9d3ddb37df
Merge pull request 'fix: dont manage loopback' ( #22 ) from neoloc/networking_loopback into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/22
2024-06-09 09:07:29 +10:00
934f4be03c
fix: dont manage loopback
...
- dont manage the lo interface
- cleanup /etc/hosts records
2024-06-09 09:06:54 +10:00
777fe1aef6
feat: manage ssh server
...
- add ssh module
- include the ssh::server class
- manage sshd settings
2024-06-08 17:20:56 +10:00
57b935b33e
Merge pull request 'neoloc/networking' ( #21 ) from neoloc/networking into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/21
2024-06-08 17:08:51 +10:00
da9d52e117
chore: set per-node interface/gateway details
2024-06-08 17:07:58 +10:00
06545c6298
feat: change hiera_include, hiera_exclude
...
- change hiera_classes to hiera_include
- add method to remove classes from hiera_include through hiera_exclude
2024-06-08 17:07:58 +10:00
51eeb13793
feat: add networking module
...
- manage interfaces and routes
- set default params for hosts
- add params class to networking module
- set defaults for debian
2024-06-08 17:07:51 +10:00
721d14378a
Merge pull request 'feat: manage the facts soft limit' ( #20 ) from neoloc/puppet_fact_soft_limit into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/20
2024-06-08 13:58:39 +10:00
aaf482c9b9
feat: manage the facts soft limit
...
- set the facts soft limit for agents and servers
- prevent warnings about reaching the default 2048 soft limit
2024-06-08 13:56:53 +10:00
33ba0bb896
feat: networking required modules
...
- add networking, kmod and filemapper plugins
2024-06-07 22:12:26 +10:00
07c896b924
Merge pull request 'fix: make ntp check script executable' ( #19 ) from neoloc/consul_ntp_script into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/19
2024-06-03 20:24:55 +10:00
6822a39dc3
fix: make ntp check script executable
2024-06-03 20:23:23 +10:00
b85f14ed89
Merge pull request 'chore: update apt mirror url' ( #18 ) from neoloc/debian_repository into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/18
2024-06-03 20:19:55 +10:00
e3f34a7cc4
chore: update apt mirror url
...
- change apt mirror url to use edgecache service
2024-06-03 20:19:12 +10:00
c000244c5a
Merge pull request 'fix: add missing check script' ( #17 ) from neoloc/ntp_consul_checkscript into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/17
2024-06-02 19:32:37 +10:00
76fc6b9fa1
fix: add missing check script
2024-06-02 19:32:02 +10:00
902e55f655
Merge pull request 'feat: create ntp consul service' ( #16 ) from neoloc/ntp_consul_service into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/16
2024-06-02 19:27:09 +10:00
da3444e49f
feat: create ntp consul service
...
- create consul policy for ntp servers
- add consul service check and check script
2024-06-02 19:23:39 +10:00
b468f67103
feat: sign ssh host keys
...
- manage python script/venv to sign ssh host certificates
- add approle_id to puppetmaster eyaml files
- add class to sign ssh-rsa host keys
- add facts to check if the current principals match the desired principals
2024-06-01 22:51:42 +10:00
9819ce7f4d
Merge pull request 'ferat: change to gitea hosted package repo' ( #8 ) from neoloc/unkinrepo into develop
...
Reviewed-on: https://git.service.au-syd1.consul/unkinben/puppet-prod/pulls/8
2024-06-01 18:39:55 +10:00
cc7165055d
Merge pull request 'feat: refacter gitea profile' ( #7 ) from neoloc/gitea_refactor into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/7
2024-06-01 17:28:28 +10:00
4bd3310ea8
feat: refacter gitea profile
...
- move more data to hiera
- change how the custom_configuration is made
2024-06-01 17:16:37 +10:00
d7208c5e40
Merge branch 'develop' into neoloc/doc_updates
2024-06-01 15:00:52 +10:00
4b4272250a
Merge branch 'develop' into neoloc/grafana
2024-06-01 14:47:06 +10:00
3dfe9b9b73
Merge pull request 'feat: puppetdb sql updates' ( #5 ) from neoloc/puppetdb_sql into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/5
2024-06-01 14:36:27 +10:00
de39515862
ferat: change to gitea hosted package repo
2024-06-01 14:05:14 +10:00
6a9580b199
Merge pull request 'feat: bump git client_max_body_size' ( #4 ) from neoloc/nginx_clientsize into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/4
2024-06-01 13:32:02 +10:00
6c2328e8ba
feat: bump git client_max_body_size
...
- change from 100m to 250m
2024-06-01 13:31:35 +10:00
7e0df436e2
Merge pull request 'feat: increase client_max_body_size for git' ( #3 ) from neoloc/nginx_clientsize into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/3
2024-06-01 13:19:21 +10:00
e7ddbfa035
feat: increase client_max_body_size for git
...
- update hieradata with client_max_body_size for git role
2024-06-01 12:51:06 +10:00
810ba9ddb7
Merge pull request 'neoloc/nodelookup_consul' ( #2 ) from neoloc/nodelookup_consul into develop
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/2
2024-06-01 12:11:48 +10:00
7cf2e78cea
feat: add sort and count to node_lookup
...
- add -C option to count number of identical records
- sort responses from node_lookup
2024-06-01 12:09:53 +10:00
91e3f2d427
chore: change node_lookup to use consul
...
- remove https, use http backend as no authentication is required
2024-06-01 12:04:57 +10:00
f28ebd2dd8
Merge pull request 'feat: update git sources' ( #1 ) from neoloc/update_git_source into develop
...
Reviewed-on: https://git.service.au-syd1.consul/unkinben/puppet-prod/pulls/1
2024-05-28 23:53:20 +10:00
f029b04427
feat: update git sources
...
- update r10k source
- update enc source
- update source for puppet-bind module
2024-05-28 23:51:19 +10:00
99c4d8717c
Merge pull request 'neoloc/gitea' ( #230 ) from neoloc/gitea into develop
...
Reviewed-on: unkinben/puppet-prod#230
2024-05-28 22:58:49 +09:30
fab4ea5998
feat: add gitea classes
...
- add basic gitea class
2024-05-28 23:14:36 +10:00
ffd574e8f0
feat: add gitea modules
...
- add gitea module
- add dependency extlib
2024-05-28 21:14:42 +10:00
7dacd4a403
Merge pull request 'neoloc/puppetca' ( #229 ) from neoloc/puppetca into develop
...
Reviewed-on: unkinben/puppet-prod#229
2024-05-28 20:37:02 +09:30
263d41fe9e
chore: remove prodinf01n01 as puppetca
2024-05-28 21:06:04 +10:00
df371a6b09
feat: syd1 puppetca provisioning
...
- move puppetca to ausyd1nxvm1036
2024-05-28 20:13:08 +10:00
3fce5ae5bf
Merge pull request 'fix: change drw1 puppetmasters to use syd1 approle' ( #228 ) from neoloc/certmanager_syd1_approle into develop
...
Reviewed-on: unkinben/puppet-prod#228
2024-05-26 00:59:13 +09:30
d2d08bc479
fix: change drw1 puppetmasters to use syd1 approle
...
- changing vault url to vault.query.consul forced puppetmasters in drw1
to connect to syd1 vault hosts
- set drw1 puppetmasters to use syd1 approle_id
2024-05-26 01:27:45 +10:00
413bf78827
Merge pull request 'feat: change vault url to vaul.query.consul' ( #227 ) from neoloc/certmanager into develop
...
Reviewed-on: unkinben/puppet-prod#227
2024-05-26 00:53:39 +09:30
b00781b604
feat: change vault url to vaul.query.consul
...
- support access to vault from multiple datacentres for certmanager
2024-05-26 01:23:16 +10:00
ad268e8977
Merge pull request 'feat: vault use vault' ( #226 ) from neoloc/vault_use_vault into develop
...
Reviewed-on: unkinben/puppet-prod#226
2024-05-26 00:38:55 +09:30
ad4f9b81f4
Merge pull request 'neoloc/syd1_certmanager_approle' ( #224 ) from neoloc/syd1_certmanager_approle into develop
...
Reviewed-on: unkinben/puppet-prod#224
2024-05-26 00:38:16 +09:30
7c0bf4a398
feat: vault use vault
...
- change vault to use vault ephemeral certificates
- remove nginx frontend to vault
2024-05-26 01:06:48 +10:00
7aa7f33145
feat: add ssh host key signing
2024-05-25 16:46:13 +10:00
a6a03b4d83
chore: update headings
2024-05-25 16:45:58 +10:00
