kazu634
/
itamae
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
474 Commits 2 Branches 0 Tags 35 MiB
Commit Graph

474 Commits

Author SHA1 Message Date
Kazuhiro MUSASHI 89e2103696 Change `nginx` build option. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI 114e10758a Update `/etc/lego/lego_run.sh`. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI 947cf0eb9d Bump `nginx` version. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI a00dd97b81 Properly handle HTTP 301 redirection. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI 1943fb5f09 Change logic to deploy `/etc/systemd/timesyncd.conf`. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI 1875e14f29 Update `/etc/dnsmasq.conf` & `/etc/systemd/resolved.conf` for `Ubuntu 22.04`. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI c40dc83965 Update `sshd_config` & deploy `sshd_config` for `Ubuntu 22.04`: 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI 78b98cdab6 Update `50unattended-upgrades` and deploy 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI a773b4a1b5 Install `systemd-timesyncd` and add its config file: 
```
--- a/cookbooks/base/default.rb
+++ b/cookbooks/base/default.rb
@@ -80,6 +80,20 @@
 when "20.04", "22.04"
   service 'multipath-tools' do
     action :nothing
   end
+
+  package 'systemd-timesyncd'
+
+  service 'systemd-timesyncd' do
+    action :enable
+  end
+
+  remote_file '/etc/systemd/timesyncd.conf' do
+    owner 'root'
+    group 'root'
+    mode '0644'
+
+    notifies :restart, 'service[systemd-timesyncd]'
+  end
 end
```
 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI 11bdc70327 Use `node['platform_version']` & support `Ubuntu 22.04` for timezone setting: 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI c6bfa2c09b Delete the recipes for `Ubuntu 16.04`. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI 5290bd2198 Merge pull request 'Change the public key of HashiCorp apt key.' (#3) from hashicorp-apt-key into master 
Reviewed-on: #3
 2023-01-28 01:37:07 +00:00
Kazuhiro MUSASHI 6f18eed04e Change the public key of HashiCorp apt key. 2023-01-28 10:34:54 +09:00
Kazuhiro MUSASHI 9b470077d7 Merge pull request 'Modify `mc` config.' (#2) from modify-mc-config into master 
Reviewed-on: #2
 2023-01-15 11:28:46 +00:00
Kazuhiro MUSASHI 320d990b51 Modify `mc` config. 2023-01-15 20:27:00 +09:00
Kazuhiro MUSASHI f2361aeee7 Merge pull request 'バージョンアップに伴い、Vectorの設定ファイルを修正' (#1) from vector-config-modification into master 
Reviewed-on: #1
 2022-12-30 03:16:51 +00:00
Kazuhiro MUSASHI 825fc30121 バージョンアップに伴い、Vectorの設定ファイルを修正 2022-12-30 12:10:38 +09:00
Kazuhiro MUSASHI 7b69c4d54b Merge pull request 'Install `embulk-filter-eval` gem:' (#22) from add-embulk-gem into master 
Reviewed-on: #22
 2022-08-18 12:42:00 +00:00
Kazuhiro MUSASHI 6162f0171e Install `embulk-filter-eval` gem: 
```
--- a/cookbooks/embulk/setup.rb
+++ b/cookbooks/embulk/setup.rb
@@ -32,7 +32,7 @@ remote_file '/root/.ssh/config' do
 end

-%w(filter-column filter-row output-mysql output-postgresql input-mysql filter-gsub).each do |p|
+%w(filter-column filter-row output-mysql output-postgresql input-mysql filter-gsub filter-eval).each do |p|
   execute "embulk gem install embulk-#{p}" do
     user 'root'
```
 2022-08-18 21:40:21 +09:00
Kazuhiro MUSASHI c3fce114ee Merge pull request 'rcloneのインストールをやめる' (#21) from digdag-modification into master 
Reviewed-on: #21
 2022-08-18 12:38:16 +00:00
Kazuhiro MUSASHI f34dfa1445 Do not install `rclone`. 2022-08-18 21:31:34 +09:00
Kazuhiro MUSASHI 130c6046e3 Merge pull request '`apt update`コマンドの実行回数を減らす' (#20) from reduce-apt-update-execution into master 
Reviewed-on: #20
 2022-08-11 03:24:45 +00:00
Kazuhiro MUSASHI bc2f8128ff `apt update`コマンドの実行回数を減らす 2022-08-11 12:21:39 +09:00
Kazuhiro MUSASHI 48d0e3be76 Merge pull request 'Modify permission of `git` hook.' (#19) from modify-permission-for-git-hook into master 
Reviewed-on: #19
 2022-08-07 11:50:42 +00:00
Kazuhiro MUSASHI 9d4cccb842 Modify permission of `git` hook. 2022-08-07 20:49:37 +09:00
Kazuhiro MUSASHI ee410103ac Merge pull request 'Starshipを用いてプロンプトをカスタマイズする' (#18) from use-starship-for-prompt into master 
Reviewed-on: #18
 2022-08-07 11:45:31 +00:00
Kazuhiro MUSASHI 8f63c7bf3f Deploy config file for `starship`. 2022-08-07 20:43:15 +09:00
Kazuhiro MUSASHI a42048cc7d Install `starship`. 2022-08-07 20:43:15 +09:00
Kazuhiro MUSASHI 23dfb61e2d Change the `git` repository to `gitea.kazu634.com`. 2022-08-07 20:39:54 +09:00
Kazuhiro MUSASHI 907b2363ea Merge pull request 'Deploy `logrotate` config for `consul-template`.' (#17) from log-rotation-for-consul-template into master 
Reviewed-on: #17
 2022-08-06 12:35:42 +00:00
Kazuhiro MUSASHI ecf50c2bbc Deploy `logrotate` config for `consul-template`. 2022-08-06 21:34:48 +09:00
Kazuhiro MUSASHI f28d7eafc1 Merge pull request 'Ignore `nodes/*.json`:' (#16) from modify-gitignore into master 
Reviewed-on: #16
 2022-08-06 12:26:40 +00:00
Kazuhiro MUSASHI e46264453c Ignore `nodes/*.json`: 
```
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,4 @@
 vendor
 *.swp
 .bundle/
-nodes/1*.json
+nodes/*.json
```
 2022-08-06 21:25:30 +09:00
Kazuhiro MUSASHI 1ef33bd0c9 Merge pull request 'Create `digdag` role.' (#15) from digdag-role into master 
Reviewed-on: #15
 2022-08-06 12:23:24 +00:00
Kazuhiro MUSASHI f4e095733f Create `digdag` role. 2022-08-06 21:21:20 +09:00
Kazuhiro MUSASHI efb354244a Merge pull request 'Ubuntu 22.04にembulkをインストールする' (#14) from embulk-installation-for-jammy into master 
Reviewed-on: #14
 2022-07-18 13:23:39 +00:00
Kazuhiro MUSASHI 4daca5a1cc Install embulk version `0.9.24`: 
```
--- a/cookbooks/embulk/attributes.rb
+++ b/cookbooks/embulk/attributes.rb
@@ -7,7 +7,7 @@ ipaddr = run_command(cmd).stdout.chomp
 node.reverse_merge!({
   'embulk' => {
     'base_binary_url' => 'https://github.com/embulk/embulk/releases/download/v',
-    'version' => '0.9.23',
+    'version' => '0.9.24',
     'extension' => '.jar',
     'install_path' => '/opt/embulk'
   }
```
 2022-07-18 22:22:01 +09:00
Kazuhiro MUSASHI a661d3cf0d Install `OpenJDK 8` for Ubuntu 22.04. 2022-07-18 22:21:35 +09:00
Kazuhiro MUSASHI a86939bbb2 Merge pull request 'Add `-y` option flag to `add-apt-repository`' (#13) from add-y-flag-to-add-apt-repository into master 
Reviewed-on: #13
 2022-07-18 02:01:59 +00:00
Kazuhiro MUSASHI f7b2c6bad1 Add `-y` option flag to `add-apt-repository` 
Due to the behaviour change, need to add `-y` option for
`add-apt-repository` command to operate without human interactions.
 2022-07-18 10:57:33 +09:00
Kazuhiro MUSASHI bf2336ee74 Merge pull request 'Modify `consul-template` directories:' (#12) from modify-consul-template-directory into master 
Reviewed-on: #12
 2022-07-10 07:42:16 +00:00
Kazuhiro MUSASHI 91a0c444b5 Modify `consul-template` directories: 
```
--- a/cookbooks/consul-template/setup.rb
+++ b/cookbooks/consul-template/setup.rb
@@ -1,6 +1,6 @@
 # Create `/var/log/vector`:
-%w( /etc/consul-template.d/conf /etc/consul-template.d/templates ).each do |d|
-  directory d do
+%w( conf templates tokens ).each do |d|
+  directory "/etc/consul-template.d/#{d}" do
     owner  'root'
     group  'root'
     mode   '0755'
```
 2022-07-10 16:35:21 +09:00
Kazuhiro MUSASHI d1297a02c9 Merge pull request 'Modify indent.' (#11) from modify-indent into master 
Reviewed-on: #11
 2022-07-10 07:30:03 +00:00
Kazuhiro MUSASHI 956cf439ee Modify indent. 2022-07-10 16:28:49 +09:00
Kazuhiro MUSASHI b8d053126c Merge pull request 'Consul Connect Support' (#4) from consul-connect-support into master 
Reviewed-on: #4
 2022-07-10 07:26:33 +00:00
Kazuhiro MUSASHI 73f7ec44b7 Enable `Consul Connect` for client side. 2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI 37d51b5ed5 Create `/etc/vault.d/agent` & `/etc/vault.d/tokens` directory. 
```
--- a/cookbooks/vault/default.rb
+++ b/cookbooks/vault/default.rb
@@ -2,6 +2,14 @@ include_recipe './attributes.rb'

 include_recipe './install.rb'

+%w( agent tokens ).each do |d|
+  directory "/etc/vault.d/#{d}" do
+    owner 'vault'
+    group 'vault'
+    mode '0755'
+  end
+end
+
 if node['vault']['manager']
   include_recipe './setup.rb'
 end
```
 2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI 48702191fe Allow `Consul` gcp port to communicate. 
```
--- a/cookbooks/consul/setup.rb
+++ b/cookbooks/consul/setup.rb
@@ -44,7 +44,7 @@ service 'consul' do
 end

 # iptables settings here:
-%w( 8300/tcp 8301/tcp 8301/udp 8500/tcp ).each do |port|
+%w( 8300/tcp 8301/tcp 8301/udp 8500/tcp 8502/tcp ).each do |port|
   execute "ufw allow #{port}" do
     user 'root'
```
 2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI c15c2f3de8 Start `Consul` after `Vault` generates the jwt token. 
```
--- a/cookbooks/consul/files/etc/systemd/system/consul.service
+++ b/cookbooks/consul/files/etc/systemd/system/consul.service
@@ -2,7 +2,7 @@
 Description="HashiCorp Consul - A service mesh solution"
 Documentation=https://www.consul.io/
 Requires=network-online.target
-After=network-online.target
+After=network-online.target vault-agent-consul-jwt.target
 ConditionFileNotEmpty=/etc/consul.d/consul.hcl

 [Service]
```
 2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI 94489f71d5 Modify `consul.hcl` template to support `Consul Connect`. 2022-07-10 16:22:28 +09:00