unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
448 Commits 18 Branches 0 Tags 3 MiB
0e7168026d
Commit Graph

448 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ben Vincent
4b2690a678 Merge pull request 'feat: enable selecting nameserver by fact' (#166) from neoloc/dns_selection into develop 
Reviewed-on: unkinben/puppet-prod#166
 2024-04-23 22:14:59 +09:30
Ben Vincent
dbe11323c5 feat: enable selecting nameserver by fact 
- enable selecting nameservers to use by region, country or all
- set default for nameservers to be region
 2024-04-23 22:39:33 +10:00
Ben Vincent
a7b40daee0 Merge pull request 'feat: sort nameserver/search_domains' (#165) from neoloc/dns_sorting into develop 
Reviewed-on: unkinben/puppet-prod#165
 2024-04-23 20:44:59 +09:30
Ben Vincent
bb8bf202ac feat: sort nameserver/search_domains 
- ensure the list doesnt change every puppet run
 2024-04-23 21:11:56 +10:00
Ben Vincent
7f3005f312 Merge pull request 'fix: enable repos before installing packages' (#162) from neoloc/repofirst into develop 
Reviewed-on: unkinben/puppet-prod#162
 2024-04-22 18:51:26 +09:30
Ben Vincent
df56213b18 fix: enable repos before installing packages 2024-04-22 19:07:28 +10:00
Ben Vincent
e5b3112189 Merge pull request 'feat: add new syd1 prod networks' (#161) from neoloc/sydney_subnets into develop 
Reviewed-on: unkinben/puppet-prod#161
 2024-04-21 22:25:56 +09:30
Ben Vincent
bc4246dd05 feat: add new syd1 prod networks 2024-04-21 22:55:06 +10:00
Ben Vincent
85f17d8038 Merge pull request 'feat: manage timezone per region' (#160) from neoloc/timezone into develop 
Reviewed-on: unkinben/puppet-prod#160
 2024-04-21 15:20:14 +09:30
Ben Vincent
9c6dee7609 feat: manage timezone per region 
- add timezone module
- set per-region timezone setting
- setup hiera_classes, set to deep merge, and set to include all in base profile
 2024-04-21 15:48:09 +10:00
Ben Vincent
ccf43f3bcb Merge pull request 'feat: manage proxmox nodes' (#159) from neoloc/proxmox into develop 
Reviewed-on: unkinben/puppet-prod#159
 2024-04-21 15:07:43 +09:30
Ben Vincent
f04c74bd4d feat: manage proxmox nodes 
- change /etc/hosts to meet proxmox requirements
- add proxmox node role
- add init, params, repo, install, clusterjoin classes
 2024-04-21 15:08:28 +10:00
Ben Vincent
085416fea9 Merge pull request 'feat: node_lookup compatability for Debian' (#158) from neoloc/node_lookup_debian into develop 
Reviewed-on: unkinben/puppet-prod#158
 2024-04-20 17:39:31 +09:30
Ben Vincent
6dd46efe3f Merge pull request 'feat: debian vaultcert compatability' (#157) from neoloc/vaultcacrt into develop 
Reviewed-on: unkinben/puppet-prod#157
 2024-04-20 17:38:57 +09:30
Ben Vincent
80a4cb0544 feat: debian vaultcert compatability 
- remove comma from certificate file
- add comments identifying each certificate
 2024-04-20 18:08:16 +10:00
Ben Vincent
49b4a65302 feat: node_lookup compatability for Debian 2024-04-20 18:04:54 +10:00
Ben Vincent
7ccbb7d0ee Merge pull request 'feat: split lm-sensors for debian/rhel' (#156) from neoloc/debian_sensors into develop 
Reviewed-on: unkinben/puppet-prod#156
 2024-04-15 19:01:22 +09:30
Ben Vincent
19c8749d9e feat: split lm-sensors for debian/rhel 2024-04-14 23:17:38 +10:00
Ben Vincent
cdd450067d Merge pull request 'feat: prepare puppet for debian' (#155) from neoloc/debian_prep into develop 
Reviewed-on: unkinben/puppet-prod#155
 2024-04-13 22:47:07 +09:30
Ben Vincent
d0d67e316a feat: prepare puppet for debian 
- set yum::versionlock to be only for redhat family
- set puppet-agent require statement to use apt or yum
- remove requirement of downloading puppet7-release-$dist.deb
- create all paths in $base_path for vault certificate
- set correct $PATH for update-ca-certificates
- dynamically set debian release name
- split packages to install from common.yaml to os-specific
- create groups profile to manage local groups
- change sysadmin to be a member of admins group
- setup admins sudo rules
 2024-04-13 22:34:28 +10:00
Ben Vincent
5f8b0ba102 Merge pull request 'feat: nginx reverse proxy debian cache' (#154) from neoloc/debian_cache into develop 
Reviewed-on: unkinben/puppet-prod#154
 2024-04-13 20:29:37 +09:30
Ben Vincent
114d3fe195 feat: nginx reverse proxy debian cache 
- add debian, debian/pool locations to reposyncer
- add selinux fcontext rules
 2024-04-13 20:52:27 +10:00
Ben Vincent
eaddbe03d1 Merge pull request 'feat: add frontends, backends, listeners' (#153) from neoloc/haproxy_puppetdbmaster into develop 
Reviewed-on: unkinben/puppet-prod#153
 2024-04-06 18:55:04 +09:30
Ben Vincent
82f2d75888 feat: add frontends, backends, listeners 
- add a way to define frontends, backends and listeners through hieradata
 2024-04-06 20:23:37 +11:00
Ben Vincent
cdbb689c91 Merge pull request 'feat: update jdk11 for puppetdb' (#152) from neoloc/java_puppetdb into develop 
Reviewed-on: unkinben/puppet-prod#152
 2024-04-06 18:36:46 +09:30
Ben Vincent
ed60e18062 feat: update jdk11 for puppetdb 
- specify the java_bin
- specify the java_args
 2024-04-06 20:05:23 +11:00
Ben Vincent
258cedb566 Merge pull request 'neoloc/haproxy_puppetdbapi' (#151) from neoloc/haproxy_puppetdbapi into develop 
Reviewed-on: unkinben/puppet-prod#151
 2024-04-06 17:09:37 +09:30
Ben Vincent
f79d9de495 feat: update node_lookup 
- update node_lookup to use new puppetdb URL
 2024-04-06 18:31:41 +11:00
Ben Vincent
c9a1d35af9 feat: add cnames to haproxy 
- manage A records for haproxy
- manage cnames for services using haproxy
 2024-04-06 16:26:50 +11:00
Ben Vincent
e97d061f46 feat: add puppetdbapi to haproxy 
- add puppetdbapi backend to haproxy
- add puppetdbapi altname to the vault certificate
- add mapping for hostname to backend
 2024-04-06 15:49:10 +11:00
Ben Vincent
f7881b19cf Merge pull request 'feat: add puppetboard backend' (#150) from neoloc/haproxy_puppetboard into develop 
Reviewed-on: unkinben/puppet-prod#150
 2024-04-06 02:54:26 +09:30
Ben Vincent
57b7a3036b Merge pull request 'feat: add virtual/physical check' (#147) from neoloc/sensors into develop 
Reviewed-on: unkinben/puppet-prod#147
 2024-04-06 02:53:57 +09:30
Ben Vincent
105bf1b09d feat: add puppetboard backend 
- add balancemember to puppetboard nodes
- add be_puppetboard to haproxxy
- add puppetboard.main.unkin.net to haproxy altnames
- add puppetboard to backend mapping
- change way backends are registered in haproxy
 2024-04-06 04:20:39 +11:00
Ben Vincent
dc428543cf Merge pull request 'feat: add haproxy profile' (#149) from neoloc/haproxy into develop 
Reviewed-on: unkinben/puppet-prod#149
 2024-04-06 01:58:10 +09:30
Ben Vincent
2091f1ada3 feat: add haproxy profile 
- add haproxy server class
- add haproxy profile to role
- add hiera data for region specific haproxy
- add selinux configuration
- add certlist management
- add default http and https frontends
- add default stats listener
 2024-04-06 03:27:45 +11:00
Ben Vincent
e15ebd4571 Merge pull request 'feat: change certmanage to approles' (#148) from neoloc/certmanager_approle into develop 
Reviewed-on: unkinben/puppet-prod#148
 2024-04-03 23:03:16 +09:30
Ben Vincent
5bde96fb4d feat: change certmanage to approles 
- created approle 'certmanager' using 'certmanager' policy
- update certmanager script to generate token based on roleid
 2024-04-04 00:32:08 +11:00
Ben Vincent
e69b3a9dc4 Merge pull request 'feat: deploy cobbler enc' (#146) from neoloc/cobbler_enc into develop 
Reviewed-on: unkinben/puppet-prod#146
 2024-04-03 13:05:05 +09:30
Ben Vincent
64563902d4 feat: deploy cobbler enc 
- install python3.11 on all nodes
- create python3.11 venv for cobbler-enc
- install requirements in cobbler-enc venv
- symlink to /usr/local/bin/
 2024-03-31 20:58:31 +11:00
Ben Vincent
0ad31f6013 feat: add virtual/physical check 
- add virtual tree to hiera
- add virtual/kvm and virtual/physical hiera sources
- add lm_sensors to be installed on hardware nodes
 2024-03-31 15:36:41 +11:00
Ben Vincent
d64e185919 Merge pull request 'feat: add dhcp servers' (#145) from neoloc/dhcp-server into develop 
Reviewed-on: unkinben/puppet-prod#145
 2024-03-29 07:45:16 +09:30
Ben Vincent
d64860f47b feat: add dhcp servers 
- include puppet-dhcp module
- manage dhcp pools
- manage dhcp classes (bios/uefi)
 2024-03-29 09:13:26 +11:00
Ben Vincent
159c57677a Merge pull request 'feat: add cobbler profile' (#144) from neoloc/cobbler_profile into develop 
Reviewed-on: unkinben/puppet-prod#144
 2024-03-29 07:10:33 +09:30
Ben Vincent
80b7ad8639 feat: add cobbler profile 
- add datavol to cobbler nodes
- add cobbler profile
- add cobbler role hieradata
- manage selinux where required for cobbler
- manage service cname
 2024-03-29 08:36:42 +11:00
Ben Vincent
f21573daae Merge pull request 'feat: deep merge yum repos to manage' (#143) from neoloc/puppet7gpg into develop 
Reviewed-on: unkinben/puppet-prod#143
 2024-03-28 20:15:14 +09:30
Ben Vincent
e02921be75 feat: deep merge yum repos to manage 
- fixed merging of yum repos
- changed puppet7 to use local copy of repo
 2024-03-28 21:41:15 +11:00
Ben Vincent
6b92910457 Merge pull request 'feat: set sysadmin password' (#142) from neoloc/sysadmin into develop 
Reviewed-on: unkinben/puppet-prod#142
 2024-03-28 19:39:01 +09:30
Ben Vincent
0383db2b10 feat: set sysadmin password 2024-03-28 20:34:50 +11:00
Ben Vincent
905f047626 Merge pull request 'feat: enable sydney subnets' (#141) from neoloc/sydprod into develop 
Reviewed-on: unkinben/puppet-prod#141
 2024-03-28 18:39:09 +09:30
Ben Vincent
748a0e8632 feat: enable sydney subnets 2024-03-28 20:08:00 +11:00