pid_one_command: /bin/systemd
intermediate_instructions:
- RUN /usr/bin/apt-get update -y
- - name: debian-11
+ - name: debian-12
driver:
- image: dokken/debian-11
+ image: dokken/debian-12
privileged: true
pid_one_command: /bin/systemd
intermediate_instructions:
// Don't install recommended packages as we don't want to get
// new postgres versions automatically
APT::Install-Recommends "false";
+
+// Briefly wait for lock on dpkg/apt
+// to avoid concurrent issues with unattended-upgrades and apt daily
+DPkg::lock::timeout 90;
template "ohai.rb.erb"
end
-case node[:cpu][:"0"][:vendor_id]
-when "GenuineIntel"
- package "intel-microcode"
-when "AuthenticAMD"
- package "amd64-microcode"
+if node[:cpu] && node[:cpu][:"0"] && node[:cpu][:"0"][:vendor_id]
+ case node[:cpu][:"0"][:vendor_id]
+ when "GenuineIntel"
+ package "intel-microcode"
+ when "AuthenticAMD"
+ package "amd64-microcode"
+ end
end
if node[:dmi] && node[:dmi][:system]
notifies :run, "execute[update-initramfs]"
end
-package "haveged"
-service "haveged" do
- action [:enable, :start]
+# haveged is only required on older kernels
+# /dev/random is not blocking anymore in 5.15+
+if Chef::Util.compare_versions(node[:kernel][:release], [5, 15]).negative?
+ package "haveged"
+ service "haveged" do
+ action [:enable, :start]
+ end
+else
+ service "haveged" do
+ action [:stop, :disable]
+ end
+ package "haveged" do
+ action :remove
+ end
end
if node[:kernel][:modules].include?("ipmi_si")
imagery_layer "mappers_delight_lidar_dem_2019" do
site "lidar-hillshade-2019.openstreetmap.lu"
- projection "EPSG:3857"
- source "/data/imagery/lu/lidar-hillshade/dem-3857.tif"
- max_zoom 20
- title "OpenStreetMap.lu Mapper's Delight 2019 Lidar DEM"
- copyright 'Lidar data 2019 <a href="https://data.public.lu/fr/datasets/lidar-2019-releve-3d-du-territoire-luxembourgeois">Administration du Cadastre et de la Topographie Luxembourg</a>, DEM <a href="https://twitter.com/grischard">Guillaume Rischard</a>, CC0'
+ action :delete
end
imagery_layer "mappers_delight_lidar_hillshade_2019_reprojected" do
imagery_layer "ana_dtm_2017" do
site "ana-dtm-2017.openstreetmap.lu"
- projection "EPSG:3857"
- source "/data/imagery/lu/LUREF_NGL/lu_color_relief-epsg3857-compress.tif"
- max_zoom 21
- title "DTM"
- copyright '© 2017 <a href="https://data.public.lu/fr/datasets/digital-terrain-model-high-dem-resolution/">Administration de la Navigation Aérienne Luxembourg</a>, CC0'
+ action :delete
end
imagery_layer "ana_dtm_2017_hillshading" do
site "ana-dtm-2017.openstreetmap.lu"
- projection "EPSG:3857"
- source "/data/imagery/lu/LUREF_NGL/lu_hillshade_2017-epsg-3857-compress.tif"
- max_zoom 21
- title "DTM Hillshading (single light source)"
- copyright '© 2017 <a href="https://data.public.lu/fr/datasets/digital-terrain-model-high-dem-resolution/">Administration de la Navigation Aérienne Luxembourg</a>, CC0'
+ action :delete
end
imagery_layer "ana_dtm_2017_hillshading_multi" do
end
end
+package "systemd-resolved" do
+ action :install
+ only_if { platform?("ubuntu") && node[:lsb][:release].to_f > 22.04 || platform?("debian") && node[:lsb][:release].to_f > 11.0 }
+end
+
service "systemd-networkd" do
action [:enable, :start]
end
groups:
- name: amsterdam
rules:
+ - alert: uplink
+ expr: ifOperStatus{site="amsterdam",ifName=~"ge-[01]/2/2"} != 1
+ for: 6m
+ labels:
+ alertgroup: "amsterdam"
+ annotations:
+ status: "{{ $value }}"
- alert: pdu current draw
expr: rPDU2PhaseStatusCurrent{site="amsterdam",rPDU2PhaseStatusIndex="1"} / 10 > 28
for: 6m
failure_rate: "{{ $value }} jobs/s"
- name: dublin
rules:
+ - alert: uplink
+ expr: ifOperStatus{site="dublin",ifName=~"ge-[01]/2/2"} != 1
+ for: 6m
+ labels:
+ alertgroup: "dublin"
+ annotations:
+ status: "{{ $value }}"
- alert: pdu current draw
expr: rPDU2PhaseStatusCurrent{site="dublin",rPDU2PhaseStatusIndex="1"} / 10 > 28
for: 6m
projects / chef.git / commitdiff