puppet-prod

Author	SHA1	Message	Date
Ben Vincent	5631f07e6e	feat: add cephfs shared volume define - add ceph class to manage ceph client configuration/packages - add cephfs define for mounting volumes - add ceph keyring define to manage secrets used to mount cephfs	2024-06-23 15:33:33 +10:00
Ben Vincent	8548ef0284	Merge pull request 'neoloc/sonarr_deploy' (#48 ) from neoloc/sonarr_deploy into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/48	2024-06-21 22:53:06 +10:00
Ben Vincent	681f9e3eb8	feat: deploy sonarr - add required hieradata/role data to deploy sonarr - add nginx simpleproxy - add consul service/query - add vault certificates	2024-06-21 22:51:40 +10:00
Ben Vincent	59b181ed54	Merge pull request 'feat: add ceph mirror to edgecache' (#43 ) from neoloc/ceph_mirror into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/43	2024-06-21 20:44:08 +10:00
Ben Vincent	36ad19ffed	feat: add ceph mirror to edgecache - add ceph reef apt and rpm repository to edgecache - add the centos storage sig gpg	2024-06-21 20:38:54 +10:00
Ben Vincent	a3ef535bfc	fix: ceph consul check script - add permissions to write ceph-* services to consul - change from `script` to `args` array	2024-06-19 22:36:04 +10:00
Ben Vincent	0ff9b86782	Merge pull request 'chore: change ssh to listen to vmbr1' (#39 ) from neoloc/proxmox_ips into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/39	2024-06-17 21:55:18 +10:00
Ben Vincent	7d70b99491	chore: change ssh to listen to vmbr1 - changed enp3s0 from static interface to bridge member - added bridge vmbr1, with enp3s0 as member	2024-06-17 21:54:26 +10:00
Ben Vincent	c6530e34f6	Merge pull request 'feat: add haproxy exporter' (#38 ) from neoloc/haproxy_exporter into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/38	2024-06-17 21:36:31 +10:00
Ben Vincent	5725d092b8	feat: add haproxy exporter - add admin socket for exporter	2024-06-16 20:56:23 +10:00
Ben Vincent	62cac63f11	feat: add database generation to grafana - ensure a database, user and credential is created for each grafana node - ensure all databases for a region are included in a mariadb cluster - refine params with stdlib types	2024-06-16 18:49:59 +10:00
Ben Vincent	0fe05bb896	Merge branch 'develop' into neoloc/grafana	2024-06-16 00:39:45 +10:00
Ben Vincent	67f831edaf	fix: yumrepo purging	2024-06-14 23:55:31 +10:00
Ben Vincent	6b0e0daecb	chore: add ssh principals - add ssh principals for consul service addresses	2024-06-11 20:20:12 +10:00
Ben Vincent	6f7740e6a2	fix: add cluster ip to sshd ListenAddress - ensure cluster communication over ssh can function	2024-06-11 20:02:04 +10:00
Ben Vincent	abd2eb5c9b	adding hieradata/nodes/ausyd1nxvm1037.main.unkin.net.yaml	2024-06-10 22:18:16 +10:00
Ben Vincent	e00a78e5fb	Merge pull request 'fix: resolve vncproxy issue' (#28 ) from neoloc/proxmox_ssh into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/28	2024-06-10 13:02:18 +10:00
Ben Vincent	a143732b3b	fix: resolve vncproxy issue https://forum.proxmox.com/threads/lc_pve_ticket-not-set-vnc-proxy-without-password-is-forbiddentask-error-failed-to-run-vncproxy.98192/	2024-06-10 13:01:45 +10:00
Ben Vincent	45f3cb39c7	Merge pull request 'fix: proxmox root ssh' (#27 ) from neoloc/proxmox_ssh into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/27	2024-06-10 12:07:43 +10:00
Ben Vincent	2b36ee3efa	fix: proxmox root ssh - allow proxmox hosts to accept root logins	2024-06-10 12:07:08 +10:00
Ben Vincent	4ab5fd6be3	Adding hieradata/node/ausyd1nxvm1039.main.unkin.net.yaml	2024-06-10 11:57:51 +10:00
Ben Vincent	255cf38c67	Adding hieradata/node/ausyd1nxvm1038.main.unkin.net.yaml	2024-06-10 11:51:29 +10:00
Ben Vincent	5e13f1a1e8	adding hieradata/nodes/ausyd1nxvm1037.main.unkin.net.yaml	2024-06-10 11:50:15 +10:00
Ben Vincent	965e334636	Merge branch 'develop' into neoloc/sshsign_hostkeys	2024-06-09 20:39:27 +10:00
Ben Vincent	d4163233f6	Merge branch 'develop' into neoloc/sshsign_hostkeys	2024-06-09 20:38:25 +10:00
Ben Vincent	52b06dcd8e	feat: manage ssh known hosts - disable use of stored configs for ssh-known-hosts - manage the /etc/ssh/ssh_known_hosts content	2024-06-09 20:26:34 +10:00
Ben Vincent	934f4be03c	fix: dont manage loopback - dont manage the lo interface - cleanup /etc/hosts records	2024-06-09 09:06:54 +10:00
Ben Vincent	777fe1aef6	feat: manage ssh server - add ssh module - include the ssh::server class - manage sshd settings	2024-06-08 17:20:56 +10:00
Ben Vincent	da9d52e117	chore: set per-node interface/gateway details	2024-06-08 17:07:58 +10:00
Ben Vincent	06545c6298	feat: change hiera_include, hiera_exclude - change hiera_classes to hiera_include - add method to remove classes from hiera_include through hiera_exclude	2024-06-08 17:07:58 +10:00
Ben Vincent	51eeb13793	feat: add networking module - manage interfaces and routes - set default params for hosts - add params class to networking module - set defaults for debian	2024-06-08 17:07:51 +10:00
Ben Vincent	e3f34a7cc4	chore: update apt mirror url - change apt mirror url to use edgecache service	2024-06-03 20:19:12 +10:00
Ben Vincent	902e55f655	Merge pull request 'feat: create ntp consul service' (#16 ) from neoloc/ntp_consul_service into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/16	2024-06-02 19:27:09 +10:00
Ben Vincent	da3444e49f	feat: create ntp consul service - create consul policy for ntp servers - add consul service check and check script	2024-06-02 19:23:39 +10:00
Ben Vincent	b468f67103	feat: sign ssh host keys - manage python script/venv to sign ssh host certificates - add approle_id to puppetmaster eyaml files - add class to sign ssh-rsa host keys - add facts to check if the current principals match the desired principals	2024-06-01 22:51:42 +10:00
Ben Vincent	9819ce7f4d	Merge pull request 'ferat: change to gitea hosted package repo' (#8 ) from neoloc/unkinrepo into develop Reviewed-on: https://git.service.au-syd1.consul/unkinben/puppet-prod/pulls/8	2024-06-01 18:39:55 +10:00
Ben Vincent	cc7165055d	Merge pull request 'feat: refacter gitea profile' (#7 ) from neoloc/gitea_refactor into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/7	2024-06-01 17:28:28 +10:00
Ben Vincent	4bd3310ea8	feat: refacter gitea profile - move more data to hiera - change how the custom_configuration is made	2024-06-01 17:16:37 +10:00
Ben Vincent	4b4272250a	Merge branch 'develop' into neoloc/grafana	2024-06-01 14:47:06 +10:00
Ben Vincent	3dfe9b9b73	Merge pull request 'feat: puppetdb sql updates' (#5 ) from neoloc/puppetdb_sql into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/5	2024-06-01 14:36:27 +10:00
Ben Vincent	de39515862	ferat: change to gitea hosted package repo	2024-06-01 14:05:14 +10:00
Ben Vincent	6c2328e8ba	feat: bump git client_max_body_size - change from 100m to 250m	2024-06-01 13:31:35 +10:00
Ben Vincent	e7ddbfa035	feat: increase client_max_body_size for git - update hieradata with client_max_body_size for git role	2024-06-01 12:51:06 +10:00
Ben Vincent	f029b04427	feat: update git sources - update r10k source - update enc source - update source for puppet-bind module	2024-05-28 23:51:19 +10:00
Ben Vincent	fab4ea5998	feat: add gitea classes - add basic gitea class	2024-05-28 23:14:36 +10:00
Ben Vincent	263d41fe9e	chore: remove prodinf01n01 as puppetca	2024-05-28 21:06:04 +10:00
Ben Vincent	df371a6b09	feat: syd1 puppetca provisioning - move puppetca to ausyd1nxvm1036	2024-05-28 20:13:08 +10:00
Ben Vincent	d2d08bc479	fix: change drw1 puppetmasters to use syd1 approle - changing vault url to vault.query.consul forced puppetmasters in drw1 to connect to syd1 vault hosts - set drw1 puppetmasters to use syd1 approle_id	2024-05-26 01:27:45 +10:00
Ben Vincent	b00781b604	feat: change vault url to vaul.query.consul - support access to vault from multiple datacentres for certmanager	2024-05-26 01:23:16 +10:00
Ben Vincent	ad268e8977	Merge pull request 'feat: vault use vault' (#226 ) from neoloc/vault_use_vault into develop Reviewed-on: unkinben/puppet-prod#226	2024-05-26 00:38:55 +09:30

1 2 3 4 5 ...

253 Commits