unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
497 Commits 18 Branches 0 Tags 3 MiB
7e0df436e2
Commit Graph

209 Commits

Author SHA1 Message Date
Ben Vincent
e7ddbfa035 feat: increase client_max_body_size for git 
- update hieradata with client_max_body_size for git role
 2024-06-01 12:51:06 +10:00
Ben Vincent
f029b04427 feat: update git sources 
- update r10k source
- update enc source
- update source for puppet-bind module
 2024-05-28 23:51:19 +10:00
Ben Vincent
fab4ea5998 feat: add gitea classes 
- add basic gitea class
 2024-05-28 23:14:36 +10:00
Ben Vincent
263d41fe9e chore: remove prodinf01n01 as puppetca 2024-05-28 21:06:04 +10:00
Ben Vincent
df371a6b09 feat: syd1 puppetca provisioning 
- move puppetca to ausyd1nxvm1036
 2024-05-28 20:13:08 +10:00
Ben Vincent
d2d08bc479 fix: change drw1 puppetmasters to use syd1 approle 
- changing vault url to vault.query.consul forced puppetmasters in drw1
  to connect to syd1 vault hosts
- set drw1 puppetmasters to use syd1 approle_id
 2024-05-26 01:27:45 +10:00
Ben Vincent
b00781b604 feat: change vault url to vaul.query.consul 
- support access to vault from multiple datacentres for certmanager
 2024-05-26 01:23:16 +10:00
Ben Vincent
ad268e8977 Merge pull request 'feat: vault use vault' (#226) from neoloc/vault_use_vault into develop 
Reviewed-on: unkinben/puppet-prod#226
 2024-05-26 00:38:55 +09:30
Ben Vincent
ad4f9b81f4 Merge pull request 'neoloc/syd1_certmanager_approle' (#224) from neoloc/syd1_certmanager_approle into develop 
Reviewed-on: unkinben/puppet-prod#224
 2024-05-26 00:38:16 +09:30
Ben Vincent
7c0bf4a398 feat: vault use vault 
- change vault to use vault ephemeral certificates
- remove nginx frontend to vault
 2024-05-26 01:06:48 +10:00
Ben Vincent
b9c327799f feat: add vault service/query altnames 
- add nginx aliases for vault services
- add additional vault certificates
- change certmanager script to use vault.service.consul
 2024-05-25 15:51:09 +10:00
Ben Vincent
2c3aa2bbdc feat: vault certmanager tokens 
- move vault certmanager tokens to drw1/syd1 specific eyaml
- add syd1 certmanger token for syd1 vault
 2024-05-25 15:50:59 +10:00
Ben Vincent
0b549325a1 Merge pull request 'feat: added country-region altnames' (#223) from neoloc/puppetboard_altnames into develop 
Reviewed-on: unkinben/puppet-prod#223
 2024-05-24 23:01:37 +09:30
Ben Vincent
c883bc8c91 feat: added country-region altnames 
- add puppetboard.service.au-{syd1|drw1}.consul to:
  - vault pki cert
  - nginx server aliases
 2024-05-24 23:27:07 +10:00
Ben Vincent
cbf3f0e694 feat: change drw1 puppetdb -> syd1 2024-05-24 23:06:18 +10:00
Ben Vincent
22af602510 Merge pull request 'feat: puppet::client multiple altnames' (#221) from neoloc/puppetdbapi_certs into develop 
Reviewed-on: unkinben/puppet-prod#221
 2024-05-22 22:42:59 +09:30
Ben Vincent
0901595de9 feat: puppet::client multiple altnames 
- puppet clients can not request multiple dns alt_names
- set puppetdbapi hosts to request multiple certificates
 2024-05-22 23:05:34 +10:00
Ben Vincent
349547c4bc feat: puppetboard on consul 
- updated nginx param types
- add nginx aliases, merge with vhost, use as server_names
- add additional vault alt-names
- add prepared query for puppetboard
 2024-05-22 22:54:54 +10:00
Ben Vincent
8fb4c59f88 Merge branch 'develop' into neoloc/syd1_puppetdb 2024-05-22 22:30:10 +10:00
Ben Vincent
d2235610af Merge pull request 'feat: set syd1 puppetdb hosts' (#218) from neoloc/puppetboard into develop 
Reviewed-on: unkinben/puppet-prod#218
 2024-05-22 21:58:52 +09:30
Ben Vincent
25cbff4656 feat: set syd1 puppetdb hosts 
- change syd1 puppetdb hosts to use consul serivce/query addresses
 2024-05-22 22:23:07 +10:00
Ben Vincent
770c8cc159 feat: update hiera key for puppetdb api/sql 
- changed to use puppetdbapi and puppetdbsql hiera keys
- updated all classes that referenced old values
 2024-05-22 22:18:32 +10:00
Ben Vincent
9e3b680b0b feat: add prepared query for puppetdbapi 
- merge to develop
- add prepared query for puppetdbapi
 2024-05-22 22:11:51 +10:00
Ben Vincent
f6bf504416 Merge branch 'develop' into neoloc/syd1_puppetdb 2024-05-22 22:11:04 +10:00
Ben Vincent
6035af37a1 feat: increase puppetdb api Xmx 
- change java args to use 2048mb of memory
 2024-05-22 21:37:00 +10:00
Ben Vincent
65bd2ae8d5 fix: repo target changes 
- use per-repo target files
 2024-05-19 22:46:27 +10:00
Ben Vincent
0e7168026d Merge pull request 'neoloc/yumrepos' (#212) from neoloc/yumrepos into develop 
Reviewed-on: unkinben/puppet-prod#212
 2024-05-19 20:09:50 +09:30
Ben Vincent
fd466fcccc feat: cleanup old repo management 
- change profiles::puppet::agent to require Yumrepo['puppet']
- remove managed repos hieradata
- remove profiles:😋:* classes that are not required
- remove missed rebase comment
 2024-05-19 20:27:56 +10:00
Ben Vincent
5f9480f186 feat: direct yumrepo config 
- deep merge yumrepo resources
- convert repos to direct yumrepo in hieradata
- change from repos.main.unkin.net to edgecache.query.consul
- create all yumrepo resources from $profiles:😋:global::repos
 2024-05-19 20:27:47 +10:00
Ben Vincent
da2e98ed4d feat: add centos mirror to edgecache 
- add centos repo to edgecache
 2024-05-19 19:41:15 +10:00
Ben Vincent
6f9a606549 feat: configure edgecache for postgresql 
- add fact to record system resolvers
- add resolvers feature in /etc/nginx/conf.d/resolvers.conf
- add rewrite rules for postgres/yum/repodata
 2024-05-19 16:56:36 +10:00
Ben Vincent
9640779846 feat: mariadb improvements 
- add bind-address to local_ip
- add consul service
 2024-05-19 14:53:14 +10:00
Ben Vincent
8f4799ce2a feat: update consul service service 
- change edgecache service name from puppet -> edgecache
 2024-05-19 14:53:14 +10:00
Ben Vincent
6bddec6bd2 Merge pull request 'feat: manage pgsql settings for puppetdb' (#208) from neoloc/puppetdb_connections into develop 
Reviewed-on: unkinben/puppet-prod#208
 2024-05-12 16:10:42 +09:30
Ben Vincent
5774ebd614 feat: manage pgsql settings for puppetdb 
- deep merge postgresql_config_entries in common.yaml
- add postgresql_config_entries into a new hieradata/roles/infra/puppetdb/sql.yaml
- set puppetdb role to import the options
 2024-05-12 16:36:43 +10:00
Ben Vincent
2aa5ead9d1 feat: prepare syd1 mariadb cluster 
- update role to wait for enc_role
- move hiera data to country/region/role specific location
 2024-05-12 15:40:43 +10:00
Ben Vincent
4a1848db38 fix: cobbler host 
- fixed name of cobbler host in yaml
 2024-05-11 23:09:30 +10:00
Ben Vincent
5577e368e9 Merge pull request 'chore: move pxeboot to syd1 cobbler' (#204) from neoloc/dhcp_syd1_cobbler into develop 
Reviewed-on: unkinben/puppet-prod#204
 2024-05-11 21:36:23 +09:30
Ben Vincent
dca99d2716 chore: move pxeboot to syd1 cobbler 
- update nameservers for syd1 to use local dns resolvers
- update pxeserver to au-syd1 cobbler
 2024-05-11 22:05:21 +10:00
Ben Vincent
ec6e49e37a Merge pull request 'feat: change cobbler master' (#203) from neoloc/cobbler_master into develop 
Reviewed-on: unkinben/puppet-prod#203
 2024-05-11 21:20:56 +09:30
Ben Vincent
3e233ea688 feat: change cobbler master 
- promote ausyd1nxvm1017
 2024-05-11 21:50:02 +10:00
Ben Vincent
cb54cd2dba feat: add edgecache prepared_query 
- add edgecache as a prepared_query in consul
 2024-05-11 21:47:14 +10:00
Ben Vincent
4171427e7b feat: add edgecache role 
- add edge-caching role
- add mirror for debian, almalinux and epel repositories
- export service as edgecache in consul
 2024-05-11 21:46:20 +10:00
Ben Vincent
9edd060367 feat: deep merge /etc/hosts 
- allow managing /etc/hosts on multiple levels of hiera
 2024-05-11 21:45:24 +10:00
Ben Vincent
eeb21081d3 Merge branch 'develop' into neoloc/selinux_fix 2024-05-11 15:01:38 +09:30
Ben Vincent
6633f07d8b feat: install policycoreutils 
- install policycoreutils on all almalinux releases
 2024-05-11 15:30:01 +10:00
Ben Vincent
a618962d07 fix: move selinux profile to cobbler 
- only import the selinux enforce profile in cobbler
 2024-05-11 15:22:16 +10:00
Ben Vincent
911e284586 Merge pull request 'fix: export cobbler DNS if is_cobbler_master' (#200) from neoloc/cobbler_dns into develop 
Reviewed-on: unkinben/puppet-prod#200
 2024-05-11 14:13:37 +09:30
Ben Vincent
a05f81799d fix: export cobbler DNS if is_cobbler_master 
- set prodinf01n48 as primary cobbler node
- ensure the cobbler DNS record is created
 2024-05-11 14:36:28 +10:00
Ben Vincent
ce3e0f2320 Merge pull request 'neoloc/cobbler_refacter' (#199) from neoloc/cobbler_refacter into develop 
Reviewed-on: unkinben/puppet-prod#199
 2024-05-09 22:45:33 +09:30