chef.git
11 months agoConfigure modtile and renderd collectors
Tom Hughes [Sat, 26 Sep 2020 10:47:21 +0000 (11:47 +0100)]
Configure modtile and renderd collectors

11 months agoIgnore failures starting shorewall
Tom Hughes [Fri, 25 Sep 2020 07:24:21 +0000 (08:24 +0100)]
Ignore failures starting shorewall

11 months agoEnable firewall on tile caches
Tom Hughes [Thu, 24 Sep 2020 18:11:30 +0000 (19:11 +0100)]
Enable firewall on tile caches

11 months agoIgnore failures disabling shorewall
Tom Hughes [Thu, 24 Sep 2020 17:46:59 +0000 (18:46 +0100)]
Ignore failures disabling shorewall

11 months agoEnable firewall on rhaegal
Tom Hughes [Thu, 24 Sep 2020 17:10:02 +0000 (18:10 +0100)]
Enable firewall on rhaegal

11 months agoDisable firewall on rhaegal
Tom Hughes [Thu, 24 Sep 2020 16:53:04 +0000 (17:53 +0100)]
Disable firewall on rhaegal

11 months agoEnable firewall on meraxes
Tom Hughes [Thu, 24 Sep 2020 16:44:57 +0000 (17:44 +0100)]
Enable firewall on meraxes

11 months agoDisable firewall on tile caches
Tom Hughes [Thu, 24 Sep 2020 16:09:10 +0000 (17:09 +0100)]
Disable firewall on tile caches

11 months agoReport details of configured chef roles to prometheus
Tom Hughes [Thu, 24 Sep 2020 15:47:45 +0000 (16:47 +0100)]
Report details of configured chef roles to prometheus

12 months agoEnable tcpstat collector
Tom Hughes [Wed, 23 Sep 2020 23:14:35 +0000 (00:14 +0100)]
Enable tcpstat collector

12 months agoReport details of configured network interfaces to prometheus
Tom Hughes [Wed, 23 Sep 2020 21:26:08 +0000 (22:26 +0100)]
Report details of configured network interfaces to prometheus

12 months agoAttempt to fix test failures in mailman cookbook
Tom Hughes [Wed, 23 Sep 2020 20:47:26 +0000 (21:47 +0100)]
Attempt to fix test failures in mailman cookbook

12 months agoDon't try and update grub under test kitchen
Tom Hughes [Wed, 23 Sep 2020 20:40:57 +0000 (21:40 +0100)]
Don't try and update grub under test kitchen

12 months agoConfigure SMART collector for prometheus
Tom Hughes [Wed, 23 Sep 2020 17:15:17 +0000 (17:15 +0000)]
Configure SMART collector for prometheus

12 months agoAdd framework for provisioning textfile collectors for prometheus
Tom Hughes [Wed, 23 Sep 2020 16:22:43 +0000 (16:22 +0000)]
Add framework for provisioning textfile collectors for prometheus

12 months agoAdd passenger exporter
Tom Hughes [Tue, 22 Sep 2020 17:44:26 +0000 (17:44 +0000)]
Add passenger exporter

12 months agoAdd squid exporter
Tom Hughes [Tue, 22 Sep 2020 17:24:41 +0000 (17:24 +0000)]
Add squid exporter

12 months agoSet scrape URI for nginx monitoring
Tom Hughes [Tue, 22 Sep 2020 16:57:44 +0000 (17:57 +0100)]
Set scrape URI for nginx monitoring

12 months agoFix ruby 2.7 warning
Tom Hughes [Tue, 22 Sep 2020 16:50:44 +0000 (16:50 +0000)]
Fix ruby 2.7 warning

12 months agoAdd nginx exporter
Tom Hughes [Tue, 22 Sep 2020 16:42:13 +0000 (16:42 +0000)]
Add nginx exporter

12 months agoDisable device sandboxing for squid on idris
Tom Hughes [Tue, 22 Sep 2020 16:28:04 +0000 (17:28 +0100)]
Disable device sandboxing for squid on idris

12 months agoDisable wireguard on idris
Tom Hughes [Tue, 22 Sep 2020 15:33:02 +0000 (16:33 +0100)]
Disable wireguard on idris

12 months agoReduce cache memory on idris
Tom Hughes [Tue, 22 Sep 2020 15:32:22 +0000 (16:32 +0100)]
Reduce cache memory on idris

12 months agoEnable firewall on rimfaxe
Tom Hughes [Mon, 21 Sep 2020 23:29:21 +0000 (00:29 +0100)]
Enable firewall on rimfaxe

12 months agoEnable firewall on gorwen
Tom Hughes [Mon, 21 Sep 2020 22:53:38 +0000 (23:53 +0100)]
Enable firewall on gorwen

12 months agoFix typo
Tom Hughes [Mon, 21 Sep 2020 21:58:38 +0000 (22:58 +0100)]
Fix typo

12 months agoReduce cache memory on fuchur
Tom Hughes [Mon, 21 Sep 2020 21:47:45 +0000 (22:47 +0100)]
Reduce cache memory on fuchur

12 months agoDisable wireguard on fuchur
Tom Hughes [Mon, 21 Sep 2020 21:42:56 +0000 (22:42 +0100)]
Disable wireguard on fuchur

12 months agoDisable firewall on gorwen and rimfaxe
Tom Hughes [Mon, 21 Sep 2020 21:15:44 +0000 (22:15 +0100)]
Disable firewall on gorwen and rimfaxe

12 months agoSwitch to installing prometheus exporters from a custom git repository
Tom Hughes [Mon, 21 Sep 2020 19:18:53 +0000 (19:18 +0000)]
Switch to installing prometheus exporters from a custom git repository

12 months agoUse ffdhe2048 DH parameters from RFC 7919
Tom Hughes [Mon, 21 Sep 2020 18:30:10 +0000 (19:30 +0100)]
Use ffdhe2048 DH parameters from RFC 7919

Taken from latest Mozilla recomendations which prefer those
over generating your own parameters.

12 months agoUpdate chef client to 16.5.64
Tom Hughes [Sun, 20 Sep 2020 11:53:21 +0000 (12:53 +0100)]
Update chef client to 16.5.64

12 months agoWorkaround apparent bug in chef-client 16.5
Tom Hughes [Sun, 20 Sep 2020 10:25:38 +0000 (10:25 +0000)]
Workaround apparent bug in chef-client 16.5

12 months agoGo back to unmounting resolv.conf but prevent path canonicalisation
Tom Hughes [Sun, 20 Sep 2020 09:42:19 +0000 (09:42 +0000)]
Go back to unmounting resolv.conf but prevent path canonicalisation

12 months agoAdd memcached exporter
Tom Hughes [Sun, 20 Sep 2020 09:01:59 +0000 (09:01 +0000)]
Add memcached exporter

12 months agoFix cookstyle warnings
Tom Hughes [Sat, 19 Sep 2020 14:49:10 +0000 (15:49 +0100)]
Fix cookstyle warnings

12 months agoUpdate for changes in apache exporter
Tom Hughes [Sat, 19 Sep 2020 14:48:16 +0000 (15:48 +0100)]
Update for changes in apache exporter

12 months agoSwitch to installing prometheus exporters from github
Tom Hughes [Sat, 19 Sep 2020 14:08:29 +0000 (14:08 +0000)]
Switch to installing prometheus exporters from github

12 months agoFix typo
Tom Hughes [Sat, 19 Sep 2020 06:33:46 +0000 (07:33 +0100)]
Fix typo

12 months agoAttempt to fix test failures caused by crazy docker networking
Tom Hughes [Fri, 18 Sep 2020 21:55:31 +0000 (22:55 +0100)]
Attempt to fix test failures caused by crazy docker networking

12 months agoEnable process and interrupt collectors for the node exporter
Tom Hughes [Fri, 18 Sep 2020 21:35:12 +0000 (22:35 +0100)]
Enable process and interrupt collectors for the node exporter

12 months agoSilence update-smart-drivedb updates
Grant Slater [Fri, 18 Sep 2020 21:01:44 +0000 (22:01 +0100)]
Silence update-smart-drivedb updates

12 months agoFix update-smart-drivedb cron template issue
Grant Slater [Fri, 18 Sep 2020 20:58:00 +0000 (21:58 +0100)]
Fix update-smart-drivedb cron template issue

12 months agoRun smartmontools update-smart-drivedb occasionally
Grant Slater [Fri, 18 Sep 2020 20:54:52 +0000 (21:54 +0100)]
Run smartmontools update-smart-drivedb occasionally

12 months agoUpdate ruby-version to 2.7.1
Grant Slater [Fri, 18 Sep 2020 20:28:36 +0000 (21:28 +0100)]
Update ruby-version to 2.7.1

12 months agoEstabish tunnels between shenron and gateway machines
Tom Hughes [Fri, 18 Sep 2020 18:20:13 +0000 (19:20 +0100)]
Estabish tunnels between shenron and gateway machines

12 months agoTarget ruby 2.7 as that is what chef 16 uses
Tom Hughes [Fri, 18 Sep 2020 07:26:28 +0000 (08:26 +0100)]
Target ruby 2.7 as that is what chef 16 uses

12 months agoFix new cookstyle warnings
Tom Hughes [Fri, 18 Sep 2020 07:25:58 +0000 (08:25 +0100)]
Fix new cookstyle warnings

12 months agoMerge remote-tracking branch 'github/pull/343'
Tom Hughes [Fri, 18 Sep 2020 07:21:57 +0000 (08:21 +0100)]
Merge remote-tracking branch 'github/pull/343'

12 months agoBump cookstyle from 6.17.7 to 6.18.8
dependabot[bot] [Fri, 18 Sep 2020 05:01:10 +0000 (05:01 +0000)]
Bump cookstyle from 6.17.7 to 6.18.8

Bumps [cookstyle](https://github.com/chef/cookstyle) from 6.17.7 to 6.18.8.
- [Release notes](https://github.com/chef/cookstyle/releases)
- [Changelog](https://github.com/chef/cookstyle/blob/master/CHANGELOG.md)
- [Commits](https://github.com/chef/cookstyle/compare/v6.17.7...v6.18.8)

Signed-off-by: dependabot[bot] <support@github.com>
12 months agoConfigure server status URI for apache exporter
Tom Hughes [Thu, 17 Sep 2020 19:29:16 +0000 (20:29 +0100)]
Configure server status URI for apache exporter

12 months agoEnable NTP collector for prometheus node exporter
Tom Hughes [Thu, 17 Sep 2020 18:23:17 +0000 (18:23 +0000)]
Enable NTP collector for prometheus node exporter

12 months agoInstall prometheus apache exporter on machines running apache
Tom Hughes [Thu, 17 Sep 2020 17:52:10 +0000 (17:52 +0000)]
Install prometheus apache exporter on machines running apache

12 months agoEnable wireguard on jakelong
Tom Hughes [Thu, 17 Sep 2020 06:11:43 +0000 (07:11 +0100)]
Enable wireguard on jakelong

12 months agoFix prometheus test
Tom Hughes [Wed, 16 Sep 2020 19:57:32 +0000 (19:57 +0000)]
Fix prometheus test

12 months agoEnable firewall on drogon
Tom Hughes [Wed, 16 Sep 2020 18:47:12 +0000 (19:47 +0100)]
Enable firewall on drogon

12 months agoDisable firewall on drogon
Tom Hughes [Wed, 16 Sep 2020 18:20:10 +0000 (19:20 +0100)]
Disable firewall on drogon

12 months agoAdd wireguard keepalives to a few more machines
Tom Hughes [Wed, 16 Sep 2020 18:10:06 +0000 (19:10 +0100)]
Add wireguard keepalives to a few more machines

12 months agoAdd a keepalive for wireguard on longma
Tom Hughes [Wed, 16 Sep 2020 17:42:52 +0000 (18:42 +0100)]
Add a keepalive for wireguard on longma

12 months agoAdd brackets around IPv6 addresses
Tom Hughes [Wed, 16 Sep 2020 16:54:38 +0000 (17:54 +0100)]
Add brackets around IPv6 addresses

12 months agoInstall prometheus client everywhere
Tom Hughes [Wed, 16 Sep 2020 16:43:02 +0000 (17:43 +0100)]
Install prometheus client everywhere

12 months agoAllow prometheus to use wireguard or direct external connections
Tom Hughes [Wed, 16 Sep 2020 16:19:37 +0000 (17:19 +0100)]
Allow prometheus to use wireguard or direct external connections

12 months agoEnable wireguard support on all machines that support it
Tom Hughes [Wed, 16 Sep 2020 15:54:26 +0000 (16:54 +0100)]
Enable wireguard support on all machines that support it

12 months agoDeploy prometheus client to machines in Amsterdam
Tom Hughes [Wed, 16 Sep 2020 15:33:56 +0000 (16:33 +0100)]
Deploy prometheus client to machines in Amsterdam

12 months agoLabel targets with appropriate instance names
Tom Hughes [Wed, 16 Sep 2020 08:33:09 +0000 (09:33 +0100)]
Label targets with appropriate instance names

12 months agoMerge remote-tracking branch 'github/pull/342'
Tom Hughes [Wed, 16 Sep 2020 07:22:56 +0000 (08:22 +0100)]
Merge remote-tracking branch 'github/pull/342'

12 months agoBump test-kitchen from 2.7.0 to 2.7.1
dependabot[bot] [Wed, 16 Sep 2020 05:01:17 +0000 (05:01 +0000)]
Bump test-kitchen from 2.7.0 to 2.7.1

Bumps [test-kitchen](https://github.com/test-kitchen/test-kitchen) from 2.7.0 to 2.7.1.
- [Release notes](https://github.com/test-kitchen/test-kitchen/releases)
- [Changelog](https://github.com/test-kitchen/test-kitchen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/test-kitchen/test-kitchen/compare/v2.7.0...v2.7.1)

Signed-off-by: dependabot[bot] <support@github.com>
12 months agoConfigure SMTP for prometheus
Tom Hughes [Tue, 15 Sep 2020 21:16:28 +0000 (22:16 +0100)]
Configure SMTP for prometheus

12 months agoInstall grafana as an interface to prometheus
Tom Hughes [Tue, 15 Sep 2020 19:54:16 +0000 (19:54 +0000)]
Install grafana as an interface to prometheus

12 months agoGroup prometheus josb by exporter instead of client
Tom Hughes [Tue, 15 Sep 2020 18:04:32 +0000 (18:04 +0000)]
Group prometheus josb by exporter instead of client

12 months agoAllow wireguard connections from anywhere
Tom Hughes [Tue, 15 Sep 2020 16:32:22 +0000 (17:32 +0100)]
Allow wireguard connections from anywhere

12 months agoEnable wireguard access for tomh
Tom Hughes [Tue, 15 Sep 2020 16:23:50 +0000 (17:23 +0100)]
Enable wireguard access for tomh

12 months agoRemove a few legacy settings
Tom Hughes [Tue, 15 Sep 2020 16:23:21 +0000 (17:23 +0100)]
Remove a few legacy settings

12 months agoMerge remote-tracking branch 'github/pull/341'
Tom Hughes [Tue, 15 Sep 2020 07:04:17 +0000 (08:04 +0100)]
Merge remote-tracking branch 'github/pull/341'

12 months agoMerge remote-tracking branch 'github/pull/340'
Tom Hughes [Tue, 15 Sep 2020 07:04:13 +0000 (08:04 +0100)]
Merge remote-tracking branch 'github/pull/340'

12 months agoBump kitchen-dokken from 2.10.0 to 2.11.0
dependabot[bot] [Tue, 15 Sep 2020 05:01:41 +0000 (05:01 +0000)]
Bump kitchen-dokken from 2.10.0 to 2.11.0

Bumps [kitchen-dokken](https://github.com/someara/kitchen-dokken) from 2.10.0 to 2.11.0.
- [Release notes](https://github.com/someara/kitchen-dokken/releases)
- [Changelog](https://github.com/test-kitchen/kitchen-dokken/blob/master/CHANGELOG.md)
- [Commits](https://github.com/someara/kitchen-dokken/compare/v2.10.0...v2.11.0)

Signed-off-by: dependabot[bot] <support@github.com>
12 months agoBump cookstyle from 6.17.5 to 6.17.7
dependabot[bot] [Tue, 15 Sep 2020 05:01:19 +0000 (05:01 +0000)]
Bump cookstyle from 6.17.5 to 6.17.7

Bumps [cookstyle](https://github.com/chef/cookstyle) from 6.17.5 to 6.17.7.
- [Release notes](https://github.com/chef/cookstyle/releases)
- [Changelog](https://github.com/chef/cookstyle/blob/master/CHANGELOG.md)
- [Commits](https://github.com/chef/cookstyle/compare/v6.17.5...v6.17.7)

Signed-off-by: dependabot[bot] <support@github.com>
12 months agotrac: fix apache config typo
Grant Slater [Mon, 14 Sep 2020 20:50:10 +0000 (21:50 +0100)]
trac: fix apache config typo

12 months agotrac: Disable /timeline for now
Grant Slater [Mon, 14 Sep 2020 20:44:24 +0000 (21:44 +0100)]
trac: Disable /timeline for now

12 months agoRemove cleanup code
Tom Hughes [Mon, 14 Sep 2020 19:11:51 +0000 (20:11 +0100)]
Remove cleanup code

12 months agoConfigure v4 address for wireguard endpoints with an internal address
Tom Hughes [Mon, 14 Sep 2020 18:24:38 +0000 (19:24 +0100)]
Configure v4 address for wireguard endpoints with an internal address

12 months agoCleanup any old "normal" priority networking configuration
Tom Hughes [Mon, 14 Sep 2020 18:18:44 +0000 (19:18 +0100)]
Cleanup any old "normal" priority networking configuration

12 months agoFix configuration of wireguard keys on 18.04
Tom Hughes [Mon, 14 Sep 2020 18:07:24 +0000 (19:07 +0100)]
Fix configuration of wireguard keys on 18.04

12 months agoMake updating wireguard configuration work on 18.04
Tom Hughes [Mon, 14 Sep 2020 16:35:51 +0000 (17:35 +0100)]
Make updating wireguard configuration work on 18.04

12 months agoAdd routes to wireguard peers
Tom Hughes [Mon, 14 Sep 2020 16:32:15 +0000 (17:32 +0100)]
Add routes to wireguard peers

12 months agoUse correct network prefix for wireguard tunnels
Tom Hughes [Mon, 14 Sep 2020 16:25:50 +0000 (17:25 +0100)]
Use correct network prefix for wireguard tunnels

12 months agoStrip trailing newline from public key
Tom Hughes [Mon, 14 Sep 2020 16:25:21 +0000 (17:25 +0100)]
Strip trailing newline from public key

12 months agoGenerate wireguard addresses without systemd-id128
Tom Hughes [Mon, 14 Sep 2020 16:16:49 +0000 (16:16 +0000)]
Generate wireguard addresses without systemd-id128

12 months agoFix cookstyle warnings
Tom Hughes [Mon, 14 Sep 2020 15:59:55 +0000 (16:59 +0100)]
Fix cookstyle warnings

12 months agoReplace OpenVPN with wireguard for VPN tunnels
Tom Hughes [Sun, 13 Sep 2020 23:36:11 +0000 (23:36 +0000)]
Replace OpenVPN with wireguard for VPN tunnels

12 months agoAdd basic infrastructure for wireguard tunnels
Tom Hughes [Sat, 12 Sep 2020 14:29:52 +0000 (14:29 +0000)]
Add basic infrastructure for wireguard tunnels

12 months agotrace: Disallow all robots. Is no more. It has ceased to be.
Grant Slater [Sun, 13 Sep 2020 22:22:58 +0000 (23:22 +0100)]
trace: Disallow all robots. Is no more. It has ceased to be.

12 months agoOnly update the main openstreetmap.org domain during regular checks
Tom Hughes [Sun, 13 Sep 2020 16:48:03 +0000 (17:48 +0100)]
Only update the main openstreetmap.org domain during regular checks

12 months agodns: update dnscontrol to v3.3.0
Grant Slater [Sun, 13 Sep 2020 15:31:26 +0000 (16:31 +0100)]
dns: update dnscontrol to v3.3.0

12 months agoUpdate piwik to 3.14.1
Tom Hughes [Sat, 12 Sep 2020 11:12:49 +0000 (12:12 +0100)]
Update piwik to 3.14.1

12 months agoUpdate bundle
Tom Hughes [Fri, 11 Sep 2020 21:35:53 +0000 (22:35 +0100)]
Update bundle

12 months agoDon't try and dump tablespaces in mysql backups
Tom Hughes [Fri, 11 Sep 2020 17:34:29 +0000 (18:34 +0100)]
Don't try and dump tablespaces in mysql backups

12 months agoPrevent installation of prometheus-node-exporter-collectors
Tom Hughes [Fri, 11 Sep 2020 14:14:59 +0000 (15:14 +0100)]
Prevent installation of prometheus-node-exporter-collectors

12 months agoInstall basic prometheus node exporter on UCL machines
Tom Hughes [Fri, 11 Sep 2020 14:02:38 +0000 (15:02 +0100)]
Install basic prometheus node exporter on UCL machines

12 months agoConfigure tiamat-11 as a prometheus server
Tom Hughes [Fri, 11 Sep 2020 13:59:26 +0000 (14:59 +0100)]
Configure tiamat-11 as a prometheus server