kazu634/itamae
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
580 Commits 2 Branches 0 Tags 35 MiB
5eaf0d9143
Commit Graph

401 Commits

Author SHA1 Message Date
Kazuhiro MUSASHI
3657d7c698 Delete supervisor config for exporter_proxy. 2023-02-10 22:48:40 +09:00
Kazuhiro MUSASHI
0b4860279f Add alert rule for filestat_exporter. 2023-02-10 18:55:55 +09:00
Kazuhiro MUSASHI
f7eae0c857 Deploy systemd config for filestat_exporter. 2023-02-10 18:55:55 +09:00
Kazuhiro MUSASHI
080eda7535 Deploy logrotate config for filestat_exporter. 2023-02-10 18:55:55 +09:00
Kazuhiro MUSASHI
7887813153 Deploy rsyslog config for filestat_exporter. 2023-02-10 18:55:55 +09:00
Kazuhiro MUSASHI
9a8b53cd8f Modify typo 2023-02-07 23:11:49 +09:00
Kazuhiro MUSASHI
f6f354115d Deploy systemd config for filestat_exporter. 2023-02-07 23:11:49 +09:00
Kazuhiro MUSASHI
448ceda784 Delete supervisor config for filestat_exporter. 2023-02-07 23:10:28 +09:00
Kazuhiro MUSASHI
e859be7384 Add Prometheus mointoring rules for snmp_exporter and vector-snmp_exporter 2023-02-07 22:30:46 +09:00
Kazuhiro MUSASHI
2a78c5f1e6 Add systemd files for snmp_exporter and vector-snmp_exporter 2023-02-07 22:30:28 +09:00
Kazuhiro MUSASHI
3c27430e57 Deploy logrotate config for snmp_exporter. 2023-02-05 21:54:28 +09:00
Kazuhiro MUSASHI
a621b5d255 Deploy rsyslog config for snmp_exporter. 2023-02-05 21:54:28 +09:00
Kazuhiro MUSASHI
83484ff4a5 Deploy snmp_exporter service and enable it. 2023-02-05 20:41:12 +09:00
Kazuhiro MUSASHI
44cede10da Deploy systemd config for vector-node_exporter. 2023-02-05 19:50:38 +09:00
Kazuhiro MUSASHI
ccf94f0174 Deploy logrotate config for node_exporter. 2023-02-05 19:43:29 +09:00
Kazuhiro MUSASHI
7a0b2938be Deploy rsyslog config for node_exporter. 2023-02-05 19:20:14 +09:00
Kazuhiro MUSASHI
0bfd4a7d53 Deploy systemd config for node_exporter. 2023-02-05 19:09:26 +09:00
Kazuhiro MUSASHI
5bf5eac091 Add alert rule for node_exporter. 2023-02-05 19:07:02 +09:00
Kazuhiro MUSASHI
ceb75182df Do not use supervisor to start/stop node_exporter. 2023-02-05 19:03:29 +09:00
Kazuhiro MUSASHI
fd01843277 Update docker recipe. 2023-02-05 19:03:29 +09:00
Kazuhiro MUSASHI
bad580a4a0 Delete gitea recipe. 2023-02-05 14:25:16 +09:00
Kazuhiro MUSASHI
bb525658d6 Uppdate gitea recipe. 2023-02-05 14:19:23 +09:00
Kazuhiro MUSASHI
19240a2c7a Temporary fix 2023-02-05 14:03:59 +09:00
Kazuhiro MUSASHI
9175c284ec Update Vector config for syslog receiver. 2023-02-05 14:01:45 +09:00
Kazuhiro MUSASHI
7ddfc88518 Update /etc/vector/syslog.tom. 2023-02-05 13:58:57 +09:00
Kazuhiro MUSASHI
e509c531ae Add alert rules for systemd services. 2023-02-05 13:42:15 +09:00
Kazuhiro MUSASHI
9aca3252b6 Update alertmanager.yml. 2023-02-05 13:39:19 +09:00
Kazuhiro MUSASHI
b063cba98f Add logrotate file for digdag. 2023-02-05 11:13:03 +09:00
Kazuhiro MUSASHI
76357646f0 Add rsyslog file for digdag. 2023-02-05 11:13:03 +09:00
Kazuhiro MUSASHI
b3d014658a Deploy logrotate config for digdag. 2023-02-05 11:13:03 +09:00
Kazuhiro MUSASHI
4aaecfdcfd Add everun recipe. 2023-02-05 11:13:03 +09:00
Kazuhiro MUSASHI
227ddd9362 Delete unnecessary nginx service restart step. 2023-02-05 11:13:03 +09:00
Kazuhiro MUSASHI
9438dc34b4 Change the flag value so that it's intuitive. 2023-02-05 11:13:03 +09:00
Kazuhiro MUSASHI
955f3ab1ca Add shell scripts to generate TSL certificates. 2023-02-05 11:13:03 +09:00
Kazuhiro MUSASHI
d60426b355 Delete lego_run.sh. 2023-02-05 11:13:03 +09:00
Kazuhiro MUSASHI
211565df90 Delete blog-related files. 2023-02-05 11:13:03 +09:00
Kazuhiro MUSASHI
ba41bd9fe1 Do not install gitea. 2023-02-05 11:13:03 +09:00
Kazuhiro MUSASHI
d42b428427 Add everun.club-related files. 2023-02-05 11:13:03 +09:00
Kazuhiro MUSASHI
2063817821 Move webadm configuration parts to webadm.rb. 2023-02-05 11:13:03 +09:00
Kazuhiro MUSASHI
4c849d22c5 Monitor digdag log files. 2023-02-05 11:13:03 +09:00
Kazuhiro MUSASHI
b208ff620e Deploy digdag systemd file and enable digdag. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
e4282e28d7 Delete unnecesary supervisord steps. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
6f48a84591 Delete supervisord config for Consul. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
bde351eb5f Update /etc/grafana/grafana.ini setting. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
89e2103696 Change nginx build option. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
114e10758a Update /etc/lego/lego_run.sh. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
947cf0eb9d Bump nginx version. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
a00dd97b81 Properly handle HTTP 301 redirection. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
1943fb5f09 Change logic to deploy /etc/systemd/timesyncd.conf. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
1875e14f29 Update /etc/dnsmasq.conf & /etc/systemd/resolved.conf for Ubuntu 22.04. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
c40dc83965 Update sshd_config & deploy sshd_config for Ubuntu 22.04: 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
78b98cdab6 Update 50unattended-upgrades and deploy 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
a773b4a1b5 Install systemd-timesyncd and add its config file: 
```
--- a/cookbooks/base/default.rb
+++ b/cookbooks/base/default.rb
@@ -80,6 +80,20 @@
 when "20.04", "22.04"
   service 'multipath-tools' do
     action :nothing
   end
+
+  package 'systemd-timesyncd'
+
+  service 'systemd-timesyncd' do
+    action :enable
+  end
+
+  remote_file '/etc/systemd/timesyncd.conf' do
+    owner 'root'
+    group 'root'
+    mode '0644'
+
+    notifies :restart, 'service[systemd-timesyncd]'
+  end
 end
```
 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
11bdc70327 Use node['platform_version'] & support Ubuntu 22.04 for timezone setting: 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
c6bfa2c09b Delete the recipes for Ubuntu 16.04. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
6f18eed04e Change the public key of HashiCorp apt key. 2023-01-28 10:34:54 +09:00
Kazuhiro MUSASHI
320d990b51 Modify mc config. 2023-01-15 20:27:00 +09:00
Kazuhiro MUSASHI
825fc30121 バージョンアップに伴い、Vectorの設定ファイルを修正 2022-12-30 12:10:38 +09:00
Kazuhiro MUSASHI
6162f0171e Install embulk-filter-eval gem: 
```
--- a/cookbooks/embulk/setup.rb
+++ b/cookbooks/embulk/setup.rb
@@ -32,7 +32,7 @@ remote_file '/root/.ssh/config' do
 end

-%w(filter-column filter-row output-mysql output-postgresql input-mysql filter-gsub).each do |p|
+%w(filter-column filter-row output-mysql output-postgresql input-mysql filter-gsub filter-eval).each do |p|
   execute "embulk gem install embulk-#{p}" do
     user 'root'
```
 2022-08-18 21:40:21 +09:00
Kazuhiro MUSASHI
f34dfa1445 Do not install rclone. 2022-08-18 21:31:34 +09:00
Kazuhiro MUSASHI
bc2f8128ff apt updateコマンドの実行回数を減らす 2022-08-11 12:21:39 +09:00
Kazuhiro MUSASHI
9d4cccb842 Modify permission of git hook. 2022-08-07 20:49:37 +09:00
Kazuhiro MUSASHI
8f63c7bf3f Deploy config file for starship. 2022-08-07 20:43:15 +09:00
Kazuhiro MUSASHI
a42048cc7d Install starship. 2022-08-07 20:43:15 +09:00
Kazuhiro MUSASHI
23dfb61e2d Change the git repository to gitea.kazu634.com. 2022-08-07 20:39:54 +09:00
Kazuhiro MUSASHI
ecf50c2bbc Deploy logrotate config for consul-template. 2022-08-06 21:34:48 +09:00
Kazuhiro MUSASHI
4daca5a1cc Install embulk version 0.9.24: 
```
--- a/cookbooks/embulk/attributes.rb
+++ b/cookbooks/embulk/attributes.rb
@@ -7,7 +7,7 @@ ipaddr = run_command(cmd).stdout.chomp
 node.reverse_merge!({
   'embulk' => {
     'base_binary_url' => 'https://github.com/embulk/embulk/releases/download/v',
-    'version' => '0.9.23',
+    'version' => '0.9.24',
     'extension' => '.jar',
     'install_path' => '/opt/embulk'
   }
```
 2022-07-18 22:22:01 +09:00
Kazuhiro MUSASHI
a661d3cf0d Install OpenJDK 8 for Ubuntu 22.04. 2022-07-18 22:21:35 +09:00
Kazuhiro MUSASHI
f7b2c6bad1 Add -y option flag to add-apt-repository 
Due to the behaviour change, need to add `-y` option for
`add-apt-repository` command to operate without human interactions.
 2022-07-18 10:57:33 +09:00
Kazuhiro MUSASHI
91a0c444b5 Modify consul-template directories: 
```
--- a/cookbooks/consul-template/setup.rb
+++ b/cookbooks/consul-template/setup.rb
@@ -1,6 +1,6 @@
 # Create `/var/log/vector`:
-%w( /etc/consul-template.d/conf /etc/consul-template.d/templates ).each do |d|
-  directory d do
+%w( conf templates tokens ).each do |d|
+  directory "/etc/consul-template.d/#{d}" do
     owner  'root'
     group  'root'
     mode   '0755'
```
 2022-07-10 16:35:21 +09:00
Kazuhiro MUSASHI
956cf439ee Modify indent. 2022-07-10 16:28:49 +09:00
Kazuhiro MUSASHI
73f7ec44b7 Enable Consul Connect for client side. 2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI
37d51b5ed5 Create /etc/vault.d/agent & /etc/vault.d/tokens directory. 
```
--- a/cookbooks/vault/default.rb
+++ b/cookbooks/vault/default.rb
@@ -2,6 +2,14 @@ include_recipe './attributes.rb'

 include_recipe './install.rb'

+%w( agent tokens ).each do |d|
+  directory "/etc/vault.d/#{d}" do
+    owner 'vault'
+    group 'vault'
+    mode '0755'
+  end
+end
+
 if node['vault']['manager']
   include_recipe './setup.rb'
 end
```
 2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI
48702191fe Allow Consul gcp port to communicate. 
```
--- a/cookbooks/consul/setup.rb
+++ b/cookbooks/consul/setup.rb
@@ -44,7 +44,7 @@ service 'consul' do
 end

 # iptables settings here:
-%w( 8300/tcp 8301/tcp 8301/udp 8500/tcp ).each do |port|
+%w( 8300/tcp 8301/tcp 8301/udp 8500/tcp 8502/tcp ).each do |port|
   execute "ufw allow #{port}" do
     user 'root'
```
 2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI
c15c2f3de8 Start Consul after Vault generates the jwt token. 
```
--- a/cookbooks/consul/files/etc/systemd/system/consul.service
+++ b/cookbooks/consul/files/etc/systemd/system/consul.service
@@ -2,7 +2,7 @@
 Description="HashiCorp Consul - A service mesh solution"
 Documentation=https://www.consul.io/
 Requires=network-online.target
-After=network-online.target
+After=network-online.target vault-agent-consul-jwt.target
 ConditionFileNotEmpty=/etc/consul.d/consul.hcl

 [Service]
```
 2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI
94489f71d5 Modify consul.hcl template to support Consul Connect. 2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI
43fbbe1f18 Support Ubuntu 22.04. 2022-07-10 14:32:35 +09:00
Kazuhiro MUSASHI
ba7d01f16d Modify the logic to decide the download URL. 2022-07-03 21:36:19 +09:00
Kazuhiro MUSASHI
8f09026fed Modify Github repository URI from git to https. 2022-07-03 21:29:46 +09:00
Kazuhiro MUSASHI
4455fe6b62 Deploy /etc/logrotate.d/vault. 2022-07-02 11:40:31 +00:00
Kazuhiro MUSASHI
4a57c21614 Deploy example Consul Connect job. 2022-03-14 23:19:25 +09:00
Kazuhiro MUSASHI
ef40d3dc01 Create /etc/nomad.d/jobs 2022-03-14 23:19:25 +09:00
Kazuhiro MUSASHI
9a5a78d657 Deploy /etc/nomad.d/policies/anonymous.hcl. 2022-03-14 23:19:25 +09:00
Kazuhiro MUSASHI
ce7a80db7a Create /etc/nomad.d/policies/ directory. 2022-03-14 23:17:44 +09:00
Kazuhiro MUSASHI
a882f52b3f Delete shared_dir.rb. 2022-03-14 23:17:32 +09:00
Kazuhiro MUSASHI
64066ab78f Add consul stanza. 2022-03-14 23:17:12 +09:00
Kazuhiro MUSASHI
3bd4973c90 Deploy Vault policies. 2022-03-13 21:48:27 +09:00
Kazuhiro MUSASHI
cf79f30c4d Create /etc/vault.d/policies/. 2022-03-13 21:46:00 +09:00
Kazuhiro MUSASHI
da78e76d19 Deploy /etc/vault.d/vault.hcl. 2022-03-13 21:45:36 +09:00
Kazuhiro MUSASHI
7681522b6b Specify the default Vault managers. 
```
--- a/cookbooks/vault/attributes.rb
+++ b/cookbooks/vault/attributes.rb
@@ -21,5 +21,6 @@ node.reverse_merge!({
     'manager' => false,
     'ipaddr' => ipaddr,
     'hostname' => hostname,
+    'ips' => ['192.168.10.141', '192.168.10.142', '192.168.10.143'],
   }
 })
```
 2022-03-13 21:45:17 +09:00
Kazuhiro MUSASHI
67fab4951a Retrieve hostname. 2022-03-13 21:45:01 +09:00
Kazuhiro MUSASHI
6fa35a923b Retrieve IP address. 2022-03-13 21:44:18 +09:00
Kazuhiro MUSASHI
a917563b06 Conduct setup procedures, when explicitly requested. 2022-03-13 21:43:52 +09:00
Kazuhiro MUSASHI
28e3f21141 Install Vault. 2022-03-12 11:59:44 +00:00
Kazuhiro MUSASHI
2bec4d88f3 Do not deploy docker-registry.hcl. 2022-01-14 23:52:59 +09:00
Kazuhiro MUSASHI
8c712e6ffa Delete /etc/nomad.d/datadir.hcl. 2022-01-14 23:52:59 +09:00
Kazuhiro MUSASHI
5e176ff230 Modify /etc/nomad.d/client.hcl: 
```
--- a/cookbooks/nomad/files/etc/nomad.d/client.hcl
+++ b/cookbooks/nomad/files/etc/nomad.d/client.hcl
@@ -1,13 +1,3 @@
-# /etc/nomad.d/server.hcl
-
 client {
-  enabled          = true
-}
-
-plugin "docker" {
-  config {
-    volumes {
-      enabled = true
-    }
-  }
+  enabled        = true
 }
```
 2022-01-14 23:52:58 +09:00
Kazuhiro MUSASHI
935f773bca Deploy csi settings. 2022-01-14 23:52:58 +09:00
Kazuhiro MUSASHI
de06f5575c Add logrotated config for nomad log files. 
```
--- /dev/null
+++ b/cookbooks/nomad/files/etc/logrotate.d/nomad
@@ -0,0 +1,13 @@
+/var/log/nomad.log
+{
+        rotate 4
+        weekly
+        missingok
+        notifempty
+        compress
+        delaycompress
+        sharedscripts
+        postrotate
+                /usr/lib/rsyslog/rsyslog-rotate
+        endscript
+}
```
 2022-01-10 15:29:00 +09:00
Kazuhiro MUSASHI
dffb57e2fc Add rsyslog config for nomad. 2022-01-10 15:29:00 +09:00