unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
473 Commits 18 Branches 0 Tags 3 MiB
b9c327799f
Commit Graph

473 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ben Vincent
ed60e18062 feat: update jdk11 for puppetdb 
- specify the java_bin
- specify the java_args
 2024-04-06 20:05:23 +11:00
Ben Vincent
258cedb566 Merge pull request 'neoloc/haproxy_puppetdbapi' (#151) from neoloc/haproxy_puppetdbapi into develop 
Reviewed-on: unkinben/puppet-prod#151
 2024-04-06 17:09:37 +09:30
Ben Vincent
f79d9de495 feat: update node_lookup 
- update node_lookup to use new puppetdb URL
 2024-04-06 18:31:41 +11:00
Ben Vincent
c9a1d35af9 feat: add cnames to haproxy 
- manage A records for haproxy
- manage cnames for services using haproxy
 2024-04-06 16:26:50 +11:00
Ben Vincent
e97d061f46 feat: add puppetdbapi to haproxy 
- add puppetdbapi backend to haproxy
- add puppetdbapi altname to the vault certificate
- add mapping for hostname to backend
 2024-04-06 15:49:10 +11:00
Ben Vincent
f7881b19cf Merge pull request 'feat: add puppetboard backend' (#150) from neoloc/haproxy_puppetboard into develop 
Reviewed-on: unkinben/puppet-prod#150
 2024-04-06 02:54:26 +09:30
Ben Vincent
57b7a3036b Merge pull request 'feat: add virtual/physical check' (#147) from neoloc/sensors into develop 
Reviewed-on: unkinben/puppet-prod#147
 2024-04-06 02:53:57 +09:30
Ben Vincent
105bf1b09d feat: add puppetboard backend 
- add balancemember to puppetboard nodes
- add be_puppetboard to haproxxy
- add puppetboard.main.unkin.net to haproxy altnames
- add puppetboard to backend mapping
- change way backends are registered in haproxy
 2024-04-06 04:20:39 +11:00
Ben Vincent
dc428543cf Merge pull request 'feat: add haproxy profile' (#149) from neoloc/haproxy into develop 
Reviewed-on: unkinben/puppet-prod#149
 2024-04-06 01:58:10 +09:30
Ben Vincent
2091f1ada3 feat: add haproxy profile 
- add haproxy server class
- add haproxy profile to role
- add hiera data for region specific haproxy
- add selinux configuration
- add certlist management
- add default http and https frontends
- add default stats listener
 2024-04-06 03:27:45 +11:00
Ben Vincent
e15ebd4571 Merge pull request 'feat: change certmanage to approles' (#148) from neoloc/certmanager_approle into develop 
Reviewed-on: unkinben/puppet-prod#148
 2024-04-03 23:03:16 +09:30
Ben Vincent
5bde96fb4d feat: change certmanage to approles 
- created approle 'certmanager' using 'certmanager' policy
- update certmanager script to generate token based on roleid
 2024-04-04 00:32:08 +11:00
Ben Vincent
e69b3a9dc4 Merge pull request 'feat: deploy cobbler enc' (#146) from neoloc/cobbler_enc into develop 
Reviewed-on: unkinben/puppet-prod#146
 2024-04-03 13:05:05 +09:30
Ben Vincent
64563902d4 feat: deploy cobbler enc 
- install python3.11 on all nodes
- create python3.11 venv for cobbler-enc
- install requirements in cobbler-enc venv
- symlink to /usr/local/bin/
 2024-03-31 20:58:31 +11:00
Ben Vincent
0ad31f6013 feat: add virtual/physical check 
- add virtual tree to hiera
- add virtual/kvm and virtual/physical hiera sources
- add lm_sensors to be installed on hardware nodes
 2024-03-31 15:36:41 +11:00
Ben Vincent
d64e185919 Merge pull request 'feat: add dhcp servers' (#145) from neoloc/dhcp-server into develop 
Reviewed-on: unkinben/puppet-prod#145
 2024-03-29 07:45:16 +09:30
Ben Vincent
d64860f47b feat: add dhcp servers 
- include puppet-dhcp module
- manage dhcp pools
- manage dhcp classes (bios/uefi)
 2024-03-29 09:13:26 +11:00
Ben Vincent
159c57677a Merge pull request 'feat: add cobbler profile' (#144) from neoloc/cobbler_profile into develop 
Reviewed-on: unkinben/puppet-prod#144
 2024-03-29 07:10:33 +09:30
Ben Vincent
80b7ad8639 feat: add cobbler profile 
- add datavol to cobbler nodes
- add cobbler profile
- add cobbler role hieradata
- manage selinux where required for cobbler
- manage service cname
 2024-03-29 08:36:42 +11:00
Ben Vincent
f21573daae Merge pull request 'feat: deep merge yum repos to manage' (#143) from neoloc/puppet7gpg into develop 
Reviewed-on: unkinben/puppet-prod#143
 2024-03-28 20:15:14 +09:30
Ben Vincent
e02921be75 feat: deep merge yum repos to manage 
- fixed merging of yum repos
- changed puppet7 to use local copy of repo
 2024-03-28 21:41:15 +11:00
Ben Vincent
6b92910457 Merge pull request 'feat: set sysadmin password' (#142) from neoloc/sysadmin into develop 
Reviewed-on: unkinben/puppet-prod#142
 2024-03-28 19:39:01 +09:30
Ben Vincent
0383db2b10 feat: set sysadmin password 2024-03-28 20:34:50 +11:00
Ben Vincent
905f047626 Merge pull request 'feat: enable sydney subnets' (#141) from neoloc/sydprod into develop 
Reviewed-on: unkinben/puppet-prod#141
 2024-03-28 18:39:09 +09:30
Ben Vincent
748a0e8632 feat: enable sydney subnets 2024-03-28 20:08:00 +11:00
Ben Vincent
741b32cb41 Merge pull request 'feat: add sydney subnets' (#140) from neoloc/dns_views into develop 
Reviewed-on: unkinben/puppet-prod#140
 2024-03-21 20:33:01 +09:30
Ben Vincent
f2cdcb8c8e feat: add sydney subnets 2024-03-21 22:02:25 +11:00
Ben Vincent
e3ec5fa594 Merge pull request 'feat: cobbler setup' (#139) from neoloc/cobbler_roles into develop 
Reviewed-on: unkinben/puppet-prod#139
 2024-03-17 16:23:25 +09:30
Ben Vincent
fe4af852b6 feat: cobbler setup 
- add cobbler profile
- add dhcp server profile
 2024-03-17 17:52:34 +11:00
Ben Vincent
ac5e76e2ca Merge pull request 'feat: add ovirt roles' (#138) from neoloc/ovirt into develop 
Reviewed-on: unkinben/puppet-prod#138
 2024-03-16 15:13:44 +09:30
Ben Vincent
8f5e9e40a1 feat: add ovirt roles 
- add repositories for ovirt
- add role/profile for ovirt/engine and ovirt/node
- add deep-merge for managed_repos
- change repos to allow filesource (URL or file://)
- change reposync to use curl instead of wget
 2024-03-16 16:43:12 +11:00
Ben Vincent
4e25a1867e Merge pull request 'feat: add ovirt base roles' (#137) from neoloc/ovirt_base_role into develop 
Reviewed-on: unkinben/puppet-prod#137
 2024-03-13 21:01:38 +09:30
Ben Vincent
3587ea2295 feat: add ovirt base roles 2024-03-13 22:31:03 +11:00
Ben Vincent
05ea9c45ca Merge pull request 'feat: require vaultca for all yumrepos' (#136) from neoloc/vaultca_cert_first into develop 
Reviewed-on: unkinben/puppet-prod#136
 2024-03-10 17:33:43 +09:30
Ben Vincent
15e4e11097 feat: require vaultca for all yumrepos 2024-03-10 19:01:14 +11:00
Ben Vincent
92db575d7d Merge pull request 'fix: updated gpg key for psql repos' (#135) from neoloc/postgresql_gpg into develop 
Reviewed-on: unkinben/puppet-prod#135
 2024-03-10 14:48:41 +09:30
Ben Vincent
bca5d32793 fix: updated gpg key for psql repos 2024-03-10 16:18:03 +11:00
Ben Vincent
fd5dbb7813 Merge pull request 'feat: add country/region/environment to motd' (#134) from neoloc/motd_facts into develop 
Reviewed-on: unkinben/puppet-prod#134
 2024-03-10 14:19:09 +09:30
Ben Vincent
428dc910bb feat: add country/region/environment to motd 2024-03-10 15:48:26 +11:00
Ben Vincent
df05be21f6 Merge pull request 'feat: merge subnet facts' (#133) from neoloc/env_fact into develop 
Reviewed-on: unkinben/puppet-prod#133
 2024-03-10 14:13:46 +09:30
Ben Vincent
5dff24d9b9 feat: merge subnet facts 
- add fact for environment
- define 198.18.18.0/24 subnet
 2024-03-10 15:42:14 +11:00
Ben Vincent
69f3ae7095 Merge pull request 'feat: add base role for redis' (#131) from neoloc/redis_base_role into develop 
Reviewed-on: unkinben/puppet-prod#131
 2024-03-05 21:25:11 +09:30
Ben Vincent
816bec9f17 feat: add base role for redis 2024-03-05 22:53:49 +11:00
Ben Vincent
465bbbd9e1 Merge pull request 'feat: update yumrepos to use https://' (#130) from neoloc/yumrepo_use_https into develop 
Reviewed-on: unkinben/puppet-prod#130
 2024-03-03 16:29:28 +09:30
Ben Vincent
51d0ca16ec feat: update yumrepos to use https:// 
- require vaultca on all repos on repos.main.unkin.net
 2024-03-03 16:44:16 +11:00
Ben Vincent
e61ae597f6 Merge pull request 'feat: dynamically add subscribe to nginx resource' (#129) from neoloc/subscribe_ssl_cert into develop 
Reviewed-on: unkinben/puppet-prod#129
 2024-03-03 14:57:48 +09:30
Ben Vincent
0782cd5679 feat: dynamically add subscribe to nginx resource 
- add subscribe option to nginx resource dependent on nginx_listen_mode
- ensure nginx reloads when the ssl_cert or ssl_key changes, only if
  these values are not undef
- ensure the file resources are defined for certificates
 2024-03-03 16:25:51 +11:00
Ben Vincent
df97b75aca Merge pull request 'feat: change nginx to use vault ssl certs' (#128) from neoloc/packagerepo_ssl into develop 
Reviewed-on: unkinben/puppet-prod#128
 2024-03-03 13:34:04 +09:30
Ben Vincent
5afa9e8960 Merge pull request 'neoloc/pki_generate' (#127) from neoloc/pki_generate into develop 
Reviewed-on: unkinben/puppet-prod#127
 2024-03-03 13:33:33 +09:30
Ben Vincent
88ba8406b8 feat: deep merge alt_names and ip_sans 
- set hiera to deep-merge alt_names and ip_sans for generating vault
  certificates
 2024-03-03 15:01:14 +11:00