unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
1,129 Commits 17 Branches 0 Tags 2.9 MiB
develop
Commit Graph

25 Commits

Author SHA1 Message Date
Ben Vincent
d8b354558d feat: add incus auto-client certificate trust (#406) 
- add fact to export vault public cert from agents
- add fact to export list of trusted incus client certs
- add method for incus clients to export their client cert to be trusted

Reviewed-on: #406
 2025-10-17 22:46:26 +11:00
Ben Vincent
0e64c9855a feat: add vmcluster module (#363) 
- manage vmstorage package, service and environment file
- manage vmselect package, service and environment file
- manage vminsert package, service and environment file
- manage vmagent package, service and environment file
- manage options for vmstorage, vmselect, vminsert, vmagent role

Reviewed-on: #363
 2025-07-26 18:17:20 +10:00
Ben Vincent
40c57ede59 feat: add ci build task (#342) 
- a ci workflow for build tests
- run pre-commit against all files

Reviewed-on: #342
 2025-07-08 20:19:36 +10:00
Ben Vincent
a9faa098ee benvin/grafana_postgres (#334) 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/334
 2025-07-01 19:07:24 +10:00
Ben Vincent
62837bb22d feat: add zone to subnet facts (#320) 
- add common and dmz zone fact information

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/320
 2025-06-21 15:42:37 +10:00
Ben Vincent
2321186ad5 neoloc/mpls_ldp_frr (#255) 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/255
 2025-04-24 16:51:31 +10:00
Ben Vincent
c225564bdb feat: continue incus implementation (#245) 
- migrate to systemd-networkd
- setup dummy, bridge and static/ethernet interfaces
- manage sshd.service droping to start ssh after networking is online
- enable ip forewarding
- add fastpool/data/incus dataset
- enable ospf and frr
- add loopback0 as ssh listenaddress
- add loopback1/2 for ceph cluster/public traffic

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/245
 2025-04-06 16:38:04 +10:00
Ben Vincent
8eb751e22f feat: change enc_* fact to read direct from cobbler (#219) 
- change enc_role and enc_env to read direct from cobbler
- cleanup profiles::base::facts

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/219
 2025-03-12 23:09:15 +11:00
Ben Vincent
265400db91 feat: confine fact to patroni 2024-09-03 22:18:53 +10:00
Ben Vincent
afda425fab feat: psql changes on master only 
- add fact to detect if a psql host is a slave
- only import users/db/grants on master
 2024-09-03 22:13:50 +10:00
Ben Vincent
f3046f8fbb feat: manage jellyfin data migration_flag 2024-07-03 22:49:54 +10:00
Ben Vincent
94aed2df9c feat: add pveceph consul services 
- refacter the pveceph facts
- define consul services for osd, mgr, mds and mons
 2024-06-18 21:14:57 +10:00
Ben Vincent
b468f67103 feat: sign ssh host keys 
- manage python script/venv to sign ssh host certificates
- add approle_id to puppetmaster eyaml files
- add class to sign ssh-rsa host keys
- add facts to check if the current principals match the desired principals
 2024-06-01 22:51:42 +10:00
Ben Vincent
dde8d5978d feat: firstrun improvements 
- add fact to detect firstrun
- run a limited subset of classes on firstrun
- firstrun: includes:
  - vault ca certificates
  - yum/apt repositories
  - fast-install packages with an exec
 2024-05-19 21:28:14 +10:00
Ben Vincent
6f9a606549 feat: configure edgecache for postgresql 
- add fact to record system resolvers
- add resolvers feature in /etc/nginx/conf.d/resolvers.conf
- add rewrite rules for postgres/yum/repodata
 2024-05-19 16:56:36 +10:00
Ben Vincent
fee0bde604 feat: complete cobbler automation 
- add facts to manage the /var/www/cobbler and /data/cobbler directories
- move /var/www/cobbler -> /data/cobbler
- create symlink from /var/www/cobbler -> /data/cobbler
- ensure that cobbler nodes are set to permissive selinux mode
 2024-05-09 22:44:55 +10:00
Ben Vincent
3ed433fb97 Merge pull request 'feat: moved enc_role and enc_env to ruby facts' (#171) from neoloc/enc_role_facts into develop 
Reviewed-on: unkinben/puppet-prod#171
 2024-04-24 23:01:57 +09:30
Ben Vincent
e0dbecbfa0 feat: moved enc_role and enc_env to ruby facts 2024-04-24 23:30:27 +10:00
Ben Vincent
bc4246dd05 feat: add new syd1 prod networks 2024-04-21 22:55:06 +10:00
Ben Vincent
f04c74bd4d feat: manage proxmox nodes 
- change /etc/hosts to meet proxmox requirements
- add proxmox node role
- add init, params, repo, install, clusterjoin classes
 2024-04-21 15:08:28 +10:00
Ben Vincent
f2cdcb8c8e feat: add sydney subnets 2024-03-21 22:02:25 +11:00
Ben Vincent
df05be21f6 Merge pull request 'feat: merge subnet facts' (#133) from neoloc/env_fact into develop 
Reviewed-on: unkinben/puppet-prod#133
 2024-03-10 14:13:46 +09:30
Ben Vincent
5dff24d9b9 feat: merge subnet facts 
- add fact for environment
- define 198.18.18.0/24 subnet
 2024-03-10 15:42:14 +11:00
Ben Vincent
8009b59514 feat: automatically generate vault certs 
- certificate will be generated for:
  - fqdn
  - hostname
  - primary ip address
  - localhost
  - 127.0.0.1
- update base profile to generate vault certificate for all
- create facts for use with vault_certs
 2024-03-03 13:38:52 +11:00
Ben Vincent
1030ba460e refacter: renamed facts to libs 2024-02-17 23:03:54 +11:00