promote develop to master #6

Merged

unkinben merged 449 commits from develop into master

2024-06-01 14:48:48 +10:00

Author	SHA1	Message	Date
Ben Vincent	3dfe9b9b73	Merge pull request 'feat: puppetdb sql updates' (#5 ) from neoloc/puppetdb_sql into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/5	2024-06-01 14:36:27 +10:00
Ben Vincent	6a9580b199	Merge pull request 'feat: bump git client_max_body_size' (#4 ) from neoloc/nginx_clientsize into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/4	2024-06-01 13:32:02 +10:00
Ben Vincent	6c2328e8ba	feat: bump git client_max_body_size - change from 100m to 250m	2024-06-01 13:31:35 +10:00
Ben Vincent	7e0df436e2	Merge pull request 'feat: increase client_max_body_size for git' (#3 ) from neoloc/nginx_clientsize into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/3	2024-06-01 13:19:21 +10:00
Ben Vincent	e7ddbfa035	feat: increase client_max_body_size for git - update hieradata with client_max_body_size for git role	2024-06-01 12:51:06 +10:00
Ben Vincent	810ba9ddb7	Merge pull request 'neoloc/nodelookup_consul' (#2 ) from neoloc/nodelookup_consul into develop Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/2	2024-06-01 12:11:48 +10:00
Ben Vincent	7cf2e78cea	feat: add sort and count to node_lookup - add -C option to count number of identical records - sort responses from node_lookup	2024-06-01 12:09:53 +10:00
Ben Vincent	91e3f2d427	chore: change node_lookup to use consul - remove https, use http backend as no authentication is required	2024-06-01 12:04:57 +10:00
unkinben	f28ebd2dd8	Merge pull request 'feat: update git sources' (#1 ) from neoloc/update_git_source into develop Reviewed-on: https://git.service.au-syd1.consul/unkinben/puppet-prod/pulls/1	2024-05-28 23:53:20 +10:00
Ben Vincent	f029b04427	feat: update git sources - update r10k source - update enc source - update source for puppet-bind module	2024-05-28 23:51:19 +10:00
Ben Vincent	99c4d8717c	Merge pull request 'neoloc/gitea' (#230 ) from neoloc/gitea into develop Reviewed-on: unkinben/puppet-prod#230	2024-05-28 22:58:49 +09:30
Ben Vincent	fab4ea5998	feat: add gitea classes - add basic gitea class	2024-05-28 23:14:36 +10:00
Ben Vincent	ffd574e8f0	feat: add gitea modules - add gitea module - add dependency extlib	2024-05-28 21:14:42 +10:00
Ben Vincent	7dacd4a403	Merge pull request 'neoloc/puppetca' (#229 ) from neoloc/puppetca into develop Reviewed-on: unkinben/puppet-prod#229	2024-05-28 20:37:02 +09:30
Ben Vincent	263d41fe9e	chore: remove prodinf01n01 as puppetca	2024-05-28 21:06:04 +10:00
Ben Vincent	df371a6b09	feat: syd1 puppetca provisioning - move puppetca to ausyd1nxvm1036	2024-05-28 20:13:08 +10:00
Ben Vincent	3fce5ae5bf	Merge pull request 'fix: change drw1 puppetmasters to use syd1 approle' (#228 ) from neoloc/certmanager_syd1_approle into develop Reviewed-on: unkinben/puppet-prod#228	2024-05-26 00:59:13 +09:30
Ben Vincent	d2d08bc479	fix: change drw1 puppetmasters to use syd1 approle - changing vault url to vault.query.consul forced puppetmasters in drw1 to connect to syd1 vault hosts - set drw1 puppetmasters to use syd1 approle_id	2024-05-26 01:27:45 +10:00
Ben Vincent	413bf78827	Merge pull request 'feat: change vault url to vaul.query.consul' (#227 ) from neoloc/certmanager into develop Reviewed-on: unkinben/puppet-prod#227	2024-05-26 00:53:39 +09:30
Ben Vincent	b00781b604	feat: change vault url to vaul.query.consul - support access to vault from multiple datacentres for certmanager	2024-05-26 01:23:16 +10:00
Ben Vincent	ad268e8977	Merge pull request 'feat: vault use vault' (#226 ) from neoloc/vault_use_vault into develop Reviewed-on: unkinben/puppet-prod#226	2024-05-26 00:38:55 +09:30
Ben Vincent	ad4f9b81f4	Merge pull request 'neoloc/syd1_certmanager_approle' (#224 ) from neoloc/syd1_certmanager_approle into develop Reviewed-on: unkinben/puppet-prod#224	2024-05-26 00:38:16 +09:30
Ben Vincent	7c0bf4a398	feat: vault use vault - change vault to use vault ephemeral certificates - remove nginx frontend to vault	2024-05-26 01:06:48 +10:00
Ben Vincent	b9c327799f	feat: add vault service/query altnames - add nginx aliases for vault services - add additional vault certificates - change certmanager script to use vault.service.consul	2024-05-25 15:51:09 +10:00
Ben Vincent	2c3aa2bbdc	feat: vault certmanager tokens - move vault certmanager tokens to drw1/syd1 specific eyaml - add syd1 certmanger token for syd1 vault	2024-05-25 15:50:59 +10:00
Ben Vincent	0a49092f52	chore: add syd1 vault ca/int certs - deploy syd1 vault ca certificates	2024-05-25 14:18:56 +10:00
Ben Vincent	0b549325a1	Merge pull request 'feat: added country-region altnames' (#223 ) from neoloc/puppetboard_altnames into develop Reviewed-on: unkinben/puppet-prod#223	2024-05-24 23:01:37 +09:30
Ben Vincent	c883bc8c91	feat: added country-region altnames - add puppetboard.service.au-{syd1\|drw1}.consul to: - vault pki cert - nginx server aliases	2024-05-24 23:27:07 +10:00
Ben Vincent	880752c302	Merge pull request 'feat: change drw1 puppetdb -> syd1' (#222 ) from neoloc/puppetdb_to_consul into develop Reviewed-on: unkinben/puppet-prod#222	2024-05-24 22:37:57 +09:30
Ben Vincent	cbf3f0e694	feat: change drw1 puppetdb -> syd1	2024-05-24 23:06:18 +10:00
Ben Vincent	22af602510	Merge pull request 'feat: puppet::client multiple altnames' (#221 ) from neoloc/puppetdbapi_certs into develop Reviewed-on: unkinben/puppet-prod#221	2024-05-22 22:42:59 +09:30
Ben Vincent	0901595de9	feat: puppet::client multiple altnames - puppet clients can not request multiple dns alt_names - set puppetdbapi hosts to request multiple certificates	2024-05-22 23:05:34 +10:00
Ben Vincent	e19c84b33e	Merge pull request 'feat: puppetboard on consul' (#220 ) from neoloc/puppetboard_consul into develop Reviewed-on: unkinben/puppet-prod#220	2024-05-22 22:26:44 +09:30
Ben Vincent	349547c4bc	feat: puppetboard on consul - updated nginx param types - add nginx aliases, merge with vhost, use as server_names - add additional vault alt-names - add prepared query for puppetboard	2024-05-22 22:54:54 +10:00
Ben Vincent	6bd66724dc	Merge pull request 'neoloc/syd1_puppetdb' (#219 ) from neoloc/syd1_puppetdb into develop Reviewed-on: unkinben/puppet-prod#219	2024-05-22 22:00:35 +09:30
Ben Vincent	8fb4c59f88	Merge branch 'develop' into neoloc/syd1_puppetdb	2024-05-22 22:30:10 +10:00
Ben Vincent	d2235610af	Merge pull request 'feat: set syd1 puppetdb hosts' (#218 ) from neoloc/puppetboard into develop Reviewed-on: unkinben/puppet-prod#218	2024-05-22 21:58:52 +09:30
Ben Vincent	25cbff4656	feat: set syd1 puppetdb hosts - change syd1 puppetdb hosts to use consul serivce/query addresses	2024-05-22 22:23:07 +10:00
Ben Vincent	770c8cc159	feat: update hiera key for puppetdb api/sql - changed to use puppetdbapi and puppetdbsql hiera keys - updated all classes that referenced old values	2024-05-22 22:18:32 +10:00
Ben Vincent	9e3b680b0b	feat: add prepared query for puppetdbapi - merge to develop - add prepared query for puppetdbapi	2024-05-22 22:11:51 +10:00
Ben Vincent	f6bf504416	Merge branch 'develop' into neoloc/syd1_puppetdb	2024-05-22 22:11:04 +10:00
Ben Vincent	39aa6e114e	feat: puppetdb sql updates - add consul support - enable local script checks in consul agents - add a test DB/User for consult to verify the psql instance is running - manage the postgresql repo and gpg key	2024-05-22 22:05:54 +10:00
Ben Vincent	9d3a57dfc9	Merge pull request 'feat: increase puppetdb api Xmx' (#217 ) from neoloc/puppetdbmemory into develop Reviewed-on: unkinben/puppet-prod#217	2024-05-22 21:07:46 +09:30
Ben Vincent	6035af37a1	feat: increase puppetdb api Xmx - change java args to use 2048mb of memory	2024-05-22 21:37:00 +10:00
Ben Vincent	4b0ff2deee	Merge pull request 'feat: firstrun optimisations' (#216 ) from neoloc/yumrepos into develop Reviewed-on: unkinben/puppet-prod#216	2024-05-19 22:46:19 +09:30
Ben Vincent	598a8c0f52	feat: firstrun optimisations - download gpg keys if gpgkey is defined - ensure the profiles::defaults is called first	2024-05-19 23:11:11 +10:00
Ben Vincent	adf27a3090	Merge pull request 'fix: repo target changes' (#215 ) from neoloc/yumrepos into develop Reviewed-on: unkinben/puppet-prod#215	2024-05-19 22:17:04 +09:30
Ben Vincent	65bd2ae8d5	fix: repo target changes - use per-repo target files	2024-05-19 22:46:27 +10:00
Ben Vincent	ad38a276f3	Merge pull request 'feat: update all roles for firstrun' (#214 ) from neoloc/firstrun into develop Reviewed-on: unkinben/puppet-prod#214	2024-05-19 21:53:19 +09:30
Ben Vincent	2abbfe8feb	feat: update all roles for firstrun - ensure the firstrun is processed before role specific class profiles	2024-05-19 22:11:01 +10:00
Ben Vincent	29745d07f3	Merge pull request 'feat: firstrun improvements' (#213 ) from neoloc/firstrun into develop Reviewed-on: unkinben/puppet-prod#213	2024-05-19 21:06:06 +09:30
Ben Vincent	dde8d5978d	feat: firstrun improvements - add fact to detect firstrun - run a limited subset of classes on firstrun - firstrun: includes: - vault ca certificates - yum/apt repositories - fast-install packages with an exec	2024-05-19 21:28:14 +10:00
Ben Vincent	0e7168026d	Merge pull request 'neoloc/yumrepos' (#212 ) from neoloc/yumrepos into develop Reviewed-on: unkinben/puppet-prod#212	2024-05-19 20:09:50 +09:30
Ben Vincent	fd466fcccc	feat: cleanup old repo management - change profiles::puppet::agent to require Yumrepo['puppet'] - remove managed repos hieradata - remove profiles:😋:* classes that are not required - remove missed rebase comment	2024-05-19 20:27:56 +10:00
Ben Vincent	5f9480f186	feat: direct yumrepo config - deep merge yumrepo resources - convert repos to direct yumrepo in hieradata - change from repos.main.unkin.net to edgecache.query.consul - create all yumrepo resources from $profiles:😋:global::repos	2024-05-19 20:27:47 +10:00
Ben Vincent	da2e98ed4d	feat: add centos mirror to edgecache - add centos repo to edgecache	2024-05-19 19:41:15 +10:00
Ben Vincent	150d5b97a9	feat: cleanup excessive comments	2024-05-19 17:23:00 +10:00
Ben Vincent	d3e75e9aa2	Merge pull request 'feat: configure edgecache for postgresql' (#211 ) from neoloc/psql_edgecache into develop Reviewed-on: unkinben/puppet-prod#211	2024-05-19 16:51:39 +09:30
Ben Vincent	6f9a606549	feat: configure edgecache for postgresql - add fact to record system resolvers - add resolvers feature in /etc/nginx/conf.d/resolvers.conf - add rewrite rules for postgres/yum/repodata	2024-05-19 16:56:36 +10:00
Ben Vincent	2971018b7e	Merge pull request 'neoloc/mariadb_consul' (#210 ) from neoloc/mariadb_consul into develop Reviewed-on: unkinben/puppet-prod#210	2024-05-19 14:40:18 +09:30
Ben Vincent	74f60d3101	Merge branch 'develop' into neoloc/mariadb_consul	2024-05-19 15:09:43 +10:00
Ben Vincent	9640779846	feat: mariadb improvements - add bind-address to local_ip - add consul service	2024-05-19 14:53:14 +10:00
Ben Vincent	8f4799ce2a	feat: update consul service service - change edgecache service name from puppet -> edgecache	2024-05-19 14:53:14 +10:00
Ben Vincent	ec37f86726	Merge pull request 'feat: mariadb improvements' (#209 ) from neoloc/mariadb_consul into develop Reviewed-on: unkinben/puppet-prod#209	2024-05-12 19:30:28 +09:30
Ben Vincent	81e4dffa36	feat: mariadb improvements - add bind-address to local_ip - add consul service	2024-05-12 19:56:46 +10:00
Ben Vincent	6bddec6bd2	Merge pull request 'feat: manage pgsql settings for puppetdb' (#208 ) from neoloc/puppetdb_connections into develop Reviewed-on: unkinben/puppet-prod#208	2024-05-12 16:10:42 +09:30
Ben Vincent	5774ebd614	feat: manage pgsql settings for puppetdb - deep merge postgresql_config_entries in common.yaml - add postgresql_config_entries into a new hieradata/roles/infra/puppetdb/sql.yaml - set puppetdb role to import the options	2024-05-12 16:36:43 +10:00
Ben Vincent	48b9177e05	Merge pull request 'feat: prepare syd1 mariadb cluster' (#207 ) from neoloc/mariadb_syd1 into develop Reviewed-on: unkinben/puppet-prod#207	2024-05-12 15:44:03 +09:30
Ben Vincent	2aa5ead9d1	feat: prepare syd1 mariadb cluster - update role to wait for enc_role - move hiera data to country/region/role specific location	2024-05-12 15:40:43 +10:00
Ben Vincent	89fcddf161	Merge pull request 'feat: improve first run on el8' (#206 ) from neoloc/firstrun_improvements into develop Reviewed-on: unkinben/puppet-prod#206	2024-05-12 14:41:03 +09:30
Ben Vincent	bed0ef3c79	feat: improve first run on el8 - change defaults for yumrepo resources	2024-05-12 15:06:47 +10:00
Ben Vincent	9eacb9ec08	Merge pull request 'fix: cobbler host' (#205 ) from neoloc/cobbler_server into develop Reviewed-on: unkinben/puppet-prod#205	2024-05-11 22:40:09 +09:30
Ben Vincent	4a1848db38	fix: cobbler host - fixed name of cobbler host in yaml	2024-05-11 23:09:30 +10:00
Ben Vincent	5577e368e9	Merge pull request 'chore: move pxeboot to syd1 cobbler' (#204 ) from neoloc/dhcp_syd1_cobbler into develop Reviewed-on: unkinben/puppet-prod#204	2024-05-11 21:36:23 +09:30
Ben Vincent	dca99d2716	chore: move pxeboot to syd1 cobbler - update nameservers for syd1 to use local dns resolvers - update pxeserver to au-syd1 cobbler	2024-05-11 22:05:21 +10:00
Ben Vincent	ec6e49e37a	Merge pull request 'feat: change cobbler master' (#203 ) from neoloc/cobbler_master into develop Reviewed-on: unkinben/puppet-prod#203	2024-05-11 21:20:56 +09:30
Ben Vincent	3e233ea688	feat: change cobbler master - promote ausyd1nxvm1017	2024-05-11 21:50:02 +10:00
Ben Vincent	fdb02277ec	Merge pull request 'neoloc/edgecache' (#202 ) from neoloc/edgecache into develop Reviewed-on: unkinben/puppet-prod#202	2024-05-11 21:18:05 +09:30
Ben Vincent	cb54cd2dba	feat: add edgecache prepared_query - add edgecache as a prepared_query in consul	2024-05-11 21:47:14 +10:00
Ben Vincent	4171427e7b	feat: add edgecache role - add edge-caching role - add mirror for debian, almalinux and epel repositories - export service as edgecache in consul	2024-05-11 21:46:20 +10:00
Ben Vincent	9edd060367	feat: deep merge /etc/hosts - allow managing /etc/hosts on multiple levels of hiera	2024-05-11 21:45:24 +10:00
Ben Vincent	b66615a522	Merge pull request 'fix: move selinux profile to cobbler' (#201 ) from neoloc/selinux_fix into develop Reviewed-on: unkinben/puppet-prod#201	2024-05-11 15:01:59 +09:30
Ben Vincent	eeb21081d3	Merge branch 'develop' into neoloc/selinux_fix	2024-05-11 15:01:38 +09:30
Ben Vincent	6633f07d8b	feat: install policycoreutils - install policycoreutils on all almalinux releases	2024-05-11 15:30:01 +10:00
Ben Vincent	a618962d07	fix: move selinux profile to cobbler - only import the selinux enforce profile in cobbler	2024-05-11 15:22:16 +10:00
Ben Vincent	911e284586	Merge pull request 'fix: export cobbler DNS if is_cobbler_master' (#200 ) from neoloc/cobbler_dns into develop Reviewed-on: unkinben/puppet-prod#200	2024-05-11 14:13:37 +09:30
Ben Vincent	a05f81799d	fix: export cobbler DNS if is_cobbler_master - set prodinf01n48 as primary cobbler node - ensure the cobbler DNS record is created	2024-05-11 14:36:28 +10:00
Ben Vincent	ce3e0f2320	Merge pull request 'neoloc/cobbler_refacter' (#199 ) from neoloc/cobbler_refacter into develop Reviewed-on: unkinben/puppet-prod#199	2024-05-09 22:45:33 +09:30
Ben Vincent	fee0bde604	feat: complete cobbler automation - add facts to manage the /var/www/cobbler and /data/cobbler directories - move /var/www/cobbler -> /data/cobbler - create symlink from /var/www/cobbler -> /data/cobbler - ensure that cobbler nodes are set to permissive selinux mode	2024-05-09 22:44:55 +10:00
Ben Vincent	72077d64a2	refactor: reconfigure cobbler to module style - split params into class - split class into individual functions	2024-05-07 22:44:01 +10:00
Ben Vincent	f4de86e877	Merge pull request 'feat: dhcp wait for enc_role fact' (#198 ) from neoloc/dhcp_wait_for_encrole into develop Reviewed-on: unkinben/puppet-prod#198	2024-05-06 21:40:40 +09:30
Ben Vincent	8de1ed9766	feat: dhcp wait for enc_role fact	2024-05-06 22:07:39 +10:00
Ben Vincent	7ae9295ce6	Merge pull request 'chore: move dhcp hieradata to hieradata/role' (#197 ) from neoloc/syd1_dhcp into develop Reviewed-on: unkinben/puppet-prod#197	2024-05-06 21:20:30 +09:30
Ben Vincent	c2e413c0fb	chore: move dhcp hieradata to hieradata/role	2024-05-06 21:49:41 +10:00
Ben Vincent	7286dfe574	Merge pull request 'neoloc/consul_wan' (#196 ) from neoloc/consul_wan into develop Reviewed-on: unkinben/puppet-prod#196	2024-05-06 20:10:02 +09:30
Ben Vincent	e9c7fbc2b5	feat: update puppetdb_api for multi-zone - wait for the enc_role fact to be updated and match - move puppetdb db/api host values to common.yaml - add vault cert altnames for consul query/service addresses - add consul services/rules/checks	2024-05-06 20:38:25 +10:00
Ben Vincent	14a56a41a2	Merge branch 'develop' into neoloc/consul_wan Conflicts: hieradata/common.yaml	2024-05-05 18:01:41 +10:00
Ben Vincent	31f670ad18	Merge pull request 'neoloc/syd1_puppet' (#195 ) from neoloc/syd1_puppet into develop Reviewed-on: unkinben/puppet-prod#195	2024-05-05 17:13:38 +09:30
Ben Vincent	6335167e3a	feat: change clients to use puppet.query.consul - change all clients/servers to use puppet from consul service mesh	2024-05-05 16:47:39 +10:00
Ben Vincent	f1ff7cb736	feat: distribute eyaml pub/priv key - distribute the private/public pem for eyaml via eyaml	2024-05-05 16:25:18 +10:00
Ben Vincent	ff83e28413	Merge pull request 'feat: per-datacentre consul dns' (#194 ) from neoloc/consul_dns into develop Reviewed-on: unkinben/puppet-prod#194	2024-05-04 16:00:55 +09:30
Ben Vincent	51bd1796ad	feat: per-datacentre consul dns - change forwarding for consul to be per-datacentre to local consul - change domain from service.consul -> consul so query.consul can be resolved	2024-05-04 16:27:32 +10:00
Ben Vincent	fe296d52d9	feat: manage puppet/puppetca consul services - add puppet service - add puppetca service - add ability to write to puppet/puppetca service in consul - add puppet.(query,service).consul to dns_alt_names of all masters - add puppetca.(query,service).consul to dns_alt_names of puppetca	2024-05-04 16:10:32 +10:00
Ben Vincent	8a241d6b96	feat: add prepared_query capabilities to consul - add prepared query for: - vault - puppet - puppetca	2024-05-04 15:46:47 +10:00
Ben Vincent	6020143f76	feat: consul multi-datacentre joining - add method to join multiple consul datacentres - set syd1 as the primary datacentre - use default token from au-syd1 cluster in all locations - add replication token	2024-05-04 00:39:18 +10:00
Ben Vincent	df8a55c3dd	feat: manage puppetca - manage the puppet ca.cfg - distribute the crl.pem from the puppetca to masters	2024-05-03 21:29:25 +10:00
Ben Vincent	052b07be83	chore: remove excessive comments - remove the excessive comments and notes at the top of the puppet classes	2024-05-03 20:48:20 +10:00
Ben Vincent	a429255c63	feat: puppet server agent - add [agent] settings for puppetservers	2024-05-03 20:46:01 +10:00
Ben Vincent	56b23620b7	refactor: reoganise the puppetserver profile - manage puppetserver package - set order for puppetserver classes - for profiles::puppet::server class: - set param types using stdlib where possible - set default values for all params - move configuration data to hieradata - wait for enc_role fact to match role - exclude puppet::client from puppermaster nodes	2024-05-02 23:32:32 +10:00
Ben Vincent	7dc2daf48f	Merge pull request 'fix: add use_backend for drw1 haproxy' (#193 ) from neoloc/haproxy_drw1 into develop Reviewed-on: unkinben/puppet-prod#193	2024-05-01 21:50:30 +09:30
Ben Vincent	95135fb58a	fix: add use_backend for drw1 haproxy	2024-05-01 21:58:10 +10:00
Ben Vincent	38ee3ec218	Merge pull request 'feat: haproxy refactor' (#192 ) from neoloc/haproxy_frontent_hiera into develop Reviewed-on: unkinben/puppet-prod#192	2024-05-01 18:38:32 +09:30
Ben Vincent	8697492611	feat: haproxy refactor - configure deep merging in hiera - move fe_http and fe_https to hiera - configure pve backends for standard and api traffic	2024-05-01 19:02:03 +10:00
Ben Vincent	af8763b044	Merge pull request 'feat: sydney haproxy cluster' (#191 ) from neoloc/haproxy_syd1 into develop Reviewed-on: unkinben/puppet-prod#191	2024-04-28 20:49:32 +09:30
Ben Vincent	220ac182f4	feat: sydney haproxy cluster - add au-syd1 halb cluster - add http-response to frontends - manage haproxy after enc_role is correct	2024-04-28 21:14:36 +10:00
Ben Vincent	a141de8b74	Merge pull request 'neoloc/consul_services' (#190 ) from neoloc/consul_services into develop Reviewed-on: unkinben/puppet-prod#190	2024-04-28 16:40:02 +09:30
Ben Vincent	587df5309f	Merge branch 'develop' into neoloc/consul_services Conflicts: hieradata/common.yaml site/profiles/manifests/consul/client.pp	2024-04-28 17:09:18 +10:00
Ben Vincent	926ed24070	Merge pull request 'feat: change forwarded domain for consul' (#189 ) from neoloc/consul_dns into develop Reviewed-on: unkinben/puppet-prod#189	2024-04-28 16:37:09 +09:30
Ben Vincent	8df927de18	feat: add node_token to agent config - move policy rules to hiera array[hash] - add node_token to agent as the default token	2024-04-28 17:06:06 +10:00
Ben Vincent	dff3f93297	feat: change forwarded domain for consul - change forward lookup zone for consul from consul.service.consul -> service.consul	2024-04-28 15:45:13 +10:00
Ben Vincent	199e35840f	fix: fix proxyurl for vault - change to http:// - change to localhost	2024-04-28 14:22:33 +10:00
Ben Vincent	43afc23535	feat: deploy consul services - add vault.service.consul	2024-04-28 14:06:49 +10:00
Ben Vincent	0f0d392fb4	feat: deploy consul agent - install the consul agent on all nodes, except consul servers	2024-04-28 13:23:43 +10:00
Ben Vincent	dc39b7c7a4	Merge pull request 'fix: fix proxyurl for vault' (#188 ) from neoloc/vault_proxy into develop Reviewed-on: unkinben/puppet-prod#188	2024-04-28 00:54:49 +09:30
Ben Vincent	f7141d7214	Merge pull request 'feat: deploy consul agent' (#187 ) from neoloc/consul_agent into develop Reviewed-on: unkinben/puppet-prod#187	2024-04-28 00:54:15 +09:30
Ben Vincent	bf44c8f7b7	feat: deploy consul agent - install the consul agent on all nodes, except consul servers	2024-04-28 01:19:08 +10:00
Ben Vincent	4453c8604a	fix: fix proxyurl for vault - change to http:// - change to localhost	2024-04-28 00:52:47 +10:00
Ben Vincent	f4a273e56c	Merge pull request 'feat: simple nginx proxy' (#186 ) from neoloc/merge_nginx_consul_vault into develop Reviewed-on: unkinben/puppet-prod#186	2024-04-28 00:03:33 +09:30
Ben Vincent	6fc5829fce	feat: simple nginx proxy - merge consul/vault nginx proxy into single class - replace nginx proxy classes for consul/vault with simpleproxy class	2024-04-28 00:32:04 +10:00
Ben Vincent	0c6ae1a69a	Merge pull request 'feat: add sydney vault cluster' (#184 ) from neoloc/vault_syd1 into develop Reviewed-on: unkinben/puppet-prod#184	2024-04-27 22:05:59 +09:30
Ben Vincent	3001bc32f2	feat: add sydney vault cluster - separate yaml between multiple regions - add nginx frontend to vault	2024-04-27 22:35:16 +10:00
Ben Vincent	26f26e6283	Merge pull request 'feat: generate consul policy/tokens' (#176 ) from neoloc/consul_node_policies into develop Reviewed-on: unkinben/puppet-prod#176	2024-04-27 19:52:26 +09:30
Ben Vincent	f536d19034	feat: generate consul policy/tokens - generate policy/token to add nodes - generate policy/token for all nodes - add base::root profile to manage aspects of the root user	2024-04-27 20:21:57 +10:00
Ben Vincent	c0642bbcf1	Merge pull request 'fix: move primary_datacenter to region/role' (#175 ) from neoloc/consul_syd1_default_dc into develop Reviewed-on: unkinben/puppet-prod#175	2024-04-26 23:41:26 +09:30
Ben Vincent	a7e9f1590e	fix: move primary_datacenter to region/role - set syd1 as primary consul datacentre - add consul.service.consul zone - add nginx reverse proxy for consul webui - set dns zones/acls/views/keys to be deep merged from hiera - update default token - add consul/consul.service.consul/consul.main.unkin.net to vault cert	2024-04-26 23:11:38 +10:00
Ben Vincent	f863d6f6bb	Merge pull request 'fix: consul members role key' (#174 ) from neoloc/consul_members_class into develop Reviewed-on: unkinben/puppet-prod#174	2024-04-24 23:30:52 +09:30
Ben Vincent	3ca92ee1f3	fix: consul members role key - moved members_role for consul to common yaml	2024-04-25 00:00:24 +10:00
Ben Vincent	98deb58fde	Merge pull request 'fix: enable new consul clusters to be started' (#173 ) from neoloc/consul_bootstrap into develop Reviewed-on: unkinben/puppet-prod#173	2024-04-24 23:23:08 +09:30
Ben Vincent	b6d3fc26de	fix: enable new consul clusters to be started - wait for the enc_role fact to be correct, as this is required to find all keys in hiera	2024-04-24 23:51:26 +10:00
Ben Vincent	6ad01abc6c	Merge pull request 'fix: absent to file, for custom_facts.yaml' (#172 ) from neoloc/enc_role_facts2 into develop Reviewed-on: unkinben/puppet-prod#172	2024-04-24 23:05:05 +09:30
Ben Vincent	5f6ba93393	fix: absent to file, for custom_facts.yaml	2024-04-24 23:34:21 +10:00
Ben Vincent	3ed433fb97	Merge pull request 'feat: moved enc_role and enc_env to ruby facts' (#171 ) from neoloc/enc_role_facts into develop Reviewed-on: unkinben/puppet-prod#171	2024-04-24 23:01:57 +09:30
Ben Vincent	e0dbecbfa0	feat: moved enc_role and enc_env to ruby facts	2024-04-24 23:30:27 +10:00
Ben Vincent	2671b51fc2	Merge pull request 'feat: add syd1 consul cluster' (#170 ) from neoloc/syd1_consul_cluster into develop Reviewed-on: unkinben/puppet-prod#170	2024-04-24 19:02:01 +09:30
Ben Vincent	89fcfe38ea	feat: add syd1 consul cluster	2024-04-24 19:31:18 +10:00
Ben Vincent	4149d89dc0	Merge pull request 'neoloc/dns_master_multiregion' (#169 ) from neoloc/dns_master_multiregion into develop Reviewed-on: unkinben/puppet-prod#169	2024-04-24 18:29:27 +09:30
Ben Vincent	99d3dcf4d8	Merge branch 'develop' into neoloc/dns_master_multiregion	2024-04-24 18:58:41 +10:00
Ben Vincent	b8d799e8e9	feat: select nameserver in soa based on role - find all dns servers in $ns_use (region/country/all), - or use the current node as the only nameserver	2024-04-24 18:44:08 +10:00
Ben Vincent	f8fd6700da	feat: enable selecting nameserver by fact - enable selecting nameservers to use by region, country or all - set default for nameservers to be region	2024-04-24 18:40:18 +10:00
Ben Vincent	2bae42fa31	Merge pull request 'feat: install ksm for proxmox' (#168 ) from neoloc/proxmox_ksm into develop Reviewed-on: unkinben/puppet-prod#168	2024-04-24 17:46:37 +09:30
Ben Vincent	3810385fcd	feat: install ksm for proxmox	2024-04-24 18:13:56 +10:00
Ben Vincent	6fc0b240c1	Merge pull request 'feat: sort ntpservers, select ntp to use' (#167 ) from neoloc/ntp_selection into develop Reviewed-on: unkinben/puppet-prod#167	2024-04-23 23:29:06 +09:30
Ben Vincent	7b316c6b0b	feat: sort ntpservers, select ntp to use - sort the ntpservers array so it doesnt change each run of puppet - allow the selection of all, region or country specific ntp servers	2024-04-23 23:57:01 +10:00
Ben Vincent	4b2690a678	Merge pull request 'feat: enable selecting nameserver by fact' (#166 ) from neoloc/dns_selection into develop Reviewed-on: unkinben/puppet-prod#166	2024-04-23 22:14:59 +09:30
Ben Vincent	dbe11323c5	feat: enable selecting nameserver by fact - enable selecting nameservers to use by region, country or all - set default for nameservers to be region	2024-04-23 22:39:33 +10:00
Ben Vincent	a7b40daee0	Merge pull request 'feat: sort nameserver/search_domains' (#165 ) from neoloc/dns_sorting into develop Reviewed-on: unkinben/puppet-prod#165	2024-04-23 20:44:59 +09:30
Ben Vincent	bb8bf202ac	feat: sort nameserver/search_domains - ensure the list doesnt change every puppet run	2024-04-23 21:11:56 +10:00
Ben Vincent	7f3005f312	Merge pull request 'fix: enable repos before installing packages' (#162 ) from neoloc/repofirst into develop Reviewed-on: unkinben/puppet-prod#162	2024-04-22 18:51:26 +09:30
Ben Vincent	df56213b18	fix: enable repos before installing packages	2024-04-22 19:07:28 +10:00
Ben Vincent	e5b3112189	Merge pull request 'feat: add new syd1 prod networks' (#161 ) from neoloc/sydney_subnets into develop Reviewed-on: unkinben/puppet-prod#161	2024-04-21 22:25:56 +09:30
Ben Vincent	bc4246dd05	feat: add new syd1 prod networks	2024-04-21 22:55:06 +10:00
Ben Vincent	85f17d8038	Merge pull request 'feat: manage timezone per region' (#160 ) from neoloc/timezone into develop Reviewed-on: unkinben/puppet-prod#160	2024-04-21 15:20:14 +09:30
Ben Vincent	9c6dee7609	feat: manage timezone per region - add timezone module - set per-region timezone setting - setup hiera_classes, set to deep merge, and set to include all in base profile	2024-04-21 15:48:09 +10:00
Ben Vincent	ccf43f3bcb	Merge pull request 'feat: manage proxmox nodes' (#159 ) from neoloc/proxmox into develop Reviewed-on: unkinben/puppet-prod#159	2024-04-21 15:07:43 +09:30
Ben Vincent	f04c74bd4d	feat: manage proxmox nodes - change /etc/hosts to meet proxmox requirements - add proxmox node role - add init, params, repo, install, clusterjoin classes	2024-04-21 15:08:28 +10:00
Ben Vincent	085416fea9	Merge pull request 'feat: node_lookup compatability for Debian' (#158 ) from neoloc/node_lookup_debian into develop Reviewed-on: unkinben/puppet-prod#158	2024-04-20 17:39:31 +09:30
Ben Vincent	6dd46efe3f	Merge pull request 'feat: debian vaultcert compatability' (#157 ) from neoloc/vaultcacrt into develop Reviewed-on: unkinben/puppet-prod#157	2024-04-20 17:38:57 +09:30
Ben Vincent	80a4cb0544	feat: debian vaultcert compatability - remove comma from certificate file - add comments identifying each certificate	2024-04-20 18:08:16 +10:00
Ben Vincent	49b4a65302	feat: node_lookup compatability for Debian	2024-04-20 18:04:54 +10:00
Ben Vincent	7ccbb7d0ee	Merge pull request 'feat: split lm-sensors for debian/rhel' (#156 ) from neoloc/debian_sensors into develop Reviewed-on: unkinben/puppet-prod#156	2024-04-15 19:01:22 +09:30
Ben Vincent	19c8749d9e	feat: split lm-sensors for debian/rhel	2024-04-14 23:17:38 +10:00
Ben Vincent	cdd450067d	Merge pull request 'feat: prepare puppet for debian' (#155 ) from neoloc/debian_prep into develop Reviewed-on: unkinben/puppet-prod#155	2024-04-13 22:47:07 +09:30
Ben Vincent	d0d67e316a	feat: prepare puppet for debian - set yum::versionlock to be only for redhat family - set puppet-agent require statement to use apt or yum - remove requirement of downloading puppet7-release-$dist.deb - create all paths in $base_path for vault certificate - set correct $PATH for update-ca-certificates - dynamically set debian release name - split packages to install from common.yaml to os-specific - create groups profile to manage local groups - change sysadmin to be a member of admins group - setup admins sudo rules	2024-04-13 22:34:28 +10:00
Ben Vincent	5f8b0ba102	Merge pull request 'feat: nginx reverse proxy debian cache' (#154 ) from neoloc/debian_cache into develop Reviewed-on: unkinben/puppet-prod#154	2024-04-13 20:29:37 +09:30
Ben Vincent	114d3fe195	feat: nginx reverse proxy debian cache - add debian, debian/pool locations to reposyncer - add selinux fcontext rules	2024-04-13 20:52:27 +10:00
Ben Vincent	eaddbe03d1	Merge pull request 'feat: add frontends, backends, listeners' (#153 ) from neoloc/haproxy_puppetdbmaster into develop Reviewed-on: unkinben/puppet-prod#153	2024-04-06 18:55:04 +09:30
Ben Vincent	82f2d75888	feat: add frontends, backends, listeners - add a way to define frontends, backends and listeners through hieradata	2024-04-06 20:23:37 +11:00
Ben Vincent	cdbb689c91	Merge pull request 'feat: update jdk11 for puppetdb' (#152 ) from neoloc/java_puppetdb into develop Reviewed-on: unkinben/puppet-prod#152	2024-04-06 18:36:46 +09:30
Ben Vincent	ed60e18062	feat: update jdk11 for puppetdb - specify the java_bin - specify the java_args	2024-04-06 20:05:23 +11:00
Ben Vincent	258cedb566	Merge pull request 'neoloc/haproxy_puppetdbapi' (#151 ) from neoloc/haproxy_puppetdbapi into develop Reviewed-on: unkinben/puppet-prod#151	2024-04-06 17:09:37 +09:30
Ben Vincent	f79d9de495	feat: update node_lookup - update node_lookup to use new puppetdb URL	2024-04-06 18:31:41 +11:00
Ben Vincent	c9a1d35af9	feat: add cnames to haproxy - manage A records for haproxy - manage cnames for services using haproxy	2024-04-06 16:26:50 +11:00
Ben Vincent	e97d061f46	feat: add puppetdbapi to haproxy - add puppetdbapi backend to haproxy - add puppetdbapi altname to the vault certificate - add mapping for hostname to backend	2024-04-06 15:49:10 +11:00
Ben Vincent	f7881b19cf	Merge pull request 'feat: add puppetboard backend' (#150 ) from neoloc/haproxy_puppetboard into develop Reviewed-on: unkinben/puppet-prod#150	2024-04-06 02:54:26 +09:30
Ben Vincent	57b7a3036b	Merge pull request 'feat: add virtual/physical check' (#147 ) from neoloc/sensors into develop Reviewed-on: unkinben/puppet-prod#147	2024-04-06 02:53:57 +09:30
Ben Vincent	105bf1b09d	feat: add puppetboard backend - add balancemember to puppetboard nodes - add be_puppetboard to haproxxy - add puppetboard.main.unkin.net to haproxy altnames - add puppetboard to backend mapping - change way backends are registered in haproxy	2024-04-06 04:20:39 +11:00
Ben Vincent	dc428543cf	Merge pull request 'feat: add haproxy profile' (#149 ) from neoloc/haproxy into develop Reviewed-on: unkinben/puppet-prod#149	2024-04-06 01:58:10 +09:30
Ben Vincent	2091f1ada3	feat: add haproxy profile - add haproxy server class - add haproxy profile to role - add hiera data for region specific haproxy - add selinux configuration - add certlist management - add default http and https frontends - add default stats listener	2024-04-06 03:27:45 +11:00
Ben Vincent	e15ebd4571	Merge pull request 'feat: change certmanage to approles' (#148 ) from neoloc/certmanager_approle into develop Reviewed-on: unkinben/puppet-prod#148	2024-04-03 23:03:16 +09:30
Ben Vincent	5bde96fb4d	feat: change certmanage to approles - created approle 'certmanager' using 'certmanager' policy - update certmanager script to generate token based on roleid	2024-04-04 00:32:08 +11:00
Ben Vincent	e69b3a9dc4	Merge pull request 'feat: deploy cobbler enc' (#146 ) from neoloc/cobbler_enc into develop Reviewed-on: unkinben/puppet-prod#146	2024-04-03 13:05:05 +09:30
Ben Vincent	64563902d4	feat: deploy cobbler enc - install python3.11 on all nodes - create python3.11 venv for cobbler-enc - install requirements in cobbler-enc venv - symlink to /usr/local/bin/	2024-03-31 20:58:31 +11:00
Ben Vincent	0ad31f6013	feat: add virtual/physical check - add virtual tree to hiera - add virtual/kvm and virtual/physical hiera sources - add lm_sensors to be installed on hardware nodes	2024-03-31 15:36:41 +11:00
Ben Vincent	d64e185919	Merge pull request 'feat: add dhcp servers' (#145 ) from neoloc/dhcp-server into develop Reviewed-on: unkinben/puppet-prod#145	2024-03-29 07:45:16 +09:30
Ben Vincent	d64860f47b	feat: add dhcp servers - include puppet-dhcp module - manage dhcp pools - manage dhcp classes (bios/uefi)	2024-03-29 09:13:26 +11:00
Ben Vincent	159c57677a	Merge pull request 'feat: add cobbler profile' (#144 ) from neoloc/cobbler_profile into develop Reviewed-on: unkinben/puppet-prod#144	2024-03-29 07:10:33 +09:30
Ben Vincent	80b7ad8639	feat: add cobbler profile - add datavol to cobbler nodes - add cobbler profile - add cobbler role hieradata - manage selinux where required for cobbler - manage service cname	2024-03-29 08:36:42 +11:00
Ben Vincent	f21573daae	Merge pull request 'feat: deep merge yum repos to manage' (#143 ) from neoloc/puppet7gpg into develop Reviewed-on: unkinben/puppet-prod#143	2024-03-28 20:15:14 +09:30
Ben Vincent	e02921be75	feat: deep merge yum repos to manage - fixed merging of yum repos - changed puppet7 to use local copy of repo	2024-03-28 21:41:15 +11:00
Ben Vincent	6b92910457	Merge pull request 'feat: set sysadmin password' (#142 ) from neoloc/sysadmin into develop Reviewed-on: unkinben/puppet-prod#142	2024-03-28 19:39:01 +09:30
Ben Vincent	0383db2b10	feat: set sysadmin password	2024-03-28 20:34:50 +11:00
Ben Vincent	905f047626	Merge pull request 'feat: enable sydney subnets' (#141 ) from neoloc/sydprod into develop Reviewed-on: unkinben/puppet-prod#141	2024-03-28 18:39:09 +09:30
Ben Vincent	748a0e8632	feat: enable sydney subnets	2024-03-28 20:08:00 +11:00
Ben Vincent	741b32cb41	Merge pull request 'feat: add sydney subnets' (#140 ) from neoloc/dns_views into develop Reviewed-on: unkinben/puppet-prod#140	2024-03-21 20:33:01 +09:30
Ben Vincent	f2cdcb8c8e	feat: add sydney subnets	2024-03-21 22:02:25 +11:00
Ben Vincent	e3ec5fa594	Merge pull request 'feat: cobbler setup' (#139 ) from neoloc/cobbler_roles into develop Reviewed-on: unkinben/puppet-prod#139	2024-03-17 16:23:25 +09:30
Ben Vincent	fe4af852b6	feat: cobbler setup - add cobbler profile - add dhcp server profile	2024-03-17 17:52:34 +11:00
Ben Vincent	ac5e76e2ca	Merge pull request 'feat: add ovirt roles' (#138 ) from neoloc/ovirt into develop Reviewed-on: unkinben/puppet-prod#138	2024-03-16 15:13:44 +09:30
Ben Vincent	8f5e9e40a1	feat: add ovirt roles - add repositories for ovirt - add role/profile for ovirt/engine and ovirt/node - add deep-merge for managed_repos - change repos to allow filesource (URL or file://) - change reposync to use curl instead of wget	2024-03-16 16:43:12 +11:00
Ben Vincent	4e25a1867e	Merge pull request 'feat: add ovirt base roles' (#137 ) from neoloc/ovirt_base_role into develop Reviewed-on: unkinben/puppet-prod#137	2024-03-13 21:01:38 +09:30
Ben Vincent	3587ea2295	feat: add ovirt base roles	2024-03-13 22:31:03 +11:00
Ben Vincent	05ea9c45ca	Merge pull request 'feat: require vaultca for all yumrepos' (#136 ) from neoloc/vaultca_cert_first into develop Reviewed-on: unkinben/puppet-prod#136	2024-03-10 17:33:43 +09:30
Ben Vincent	15e4e11097	feat: require vaultca for all yumrepos	2024-03-10 19:01:14 +11:00
Ben Vincent	92db575d7d	Merge pull request 'fix: updated gpg key for psql repos' (#135 ) from neoloc/postgresql_gpg into develop Reviewed-on: unkinben/puppet-prod#135	2024-03-10 14:48:41 +09:30
Ben Vincent	bca5d32793	fix: updated gpg key for psql repos	2024-03-10 16:18:03 +11:00
Ben Vincent	fd5dbb7813	Merge pull request 'feat: add country/region/environment to motd' (#134 ) from neoloc/motd_facts into develop Reviewed-on: unkinben/puppet-prod#134	2024-03-10 14:19:09 +09:30
Ben Vincent	428dc910bb	feat: add country/region/environment to motd	2024-03-10 15:48:26 +11:00
Ben Vincent	df05be21f6	Merge pull request 'feat: merge subnet facts' (#133 ) from neoloc/env_fact into develop Reviewed-on: unkinben/puppet-prod#133	2024-03-10 14:13:46 +09:30
Ben Vincent	5dff24d9b9	feat: merge subnet facts - add fact for environment - define 198.18.18.0/24 subnet	2024-03-10 15:42:14 +11:00
Ben Vincent	69f3ae7095	Merge pull request 'feat: add base role for redis' (#131 ) from neoloc/redis_base_role into develop Reviewed-on: unkinben/puppet-prod#131	2024-03-05 21:25:11 +09:30
Ben Vincent	816bec9f17	feat: add base role for redis	2024-03-05 22:53:49 +11:00
Ben Vincent	465bbbd9e1	Merge pull request 'feat: update yumrepos to use https://' (#130 ) from neoloc/yumrepo_use_https into develop Reviewed-on: unkinben/puppet-prod#130	2024-03-03 16:29:28 +09:30
Ben Vincent	51d0ca16ec	feat: update yumrepos to use https:// - require vaultca on all repos on repos.main.unkin.net	2024-03-03 16:44:16 +11:00
Ben Vincent	e61ae597f6	Merge pull request 'feat: dynamically add subscribe to nginx resource' (#129 ) from neoloc/subscribe_ssl_cert into develop Reviewed-on: unkinben/puppet-prod#129	2024-03-03 14:57:48 +09:30
Ben Vincent	0782cd5679	feat: dynamically add subscribe to nginx resource - add subscribe option to nginx resource dependent on nginx_listen_mode - ensure nginx reloads when the ssl_cert or ssl_key changes, only if these values are not undef - ensure the file resources are defined for certificates	2024-03-03 16:25:51 +11:00
Ben Vincent	df97b75aca	Merge pull request 'feat: change nginx to use vault ssl certs' (#128 ) from neoloc/packagerepo_ssl into develop Reviewed-on: unkinben/puppet-prod#128	2024-03-03 13:34:04 +09:30
Ben Vincent	5afa9e8960	Merge pull request 'neoloc/pki_generate' (#127 ) from neoloc/pki_generate into develop Reviewed-on: unkinben/puppet-prod#127	2024-03-03 13:33:33 +09:30
Ben Vincent	88ba8406b8	feat: deep merge alt_names and ip_sans - set hiera to deep-merge alt_names and ip_sans for generating vault certificates	2024-03-03 15:01:14 +11:00
Ben Vincent	05d2599bc5	feat: ensure vaultca certificate is trusted - install the vault rootca on all nodes - update ca-trust store on changes to the rootca certificate deployed	2024-03-03 14:54:59 +11:00
Ben Vincent	3e98ced8da	feat: change nginx to use vault ssl certs - update packagerepo webserver class to allow using ssl	2024-03-03 14:53:36 +11:00
Ben Vincent	8009b59514	feat: automatically generate vault certs - certificate will be generated for: - fqdn - hostname - primary ip address - localhost - 127.0.0.1 - update base profile to generate vault certificate for all - create facts for use with vault_certs	2024-03-03 13:38:52 +11:00
Ben Vincent	9ea49bc48d	Merge pull request 'fix: ssl warning breaks puppet run' (#125 ) from neoloc/certmanager_ignore_ssl into develop Reviewed-on: unkinben/puppet-prod#125	2024-02-25 21:35:21 +09:30
Ben Vincent	36c2e6afaa	fix: ssl warning breaks puppet run - remove ssl warning for certmanager temporarily	2024-02-25 23:04:43 +11:00
Ben Vincent	8ec75e55fa	Merge pull request 'chore: updated vault_token' (#124 ) from neoloc/pki_token_vault into develop Reviewed-on: unkinben/puppet-prod#124	2024-02-25 21:02:50 +09:30
Ben Vincent	5b56767be7	chore: updated vault_token	2024-02-25 22:32:18 +11:00
Ben Vincent	0db9d01a20	Merge pull request 'chore: update vault policy' (#123 ) from neoloc/certmanager_defaults into develop Reviewed-on: unkinben/puppet-prod#123	2024-02-25 20:42:17 +09:30
Ben Vincent	6bcdda1a93	chore: update vault policy - updated vault policy for certificates	2024-02-25 22:11:31 +11:00
Ben Vincent	974c8ce71d	Merge pull request 'fix: restart vault-unseal' (#122 ) from neoloc/vault_unseal_on_change into develop Reviewed-on: unkinben/puppet-prod#122	2024-02-25 20:03:26 +09:30
Ben Vincent	d1f5d3c09e	fix: restart vault-unseal - restart vault-unseal when the unseal keys change	2024-02-25 21:32:01 +11:00
Ben Vincent	495b785518	Merge pull request 'fix: rebuild vault' (#121 ) from neoloc/vault_update_unseal into develop Reviewed-on: unkinben/puppet-prod#121	2024-02-25 19:51:21 +09:30
Ben Vincent	8112c07ba8	fix: rebuild vault - rebuilt vault, updated root token and unseak keys	2024-02-25 21:19:43 +11:00
Ben Vincent	b1083df6f1	Merge pull request 'fix: vault role fails on new servers' (#120 ) from neoloc/vault_initial into develop Reviewed-on: unkinben/puppet-prod#120	2024-02-25 19:43:04 +09:30
Ben Vincent	48e0bd6796	fix: vault role fails on new servers - vault server fails on new servers - move unseal class to be included after vault class	2024-02-25 21:06:37 +11:00
Ben Vincent	bc3084a1e7	Merge pull request 'feat: certmanager output as json' (#119 ) from neoloc/certmanager_json into develop Reviewed-on: unkinben/puppet-prod#119	2024-02-25 18:03:56 +09:30
Ben Vincent	f6110f534c	feat: certmanager output as json - prepare certmanager for pki::vault class - allow puppet to read certmanager config	2024-02-25 19:31:32 +11:00
Ben Vincent	4cdba982fe	Merge pull request 'feat: add certmanager helper' (#118 ) from neoloc/certmanager into develop Reviewed-on: unkinben/puppet-prod#118	2024-02-19 19:53:36 +09:30
Ben Vincent	7f03bc5c76	feat: add certmanager helper - add certmanager script and config.yaml file - install into pyenv for certmanager - deploy to puppet-masters only	2024-02-19 21:20:50 +11:00
Ben Vincent	cd369d8fef	Merge pull request 'refacter: renamed facts to libs' (#117 ) from neoloc/lib_module into develop Reviewed-on: unkinben/puppet-prod#117	2024-02-17 21:34:34 +09:30
Ben Vincent	1030ba460e	refacter: renamed facts to libs	2024-02-17 23:03:54 +11:00
Ben Vincent	e10bed689c	Merge pull request 'refacter: cleanup packages setup' (#116 ) from neoloc/package_changes into develop Reviewed-on: unkinben/puppet-prod#116	2024-02-17 21:30:49 +09:30
Ben Vincent	9be1e19900	Merge pull request 'fix: fact was misspelled' (#115 ) from neoloc/mariadb_fixes into develop Reviewed-on: unkinben/puppet-prod#115	2024-02-17 21:30:27 +09:30
Ben Vincent	1a33465c7a	Merge pull request 'refacter: tidy facts' (#114 ) from neoloc/move_facts into develop Reviewed-on: unkinben/puppet-prod#114	2024-02-17 21:29:55 +09:30
Ben Vincent	1f7b347ef4	refacter: tidy facts - create a facts module, move all facts to this module	2024-02-17 22:57:36 +11:00
Ben Vincent	12ff053c6d	refacter: cleanup packages setup	2024-02-17 22:49:32 +11:00
Ben Vincent	d92c13525c	fix: fact was misspelled - fixed fact name	2024-02-17 21:19:55 +11:00
Ben Vincent	73a21059f8	Merge pull request 'feat: add vault server profile' (#113 ) from neoloc/vault_server into develop Reviewed-on: unkinben/puppet-prod#113	2024-02-17 19:48:13 +09:30
Ben Vincent	fe05c86463	feat: add vault server profile - add vault module to puppetfile - define class to manage the install and config of vault - manage the datavol and raft storage - manage the unzip and other compression tools - define custom unseal script and service - add documentation on initial setup of vault	2024-02-17 21:12:12 +11:00
Ben Vincent	c690fe5816	Merge pull request 'fix: use fact to determine if selinux in use' (#112 ) from neoloc/selinux_enhancements into develop Reviewed-on: unkinben/puppet-prod#112	2024-02-11 19:38:59 +09:30
Ben Vincent	09291da89f	fix: use fact to determine if selinux in use	2024-02-11 21:05:48 +11:00
Ben Vincent	f8b30f335b	Merge pull request 'feat: add consul server profile' (#111 ) from neoloc/consul_server into develop Reviewed-on: unkinben/puppet-prod#111	2024-02-11 15:56:24 +09:30
Ben Vincent	8cb6b68b53	feat: add consul server profile - install/configure consul - install/configure dnsmasq as dns proxy for consul - add unkin yumrepo definition as source for consul - update datavol to ensure the /data volume is mounted	2024-02-11 17:12:35 +11:00
Ben Vincent	a0434fc7b5	Merge pull request 'feat: cleanup reposync conf files' (#110 ) from neoloc/cleanup_reposync_conf into develop Reviewed-on: unkinben/puppet-prod#110	2024-02-10 14:15:00 +09:30
Ben Vincent	71c316e7ae	feat: cleanup reposync conf files - add feature to /etc/reposync/conf.d to ensure the subfiles are cleaned up when they are not defined	2024-02-10 15:37:24 +11:00
Ben Vincent	d1c61dd13d	Merge pull request 'feat: cleanup almalinux 8.8 reposync' (#109 ) from neoloc/cleanup_alma8.8_repos into develop Reviewed-on: unkinben/puppet-prod#109	2024-02-10 14:03:24 +09:30
Ben Vincent	4bce524b49	Merge pull request 'feat: puppet wrapper replace dot' (#108 ) from neoloc/puppetwrapper_dot into develop Reviewed-on: unkinben/puppet-prod#108	2024-02-10 14:02:48 +09:30
Ben Vincent	a054a94d98	feat: puppet wrapper replace dot - set puppet wrapper to replace '.' with '_' in the branch name	2024-02-10 15:31:45 +11:00
Ben Vincent	974143c84e	Merge pull request 'fix: recursive restorecon for reposync' (#107 ) from neoloc/restorecon_repos into develop Reviewed-on: unkinben/puppet-prod#107	2024-02-10 13:50:35 +09:30
Ben Vincent	8332d4f374	fix: recursive restorecon for reposync - set reposync to restore selinux controls on all files in the new snap_path	2024-02-10 15:19:12 +11:00
Ben Vincent	6b11ea09c7	Merge pull request 'feat: add vault role' (#106 ) from neoloc/vault_role into develop Reviewed-on: unkinben/puppet-prod#106	2024-02-10 12:47:12 +09:30
Ben Vincent	d6eeed0b61	feat: add vault role - add basic vault role to begin building servers	2024-02-10 14:16:51 +11:00
Ben Vincent	5471294f1e	feat: cleanup almalinux 8.8 reposync - syncing almalinux 8.8 no longer required	2024-02-10 14:13:59 +11:00
Ben Vincent	27d6c15c80	Merge pull request 'feat: add consul role' (#105 ) from neoloc/consul_role into develop Reviewed-on: unkinben/puppet-prod#105	2024-02-06 21:23:33 +09:30
Ben Vincent	dc97d15ef9	feat: add consul role	2024-02-06 22:51:59 +11:00
Ben Vincent	2779de4b9d	Merge pull request 'feat: add haproxy role' (#103 ) from neoloc/haproxy_role into develop Reviewed-on: unkinben/puppet-prod#103	2024-01-07 17:05:22 +09:30
Ben Vincent	da53e28f0e	feat: add haproxy role - add infra::halb section for highly available load balancers	2024-01-07 18:34:34 +11:00
Ben Vincent	86a231b3ee	Merge pull request 'fix: fix minio certificate param' (#102 ) from neoloc/minio_undef into develop Reviewed-on: unkinben/puppet-prod#102	2024-01-05 20:31:55 +09:30
Ben Vincent	db23e203c6	fix: fix minio certificate param - change enum['string', undef] to an optional param so undef can be set	2024-01-05 22:00:10 +11:00
Ben Vincent	f2a9f40f7f	Merge pull request 'feat: add minio profile' (#101 ) from neoloc/minio_profile into develop Reviewed-on: unkinben/puppet-prod#101	2024-01-05 20:16:01 +09:30
Ben Vincent	d8751ac6c8	feat: add minio profile - add additional modules in Puppetfile - update puppetlabs-lvm to 2.1.0 - add facts.d base path to hieradata - add infra/storage and infra/storage/minio role data to hieradata - add new facts for minio setup status - add a static yaml minio-facts file to assist dynamic ruby facts - updated hiera with additional directories (country/{role,region})	2024-01-05 21:44:41 +11:00
Ben Vincent	f260b09d49	Merge pull request 'fix: fixed fact variables in hiera.yaml' (#100 ) from neoloc/hiera_variables into develop Reviewed-on: unkinben/puppet-prod#100	2023-12-28 16:01:46 +09:30
Ben Vincent	8e0ab95872	fix: fixed fact variables in hiera.yaml - replaced ${..} with %{..}	2023-12-28 17:30:26 +11:00
Ben Vincent	2b4e1e1d03	Merge pull request 'feat: remove boolean for bind::updater' (#99 ) from neoloc/add_bind_utils_woops into develop Reviewed-on: unkinben/puppet-prod#99	2023-12-26 15:02:29 +09:30
Ben Vincent	aabce289a4	feat: remove boolean for bind::updater - default to the default set by the module	2023-12-26 16:31:40 +11:00
Ben Vincent	a049338c9d	Merge pull request 'feat: install bind-utils' (#98 ) from neoloc/add_bind_utils into develop Reviewed-on: unkinben/puppet-prod#98	2023-12-26 14:58:10 +09:30
Ben Vincent	a144e4ec2d	feat: install bind-utils	2023-12-26 16:27:28 +11:00
Ben Vincent	920f12b45e	Merge pull request 'feat: add/update location facts' (#97 ) from neoloc/location_facts into develop Reviewed-on: unkinben/puppet-prod#97	2023-12-26 13:23:17 +09:30
Ben Vincent	dbec0222b3	feat: add/update location facts - add country fact, change region to exclude country string	2023-12-26 14:51:40 +11:00
Ben Vincent	42211ddf7d	Merge pull request 'feat: add new datavol' (#96 ) from neoloc/datavol_define into develop Reviewed-on: unkinben/puppet-prod#96	2023-12-24 12:45:36 +09:30
Ben Vincent	ff83769ffc	Merge pull request 'feat: add region fact' (#95 ) from neoloc/region_fact into develop Reviewed-on: unkinben/puppet-prod#95	2023-12-24 12:44:15 +09:30
Ben Vincent	7431ebf51c	feat: add region fact - add fact that maps primary ip subnet to a region code - defaults to 'lost' if there is no subnet to region mapping	2023-12-24 14:12:54 +11:00
Ben Vincent	0c1548fbd8	feat: add new datavol - add datavol define to replace the datavol class, which has more flexibility through additional params, and the ability to call it multiple times for multiple datavolumes	2023-12-24 12:54:09 +11:00
Ben Vincent	a0786f3f67	Merge pull request 'feat: add minio base role' (#94 ) from neoloc/minio_role into develop Reviewed-on: unkinben/puppet-prod#94	2023-12-22 17:47:47 +09:30
Ben Vincent	dcf83aa466	feat: add minio base role	2023-12-22 19:17:04 +11:00
Ben Vincent	2b1f20b4ca	Merge pull request 'fix: check for python3_version' (#93 ) from neoloc/node_lookup into develop Reviewed-on: unkinben/puppet-prod#93	2023-12-18 22:25:04 +09:30
Ben Vincent	f9562a9109	fix: check for python3_version - check for python3 version before attempting to setup node_lookup	2023-12-18 23:51:39 +11:00
Ben Vincent	b6c7e3fd2d	Merge pull request 'feat: add selinux support to puppetboard' (#92 ) from neoloc/nginx_selinux into develop Reviewed-on: unkinben/puppet-prod#92	2023-12-11 20:46:30 +09:30
Ben Vincent	bf729d9b11	feat: add selinux support to puppetboard - required to allow nginx to reach puppetdb	2023-12-11 22:14:45 +11:00
Ben Vincent	2d10f9e861	Merge pull request 'feat: manage ruby/puppet gems' (#91 ) from neoloc/puppetmaster_gems into develop Reviewed-on: unkinben/puppet-prod#91	2023-12-11 20:38:18 +09:30
Ben Vincent	5b75cf735a	feat: manage ruby/puppet gems - manage installation of puppet_gem packages for puppetmasters	2023-12-11 22:07:23 +11:00
Ben Vincent	7f270675b1	Merge pull request 'feat: add nodelookup' (#90 ) from neoloc/nodelookup into develop Reviewed-on: unkinben/puppet-prod#90	2023-12-11 19:47:23 +09:30
Ben Vincent	685d7db264	feat: add nodelookup - add helper script to make quering puppetdb easier and more efficient	2023-12-11 21:15:48 +11:00
Ben Vincent	6f088b04cc	Merge pull request 'feat: setup galera cluster member profile' (#89 ) from neoloc/mariadbgalera into develop Reviewed-on: unkinben/puppet-prod#89	2023-12-10 15:05:38 +09:30
Ben Vincent	d998fbd85a	Merge branch 'develop' into neoloc/mariadbgalera	2023-12-10 16:34:42 +11:00
Ben Vincent	11a98b16bb	feat: setup galera cluster member profile - add eyaml support for role - add /data volume for galera cluster members - create profiles::selinux namespace for defining selinux configuration - create profiles::selinux::mysqld for managing specifics for mysqld - create profiles::selinux::setenforce to manage selinux mode - parameterised options required in mysqld::server module - add mariadb repo - add additional facts for managing mysqld and galera	2023-12-10 16:31:57 +11:00
Ben Vincent	bfedbaca5f	Merge pull request 'fix: failed to test previously' (#88 ) from neoloc/mysql_wsrep_fact_invalid_next into develop Reviewed-on: unkinben/puppet-prod#88	2023-12-08 20:04:38 +09:30
Ben Vincent	a9aabfa161	fix: failed to test previously - change next's outside of a loop to a single if statement	2023-12-08 21:32:32 +11:00
Ben Vincent	c91e3e632e	Merge pull request 'feat: mysql wsrep_ facts' (#87 ) from neoloc/mysql_wsrep_fact into develop Reviewed-on: unkinben/puppet-prod#87	2023-12-08 19:56:09 +09:30
Ben Vincent	ebd20a5e5a	feat: mysql wsrep_ facts - add facts generated from mysql's wsrep status variables	2023-12-08 21:25:01 +11:00
Ben Vincent	d261e3348d	Merge pull request 'feat: add/remove capabilities for packages' (#86 ) from neoloc/base_packages_refactor into develop Reviewed-on: unkinben/puppet-prod#86	2023-12-03 16:38:17 +09:30
Ben Vincent	53c54f982a	Merge pull request 'feat: setup/manage dnf-autoupdate' (#85 ) from neoloc/dnf_autoupdate into develop Reviewed-on: unkinben/puppet-prod#85	2023-12-03 16:37:56 +09:30
Ben Vincent	d8ff9ddb11	feat: setup/manage dnf-autoupdate - create service to run dnf update - create timer to call the service - manage settings via params	2023-12-03 18:05:01 +11:00
Ben Vincent	8f04de2b52	feat: add/remove capabilities for packages - add deepmerge lookup_options - add packages to remove and packages to add to profiles::packages::base class	2023-12-03 17:24:58 +11:00
Ben Vincent	6e185ee248	Merge pull request 'feat: split agent service/package from config' (#84 ) from neoloc/split_puppet_agent into develop Reviewed-on: unkinben/puppet-prod#84	2023-12-03 15:20:51 +09:30
Ben Vincent	08c14c2329	feat: split agent service/package from config - split package/service from config so puppetservers agents can be managed in the same was as clients	2023-12-03 16:49:38 +11:00
Ben Vincent	e0d1ec8926	Merge pull request 'feat: add mirrorlist capability to reposyncer' (#83 ) from neoloc/reposyncer_mirrorlist into develop Reviewed-on: unkinben/puppet-prod#83	2023-12-02 22:51:25 +09:30
Ben Vincent	8a6b3ef0fb	feat: add mirrorlist capability to reposyncer - add mirrorlist param to reposyncer repos - update almalinux 8.8 repos to use mirrorlist - add almalinux 8.9 repos	2023-12-03 00:16:01 +11:00
Ben Vincent	7d415fd85e	Merge pull request 'feat: add cname for repos' (#82 ) from neoloc/repos_cname into develop Reviewed-on: unkinben/puppet-prod#82	2023-11-29 21:45:31 +09:30
Ben Vincent	1ccd8141ab	feat: add cname for repos	2023-11-29 23:13:17 +11:00
Ben Vincent	03d37db1e1	Merge pull request 'fix: wrong scheme for gpgkey' (#81 ) from neoloc/puppet7_repo_gpgkey into develop Reviewed-on: unkinben/puppet-prod#81	2023-11-27 22:09:03 +09:30
Ben Vincent	ae05b870aa	fix: wrong scheme for gpgkey - change gpg key for puppet7 from http:// to https://	2023-11-27 23:38:25 +11:00
Ben Vincent	1cf2a5a579	Merge pull request 'feat: fix selinux permissions each sync' (#80 ) from neoloc/selinx_for_reposync into develop Reviewed-on: unkinben/puppet-prod#80	2023-11-27 22:00:59 +09:30
Ben Vincent	e6a7006cb8	Merge pull request 'feat: update repositories to sync' (#79 ) from neoloc/psql_repos into develop Reviewed-on: unkinben/puppet-prod#79	2023-11-27 21:59:24 +09:30
Ben Vincent	cfec05f3c7	feat: update repositories to sync - remove epel modular - add postgresql 16 for rhel8 - add postgresql common for rhel8	2023-11-27 23:27:44 +11:00
Ben Vincent	705c02c3a1	feat: fix selinux permissions each sync - restorecon on each sync, to update selinux for new files/directories	2023-11-27 23:19:01 +11:00
Ben Vincent	e18103bda9	Merge pull request 'feat: add extra repositories' (#78 ) from neoloc/extra_repos into develop Reviewed-on: unkinben/puppet-prod#78	2023-11-27 17:37:19 +09:30
Ben Vincent	e183ee2b44	feat: add extra repositories - mariadb 11.2 - puppet el8	2023-11-27 18:57:42 +11:00
Ben Vincent	7aae7e22a3	Merge pull request 'feat: add galera role' (#76 ) from neoloc/mariadb into develop Reviewed-on: unkinben/puppet-prod#76	2023-11-21 19:31:05 +09:30
Ben Vincent	a0d1623286	feat: add galera role - add a base galera cluster member role - include mysql and galera modules	2023-11-21 21:00:12 +11:00
Ben Vincent	caffc7dff9	Merge pull request 'fix: resolve prometheus issues' (#75 ) from neoloc/prometheus_server into develop Reviewed-on: unkinben/puppet-prod#75	2023-11-21 18:53:37 +09:30
Ben Vincent	f204e0f7e6	Merge pull request 'feat: add base grafana role' (#74 ) from neoloc/grafana-base into develop Reviewed-on: unkinben/puppet-prod#74	2023-11-21 18:44:39 +09:30
Ben Vincent	609f9135df	feat: add base grafana role - include puppet-grafana module - infra::metrics::grafana role is currently clone of base	2023-11-21 20:13:14 +11:00
Ben Vincent	10a6085b84	fix: resolve prometheus issues - broken prometheus::server config, resolve conflicts - move hieradata for role to match role, not profile	2023-11-21 20:03:26 +11:00
Ben Vincent	c195ceae4f	Merge pull request 'feat: add prometheus server' (#73 ) from neoloc/prometheus into develop Reviewed-on: unkinben/puppet-prod#73	2023-11-21 18:10:36 +09:30
Ben Vincent	663b10e5a5	Merge branch 'develop' into neoloc/prometheus	2023-11-21 19:40:17 +11:00
Ben Vincent	a5207eb717	feat: add prometheus server - bump enc, include prometheus server nodes - add prometheus role and server class	2023-11-21 19:38:22 +11:00
Ben Vincent	530ffed55a	Merge pull request 'feat: add forwarding for 17.18.198.in-addr.arpa' (#72 ) from neoloc/reversedns_zone_forwarding into develop Reviewed-on: unkinben/puppet-prod#72	2023-11-18 18:52:43 +09:30
Ben Vincent	c34a2b2360	feat: add forwarding for 17.18.198.in-addr.arpa - add forward zone for 198.18.17.0/24 reverse dns zone	2023-11-18 20:21:27 +11:00
Ben Vincent	dd99e603c2	Merge pull request 'chore: reorganise reposync role' (#71 ) from neoloc/role_reorder_reposync into develop Reviewed-on: unkinben/puppet-prod#71	2023-11-18 18:44:10 +09:30
Ben Vincent	dd334da2b0	chore: reorganise reposync role	2023-11-18 20:08:16 +11:00
Ben Vincent	8e5831fbef	Merge pull request 'refactor: move puppet::* roles to infra::puppet' (#70 ) from neoloc/puppet_cleanup into develop Reviewed-on: unkinben/puppet-prod#70	2023-11-18 18:34:08 +09:30
Ben Vincent	ab1b031275	Merge branch 'develop' into neoloc/puppet_cleanup	2023-11-18 20:03:46 +11:00
Ben Vincent	460f9bc7e8	refactor: move puppet::* roles to infra::puppet - start creation on apps:: roles - reorganise hieradata to match role changes - remove tagging for enc repo	2023-11-18 20:00:58 +11:00
Ben Vincent	59d29e3036	Merge pull request 'chore: reorganise ntp server' (#69 ) from neoloc/ntp_cleanup into develop Reviewed-on: unkinben/puppet-prod#69	2023-11-18 18:10:18 +09:30
Ben Vincent	dffc97ad4c	chore: reorganise ntp server - bump enc to match changes - change ntp client to find servers through puppetdb query - changed default ntp servers to publicly available nodes	2023-11-18 19:18:14 +11:00
Ben Vincent	bae3d446b6	Merge pull request 'feat: setup metrics agents' (#68 ) from neoloc/node_exporter into develop Reviewed-on: unkinben/puppet-prod#68	2023-11-17 21:50:32 +09:30
Ben Vincent	92269ae94b	Merge branch 'develop' into neoloc/node_exporter	2023-11-17 23:20:02 +11:00
Ben Vincent	38961848bb	Merge pull request 'feat: find resolvers by role' (#67 ) from neoloc/resolvconf into develop Reviewed-on: unkinben/puppet-prod#67	2023-11-17 21:48:30 +09:30
Ben Vincent	6b9d9e6aa7	Merge branch 'develop' into neoloc/resolvconf	2023-11-17 23:17:59 +11:00
Ben Vincent	7cc1a1ddc0	Merge pull request 'feat: manage qemu-agent' (#66 ) from neoloc/qemuagent into develop Reviewed-on: unkinben/puppet-prod#66	2023-11-17 21:46:08 +09:30
Ben Vincent	a3c99e8058	Merge pull request 'feat: manage cloudinit' (#65 ) from neoloc/cloudinit into develop Reviewed-on: unkinben/puppet-prod#65	2023-11-17 21:45:50 +09:30
Ben Vincent	a21b7ffc96	feat: setup metrics agents - set puppet::puppetdb_api class to export puppetdb - set infra::dns::server class to export bind - set all to export node and systemd metrics	2023-11-17 23:12:37 +11:00
Ben Vincent	d6f3262836	feat: manage qemu-agent	2023-11-17 22:25:43 +11:00
Ben Vincent	8d80fa3c51	feat: manage cloudinit - add/remove cloud-init, default to remove	2023-11-17 22:17:24 +11:00
Ben Vincent	fdb13b7338	feat: find resolvers by role - use puppetdbquery module to query puppetdb for resolvers - move dns client config to profiles::dns::base - manage the /etc/resolv.conf file	2023-11-17 21:54:20 +11:00
Ben Vincent	da2e59a6ed	Merge pull request 'fix: enable dynamic/tsig updates' (#64 ) from neoloc/bind_tsigupdate into develop Reviewed-on: unkinben/puppet-prod#64	2023-11-16 20:15:45 +09:30
Ben Vincent	c996c9b7e3	fix: enable dynamic/tsig updates - add eyaml to hiera.yaml - consolidate all paths into single tree - change to new profiles::dns::client wrapper - change to new profiles::dns::record wrapper - change to use concat method to build zone file	2023-11-16 21:40:16 +11:00
Ben Vincent	4b0b2b1ed0	Merge pull request 'neoloc/bind_resolver' (#63 ) from neoloc/bind_resolver into develop Reviewed-on: unkinben/puppet-prod#63	2023-11-13 20:30:57 +09:30
Ben Vincent	d877fd00f3	chore: bump enc version unkinben/puppet-enc#27	2023-11-13 22:00:19 +11:00
Ben Vincent	49f31edb03	Merge branch 'develop' into neoloc/bind_resolver	2023-11-13 21:55:21 +11:00
Ben Vincent	76b54fc59d	feat: add dns resolver/master classes - define resolver and master dns server - export A and PTR records from dns clients - collect exported resources for master - create hiera structure for acls, zones and views	2023-11-13 21:42:57 +11:00
Ben Vincent	d71d97e5bf	Merge pull request 'fix: updated path for gpg keys' (#62 ) from neoloc/update_yum_repos_epel into develop Reviewed-on: unkinben/puppet-prod#62	2023-11-12 15:58:54 +09:30
Ben Vincent	b2844c4b3a	fix: updated path for gpg keys	2023-11-12 17:26:58 +11:00
Ben Vincent	133eeaa904	Merge pull request 'feat: change to use local mirror' (#61 ) from neoloc/update_yum_repos into develop Reviewed-on: unkinben/puppet-prod#61	2023-11-12 15:49:19 +09:30
Ben Vincent	cc77cc7ded	feat: change to use local mirror - change almalinux and epel *.repo files on nodes to use local package mirror - add option to purge yumrepo resources, default to true - add versionlocking to yum, enable it for puppet-agent	2023-11-12 17:17:59 +11:00
Ben Vincent	75ce927af9	Merge pull request 'fix: typo in repo url namne' (#60 ) from neoloc/repourl into develop Reviewed-on: unkinben/puppet-prod#60	2023-11-12 14:25:59 +09:30
Ben Vincent	1b78904588	fix: typo in repo url namne - change repo.main.unkin.net to repos.main.unkin.net	2023-11-12 15:55:19 +11:00
Ben Vincent	6276e18f70	Merge pull request 'fix: resolved issue with repodata' (#59 ) from neoloc/autosyncer_repodata into develop Reviewed-on: unkinben/puppet-prod#59	2023-11-12 14:19:34 +09:30
Ben Vincent	48ea444e7c	fix: resolved issue with repodata - repodata was being created in the wrong location - update script to create in the path where the new snap exists	2023-11-12 15:48:30 +11:00
Ben Vincent	3227ea0eed	Merge pull request 'chore: bump enc version' (#58 ) from neoloc/bump_enc_dnsroles into develop Reviewed-on: unkinben/puppet-prod#58	2023-11-12 13:13:19 +09:30
Ben Vincent	fa211925e4	chore: bump enc version - add new dns hosts, update dns roles	2023-11-12 14:42:38 +11:00
Ben Vincent	dd12726842	Merge pull request 'feat: add resolver/authoritive dns roles' (#57 ) from neoloc/bindserver into develop Reviewed-on: unkinben/puppet-prod#57	2023-11-12 13:11:56 +09:30
Ben Vincent	5276731d23	Merge pull request 'fix: datavol profile doesnt create the mountpoint' (#56 ) from neoloc/datavol_create_mountpath into develop Reviewed-on: unkinben/puppet-prod#56	2023-11-12 12:55:29 +09:30
Ben Vincent	823594fa05	Merge pull request 'chore: reorganise hieradata' (#55 ) from neoloc/reorganise_hiera into develop Reviewed-on: unkinben/puppet-prod#55	2023-11-12 12:34:02 +09:30
Ben Vincent	1999b96d24	Merge branch 'develop' into neoloc/reorganise_hiera - added the additional powertools repo	2023-11-12 14:03:00 +11:00
Ben Vincent	0071f74e60	chore: reorganise hieradata - move role specific hieradata into respective roles/* paths	2023-11-12 13:57:39 +11:00
unkinben	02976779c3	Merge pull request 'feat: add powertools repo to reposync' (#54 ) from neoloc/powertools_repo into develop Reviewed-on: unkinben/puppet-prod#54	2023-11-11 22:48:57 +09:30
Ben Vincent	2efde81fff	feat: add powertools repo to reposync - add http://mirror.aarnet.edu.au/pub/almalinux/8.8/PowerTools/x86_64/os/ to be synced and mirrored by reposync tools	2023-11-12 00:17:28 +11:00
Ben Vincent	79e37d9dae	Merge pull request 'refactor: move to ruby-script facts' (#53 ) from neoloc/additional_enc_facts into develop Reviewed-on: unkinben/puppet-prod#53	2023-11-11 22:15:42 +09:30
Ben Vincent	1b9a4f7832	refactor: move to ruby-script facts - change enc_role_path fact to be ruby - add enc_role_tier1, enc_role_tier2 and enc_role_tier3 - add new paths to hiera.yaml	2023-11-11 23:41:48 +11:00
Ben Vincent	1ff4611318	Merge branch 'develop' into neoloc/bind_resolver - bring up to speed with rest of repo	2023-11-11 21:48:44 +11:00
Ben Vincent	7da58059d2	feat: add resolver/authoritive dns roles - roles are currently empty, this just exists so I can branch off it and start building test servers with this role	2023-11-11 21:47:21 +11:00
unkinben	c3b8044e1c	Merge pull request 'chore: bump puppet-enc' (#52 ) from neoloc/bump_enc_ntpservers into develop Reviewed-on: unkinben/puppet-prod#52	2023-11-10 22:53:03 +09:30
Ben Vincent	aef3311fce	chore: bump puppet-enc - includes ntpservers in ntpserver role - unkinben/puppet-enc#25	2023-11-11 00:21:56 +11:00
unkinben	881bdd6f86	Merge pull request 'neoloc/ntpserver' (#51 ) from neoloc/ntpserver into develop Reviewed-on: unkinben/puppet-prod#51	2023-11-10 22:47:46 +09:30
Ben Vincent	9bfae72d2e	Merge branch 'develop' into neoloc/ntpserver	2023-11-11 00:14:03 +11:00
unkinben	ffdac8a7d9	Merge pull request 'feat: add enc_role_path fact' (#50 ) from neoloc/enc_role_path into develop Reviewed-on: unkinben/puppet-prod#50	2023-11-10 22:35:10 +09:30
Ben Vincent	f73c16bca2	feat: add enc_role_path fact	2023-11-11 00:03:12 +11:00
Ben Vincent	9cb730d116	feat: add ntp server/client - add ntp client and server class - add ntp server role - update hiera.yaml to work with enc_role - cleanup base profile	2023-11-10 23:59:10 +11:00
unkinben	11508f2538	Merge pull request 'feat: adding reposync wrapper and tooling' (#49 ) from neoloc/packagerepo into develop Reviewed-on: unkinben/puppet-prod#49	2023-11-09 20:39:53 +09:30
Ben Vincent	a913e44176	Merge branch 'develop' into neoloc/packagerepo	2023-11-09 22:09:24 +11:00
Ben Vincent	19836e2069	feat: adding reposync wrapper and tooling - add autosyncer/autopromoter scripts - add timer and service to initial sync process - add timer/service for daily/weekly/monthly autopromote - add define to manage each repo - add nginx webserver to share repos - add favion.ico if enabled - add selinux management, and packages for selinux - cleanup package management, sorting package groups into package classes	2023-11-08 23:16:56 +11:00
unkinben	7758252060	Merge pull request 'feat: add bash completion' (#48 ) from neoloc/bashcompletion into develop Reviewed-on: unkinben/puppet-prod#48	2023-11-08 20:34:06 +09:30
Ben Vincent	058cc25008	feat: add bash completion - quality of life addition to all hosts	2023-11-08 22:03:21 +11:00
Ben Vincent	d11dcc0b24	fix: datavol profile doesnt create the mountpoint - add file resource to create the required mountpath - add Array[Enum[]] for mount_options - fix mount to ensure the mount_options are used - remove pass and dump options, leave as defaults	2023-11-06 19:31:35 +11:00
Ben Vincent	f5ce438679	Merge pull request 'fix: variant regex results in error' (#47 ) from neoloc/datavol_size_pattern into develop Reviewed-on: unkinben/puppet-prod#47	2023-11-05 19:33:28 +09:30
Ben Vincent	cb9af5a2a8	fix: variant regex results in error - update the $size variant regex so it actually matches correctly - default $size to undef, which results in 100%FREE	2023-11-05 18:11:53 +11:00
Ben Vincent	29bc5f39ac	Merge pull request 'fix: bump enc' (#45 ) from neoloc/bump_enc into develop Reviewed-on: unkinben/puppet-prod#45	2023-11-05 16:25:13 +09:30
Ben Vincent	36142a3565	fix: bump enc unkinben/puppet-enc#24	2023-11-05 17:54:36 +11:00
Ben Vincent	b7b371a020	Merge pull request 'feat: adding base packagerepo role' (#44 ) from neoloc/packagerepo_role into develop Reviewed-on: unkinben/puppet-prod#44	2023-11-05 16:16:28 +09:30
Ben Vincent	1d1541419a	feat: adding base packagerepo role - create roles::infra::packagerepo - bump enc version	2023-11-05 17:45:13 +11:00
Ben Vincent	a81dec41d2	Merge pull request 'feat: add datavol class to manage /data' (#43 ) from neoloc/datavol into develop Reviewed-on: unkinben/puppet-prod#43	2023-11-05 16:11:16 +09:30
Ben Vincent	6bbc14136f	Merge branch 'develop' into neoloc/datavol	2023-11-05 17:40:19 +11:00
Ben Vincent	def2561e6c	feat: add datavol class to manage /data - included puppetlabs-lvm module - created profiles::base::datavol to: - create pv, vg, lv and format the filesystem and mount it	2023-11-05 17:37:10 +11:00
Ben Vincent	30e3afc163	Merge pull request 'feat: change enc repo to be tagged' (#42 ) from neoloc/enc_tagged_release into develop Reviewed-on: unkinben/puppet-prod#42	2023-11-04 19:14:17 +09:30
Ben Vincent	56518f1fcb	feat: change enc repo to be tagged - enc repository will download a specific tag - defaults to master - hiera set to release tag '0.1'	2023-11-04 20:36:08 +11:00
Ben Vincent	3f1694d283	Merge pull request 'feat: add motd and facts' (#41 ) from neoloc/motd_profile into develop Reviewed-on: unkinben/puppet-prod#41	2023-11-04 18:42:48 +09:30
Ben Vincent	0cc0bacad3	feat: add motd and facts - use parameters created by the enc to create external facts - use external facts to generate the motd - use features from unkinben/puppet-enc#22	2023-11-04 20:11:20 +11:00
Ben Vincent	dc4a4942c2	Merge pull request 'fix: debian puppet_version different to EL' (#38 ) from neoloc/puppet_version_per_os into develop Reviewed-on: unkinben/puppet-prod#38	2023-11-02 20:45:49 +09:30
Ben Vincent	a89a68bc61	fix: debian puppet_version different to EL - change puppet_version to be set per-os in hieradata	2023-11-02 22:14:38 +11:00
Ben Vincent	85a7dec11c	Merge pull request 'fix: digitalpacific epel repodata broken' (#37 ) from neoloc/epel_aarnet into develop Reviewed-on: unkinben/puppet-prod#37	2023-11-02 20:40:08 +09:30
Ben Vincent	75a66a3339	fix: digitalpacific epel repodata broken - change epel to read from aarnet	2023-11-02 22:08:00 +11:00
Ben Vincent	ca6f0abdc7	Merge pull request 'feat: add ceph osd/mds/mon roles' (#36 ) from neoloc/ceph_roles into develop Reviewed-on: unkinben/puppet-prod#36	2023-11-02 18:43:41 +09:30
Ben Vincent	5076d7383a	feat: add ceph osd/mds/mon roles - basic roles currently - will allow build of ceph to begin	2023-11-02 20:12:47 +11:00
Ben Vincent	89653912cb	Merge pull request 'feat: manage puppet clients' (#35 ) from neoloc/puppetclient into develop Reviewed-on: unkinben/puppet-prod#35	2023-10-29 18:59:52 +09:30
Ben Vincent	130669a130	feat: manage puppet clients - manage the service - manage the package, version lock it - deploy the /etc/puppetlabs/puppet/puppet.conf from template for puppet clients only	2023-10-29 20:26:39 +11:00
Ben Vincent	cf26d2d2e7	Merge pull request 'feat: add puppetboard role' (#34 ) from neoloc/puppetboard into develop Reviewed-on: unkinben/puppet-prod#34	2023-10-29 18:06:27 +09:30
Ben Vincent	46c3eb9597	feat: add puppetboard role - add nginx module to manage reverse proxy on host level - add puppetboard venv - add gunicorn instance - add script to start the gunicorn instance - add nginx vhost	2023-10-29 19:33:11 +11:00
unkinben	f8faad3ed6	Merge pull request 'feat: add features to puppet.conf' (#33 ) from neoloc/puppetconf into develop Reviewed-on: unkinben/puppet-prod#33	2023-10-23 21:09:29 +09:30
Ben Vincent	0171a82d58	feat: add features to puppet.conf - reports, for sending reports to puppetdb - usecacheonfailure, to show faulures in puppetboard (when set to false)	2023-10-23 22:37:41 +11:00
unkinben	ef0d865845	Merge pull request 'feat: split puppetdb role into api and sql' (#32 ) from neoloc/puppetdb2 into develop Reviewed-on: unkinben/puppet-prod#32	2023-10-22 20:30:43 +09:30
Ben Vincent	e682462917	feat: split puppetdb role into api and sql - add puppetdb_api and puppetdb_sql role - add puppetdb_api and puppetdb_sql profile - add prodinf01n05 to /etc/hosts file - set listen_address for all services to be hosts ip - set storeconfigs and storeconfigs_backend to be managed by puppetmaster profile	2023-10-22 21:55:50 +11:00
unkinben	58961d0399	Merge pull request 'feat: add firewalld management profile' (#31 ) from neoloc/firewalld into develop Reviewed-on: unkinben/puppet-prod#31	2023-10-22 18:27:38 +09:30
Ben Vincent	6bb52f2a15	feat: add firewalld management profile - basic profile to enable/disable, and install/remove - defaulting to enabled and installed, but set to disabled and removed in hiera	2023-10-22 19:54:10 +11:00
unkinben	cfe30823b4	Merge pull request 'fix: found typo in r10k script' (#30 ) from neoloc/r10k_typo into develop Reviewed-on: unkinben/puppet-prod#30	2023-10-22 00:02:43 +09:30
Ben Vincent	f772215630	fix: found typo in r10k script	2023-10-22 01:30:57 +11:00
unkinben	2faed5de72	Merge pull request 'fix: set the puppetdb_host correctly' (#29 ) from neoloc/puppetdb_server_loc into develop Reviewed-on: unkinben/puppet-prod#29	2023-10-21 23:17:00 +09:30
Ben Vincent	c6c36e8351	fix: set the puppetdb_host correctly - change the puppetdb::master::config from include to class statement - set the puppetdb_host value to match what is stored in hiera - disable firewall management on the puppetdb host	2023-10-22 00:40:12 +11:00
unkinben	92b73019cd	Merge pull request 'feat: add management of /etc/hosts' (#28 ) from neoloc/hostsfile into develop Reviewed-on: unkinben/puppet-prod#28	2023-10-21 23:05:30 +09:30
Ben Vincent	95434214a9	feat: add management of /etc/hosts - add class to manage the /etc/hosts file - add static hosts to /etc/hosts file via hiera array/hash	2023-10-22 00:34:22 +11:00
unkinben	aaee62afad	Merge pull request 'Added class to manage a default set of scripts' (#27 ) from neoloc/puppet_wrapper into develop Reviewed-on: unkinben/puppet-prod#27	2023-10-21 22:32:30 +09:30
Ben Vincent	e847954e03	Merge branch 'develop' into neoloc/puppet_wrapper	2023-10-22 00:00:52 +11:00
unkinben	6b7f531e11	Merge pull request 'feat: add sudo secure_path' (#26 ) from neoloc/sudo_securepath into develop Reviewed-on: unkinben/puppet-prod#26	2023-10-21 22:26:11 +09:30
Ben Vincent	86a6c1bd96	feat: add sudo secure_path - update the sudo class from an include to a definition - set the secure_path variable to include /usr/local/{bin,sbin}	2023-10-21 23:52:48 +11:00
unkinben	789ae2a508	Merge pull request 'Setup PuppetDB/Puppetboard' (#25 ) from neoloc/puppetdb into develop Reviewed-on: unkinben/puppet-prod#25	2023-10-21 22:01:07 +09:30
Ben Vincent	ac27a9ce0b	Merge branch 'develop' into neoloc/puppetdb	2023-10-21 23:30:40 +11:00
Ben Vincent	080cdd8884	Setup PuppetDB/Puppetboard - install modules required - puppetdb - postgresql - puppetboard - python - create new profiles to manage each item (puppetdb/puppetboard) - added puppetdb role - include the puppetdb::master::config in puppetmaster role - re-organised the puppetfile - moved python to be managed by the python module - added postgresql to list of managed repos	2023-10-21 23:11:40 +11:00
unkinben	b2a4ef2386	Merge pull request 'Account/Sudo management' (#24 ) from neoloc/sudo_initial_setup into develop Reviewed-on: unkinben/puppet-prod#24	2023-08-29 22:56:28 +09:30
Ben Vincent	2b11a9417c	Account/Sudo management - imported account and sudo puppet modules - created account management wrapper - defined sysadmin account, set to be created on all nodes - removed sudo from base packages as its managed by sudo module now	2023-08-29 23:25:10 +10:00
unkinben	f4b688b10e	Merge pull request 'Show commit version when applying puppet' (#23 ) from neoloc/show_commit_version into develop Reviewed-on: unkinben/puppet-prod#23	2023-08-29 21:25:10 +09:30
Ben Vincent	81784f819f	Show commit version when applying puppet - set the config_version in the environment.conf file	2023-08-29 21:53:11 +10:00
unkinben	ea7561a093	Merge pull request 'Adding a default environment' (#22 ) from feature/default_environment into develop Reviewed-on: unkinben/puppet-prod#22	2023-08-26 19:21:27 +09:30
Ben Vincent	d2fb3cff27	Merge branch 'develop' into feature/default_environment	2023-08-26 19:50:54 +10:00
unkinben	b8380ca2f2	Merge pull request 'Updated dns_alt_names for puppetmaster' (#21 ) from neoloc/dns_alt_names into develop Reviewed-on: unkinben/puppet-prod#21	2023-08-26 19:16:25 +09:30
Ben Vincent	afb30f9dce	Updated dns_alt_names for puppetmaster	2023-08-26 19:45:43 +10:00
Ben Vincent	116342bdaa	Added class to manage a default set of scripts - included scripts into profiles::base - updated hiera with list of scripts to create and their template name - created template for a puppet wrapper	2023-08-26 16:11:53 +10:00
Ben Vincent	efc769191e	Adding a default environment - set through puppet.conf - created symbolic link from develop -> production in code/environments - changed puppet-g10k script to be generated from a template - parameterised g10k into hieradata	2023-08-26 15:36:35 +10:00
unkinben	c1ddb00cbb	Merge pull request 'Updated autosign' (#20 ) from feature/autosign_comments into develop Reviewed-on: unkinben/puppet-prod#20	2023-08-26 00:31:41 +09:30
Ben Vincent	c96676e143	Updated autosign - added way to manage individual nodes - added defaults for domains, subnets and nodes - updated comments and doc	2023-08-26 01:00:31 +10:00
unkinben	9dab46ba5f	Merge pull request 'Changed to a simple autosign method' (#19 ) from feature/simple_autosign into develop Reviewed-on: unkinben/puppet-prod#19	2023-08-26 00:22:10 +09:30

promote develop to master #6

449 Commits