unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
851 Commits 18 Branches 0 Tags 3 MiB
42ad972697
Commit Graph

361 Commits

Author SHA1 Message Date
Ben Vincent
42ad972697 feat: add ldap configuration 
- add group members to jupyterhub_user
- add svc_jupyterhub user for ldap binding
- paramatarise all ldap fields required
- manage the notebook data directory
 2024-11-16 19:20:20 +11:00
Ben Vincent
61f5f1ce1f feat: add docker settings 
- list docker network and image
- fix ldap_admin setting to be a list of users
 2024-11-10 20:26:18 +11:00
Ben Vincent
159d66af18 feat: add jupyterhub role 
- add nodejs module to use npm package provider
- add jupyterhub role
- add class to configure the jupyterhub instance
- add ldap groups
- add nginx simpleproxy
 2024-11-10 19:09:50 +11:00
Ben Vincent
4bf4b42fdf feat: restart nginx on ssl change 
- manage nginx service from simpleproxy class
- ensure nginx restarts when ssl certificates are changed
 2024-09-27 21:46:46 +10:00
Ben Vincent
0210d849c7 feat: add gitea runner role 
- ensure docker is configured
- create runner user/group
- deploy config.yaml from hiera hash
- install runner from url
- register the runner with the gitea instance
- manage the act_runner service
 2024-09-07 17:59:02 +10:00
Ben Vincent
42d8047043 fix: comments in gitea role 
- was copy of puppetboard, missed updating the comment
 2024-09-03 22:34:48 +10:00
Ben Vincent
afda425fab feat: psql changes on master only 
- add fact to detect if a psql host is a slave
- only import users/db/grants on master
 2024-09-03 22:13:50 +10:00
Ben Vincent
2912cbb68b feat: add droneci runner 
- add runner role
 2024-08-25 00:00:48 +10:00
Ben Vincent
5d36a4053b feat: add droneci module 
- add droneci module for server
- add droneci/server role
- add consul query for droneci service
- manage certificates, ssh principals, consul services/checks
 2024-08-24 00:34:15 +10:00
Ben Vincent
8fad79f2bc feat: manage database/user/grants for patroni 
- add defines for exporting/collecting psql objects for patroni
- add generic profile for managing patroni psql databases for an app
 2024-08-24 00:33:18 +10:00
Ben Vincent
1a2023f4ff Merge pull request 'feat: add patroni/psql cluster' (#140) from neoloc/patroni into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/140
 2024-08-10 23:40:29 +10:00
Ben Vincent
35834f8f5a feat: add patroni/psql cluster 
- add patroni puppet module
- add patroni role and hieradata
- add sql/patroni class that utilised consul
 2024-08-10 22:34:43 +10:00
Ben Vincent
dafac3d5ab fix: require vault-unseal.service 
- wrong service name specified
 2024-08-07 22:05:50 +10:00
Ben Vincent
3ce2ec3754 Merge pull request 'feat: auto-unseal vault every hour' (#132) from neoloc/vault_unseal_check into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/132
 2024-08-06 22:51:54 +10:00
Ben Vincent
7863d54275 feat: auto-unseal vault every hour 
- add cron job to run vault unsealing service hourly
 2024-08-06 22:51:16 +10:00
Ben Vincent
988e7c2a32 Merge pull request 'feat: auto restart puppetdb' (#131) from neoloc/puppetdb_restart into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/131
 2024-08-06 22:47:02 +10:00
Ben Vincent
0c44654a47 feat: auto restart puppetdb 
- found several times the puppetdb service locks up after a week of active time
- restart the puppetdb nightly to prevent lock ups
 2024-08-06 22:43:07 +10:00
Ben Vincent
20ee6fa19e Merge pull request 'feat: add rundeck runner user' (#130) from neoloc/rundeck_user into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/130
 2024-08-06 22:36:54 +10:00
Ben Vincent
c846cc4e21 feat: add rundeck runner user 
- add rundeck account on all hosts except rundeck
- add rundeck ssh private/public key to rundeck server
 2024-08-06 22:33:32 +10:00
Ben Vincent
2ae8dbc0ac feat: add gonic role 
- basic role only
 2024-08-01 22:38:32 +10:00
Ben Vincent
eb32a216f5 Merge pull request 'neoloc/rundeck' (#121) from neoloc/rundeck into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/121
 2024-07-28 02:05:20 +10:00
Ben Vincent
5354c99b1e feat: add rundeck profile 
- export mysql user for each rundeck server
- ensure the jdbc driver for mariadb is available
- exclude jq from default packages (managed by rundeck)
- add groups for admin/user for each project in rundeck
- add consul service
- add vault certificates
- add ssh principals
- add nginx simpleproxy
 2024-07-28 01:51:41 +10:00
Ben Vincent
6a3123e12e Merge pull request 'feat: change packages to Hash' (#120) from neoloc/packages_hash into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/120
 2024-07-27 16:29:48 +10:00
Ben Vincent
08241692ee feat: add rundeck 
- add puppet-rundeck module
- add rundeck role
 2024-07-27 13:06:14 +10:00
Ben Vincent
76989e45c4 feat: change packages to Hash 
- change from multiple arrays for managing packages to a hash
- change to ensure_packages to prevent duplicate resource conflicts
 2024-07-27 13:05:54 +10:00
Ben Vincent
cc01259a64 feat: change packages to Hash 
- change from multiple arrays for managing packages to a hash
- change to ensure_packages to prevent duplicate resource conflicts
 2024-07-27 13:01:06 +10:00
Ben Vincent
b5148fc2a0 Merge pull request 'fix: generate_types cahnges' (#119) from neoloc/puppetserver_startup into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/119
 2024-07-27 00:17:46 +10:00
Ben Vincent
ab44bfc430 fix: generate_types cahnges 
- this command will always fail, remove the systemd dropin
- create script that will run and exit with 0
- create systemd service/timer to run script daily
 2024-07-27 00:13:25 +10:00
Ben Vincent
480eced404 Merge pull request 'feat: add vrrp to halb' (#116) from neoloc/keepalived into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/116
 2024-07-14 22:07:34 +10:00
Ben Vincent
946922fdb9 feat: add vrrp to halb 
- update keepalived module to 5.1.0
- add keepalived::vrrp::* to be deep merged in hiera
- add vrrp dns configuration
- add vrrp instance/script to halb in syd1
 2024-07-13 20:15:13 +10:00
Ben Vincent
0fb11b22cf feat: add param for ffmpeg 
- add param to jellyfin class to specify the path to ffmpeg
- update templates to use location
 2024-07-11 22:41:08 +10:00
Ben Vincent
f63cf2f654 fix: create nginx cache dirs before nginx class 2024-07-09 23:29:56 +10:00
Ben Vincent
e8c8f5c1d6 fix: simpleproxy create cachedirs 
- ensure the '/var/cache/nginx' directory exists
 2024-07-09 23:27:51 +10:00
Ben Vincent
1204ee3314 feat: actually add nzbget profile 2024-07-09 23:20:12 +10:00
Ben Vincent
1532641640 feat: add nzbget to media platform 
- add haproxy rules
- generate/distribute letsencrypt certificates
- manage access to cephfs
 2024-07-09 22:32:54 +10:00
Ben Vincent
bd5164fed3 feat: certbot reorg 
- moved certbot into its own module
- added fact to list available certificates
- created systemd timer to rsync data to $data_dir/pub
- ensure the $data_dir/pub exists
- manage selinux for nginx
 2024-07-08 22:33:11 +10:00
Ben Vincent
30ec8c1bb1 feat: enable retrieval of certbot certs 
- refactor certbot
- add nginx to certbot hosts
 2024-07-07 22:30:40 +10:00
Ben Vincent
9db714d02f feat: manage certbot 
- add haproxy backend for be_letsencrypt
- manage the certbot role/profile
- create define to export certificate requests
 2024-07-07 21:21:50 +10:00
Ben Vincent
152ffaa1d3 Merge pull request 'feat: stop installing systemd exported by default' (#94) from neoloc/systemd_exporter_removal into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/94
 2024-07-07 15:02:48 +10:00
Ben Vincent
65046329f4 feat: stop installing systemd exported by default 2024-07-07 15:01:49 +10:00
Ben Vincent
d05cf628a8 Merge pull request 'fix: change service to socket' (#93) from neoloc/cobbler_socket into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/93
 2024-07-06 23:40:20 +10:00
Ben Vincent
da1402691c fix: change service to socket 
- ensure the tftpd.socket is running, which starts the service
 2024-07-06 23:37:55 +10:00
Ben Vincent
b5c7b310ee Merge pull request 'neoloc/mediaproxy' (#92) from neoloc/mediaproxy into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/92
 2024-07-06 23:24:49 +10:00
Ben Vincent
8b01ddba9c fix: cleanup simpleproxy 
- remove commented sections
- remove $server from locations
 2024-07-06 22:09:16 +10:00
Ben Vincent
d1dd12a091 feat: add cache to simpleproxy 2024-07-06 22:05:55 +10:00
Ben Vincent
354e561380 feat: add ldapauth for nginx 
- add service, defaults and script
 2024-07-06 22:02:00 +10:00
Ben Vincent
02a2097955 feat: paramatise use_default_location 
- allow the use of location blocks for simpleproxy
- add way to add locations in simpleproxy
 2024-07-05 23:10:58 +10:00
Ben Vincent
658af2b6b6 Merge pull request 'feat: manage jellyfin data migration_flag' (#90) from neoloc/jellyfin into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/90
 2024-07-04 00:09:22 +10:00
Ben Vincent
f3046f8fbb feat: manage jellyfin data migration_flag 2024-07-03 22:49:54 +10:00
Ben Vincent
8e1622a158 Merge pull request 'neoloc/glauth' (#87) from neoloc/glauth into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/87
 2024-07-02 18:12:54 +10:00