unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
1,129 Commits 17 Branches 0 Tags 2.9 MiB
develop
Commit Graph

104 Commits

Author SHA1 Message Date
Ben Vincent
2ef4fb0bf8 feat: update certbot module 
- update documentation
- add option to notify services
- set haproxy role to notify the haproxy service
 2024-10-07 13:40:53 +11:00
Ben Vincent
265400db91 feat: confine fact to patroni 2024-09-03 22:18:53 +10:00
Ben Vincent
afda425fab feat: psql changes on master only 
- add fact to detect if a psql host is a slave
- only import users/db/grants on master
 2024-09-03 22:13:50 +10:00
Ben Vincent
d79a5de17b feat: add droneci runner 
- ensure /data and docker are available
- add droneci runner configuration
 2024-08-25 02:14:35 +10:00
Ben Vincent
5d36a4053b feat: add droneci module 
- add droneci module for server
- add droneci/server role
- add consul query for droneci service
- manage certificates, ssh principals, consul services/checks
 2024-08-24 00:34:15 +10:00
Ben Vincent
4347faf153 Merge pull request 'neoloc/redis' (#139) from neoloc/redis into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/139
 2024-08-10 18:47:17 +10:00
Ben Vincent
b7fc6a1993 feat: create redisha module 
- manage redis/sentinel clusters
- ensure ulimit_managed is false
- dynamically find servers in role to identify master
- add redisadm and sentineladm commands
- add script to check if the current host in the master
 2024-08-10 17:39:24 +10:00
Ben Vincent
0cad88cdad chore: prevent empty lines 
- prevent empty lines when user features are not enabled
- change epp to erb template for user objects
 2024-08-07 22:51:13 +10:00
Ben Vincent
3ed692cc77 Merge pull request 'feat: manage the nzbget service' (#112) from neoloc/nzbget_group_media into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/112
 2024-07-11 22:27:44 +10:00
Ben Vincent
ec92a6d3df feat: manage the nzbget service 2024-07-11 21:39:34 +10:00
Ben Vincent
95a0b543fd feat: add othergroups support for services 
- extend glauth::obj::service to allow othergroups
 2024-07-11 19:59:26 +10:00
Ben Vincent
0c1fd63b7d fix: change nzbget::manage_group to boolean 2024-07-09 23:22:49 +10:00
Ben Vincent
fd5163d6e6 Merge branch 'develop' into neoloc/nzbget 2024-07-09 22:25:28 +10:00
Ben Vincent
d67eba5860 feat: add nzbget module/role 
- add nzbget module
- add nzbget ldap user/group
 2024-07-09 22:23:58 +10:00
Ben Vincent
d9a2966ffd fix: certbot selinux and rsync 
- fix rsync to use 755 permissions
- add rsync selinux booleans
 2024-07-08 23:17:38 +10:00
Ben Vincent
bd5164fed3 feat: certbot reorg 
- moved certbot into its own module
- added fact to list available certificates
- created systemd timer to rsync data to $data_dir/pub
- ensure the $data_dir/pub exists
- manage selinux for nginx
 2024-07-08 22:33:11 +10:00
Ben Vincent
658af2b6b6 Merge pull request 'feat: manage jellyfin data migration_flag' (#90) from neoloc/jellyfin into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/90
 2024-07-04 00:09:22 +10:00
Ben Vincent
f3046f8fbb feat: manage jellyfin data migration_flag 2024-07-03 22:49:54 +10:00
Ben Vincent
b0934caf23 feat: restart networking on network changes 
- restart network on RedHat
- restart networking on debian
 2024-07-03 20:35:58 +10:00
Ben Vincent
8e1622a158 Merge pull request 'neoloc/glauth' (#87) from neoloc/glauth into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/87
 2024-07-02 18:12:54 +10:00
Ben Vincent
fe35baacfd chore: cleanup glauth 
- remove datavol, not required
- remove commented out systemd socket
 2024-07-02 18:12:08 +10:00
Ben Vincent
c69e8c487e feat: create glauth module 
- manage config directories, config file
- manage systemd service and socket
- manage users, service accounts and groups
- manage defaults for users, services and groups
- manage packages for role
 2024-07-01 22:42:12 +10:00
Ben Vincent
e437629e12 feat: add jellyfin module 2024-06-30 00:01:38 +10:00
Ben Vincent
2b1ea45e4e feat: add manage_group param to *arr stack 
- change hieradata/role/apps/media/* to use correct namespaces
- add manage_group boolean to all *arr stack modules
 2024-06-27 23:15:08 +10:00
Ben Vincent
5f5a9f5f65 Merge pull request 'feat: add prowlarr module' (#69) from neoloc/prowlarr into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/69
 2024-06-27 21:34:30 +10:00
Ben Vincent
3c63d8e797 Merge pull request 'feat: add readarr module' (#68) from neoloc/readarr into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/68
 2024-06-27 21:34:17 +10:00
Ben Vincent
ab617a9de1 Merge pull request 'feat: add lidarr module' (#67) from neoloc/lidarr into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/67
 2024-06-27 21:33:59 +10:00
Ben Vincent
f2046efebe feat: add prowlarr module 
- add media::prowlarr role
 2024-06-27 21:32:13 +10:00
Ben Vincent
0b7f07692c feat: add readarr module 
- add media::readarr role
 2024-06-27 21:21:18 +10:00
Ben Vincent
bbf9944ef5 feat: add lidarr module 2024-06-27 21:14:27 +10:00
Ben Vincent
17c16bfc33 feat: add radarr module 2024-06-26 22:57:27 +10:00
Ben Vincent
44bd2d3d89 fix: sonar config empty line 2024-06-25 23:59:28 +10:00
Ben Vincent
f22556b39f feat: manage sonarr configuration 
- add config class to sonarr module
- update params to include unique group param
 2024-06-25 23:45:29 +10:00
Ben Vincent
6839fb8c5f feat: networking defaults 
- add interface/route defaults
- merge defaults into each interface/route
 2024-06-23 17:34:23 +10:00
Ben Vincent
8548ef0284 Merge pull request 'neoloc/sonarr_deploy' (#48) from neoloc/sonarr_deploy into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/48
 2024-06-21 22:53:06 +10:00
Ben Vincent
681f9e3eb8 feat: deploy sonarr 
- add required hieradata/role data to deploy sonarr
- add nginx simpleproxy
- add consul service/query
- add vault certificates
 2024-06-21 22:51:40 +10:00
Ben Vincent
94aed2df9c feat: add pveceph consul services 
- refacter the pveceph facts
- define consul services for osd, mgr, mds and mons
 2024-06-18 21:14:57 +10:00
Ben Vincent
b4c20fd7d6 feat: add sonarr module 2024-06-10 22:13:43 +10:00
Ben Vincent
d4163233f6 Merge branch 'develop' into neoloc/sshsign_hostkeys 2024-06-09 20:38:25 +10:00
Ben Vincent
51eeb13793 feat: add networking module 
- manage interfaces and routes
- set default params for hosts
- add params class to networking module
- set defaults for debian
 2024-06-08 17:07:51 +10:00
Ben Vincent
b468f67103 feat: sign ssh host keys 
- manage python script/venv to sign ssh host certificates
- add approle_id to puppetmaster eyaml files
- add class to sign ssh-rsa host keys
- add facts to check if the current principals match the desired principals
 2024-06-01 22:51:42 +10:00
Ben Vincent
dde8d5978d feat: firstrun improvements 
- add fact to detect firstrun
- run a limited subset of classes on firstrun
- firstrun: includes:
  - vault ca certificates
  - yum/apt repositories
  - fast-install packages with an exec
 2024-05-19 21:28:14 +10:00
Ben Vincent
6f9a606549 feat: configure edgecache for postgresql 
- add fact to record system resolvers
- add resolvers feature in /etc/nginx/conf.d/resolvers.conf
- add rewrite rules for postgres/yum/repodata
 2024-05-19 16:56:36 +10:00
Ben Vincent
fee0bde604 feat: complete cobbler automation 
- add facts to manage the /var/www/cobbler and /data/cobbler directories
- move /var/www/cobbler -> /data/cobbler
- create symlink from /var/www/cobbler -> /data/cobbler
- ensure that cobbler nodes are set to permissive selinux mode
 2024-05-09 22:44:55 +10:00
Ben Vincent
3ed433fb97 Merge pull request 'feat: moved enc_role and enc_env to ruby facts' (#171) from neoloc/enc_role_facts into develop 
Reviewed-on: unkinben/puppet-prod#171
 2024-04-24 23:01:57 +09:30
Ben Vincent
e0dbecbfa0 feat: moved enc_role and enc_env to ruby facts 2024-04-24 23:30:27 +10:00
Ben Vincent
bc4246dd05 feat: add new syd1 prod networks 2024-04-21 22:55:06 +10:00
Ben Vincent
f04c74bd4d feat: manage proxmox nodes 
- change /etc/hosts to meet proxmox requirements
- add proxmox node role
- add init, params, repo, install, clusterjoin classes
 2024-04-21 15:08:28 +10:00
Ben Vincent
f2cdcb8c8e feat: add sydney subnets 2024-03-21 22:02:25 +11:00
Ben Vincent
df05be21f6 Merge pull request 'feat: merge subnet facts' (#133) from neoloc/env_fact into develop 
Reviewed-on: unkinben/puppet-prod#133
 2024-03-10 14:13:46 +09:30
Ben Vincent
5dff24d9b9 feat: merge subnet facts 
- add fact for environment
- define 198.18.18.0/24 subnet
 2024-03-10 15:42:14 +11:00
Ben Vincent
8009b59514 feat: automatically generate vault certs 
- certificate will be generated for:
  - fqdn
  - hostname
  - primary ip address
  - localhost
  - 127.0.0.1
- update base profile to generate vault certificate for all
- create facts for use with vault_certs
 2024-03-03 13:38:52 +11:00
Ben Vincent
1030ba460e refacter: renamed facts to libs 2024-02-17 23:03:54 +11:00
Ben Vincent
1f7b347ef4 refacter: tidy facts 
- create a facts module, move all facts to this module
 2024-02-17 22:57:36 +11:00