unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
876 Commits 18 Branches 0 Tags 3 MiB
cffb6a54fc
Commit Graph

404 Commits

Author SHA1 Message Date
Ben Vincent
348d8889ed Adding hieradata/node/ausyd1nxvm1055.main.unkin.net.yaml 2024-08-16 22:11:47 +10:00
Ben Vincent
1a2023f4ff Merge pull request 'feat: add patroni/psql cluster' (#140) from neoloc/patroni into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/140
 2024-08-10 23:40:29 +10:00
Ben Vincent
35834f8f5a feat: add patroni/psql cluster 
- add patroni puppet module
- add patroni role and hieradata
- add sql/patroni class that utilised consul
 2024-08-10 22:34:43 +10:00
Ben Vincent
4347faf153 Merge pull request 'neoloc/redis' (#139) from neoloc/redis into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/139
 2024-08-10 18:47:17 +10:00
Ben Vincent
5c731fef34 feat: deploy redisha cluster 
- manage pki and ssh principals
- manage redis/sentinel with redisha module
- add consul checks to manage redis-replica/redis-master services
- manage sudo rules for consul checks
 2024-08-10 17:39:30 +10:00
Ben Vincent
afe2a2afb7 Adding hieradata/node/ausyd1nxvm1054.main.unkin.net.yaml 2024-08-10 14:13:59 +10:00
Ben Vincent
c76ce3bf10 Adding hieradata/node/ausyd1nxvm1053.main.unkin.net.yaml 2024-08-10 14:13:51 +10:00
Ben Vincent
af989a19c3 Adding hieradata/node/ausyd1nxvm1052.main.unkin.net.yaml 2024-08-10 14:11:47 +10:00
Ben Vincent
4d08e30733 Merge pull request 'fix: also fix repodata' (#138) from neoloc/cephreef into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/138
 2024-08-10 13:36:30 +10:00
Ben Vincent
e2873a492a fix: also fix repodata 2024-08-10 13:36:04 +10:00
Ben Vincent
90af895a34 Merge pull request 'fix: ceph-reef 18.2.4 not on el8' (#137) from neoloc/cephreef into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/137
 2024-08-10 13:30:54 +10:00
Ben Vincent
52e3d5b20b fix: ceph-reef 18.2.4 not on el8 
- force repo to use 18.2.2
 2024-08-10 13:30:16 +10:00
Ben Vincent
403e3eeb1b chore: add account 2024-08-08 19:01:18 +10:00
Ben Vincent
a5baed8cd9 chore: add two new users 
- add marbal and seablo
 2024-08-07 22:19:08 +10:00
Ben Vincent
20ee6fa19e Merge pull request 'feat: add rundeck runner user' (#130) from neoloc/rundeck_user into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/130
 2024-08-06 22:36:54 +10:00
Ben Vincent
c846cc4e21 feat: add rundeck runner user 
- add rundeck account on all hosts except rundeck
- add rundeck ssh private/public key to rundeck server
 2024-08-06 22:33:32 +10:00
Ben Vincent
8e0f26e726 Merge pull request 'Adding hieradata/node/ausyd1nxvm1050.main.unkin.net.yaml' (#124) from autonode/ausyd1nxvm1050.main.unkin.net into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/124
 2024-08-01 22:41:27 +10:00
Ben Vincent
4338dfe27f Adding hieradata/node/ausyd1nxvm1051.main.unkin.net.yaml 2024-08-01 22:35:03 +10:00
Ben Vincent
66cb1e356d Adding hieradata/node/ausyd1nxvm1050.main.unkin.net.yaml 2024-08-01 22:33:26 +10:00
Ben Vincent
d3daac3b71 fix: change debian repos to http 
- until https issues are resolved with https
 2024-07-31 21:51:04 +10:00
Ben Vincent
eb32a216f5 Merge pull request 'neoloc/rundeck' (#121) from neoloc/rundeck into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/121
 2024-07-28 02:05:20 +10:00
Ben Vincent
5354c99b1e feat: add rundeck profile 
- export mysql user for each rundeck server
- ensure the jdbc driver for mariadb is available
- exclude jq from default packages (managed by rundeck)
- add groups for admin/user for each project in rundeck
- add consul service
- add vault certificates
- add ssh principals
- add nginx simpleproxy
 2024-07-28 01:51:41 +10:00
Ben Vincent
6a3123e12e Merge pull request 'feat: change packages to Hash' (#120) from neoloc/packages_hash into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/120
 2024-07-27 16:29:48 +10:00
Ben Vincent
26ffe17ee1 feat: add database 
- add database for rundeck
 2024-07-27 13:06:14 +10:00
Ben Vincent
cb5bb0798f feat: add rundeck to ldap 
- add service account for rundeck
- add rundeck_access group
 2024-07-27 13:06:14 +10:00
Ben Vincent
08241692ee feat: add rundeck 
- add puppet-rundeck module
- add rundeck role
 2024-07-27 13:06:14 +10:00
Ben Vincent
cc01259a64 feat: change packages to Hash 
- change from multiple arrays for managing packages to a hash
- change to ensure_packages to prevent duplicate resource conflicts
 2024-07-27 13:01:06 +10:00
Ben Vincent
20686e04f4 Adding hieradata/node/ausyd1nxvm1049.main.unkin.net.yaml 2024-07-26 23:27:10 +10:00
Ben Vincent
480eced404 Merge pull request 'feat: add vrrp to halb' (#116) from neoloc/keepalived into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/116
 2024-07-14 22:07:34 +10:00
Ben Vincent
946922fdb9 feat: add vrrp to halb 
- update keepalived module to 5.1.0
- add keepalived::vrrp::* to be deep merged in hiera
- add vrrp dns configuration
- add vrrp instance/script to halb in syd1
 2024-07-13 20:15:13 +10:00
Ben Vincent
319c3b6d67 feat: ensure *arr can access prowlarr 2024-07-13 16:55:21 +10:00
Ben Vincent
01fc6aacd7 Merge pull request 'fix: remove unkin.net from internal dns' (#113) from neoloc/bind_static_dns into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/113
 2024-07-11 22:31:29 +10:00
Ben Vincent
73c7dbd56c fix: remove unkin.net from internal dns 
- unkin.net is entirely hosted externally
 2024-07-11 22:30:44 +10:00
Ben Vincent
bbd6cdb228 Merge pull request 'feat: add rpmfusion to nzbget' (#110) from neoloc/rpmfusion_nzbget into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/110
 2024-07-11 21:28:56 +10:00
Ben Vincent
2cbba808c3 feat: add rpmfusion to nzbget 2024-07-11 21:24:35 +10:00
Ben Vincent
3dc8fb03fa chore: add service account to submit nzbs 2024-07-11 19:56:17 +10:00
Ben Vincent
93ab2bebc3 feat: rewrite for nzbget 
- required for consul health check to work
 2024-07-10 21:26:53 +10:00
Ben Vincent
5221c15a66 fix: update ldap filter 
- update ldap filter for *arr's to match on user and group
 2024-07-10 20:43:50 +10:00
Ben Vincent
1532641640 feat: add nzbget to media platform 
- add haproxy rules
- generate/distribute letsencrypt certificates
- manage access to cephfs
 2024-07-09 22:32:54 +10:00
Ben Vincent
abb4a47703 chore: add ens19 to nzbget host 
- required to access cephfs
 2024-07-09 22:26:46 +10:00
Ben Vincent
857d51a934 chore: add matsol to nzbget 2024-07-09 22:26:03 +10:00
Ben Vincent
fd5163d6e6 Merge branch 'develop' into neoloc/nzbget 2024-07-09 22:25:28 +10:00
Ben Vincent
d67eba5860 feat: add nzbget module/role 
- add nzbget module
- add nzbget ldap user/group
 2024-07-09 22:23:58 +10:00
Ben Vincent
dacd2c6994 Merge pull request 'chore: disable gpgcheck for unkin repo' (#100) from neoloc/gpgcheck_unkin_repo into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/100
 2024-07-09 22:01:01 +10:00
Ben Vincent
47333237ee chore: disable gpgcheck for unkin repo 2024-07-09 21:18:02 +10:00
Ben Vincent
924631d705 Adding hieradata/node/ausyd1nxvm1048.main.unkin.net.yaml 2024-07-09 20:54:51 +10:00
Ben Vincent
384e301fd3 Merge pull request 'feat: add new users' (#98) from neoloc/moreusers into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/98
 2024-07-09 19:22:26 +10:00
Ben Vincent
d52949fc4f feat: add new users 
- matsol
 2024-07-09 19:21:59 +10:00
Ben Vincent
899e2cbf49 feat: haproxy updates 
- use letsencrypt certificates
- add fafflix and jellyfin backends
 2024-07-08 22:56:24 +10:00
Ben Vincent
bd5164fed3 feat: certbot reorg 
- moved certbot into its own module
- added fact to list available certificates
- created systemd timer to rsync data to $data_dir/pub
- ensure the $data_dir/pub exists
- manage selinux for nginx
 2024-07-08 22:33:11 +10:00
Ben Vincent
30ec8c1bb1 feat: enable retrieval of certbot certs 
- refactor certbot
- add nginx to certbot hosts
 2024-07-07 22:30:40 +10:00
Ben Vincent
9db714d02f feat: manage certbot 
- add haproxy backend for be_letsencrypt
- manage the certbot role/profile
- create define to export certificate requests
 2024-07-07 21:21:50 +10:00
Ben Vincent
991c8a3029 feat: haproxy updates 
- add acls for all backends
- harden security of backends
- update http-check for all backends
 2024-07-07 16:51:36 +10:00
Ben Vincent
b5c7b310ee Merge pull request 'neoloc/mediaproxy' (#92) from neoloc/mediaproxy into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/92
 2024-07-06 23:24:49 +10:00
Ben Vincent
2ab2cd1399 feat: deploy ldap-auth to all *arrs 
- refactor sonarr locations to generalised locations
- set locations to be deep merged
- updated hiera_include statements for media and media subroles
- added eyaml entries for all ldap credentials
 2024-07-06 22:50:10 +10:00
Ben Vincent
cbded220bb feat: add sonarr locations 
- add authproxy
- add api and web
- add /consul/health for unauth access from consul
- update sonarr/consul check to use /consul/health
- change client body side to 20mb
 2024-07-06 22:01:47 +10:00
Ben Vincent
89697e85aa Merge pull request 'chore: update svc_sonarr credential' (#91) from neoloc/sonarr_auth into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/91
 2024-07-06 18:32:43 +10:00
Ben Vincent
158ebaf7a0 chore: update svc_sonarr credential 2024-07-06 18:32:25 +10:00
Ben Vincent
21a45c1b03 feat: add rpmfusion to jellyfin hosts 
- required for jellyfin packages
- additional dependencies also from rpmfusion
 2024-07-03 21:27:05 +10:00
Ben Vincent
8e1622a158 Merge pull request 'neoloc/glauth' (#87) from neoloc/glauth into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/87
 2024-07-02 18:12:54 +10:00
Ben Vincent
6e3802ad57 feat: add users/services/groups 2024-07-01 22:54:22 +10:00
Ben Vincent
c8604baa4e feat: add glauth role/profile classes 
- role added to cobbler
- add role specific hieradata
 2024-07-01 22:42:29 +10:00
Ben Vincent
0a86986edf Merge pull request 'neoloc/jellyfin' (#86) from neoloc/jellyfin into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/86
 2024-06-30 21:24:49 +10:00
Ben Vincent
2199e4e3c0 feat: add jellyfin to haproxy 2024-06-30 00:02:44 +10:00
Ben Vincent
f81b5753ff feat: add jellyfin role/profile classes 2024-06-30 00:02:16 +10:00
Ben Vincent
c1a6191cab Adding hieradata/node/ausyd1nxvm1047.main.unkin.net.yaml 2024-06-29 14:41:25 +10:00
Ben Vincent
0d4652cfdf Merge pull request 'Adding hieradata/node/ausyd1nxvm1046.main.unkin.net.yaml' (#84) from autonode/ausyd1nxvm1046.main.unkin.net into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/84
 2024-06-29 01:57:05 +10:00
Ben Vincent
9b9f64ca95 Merge pull request 'feat: haproxy for *arr stack' (#83) from neoloc/haproxy_backends into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/83
 2024-06-29 01:56:52 +10:00
Ben Vincent
d7f0c9073f Adding hieradata/node/ausyd1nxvm1046.main.unkin.net.yaml 2024-06-29 01:23:09 +10:00
Ben Vincent
7bd12c9880 Adding hieradata/node/ausyd1nxvm1045.main.unkin.net.yaml 2024-06-29 01:13:45 +10:00
Ben Vincent
aa8ded5850 Merge pull request 'Adding hieradata/node/ausyd1nxvm1045.main.unkin.net.yaml' (#81) from autonode/ausyd1nxvm1045.main.unkin.net into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/81
 2024-06-29 01:13:24 +10:00
Ben Vincent
0e11c03e9d Adding hieradata/node/ausyd1nxvm1045.main.unkin.net.yaml 2024-06-29 01:09:56 +10:00
Ben Vincent
7520fdddbd Adding hieradata/node/ausyd1nxvm1044.main.unkin.net.yaml 2024-06-29 01:03:43 +10:00
Ben Vincent
d07751a151 feat: haproxy for *arr stack 
- add additional backends
- set *arr's to export as a backend
- add *arr.main.unkin.net certificates
 2024-06-28 22:46:50 +10:00
Ben Vincent
9b8556f487 fear: deploy additional *arr stack apps 
- cleanup hieradata entires for roles to remove some defaults
- add profiles::media::* classes to manage *arr stacks
 2024-06-27 23:42:33 +10:00
Ben Vincent
5acc683374 Merge pull request 'neoloc/arr_params' (#78) from neoloc/arr_params into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/78
 2024-06-27 23:22:22 +10:00
Ben Vincent
8a1d62cd41 chore: change media group to 20000 
- found 10001 and simliar were already taken
 2024-06-27 23:20:51 +10:00
Ben Vincent
b6a77afc7b chore: change all *arr's to use port 8000 locally 2024-06-27 23:19:45 +10:00
Ben Vincent
2b1ea45e4e feat: add manage_group param to *arr stack 
- change hieradata/role/apps/media/* to use correct namespaces
- add manage_group boolean to all *arr stack modules
 2024-06-27 23:15:08 +10:00
Ben Vincent
19caafbc43 Merge pull request 'chore: change media group to 20000' (#77) from neoloc/groups_20k into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/77
 2024-06-27 22:27:37 +10:00
Ben Vincent
a4e78f645a chore: change media group to 20000 
- found 10001 and simliar were already taken
 2024-06-27 22:26:46 +10:00
Ben Vincent
2147cc434d Adding hieradata/node/ausyd1nxvm1043.main.unkin.net.yaml 2024-06-27 22:22:39 +10:00
Ben Vincent
f63e6a953c Merge pull request 'chore: add ens19 to ausyd1nxvm1041' (#75) from neoloc/ausyd1nxvm1041 into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/75
 2024-06-27 22:18:14 +10:00
Ben Vincent
38819ba2ab chore: add ens19 to ausyd1nxvm1041 2024-06-27 22:17:50 +10:00
Ben Vincent
dc70687860 Adding hieradata/node/ausyd1nxvm1042.main.unkin.net.yaml 2024-06-27 22:15:55 +10:00
Ben Vincent
dcccc85264 feat: add media user to all media roles 
- change *arrs to use media as the group
 2024-06-27 21:48:47 +10:00
Ben Vincent
89383268f0 chore: change to use sonarr::parmas 
- use sonarr::params class as it contains typing on params
 2024-06-27 20:39:25 +10:00
Ben Vincent
aa63970dc1 Adding hieradata/node/ausyd1nxvm1041.main.unkin.net.yaml 2024-06-27 18:22:43 +10:00
Ben Vincent
40ff5f7d92 feat: deploy radarr 
- manage ens19 nic on ausyd1nxvm1040
- manage cephfs storage
 2024-06-26 22:57:36 +10:00
Ben Vincent
56df5695dc Merge pull request 'feat: manage sonarr configuration' (#60) from neoloc/sonarr_config into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/60
 2024-06-25 23:47:36 +10:00
Ben Vincent
f22556b39f feat: manage sonarr configuration 
- add config class to sonarr module
- update params to include unique group param
 2024-06-25 23:45:29 +10:00
Ben Vincent
b846a49127 Adding hieradata/node/ausyd1nxvm1040.main.unkin.net.yaml 2024-06-25 22:40:57 +10:00
Ben Vincent
a12fac20ab chore: dont remove ens18 from ausyd1nxvm1021 2024-06-23 17:53:49 +10:00
Ben Vincent
4857b72ce3 chore: fix ausyd1nxvm1021 
- change default interface from eth0 to ens18
 2024-06-23 17:49:34 +10:00
Ben Vincent
6839fb8c5f feat: networking defaults 
- add interface/route defaults
- merge defaults into each interface/route
 2024-06-23 17:34:23 +10:00
Ben Vincent
3b907159f1 chore: change eth0 to ens18 2024-06-23 16:47:46 +10:00
Ben Vincent
803a0ac01d Merge pull request 'neoloc/cephfs' (#54) from neoloc/cephfs into develop 
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/54
 2024-06-23 15:34:04 +10:00
Ben Vincent
736f04143f chore: manage ens19 interface on ausyd1nxvm1037 
- add storage interface
 2024-06-23 15:33:40 +10:00
Ben Vincent
82ed27cf56 feat: add sonarr profile 
- add cephfs secret for mounting mediafs
- add ceph-reef repo for apps::media roles
- add the shared cephfs mediafs mount
 2024-06-23 15:33:40 +10:00
Ben Vincent
5631f07e6e feat: add cephfs shared volume define 
- add ceph class to manage ceph client configuration/packages
- add cephfs define for mounting volumes
- add ceph keyring define to manage secrets used to mount cephfs
 2024-06-23 15:33:33 +10:00