puppet-prod

Author	SHA1	Message	Date
Ben Vincent	0383db2b10	feat: set sysadmin password	2024-03-28 20:34:50 +11:00
Ben Vincent	905f047626	Merge pull request 'feat: enable sydney subnets' (#141 ) from neoloc/sydprod into develop Reviewed-on: unkinben/puppet-prod#141	2024-03-28 18:39:09 +09:30
Ben Vincent	748a0e8632	feat: enable sydney subnets	2024-03-28 20:08:00 +11:00
Ben Vincent	741b32cb41	Merge pull request 'feat: add sydney subnets' (#140 ) from neoloc/dns_views into develop Reviewed-on: unkinben/puppet-prod#140	2024-03-21 20:33:01 +09:30
Ben Vincent	f2cdcb8c8e	feat: add sydney subnets	2024-03-21 22:02:25 +11:00
Ben Vincent	e3ec5fa594	Merge pull request 'feat: cobbler setup' (#139 ) from neoloc/cobbler_roles into develop Reviewed-on: unkinben/puppet-prod#139	2024-03-17 16:23:25 +09:30
Ben Vincent	fe4af852b6	feat: cobbler setup - add cobbler profile - add dhcp server profile	2024-03-17 17:52:34 +11:00
Ben Vincent	ac5e76e2ca	Merge pull request 'feat: add ovirt roles' (#138 ) from neoloc/ovirt into develop Reviewed-on: unkinben/puppet-prod#138	2024-03-16 15:13:44 +09:30
Ben Vincent	8f5e9e40a1	feat: add ovirt roles - add repositories for ovirt - add role/profile for ovirt/engine and ovirt/node - add deep-merge for managed_repos - change repos to allow filesource (URL or file://) - change reposync to use curl instead of wget	2024-03-16 16:43:12 +11:00
Ben Vincent	4e25a1867e	Merge pull request 'feat: add ovirt base roles' (#137 ) from neoloc/ovirt_base_role into develop Reviewed-on: unkinben/puppet-prod#137	2024-03-13 21:01:38 +09:30
Ben Vincent	3587ea2295	feat: add ovirt base roles	2024-03-13 22:31:03 +11:00
Ben Vincent	05ea9c45ca	Merge pull request 'feat: require vaultca for all yumrepos' (#136 ) from neoloc/vaultca_cert_first into develop Reviewed-on: unkinben/puppet-prod#136	2024-03-10 17:33:43 +09:30
Ben Vincent	15e4e11097	feat: require vaultca for all yumrepos	2024-03-10 19:01:14 +11:00
Ben Vincent	92db575d7d	Merge pull request 'fix: updated gpg key for psql repos' (#135 ) from neoloc/postgresql_gpg into develop Reviewed-on: unkinben/puppet-prod#135	2024-03-10 14:48:41 +09:30
Ben Vincent	bca5d32793	fix: updated gpg key for psql repos	2024-03-10 16:18:03 +11:00
Ben Vincent	fd5dbb7813	Merge pull request 'feat: add country/region/environment to motd' (#134 ) from neoloc/motd_facts into develop Reviewed-on: unkinben/puppet-prod#134	2024-03-10 14:19:09 +09:30
Ben Vincent	428dc910bb	feat: add country/region/environment to motd	2024-03-10 15:48:26 +11:00
Ben Vincent	df05be21f6	Merge pull request 'feat: merge subnet facts' (#133 ) from neoloc/env_fact into develop Reviewed-on: unkinben/puppet-prod#133	2024-03-10 14:13:46 +09:30
Ben Vincent	5dff24d9b9	feat: merge subnet facts - add fact for environment - define 198.18.18.0/24 subnet	2024-03-10 15:42:14 +11:00
Ben Vincent	69f3ae7095	Merge pull request 'feat: add base role for redis' (#131 ) from neoloc/redis_base_role into develop Reviewed-on: unkinben/puppet-prod#131	2024-03-05 21:25:11 +09:30
Ben Vincent	816bec9f17	feat: add base role for redis	2024-03-05 22:53:49 +11:00
Ben Vincent	465bbbd9e1	Merge pull request 'feat: update yumrepos to use https://' (#130 ) from neoloc/yumrepo_use_https into develop Reviewed-on: unkinben/puppet-prod#130	2024-03-03 16:29:28 +09:30
Ben Vincent	51d0ca16ec	feat: update yumrepos to use https:// - require vaultca on all repos on repos.main.unkin.net	2024-03-03 16:44:16 +11:00
Ben Vincent	e61ae597f6	Merge pull request 'feat: dynamically add subscribe to nginx resource' (#129 ) from neoloc/subscribe_ssl_cert into develop Reviewed-on: unkinben/puppet-prod#129	2024-03-03 14:57:48 +09:30
Ben Vincent	0782cd5679	feat: dynamically add subscribe to nginx resource - add subscribe option to nginx resource dependent on nginx_listen_mode - ensure nginx reloads when the ssl_cert or ssl_key changes, only if these values are not undef - ensure the file resources are defined for certificates	2024-03-03 16:25:51 +11:00
Ben Vincent	df97b75aca	Merge pull request 'feat: change nginx to use vault ssl certs' (#128 ) from neoloc/packagerepo_ssl into develop Reviewed-on: unkinben/puppet-prod#128	2024-03-03 13:34:04 +09:30
Ben Vincent	5afa9e8960	Merge pull request 'neoloc/pki_generate' (#127 ) from neoloc/pki_generate into develop Reviewed-on: unkinben/puppet-prod#127	2024-03-03 13:33:33 +09:30
Ben Vincent	88ba8406b8	feat: deep merge alt_names and ip_sans - set hiera to deep-merge alt_names and ip_sans for generating vault certificates	2024-03-03 15:01:14 +11:00
Ben Vincent	05d2599bc5	feat: ensure vaultca certificate is trusted - install the vault rootca on all nodes - update ca-trust store on changes to the rootca certificate deployed	2024-03-03 14:54:59 +11:00
Ben Vincent	3e98ced8da	feat: change nginx to use vault ssl certs - update packagerepo webserver class to allow using ssl	2024-03-03 14:53:36 +11:00
Ben Vincent	8009b59514	feat: automatically generate vault certs - certificate will be generated for: - fqdn - hostname - primary ip address - localhost - 127.0.0.1 - update base profile to generate vault certificate for all - create facts for use with vault_certs	2024-03-03 13:38:52 +11:00
Ben Vincent	9ea49bc48d	Merge pull request 'fix: ssl warning breaks puppet run' (#125 ) from neoloc/certmanager_ignore_ssl into develop Reviewed-on: unkinben/puppet-prod#125	2024-02-25 21:35:21 +09:30
Ben Vincent	36c2e6afaa	fix: ssl warning breaks puppet run - remove ssl warning for certmanager temporarily	2024-02-25 23:04:43 +11:00
Ben Vincent	8ec75e55fa	Merge pull request 'chore: updated vault_token' (#124 ) from neoloc/pki_token_vault into develop Reviewed-on: unkinben/puppet-prod#124	2024-02-25 21:02:50 +09:30
Ben Vincent	5b56767be7	chore: updated vault_token	2024-02-25 22:32:18 +11:00
Ben Vincent	0db9d01a20	Merge pull request 'chore: update vault policy' (#123 ) from neoloc/certmanager_defaults into develop Reviewed-on: unkinben/puppet-prod#123	2024-02-25 20:42:17 +09:30
Ben Vincent	6bcdda1a93	chore: update vault policy - updated vault policy for certificates	2024-02-25 22:11:31 +11:00
Ben Vincent	974c8ce71d	Merge pull request 'fix: restart vault-unseal' (#122 ) from neoloc/vault_unseal_on_change into develop Reviewed-on: unkinben/puppet-prod#122	2024-02-25 20:03:26 +09:30
Ben Vincent	d1f5d3c09e	fix: restart vault-unseal - restart vault-unseal when the unseal keys change	2024-02-25 21:32:01 +11:00
Ben Vincent	495b785518	Merge pull request 'fix: rebuild vault' (#121 ) from neoloc/vault_update_unseal into develop Reviewed-on: unkinben/puppet-prod#121	2024-02-25 19:51:21 +09:30
Ben Vincent	8112c07ba8	fix: rebuild vault - rebuilt vault, updated root token and unseak keys	2024-02-25 21:19:43 +11:00
Ben Vincent	b1083df6f1	Merge pull request 'fix: vault role fails on new servers' (#120 ) from neoloc/vault_initial into develop Reviewed-on: unkinben/puppet-prod#120	2024-02-25 19:43:04 +09:30
Ben Vincent	48e0bd6796	fix: vault role fails on new servers - vault server fails on new servers - move unseal class to be included after vault class	2024-02-25 21:06:37 +11:00
Ben Vincent	bc3084a1e7	Merge pull request 'feat: certmanager output as json' (#119 ) from neoloc/certmanager_json into develop Reviewed-on: unkinben/puppet-prod#119	2024-02-25 18:03:56 +09:30
Ben Vincent	f6110f534c	feat: certmanager output as json - prepare certmanager for pki::vault class - allow puppet to read certmanager config	2024-02-25 19:31:32 +11:00
Ben Vincent	4cdba982fe	Merge pull request 'feat: add certmanager helper' (#118 ) from neoloc/certmanager into develop Reviewed-on: unkinben/puppet-prod#118	2024-02-19 19:53:36 +09:30
Ben Vincent	7f03bc5c76	feat: add certmanager helper - add certmanager script and config.yaml file - install into pyenv for certmanager - deploy to puppet-masters only	2024-02-19 21:20:50 +11:00
Ben Vincent	cd369d8fef	Merge pull request 'refacter: renamed facts to libs' (#117 ) from neoloc/lib_module into develop Reviewed-on: unkinben/puppet-prod#117	2024-02-17 21:34:34 +09:30
Ben Vincent	1030ba460e	refacter: renamed facts to libs	2024-02-17 23:03:54 +11:00
Ben Vincent	e10bed689c	Merge pull request 'refacter: cleanup packages setup' (#116 ) from neoloc/package_changes into develop Reviewed-on: unkinben/puppet-prod#116	2024-02-17 21:30:49 +09:30

... 2 3 4 5 6 ...

451 Commits