5d36a4053b
feat: add droneci module
...
- add droneci module for server
- add droneci/server role
- add consul query for droneci service
- manage certificates, ssh principals, consul services/checks
2024-08-24 00:34:15 +10:00
1a2023f4ff
Merge pull request 'feat: add patroni/psql cluster' ( #140 ) from neoloc/patroni into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/140
2024-08-10 23:40:29 +10:00
35834f8f5a
feat: add patroni/psql cluster
...
- add patroni puppet module
- add patroni role and hieradata
- add sql/patroni class that utilised consul
2024-08-10 22:34:43 +10:00
4347faf153
Merge pull request 'neoloc/redis' ( #139 ) from neoloc/redis into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/139
2024-08-10 18:47:17 +10:00
5c731fef34
feat: deploy redisha cluster
...
- manage pki and ssh principals
- manage redis/sentinel with redisha module
- add consul checks to manage redis-replica/redis-master services
- manage sudo rules for consul checks
2024-08-10 17:39:30 +10:00
4d08e30733
Merge pull request 'fix: also fix repodata' ( #138 ) from neoloc/cephreef into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/138
2024-08-10 13:36:30 +10:00
e2873a492a
fix: also fix repodata
2024-08-10 13:36:04 +10:00
90af895a34
Merge pull request 'fix: ceph-reef 18.2.4 not on el8' ( #137 ) from neoloc/cephreef into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/137
2024-08-10 13:30:54 +10:00
52e3d5b20b
fix: ceph-reef 18.2.4 not on el8
...
- force repo to use 18.2.2
2024-08-10 13:30:16 +10:00
403e3eeb1b
chore: add account
2024-08-08 19:01:18 +10:00
a5baed8cd9
chore: add two new users
...
- add marbal and seablo
2024-08-07 22:19:08 +10:00
c846cc4e21
feat: add rundeck runner user
...
- add rundeck account on all hosts except rundeck
- add rundeck ssh private/public key to rundeck server
2024-08-06 22:33:32 +10:00
eb32a216f5
Merge pull request 'neoloc/rundeck' ( #121 ) from neoloc/rundeck into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/121
2024-07-28 02:05:20 +10:00
5354c99b1e
feat: add rundeck profile
...
- export mysql user for each rundeck server
- ensure the jdbc driver for mariadb is available
- exclude jq from default packages (managed by rundeck)
- add groups for admin/user for each project in rundeck
- add consul service
- add vault certificates
- add ssh principals
- add nginx simpleproxy
2024-07-28 01:51:41 +10:00
6a3123e12e
Merge pull request 'feat: change packages to Hash' ( #120 ) from neoloc/packages_hash into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/120
2024-07-27 16:29:48 +10:00
cb5bb0798f
feat: add rundeck to ldap
...
- add service account for rundeck
- add rundeck_access group
2024-07-27 13:06:14 +10:00
08241692ee
feat: add rundeck
...
- add puppet-rundeck module
- add rundeck role
2024-07-27 13:06:14 +10:00
cc01259a64
feat: change packages to Hash
...
- change from multiple arrays for managing packages to a hash
- change to ensure_packages to prevent duplicate resource conflicts
2024-07-27 13:01:06 +10:00
319c3b6d67
feat: ensure *arr can access prowlarr
2024-07-13 16:55:21 +10:00
01fc6aacd7
Merge pull request 'fix: remove unkin.net from internal dns' ( #113 ) from neoloc/bind_static_dns into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/113
2024-07-11 22:31:29 +10:00
73c7dbd56c
fix: remove unkin.net from internal dns
...
- unkin.net is entirely hosted externally
2024-07-11 22:30:44 +10:00
bbd6cdb228
Merge pull request 'feat: add rpmfusion to nzbget' ( #110 ) from neoloc/rpmfusion_nzbget into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/110
2024-07-11 21:28:56 +10:00
2cbba808c3
feat: add rpmfusion to nzbget
2024-07-11 21:24:35 +10:00
3dc8fb03fa
chore: add service account to submit nzbs
2024-07-11 19:56:17 +10:00
93ab2bebc3
feat: rewrite for nzbget
...
- required for consul health check to work
2024-07-10 21:26:53 +10:00
5221c15a66
fix: update ldap filter
...
- update ldap filter for *arr's to match on user and group
2024-07-10 20:43:50 +10:00
1532641640
feat: add nzbget to media platform
...
- add haproxy rules
- generate/distribute letsencrypt certificates
- manage access to cephfs
2024-07-09 22:32:54 +10:00
857d51a934
chore: add matsol to nzbget
2024-07-09 22:26:03 +10:00
fd5163d6e6
Merge branch 'develop' into neoloc/nzbget
2024-07-09 22:25:28 +10:00
d67eba5860
feat: add nzbget module/role
...
- add nzbget module
- add nzbget ldap user/group
2024-07-09 22:23:58 +10:00
384e301fd3
Merge pull request 'feat: add new users' ( #98 ) from neoloc/moreusers into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/98
2024-07-09 19:22:26 +10:00
d52949fc4f
feat: add new users
...
- matsol
2024-07-09 19:21:59 +10:00
bd5164fed3
feat: certbot reorg
...
- moved certbot into its own module
- added fact to list available certificates
- created systemd timer to rsync data to $data_dir/pub
- ensure the $data_dir/pub exists
- manage selinux for nginx
2024-07-08 22:33:11 +10:00
30ec8c1bb1
feat: enable retrieval of certbot certs
...
- refactor certbot
- add nginx to certbot hosts
2024-07-07 22:30:40 +10:00
9db714d02f
feat: manage certbot
...
- add haproxy backend for be_letsencrypt
- manage the certbot role/profile
- create define to export certificate requests
2024-07-07 21:21:50 +10:00
991c8a3029
feat: haproxy updates
...
- add acls for all backends
- harden security of backends
- update http-check for all backends
2024-07-07 16:51:36 +10:00
b5c7b310ee
Merge pull request 'neoloc/mediaproxy' ( #92 ) from neoloc/mediaproxy into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/92
2024-07-06 23:24:49 +10:00
2ab2cd1399
feat: deploy ldap-auth to all *arrs
...
- refactor sonarr locations to generalised locations
- set locations to be deep merged
- updated hiera_include statements for media and media subroles
- added eyaml entries for all ldap credentials
2024-07-06 22:50:10 +10:00
cbded220bb
feat: add sonarr locations
...
- add authproxy
- add api and web
- add /consul/health for unauth access from consul
- update sonarr/consul check to use /consul/health
- change client body side to 20mb
2024-07-06 22:01:47 +10:00
89697e85aa
Merge pull request 'chore: update svc_sonarr credential' ( #91 ) from neoloc/sonarr_auth into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/91
2024-07-06 18:32:43 +10:00
158ebaf7a0
chore: update svc_sonarr credential
2024-07-06 18:32:25 +10:00
21a45c1b03
feat: add rpmfusion to jellyfin hosts
...
- required for jellyfin packages
- additional dependencies also from rpmfusion
2024-07-03 21:27:05 +10:00
8e1622a158
Merge pull request 'neoloc/glauth' ( #87 ) from neoloc/glauth into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/87
2024-07-02 18:12:54 +10:00
6e3802ad57
feat: add users/services/groups
2024-07-01 22:54:22 +10:00
c8604baa4e
feat: add glauth role/profile classes
...
- role added to cobbler
- add role specific hieradata
2024-07-01 22:42:29 +10:00
f81b5753ff
feat: add jellyfin role/profile classes
2024-06-30 00:02:16 +10:00
9b8556f487
fear: deploy additional *arr stack apps
...
- cleanup hieradata entires for roles to remove some defaults
- add profiles::media::* classes to manage *arr stacks
2024-06-27 23:42:33 +10:00
8a1d62cd41
chore: change media group to 20000
...
- found 10001 and simliar were already taken
2024-06-27 23:20:51 +10:00
b6a77afc7b
chore: change all *arr's to use port 8000 locally
2024-06-27 23:19:45 +10:00
2b1ea45e4e
feat: add manage_group param to *arr stack
...
- change hieradata/role/apps/media/* to use correct namespaces
- add manage_group boolean to all *arr stack modules
2024-06-27 23:15:08 +10:00
