unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
947 Commits 18 Branches 0 Tags 3 MiB
56eb5d7cfd
Commit Graph

208 Commits

Author SHA1 Message Date
Ben Vincent
56eb5d7cfd feat: initialise barebones server 
- manage incus servers init
 2025-04-06 23:54:52 +10:00
Ben Vincent
b6ea353cfb feat: update dns resolver acls (#246) 
- add dmz acl
- add common acl
- add loopback/ceph/physical subnets to main acl

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/246
 2025-04-06 16:44:16 +10:00
Ben Vincent
c225564bdb feat: continue incus implementation (#245) 
- migrate to systemd-networkd
- setup dummy, bridge and static/ethernet interfaces
- manage sshd.service droping to start ssh after networking is online
- enable ip forewarding
- add fastpool/data/incus dataset
- enable ospf and frr
- add loopback0 as ssh listenaddress
- add loopback1/2 for ceph cluster/public traffic

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/245
 2025-04-06 16:38:04 +10:00
Ben Vincent
06666fe488 fix: resolve issue with baseos in el9 (#244) 
- was not correctly provisioning the baseos repo for el9 incus hosts

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/244
 2025-04-02 21:02:08 +11:00
Ben Vincent
95bc2716cf neoloc/incus_deploy (#241) 
feat: deploy incus

- manage sysctl based on incus recommendations
- manage limits based on incus recommendations
- manage zpools and zfs datasets
- add incus hiera settings

feat: manage repo for zfs

- dont use zfs module to manage repo, use profiles:😋:global::repos

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/241
 2025-03-31 23:14:05 +11:00
Ben Vincent
d39d25d3f1 feat: add almalinux 9.5 repos using mirrorlist (#235) 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/235
 2025-03-30 16:24:55 +11:00
Ben Vincent
06b458cb0e feat: reposync for almalinux 9.4 (in vault) (#234) 
- sync baseos, ha, appstream and crb repos

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/234
 2025-03-30 12:31:09 +11:00
Ben Vincent
e025928d77 chore: set secretid for puppetboard (#232) 
- manage the secret_key for puppetboard
- required since module upgrade

https://github.com/voxpupuli/puppetboard/issues/721

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/232
 2025-03-30 01:53:25 +11:00
Ben Vincent
6a04701891 feat: add incus role (#229) 
- add basic infra::incus role
- add autossl, consul and ssh-principals for incus

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/229
 2025-03-30 00:56:04 +11:00
Ben Vincent
b95bcbd10a feat: add zfs to reposync (#224) 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/224
 2025-03-29 20:08:31 +11:00
Ben Vincent
771b981d91 feat: enable nomad to manage sessions/services (#222) 
- this is required to start patroni

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/222
 2025-03-20 19:21:40 +11:00
Ben Vincent
a309244713 feat: add nomad nodes (#220) 
- change existing nodes to be nomad-agents

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/220
 2025-03-13 21:23:40 +11:00
Ben Vincent
b981a6fb01 feat: enable nomad jobs to query dns (#218) 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/218
 2025-03-09 17:49:35 +11:00
Ben Vincent
7c1d96bd22 feat: add k8s and docker repos (#217) 
- add docker stable repos to packagerepo
- add k8s 1.32 to packagerepo

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/217
 2025-01-27 12:59:59 +11:00
Ben Vincent
0222f5ec4a feat: update consul etcd check (#216) 
- check the health api endpoint

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/216
 2025-01-26 20:05:18 +11:00
Ben Vincent
afd3405c98 feat: add etcd module/role (#215) 
- add etcd module
- add etcd role, profile and hieradata

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/215
 2025-01-26 20:00:20 +11:00
Ben Vincent
4400456519 feat: add frrouting module (#208) 
- add frrouting module
- enable ospf daemon on nomad agents
- enable docker volumes

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/208
 2024-12-27 23:39:03 +11:00
Ben Vincent
d37fb5d7e1 neoloc/nomad_agent (#207) 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/207
 2024-12-26 20:23:27 +11:00
Ben Vincent
022a564dc0 feat: add nomad agent role (#206) 
- add nomad agent role
- mount cephfs volume nomadfs to /shared/nomad
- manage docker volume path to be /shared/nomad

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/206
 2024-12-26 20:20:51 +11:00
Ben Vincent
6ebf5c03a5 feat: add nomad profile/role (#200) 
- add basic consul manage nomad servers

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/200
 2024-12-22 22:35:31 +11:00
Ben Vincent
52fff0ccea feat: enable root_dir for docker 
- move docker root_dir to /data/docker for runners
 2024-11-30 23:11:24 +11:00
Ben Vincent
58d31c5c9a chore: migrate puppet-r10k 
- moved puppet-r10k the unkin organisation
- ensure branch is set to follow origin/master
 2024-11-17 19:26:27 +11:00
Ben Vincent
92d6697175 Merge pull request 'fix: fix release name' (#180) from neoloc/reposync_sydney into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/180
 2024-11-16 22:36:02 +11:00
Ben Vincent
d3f471f3ed fix: fix release name 
- fix release name for postgresql repos
 2024-11-16 22:35:23 +11:00
Ben Vincent
8f0b3e615c Merge pull request 'feat: add el9 puppet/posgresql repos' (#178) from neoloc/reposync_sydney into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/178
 2024-11-16 22:25:48 +11:00
Ben Vincent
8679a0b904 feat: add el9 puppet/posgresql repos 
- will upgrade to el9 soon, so need to store these repos
 2024-11-16 22:25:06 +11:00
Ben Vincent
16ba54ee0a Merge pull request 'feat: update packagerepo' (#176) from neoloc/reposync_sydney into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/176
 2024-11-16 22:02:46 +11:00
Ben Vincent
abdb3ec8cb feat: update packagerepo 
- remove almalinux/centos/epel repos
- manage consul service `packagerepo`
- manage ssh principals
- update vault alt-names
 2024-11-16 21:43:11 +11:00
Ben Vincent
71b29d5e88 feat: add sudaporn account 
- enable access to media
- enable access to jupyter
 2024-11-16 20:23:01 +11:00
Ben Vincent
6493f392b8 Merge pull request 'neoloc/jupyterhub' (#174) from neoloc/jupyterhub into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/174
 2024-11-16 20:20:16 +11:00
Ben Vincent
42ad972697 feat: add ldap configuration 
- add group members to jupyterhub_user
- add svc_jupyterhub user for ldap binding
- paramatarise all ldap fields required
- manage the notebook data directory
 2024-11-16 19:20:20 +11:00
Ben Vincent
c6bdae5790 Merge pull request 'feat: add jupyterhub role' (#173) from neoloc/jupyterhub into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/173
 2024-11-10 19:14:49 +11:00
Ben Vincent
159d66af18 feat: add jupyterhub role 
- add nodejs module to use npm package provider
- add jupyterhub role
- add class to configure the jupyterhub instance
- add ldap groups
- add nginx simpleproxy
 2024-11-10 19:09:50 +11:00
Ben Vincent
4fec931fb1 feat: add service data 
- add pki certificates
- add consul service
- add ssh principals
 2024-10-27 13:26:07 +11:00
Ben Vincent
1db8847833 feat: add vault admin group 
- group will be assigned global admin rights
 2024-10-21 19:40:52 +11:00
Ben Vincent
5549275ecc chore: add new user 
- add margol as standard media user
 2024-10-20 13:12:36 +11:00
Ben Vincent
7acfea8547 fix: correct given/sn fields 
- fix ryadun's given/sn fields
 2024-10-20 13:12:02 +11:00
Ben Vincent
4a0760516f feat: add vault service account 
- used by vault to bind to ldap
 2024-09-23 22:13:48 +10:00
Ben Vincent
10b57abffc feat: add terraform service account 
- add terraform service account
 2024-09-23 22:08:52 +10:00
Ben Vincent
e09819284d feat: add vault access group 
- add vault_access group
 2024-09-20 23:17:35 +10:00
Ben Vincent
93b9629c5c feat: enable larger uploads to gitea 
- change client body max size to 1GB
 2024-09-08 01:43:22 +10:00
Ben Vincent
0210d849c7 feat: add gitea runner role 
- ensure docker is configured
- create runner user/group
- deploy config.yaml from hiera hash
- install runner from url
- register the runner with the gitea instance
- manage the act_runner service
 2024-09-07 17:59:02 +10:00
Ben Vincent
69c298e162 Merge pull request 'feat: remove masterauth redis' (#156) from neoloc/redis_masterauth into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/156
 2024-09-03 21:29:58 +10:00
Ben Vincent
1ad2b806b4 feat: remove masterauth redis 
- removed requirepass previously, also need to remove masterauth
 2024-09-03 21:29:18 +10:00
Ben Vincent
bcb9beae5f fix: updated client secret 2024-08-31 23:00:58 +10:00
Ben Vincent
0bed8ba4f4 Merge branch 'develop' into neoloc/runner 2024-08-27 22:01:24 +10:00
Ben Vincent
91d9a073d6 feat: add droneadmin 
- add environment variable to assign primary admin
 2024-08-25 14:58:56 +10:00
Ben Vincent
90eabac007 feat: droneci for organisation 
- change from personal account to organisation
 2024-08-25 14:24:45 +10:00
Ben Vincent
d79a5de17b feat: add droneci runner 
- ensure /data and docker are available
- add droneci runner configuration
 2024-08-25 02:14:35 +10:00
Ben Vincent
0f755b231f Merge pull request 'neoloc/droneci' (#148) from neoloc/droneci into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/148
 2024-08-25 00:01:27 +10:00