025-03-30 02:04:13 +11:00
Ben Vincent	e025928d77	chore: set secretid for puppetboard (#232 ) - manage the secret_key for puppetboard - required since module upgrade https://github.com/voxpupuli/puppetboard/issues/721 Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/232	2025-03-30 01:53:25 +11:00
Ben Vincent	6a04701891	feat: add incus role (#229 ) - add basic infra::incus role - add autossl, consul and ssh-principals for incus Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/229	2025-03-30 00:56:04 +11:00
Ben Vincent	dd5a4646ff	feat: update all modules (#228 ) - update puppetlabs-* modules - update puppet-* modules - add limits and sysctl Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/228	2025-03-30 00:51:49 +11:00
Ben Vincent	4e47745077	chore: setup unkin repo for el9 and el8 (#227 ) - update the unkin repo definition for el8 and el9 Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/227	2025-03-29 22:50:08 +11:00
Ben Vincent	b95bcbd10a	feat: add zfs to reposync (#224 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/224	2025-03-29 20:08:31 +11:00
Ben Vincent	adc0cf2c09	neoloc/lxd_hosts (#223 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/223	2025-03-29 19:40:01 +11:00
Ben Vincent	771b981d91	feat: enable nomad to manage sessions/services (#222 ) - this is required to start patroni Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/222	2025-03-20 19:21:40 +11:00
Ben Vincent	a309244713	feat: add nomad nodes (#220 ) - change existing nodes to be nomad-agents Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/220	2025-03-13 21:23:40 +11:00
Ben Vincent	b981a6fb01	feat: enable nomad jobs to query dns (#218 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/218	2025-03-09 17:49:35 +11:00
Ben Vincent	7c1d96bd22	feat: add k8s and docker repos (#217 ) - add docker stable repos to packagerepo - add k8s 1.32 to packagerepo Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/217	2025-01-27 12:59:59 +11:00
Ben Vincent	0222f5ec4a	feat: update consul etcd check (#216 ) - check the health api endpoint Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/216	2025-01-26 20:05:18 +11:00
Ben Vincent	afd3405c98	feat: add etcd module/role (#215 ) - add etcd module - add etcd role, profile and hieradata Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/215	2025-01-26 20:00:20 +11:00
Ben Vincent	ab7ce3bbfa	Adding hieradata/node/ausyd1nxvm1071.main.unkin.net.yaml (#214 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/214	2025-01-25 20:15:20 +11:00
Ben Vincent	4a85c5feff	Adding hieradata/node/ausyd1nxvm1070.main.unkin.net.yaml (#213 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/213	2025-01-25 20:15:05 +11:00
Ben Vincent	6134b4664b	Adding hieradata/node/ausyd1nxvm1069.main.unkin.net.yaml (#212 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/212	2025-01-05 12:51:57 +11:00
Ben Vincent	e061a72996	Adding hieradata/node/ausyd1nxvm1067.main.unkin.net.yaml (#211 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/211	2025-01-05 12:51:46 +11:00
Ben Vincent	eaa15e92dc	Adding hieradata/node/ausyd1nxvm1068.main.unkin.net.yaml (#210 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/210	2025-01-05 12:51:37 +11:00
Ben Vincent	a5a193d9eb	feat: update jupyterlab container (#209 ) - change to packer created alma9 instance - change docker root to use /data volume Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/209	2025-01-04 14:10:44 +11:00
Ben Vincent	4400456519	feat: add frrouting module (#208 ) - add frrouting module - enable ospf daemon on nomad agents - enable docker volumes Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/208	2024-12-27 23:39:03 +11:00
Ben Vincent	d37fb5d7e1	neoloc/nomad_agent (#207 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/207	2024-12-26 20:23:27 +11:00
Ben Vincent	022a564dc0	feat: add nomad agent role (#206 ) - add nomad agent role - mount cephfs volume nomadfs to /shared/nomad - manage docker volume path to be /shared/nomad Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/206	2024-12-26 20:20:51 +11:00
Ben Vincent	48e1fb8e30	Adding hieradata/node/ausyd1nxvm1062.main.unkin.net.yaml (#204 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/204	2024-12-23 17:28:47 +11:00
Ben Vincent	561d74e9d9	Adding hieradata/node/ausyd1nxvm1063.main.unkin.net.yaml (#205 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/205	2024-12-23 17:28:37 +11:00
Ben Vincent	281fdb33d4	Adding hieradata/node/ausyd1nxvm1064.main.unkin.net.yaml (#203 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/203	2024-12-23 17:28:09 +11:00
Ben Vincent	1c04366eec	Adding hieradata/node/ausyd1nxvm1066.main.unkin.net.yaml (#202 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/202	2024-12-23 17:27:59 +11:00
Ben Vincent	86d3b61439	Adding hieradata/node/ausyd1nxvm1065.main.unkin.net.yaml (#201 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/201	2024-12-23 17:27:49 +11:00
Ben Vincent	6ebf5c03a5	feat: add nomad profile/role (#200 ) - add basic consul manage nomad servers Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/200	2024-12-22 22:35:31 +11:00
Ben Vincent	c97db0f0aa	Adding hieradata/node/ausyd1nxvm1061.main.unkin.net.yaml (#198 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/198	2024-12-10 22:15:10 +11:00
Ben Vincent	afbc15ff40	feat: import crypto-policices earlier (#195 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/195	2024-12-08 22:50:25 +11:00
Ben Vincent	c7fb1f0cec	neoloc/crypto_policices_el8 (#193 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/193	2024-12-08 19:54:15 +11:00
Ben Vincent	dbccaea24b	feat: add crypto_policies (#192 ) - ensure DEFAULT is used for EL8 - ensure DEFAULT:SHA1 is used for EL9, until issues with crypto are resolved for EL9 Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/192	2024-12-08 19:47:59 +11:00
Ben Vincent	b244327c34	neoloc/alma9 (#191 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/191	2024-12-08 19:22:58 +11:00
Ben Vincent	90bcdd1f51	neoloc/alma9 (#190 ) Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/190	2024-12-08 19:16:54 +11:00
Ben Vincent	c023cfe4dc	Merge pull request 'feat: upgrade puppet agent' (#186 ) from neoloc/puppet_updates into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/186	2024-12-08 00:11:30 +11:00
Ben Vincent	cffb6a54fc	feat: upgrade puppet agent - move all almalinux hosts to 7.34	2024-12-08 00:09:40 +11:00
Ben Vincent	4de772436b	Merge pull request 'feat: update puppet repo' (#184 ) from neoloc/almalinuxrepo into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/184	2024-12-07 23:32:48 +11:00
Ben Vincent	75f865c26c	feat: update puppet repo - move puppet repo to packagerepo	2024-12-07 23:31:40 +11:00
Ben Vincent	2fdc709a17	Merge pull request 'feat: update repos' (#183 ) from neoloc/almalinuxrepo into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/183	2024-12-01 00:33:10 +11:00
Ben Vincent	ba3a9e374a	feat: update repos - add unkin - rename unkin -> unkinben	2024-12-01 00:30:58 +11:00
Ben Vincent	52fff0ccea	feat: enable root_dir for docker - move docker root_dir to /data/docker for runners	2024-11-30 23:11:24 +11:00
Ben Vincent	58d31c5c9a	chore: migrate puppet-r10k - moved puppet-r10k the unkin organisation - ensure branch is set to follow origin/master	2024-11-17 19:26:27 +11:00
Ben Vincent	92d6697175	Merge pull request 'fix: fix release name' (#180 ) from neoloc/reposync_sydney into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/180	2024-11-16 22:36:02 +11:00
Ben Vincent	d3f471f3ed	fix: fix release name - fix release name for postgresql repos	2024-11-16 22:35:23 +11:00
Ben Vincent	8f0b3e615c	Merge pull request 'feat: add el9 puppet/posgresql repos' (#178 ) from neoloc/reposync_sydney into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/178	2024-11-16 22:25:48 +11:00
Ben Vincent	8679a0b904	feat: add el9 puppet/posgresql repos - will upgrade to el9 soon, so need to store these repos	2024-11-16 22:25:06 +11:00
Ben Vincent	16ba54ee0a	Merge pull request 'feat: update packagerepo' (#176 ) from neoloc/reposync_sydney into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/176	2024-11-16 22:02:46 +11:00
Ben Vincent	abdb3ec8cb	feat: update packagerepo - remove almalinux/centos/epel repos - manage consul service `packagerepo` - manage ssh principals - update vault alt-names	2024-11-16 21:43:11 +11:00
Ben Vincent	c0623b64f7	Adding hieradata/node/ausyd1nxvm1060.main.unkin.net.yaml	2024-11-16 21:36:58 +11:00
Ben Vincent	71b29d5e88	feat: add sudaporn account - enable access to media - enable access to jupyter	2024-11-16 20:23:01 +11:00
Ben Vincent	6493f392b8	Merge pull request 'neoloc/jupyterhub' (#174 ) from neoloc/jupyterhub into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/174	2024-11-16 20:20:16 +11:00
Ben Vincent	8586e9eb32	feat: enable web-sockets - change simpleproxy config for jupyter::hub role to use websockets	2024-11-16 20:15:03 +11:00
Ben Vincent	42ad972697	feat: add ldap configuration - add group members to jupyterhub_user - add svc_jupyterhub user for ldap binding - paramatarise all ldap fields required - manage the notebook data directory	2024-11-16 19:20:20 +11:00
Ben Vincent	926d3d29d0	fix: enable docker for jupyterhub - install/manage docker	2024-11-10 20:21:51 +11:00
Ben Vincent	c6bdae5790	Merge pull request 'feat: add jupyterhub role' (#173 ) from neoloc/jupyterhub into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/173	2024-11-10 19:14:49 +11:00
Ben Vincent	159d66af18	feat: add jupyterhub role - add nodejs module to use npm package provider - add jupyterhub role - add class to configure the jupyterhub instance - add ldap groups - add nginx simpleproxy	2024-11-10 19:09:50 +11:00
Ben Vincent	4fec931fb1	feat: add service data - add pki certificates - add consul service - add ssh principals	2024-10-27 13:26:07 +11:00
Ben Vincent	1db8847833	feat: add vault admin group - group will be assigned global admin rights	2024-10-21 19:40:52 +11:00
Ben Vincent	5549275ecc	chore: add new user - add margol as standard media user	2024-10-20 13:12:36 +11:00
Ben Vincent	7acfea8547	fix: correct given/sn fields - fix ryadun's given/sn fields	2024-10-20 13:12:02 +11:00
Ben Vincent	2ef4fb0bf8	feat: update certbot module - update documentation - add option to notify services - set haproxy role to notify the haproxy service	2024-10-07 13:40:53 +11:00
Ben Vincent	4a0760516f	feat: add vault service account - used by vault to bind to ldap	2024-09-23 22:13:48 +10:00
Ben Vincent	10b57abffc	feat: add terraform service account - add terraform service account	2024-09-23 22:08:52 +10:00
Ben Vincent	e09819284d	feat: add vault access group - add vault_access group	2024-09-20 23:17:35 +10:00
Ben Vincent	93b9629c5c	feat: enable larger uploads to gitea - change client body max size to 1GB	2024-09-08 01:43:22 +10:00
Ben Vincent	0210d849c7	feat: add gitea runner role - ensure docker is configured - create runner user/group - deploy config.yaml from hiera hash - install runner from url - register the runner with the gitea instance - manage the act_runner service	2024-09-07 17:59:02 +10:00
Ben Vincent	69c298e162	Merge pull request 'feat: remove masterauth redis' (#156 ) from neoloc/redis_masterauth into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/156	2024-09-03 21:29:58 +10:00
Ben Vincent	1ad2b806b4	feat: remove masterauth redis - removed requirepass previously, also need to remove masterauth	2024-09-03 21:29:18 +10:00
Ben Vincent	938db9880b	Adding hieradata/node/ausyd1nxvm1059.main.unkin.net.yaml	2024-09-01 00:17:59 +10:00
Ben Vincent	bcb9beae5f	fix: updated client secret	2024-08-31 23:00:58 +10:00
Ben Vincent	0bed8ba4f4	Merge branch 'develop' into neoloc/runner	2024-08-27 22:01:24 +10:00
Ben Vincent	5471adae32	Merge pull request 'feat: add droneadmin' (#152 ) from neoloc/droneadmin into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/152	2024-08-25 15:03:15 +10:00
Ben Vincent	91d9a073d6	feat: add droneadmin - add environment variable to assign primary admin	2024-08-25 14:58:56 +10:00
Ben Vincent	ec7814e2a9	Merge pull request 'Adding hieradata/node/ausyd1nxvm1058.main.unkin.net.yaml' (#151 ) from autonode/ausyd1nxvm1058.main.unkin.net into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/151	2024-08-25 14:28:20 +10:00
Ben Vincent	71c134dc1a	Merge pull request 'Adding hieradata/node/ausyd1nxvm1057.main.unkin.net.yaml' (#150 ) from autonode/ausyd1nxvm1057.main.unkin.net into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/150	2024-08-25 14:28:06 +10:00
Ben Vincent	90eabac007	feat: droneci for organisation - change from personal account to organisation	2024-08-25 14:24:45 +10:00
Ben Vincent	d79a5de17b	feat: add droneci runner - ensure /data and docker are available - add droneci runner configuration	2024-08-25 02:14:35 +10:00
Ben Vincent	0f755b231f	Merge pull request 'neoloc/droneci' (#148 ) from neoloc/droneci into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/148	2024-08-25 00:01:27 +10:00
Ben Vincent	3d1ba79325	Adding hieradata/node/ausyd1nxvm1058.main.unkin.net.yaml	2024-08-24 23:36:52 +10:00
Ben Vincent	c33b58ead6	Adding hieradata/node/ausyd1nxvm1057.main.unkin.net.yaml	2024-08-24 23:30:37 +10:00
Ben Vincent	9f937b2869	Merge pull request 'Adding hieradata/node/ausyd1nxvm1056.main.unkin.net.yaml' (#147 ) from autonode/ausyd1nxvm1056.main.unkin.net into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/147	2024-08-24 12:37:44 +10:00
Ben Vincent	8660bec810	Merge pull request 'Adding hieradata/node/ausyd1nxvm1055.main.unkin.net.yaml' (#146 ) from autonode/ausyd1nxvm1055.main.unkin.net into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/146	2024-08-24 12:37:34 +10:00
Ben Vincent	f30325b3e9	Merge pull request 'Adding hieradata/node/ausyd1nxvm1054.main.unkin.net.yaml' (#145 ) from autonode/ausyd1nxvm1054.main.unkin.net into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/145	2024-08-24 12:37:25 +10:00
Ben Vincent	76c1c93c02	Merge pull request 'Adding hieradata/node/ausyd1nxvm1053.main.unkin.net.yaml' (#144 ) from autonode/ausyd1nxvm1053.main.unkin.net into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/144	2024-08-24 12:37:16 +10:00
Ben Vincent	4577997506	Merge pull request 'Adding hieradata/node/ausyd1nxvm1052.main.unkin.net.yaml' (#143 ) from autonode/ausyd1nxvm1052.main.unkin.net into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/143	2024-08-24 12:36:50 +10:00
Ben Vincent	6326e820a9	Merge pull request 'chore: add new user' (#142 ) from neoloc/ryadun into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/142	2024-08-24 12:36:09 +10:00
Ben Vincent	757f3042ed	chore: add new user - add ryadun	2024-08-24 12:35:34 +10:00
Ben Vincent	5d36a4053b	feat: add droneci module - add droneci module for server - add droneci/server role - add consul query for droneci service - manage certificates, ssh principals, consul services/checks	2024-08-24 00:34:15 +10:00
Ben Vincent	8a8cc0ae1b	feat: remove requirepass - required for droneci	2024-08-23 23:18:02 +10:00
Ben Vincent	70a9edd118	Adding hieradata/node/ausyd1nxvm1056.main.unkin.net.yaml	2024-08-16 22:13:16 +10:00
Ben Vincent	348d8889ed	Adding hieradata/node/ausyd1nxvm1055.main.unkin.net.yaml	2024-08-16 22:11:47 +10:00
Ben Vincent	1a2023f4ff	Merge pull request 'feat: add patroni/psql cluster' (#140 ) from neoloc/patroni into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/140	2024-08-10 23:40:29 +10:00
Ben Vincent	35834f8f5a	feat: add patroni/psql cluster - add patroni puppet module - add patroni role and hieradata - add sql/patroni class that utilised consul	2024-08-10 22:34:43 +10:00
Ben Vincent	4347faf153	Merge pull request 'neoloc/redis' (#139 ) from neoloc/redis into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/139	2024-08-10 18:47:17 +10:00
Ben Vincent	5c731fef34	feat: deploy redisha cluster - manage pki and ssh principals - manage redis/sentinel with redisha module - add consul checks to manage redis-replica/redis-master services - manage sudo rules for consul checks	2024-08-10 17:39:30 +10:00
Ben Vincent	afe2a2afb7	Adding hieradata/node/ausyd1nxvm1054.main.unkin.net.yaml	2024-08-10 14:13:59 +10:00
Ben Vincent	c76ce3bf10	Adding hieradata/node/ausyd1nxvm1053.main.unkin.net.yaml	2024-08-10 14:13:51 +10:00
Ben Vincent	af989a19c3	Adding hieradata/node/ausyd1nxvm1052.main.unkin.net.yaml	2024-08-10 14:11:47 +10:00
Ben Vincent	4d08e30733	Merge pull request 'fix: also fix repodata' (#138 ) from neoloc/cephreef into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/138	2024-08-10 13:36:30 +10:00

1 2 3 4 5 ...

595 Commits