In D4026#62889, @dereckson wrote:

Note: we're deploying a third secret for CARP routers scripts. If we've already that code merged, we'll need to append a line to deploy that state too.

Mon, Mar 23, 14:26

Duranzed updated the diff for D3988: Configure strongSwan as IPsec implementation.

updated for loop syntax

Mon, Mar 23, 14:23

dereckson added a comment to D4026: Deploy or rotate Vault secrets.

Note: we're deploying a third secret for CARP routers scripts. If we've already that code merged, we'll need to append a line to deploy that state too.

Mon, Mar 23, 14:21

dereckson updated the summary of D2084: Usee Docker pillar information in nginx config.

Mon, Mar 23, 14:16

Duranzed updated the diff for D3988: Configure strongSwan as IPsec implementation.

Added router-002

Mon, Mar 23, 14:14

dereckson added a comment to D2084: Usee Docker pillar information in nginx config.

Next: try salt web-001 paas_docker.get_upstreams

Mon, Mar 23, 14:12

dereckson added inline comments to D3988: Configure strongSwan as IPsec implementation.

Mon, Mar 23, 14:08

dereckson retitled D2084: Usee Docker pillar information in nginx config from WIP: Use Docker pillar information in nginx config to Usee Docker pillar information in nginx config.

Mon, Mar 23, 14:04

Duranzed updated the diff for D3988: Configure strongSwan as IPsec implementation.

Removed cloudhugger

Mon, Mar 23, 14:04

dereckson updated the diff for D2084: Usee Docker pillar information in nginx config.

Rebased against current main for Alkane.

Mon, Mar 23, 14:04

dereckson moved T2289: https://infra.nasqueron.org/cd/dashboard without trailing slash doesn't serve CSS from Backlog to Next on the Servers board.

Mon, Mar 23, 14:01 · Jenkins, Tommy, Servers, Alkane

dereckson triaged T2289: https://infra.nasqueron.org/cd/dashboard without trailing slash doesn't serve CSS as Normal priority.

Mon, Mar 23, 14:00 · Jenkins, Tommy, Servers, Alkane

dereckson added a comment to D2084: Usee Docker pillar information in nginx config.

This change is interesting and should be rebased.

Mon, Mar 23, 13:34

dereckson added a comment to D2030: Enable federation on Pixelfed.

This configuration is for Pixelfed old versions.

Mon, Mar 23, 13:33

dereckson added a comment to D1524: WIP: Allow to manage phpBB containers.

Not sure today if we still want to deploy through Docker, or if we would target Alkane PaaS for Espace Win sites. It's also unknown if it brings value to put back the forum archive.

Mon, Mar 23, 13:29

dereckson added a comment to D1590: Serve zed51.dereckson.be.

Currently, zed51.dereckson.be serves a 500 error.

Mon, Mar 23, 13:28

dereckson closed T1817: Update pillar path for paas_docker.get_subnets as Resolved.

Mon, Mar 23, 10:02 · Salt

dereckson closed T1817: Update pillar path for paas_docker.get_subnets, a subtask of T2123: Fix tests for operations repository, as Resolved.

Mon, Mar 23, 10:02 · Technical debt, Servers

dereckson added a subtask for T2100: Switch to local delivery instead of mailgun: T786: Add PECL extension mailparse to Phabricator Docker image.

Mon, Mar 23, 10:02 · Nasqueron Operations Squad, DevCentral, Mail

dereckson added a parent task for T786: Add PECL extension mailparse to Phabricator Docker image: T2100: Switch to local delivery instead of mailgun.

Mon, Mar 23, 10:02 · good-first-issue, Docker images

dereckson added a comment to T786: Add PECL extension mailparse to Phabricator Docker image.

Tried to deploy on DevCentral - it's now an old container still using PHP 7.4.

Mon, Mar 23, 10:01 · good-first-issue, Docker images

dereckson created P395 mailparse build failure in devcentral container.

Mon, Mar 23, 09:59 · PHP 8.x support, Mail, DevCentral

dereckson closed T1475: Provision a mail server, a subtask of T4: Setup fauve services, as Resolved.

Mon, Mar 23, 09:45 · Servers, Mail, Grip migration

dereckson closed T1475: Provision a mail server as Resolved.

We can consider the mail server as deployed and create tasks for extra actions in the Mail projects.

Mon, Mar 23, 09:45 · Mail, Restricted Project, Servers

dereckson closed T1475: Provision a mail server, a subtask of T1476: Host @wolfplex.be mail, as Resolved.

Mon, Mar 23, 09:45 · Mail, Wolfplex migration

dereckson added a comment to T2099: Provision devcentral local configuration.

@DorianWinty Do we have everything in the configuration or is there some actionnables remaining?

Mon, Mar 23, 09:43 · Nasqueron Operations Squad, DevCentral

dereckson closed T1932: ViMbAdmin Provisioning, a subtask of T1475: Provision a mail server, as Resolved.

Mon, Mar 23, 09:43 · Mail, Restricted Project, Servers

dereckson closed T1932: ViMbAdmin Provisioning as Resolved.

Deployed and working fine.

Mon, Mar 23, 09:43 · Mail, Restricted Project, Servers

dereckson triaged T2288: Install memcached for ViMbAdmin as Low priority.

Mon, Mar 23, 09:41 · Restricted Project, Alkane, Mail

dereckson updated the task description for T1931: Dovecot Provisioning.

Mon, Mar 23, 09:38 · Mail, Restricted Project, Servers

dereckson closed T1931: Dovecot Provisioning, a subtask of T1475: Provision a mail server, as Resolved.

Mon, Mar 23, 09:38 · Mail, Restricted Project, Servers

dereckson closed T1931: Dovecot Provisioning as Resolved.

Dovecot deployed and working well.

Mon, Mar 23, 09:38 · Mail, Restricted Project, Servers

dereckson triaged T2287: Monitoring for Dovecot version mismatch as High priority.

Mon, Mar 23, 09:37 · Monitoring and reporting, Restricted Project, Mail, Servers

dereckson placed T238: JSTOR metadata aren't correctly parsed anymore up for grabs.

[ Resetting assignee of long-assigned tasks. Feel free to reassign when working on this. ]

Mon, Mar 23, 09:33 · User-xcombelle, Source templates generator

dereckson merged T1524: Monitor sudo files on servers into T2286: Detect configuration drift by computing difference between Salt states and deployed.

Mon, Mar 23, 09:09 · Salt

dereckson merged task T1524: Monitor sudo files on servers into T2286: Detect configuration drift by computing difference between Salt states and deployed.

Mon, Mar 23, 09:09 · Eglide, security, Servers

dereckson closed T1524: Monitor sudo files on servers as Wontfix.

With Salt, sudo files content are now managed from rOPS.

Mon, Mar 23, 09:09 · Eglide, security, Servers

dereckson triaged T2286: Detect configuration drift by computing difference between Salt states and deployed as High priority.

Mon, Mar 23, 09:09 · Salt

dereckson closed T1942: Allow Jenkins to trigger deployment through Salt as Wontfix.

Not a priority right now, as we use Alkane to trigger website deployments.

Mon, Mar 23, 08:59 · Continous integration and delivery, Salt

dereckson closed T1942: Allow Jenkins to trigger deployment through Salt, a subtask of T1750: Import FANTOIR database, as Wontfix.

Mon, Mar 23, 08:59 · Nasqueron Databases

dereckson closed T752: Salt configuration for White Rabbit as Resolved.

Mon, Mar 23, 08:58 · Salt, Servers, Nasqueron Docker deployment squad

dereckson added a comment to T1691: Allow to inspect Salt configuration.

Yesterday

dereckson triaged T2093: Move .browserlistrc file into a package.json section as Normal priority.

Sun, Mar 22, 23:59 · upsection

dereckson updated the task description for T2225: Reboot WindRiver.

Sun, Mar 22, 23:59 · Servers

dereckson triaged T2096: WindRiver Route to Drake private network Ignored as High priority.

Sun, Mar 22, 23:58 · Drake network, Servers

dereckson triaged T2107: j'aimerais avoir une présence permanente sur internet as Wishlist priority.

Sun, Mar 22, 23:58 · Eglide, security

dereckson closed D4019: Revert "Try to install Salt 3006.8 as test dependency".

Sun, Mar 22, 23:57

dereckson added a reverting change for D4001: Try to install Salt 3006.8 as test dependency: rOPSed41f887d991: Revert "Try to install Salt 3006.8 as test dependency".

Sun, Mar 22, 23:57

dereckson committed rOPSed41f887d991: Revert "Try to install Salt 3006.8 as test dependency" (authored by dereckson).

Revert "Try to install Salt 3006.8 as test dependency"

Sun, Mar 22, 23:57

dereckson added a reverting change for rOPSede81bc37383: Try to install Salt 3006.8 as test dependency: rOPSed41f887d991: Revert "Try to install Salt 3006.8 as test dependency".

Sun, Mar 22, 23:57

dereckson requested review of D4025: Prune OCSP artefact from Git ignore list.

Sun, Mar 22, 23:55

dereckson added a revision to T2116: Drop of OCSP Service: D4025: Prune OCSP artefact from Git ignore list.

Sun, Mar 22, 23:55 · Servers, Nasqueron Operations Squad

dereckson updated the task description for T2276: Automate CARP VIP MAC reassignment using devd and OVH API.

Sun, Mar 22, 23:47 · Monitoring and reporting, Python, Secure HA tunnels

dereckson added a comment to T2276: Automate CARP VIP MAC reassignment using devd and OVH API.

Ah, that's now what we need, nice for the script!

Sun, Mar 22, 23:43 · Monitoring and reporting, Python, Secure HA tunnels

dereckson closed D4016: Provision Vault policy for routers.

Sun, Mar 22, 23:41

dereckson committed rOPS7c907320cee6: Provision Vault policy for routers (authored by dereckson).

Provision Vault policy for routers

Sun, Mar 22, 23:41

dereckson added a comment to D4016: Provision Vault policy for routers.

Log from Terraform apply (grep router)

vault_policy.router: Creating...
module.router_approle.vault_approle_auth_backend_role.this: Creating...
module.router_approle.vault_approle_auth_backend_role.this: Creation complete after 0s [id=auth/approle/role/router]
module.router_approle.data.vault_approle_auth_backend_role_id.this: Reading...
module.router_approle.data.vault_approle_auth_backend_role_id.this: Read complete after 0s [id=auth/approle/role/router/role-id]
module.router_approle.vault_approle_auth_backend_role_secret_id.this: Creating...
vault_policy.router: Creation complete after 0s [id=router]
module.router_approle.vault_approle_auth_backend_role_secret_id.this: Creation complete after 1s [id=backend=approle::role=router::accessor=...]
module.router_approle.vault_kv_secret_v2.this: Creating...
module.router_approle.vault_kv_secret_v2.this: Creation complete after 0s [id=ops/data/secrets/network/router/vault]

Sun, Mar 22, 23:20

yousra accepted D4019: Revert "Try to install Salt 3006.8 as test dependency".

Sun, Mar 22, 22:45

yousra added a comment to T2276: Automate CARP VIP MAC reassignment using devd and OVH API.

The file /usr/local/etc/devd/carp.conf :

Sun, Mar 22, 21:33 · Monitoring and reporting, Python, Secure HA tunnels

yousra accepted D4016: Provision Vault policy for routers.

Sun, Mar 22, 21:16

dereckson added a comment to T2276: Automate CARP VIP MAC reassignment using devd and OVH API.

You can directly use variables in the action to pass interface and state with $subsystem and $type

Sun, Mar 22, 21:13 · Monitoring and reporting, Python, Secure HA tunnels

yousra added a comment to T2276: Automate CARP VIP MAC reassignment using devd and OVH API.

notify 0 {
    match "system" "CARP";
    match "subsystem" "[0-9]+@[0-9a-z.]+";
    match "type" "(MASTER|BACKUP)";
    action "/usr/local/scripts/carp-test.sh";
};

Sun, Mar 22, 20:24 · Monitoring and reporting, Python, Secure HA tunnels

dereckson closed T1697: Troubleshoot Openfire Docker image as Wontfix.

Closed as inactive.

Sun, Mar 22, 20:23 · Support, Docker images

dereckson added a comment to T1861: Configure static IPv6 on WindRiver.

Next: configure DNS records

Sun, Mar 22, 19:08 · security, Servers, IPv6

dereckson moved T2030: Provide wheel Python package for ruamel.yaml.clib in /opt/python from Backlog to Servers config on the Salt board.

Sun, Mar 22, 19:08 · Salt, Servers

dereckson placed T2030: Provide wheel Python package for ruamel.yaml.clib in /opt/python up for grabs.

This method works well, Salt automation is welcome.

Sun, Mar 22, 19:07 · Salt, Servers