- change from puppet-agent to openvox-agent
- upgrade version from 7.34 to 7.36
- ensure workflow of: Yumrepo -> dnf-makecache -> Package
Reviewed-on: #408
- create module class for journald clients
- ensure module class it used on all hosts
- use consul service address for insert/journald
Reviewed-on: #377
- manage python script/venv to sign ssh host certificates
- add approle_id to puppetmaster eyaml files
- add class to sign ssh-rsa host keys
- add facts to check if the current principals match the desired principals
- add fact to detect firstrun
- run a limited subset of classes on firstrun
- firstrun: includes:
- vault ca certificates
- yum/apt repositories
- fast-install packages with an exec
- set yum::versionlock to be only for redhat family
- set puppet-agent require statement to use apt or yum
- remove requirement of downloading puppet7-release-$dist.deb
- create all paths in $base_path for vault certificate
- set correct $PATH for update-ca-certificates
- dynamically set debian release name
- split packages to install from common.yaml to os-specific
- create groups profile to manage local groups
- change sysadmin to be a member of admins group
- setup admins sudo rules
- certificate will be generated for:
- fqdn
- hostname
- primary ip address
- localhost
- 127.0.0.1
- update base profile to generate vault certificate for all
- create facts for use with vault_certs
- define resolver and master dns server
- export A and PTR records from dns clients
- collect exported resources for master
- create hiera structure for acls, zones and views
- add autosyncer/autopromoter scripts
- add timer and service to initial sync process
- add timer/service for daily/weekly/monthly autopromote
- add define to manage each repo
- add nginx webserver to share repos
- add favion.ico if enabled
- add selinux management, and packages for selinux
- cleanup package management, sorting package groups into package classes
- install modules required
- puppetdb
- postgresql
- puppetboard
- python
- create new profiles to manage each item (puppetdb/puppetboard)
- added puppetdb role
- include the puppetdb::master::config in puppetmaster role
- re-organised the puppetfile
- moved python to be managed by the python module
- added postgresql to list of managed repos
- imported account and sudo puppet modules
- created account management wrapper
- defined sysadmin account, set to be created on all nodes
- removed sudo from base packages as its managed by sudo module now
This is so I can include either apt or yum/dnf based profiles. This can
be expanded easily if new families are added, or if new base role
includes are added that are different based on the family of the os.
