unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
1,088 Commits 18 Branches 0 Tags 3 MiB
41a7066ddb
Commit Graph

88 Commits

Author SHA1 Message Date
Ben Vincent
41a7066ddb feat: ensure frr_exporter can read ospf socket
All checks were successful
Build / precommit (pull_request) Successful in 4m44s
Details 
- add execute permission to frr socker directory
 2025-09-13 14:35:30 +10:00
Ben Vincent
0665873dc8 feat: update ospf source for learned routes (#388) 
- enable changing the source address for learned ospf routes
- this enables the loopback0 interface to be used as a default src address
- ensure k8s nodes use loopback0 as default src
- ensure incus nodes use loopback0 as default src

Reviewed-on: #388
 2025-09-07 16:09:21 +10:00
Ben Vincent
ac36d9627b feat: capture all journald logs (#377) 
- create module class for journald clients
- ensure module class it used on all hosts
- use consul service address for insert/journald

Reviewed-on: #377
 2025-08-09 15:11:47 +10:00
Ben Vincent
1c71229fd3 feat: add victorialogs module (#374) 
- add module for victorialogs
- add hieradata for vl insert/select/storage
- manage packages, directories, services, etc
- manage exporting metrics

Reviewed-on: #374
 2025-08-08 23:59:46 +10:00
Ben Vincent
bbed65b4b8 benvin/frr_exporter (#370) 
Reviewed-on: #370
 2025-08-03 20:14:19 +10:00
Ben Vincent
75ca7a5685 feat: add frr_exporter class (#369) 
- add frr exporter to all nodes running frr

Reviewed-on: #369
 2025-08-03 16:15:29 +10:00
Ben Vincent
53fabc923b feat: add nzbget_exporter (#368) 
- add nzbget_exporter class
- add exporter to nzbget class

Reviewed-on: #368
 2025-08-03 15:03:29 +10:00
Ben Vincent
7fbb87b4b6 feat: add exportarr (#365) 
- add exporters::exportarr
- deploy for radarr, sonarr and prowlarr

Reviewed-on: #365
 2025-07-27 19:47:26 +10:00
Ben Vincent
fd902c1437 feat: create exporters module (#364) 
- upgrade node_exporter, bring managed under exporters module
- upgrade postgres_exporter, bring managed under exporters module
- add flag to cleanup previous iterations of exporters from prometheus module
- fix issues with vmclusster: replication + dedup

Reviewed-on: #364
 2025-07-27 13:28:41 +10:00
Ben Vincent
0e64c9855a feat: add vmcluster module (#363) 
- manage vmstorage package, service and environment file
- manage vmselect package, service and environment file
- manage vminsert package, service and environment file
- manage vmagent package, service and environment file
- manage options for vmstorage, vmselect, vminsert, vmagent role

Reviewed-on: #363
 2025-07-26 18:17:20 +10:00
Ben Vincent
3cfafbac44 feat: enable ceph on k8s nodes (#362) 
- enable enough ceph/frr to join to cephfs
- notify sshd when restarting the network
- update ssh principals to include all ssh interfaces

Reviewed-on: #362
 2025-07-19 20:30:46 +10:00
Ben Vincent
780a97dfe4 feat: add new cobbler master (#355) 
- change cobbler.main.unkin.net to 2098

Reviewed-on: #355
 2025-07-12 20:31:43 +10:00
Ben Vincent
9aa6472e5b feat: ensure /etc/NetworkManager/conf.d exists (#354) 
- required to create dns-none setting

Reviewed-on: #354
 2025-07-12 14:19:22 +10:00
Ben Vincent
40c57ede59 feat: add ci build task (#342) 
- a ci workflow for build tests
- run pre-commit against all files

Reviewed-on: #342
 2025-07-08 20:19:36 +10:00
Ben Vincent
b976f2063a feat: deploy redis for git (#336) 
- deploy redis/sentinel ha cluster for git
- update redis to 7 (required for almalinux 9)
- enable requirepass/masterauth

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/336
 2025-07-05 15:51:28 +10:00
Ben Vincent
a9faa098ee benvin/grafana_postgres (#334) 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/334
 2025-07-01 19:07:24 +10:00
Ben Vincent
715e88176b chore: confine incus facts to incus (#326) 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/326
 2025-06-28 21:24:08 +10:00
Ben Vincent
1837506b6c feat: add incus facts (#325) 
- incus container counts
- incus profile list
- allocated memory/cpu

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/325
 2025-06-28 21:14:39 +10:00
Ben Vincent
62837bb22d feat: add zone to subnet facts (#320) 
- add common and dmz zone fact information

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/320
 2025-06-21 15:42:37 +10:00
Ben Vincent
66fdd7b615 feat: update incus image host to run on incus (#309) 
- remove zfs
- remove some sysctl values
- remove memlocks from limits
- install iptables, required for creating bridges

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/309
 2025-06-08 22:58:44 +10:00
Ben Vincent
b3347f9226 chore: migrate media applications (#299) 
- migrate media applications to new cephfs pool + incus
- enable exporting haproxy
- move ceph-client-setup to only apply to non-lxc hosts
- ensure unrar is installed for nzbget
- updated jellyfin use of data_dir
- set lxc instances for jellyfin to use /shared/apps/jellyfin

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/299
 2025-05-25 20:27:17 +10:00
Ben Vincent
3079f7d000 feat: enable use of dhcp addresses in networkd (#273) 
- change ipaddress to be optional
- add dhcp option

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/273
 2025-05-03 23:51:17 +10:00
Ben Vincent
2321186ad5 neoloc/mpls_ldp_frr (#255) 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/255
 2025-04-24 16:51:31 +10:00
Ben Vincent
c24babe309 feat: add incus image host (#254) 
- add role
- add consul service + checks
- manage the datavol as zfs
- insure the incus fact exists before attempting to read it

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/254
 2025-04-24 01:00:39 +10:00
Ben Vincent
8c76e71dc4 chore: set core.https_address for incus (#249) 
- check the current config and update core.https_address if its wrong

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/249
 2025-04-07 11:04:12 +10:00
Ben Vincent
0e3dd4d7d0 feat: initialise barebones server (#248) 
- manage incus servers init

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/248
 2025-04-06 23:56:50 +10:00
Ben Vincent
83d0b31753 fix: set default for use_networkd (#247) 
- resolving issue where the systemd::manage_networkd is missing for most
  hosts, setting a default

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/247
 2025-04-06 19:24:39 +10:00
Ben Vincent
c225564bdb feat: continue incus implementation (#245) 
- migrate to systemd-networkd
- setup dummy, bridge and static/ethernet interfaces
- manage sshd.service droping to start ssh after networking is online
- enable ip forewarding
- add fastpool/data/incus dataset
- enable ospf and frr
- add loopback0 as ssh listenaddress
- add loopback1/2 for ceph cluster/public traffic

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/245
 2025-04-06 16:38:04 +10:00
Ben Vincent
bdf420973d feat: add incus module (#230) 
- add a basic incus module

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/230
 2025-03-30 01:12:53 +11:00
Ben Vincent
d0eb4c078d feat: add zfs modules (#225) 
- add zfs_core module to puppetfile (provides zfs/zpool provider)
- add module to manage zfs

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/225
 2025-03-29 22:31:02 +11:00
Ben Vincent
adc0cf2c09 neoloc/lxd_hosts (#223) 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/223
 2025-03-29 19:40:01 +11:00
Ben Vincent
8eb751e22f feat: change enc_* fact to read direct from cobbler (#219) 
- change enc_role and enc_env to read direct from cobbler
- cleanup profiles::base::facts

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/219
 2025-03-12 23:09:15 +11:00
Ben Vincent
afd3405c98 feat: add etcd module/role (#215) 
- add etcd module
- add etcd role, profile and hieradata

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/215
 2025-01-26 20:00:20 +11:00
Ben Vincent
4400456519 feat: add frrouting module (#208) 
- add frrouting module
- enable ospf daemon on nomad agents
- enable docker volumes

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/208
 2024-12-27 23:39:03 +11:00
Ben Vincent
2ef4fb0bf8 feat: update certbot module 
- update documentation
- add option to notify services
- set haproxy role to notify the haproxy service
 2024-10-07 13:40:53 +11:00
Ben Vincent
265400db91 feat: confine fact to patroni 2024-09-03 22:18:53 +10:00
Ben Vincent
afda425fab feat: psql changes on master only 
- add fact to detect if a psql host is a slave
- only import users/db/grants on master
 2024-09-03 22:13:50 +10:00
Ben Vincent
d79a5de17b feat: add droneci runner 
- ensure /data and docker are available
- add droneci runner configuration
 2024-08-25 02:14:35 +10:00
Ben Vincent
5d36a4053b feat: add droneci module 
- add droneci module for server
- add droneci/server role
- add consul query for droneci service
- manage certificates, ssh principals, consul services/checks
 2024-08-24 00:34:15 +10:00
Ben Vincent
4347faf153 Merge pull request 'neoloc/redis' (#139) from neoloc/redis into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/139
 2024-08-10 18:47:17 +10:00
Ben Vincent
b7fc6a1993 feat: create redisha module 
- manage redis/sentinel clusters
- ensure ulimit_managed is false
- dynamically find servers in role to identify master
- add redisadm and sentineladm commands
- add script to check if the current host in the master
 2024-08-10 17:39:24 +10:00
Ben Vincent
0cad88cdad chore: prevent empty lines 
- prevent empty lines when user features are not enabled
- change epp to erb template for user objects
 2024-08-07 22:51:13 +10:00
Ben Vincent
3ed692cc77 Merge pull request 'feat: manage the nzbget service' (#112) from neoloc/nzbget_group_media into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/112
 2024-07-11 22:27:44 +10:00
Ben Vincent
ec92a6d3df feat: manage the nzbget service 2024-07-11 21:39:34 +10:00
Ben Vincent
95a0b543fd feat: add othergroups support for services 
- extend glauth::obj::service to allow othergroups
 2024-07-11 19:59:26 +10:00
Ben Vincent
0c1fd63b7d fix: change nzbget::manage_group to boolean 2024-07-09 23:22:49 +10:00
Ben Vincent
fd5163d6e6 Merge branch 'develop' into neoloc/nzbget 2024-07-09 22:25:28 +10:00
Ben Vincent
d67eba5860 feat: add nzbget module/role 
- add nzbget module
- add nzbget ldap user/group
 2024-07-09 22:23:58 +10:00
Ben Vincent
d9a2966ffd fix: certbot selinux and rsync 
- fix rsync to use 755 permissions
- add rsync selinux booleans
 2024-07-08 23:17:38 +10:00
Ben Vincent
bd5164fed3 feat: certbot reorg 
- moved certbot into its own module
- added fact to list available certificates
- created systemd timer to rsync data to $data_dir/pub
- ensure the $data_dir/pub exists
- manage selinux for nginx
 2024-07-08 22:33:11 +10:00