unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
1,003 Commits 18 Branches 0 Tags 3 MiB
a89f4db7a4
Commit Graph

18 Commits

Author SHA1 Message Date
Ben Vincent
89a0f329d8 feat: update vault url (#291) 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/291
 2025-05-21 19:58:12 +10:00
Ben Vincent
2321186ad5 neoloc/mpls_ldp_frr (#255) 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/255
 2025-04-24 16:51:31 +10:00
Ben Vincent
58d31c5c9a chore: migrate puppet-r10k 
- moved puppet-r10k the unkin organisation
- ensure branch is set to follow origin/master
 2024-11-17 19:26:27 +11:00
Ben Vincent
6b0e0daecb chore: add ssh principals 
- add ssh principals for consul service addresses
 2024-06-11 20:20:12 +10:00
Ben Vincent
b468f67103 feat: sign ssh host keys 
- manage python script/venv to sign ssh host certificates
- add approle_id to puppetmaster eyaml files
- add class to sign ssh-rsa host keys
- add facts to check if the current principals match the desired principals
 2024-06-01 22:51:42 +10:00
Ben Vincent
f029b04427 feat: update git sources 
- update r10k source
- update enc source
- update source for puppet-bind module
 2024-05-28 23:51:19 +10:00
Ben Vincent
b00781b604 feat: change vault url to vaul.query.consul 
- support access to vault from multiple datacentres for certmanager
 2024-05-26 01:23:16 +10:00
Ben Vincent
b9c327799f feat: add vault service/query altnames 
- add nginx aliases for vault services
- add additional vault certificates
- change certmanager script to use vault.service.consul
 2024-05-25 15:51:09 +10:00
Ben Vincent
6335167e3a feat: change clients to use puppet.query.consul 
- change all clients/servers to use puppet from consul service mesh
 2024-05-05 16:47:39 +10:00
Ben Vincent
fe296d52d9 feat: manage puppet/puppetca consul services 
- add puppet service
- add puppetca service
- add ability to write to puppet/puppetca service in consul
- add puppet.(query,service).consul to dns_alt_names of all masters
- add puppetca.(query,service).consul to dns_alt_names of puppetca
 2024-05-04 16:10:32 +10:00
Ben Vincent
bc4246dd05 feat: add new syd1 prod networks 2024-04-21 22:55:06 +10:00
Ben Vincent
5bde96fb4d feat: change certmanage to approles 
- created approle 'certmanager' using 'certmanager' policy
- update certmanager script to generate token based on roleid
 2024-04-04 00:32:08 +11:00
Ben Vincent
64563902d4 feat: deploy cobbler enc 
- install python3.11 on all nodes
- create python3.11 venv for cobbler-enc
- install requirements in cobbler-enc venv
- symlink to /usr/local/bin/
 2024-03-31 20:58:31 +11:00
Ben Vincent
748a0e8632 feat: enable sydney subnets 2024-03-28 20:08:00 +11:00
Ben Vincent
6bcdda1a93 chore: update vault policy 
- updated vault policy for certificates
 2024-02-25 22:11:31 +11:00
Ben Vincent
7f03bc5c76 feat: add certmanager helper 
- add certmanager script and config.yaml file
- install into pyenv for certmanager
- deploy to puppet-masters only
 2024-02-19 21:20:50 +11:00
Ben Vincent
5b75cf735a feat: manage ruby/puppet gems 
- manage installation of puppet_gem packages for puppetmasters
 2023-12-11 22:07:23 +11:00
Ben Vincent
460f9bc7e8 refactor: move puppet::* roles to infra::puppet 
- start creation on apps:: roles
- reorganise hieradata to match role changes
- remove tagging for enc repo
 2023-11-18 20:00:58 +11:00