unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
850 Commits 17 Branches 0 Tags 2.9 MiB
neoloc/firewall
Commit Graph

850 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ben Vincent
90ce015d43 feat: add enable/disable flag to firewall::init 2024-11-16 11:50:35 +11:00
Ben Vincent
b9465cd78b feat: add firewall rules 
- create classes for each class of in/out traffic
- use hier_include to add firewall rules to each role
 2024-11-10 12:47:35 +11:00
Ben Vincent
ce12303576 feat: add firewall module 
- add nftables/ipset modules
- add custom firewall module
 2024-11-03 03:32:20 +11:00
Ben Vincent
09a448ea52 Merge pull request 'feat: add vault admin group' (#166) from neoloc/vault_global_admin into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/166
 2024-10-21 19:41:31 +11:00
Ben Vincent
1db8847833 feat: add vault admin group 
- group will be assigned global admin rights
 2024-10-21 19:40:52 +11:00
Ben Vincent
6d919580e1 Merge pull request 'neoloc/adduser' (#165) from neoloc/adduser into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/165
 2024-10-20 13:14:50 +11:00
Ben Vincent
5549275ecc chore: add new user 
- add margol as standard media user
 2024-10-20 13:12:36 +11:00
Ben Vincent
7acfea8547 fix: correct given/sn fields 
- fix ryadun's given/sn fields
 2024-10-20 13:12:02 +11:00
Ben Vincent
318e816568 Merge pull request 'feat: update certbot module' (#164) from neoloc/restart_nginx into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/164
 2024-10-07 13:42:57 +11:00
Ben Vincent
2ef4fb0bf8 feat: update certbot module 
- update documentation
- add option to notify services
- set haproxy role to notify the haproxy service
 2024-10-07 13:40:53 +11:00
Ben Vincent
2013641720 Merge pull request 'feat: restart nginx on ssl change' (#163) from neoloc/restart_nginx into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/163
 2024-09-27 21:51:15 +10:00
Ben Vincent
4bf4b42fdf feat: restart nginx on ssl change 
- manage nginx service from simpleproxy class
- ensure nginx restarts when ssl certificates are changed
 2024-09-27 21:46:46 +10:00
Ben Vincent
933427e861 Merge pull request 'neoloc/terraformsvc' (#162) from neoloc/terraformsvc into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/162
 2024-09-23 22:14:27 +10:00
Ben Vincent
4a0760516f feat: add vault service account 
- used by vault to bind to ldap
 2024-09-23 22:13:48 +10:00
Ben Vincent
10b57abffc feat: add terraform service account 
- add terraform service account
 2024-09-23 22:08:52 +10:00
Ben Vincent
5b4bb95ffe Merge pull request 'feat: add vault access group' (#161) from neoloc/vaultaccess into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/161
 2024-09-20 23:24:44 +10:00
Ben Vincent
e09819284d feat: add vault access group 
- add vault_access group
 2024-09-20 23:17:35 +10:00
Ben Vincent
addfa02e08 Merge pull request 'feat: enable larger uploads to gitea' (#160) from neoloc/gitea_client_send into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/160
 2024-09-08 01:44:04 +10:00
Ben Vincent
93b9629c5c feat: enable larger uploads to gitea 
- change client body max size to 1GB
 2024-09-08 01:43:22 +10:00
Ben Vincent
9dea399377 Merge pull request 'neoloc/gitearunner' (#159) from neoloc/gitearunner into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/159
 2024-09-07 21:38:29 +10:00
Ben Vincent
0210d849c7 feat: add gitea runner role 
- ensure docker is configured
- create runner user/group
- deploy config.yaml from hiera hash
- install runner from url
- register the runner with the gitea instance
- manage the act_runner service
 2024-09-07 17:59:02 +10:00
Ben Vincent
42d8047043 fix: comments in gitea role 
- was copy of puppetboard, missed updating the comment
 2024-09-03 22:34:48 +10:00
Ben Vincent
c0b94c181f Merge pull request 'feat: confine fact to patroni' (#158) from neoloc/patroni_facts into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/158
 2024-09-03 22:19:18 +10:00
Ben Vincent
265400db91 feat: confine fact to patroni 2024-09-03 22:18:53 +10:00
Ben Vincent
ccf4ef27f7 Merge pull request 'feat: psql changes on master only' (#157) from neoloc/patroni_grant_on_master into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/157
 2024-09-03 22:15:47 +10:00
Ben Vincent
afda425fab feat: psql changes on master only 
- add fact to detect if a psql host is a slave
- only import users/db/grants on master
 2024-09-03 22:13:50 +10:00
Ben Vincent
69c298e162 Merge pull request 'feat: remove masterauth redis' (#156) from neoloc/redis_masterauth into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/156
 2024-09-03 21:29:58 +10:00
Ben Vincent
1ad2b806b4 feat: remove masterauth redis 
- removed requirepass previously, also need to remove masterauth
 2024-09-03 21:29:18 +10:00
Ben Vincent
dc58084cc9 Merge pull request 'Adding hieradata/node/ausyd1nxvm1059.main.unkin.net.yaml' (#155) from autonode/ausyd1nxvm1059.main.unkin.net into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/155
 2024-09-01 00:18:34 +10:00
Ben Vincent
938db9880b Adding hieradata/node/ausyd1nxvm1059.main.unkin.net.yaml 2024-09-01 00:17:59 +10:00
Ben Vincent
ecbea24ba8 Merge pull request 'fix: updated client secret' (#154) from neoloc/droneci_client_id into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/154
 2024-08-31 23:01:39 +10:00
Ben Vincent
bcb9beae5f fix: updated client secret 2024-08-31 23:00:58 +10:00
Ben Vincent
e1e604516d Merge pull request 'feat: add droneci runner' (#153) from neoloc/runner into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/153
 2024-08-27 22:02:00 +10:00
Ben Vincent
0bed8ba4f4 Merge branch 'develop' into neoloc/runner 2024-08-27 22:01:24 +10:00
Ben Vincent
5471adae32 Merge pull request 'feat: add droneadmin' (#152) from neoloc/droneadmin into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/152
 2024-08-25 15:03:15 +10:00
Ben Vincent
91d9a073d6 feat: add droneadmin 
- add environment variable to assign primary admin
 2024-08-25 14:58:56 +10:00
Ben Vincent
ec7814e2a9 Merge pull request 'Adding hieradata/node/ausyd1nxvm1058.main.unkin.net.yaml' (#151) from autonode/ausyd1nxvm1058.main.unkin.net into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/151
 2024-08-25 14:28:20 +10:00
Ben Vincent
71c134dc1a Merge pull request 'Adding hieradata/node/ausyd1nxvm1057.main.unkin.net.yaml' (#150) from autonode/ausyd1nxvm1057.main.unkin.net into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/150
 2024-08-25 14:28:06 +10:00
Ben Vincent
cb803d885e Merge pull request 'feat: droneci for organisation' (#149) from neoloc/droneci_org into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/149
 2024-08-25 14:25:25 +10:00
Ben Vincent
90eabac007 feat: droneci for organisation 
- change from personal account to organisation
 2024-08-25 14:24:45 +10:00
Ben Vincent
d79a5de17b feat: add droneci runner 
- ensure /data and docker are available
- add droneci runner configuration
 2024-08-25 02:14:35 +10:00
Ben Vincent
0f755b231f Merge pull request 'neoloc/droneci' (#148) from neoloc/droneci into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/148
 2024-08-25 00:01:27 +10:00
Ben Vincent
2912cbb68b feat: add droneci runner 
- add runner role
 2024-08-25 00:00:48 +10:00
Ben Vincent
3d1ba79325 Adding hieradata/node/ausyd1nxvm1058.main.unkin.net.yaml 2024-08-24 23:36:52 +10:00
Ben Vincent
c33b58ead6 Adding hieradata/node/ausyd1nxvm1057.main.unkin.net.yaml 2024-08-24 23:30:37 +10:00
Ben Vincent
9f937b2869 Merge pull request 'Adding hieradata/node/ausyd1nxvm1056.main.unkin.net.yaml' (#147) from autonode/ausyd1nxvm1056.main.unkin.net into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/147
 2024-08-24 12:37:44 +10:00
Ben Vincent
8660bec810 Merge pull request 'Adding hieradata/node/ausyd1nxvm1055.main.unkin.net.yaml' (#146) from autonode/ausyd1nxvm1055.main.unkin.net into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/146
 2024-08-24 12:37:34 +10:00
Ben Vincent
f30325b3e9 Merge pull request 'Adding hieradata/node/ausyd1nxvm1054.main.unkin.net.yaml' (#145) from autonode/ausyd1nxvm1054.main.unkin.net into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/145
 2024-08-24 12:37:25 +10:00
Ben Vincent
76c1c93c02 Merge pull request 'Adding hieradata/node/ausyd1nxvm1053.main.unkin.net.yaml' (#144) from autonode/ausyd1nxvm1053.main.unkin.net into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/144
 2024-08-24 12:37:16 +10:00
Ben Vincent
4577997506 Merge pull request 'Adding hieradata/node/ausyd1nxvm1052.main.unkin.net.yaml' (#143) from autonode/ausyd1nxvm1052.main.unkin.net into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/143
 2024-08-24 12:36:50 +10:00