unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
1,089 Commits 17 Branches 0 Tags 2.9 MiB
98a433d366
Commit Graph

1089 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ben Vincent
98a433d366 feat: mirror rke2 repo for rhel9 (#392) 
- create rhel9 mirrors for rke2 1.33 and common

Reviewed-on: #392
 2025-09-13 19:49:52 +10:00
Ben Vincent
fcd1b049d6 feat: ensure frr_exporter can read ospf socket (#391) 
- add execute permission to frr socket directory

Reviewed-on: #391
 2025-09-13 15:08:32 +10:00
Ben Vincent
938a6ac990 feat: update docs for puppet (#390) 
- k8s / metallb / cilium created chaos
- broke puppet agent and servers
- adding issue/resolution here

Reviewed-on: #390
 2025-09-13 12:57:44 +10:00
Ben Vincent
0665873dc8 feat: update ospf source for learned routes (#388) 
- enable changing the source address for learned ospf routes
- this enables the loopback0 interface to be used as a default src address
- ensure k8s nodes use loopback0 as default src
- ensure incus nodes use loopback0 as default src

Reviewed-on: #388
 2025-09-07 16:09:21 +10:00
Ben Vincent
ae4eb3a5eb fix: set loopback0 as source for consul (#387) 
- fix consul service checks for prodnxsr0001-0008
- ensure the loopback0 interface whats bound too

Reviewed-on: #387
 2025-09-07 15:48:27 +10:00
Ben Vincent
65fb52da55 chore: add user for jelly (#385) 
Reviewed-on: #385
 2025-09-04 20:09:43 +10:00
Ben Vincent
d97cbfd570 chore: update src ips for arr stack (#384) 
- allow the arr stack to reach prowlarr

Reviewed-on: #384
 2025-08-31 18:52:47 +10:00
Ben Vincent
8f5d102945 feat: enabling changing ip for consul client (#383) 
- enable ability to set consul client bind/advertise ip

Reviewed-on: #383
 2025-08-14 22:55:35 +10:00
Ben Vincent
62aade77ff feat: add ceph-dashboard to haproxy (#382) 
- add profile to export haproxy backend
- add new cert for dashboard.ceph.unkin.net
- extend balancemember with ipaddress attribute

Reviewed-on: #382
 2025-08-14 11:06:11 +10:00
Ben Vincent
83bb3e1085 chore: increase client body size for s3 (#381) 
- s3 clients send objects too large for the default body size

Reviewed-on: #381
 2025-08-13 16:41:39 +10:00
Ben Vincent
92728047e7 feat: add ceph rgw (#380) 
- start managing ceph configuration file
- manage ceph-radosgw
- merge the ceph::conf and ceph::node profiles
- ensure the ceph repos exist
- mange nginx frontend and consul service

Reviewed-on: #380
 2025-08-13 12:33:41 +10:00
Ben Vincent
f4af5e7b64 chore: add rados gateway role (#379) 
- just enough role to deploy some containers

Reviewed-on: #379
 2025-08-10 19:31:39 +10:00
Ben Vincent
308d97d783 feat: enable plugins for grafana (#378) 
- add method to install plugins for grafana
- ensure victoriametrics-logs-datasource is installed

Reviewed-on: #378
 2025-08-09 17:57:49 +10:00
Ben Vincent
ac36d9627b feat: capture all journald logs (#377) 
- create module class for journald clients
- ensure module class it used on all hosts
- use consul service address for insert/journald

Reviewed-on: #377
 2025-08-09 15:11:47 +10:00
Ben Vincent
198cee27c2 feat: enable https for vlstorage (#376) 
- attempting to send to http:// fails as vlstorage is using tls
- enable tls on vlselect/vlinsert when writing to vlstorage
- add retention period to vlstorage

Reviewed-on: #376
 2025-08-09 14:34:48 +10:00
Ben Vincent
f73d6f07ce fix: generate types as root (#375) 
- larger permission issue that needs fixing
- reduce the number of failed runs

Reviewed-on: #375
 2025-08-09 13:30:12 +10:00
Ben Vincent
1c71229fd3 feat: add victorialogs module (#374) 
- add module for victorialogs
- add hieradata for vl insert/select/storage
- manage packages, directories, services, etc
- manage exporting metrics

Reviewed-on: #374
 2025-08-08 23:59:46 +10:00
Ben Vincent
d649195ccc fix: generate types needs to run more often (#373) 
- seeing frequent errors in puppetboard about types missing
- change the puppet-generate-types timer from daily to per-minute

Reviewed-on: #373
 2025-08-07 20:53:06 +10:00
Ben Vincent
fcd0bc4c74 feat: add victorialogs roles (#372) 
- and hieradata
- empty roles currently

Reviewed-on: #372
 2025-08-07 20:34:42 +10:00
Ben Vincent
a30ff81139 fix: reduce metadata lifetime (#371) 
- metadata lifetime should be lowered to improve development speed

Reviewed-on: #371
 2025-08-03 21:04:47 +10:00
Ben Vincent
bbed65b4b8 benvin/frr_exporter (#370) 
Reviewed-on: #370
 2025-08-03 20:14:19 +10:00
Ben Vincent
75ca7a5685 feat: add frr_exporter class (#369) 
- add frr exporter to all nodes running frr

Reviewed-on: #369
 2025-08-03 16:15:29 +10:00
Ben Vincent
53fabc923b feat: add nzbget_exporter (#368) 
- add nzbget_exporter class
- add exporter to nzbget class

Reviewed-on: #368
 2025-08-03 15:03:29 +10:00
Ben Vincent
5a9241940f feat: export ceph metrics (#367) 
- export cephmgr metrics
- will only be availabe from one host at a time

Reviewed-on: #367
 2025-07-29 18:54:49 +10:00
Ben Vincent
df457306cc feat: add external grafana access (#366) 
- enable access to grafana through haproxy
- ensure grafana cert created from letsencrypt
- enable user access to grafana

Reviewed-on: #366
 2025-07-28 21:07:43 +10:00
Ben Vincent
7fbb87b4b6 feat: add exportarr (#365) 
- add exporters::exportarr
- deploy for radarr, sonarr and prowlarr

Reviewed-on: #365
 2025-07-27 19:47:26 +10:00
Ben Vincent
fd902c1437 feat: create exporters module (#364) 
- upgrade node_exporter, bring managed under exporters module
- upgrade postgres_exporter, bring managed under exporters module
- add flag to cleanup previous iterations of exporters from prometheus module
- fix issues with vmclusster: replication + dedup

Reviewed-on: #364
 2025-07-27 13:28:41 +10:00
Ben Vincent
0e64c9855a feat: add vmcluster module (#363) 
- manage vmstorage package, service and environment file
- manage vmselect package, service and environment file
- manage vminsert package, service and environment file
- manage vmagent package, service and environment file
- manage options for vmstorage, vmselect, vminsert, vmagent role

Reviewed-on: #363
 2025-07-26 18:17:20 +10:00
Ben Vincent
3cfafbac44 feat: enable ceph on k8s nodes (#362) 
- enable enough ceph/frr to join to cephfs
- notify sshd when restarting the network
- update ssh principals to include all ssh interfaces

Reviewed-on: #362
 2025-07-19 20:30:46 +10:00
Ben Vincent
c5c40c3bfd chore: cleanup old physicals (#361) 
- cleanup old nodes to redeploy them

Reviewed-on: #361
 2025-07-15 22:34:46 +10:00
Ben Vincent
98f1961a07 benvin/ceph_common (#360) 
Reviewed-on: #360
 2025-07-15 20:38:39 +10:00
Ben Vincent
eb1ada8ea5 fix: duplicate declatation (#359) 
- only install ceph-common once

Reviewed-on: #359
 2025-07-15 20:31:09 +10:00
Ben Vincent
ec3e42901a feat: add basic k8s node role (#358) 
- update prodnxsr0001-8 to use networkd
- add basic k8s node role

Reviewed-on: #358
 2025-07-15 20:18:17 +10:00
Ben Vincent
e905afcab0 chore: cleanup hieradata/nodes (#357) 
- cleanup decommed nodes
- remove unneccessary node data

Reviewed-on: #357
 2025-07-13 21:40:32 +10:00
Ben Vincent
de6e7d0ba9 feat: add vmagent role (#356) 
- add vmagent role for vicmet

Reviewed-on: #356
 2025-07-13 17:20:58 +10:00
Ben Vincent
780a97dfe4 feat: add new cobbler master (#355) 
- change cobbler.main.unkin.net to 2098

Reviewed-on: #355
 2025-07-12 20:31:43 +10:00
Ben Vincent
9aa6472e5b feat: ensure /etc/NetworkManager/conf.d exists (#354) 
- required to create dns-none setting

Reviewed-on: #354
 2025-07-12 14:19:22 +10:00
Ben Vincent
80ab4e6889 chore: update cobbler for el9 (#353) 
- update cobbler/cobbler-web package
- update path for ipxebins

Reviewed-on: #353
 2025-07-12 14:19:14 +10:00
Ben Vincent
ccda327c7a gchore: cleanup old vms (#352) 
- remove ntp01/ntp02
- remove old gitea
- remove mariadb galera vms

Reviewed-on: #352
 2025-07-09 21:18:23 +10:00
Ben Vincent
acef1bde29 feat: move puppetca role (#351) 
- move puppetca from vm to lxd

Reviewed-on: #351
 2025-07-09 21:15:09 +10:00
Ben Vincent
7d87e11e79 feat: add victoria metrics roles (#350) 
- add vmstorage, vmselect and vminsert roles
- base roles, only adding packages
- preparation for standing up a vicmet cluster

Reviewed-on: #350
 2025-07-08 20:34:46 +10:00
Ben Vincent
40c57ede59 feat: add ci build task (#342) 
- a ci workflow for build tests
- run pre-commit against all files

Reviewed-on: #342
 2025-07-08 20:19:36 +10:00
Ben Vincent
be02d3d150 feat: migrate to external ntp (#349) 
- removing ntp vms from proxmox
- redirect ntp to external time sources

Reviewed-on: #349
 2025-07-07 20:27:02 +10:00
Ben Vincent
a550d48f21 fix: sort nameservers (#348) 
- sort nameservers before creating glue records

Reviewed-on: #348
 2025-07-06 20:09:19 +10:00
Ben Vincent
2d9faf578f feat: add unkin.net domain (#347) 
- manage the unkin.net domain
- ensure forwarding for unkin.net
- split domain from cname list and set zone correctly
- add fafflix to cnames list for haproxy2

Reviewed-on: #347
 2025-07-06 20:02:20 +10:00
Ben Vincent
2814a55df6 chore: hard-code git.unkin.net path (#346) 
- dirty fix, set git.unkin.net in hosts file template
- avoid hairpint nat

Reviewed-on: #346
 2025-07-06 16:43:07 +10:00
Ben Vincent
73362a3bf9 feat: add stick tables for gitea (#345) 
- stick tables are required for docker authentication

Reviewed-on: #345
 2025-07-06 14:42:14 +10:00
Ben Vincent
0063f68bc6 feat: enable external access to gitea (#344) 
- add git.unkin.net to certbot
- export haproxy resources for gitea
- add be_gitea to haproxy, import the certbot cert
- update the ROOT_URL for gitea instances

Reviewed-on: #344
 2025-07-06 13:47:56 +10:00
Ben Vincent
372d99893a core: fix ROOT_URL (#343) 
- root_url is used for docker authentication
- access to git.unkin.net is not yet ready

Reviewed-on: https://git.query.consul/unkin/puppet-prod/pulls/343
 2025-07-06 13:20:27 +10:00
Ben Vincent
620339f69d chore: cleanup hieradata/nodes (#341) 
- remove all node hiera data for decommed hosts

Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/341
 2025-07-06 12:23:22 +10:00