90ce015d43
feat: add enable/disable flag to firewall::init
2024-11-16 11:50:35 +11:00
b9465cd78b
feat: add firewall rules
...
- create classes for each class of in/out traffic
- use hier_include to add firewall rules to each role
2024-11-10 12:47:35 +11:00
ce12303576
feat: add firewall module
...
- add nftables/ipset modules
- add custom firewall module
2024-11-03 03:32:20 +11:00
1db8847833
feat: add vault admin group
...
- group will be assigned global admin rights
2024-10-21 19:40:52 +11:00
5549275ecc
chore: add new user
...
- add margol as standard media user
2024-10-20 13:12:36 +11:00
7acfea8547
fix: correct given/sn fields
...
- fix ryadun's given/sn fields
2024-10-20 13:12:02 +11:00
2ef4fb0bf8
feat: update certbot module
...
- update documentation
- add option to notify services
- set haproxy role to notify the haproxy service
2024-10-07 13:40:53 +11:00
4a0760516f
feat: add vault service account
...
- used by vault to bind to ldap
2024-09-23 22:13:48 +10:00
10b57abffc
feat: add terraform service account
...
- add terraform service account
2024-09-23 22:08:52 +10:00
e09819284d
feat: add vault access group
...
- add vault_access group
2024-09-20 23:17:35 +10:00
93b9629c5c
feat: enable larger uploads to gitea
...
- change client body max size to 1GB
2024-09-08 01:43:22 +10:00
0210d849c7
feat: add gitea runner role
...
- ensure docker is configured
- create runner user/group
- deploy config.yaml from hiera hash
- install runner from url
- register the runner with the gitea instance
- manage the act_runner service
2024-09-07 17:59:02 +10:00
69c298e162
Merge pull request 'feat: remove masterauth redis' ( #156 ) from neoloc/redis_masterauth into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/156
2024-09-03 21:29:58 +10:00
1ad2b806b4
feat: remove masterauth redis
...
- removed requirepass previously, also need to remove masterauth
2024-09-03 21:29:18 +10:00
938db9880b
Adding hieradata/node/ausyd1nxvm1059.main.unkin.net.yaml
2024-09-01 00:17:59 +10:00
bcb9beae5f
fix: updated client secret
2024-08-31 23:00:58 +10:00
0bed8ba4f4
Merge branch 'develop' into neoloc/runner
2024-08-27 22:01:24 +10:00
5471adae32
Merge pull request 'feat: add droneadmin' ( #152 ) from neoloc/droneadmin into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/152
2024-08-25 15:03:15 +10:00
91d9a073d6
feat: add droneadmin
...
- add environment variable to assign primary admin
2024-08-25 14:58:56 +10:00
ec7814e2a9
Merge pull request 'Adding hieradata/node/ausyd1nxvm1058.main.unkin.net.yaml' ( #151 ) from autonode/ausyd1nxvm1058.main.unkin.net into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/151
2024-08-25 14:28:20 +10:00
71c134dc1a
Merge pull request 'Adding hieradata/node/ausyd1nxvm1057.main.unkin.net.yaml' ( #150 ) from autonode/ausyd1nxvm1057.main.unkin.net into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/150
2024-08-25 14:28:06 +10:00
90eabac007
feat: droneci for organisation
...
- change from personal account to organisation
2024-08-25 14:24:45 +10:00
d79a5de17b
feat: add droneci runner
...
- ensure /data and docker are available
- add droneci runner configuration
2024-08-25 02:14:35 +10:00
0f755b231f
Merge pull request 'neoloc/droneci' ( #148 ) from neoloc/droneci into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/148
2024-08-25 00:01:27 +10:00
3d1ba79325
Adding hieradata/node/ausyd1nxvm1058.main.unkin.net.yaml
2024-08-24 23:36:52 +10:00
c33b58ead6
Adding hieradata/node/ausyd1nxvm1057.main.unkin.net.yaml
2024-08-24 23:30:37 +10:00
9f937b2869
Merge pull request 'Adding hieradata/node/ausyd1nxvm1056.main.unkin.net.yaml' ( #147 ) from autonode/ausyd1nxvm1056.main.unkin.net into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/147
2024-08-24 12:37:44 +10:00
8660bec810
Merge pull request 'Adding hieradata/node/ausyd1nxvm1055.main.unkin.net.yaml' ( #146 ) from autonode/ausyd1nxvm1055.main.unkin.net into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/146
2024-08-24 12:37:34 +10:00
f30325b3e9
Merge pull request 'Adding hieradata/node/ausyd1nxvm1054.main.unkin.net.yaml' ( #145 ) from autonode/ausyd1nxvm1054.main.unkin.net into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/145
2024-08-24 12:37:25 +10:00
76c1c93c02
Merge pull request 'Adding hieradata/node/ausyd1nxvm1053.main.unkin.net.yaml' ( #144 ) from autonode/ausyd1nxvm1053.main.unkin.net into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/144
2024-08-24 12:37:16 +10:00
4577997506
Merge pull request 'Adding hieradata/node/ausyd1nxvm1052.main.unkin.net.yaml' ( #143 ) from autonode/ausyd1nxvm1052.main.unkin.net into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/143
2024-08-24 12:36:50 +10:00
6326e820a9
Merge pull request 'chore: add new user' ( #142 ) from neoloc/ryadun into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/142
2024-08-24 12:36:09 +10:00
757f3042ed
chore: add new user
...
- add ryadun
2024-08-24 12:35:34 +10:00
5d36a4053b
feat: add droneci module
...
- add droneci module for server
- add droneci/server role
- add consul query for droneci service
- manage certificates, ssh principals, consul services/checks
2024-08-24 00:34:15 +10:00
8a8cc0ae1b
feat: remove requirepass
...
- required for droneci
2024-08-23 23:18:02 +10:00
70a9edd118
Adding hieradata/node/ausyd1nxvm1056.main.unkin.net.yaml
2024-08-16 22:13:16 +10:00
348d8889ed
Adding hieradata/node/ausyd1nxvm1055.main.unkin.net.yaml
2024-08-16 22:11:47 +10:00
1a2023f4ff
Merge pull request 'feat: add patroni/psql cluster' ( #140 ) from neoloc/patroni into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/140
2024-08-10 23:40:29 +10:00
35834f8f5a
feat: add patroni/psql cluster
...
- add patroni puppet module
- add patroni role and hieradata
- add sql/patroni class that utilised consul
2024-08-10 22:34:43 +10:00
4347faf153
Merge pull request 'neoloc/redis' ( #139 ) from neoloc/redis into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/139
2024-08-10 18:47:17 +10:00
5c731fef34
feat: deploy redisha cluster
...
- manage pki and ssh principals
- manage redis/sentinel with redisha module
- add consul checks to manage redis-replica/redis-master services
- manage sudo rules for consul checks
2024-08-10 17:39:30 +10:00
afe2a2afb7
Adding hieradata/node/ausyd1nxvm1054.main.unkin.net.yaml
2024-08-10 14:13:59 +10:00
c76ce3bf10
Adding hieradata/node/ausyd1nxvm1053.main.unkin.net.yaml
2024-08-10 14:13:51 +10:00
af989a19c3
Adding hieradata/node/ausyd1nxvm1052.main.unkin.net.yaml
2024-08-10 14:11:47 +10:00
4d08e30733
Merge pull request 'fix: also fix repodata' ( #138 ) from neoloc/cephreef into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/138
2024-08-10 13:36:30 +10:00
e2873a492a
fix: also fix repodata
2024-08-10 13:36:04 +10:00
90af895a34
Merge pull request 'fix: ceph-reef 18.2.4 not on el8' ( #137 ) from neoloc/cephreef into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/137
2024-08-10 13:30:54 +10:00
52e3d5b20b
fix: ceph-reef 18.2.4 not on el8
...
- force repo to use 18.2.2
2024-08-10 13:30:16 +10:00
403e3eeb1b
chore: add account
2024-08-08 19:01:18 +10:00
a5baed8cd9
chore: add two new users
...
- add marbal and seablo
2024-08-07 22:19:08 +10:00
