unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
584 Commits 18 Branches 0 Tags 3 MiB
736f04143f
Commit Graph

584 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ben Vincent
8df927de18 feat: add node_token to agent config 
- move policy rules to hiera array[hash]
- add node_token to agent as the default token
 2024-04-28 17:06:06 +10:00
Ben Vincent
dff3f93297 feat: change forwarded domain for consul 
- change forward lookup zone for consul from consul.service.consul -> service.consul
 2024-04-28 15:45:13 +10:00
Ben Vincent
199e35840f fix: fix proxyurl for vault 
- change to http://
- change to localhost
 2024-04-28 14:22:33 +10:00
Ben Vincent
43afc23535 feat: deploy consul services 
- add vault.service.consul
 2024-04-28 14:06:49 +10:00
Ben Vincent
0f0d392fb4 feat: deploy consul agent 
- install the consul agent on all nodes, except consul servers
 2024-04-28 13:23:43 +10:00
Ben Vincent
dc39b7c7a4 Merge pull request 'fix: fix proxyurl for vault' (#188) from neoloc/vault_proxy into develop 
Reviewed-on: unkinben/puppet-prod#188
 2024-04-28 00:54:49 +09:30
Ben Vincent
f7141d7214 Merge pull request 'feat: deploy consul agent' (#187) from neoloc/consul_agent into develop 
Reviewed-on: unkinben/puppet-prod#187
 2024-04-28 00:54:15 +09:30
Ben Vincent
bf44c8f7b7 feat: deploy consul agent 
- install the consul agent on all nodes, except consul servers
 2024-04-28 01:19:08 +10:00
Ben Vincent
4453c8604a fix: fix proxyurl for vault 
- change to http://
- change to localhost
 2024-04-28 00:52:47 +10:00
Ben Vincent
f4a273e56c Merge pull request 'feat: simple nginx proxy' (#186) from neoloc/merge_nginx_consul_vault into develop 
Reviewed-on: unkinben/puppet-prod#186
 2024-04-28 00:03:33 +09:30
Ben Vincent
6fc5829fce feat: simple nginx proxy 
- merge consul/vault nginx proxy into single class
- replace nginx proxy classes for consul/vault with simpleproxy class
 2024-04-28 00:32:04 +10:00
Ben Vincent
0c6ae1a69a Merge pull request 'feat: add sydney vault cluster' (#184) from neoloc/vault_syd1 into develop 
Reviewed-on: unkinben/puppet-prod#184
 2024-04-27 22:05:59 +09:30
Ben Vincent
3001bc32f2 feat: add sydney vault cluster 
- separate yaml between multiple regions
- add nginx frontend to vault
 2024-04-27 22:35:16 +10:00
Ben Vincent
26f26e6283 Merge pull request 'feat: generate consul policy/tokens' (#176) from neoloc/consul_node_policies into develop 
Reviewed-on: unkinben/puppet-prod#176
 2024-04-27 19:52:26 +09:30
Ben Vincent
f536d19034 feat: generate consul policy/tokens 
- generate policy/token to add nodes
- generate policy/token for all nodes
- add base::root profile to manage aspects of the root user
 2024-04-27 20:21:57 +10:00
Ben Vincent
c0642bbcf1 Merge pull request 'fix: move primary_datacenter to region/role' (#175) from neoloc/consul_syd1_default_dc into develop 
Reviewed-on: unkinben/puppet-prod#175
 2024-04-26 23:41:26 +09:30
Ben Vincent
a7e9f1590e fix: move primary_datacenter to region/role 
- set syd1 as primary consul datacentre
- add consul.service.consul zone
- add nginx reverse proxy for consul webui
- set dns zones/acls/views/keys to be deep merged from hiera
- update default token
- add consul/consul.service.consul/consul.main.unkin.net to vault cert
 2024-04-26 23:11:38 +10:00
Ben Vincent
f863d6f6bb Merge pull request 'fix: consul members role key' (#174) from neoloc/consul_members_class into develop 
Reviewed-on: unkinben/puppet-prod#174
 2024-04-24 23:30:52 +09:30
Ben Vincent
3ca92ee1f3 fix: consul members role key 
- moved members_role for consul to common yaml
 2024-04-25 00:00:24 +10:00
Ben Vincent
98deb58fde Merge pull request 'fix: enable new consul clusters to be started' (#173) from neoloc/consul_bootstrap into develop 
Reviewed-on: unkinben/puppet-prod#173
 2024-04-24 23:23:08 +09:30
Ben Vincent
b6d3fc26de fix: enable new consul clusters to be started 
- wait for the enc_role fact to be correct, as this is required to find
  all keys in hiera
 2024-04-24 23:51:26 +10:00
Ben Vincent
6ad01abc6c Merge pull request 'fix: absent to file, for custom_facts.yaml' (#172) from neoloc/enc_role_facts2 into develop 
Reviewed-on: unkinben/puppet-prod#172
 2024-04-24 23:05:05 +09:30
Ben Vincent
5f6ba93393 fix: absent to file, for custom_facts.yaml 2024-04-24 23:34:21 +10:00
Ben Vincent
3ed433fb97 Merge pull request 'feat: moved enc_role and enc_env to ruby facts' (#171) from neoloc/enc_role_facts into develop 
Reviewed-on: unkinben/puppet-prod#171
 2024-04-24 23:01:57 +09:30
Ben Vincent
e0dbecbfa0 feat: moved enc_role and enc_env to ruby facts 2024-04-24 23:30:27 +10:00
Ben Vincent
2671b51fc2 Merge pull request 'feat: add syd1 consul cluster' (#170) from neoloc/syd1_consul_cluster into develop 
Reviewed-on: unkinben/puppet-prod#170
 2024-04-24 19:02:01 +09:30
Ben Vincent
89fcfe38ea feat: add syd1 consul cluster 2024-04-24 19:31:18 +10:00
Ben Vincent
4149d89dc0 Merge pull request 'neoloc/dns_master_multiregion' (#169) from neoloc/dns_master_multiregion into develop 
Reviewed-on: unkinben/puppet-prod#169
 2024-04-24 18:29:27 +09:30
Ben Vincent
99d3dcf4d8 Merge branch 'develop' into neoloc/dns_master_multiregion 2024-04-24 18:58:41 +10:00
Ben Vincent
b8d799e8e9 feat: select nameserver in soa based on role 
- find all dns servers in $ns_use (region/country/all),
- or use the current node as the only nameserver
 2024-04-24 18:44:08 +10:00
Ben Vincent
f8fd6700da feat: enable selecting nameserver by fact 
- enable selecting nameservers to use by region, country or all
- set default for nameservers to be region
 2024-04-24 18:40:18 +10:00
Ben Vincent
2bae42fa31 Merge pull request 'feat: install ksm for proxmox' (#168) from neoloc/proxmox_ksm into develop 
Reviewed-on: unkinben/puppet-prod#168
 2024-04-24 17:46:37 +09:30
Ben Vincent
3810385fcd feat: install ksm for proxmox 2024-04-24 18:13:56 +10:00
Ben Vincent
6fc0b240c1 Merge pull request 'feat: sort ntpservers, select ntp to use' (#167) from neoloc/ntp_selection into develop 
Reviewed-on: unkinben/puppet-prod#167
 2024-04-23 23:29:06 +09:30
Ben Vincent
7b316c6b0b feat: sort ntpservers, select ntp to use 
- sort the ntpservers array so it doesnt change each run of puppet
- allow the selection of all, region or country specific ntp servers
 2024-04-23 23:57:01 +10:00
Ben Vincent
4b2690a678 Merge pull request 'feat: enable selecting nameserver by fact' (#166) from neoloc/dns_selection into develop 
Reviewed-on: unkinben/puppet-prod#166
 2024-04-23 22:14:59 +09:30
Ben Vincent
dbe11323c5 feat: enable selecting nameserver by fact 
- enable selecting nameservers to use by region, country or all
- set default for nameservers to be region
 2024-04-23 22:39:33 +10:00
Ben Vincent
a7b40daee0 Merge pull request 'feat: sort nameserver/search_domains' (#165) from neoloc/dns_sorting into develop 
Reviewed-on: unkinben/puppet-prod#165
 2024-04-23 20:44:59 +09:30
Ben Vincent
bb8bf202ac feat: sort nameserver/search_domains 
- ensure the list doesnt change every puppet run
 2024-04-23 21:11:56 +10:00
Ben Vincent
7f3005f312 Merge pull request 'fix: enable repos before installing packages' (#162) from neoloc/repofirst into develop 
Reviewed-on: unkinben/puppet-prod#162
 2024-04-22 18:51:26 +09:30
Ben Vincent
df56213b18 fix: enable repos before installing packages 2024-04-22 19:07:28 +10:00
Ben Vincent
e5b3112189 Merge pull request 'feat: add new syd1 prod networks' (#161) from neoloc/sydney_subnets into develop 
Reviewed-on: unkinben/puppet-prod#161
 2024-04-21 22:25:56 +09:30
Ben Vincent
bc4246dd05 feat: add new syd1 prod networks 2024-04-21 22:55:06 +10:00
Ben Vincent
85f17d8038 Merge pull request 'feat: manage timezone per region' (#160) from neoloc/timezone into develop 
Reviewed-on: unkinben/puppet-prod#160
 2024-04-21 15:20:14 +09:30
Ben Vincent
9c6dee7609 feat: manage timezone per region 
- add timezone module
- set per-region timezone setting
- setup hiera_classes, set to deep merge, and set to include all in base profile
 2024-04-21 15:48:09 +10:00
Ben Vincent
ccf43f3bcb Merge pull request 'feat: manage proxmox nodes' (#159) from neoloc/proxmox into develop 
Reviewed-on: unkinben/puppet-prod#159
 2024-04-21 15:07:43 +09:30
Ben Vincent
f04c74bd4d feat: manage proxmox nodes 
- change /etc/hosts to meet proxmox requirements
- add proxmox node role
- add init, params, repo, install, clusterjoin classes
 2024-04-21 15:08:28 +10:00
Ben Vincent
085416fea9 Merge pull request 'feat: node_lookup compatability for Debian' (#158) from neoloc/node_lookup_debian into develop 
Reviewed-on: unkinben/puppet-prod#158
 2024-04-20 17:39:31 +09:30
Ben Vincent
6dd46efe3f Merge pull request 'feat: debian vaultcert compatability' (#157) from neoloc/vaultcacrt into develop 
Reviewed-on: unkinben/puppet-prod#157
 2024-04-20 17:38:57 +09:30
Ben Vincent
80a4cb0544 feat: debian vaultcert compatability 
- remove comma from certificate file
- add comments identifying each certificate
 2024-04-20 18:08:16 +10:00