itamae

Commit Graph

Author	SHA1	Message	Date
Kazuhiro MUSASHI	6ee0679c7c	Update the Vault tokens for the provisioning process. diff --git a/cookbooks/consul/files/etc/vault.d/tokens/roleid b/cookbooks/consul/files/etc/vault.d/tokens/roleid index 7ae456f..120be5a 100644 --- a/cookbooks/consul/files/etc/vault.d/tokens/roleid +++ b/cookbooks/consul/files/etc/vault.d/tokens/roleid @@ -1 +1 @@ -md5:1ae55d337df5f9dd4fffc187a183b0b2:salt:205-89-236-103-190-38-95-67:aes-256-cfb:Ma2d+BQ24dejEcakleRob9FbO/uXSyymKm3hMllr4BU89COZ6g== \ No newline at end of file +md5:d0bf5c103435e9c51e21752192e89575:salt:20-135-197-125-136-152-137-246:aes-256-cfb:aVa3ufSt0fr6iarjwajOHZZs4bGSOo38N577EEbCJwXNW/M41g== \ No newline at end of file diff --git a/cookbooks/consul/files/etc/vault.d/tokens/secretid b/cookbooks/consul/files/etc/vault.d/tokens/secretid index 8f6d625..45ffa4a 100644 --- a/cookbooks/consul/files/etc/vault.d/tokens/secretid +++ b/cookbooks/consul/files/etc/vault.d/tokens/secretid @@ -1 +1 @@ -md5:c5e23c82c19bfdbd585c22c2244d48c4:salt:159-101-196-196-176-220-40-108:aes-256-cfb:ddjwjLHE5NsLCVioXEv9oaJoGtpJ+P6FvVs6ecKK26eaI49ElQ== \ No newline at end of file +md5:ab19117b12b65eef5d46283a1f9d8430:salt:2-183-180-51-94-222-93-197:aes-256-cfb:hlO5lzU8SmLmqPjquIJgwEzSlM5w7ij8gGFZXJVY2yt0KNRqrw== \ No newline at end of file	2024-11-03 12:14:12 +09:00
Kazuhiro MUSASHI	eaa7ddcd32	Update DNS settings.	2024-11-03 10:56:38 +09:00
Kazuhiro MUSASHI	db10caca55	Delete `resolved.conf.2404`.	2024-11-02 16:56:12 +09:00
Kazuhiro MUSASHI	44325ace47	Change `Vault` tokens for enabling Consul Auto Config.	2024-07-15 18:47:02 +09:00
Kazuhiro MUSASHI	977648f95e	Change `consul` server IP addresses.	2024-07-15 18:45:25 +09:00
Kazuhiro MUSASHI	6d1e1599e3	Modify `dnsmasq` settings.	2024-06-10 11:42:42 +09:00
Kazuhiro MUSASHI	2063cf2f6c	Update HashiCorp APT sources.	2024-04-28 12:13:35 +09:00
Kazuhiro MUSASHI	cca3bc93d3	Update Hashicorp apt sources.	2024-04-06 17:31:12 +09:00
Kazuhiro MUSASHI	f2d4ec65c4	Modify the variable name.	2024-04-03 14:26:48 +09:00
Kazuhiro MUSASHI	8be3828b0f	For `vault agent` to function properly, add `HOME` environment variable.	2024-03-31 20:24:41 +09:00
Kazuhiro MUSASHI	63935ec789	Deploy `/etc/consul.d/server.hcl` only when the consul is server.	2024-03-31 09:45:42 +09:00
Kazuhiro MUSASHI	b4189939f8	Update `Consul` certificates.	2024-03-31 09:45:11 +09:00
Kazuhiro MUSASHI	cfdec27f89	Consul server setup	2024-02-11 18:55:30 +09:00
Kazuhiro MUSASHI	0af6e65b74	Change `Consul` client ACL token.	2023-12-09 16:56:09 +09:00
Kazuhiro MUSASHI	8074910452	Accumulative changes.	2023-06-24 21:38:14 +09:00
Kazuhiro MUSASHI	6f48a84591	Delete `supervisord` config for `Consul`.	2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI	1943fb5f09	Change logic to deploy `/etc/systemd/timesyncd.conf`.	2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI	1875e14f29	Update `/etc/dnsmasq.conf` & `/etc/systemd/resolved.conf` for `Ubuntu 22.04`.	2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI	6f18eed04e	Change the public key of HashiCorp apt key.	2023-01-28 10:34:54 +09:00
Kazuhiro MUSASHI	bc2f8128ff	`apt update`コマンドの実行回数を減らす	2022-08-11 12:21:39 +09:00
Kazuhiro MUSASHI	956cf439ee	Modify indent.	2022-07-10 16:28:49 +09:00
Kazuhiro MUSASHI	73f7ec44b7	Enable `Consul Connect` for client side.	2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI	48702191fe	Allow `Consul` gcp port to communicate. ``` --- a/cookbooks/consul/setup.rb +++ b/cookbooks/consul/setup.rb @@ -44,7 +44,7 @@ service 'consul' do end # iptables settings here: -%w( 8300/tcp 8301/tcp 8301/udp 8500/tcp ).each do \|port\| +%w( 8300/tcp 8301/tcp 8301/udp 8500/tcp 8502/tcp ).each do \|port\| execute "ufw allow #{port}" do user 'root' ```	2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI	c15c2f3de8	Start `Consul` after `Vault` generates the jwt token. ``` --- a/cookbooks/consul/files/etc/systemd/system/consul.service +++ b/cookbooks/consul/files/etc/systemd/system/consul.service @@ -2,7 +2,7 @@ Description="HashiCorp Consul - A service mesh solution" Documentation=https://www.consul.io/ Requires=network-online.target -After=network-online.target +After=network-online.target vault-agent-consul-jwt.target ConditionFileNotEmpty=/etc/consul.d/consul.hcl [Service] ```	2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI	94489f71d5	Modify `consul.hcl` template to support `Consul Connect`.	2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI	43fbbe1f18	Support `Ubuntu 22.04`.	2022-07-10 14:32:35 +09:00
Kazuhiro MUSASHI	010a53a58b	Deploy `nomad`.	2021-05-02 19:08:17 +09:00
Kazuhiro MUSASHI	de2aab1bb8	Change the `consul` server IP addresses.	2020-11-28 16:19:00 +09:00
Kazuhiro MUSASHI	7270023c92	Overwrite the `systemd` config to rotate the log files.	2020-11-28 16:18:46 +09:00
Kazuhiro MUSASHI	0e6c2ad531	Create log directory for `consul`.	2020-11-28 16:18:46 +09:00
Kazuhiro MUSASHI	41f25a9a1c	Deploy `/etc/consul.d/config.hcl`.	2020-11-28 16:16:52 +09:00
Kazuhiro MUSASHI	39f8fc5bc1	Install from `deb` package.	2020-11-28 16:07:12 +09:00
Kazuhiro MUSASHI	6315dc759e	Healthcheck for `consul`.	2020-10-24 12:30:05 +09:00
Kazuhiro MUSASHI	8b4b0eeb9e	Specify `dnsmasq` to check `consul` dns and the upper DNSs.	2020-10-13 21:18:37 +09:00
Kazuhiro MUSASHI	6706b9d4b1	Delete `monit` cookbook.	2020-10-13 21:12:27 +09:00
Kazuhiro MUSASHI	95ac2f5841	Delete `check-reboot-required`.	2020-09-23 23:52:40 +09:00
Kazuhiro MUSASHI	7ba084b71f	Use `/usr/local/bin/check_file`.	2020-09-22 23:46:14 +09:00
Kazuhiro MUSASHI	3c634b7dc3	Deploy `check_file_ script.	2020-09-22 23:46:13 +09:00
Kazuhiro MUSASHI	d57fbcbc93	Delete the monitoring settings for `consul`.	2019-11-25 00:09:04 +08:00
Kazuhiro MUSASHI	a4822fe9ef	Do not deploy the monitoring settings for `consul`	2019-11-25 00:08:20 +08:00
Kazuhiro MUSASHI	e0820892d4	Install `consul`, when finding a newer version.	2019-11-08 00:28:13 +08:00
Kazuhiro MUSASHI	d0dacca340	Exclude "127" and "172" (= Docker) IP addresses.	2019-10-26 23:07:20 +08:00
Kazuhiro MUSASHI	5b8e5b50ab	`192.168.10.0/24`セグメントのアドレスを指定する	2019-08-10 18:53:59 +08:00
Kazuhiro MUSASHI	39fbe6669b	initial commit	2019-03-03 16:50:49 +08:00

44 Commits