kazu634/itamae
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
474 Commits 2 Branches 0 Tags 35 MiB
89e2103696
Commit Graph

474 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kazuhiro MUSASHI
89e2103696 Change nginx build option. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
114e10758a Update /etc/lego/lego_run.sh. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
947cf0eb9d Bump nginx version. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
a00dd97b81 Properly handle HTTP 301 redirection. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
1943fb5f09 Change logic to deploy /etc/systemd/timesyncd.conf. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
1875e14f29 Update /etc/dnsmasq.conf & /etc/systemd/resolved.conf for Ubuntu 22.04. 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
c40dc83965 Update sshd_config & deploy sshd_config for Ubuntu 22.04: 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
78b98cdab6 Update 50unattended-upgrades and deploy 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
a773b4a1b5 Install systemd-timesyncd and add its config file: 
```
--- a/cookbooks/base/default.rb
+++ b/cookbooks/base/default.rb
@@ -80,6 +80,20 @@
 when "20.04", "22.04"
   service 'multipath-tools' do
     action :nothing
   end
+
+  package 'systemd-timesyncd'
+
+  service 'systemd-timesyncd' do
+    action :enable
+  end
+
+  remote_file '/etc/systemd/timesyncd.conf' do
+    owner 'root'
+    group 'root'
+    mode '0644'
+
+    notifies :restart, 'service[systemd-timesyncd]'
+  end
 end
```
 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
11bdc70327 Use node['platform_version'] & support Ubuntu 22.04 for timezone setting: 2023-01-28 10:37:37 +09:00
Kazuhiro MUSASHI
c6bfa2c09b Delete the recipes for Ubuntu 16.04. 2023-01-28 10:37:37 +09:00
kazu634
5290bd2198 Merge pull request 'Change the public key of HashiCorp apt key.' (#3) from hashicorp-apt-key into master 
Reviewed-on: #3
 2023-01-28 01:37:07 +00:00
Kazuhiro MUSASHI
6f18eed04e Change the public key of HashiCorp apt key. 2023-01-28 10:34:54 +09:00
kazu634
9b470077d7 Merge pull request 'Modify mc config.' (#2) from modify-mc-config into master 
Reviewed-on: #2
 2023-01-15 11:28:46 +00:00
Kazuhiro MUSASHI
320d990b51 Modify mc config. 2023-01-15 20:27:00 +09:00
kazu634
f2361aeee7 Merge pull request 'バージョンアップに伴い、Vectorの設定ファイルを修正' (#1) from vector-config-modification into master 
Reviewed-on: #1
 2022-12-30 03:16:51 +00:00
Kazuhiro MUSASHI
825fc30121 バージョンアップに伴い、Vectorの設定ファイルを修正 2022-12-30 12:10:38 +09:00
kazu634
7b69c4d54b Merge pull request 'Install embulk-filter-eval gem:' (#22) from add-embulk-gem into master 
Reviewed-on: #22
 2022-08-18 12:42:00 +00:00
Kazuhiro MUSASHI
6162f0171e Install embulk-filter-eval gem: 
```
--- a/cookbooks/embulk/setup.rb
+++ b/cookbooks/embulk/setup.rb
@@ -32,7 +32,7 @@ remote_file '/root/.ssh/config' do
 end

-%w(filter-column filter-row output-mysql output-postgresql input-mysql filter-gsub).each do |p|
+%w(filter-column filter-row output-mysql output-postgresql input-mysql filter-gsub filter-eval).each do |p|
   execute "embulk gem install embulk-#{p}" do
     user 'root'
```
 2022-08-18 21:40:21 +09:00
kazu634
c3fce114ee Merge pull request 'rcloneのインストールをやめる' (#21) from digdag-modification into master 
Reviewed-on: #21
 2022-08-18 12:38:16 +00:00
Kazuhiro MUSASHI
f34dfa1445 Do not install rclone. 2022-08-18 21:31:34 +09:00
kazu634
130c6046e3 Merge pull request 'apt updateコマンドの実行回数を減らす' (#20) from reduce-apt-update-execution into master 
Reviewed-on: #20
 2022-08-11 03:24:45 +00:00
Kazuhiro MUSASHI
bc2f8128ff apt updateコマンドの実行回数を減らす 2022-08-11 12:21:39 +09:00
kazu634
48d0e3be76 Merge pull request 'Modify permission of git hook.' (#19) from modify-permission-for-git-hook into master 
Reviewed-on: #19
 2022-08-07 11:50:42 +00:00
Kazuhiro MUSASHI
9d4cccb842 Modify permission of git hook. 2022-08-07 20:49:37 +09:00
kazu634
ee410103ac Merge pull request 'Starshipを用いてプロンプトをカスタマイズする' (#18) from use-starship-for-prompt into master 
Reviewed-on: #18
 2022-08-07 11:45:31 +00:00
Kazuhiro MUSASHI
8f63c7bf3f Deploy config file for starship. 2022-08-07 20:43:15 +09:00
Kazuhiro MUSASHI
a42048cc7d Install starship. 2022-08-07 20:43:15 +09:00
Kazuhiro MUSASHI
23dfb61e2d Change the git repository to gitea.kazu634.com. 2022-08-07 20:39:54 +09:00
kazu634
907b2363ea Merge pull request 'Deploy logrotate config for consul-template.' (#17) from log-rotation-for-consul-template into master 
Reviewed-on: #17
 2022-08-06 12:35:42 +00:00
Kazuhiro MUSASHI
ecf50c2bbc Deploy logrotate config for consul-template. 2022-08-06 21:34:48 +09:00
kazu634
f28d7eafc1 Merge pull request 'Ignore nodes/*.json:' (#16) from modify-gitignore into master 
Reviewed-on: #16
 2022-08-06 12:26:40 +00:00
Kazuhiro MUSASHI
e46264453c Ignore nodes/*.json: 
```
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,4 @@
 vendor
 *.swp
 .bundle/
-nodes/1*.json
+nodes/*.json
```
 2022-08-06 21:25:30 +09:00
kazu634
1ef33bd0c9 Merge pull request 'Create digdag role.' (#15) from digdag-role into master 
Reviewed-on: #15
 2022-08-06 12:23:24 +00:00
Kazuhiro MUSASHI
f4e095733f Create digdag role. 2022-08-06 21:21:20 +09:00
kazu634
efb354244a Merge pull request 'Ubuntu 22.04にembulkをインストールする' (#14) from embulk-installation-for-jammy into master 
Reviewed-on: #14
 2022-07-18 13:23:39 +00:00
Kazuhiro MUSASHI
4daca5a1cc Install embulk version 0.9.24: 
```
--- a/cookbooks/embulk/attributes.rb
+++ b/cookbooks/embulk/attributes.rb
@@ -7,7 +7,7 @@ ipaddr = run_command(cmd).stdout.chomp
 node.reverse_merge!({
   'embulk' => {
     'base_binary_url' => 'https://github.com/embulk/embulk/releases/download/v',
-    'version' => '0.9.23',
+    'version' => '0.9.24',
     'extension' => '.jar',
     'install_path' => '/opt/embulk'
   }
```
 2022-07-18 22:22:01 +09:00
Kazuhiro MUSASHI
a661d3cf0d Install OpenJDK 8 for Ubuntu 22.04. 2022-07-18 22:21:35 +09:00
kazu634
a86939bbb2 Merge pull request 'Add -y option flag to add-apt-repository' (#13) from add-y-flag-to-add-apt-repository into master 
Reviewed-on: #13
 2022-07-18 02:01:59 +00:00
Kazuhiro MUSASHI
f7b2c6bad1 Add -y option flag to add-apt-repository 
Due to the behaviour change, need to add `-y` option for
`add-apt-repository` command to operate without human interactions.
 2022-07-18 10:57:33 +09:00
kazu634
bf2336ee74 Merge pull request 'Modify consul-template directories:' (#12) from modify-consul-template-directory into master 
Reviewed-on: #12
 2022-07-10 07:42:16 +00:00
Kazuhiro MUSASHI
91a0c444b5 Modify consul-template directories: 
```
--- a/cookbooks/consul-template/setup.rb
+++ b/cookbooks/consul-template/setup.rb
@@ -1,6 +1,6 @@
 # Create `/var/log/vector`:
-%w( /etc/consul-template.d/conf /etc/consul-template.d/templates ).each do |d|
-  directory d do
+%w( conf templates tokens ).each do |d|
+  directory "/etc/consul-template.d/#{d}" do
     owner  'root'
     group  'root'
     mode   '0755'
```
 2022-07-10 16:35:21 +09:00
kazu634
d1297a02c9 Merge pull request 'Modify indent.' (#11) from modify-indent into master 
Reviewed-on: #11
 2022-07-10 07:30:03 +00:00
Kazuhiro MUSASHI
956cf439ee Modify indent. 2022-07-10 16:28:49 +09:00
kazu634
b8d053126c Merge pull request 'Consul Connect Support' (#4) from consul-connect-support into master 
Reviewed-on: #4
 2022-07-10 07:26:33 +00:00
Kazuhiro MUSASHI
73f7ec44b7 Enable Consul Connect for client side. 2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI
37d51b5ed5 Create /etc/vault.d/agent & /etc/vault.d/tokens directory. 
```
--- a/cookbooks/vault/default.rb
+++ b/cookbooks/vault/default.rb
@@ -2,6 +2,14 @@ include_recipe './attributes.rb'

 include_recipe './install.rb'

+%w( agent tokens ).each do |d|
+  directory "/etc/vault.d/#{d}" do
+    owner 'vault'
+    group 'vault'
+    mode '0755'
+  end
+end
+
 if node['vault']['manager']
   include_recipe './setup.rb'
 end
```
 2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI
48702191fe Allow Consul gcp port to communicate. 
```
--- a/cookbooks/consul/setup.rb
+++ b/cookbooks/consul/setup.rb
@@ -44,7 +44,7 @@ service 'consul' do
 end

 # iptables settings here:
-%w( 8300/tcp 8301/tcp 8301/udp 8500/tcp ).each do |port|
+%w( 8300/tcp 8301/tcp 8301/udp 8500/tcp 8502/tcp ).each do |port|
   execute "ufw allow #{port}" do
     user 'root'
```
 2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI
c15c2f3de8 Start Consul after Vault generates the jwt token. 
```
--- a/cookbooks/consul/files/etc/systemd/system/consul.service
+++ b/cookbooks/consul/files/etc/systemd/system/consul.service
@@ -2,7 +2,7 @@
 Description="HashiCorp Consul - A service mesh solution"
 Documentation=https://www.consul.io/
 Requires=network-online.target
-After=network-online.target
+After=network-online.target vault-agent-consul-jwt.target
 ConditionFileNotEmpty=/etc/consul.d/consul.hcl

 [Service]
```
 2022-07-10 16:22:28 +09:00
Kazuhiro MUSASHI
94489f71d5 Modify consul.hcl template to support Consul Connect. 2022-07-10 16:22:28 +09:00