unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
316 Commits 18 Branches 0 Tags 3 MiB
57b7a3036b
Commit Graph

107 Commits

Author SHA1 Message Date
Ben Vincent
57b7a3036b Merge pull request 'feat: add virtual/physical check' (#147) from neoloc/sensors into develop 
Reviewed-on: unkinben/puppet-prod#147
 2024-04-06 02:53:57 +09:30
Ben Vincent
2091f1ada3 feat: add haproxy profile 
- add haproxy server class
- add haproxy profile to role
- add hiera data for region specific haproxy
- add selinux configuration
- add certlist management
- add default http and https frontends
- add default stats listener
 2024-04-06 03:27:45 +11:00
Ben Vincent
5bde96fb4d feat: change certmanage to approles 
- created approle 'certmanager' using 'certmanager' policy
- update certmanager script to generate token based on roleid
 2024-04-04 00:32:08 +11:00
Ben Vincent
64563902d4 feat: deploy cobbler enc 
- install python3.11 on all nodes
- create python3.11 venv for cobbler-enc
- install requirements in cobbler-enc venv
- symlink to /usr/local/bin/
 2024-03-31 20:58:31 +11:00
Ben Vincent
0ad31f6013 feat: add virtual/physical check 
- add virtual tree to hiera
- add virtual/kvm and virtual/physical hiera sources
- add lm_sensors to be installed on hardware nodes
 2024-03-31 15:36:41 +11:00
Ben Vincent
d64e185919 Merge pull request 'feat: add dhcp servers' (#145) from neoloc/dhcp-server into develop 
Reviewed-on: unkinben/puppet-prod#145
 2024-03-29 07:45:16 +09:30
Ben Vincent
d64860f47b feat: add dhcp servers 
- include puppet-dhcp module
- manage dhcp pools
- manage dhcp classes (bios/uefi)
 2024-03-29 09:13:26 +11:00
Ben Vincent
159c57677a Merge pull request 'feat: add cobbler profile' (#144) from neoloc/cobbler_profile into develop 
Reviewed-on: unkinben/puppet-prod#144
 2024-03-29 07:10:33 +09:30
Ben Vincent
80b7ad8639 feat: add cobbler profile 
- add datavol to cobbler nodes
- add cobbler profile
- add cobbler role hieradata
- manage selinux where required for cobbler
- manage service cname
 2024-03-29 08:36:42 +11:00
Ben Vincent
e02921be75 feat: deep merge yum repos to manage 
- fixed merging of yum repos
- changed puppet7 to use local copy of repo
 2024-03-28 21:41:15 +11:00
Ben Vincent
0383db2b10 feat: set sysadmin password 2024-03-28 20:34:50 +11:00
Ben Vincent
748a0e8632 feat: enable sydney subnets 2024-03-28 20:08:00 +11:00
Ben Vincent
f2cdcb8c8e feat: add sydney subnets 2024-03-21 22:02:25 +11:00
Ben Vincent
8f5e9e40a1 feat: add ovirt roles 
- add repositories for ovirt
- add role/profile for ovirt/engine and ovirt/node
- add deep-merge for managed_repos
- change repos to allow filesource (URL or file://)
- change reposync to use curl instead of wget
 2024-03-16 16:43:12 +11:00
Ben Vincent
bca5d32793 fix: updated gpg key for psql repos 2024-03-10 16:18:03 +11:00
Ben Vincent
51d0ca16ec feat: update yumrepos to use https:// 
- require vaultca on all repos on repos.main.unkin.net
 2024-03-03 16:44:16 +11:00
Ben Vincent
df97b75aca Merge pull request 'feat: change nginx to use vault ssl certs' (#128) from neoloc/packagerepo_ssl into develop 
Reviewed-on: unkinben/puppet-prod#128
 2024-03-03 13:34:04 +09:30
Ben Vincent
5afa9e8960 Merge pull request 'neoloc/pki_generate' (#127) from neoloc/pki_generate into develop 
Reviewed-on: unkinben/puppet-prod#127
 2024-03-03 13:33:33 +09:30
Ben Vincent
88ba8406b8 feat: deep merge alt_names and ip_sans 
- set hiera to deep-merge alt_names and ip_sans for generating vault
  certificates
 2024-03-03 15:01:14 +11:00
Ben Vincent
3e98ced8da feat: change nginx to use vault ssl certs 
- update packagerepo webserver class to allow using ssl
 2024-03-03 14:53:36 +11:00
Ben Vincent
5b56767be7 chore: updated vault_token 2024-02-25 22:32:18 +11:00
Ben Vincent
6bcdda1a93 chore: update vault policy 
- updated vault policy for certificates
 2024-02-25 22:11:31 +11:00
Ben Vincent
8112c07ba8 fix: rebuild vault 
- rebuilt vault, updated root token and unseak keys
 2024-02-25 21:19:43 +11:00
Ben Vincent
7f03bc5c76 feat: add certmanager helper 
- add certmanager script and config.yaml file
- install into pyenv for certmanager
- deploy to puppet-masters only
 2024-02-19 21:20:50 +11:00
Ben Vincent
12ff053c6d refacter: cleanup packages setup 2024-02-17 22:49:32 +11:00
Ben Vincent
fe05c86463 feat: add vault server profile 
- add vault module to puppetfile
- define class to manage the install and config of vault
- manage the datavol and raft storage
- manage the unzip and other compression tools
- define custom unseal script and service
- add documentation on initial setup of vault
 2024-02-17 21:12:12 +11:00
Ben Vincent
f8b30f335b Merge pull request 'feat: add consul server profile' (#111) from neoloc/consul_server into develop 
Reviewed-on: unkinben/puppet-prod#111
 2024-02-11 15:56:24 +09:30
Ben Vincent
8cb6b68b53 feat: add consul server profile 
- install/configure consul
- install/configure dnsmasq as dns proxy for consul
- add unkin yumrepo definition as source for consul
- update datavol to ensure the /data volume is mounted
 2024-02-11 17:12:35 +11:00
Ben Vincent
5471294f1e feat: cleanup almalinux 8.8 reposync 
- syncing almalinux 8.8 no longer required
 2024-02-10 14:13:59 +11:00
Ben Vincent
d8751ac6c8 feat: add minio profile 
- add additional modules in Puppetfile
- update puppetlabs-lvm to 2.1.0
- add facts.d base path to hieradata
- add infra/storage and infra/storage/minio role data to hieradata
- add new facts for minio setup status
- add a static yaml minio-facts file to assist dynamic ruby facts
- updated hiera with additional directories (country/{role,region})
 2024-01-05 21:44:41 +11:00
Ben Vincent
2b4e1e1d03 Merge pull request 'feat: remove boolean for bind::updater' (#99) from neoloc/add_bind_utils_woops into develop 
Reviewed-on: unkinben/puppet-prod#99
 2023-12-26 15:02:29 +09:30
Ben Vincent
aabce289a4 feat: remove boolean for bind::updater 
- default to the default set by the module
 2023-12-26 16:31:40 +11:00
Ben Vincent
a049338c9d Merge pull request 'feat: install bind-utils' (#98) from neoloc/add_bind_utils into develop 
Reviewed-on: unkinben/puppet-prod#98
 2023-12-26 14:58:10 +09:30
Ben Vincent
a144e4ec2d feat: install bind-utils 2023-12-26 16:27:28 +11:00
Ben Vincent
5b75cf735a feat: manage ruby/puppet gems 
- manage installation of puppet_gem packages for puppetmasters
 2023-12-11 22:07:23 +11:00
Ben Vincent
d998fbd85a Merge branch 'develop' into neoloc/mariadbgalera 2023-12-10 16:34:42 +11:00
Ben Vincent
11a98b16bb feat: setup galera cluster member profile 
- add eyaml support for role
- add /data volume for galera cluster members
- create profiles::selinux namespace for defining selinux configuration
  - create profiles::selinux::mysqld for managing specifics for mysqld
  - create profiles::selinux::setenforce to manage selinux mode
- parameterised options required in mysqld::server module
- add mariadb repo
- add additional facts for managing mysqld and galera
 2023-12-10 16:31:57 +11:00
Ben Vincent
d261e3348d Merge pull request 'feat: add/remove capabilities for packages' (#86) from neoloc/base_packages_refactor into develop 
Reviewed-on: unkinben/puppet-prod#86
 2023-12-03 16:38:17 +09:30
Ben Vincent
8f04de2b52 feat: add/remove capabilities for packages 
- add deepmerge lookup_options
- add packages to remove and packages to add to profiles::packages::base class
 2023-12-03 17:24:58 +11:00
Ben Vincent
6e185ee248 Merge pull request 'feat: split agent service/package from config' (#84) from neoloc/split_puppet_agent into develop 
Reviewed-on: unkinben/puppet-prod#84
 2023-12-03 15:20:51 +09:30
Ben Vincent
08c14c2329 feat: split agent service/package from config 
- split package/service from config so puppetservers agents can be
  managed in the same was as clients
 2023-12-03 16:49:38 +11:00
Ben Vincent
8a6b3ef0fb feat: add mirrorlist capability to reposyncer 
- add mirrorlist param to reposyncer repos
- update almalinux 8.8 repos to use mirrorlist
- add almalinux 8.9 repos
 2023-12-03 00:16:01 +11:00
Ben Vincent
ae05b870aa fix: wrong scheme for gpgkey 
- change gpg key for puppet7 from http:// to https://
 2023-11-27 23:38:25 +11:00
Ben Vincent
cfec05f3c7 feat: update repositories to sync 
- remove epel modular
- add postgresql 16 for rhel8
- add postgresql common for rhel8
 2023-11-27 23:27:44 +11:00
Ben Vincent
e183ee2b44 feat: add extra repositories 
- mariadb 11.2
- puppet el8
 2023-11-27 18:57:42 +11:00
Ben Vincent
10a6085b84 fix: resolve prometheus issues 
- broken prometheus::server config, resolve conflicts
- move hieradata for role to match role, not profile
 2023-11-21 20:03:26 +11:00
Ben Vincent
663b10e5a5 Merge branch 'develop' into neoloc/prometheus 2023-11-21 19:40:17 +11:00
Ben Vincent
a5207eb717 feat: add prometheus server 
- bump enc, include prometheus server nodes
- add prometheus role and server class
 2023-11-21 19:38:22 +11:00
Ben Vincent
530ffed55a Merge pull request 'feat: add forwarding for 17.18.198.in-addr.arpa' (#72) from neoloc/reversedns_zone_forwarding into develop 
Reviewed-on: unkinben/puppet-prod#72
 2023-11-18 18:52:43 +09:30
Ben Vincent
c34a2b2360 feat: add forwarding for 17.18.198.in-addr.arpa 
- add forward zone for 198.18.17.0/24 reverse dns zone
 2023-11-18 20:21:27 +11:00