Page MenuHomeDevCentral
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Dec 30 2020

dereckson closed T1640: "certbot: error: unrecognized arguments:" when renewing certificates on Docker Engine as Resolved by committing rOPS636fd7818086: Allow certbot wrapper to work when no argument is provided after the command.
Dec 30 2020, 02:23 · Regression, Nasqueron Docker deployment squad, security, Servers
dereckson added a revision to T1640: "certbot: error: unrecognized arguments:" when renewing certificates on Docker Engine: D2375: Allow certbot wrapper to work when no argument is provided after the command.
Dec 30 2020, 02:19 · Regression, Nasqueron Docker deployment squad, security, Servers
dereckson added a project to T1640: "certbot: error: unrecognized arguments:" when renewing certificates on Docker Engine: Regression.

Regression introduced in rOPSbf659c5728cbfeab65c1fba8772f2037278000b5:

Dec 30 2020, 02:14 · Regression, Nasqueron Docker deployment squad, security, Servers
dereckson triaged T1640: "certbot: error: unrecognized arguments:" when renewing certificates on Docker Engine as High priority.
Dec 30 2020, 02:07 · Regression, Nasqueron Docker deployment squad, security, Servers

Oct 20 2020

dereckson moved T1513: Propagate certificate to Openfire server from Backlog to Working on on the XMPP board.
Oct 20 2020, 01:19 · XMPP, security, Servers
dereckson added a project to T1513: Propagate certificate to Openfire server: XMPP.
Oct 20 2020, 01:19 · XMPP, security, Servers

Sep 28 2020

dereckson added a revision to T1627: Supersede equatower.nasqueron.org by docker-002.nasqueron.org: D2337: Prune Docker configuration for Equatower.
Sep 28 2020, 00:26 · Operations sprints (Consolidate them all), Servers, Salt, security

Sep 24 2020

dereckson added a comment to T1619: Connect all baremetal servers to Drake network.

Let's rewire tunnels against router-001.nasqueron.org / 51.255.124.8 / 172.27.27.1

Sep 24 2020, 20:50 · Servers, Drake network, security, Operations sprints (Consolidate them all)
dereckson added a revision to T1616: Build a bastion - load balancers - private instances network topology: D2334: Configure IntraNought interface for FreeBSD.
Sep 24 2020, 20:48 · security, Operations sprints (Consolidate them all)
dereckson added a revision to T1616: Build a bastion - load balancers - private instances network topology: D2330: Add router-001.nasqueron.org as router.
Sep 24 2020, 19:24 · security, Operations sprints (Consolidate them all)
dereckson added a revision to T1627: Supersede equatower.nasqueron.org by docker-002.nasqueron.org: D2328: Clone Equatower Docker configuration for docker-001.
Sep 24 2020, 03:21 · Operations sprints (Consolidate them all), Servers, Salt, security
dereckson added a revision to T1627: Supersede equatower.nasqueron.org by docker-002.nasqueron.org: D2327: Use new registry server.
Sep 24 2020, 01:51 · Operations sprints (Consolidate them all), Servers, Salt, security

Sep 23 2020

dereckson added a revision to T1627: Supersede equatower.nasqueron.org by docker-002.nasqueron.org: D2322: Configure Docker for docker-001.
Sep 23 2020, 23:15 · Operations sprints (Consolidate them all), Servers, Salt, security
dereckson added a revision to T1627: Supersede equatower.nasqueron.org by docker-002.nasqueron.org: D2321: Add server docker-001 for paas-docker role.
Sep 23 2020, 23:12 · Operations sprints (Consolidate them all), Servers, Salt, security
dereckson added a comment to T1627: Supersede equatower.nasqueron.org by docker-002.nasqueron.org.

Phabricator config explicitly contained a reference to Equatower, it's now aphlict.nasqueron.org

Sep 23 2020, 21:02 · Operations sprints (Consolidate them all), Servers, Salt, security
dereckson added a comment to T1627: Supersede equatower.nasqueron.org by docker-002.nasqueron.org.

Machine migration done with this workflow:

Sep 23 2020, 21:02 · Operations sprints (Consolidate them all), Servers, Salt, security
dereckson triaged T1627: Supersede equatower.nasqueron.org by docker-002.nasqueron.org as High priority.
Sep 23 2020, 21:00 · Operations sprints (Consolidate them all), Servers, Salt, security

Sep 22 2020

dereckson added a project to T849: https://trustspace.nasqueron.org/css/trustspace.css serves http:// content: TrustSpace.
Sep 22 2020, 01:08 · TrustSpace, security, Servers
dereckson moved T1594: Acquisitariat and Etherpad issue from Backlog to Blocked on the Operations sprints (Consolidate them all) board.
Sep 22 2020, 00:57 · Operations sprints (Consolidate them all), Vault, security, Nasqueron Docker deployment squad
dereckson added a comment to T1594: Acquisitariat and Etherpad issue.

All the quoted containers are priority candidates to be moved to Kubernetes cluster.

Sep 22 2020, 00:57 · Operations sprints (Consolidate them all), Vault, security, Nasqueron Docker deployment squad
dereckson triaged T1594: Acquisitariat and Etherpad issue as Low priority.
Sep 22 2020, 00:56 · Operations sprints (Consolidate them all), Vault, security, Nasqueron Docker deployment squad

Sep 21 2020

dereckson added a parent task for T1521: Restrict MySQL access: T1619: Connect all baremetal servers to Drake network.
Sep 21 2020, 23:34 · Operations sprints (Consolidate them all), security, Servers
dereckson added a subtask for T1619: Connect all baremetal servers to Drake network: T1521: Restrict MySQL access.
Sep 21 2020, 23:34 · Servers, Drake network, security, Operations sprints (Consolidate them all)
dereckson moved T1619: Connect all baremetal servers to Drake network from Backlog to Pending review on the Operations sprints (Consolidate them all) board.
Sep 21 2020, 23:34 · Servers, Drake network, security, Operations sprints (Consolidate them all)

Sep 20 2020

dereckson added a revision to T1619: Connect all baremetal servers to Drake network: D2303: Create GRE tunnel between WindRiver and Ysul.
Sep 20 2020, 00:59 · Servers, Drake network, security, Operations sprints (Consolidate them all)
dereckson triaged T1619: Connect all baremetal servers to Drake network as Normal priority.
Sep 20 2020, 00:57 · Servers, Drake network, security, Operations sprints (Consolidate them all)

Jun 3 2020

dereckson added a revision to T1616: Build a bastion - load balancers - private instances network topology: D2293: Provide a PaaS front-end role.
Jun 3 2020, 17:43 · security, Operations sprints (Consolidate them all)
dereckson added a parent task for T1616: Build a bastion - load balancers - private instances network topology: Unknown Object (Maniphest Task).
Jun 3 2020, 17:37 · security, Operations sprints (Consolidate them all)
dereckson triaged T1616: Build a bastion - load balancers - private instances network topology as Normal priority.
Jun 3 2020, 17:36 · security, Operations sprints (Consolidate them all)

Feb 23 2020

dereckson moved T1602: Provision ACME DNS credentials for core domains on each servers from Backlog to Pending review on the Operations sprints (Consolidate them all) board.
Feb 23 2020, 12:31 · Operations sprints (Ignite Alkane Propulsion), security, Servers
dereckson added a revision to T1602: Provision ACME DNS credentials for core domains on each servers: D2249: Allow to update ACME DNS accounts.
Feb 23 2020, 11:40 · Operations sprints (Ignite Alkane Propulsion), security, Servers
dereckson created T1602: Provision ACME DNS credentials for core domains on each servers.
Feb 23 2020, 11:40 · Operations sprints (Ignite Alkane Propulsion), security, Servers

Feb 15 2020

dereckson created Blog Post: New SSH keys for servers.
Feb 15 2020, 23:50 · security, Servers

Feb 14 2020

dereckson closed T667: Mitigate CVE-2016-0777 in SSH clients configuration files as Resolved.

OpenSSH now mitigates this.

Feb 14 2020, 17:40 · security, Servers
dereckson closed T693: Add dwellers.nasqueron.org to Ysul sshguard whitelist as Wontfix.

We do'nt use sshguard anymore, as login by password is disabled, keys are required.

Feb 14 2020, 17:37 · security, Nasqueron Docker deployment squad, Servers, Restricted Project
dereckson closed T744: Recycle containers on Dwellers to mitigate CVE-2015-7547 as Resolved.
Feb 14 2020, 17:35 · security, Nasqueron Docker deployment squad
dereckson claimed T744: Recycle containers on Dwellers to mitigate CVE-2015-7547.

Done during the migration to EquaTower and Salt for aphlict cachet devcentral wolfphab acquisitariat etherpad tommy ci silly_bardeen.

Feb 14 2020, 17:35 · security, Nasqueron Docker deployment squad
dereckson added a comment to T1594: Acquisitariat and Etherpad issue.

The option is the same for Etherpad and DevCentral:

Feb 14 2020, 15:52 · Operations sprints (Consolidate them all), Vault, security, Nasqueron Docker deployment squad
dereckson added a project to T1594: Acquisitariat and Etherpad issue: Operations sprints (Consolidate them all).
Feb 14 2020, 15:44 · Operations sprints (Consolidate them all), Vault, security, Nasqueron Docker deployment squad
dereckson updated the task description for T1594: Acquisitariat and Etherpad issue.
Feb 14 2020, 15:44 · Operations sprints (Consolidate them all), Vault, security, Nasqueron Docker deployment squad
dereckson created T1594: Acquisitariat and Etherpad issue.
Feb 14 2020, 15:42 · Operations sprints (Consolidate them all), Vault, security, Nasqueron Docker deployment squad

Feb 8 2020

dereckson closed T1580: Deploy ACME-specific DNS server, a subtask of T1513: Propagate certificate to Openfire server, as Resolved.
Feb 8 2020, 18:39 · XMPP, security, Servers
dereckson closed T1580: Deploy ACME-specific DNS server as Resolved.
Feb 8 2020, 18:39 · Operations sprints (Consolidate them all), DNS, security, Servers

Feb 4 2020

dereckson added a revision to T1580: Deploy ACME-specific DNS server: D2181: Allow certbot to use acme.nasqueron.org on Docker engines.
Feb 4 2020, 22:22 · Operations sprints (Consolidate them all), DNS, security, Servers
dereckson added a comment to T1580: Deploy ACME-specific DNS server.

The server works fine. Next step is to integrate Certbot or any other client with it and create relevant CNAMEs.

Feb 4 2020, 20:07 · Operations sprints (Consolidate them all), DNS, security, Servers
dereckson added a revision to T1580: Deploy ACME-specific DNS server: D2180: Provide homepage for ACME DNS Server.
Feb 4 2020, 19:58 · Operations sprints (Consolidate them all), DNS, security, Servers
dereckson added a revision to T1580: Deploy ACME-specific DNS server: D2179: Restrict access to ACME DNS.
Feb 4 2020, 19:29 · Operations sprints (Consolidate them all), DNS, security, Servers
dereckson added a comment to T1580: Deploy ACME-specific DNS server.

Server is deployed on Equatower.

Feb 4 2020, 18:11 · Operations sprints (Consolidate them all), DNS, security, Servers
dereckson added a revision to T1580: Deploy ACME-specific DNS server: D2178: Provide nginx configuration for ACME DNS.
Feb 4 2020, 17:49 · Operations sprints (Consolidate them all), DNS, security, Servers
dereckson added a revision to T1580: Deploy ACME-specific DNS server: D2177: Serve acme.nasqueron.org DNS.
Feb 4 2020, 16:15 · Operations sprints (Consolidate them all), DNS, security, Servers
dereckson moved T1580: Deploy ACME-specific DNS server from Backlog to Working on on the Operations sprints (Consolidate them all) board.
Feb 4 2020, 15:03 · Operations sprints (Consolidate them all), DNS, security, Servers
dereckson added a project to T1580: Deploy ACME-specific DNS server: Operations sprints (Consolidate them all).
Feb 4 2020, 15:03 · Operations sprints (Consolidate them all), DNS, security, Servers
dereckson created T1580: Deploy ACME-specific DNS server.
Feb 4 2020, 15:02 · Operations sprints (Consolidate them all), DNS, security, Servers
dereckson added a revision to T1513: Propagate certificate to Openfire server: D2050: WIP: deploy certificate to Openfire.
Feb 4 2020, 14:54 · XMPP, security, Servers

Jan 25 2020

dereckson added a project to T1109: Switch all OAuth GitHub applications to Nasqueron organization accounts: Administrative.
Jan 25 2020, 01:33 · User-Dereckson, security, Nasqueron Operations Squad

Jan 15 2020

dereckson added a project to T1521: Restrict MySQL access: Operations sprints (Consolidate them all).
Jan 15 2020, 11:23 · Operations sprints (Consolidate them all), security, Servers
dereckson added a comment to T1484: Upgrade Laravel framework.

5.4 migration is done for the running source code, but tests require to cope with the undocumented internal framework mechanisms changes for events.

Jan 15 2020, 11:21 · Restricted Project, security, Technical debt, Notifications center

Jan 14 2020

dereckson added a comment to T1486: Evaluate Archery.

Still maintained.

Jan 14 2020, 15:19 · security, Product evaluation, Operations sprints (Move the ambiant lights)
dereckson updated the task description for T1486: Evaluate Archery.
Jan 14 2020, 15:18 · security, Product evaluation, Operations sprints (Move the ambiant lights)
dereckson moved T1211: Implement ACL to the exchanges/queues we can subscribe to in delivery API from Zboing! Zboing! to Backlog on the Notifications center board.
Jan 14 2020, 00:38 · Notifications center, security

Jan 13 2020

dereckson added a revision to T1484: Upgrade Laravel framework: D2129: Upgrade to Laravel 5.3.
Jan 13 2020, 22:29 · Restricted Project, security, Technical debt, Notifications center
dereckson added a parent task for T1484: Upgrade Laravel framework: T1336: Migrate tests to PHPUnit 8.
Jan 13 2020, 02:52 · Restricted Project, security, Technical debt, Notifications center

Dec 5 2019

dereckson moved T1484: Upgrade Laravel framework from Backlog to Dev on the Technical debt board.
Dec 5 2019, 13:12 · Restricted Project, security, Technical debt, Notifications center

Oct 14 2019

dereckson closed T1530: pam_nologin link issue in FreeBSD as Resolved.

No more log messages.

Oct 14 2019, 14:30 · security, Servers
dereckson added a comment to T1530: pam_nologin link issue in FreeBSD.
$ sudo service cron restart
Stopping cron.
Waiting for PIDS: 1043.
Starting cron.
Oct 14 2019, 14:19 · security, Servers
dereckson added a comment to T1530: pam_nologin link issue in FreeBSD.

Known similar issue: https://forums.freebsd.org/threads/crontab-not-working-after-upgrading-to-freebsd-12-0-release.68675/

Oct 14 2019, 14:16 · security, Servers
dereckson triaged T1530: pam_nologin link issue in FreeBSD as High priority.
Oct 14 2019, 14:15 · security, Servers

Aug 1 2019

xcombelle added a comment to T1524: Monitor sudo files on servers.

I have no idea how to do it, but looks like a good plan. Apart that, in my opinion, you do a much more of what would be necessary to run nasqueron services (but it is your time, you use it like you want)

Aug 1 2019, 15:37 · Eglide, security, Servers
dereckson added a comment to T1524: Monitor sudo files on servers.

Those are valid concerns.

Aug 1 2019, 14:57 · Eglide, security, Servers
xcombelle added a comment to T1524: Monitor sudo files on servers.

looks an interesting tool, something quite frightening is that it comes with a set of exploit, (if I understand, a common way to exploit sudo flaws).
As a shell script not even indented, it is absolutely unreadable, and more or less one have to trust the creator to not making mistake.
Moreover for full use, you have to give a sudo password in clear text ( I just don't understand the reason)
As such, I would say it would be kind of crazy to run it automatically and I would not comfortable to simply run it for myself in any way.

Aug 1 2019, 14:44 · Eglide, security, Servers
dereckson triaged T1524: Monitor sudo files on servers as Wishlist priority.
Aug 1 2019, 14:16 · Eglide, security, Servers

Jul 29 2019

dereckson added a comment to T1521: Restrict MySQL access.

Tagging security as we could need follow-up ACL to allow to connect to.

Jul 29 2019, 17:29 · Operations sprints (Consolidate them all), security, Servers
dereckson added a project to T1521: Restrict MySQL access: security.
Jul 29 2019, 17:28 · Operations sprints (Consolidate them all), security, Servers

Jul 17 2019

dereckson edited P288 Keys to restore after D2074 side-effect cleanup.
Jul 17 2019, 18:37 · security, Servers
dereckson edited P288 Keys to restore after D2074 side-effect cleanup.
Jul 17 2019, 18:37 · security, Servers
dereckson edited P288 Keys to restore after D2074 side-effect cleanup.
Jul 17 2019, 18:37 · security, Servers
dereckson created P288 Keys to restore after D2074 side-effect cleanup.
Jul 17 2019, 18:37 · security, Servers

Apr 22 2019

dereckson added a revision to T1513: Propagate certificate to Openfire server: D2065: Listen to conference.nasqueron.org for Openfire.
Apr 22 2019, 10:21 · XMPP, security, Servers
dereckson added a comment to T1513: Propagate certificate to Openfire server.

Actually, for a server point of view, certificates are located in /usr/share/openfire/resources/security.

Apr 22 2019, 10:20 · XMPP, security, Servers
dereckson claimed T1513: Propagate certificate to Openfire server.
Apr 22 2019, 10:15 · XMPP, security, Servers

Jan 26 2019

dereckson closed T1500: Migrate user content to a new domain as Resolved.
Jan 26 2019, 21:46 · Operations sprints (The Dreadnought will produce new officers), Salt, Nasqueron Docker deployment squad, security, DevCentral
dereckson added a comment to T1500: Migrate user content to a new domain.

DNS configuration

Jan 26 2019, 21:46 · Operations sprints (The Dreadnought will produce new officers), Salt, Nasqueron Docker deployment squad, security, DevCentral
dereckson added a revision to T1500: Migrate user content to a new domain: D2055: Switch Phabricator static/user content to specific domain.
Jan 26 2019, 11:03 · Operations sprints (The Dreadnought will produce new officers), Salt, Nasqueron Docker deployment squad, security, DevCentral
dereckson added a comment to T1500: Migrate user content to a new domain.

DNS delegation done.

Jan 26 2019, 08:36 · Operations sprints (The Dreadnought will produce new officers), Salt, Nasqueron Docker deployment squad, security, DevCentral

Jan 25 2019

dereckson added a comment to T1500: Migrate user content to a new domain.

DNS delegation issues.

Jan 25 2019, 21:31 · Operations sprints (The Dreadnought will produce new officers), Salt, Nasqueron Docker deployment squad, security, DevCentral
dereckson added a comment to T1500: Migrate user content to a new domain.

Ordered at OVH. BC 101687018.

Jan 25 2019, 19:45 · Operations sprints (The Dreadnought will produce new officers), Salt, Nasqueron Docker deployment squad, security, DevCentral
dereckson claimed T1500: Migrate user content to a new domain.

Ordering domain name nasqueron-user-content.org

Jan 25 2019, 19:41 · Operations sprints (The Dreadnought will produce new officers), Salt, Nasqueron Docker deployment squad, security, DevCentral

Dec 13 2018

dereckson added a project to T1500: Migrate user content to a new domain: Operations sprints (The Dreadnought will produce new officers).
Dec 13 2018, 08:45 · Operations sprints (The Dreadnought will produce new officers), Salt, Nasqueron Docker deployment squad, security, DevCentral
dereckson added projects to T1500: Migrate user content to a new domain: DevCentral, security, Nasqueron Docker deployment squad, Salt.
Dec 13 2018, 08:44 · Operations sprints (The Dreadnought will produce new officers), Salt, Nasqueron Docker deployment squad, security, DevCentral

Nov 27 2018

dereckson created T1486: Evaluate Archery.
Nov 27 2018, 21:17 · security, Product evaluation, Operations sprints (Move the ambiant lights)

Nov 22 2018

dereckson triaged T1484: Upgrade Laravel framework as Low priority.
Nov 22 2018, 12:50 · Restricted Project, security, Technical debt, Notifications center

Oct 2 2018

dereckson lowered the priority of T1457: Ysul SSH keys have been edited from Unbreak Now! to Normal.
Oct 2 2018, 10:39 · Servers, security
dereckson closed T1457: Ysul SSH keys have been edited as Invalid.

Stale entries in .ssh/known_hosts, from 2016.

Oct 2 2018, 10:38 · Servers, security

Sep 27 2018

dereckson added a project to T1457: Ysul SSH keys have been edited: Servers.
Sep 27 2018, 21:12 · Servers, security
dereckson triaged T1457: Ysul SSH keys have been edited as Unbreak Now! priority.
Sep 27 2018, 20:47 · Servers, security

Sep 21 2018

dereckson added a revision to T1446: Upgrade Ruby from 2.2 to 2.5: D1783: Upgrade Ruby version to 2.5.
Sep 21 2018, 11:57 · Docker images, Tommy, security
dereckson changed the edit policy for T1446: Upgrade Ruby from 2.2 to 2.5.
Sep 21 2018, 11:04 · Docker images, Tommy, security
dereckson closed T1446: Upgrade Ruby from 2.2 to 2.5 as Resolved by committing rTOMMYdee8c80a7244: Upgrade to Ruby 2.5.
Sep 21 2018, 11:03 · Docker images, Tommy, security
dereckson added a revision to T1446: Upgrade Ruby from 2.2 to 2.5: D1780: Upgrade to Ruby 2.5.
Sep 21 2018, 11:02 · Docker images, Tommy, security
dereckson changed the edit policy for T1444: CSRF timing attach in Sinatra rack-protection (CVE-2018-1000119).
Sep 21 2018, 09:56 · Tommy, security
First
Prev
Next
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator