Page MenuHomeDevCentral
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Oct 19 2017

dereckson created T1267: Set userlist.db chmod to avoid it's world readable.
Oct 19 2017, 22:11 · security, Odderon

Oct 15 2017

dereckson moved T853: Deploy a Let's encrypt certificate to the Mumble server from Backlog to Ops on the good-first-issue board.
Oct 15 2017, 12:02 · TLS certificates, good-first-issue, Mumble, security, Servers

Sep 9 2017

Sandlayth placed T853: Deploy a Let's encrypt certificate to the Mumble server up for grabs.
Sep 9 2017, 16:23 · TLS certificates, good-first-issue, Mumble, security, Servers

Sep 2 2017

dereckson moved T1228: Configure TLS for webserver-core role from Backlog to Analysis / under discussion on the Servers board.
Sep 2 2017, 11:52 · security, Servers
dereckson added a comment to T1228: Configure TLS for webserver-core role.

The more immediate and interesting question: should we drop TLS 1.0?

Sep 2 2017, 11:43 · security, Servers
dereckson added a comment to T1228: Configure TLS for webserver-core role.

The TLS imirhil report evaluates what they consider as the best practices.

Sep 2 2017, 11:40 · security, Servers
dereckson updated the task description for T1228: Configure TLS for webserver-core role.
Sep 2 2017, 11:37 · security, Servers
dereckson updated the task description for T1228: Configure TLS for webserver-core role.
Sep 2 2017, 11:28 · security, Servers
amj created T1228: Configure TLS for webserver-core role.
Sep 2 2017, 10:24 · security, Servers

May 24 2017

dereckson created T1211: Implement ACL to the exchanges/queues we can subscribe to in delivery API.
May 24 2017, 23:44 · Notifications center, security

Apr 27 2017

dereckson updated the task description for T930: Secrets to migrate from DevCentral to Vault.
Apr 27 2017, 17:47 · User-Dereckson, Vault, Nasqueron Operations Squad, security

Feb 6 2017

dereckson created P251 Configure automatic updates for Wordpress.
Feb 6 2017, 12:08 · security

Jan 31 2017

dereckson moved T1147: Secure gates with API keys or another authentication mechanism from Debt to New services on the Notifications center board.
Jan 31 2017, 23:03 · security, Notifications center
dereckson moved T1147: Secure gates with API keys or another authentication mechanism from Backlog to Debt on the Notifications center board.
Jan 31 2017, 23:03 · security, Notifications center
dereckson created T1147: Secure gates with API keys or another authentication mechanism.
Jan 31 2017, 23:02 · security, Notifications center
dereckson created T1145: Don't truncate passwords.
Jan 31 2017, 01:55 · C, security, Odderon

Jan 23 2017

dereckson closed T948: [Roadmap] Run periodically tests/prod-environment-behaves-correctly and report results as Resolved.
Jan 23 2017, 12:58 · security, Jenkins, User-Dereckson, Servers
dereckson closed T956: Install Notifications plugin on Jenkins, a subtask of T948: [Roadmap] Run periodically tests/prod-environment-behaves-correctly and report results, as Resolved.
Jan 23 2017, 12:56 · security, Jenkins, User-Dereckson, Servers
dereckson added a revision to T948: [Roadmap] Run periodically tests/prod-environment-behaves-correctly and report results: D631: Configuration for Jenkins.
Jan 23 2017, 12:56 · security, Jenkins, User-Dereckson, Servers
dereckson claimed T948: [Roadmap] Run periodically tests/prod-environment-behaves-correctly and report results.
  1. refactoring done.
  2. filtering partially done: only failure are reported, Jenkins notifies, we consume.
  3. to automate without human assertion system status isn't currently considered as valuable
Jan 23 2017, 12:52 · security, Jenkins, User-Dereckson, Servers

Jan 21 2017

dereckson closed T1120: Switch agora.nasqueron.org to HTTPS only as Resolved.

Redirect to SSL web server configuration

Jan 21 2017, 13:30 · security, Agora
dereckson updated the task description for T1120: Switch agora.nasqueron.org to HTTPS only.
Jan 21 2017, 13:23 · security, Agora

Jan 15 2017

dereckson updated the task description for T1109: Switch all OAuth GitHub applications to Nasqueron organization accounts.
Jan 15 2017, 08:22 · Auth Grove, User-Dereckson, security, Nasqueron Operations Squad
dereckson added a comment to T1109: Switch all OAuth GitHub applications to Nasqueron organization accounts.

nasqueron-devcentral transferred

Jan 15 2017, 08:22 · Auth Grove, User-Dereckson, security, Nasqueron Operations Squad
dereckson updated the task description for T1109: Switch all OAuth GitHub applications to Nasqueron organization accounts.
Jan 15 2017, 08:03 · Auth Grove, User-Dereckson, security, Nasqueron Operations Squad
dereckson added projects to T1109: Switch all OAuth GitHub applications to Nasqueron organization accounts: Nasqueron Operations Squad, security.
Jan 15 2017, 07:59 · Auth Grove, User-Dereckson, security, Nasqueron Operations Squad

Jan 14 2017

dereckson closed T1103: SMTP mail.nasqueron.org requires STARTTLS while RFC 2487 and RFC 3207 forbid this behavior as Resolved.

/etc/postfix/main.cf setting has been switched back to smtpd_tls_security_level = may, mail server restarted.

Jan 14 2017, 07:57 · security, Mail
dereckson added a project to T1103: SMTP mail.nasqueron.org requires STARTTLS while RFC 2487 and RFC 3207 forbid this behavior: security.
Jan 14 2017, 07:53 · security, Mail

Jan 12 2017

dereckson moved T619: Allow to control from TC2 the Docker engine from Wikidata to TC2 on the Dæghrefn board.
Jan 12 2017, 04:51 · Operations sprints (Operations sprint 1), security, Nasqueron Docker deployment squad, Servers, Dæghrefn
dereckson moved T619: Allow to control from TC2 the Docker engine from Backlog to Wikidata on the Dæghrefn board.
Jan 12 2017, 04:43 · Operations sprints (Operations sprint 1), security, Nasqueron Docker deployment squad, Servers, Dæghrefn

Dec 24 2016

dereckson closed T822: SSL certificates: migrate from Startcom to Let's encrypt as Resolved.

Done this night for both.

Dec 24 2016, 03:53 · TLS certificates, Servers, security
dereckson closed T654: Apply Let's encrypt SSL certificates for *.nasqueron.org as Resolved.
Dec 24 2016, 03:51 · TLS certificates, security, Servers
dereckson closed T654: Apply Let's encrypt SSL certificates for *.nasqueron.org, a subtask of T822: SSL certificates: migrate from Startcom to Let's encrypt, as Resolved.
Dec 24 2016, 03:51 · TLS certificates, Servers, security

Dec 20 2016

dereckson added a comment to T822: SSL certificates: migrate from Startcom to Let's encrypt.

I've checked the current state of the migration. We only have two certificates remaining and we're done:

Dec 20 2016, 17:32 · TLS certificates, Servers, security

Nov 24 2016

Sandlayth claimed T853: Deploy a Let's encrypt certificate to the Mumble server.
Nov 24 2016, 18:00 · TLS certificates, good-first-issue, Mumble, security, Servers

Nov 6 2016

dereckson added a revision to T853: Deploy a Let's encrypt certificate to the Mumble server: D691: Allow to update Mumble server certificates.
Nov 6 2016, 19:09 · TLS certificates, good-first-issue, Mumble, security, Servers
dereckson placed T853: Deploy a Let's encrypt certificate to the Mumble server up for grabs.

Current status

Nov 6 2016, 19:07 · TLS certificates, good-first-issue, Mumble, security, Servers
dereckson updated the task description for T853: Deploy a Let's encrypt certificate to the Mumble server.
Nov 6 2016, 19:04 · TLS certificates, good-first-issue, Mumble, security, Servers
dereckson moved T853: Deploy a Let's encrypt certificate to the Mumble server from In progress to Backlog on the User-Dereckson board.
Nov 6 2016, 19:02 · TLS certificates, good-first-issue, Mumble, security, Servers

Nov 3 2016

dereckson moved T853: Deploy a Let's encrypt certificate to the Mumble server from Needs Review / Blocked / Waiting to In progress on the User-Dereckson board.
Nov 3 2016, 03:00 · TLS certificates, good-first-issue, Mumble, security, Servers
dereckson added a comment to T853: Deploy a Let's encrypt certificate to the Mumble server.

Currently, configuration file contains the following instructions:

Nov 3 2016, 02:53 · TLS certificates, good-first-issue, Mumble, security, Servers
dereckson added a comment to T853: Deploy a Let's encrypt certificate to the Mumble server.
In T853#9085, @dereckson wrote:

We need a script to automate the process.

Nov 3 2016, 01:40 · TLS certificates, good-first-issue, Mumble, security, Servers

Oct 11 2016

Sandlayth closed T1023: Upgrade Docker images to PHP 5.6.26 as Resolved by committing rDPHPFPMb8aa90c6ee46: Upgrade to PHP 5.6.26.
Oct 11 2016, 12:30 · security, Docker images

Oct 10 2016

Sandlayth added a revision to T1023: Upgrade Docker images to PHP 5.6.26: D684: Upgrade to PHP 5.6.26.
Oct 10 2016, 21:08 · security, Docker images
dereckson raised the priority of T1023: Upgrade Docker images to PHP 5.6.26 from Normal to High.

5.6.26 is a security release according the changelog.

Oct 10 2016, 21:06 · security, Docker images

Sep 12 2016

dereckson closed T1016: MySQL external support on Ysul as Resolved.
Sep 12 2016, 04:26 · security, Servers, User-Dereckson
dereckson created T1016: MySQL external support on Ysul.
Sep 12 2016, 01:05 · security, Servers, User-Dereckson

Aug 23 2016

dereckson added a comment to T948: [Roadmap] Run periodically tests/prod-environment-behaves-correctly and report results.

Step 4 done for B to D, but currently every failure will be reported. And we don't exploit in the artefact log what's failing.

Aug 23 2016, 20:53 · security, Jenkins, User-Dereckson, Servers
dereckson updated the task description for T948: [Roadmap] Run periodically tests/prod-environment-behaves-correctly and report results.
Aug 23 2016, 20:53 · security, Jenkins, User-Dereckson, Servers
dereckson closed T953: Handle Jenkins notification plugin payloads, a subtask of T948: [Roadmap] Run periodically tests/prod-environment-behaves-correctly and report results, as Resolved.
Aug 23 2016, 20:49 · security, Jenkins, User-Dereckson, Servers

Aug 20 2016

dereckson moved T853: Deploy a Let's encrypt certificate to the Mumble server from Backlog to Needs Review / Blocked / Waiting on the User-Dereckson board.
Aug 20 2016, 18:54 · TLS certificates, good-first-issue, Mumble, security, Servers

Aug 15 2016

dereckson added a revision to T948: [Roadmap] Run periodically tests/prod-environment-behaves-correctly and report results: D613: Publish JUnit XML report.
Aug 15 2016, 21:47 · security, Jenkins, User-Dereckson, Servers

Aug 14 2016

dereckson closed T783: Run an extra SSH server on Ysul for OTP/Yubikey as Resolved.
Aug 14 2016, 00:56 · security, Servers
dereckson removed a project from T783: Run an extra SSH server on Ysul for OTP/Yubikey: Eglide.
Aug 14 2016, 00:56 · security, Servers
dereckson closed T866: Switch Uncle Slovius jail to IPv6 as Wontfix.

Superseded by T846.

Aug 14 2016, 00:51 · Servers, security
dereckson closed T860: Upgrade OpenSSL as Resolved.
Aug 14 2016, 00:47 · security, Servers

Aug 10 2016

dereckson updated the task description for T948: [Roadmap] Run periodically tests/prod-environment-behaves-correctly and report results.
Aug 10 2016, 18:12 · security, Jenkins, User-Dereckson, Servers
dereckson closed T972: Fix owncloud nginx configuration to allow Let's encrypt acme validation as Resolved.
Aug 10 2016, 16:13 · TLS certificates, Servers, security
dereckson closed T972: Fix owncloud nginx configuration to allow Let's encrypt acme validation, a subtask of T822: SSL certificates: migrate from Startcom to Let's encrypt, as Resolved.
Aug 10 2016, 16:13 · TLS certificates, Servers, security
dereckson added a comment to T972: Fix owncloud nginx configuration to allow Let's encrypt acme validation.

No issue ownCloud related: the Let's encrypt location block was in 80 server block, not in 443 one.

Aug 10 2016, 16:13 · TLS certificates, Servers, security
dereckson closed T971: Fix nginx configuration for commons.nasqueron.org to allow Let's encrypt as Resolved.

A deny rule blocked all the URL starting by a . to protect .htpasswd files.

Aug 10 2016, 16:12 · security, Servers
dereckson closed T971: Fix nginx configuration for commons.nasqueron.org to allow Let's encrypt, a subtask of T654: Apply Let's encrypt SSL certificates for *.nasqueron.org, as Resolved.
Aug 10 2016, 16:12 · TLS certificates, security, Servers
dereckson created T972: Fix owncloud nginx configuration to allow Let's encrypt acme validation.
Aug 10 2016, 15:45 · TLS certificates, Servers, security
dereckson added a subtask for T822: SSL certificates: migrate from Startcom to Let's encrypt: T654: Apply Let's encrypt SSL certificates for *.nasqueron.org.
Aug 10 2016, 15:43 · TLS certificates, Servers, security
dereckson added a parent task for T654: Apply Let's encrypt SSL certificates for *.nasqueron.org: T822: SSL certificates: migrate from Startcom to Let's encrypt.
Aug 10 2016, 15:43 · TLS certificates, security, Servers
dereckson created T971: Fix nginx configuration for commons.nasqueron.org to allow Let's encrypt.
Aug 10 2016, 15:43 · security, Servers
dereckson moved T948: [Roadmap] Run periodically tests/prod-environment-behaves-correctly and report results from In progress to Needs Review / Blocked / Waiting on the User-Dereckson board.
Aug 10 2016, 13:57 · security, Jenkins, User-Dereckson, Servers

Aug 4 2016

dereckson added a project to T776: Determine domain name for Eglide: Eglide.
Aug 4 2016, 01:51 · Eglide, discussion, security, IRC, Servers
dereckson added a project to T783: Run an extra SSH server on Ysul for OTP/Yubikey: Eglide.
Aug 4 2016, 01:51 · security, Servers

Aug 1 2016

dereckson updated subscribers of T822: SSL certificates: migrate from Startcom to Let's encrypt.

@amj do you remmeber anything still do do here?

Aug 1 2016, 16:37 · TLS certificates, Servers, security

Jul 31 2016

dereckson changed the visibility for T962: Trying to get property of non-object in PhabricatorStory::getRepositoryPHID.
Jul 31 2016, 23:11 · Notifications center
dereckson created T962: Trying to get property of non-object in PhabricatorStory::getRepositoryPHID.
Jul 31 2016, 23:10 · Notifications center

Jul 29 2016

dereckson added a comment to T948: [Roadmap] Run periodically tests/prod-environment-behaves-correctly and report results.

3A alternative: a cron job running the command for us and generating a report published somewhere Jenkins has access to.

Jul 29 2016, 18:49 · security, Jenkins, User-Dereckson, Servers
dereckson closed T960: Create qa account on Ysul for public_html testing, a subtask of T948: [Roadmap] Run periodically tests/prod-environment-behaves-correctly and report results, as Resolved.
Jul 29 2016, 17:43 · security, Jenkins, User-Dereckson, Servers
dereckson updated the task description for T948: [Roadmap] Run periodically tests/prod-environment-behaves-correctly and report results.
Jul 29 2016, 13:41 · security, Jenkins, User-Dereckson, Servers
dereckson added a project to T948: [Roadmap] Run periodically tests/prod-environment-behaves-correctly and report results: security.
Jul 29 2016, 13:39 · security, Jenkins, User-Dereckson, Servers

Jul 28 2016

dereckson edited projects for T930: Secrets to migrate from DevCentral to Vault, added: Vault; removed Continous integration and delivery.
Jul 28 2016, 20:12 · User-Dereckson, Vault, Nasqueron Operations Squad, security
dereckson moved T930: Secrets to migrate from DevCentral to Vault from Backlog to Vault on the Continous integration and delivery board.
Jul 28 2016, 20:11 · User-Dereckson, Vault, Nasqueron Operations Squad, security

Jul 27 2016

dereckson closed T559: SSL certificate for docker.nasqueron.org, a subtask of T654: Apply Let's encrypt SSL certificates for *.nasqueron.org, as Resolved.
Jul 27 2016, 16:44 · TLS certificates, security, Servers
dereckson added a subtask for T654: Apply Let's encrypt SSL certificates for *.nasqueron.org: T559: SSL certificate for docker.nasqueron.org.
Jul 27 2016, 16:43 · TLS certificates, security, Servers

Jul 26 2016

dereckson closed T945: Upgrade Docker images to PHP 5.6.24 as Resolved.
Jul 26 2016, 04:11 · Docker images, security

Jul 25 2016

dereckson claimed T945: Upgrade Docker images to PHP 5.6.24.
Jul 25 2016, 17:22 · Docker images, security
dereckson added a revision to T945: Upgrade Docker images to PHP 5.6.24: D574: Upgrade PHP to 5.6.24.
Jul 25 2016, 17:21 · Docker images, security
dereckson added a revision to T945: Upgrade Docker images to PHP 5.6.24: D573: Upgrade PHP to 5.6.24.
Jul 25 2016, 17:21 · Docker images, security
dereckson created T945: Upgrade Docker images to PHP 5.6.24.
Jul 25 2016, 17:14 · Docker images, security

Jul 24 2016

dereckson closed T933: Upgrade Apache on Ysul as Resolved.
Jul 24 2016, 20:01 · security, Servers
dereckson added a comment to T933: Upgrade Apache on Ysul.

Without PHP allowance patch for SuEXEC
/var/log/messages.2.bz2:Jul 22 20:29:35 ysul pkg-static: apache24-2.4.20_1 deinstalled
/var/log/messages.2.bz2:Jul 22 20:29:57 ysul pkg-static: apache24-2.4.23_1 installed

Jul 24 2016, 20:01 · security, Servers

Jul 22 2016

dereckson added a parent task for T930: Secrets to migrate from DevCentral to Vault: T928: Deploy Vault to store credentials.
Jul 22 2016, 03:02 · User-Dereckson, Vault, Nasqueron Operations Squad, security
dereckson triaged T933: Upgrade Apache on Ysul as High priority.
Jul 22 2016, 03:01 · security, Servers
dereckson added a subtask for T822: SSL certificates: migrate from Startcom to Let's encrypt: T931: Let's encrypt certificate for stages.wolfplex.be.
Jul 22 2016, 02:59 · TLS certificates, Servers, security
dereckson moved T822: SSL certificates: migrate from Startcom to Let's encrypt from Backlog to Pending review on the Servers board.
Jul 22 2016, 02:58 · TLS certificates, Servers, security

Jul 21 2016

dereckson created T930: Secrets to migrate from DevCentral to Vault.
Jul 21 2016, 15:55 · User-Dereckson, Vault, Nasqueron Operations Squad, security

Jul 10 2016

dereckson added a project to T853: Deploy a Let's encrypt certificate to the Mumble server: User-Dereckson.
Jul 10 2016, 23:22 · TLS certificates, good-first-issue, Mumble, security, Servers

Jul 6 2016

dereckson closed D464: [Eglide] SSH key change for kazuya by committing rOPS9d5cbec5d4ad: [Eglide] SSH key change for kazuya.
Jul 6 2016, 18:58 · security, Salt
dereckson accepted D464: [Eglide] SSH key change for kazuya.
Jul 6 2016, 18:55 · security, Salt
dereckson retitled D464: [Eglide] SSH key change for kazuya from SSH key change for kazuya to [Eglide] SSH key change for kazuya.
Jul 6 2016, 18:49 · security, Salt

Jul 2 2016

dereckson closed D451: Subresource Integrity by committing rGROVEdafb55ce332b: Subresource Integrity.
Jul 2 2016, 15:34 · security
dereckson accepted D451: Subresource Integrity.

Hashes generated through https://www.srihash.org/ managed by Mozilla, and tested under Chrome 51.

Jul 2 2016, 15:33 · security
dereckson added a project to D451: Subresource Integrity: security.
Jul 2 2016, 15:32 · security

Jun 26 2016

dereckson updated the task description for T878: Salt Auth Grove passwords.
Jun 26 2016, 22:07 · security, User-Dereckson, Auth Grove
First
Prev
Next
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator