11a98b16bb
feat: setup galera cluster member profile
...
- add eyaml support for role
- add /data volume for galera cluster members
- create profiles::selinux namespace for defining selinux configuration
- create profiles::selinux::mysqld for managing specifics for mysqld
- create profiles::selinux::setenforce to manage selinux mode
- parameterised options required in mysqld::server module
- add mariadb repo
- add additional facts for managing mysqld and galera
2023-12-10 16:31:57 +11:00
a9aabfa161
fix: failed to test previously
...
- change next's outside of a loop to a single if statement
2023-12-08 21:32:32 +11:00
ebd20a5e5a
feat: mysql wsrep_ facts
...
- add facts generated from mysql's wsrep status variables
2023-12-08 21:25:01 +11:00
d261e3348d
Merge pull request 'feat: add/remove capabilities for packages' ( #86 ) from neoloc/base_packages_refactor into develop
...
Reviewed-on: unkinben/puppet-prod#86
2023-12-03 16:38:17 +09:30
53c54f982a
Merge pull request 'feat: setup/manage dnf-autoupdate' ( #85 ) from neoloc/dnf_autoupdate into develop
...
Reviewed-on: unkinben/puppet-prod#85
2023-12-03 16:37:56 +09:30
d8ff9ddb11
feat: setup/manage dnf-autoupdate
...
- create service to run dnf update
- create timer to call the service
- manage settings via params
2023-12-03 18:05:01 +11:00
8f04de2b52
feat: add/remove capabilities for packages
...
- add deepmerge lookup_options
- add packages to remove and packages to add to profiles::packages::base class
2023-12-03 17:24:58 +11:00
6e185ee248
Merge pull request 'feat: split agent service/package from config' ( #84 ) from neoloc/split_puppet_agent into develop
...
Reviewed-on: unkinben/puppet-prod#84
2023-12-03 15:20:51 +09:30
08c14c2329
feat: split agent service/package from config
...
- split package/service from config so puppetservers agents can be
managed in the same was as clients
2023-12-03 16:49:38 +11:00
8a6b3ef0fb
feat: add mirrorlist capability to reposyncer
...
- add mirrorlist param to reposyncer repos
- update almalinux 8.8 repos to use mirrorlist
- add almalinux 8.9 repos
2023-12-03 00:16:01 +11:00
1ccd8141ab
feat: add cname for repos
2023-11-29 23:13:17 +11:00
705c02c3a1
feat: fix selinux permissions each sync
...
- restorecon on each sync, to update selinux for new files/directories
2023-11-27 23:19:01 +11:00
Ben Vincent
7aae7e22a3
Merge pull request 'feat: add galera role' ( #76 ) from neoloc/mariadb into develop
...
Reviewed-on: unkinben/puppet-prod#76
2023-11-21 19:31:05 +09:30
a0d1623286
feat: add galera role
...
- add a base galera cluster member role
- include mysql and galera modules
2023-11-21 21:00:12 +11:00
Ben Vincent
caffc7dff9
Merge pull request 'fix: resolve prometheus issues' ( #75 ) from neoloc/prometheus_server into develop
...
Reviewed-on: unkinben/puppet-prod#75
2023-11-21 18:53:37 +09:30
609f9135df
feat: add base grafana role
...
- include puppet-grafana module
- infra::metrics::grafana role is currently clone of base
2023-11-21 20:13:14 +11:00
10a6085b84
fix: resolve prometheus issues
...
- broken prometheus::server config, resolve conflicts
- move hieradata for role to match role, not profile
2023-11-21 20:03:26 +11:00
663b10e5a5
Merge branch 'develop' into neoloc/prometheus
2023-11-21 19:40:17 +11:00
a5207eb717
feat: add prometheus server
...
- bump enc, include prometheus server nodes
- add prometheus role and server class
2023-11-21 19:38:22 +11:00
dd334da2b0
chore: reorganise reposync role
2023-11-18 20:08:16 +11:00
ab1b031275
Merge branch 'develop' into neoloc/puppet_cleanup
2023-11-18 20:03:46 +11:00
460f9bc7e8
refactor: move puppet::* roles to infra::puppet
...
- start creation on apps:: roles
- reorganise hieradata to match role changes
- remove tagging for enc repo
2023-11-18 20:00:58 +11:00
dffc97ad4c
chore: reorganise ntp server
...
- bump enc to match changes
- change ntp client to find servers through puppetdb query
- changed default ntp servers to publicly available nodes
2023-11-18 19:18:14 +11:00
92269ae94b
Merge branch 'develop' into neoloc/node_exporter
2023-11-17 23:20:02 +11:00
6b9d9e6aa7
Merge branch 'develop' into neoloc/resolvconf
2023-11-17 23:17:59 +11:00
Ben Vincent
7cc1a1ddc0
Merge pull request 'feat: manage qemu-agent' ( #66 ) from neoloc/qemuagent into develop
...
Reviewed-on: unkinben/puppet-prod#66
2023-11-17 21:46:08 +09:30
a21b7ffc96
feat: setup metrics agents
...
- set puppet::puppetdb_api class to export puppetdb
- set infra::dns::server class to export bind
- set all to export node and systemd metrics
2023-11-17 23:12:37 +11:00
d6f3262836
feat: manage qemu-agent
2023-11-17 22:25:43 +11:00
8d80fa3c51
feat: manage cloudinit
...
- add/remove cloud-init, default to remove
2023-11-17 22:17:24 +11:00
fdb13b7338
feat: find resolvers by role
...
- use puppetdbquery module to query puppetdb for resolvers
- move dns client config to profiles::dns::base
- manage the /etc/resolv.conf file
2023-11-17 21:54:20 +11:00
c996c9b7e3
fix: enable dynamic/tsig updates
...
- add eyaml to hiera.yaml
- consolidate all paths into single tree
- change to new profiles::dns::client wrapper
- change to new profiles::dns::record wrapper
- change to use concat method to build zone file
2023-11-16 21:40:16 +11:00
49f31edb03
Merge branch 'develop' into neoloc/bind_resolver
2023-11-13 21:55:21 +11:00
76b54fc59d
feat: add dns resolver/master classes
...
- define resolver and master dns server
- export A and PTR records from dns clients
- collect exported resources for master
- create hiera structure for acls, zones and views
2023-11-13 21:42:57 +11:00
b2844c4b3a
fix: updated path for gpg keys
2023-11-12 17:26:58 +11:00
cc77cc7ded
feat: change to use local mirror
...
- change almalinux and epel *.repo files on nodes to use local package mirror
- add option to purge yumrepo resources, default to true
- add versionlocking to yum, enable it for puppet-agent
2023-11-12 17:17:59 +11:00
48ea444e7c
fix: resolved issue with repodata
...
- repodata was being created in the wrong location
- update script to create in the path where the new snap exists
2023-11-12 15:48:30 +11:00
Ben Vincent
dd12726842
Merge pull request 'feat: add resolver/authoritive dns roles' ( #57 ) from neoloc/bindserver into develop
...
Reviewed-on: unkinben/puppet-prod#57
2023-11-12 13:11:56 +09:30
Ben Vincent
5276731d23
Merge pull request 'fix: datavol profile doesnt create the mountpoint' ( #56 ) from neoloc/datavol_create_mountpath into develop
...
Reviewed-on: unkinben/puppet-prod#56
2023-11-12 12:55:29 +09:30
Ben Vincent
79e37d9dae
Merge pull request 'refactor: move to ruby-script facts' ( #53 ) from neoloc/additional_enc_facts into develop
...
Reviewed-on: unkinben/puppet-prod#53
2023-11-11 22:15:42 +09:30
1b9a4f7832
refactor: move to ruby-script facts
...
- change enc_role_path fact to be ruby
- add enc_role_tier1, enc_role_tier2 and enc_role_tier3
- add new paths to hiera.yaml
2023-11-11 23:41:48 +11:00
1ff4611318
Merge branch 'develop' into neoloc/bind_resolver
...
- bring up to speed with rest of repo
2023-11-11 21:48:44 +11:00
7da58059d2
feat: add resolver/authoritive dns roles
...
- roles are currently empty, this just exists so I can branch off it
and start building test servers with this role
2023-11-11 21:47:21 +11:00
9bfae72d2e
Merge branch 'develop' into neoloc/ntpserver
2023-11-11 00:14:03 +11:00
f73c16bca2
feat: add enc_role_path fact
2023-11-11 00:03:12 +11:00
9cb730d116
feat: add ntp server/client
...
- add ntp client and server class
- add ntp server role
- update hiera.yaml to work with enc_role
- cleanup base profile
2023-11-10 23:59:10 +11:00
19836e2069
feat: adding reposync wrapper and tooling
...
- add autosyncer/autopromoter scripts
- add timer and service to initial sync process
- add timer/service for daily/weekly/monthly autopromote
- add define to manage each repo
- add nginx webserver to share repos
- add favion.ico if enabled
- add selinux management, and packages for selinux
- cleanup package management, sorting package groups into package classes
2023-11-08 23:16:56 +11:00
d11dcc0b24
fix: datavol profile doesnt create the mountpoint
...
- add file resource to create the required mountpath
- add Array[Enum[]] for mount_options
- fix mount to ensure the mount_options are used
- remove pass and dump options, leave as defaults
2023-11-06 19:31:35 +11:00
cb9af5a2a8
fix: variant regex results in error
...
- update the $size variant regex so it actually matches correctly
- default $size to undef, which results in 100%FREE
2023-11-05 18:11:53 +11:00
1d1541419a
feat: adding base packagerepo role
...
- create roles::infra::packagerepo
- bump enc version
2023-11-05 17:45:13 +11:00
6bbc14136f
Merge branch 'develop' into neoloc/datavol
2023-11-05 17:40:19 +11:00
def2561e6c
feat: add datavol class to manage /data
...
- included puppetlabs-lvm module
- created profiles::base::datavol to:
- create pv, vg, lv and format the filesystem and mount it
2023-11-05 17:37:10 +11:00
56518f1fcb
feat: change enc repo to be tagged
...
- enc repository will download a specific tag
- defaults to master
- hiera set to release tag '0.1'
2023-11-04 20:36:08 +11:00
0cc0bacad3
feat: add motd and facts
...
- use parameters created by the enc to create external facts
- use external facts to generate the motd
- use features from unkinben/puppet-enc#22
2023-11-04 20:11:20 +11:00
5076d7383a
feat: add ceph osd/mds/mon roles
...
- basic roles currently
- will allow build of ceph to begin
2023-11-02 20:12:47 +11:00
Ben Vincent
89653912cb
Merge pull request 'feat: manage puppet clients' ( #35 ) from neoloc/puppetclient into develop
...
Reviewed-on: unkinben/puppet-prod#35
2023-10-29 18:59:52 +09:30
130669a130
feat: manage puppet clients
...
- manage the service
- manage the package, version lock it
- deploy the /etc/puppetlabs/puppet/puppet.conf from template for puppet
clients only
2023-10-29 20:26:39 +11:00
Ben Vincent
cf26d2d2e7
Merge pull request 'feat: add puppetboard role' ( #34 ) from neoloc/puppetboard into develop
...
Reviewed-on: unkinben/puppet-prod#34
2023-10-29 18:06:27 +09:30
46c3eb9597
feat: add puppetboard role
...
- add nginx module to manage reverse proxy on host level
- add puppetboard venv
- add gunicorn instance
- add script to start the gunicorn instance
- add nginx vhost
2023-10-29 19:33:11 +11:00
0171a82d58
feat: add features to puppet.conf
...
- reports, for sending reports to puppetdb
- usecacheonfailure, to show faulures in puppetboard (when set to false)
2023-10-23 22:37:41 +11:00
ef0d865845
Merge pull request 'feat: split puppetdb role into api and sql' ( #32 ) from neoloc/puppetdb2 into develop
...
Reviewed-on: unkinben/puppet-prod#32
2023-10-22 20:30:43 +09:30
e682462917
feat: split puppetdb role into api and sql
...
- add puppetdb_api and puppetdb_sql role
- add puppetdb_api and puppetdb_sql profile
- add prodinf01n05 to /etc/hosts file
- set listen_address for all services to be hosts ip
- set storeconfigs and storeconfigs_backend to be managed by puppetmaster profile
2023-10-22 21:55:50 +11:00
6bb52f2a15
feat: add firewalld management profile
...
- basic profile to enable/disable, and install/remove
- defaulting to enabled and installed, but set to disabled and removed
in hiera
2023-10-22 19:54:10 +11:00
f772215630
fix: found typo in r10k script
2023-10-22 01:30:57 +11:00
2faed5de72
Merge pull request 'fix: set the puppetdb_host correctly' ( #29 ) from neoloc/puppetdb_server_loc into develop
...
Reviewed-on: unkinben/puppet-prod#29
2023-10-21 23:17:00 +09:30
c6c36e8351
fix: set the puppetdb_host correctly
...
- change the puppetdb::master::config from include to class statement
- set the puppetdb_host value to match what is stored in hiera
- disable firewall management on the puppetdb host
2023-10-22 00:40:12 +11:00
95434214a9
feat: add management of /etc/hosts
...
- add class to manage the /etc/hosts file
- add static hosts to /etc/hosts file via hiera array/hash
2023-10-22 00:34:22 +11:00
e847954e03
Merge branch 'develop' into neoloc/puppet_wrapper
2023-10-22 00:00:52 +11:00
86a6c1bd96
feat: add sudo secure_path
...
- update the sudo class from an include to a definition
- set the secure_path variable to include /usr/local/{bin,sbin}
2023-10-21 23:52:48 +11:00
ac27a9ce0b
Merge branch 'develop' into neoloc/puppetdb
2023-10-21 23:30:40 +11:00
080cdd8884
Setup PuppetDB/Puppetboard
...
- install modules required
- puppetdb
- postgresql
- puppetboard
- python
- create new profiles to manage each item (puppetdb/puppetboard)
- added puppetdb role
- include the puppetdb::master::config in puppetmaster role
- re-organised the puppetfile
- moved python to be managed by the python module
- added postgresql to list of managed repos
2023-10-21 23:11:40 +11:00
2b11a9417c
Account/Sudo management
...
- imported account and sudo puppet modules
- created account management wrapper
- defined sysadmin account, set to be created on all nodes
- removed sudo from base packages as its managed by sudo module now
2023-08-29 23:25:10 +10:00
d2fb3cff27
Merge branch 'develop' into feature/default_environment
2023-08-26 19:50:54 +10:00
afb30f9dce
Updated dns_alt_names for puppetmaster
2023-08-26 19:45:43 +10:00
116342bdaa
Added class to manage a default set of scripts
...
- included scripts into profiles::base
- updated hiera with list of scripts to create and their template name
- created template for a puppet wrapper
2023-08-26 16:11:53 +10:00
efc769191e
Adding a default environment
...
- set through puppet.conf
- created symbolic link from develop -> production in code/environments
- changed puppet-g10k script to be generated from a template
- parameterised g10k into hieradata
2023-08-26 15:36:35 +10:00
c96676e143
Updated autosign
...
- added way to manage individual nodes
- added defaults for domains, subnets and nodes
- updated comments and doc
2023-08-26 01:00:31 +10:00
5b4a17b77a
Changed to a simple autosign method
2023-08-26 00:49:21 +10:00
8fb922d5fb
Merge pull request 'Added a new profile to manage common packages' ( #7 ) from feature/base_packages into develop
...
Reviewed-on: unkinben/puppet-prod#7
2023-07-02 14:30:53 +09:30
d48283734c
Added a new profile to manage common packages
...
* will by default pull data from hiera
* could change it on a per-distro/role basis
* requires stdlib for ensure_packages
2023-07-02 14:55:02 +10:00
8663d446d3
Merge pull request 'Added default resource settings' ( #6 ) from fix/global_exec_path into develop
...
Reviewed-on: unkinben/puppet-prod#6
2023-07-02 13:53:49 +09:30
d7a7198497
Added default resource settings
...
* added profiles::default class in defaults.pp file
* imported into all roles
* cleaned up some duplicated code
2023-07-02 14:21:09 +10:00
e519b2aeff
Changed source for package to be url
...
* this removes the need to manually download/store the file, then
pass it to the dpkg package manager
2023-07-02 14:13:50 +10:00
87f174df33
Added Debian components
...
* added debian components for Debian12 and Debian11
* added apt module to puppetfile
* removed /etc/apt/sources.list management, done by apt module
* added profiles::apt::puppet7
2023-07-01 22:38:25 +10:00
46a95d756a
Merge pull request 'Added a base role' ( #3 ) from feature/base_role into develop
...
Reviewed-on: unkinben/puppet-prod#3
2023-06-27 20:13:27 +09:30
b12e3471f3
Merge branch 'develop' into feature/apt_repository
2023-06-27 20:10:44 +09:30
c00821763e
Added a base role
...
* base role imports the base profile
* updated profiles::base to work with debian family
2023-06-27 20:37:06 +10:00
754241bcf2
Added class to manage installing the git client
2023-06-26 20:06:15 +10:00
45a9639346
Changed r10k to update every 5 minutes
2023-06-26 20:02:08 +10:00
5d758da66e
Added r10k repo management
...
* added profile to download puppet-r10k, add a script to pull changes,
and scheduled it to happen automatically with systemd timer/service
* added to the puppetmaster profile
* updated hieradata
2023-06-26 19:42:15 +10:00
4e30d9b6d9
Added boilerplate for debian host management
...
* added apt repo management
* added switcher based on OS to base.pp
2023-06-26 19:20:05 +10:00
f1f39ef4e3
Changed to vox systemd module
...
* updated Puppetfile
* updated puppet-enc timer/service
* updated puppet-g10k timer/service
2023-06-25 14:46:09 +10:00
5ee4891157
Add a switch to check for os family
...
This is so I can include either apt or yum/dnf based profiles. This can
be expanded easily if new families are added, or if new base role
includes are added that are different based on the family of the os.
2023-06-25 14:36:23 +10:00
7a789ceaee
Renamed role/profile directories
...
* renamed role to roles
* renamed profile to profiles
* cleaned up all profiles/roles/hieradata to match new paths
2023-06-25 14:36:23 +10:00
1b7e807c0e
Renamed role/profile directories
...
* renamed role to roles
* renamed profile to profiles
* cleaned up all profiles/roles/hieradata to match new paths
2023-06-25 13:06:36 +10:00
93c4689d8d
Setup puppet7 repo for el distros
...
* create that puppet7.repo file
* install the puppet-release rpm
2023-06-24 22:33:47 +10:00
87d9d920e8
Added classes to manage repositories for yum
...
* manage all base repositories
* manage epel if required
* cleanup /etc/yum.repos.d directory
2023-06-24 21:58:00 +10:00
c6d62a710c
Added puppet-enc setup
...
* systemd timer/service to update repo every minute
* added puppetlabs/vcsrepo module
* install git if its not already installed
* added to profile::puppet::puppetmaster
* updated pre-commit to allow long yaml lines
2023-06-21 22:03:43 +10:00
9536be5864
Inital commit for profile::puppet::*
...
* profile::pupper::server
* profile::puppet::puppetmaster
* profile::puppet::g10k
* profile::puppet::autosign
* updated Puppetfile
* updated role::puppet::puppetmaster
* added profile::puppet::puppetmaster to puppetmaster role
* added profile::puppet::server templates
2023-06-21 21:17:07 +10:00
725fef7d01
Updated ntp to chrony
...
* updated Puppetfile
* updated profiles::base to use chrony, and added class parameters
2023-06-18 17:16:48 +10:00
d4ec7e5041
Added puppetmaster role
2023-06-18 00:10:03 +10:00
172b9d2d1f
Initial commit
2023-05-15 22:27:27 +10:00
