Page MenuHomeDevCentral
Feed Advanced Search

Advanced Search
Use Results
Hide Query

May 18 2023

dereckson added a revision to T1627: Supersede equatower.nasqueron.org by docker-002.nasqueron.org: D3102: Supersede Equatower references by docker-002.
May 18 2023, 09:38 · Operations sprints (Consolidate them all), Servers, Salt, security
dereckson added a revision to T1627: Supersede equatower.nasqueron.org by docker-002.nasqueron.org: D3101: Supersede Equatower references by docker-002.
May 18 2023, 09:35 · Operations sprints (Consolidate them all), Servers, Salt, security
dereckson renamed T1627: Supersede equatower.nasqueron.org by docker-002.nasqueron.org from Supersede equatower.nasqueron.org by docker-001.nasqueron.org to Supersede equatower.nasqueron.org by docker-002.nasqueron.org.
May 18 2023, 09:35 · Operations sprints (Consolidate them all), Servers, Salt, security

May 15 2023

dereckson added a comment to T1145: Don't truncate passwords.

Password truncation
Passwords are explicitly truncated to 25 characters in load_helpers functions:

May 15 2023, 17:08 · C, security, Odderon

May 13 2023

dereckson added a comment to T1861: Configure static IPv6 on WindRiver.

DUID published in Vault under ops/secrets/network/DUID/2001:bc8:2e84:700::

May 13 2023, 13:27 · security, Servers, IPv6
dereckson moved T1861: Configure static IPv6 on WindRiver from Backlog to Analysis / under discussion on the Servers board.
May 13 2023, 12:24 · security, Servers, IPv6
dereckson triaged T1861: Configure static IPv6 on WindRiver as Normal priority.
May 13 2023, 12:24 · security, Servers, IPv6
dereckson added a comment to T1861: Configure static IPv6 on WindRiver.

2001:bc8:2e84:700:: /56 should be used for WindRiver addresses.

May 13 2023, 12:23 · security, Servers, IPv6
dereckson added a comment to T1861: Configure static IPv6 on WindRiver.

Autoconfig IP isn't in our block

May 13 2023, 12:14 · security, Servers, IPv6
dereckson added a project to T1861: Configure static IPv6 on WindRiver: security.
May 13 2023, 12:08 · security, Servers, IPv6

May 6 2023

dereckson moved T1770: Drop credentials from MySQL containers' environment from Backlog to Backlog - Docker on the Operations sprints (Ignite Alkane Propulsion) board.
May 6 2023, 15:55 · Operations sprints (Ignite Alkane Propulsion), Nasqueron Docker deployment squad, Salt, security
dereckson moved T1765: SELinux context is missing for /etc/nginx configuration files from Backlog to Backlog - Docker on the Operations sprints (Ignite Alkane Propulsion) board.
May 6 2023, 15:55 · Operations sprints (Ignite Alkane Propulsion), Salt, security, Nasqueron Docker deployment squad, Servers

Apr 13 2023

dereckson closed T1829: Don't listen to world SSH for IntraNought servers as Resolved by committing rOPSe295e695501b: Don't listen to world SSH for IntraNought servers.
Apr 13 2023, 23:59 · security, Servers
dereckson added a revision to T1829: Don't listen to world SSH for IntraNought servers : D3012: Don't listen to world SSH for IntraNought servers.
Apr 13 2023, 23:47 · security, Servers

Apr 12 2023

dereckson added a revision to T1829: Don't listen to world SSH for IntraNought servers : D3004: Resolve private network interface.
Apr 12 2023, 19:39 · security, Servers
dereckson triaged T1829: Don't listen to world SSH for IntraNought servers as High priority.
Apr 12 2023, 00:26 · security, Servers

Mar 28 2023

dereckson added a comment to T1779: Provision docker-002 Docker Engine.

https://api.nasqueron.org/infra/servers.json

Mar 28 2023, 01:05 · Salt, Docker images, Servers, security

Mar 24 2023

dereckson closed T720: Ysul: cannot stat /etc/login.conf: Not permitted in capability mode as Resolved.

Not present in recent FreeBSD machines, so I guess it was solved during an OS upgrade.

Mar 24 2023, 01:14 · security, Servers

Mar 7 2023

dereckson closed T1425: Provision secrets through Salt as Resolved.

All secrets are now stored in Vault and provisioned through Salt, with policies restricting access to secrets by node.

Mar 7 2023, 20:26 · security, Nasqueron Operations Squad, Vault, Salt
dereckson closed T930: Secrets to migrate from DevCentral to Vault as Resolved.
Mar 7 2023, 20:19 · User-Dereckson, Vault, Nasqueron Operations Squad, security
dereckson added a comment to T930: Secrets to migrate from DevCentral to Vault.

And with the Zemke-Rhyne decom, we're done.

Mar 7 2023, 20:19 · User-Dereckson, Vault, Nasqueron Operations Squad, security
dereckson added a revision to T930: Secrets to migrate from DevCentral to Vault: D2854: Decommission Zemke-Rhyne.
Mar 7 2023, 20:14 · User-Dereckson, Vault, Nasqueron Operations Squad, security
dereckson added a revision to T1779: Provision docker-002 Docker Engine: D2851: Decommission docker-001.
Mar 7 2023, 19:51 · Salt, Docker images, Servers, security
dereckson added a revision to T1779: Provision docker-002 Docker Engine: D2787: Provision docker-002.
Mar 7 2023, 19:10 · Salt, Docker images, Servers, security

Mar 4 2023

dereckson added a revision to T1779: Provision docker-002 Docker Engine: D2837: Update tommy_cd back-end URL.
Mar 4 2023, 19:05 · Salt, Docker images, Servers, security

Mar 3 2023

dereckson closed T1594: Acquisitariat and Etherpad issue as Resolved.

Those issues are resolved now we use Vault to provision passwords.

Mar 3 2023, 20:15 · Operations sprints (Consolidate them all), Vault, security, Nasqueron Docker deployment squad
dereckson added a revision to T1779: Provision docker-002 Docker Engine: D2827: Update api.nasqueron.org API configuration.
Mar 3 2023, 19:08 · Salt, Docker images, Servers, security
dereckson added projects to T1779: Provision docker-002 Docker Engine: Servers, Docker images, Salt.
Mar 3 2023, 19:05 · Salt, Docker images, Servers, security
dereckson added a revision to T1779: Provision docker-002 Docker Engine: D2826: Update api-datasources service URL.
Mar 3 2023, 17:16 · Salt, Docker images, Servers, security
dereckson triaged T1779: Provision docker-002 Docker Engine as High priority.
Mar 3 2023, 17:15 · Salt, Docker images, Servers, security
dereckson closed T1775: Provision notifications CLI configuration file as Resolved by committing rOPS936e401ff3a4: Update connection information to broker for notifications CLI.
Mar 3 2023, 16:59 · Salt, security, Notifications center

Mar 2 2023

dereckson moved T1775: Provision notifications CLI configuration file from Backlog to Pending review on the security board.
Mar 2 2023, 17:38 · Salt, security, Notifications center
dereckson claimed T1775: Provision notifications CLI configuration file.
Mar 2 2023, 17:38 · Salt, security, Notifications center
dereckson added a revision to T1775: Provision notifications CLI configuration file: D2824: Update connection information to broker for notifications CLI.
Mar 2 2023, 17:38 · Salt, security, Notifications center
dereckson closed T1776: Avoid Salt to print diff against files with credentials as Resolved by committing rOPSeda2176a0476: Don't print diff changes when credentials can be exposed.
Mar 2 2023, 17:28 · security, Salt
dereckson added a revision to T1776: Avoid Salt to print diff against files with credentials: D2823: Don't print diff changes when credentials can be exposed.
Mar 2 2023, 17:28 · security, Salt
dereckson created T1776: Avoid Salt to print diff against files with credentials.
Mar 2 2023, 17:18 · security, Salt
dereckson triaged T1775: Provision notifications CLI configuration file as Normal priority.
Mar 2 2023, 17:17 · Salt, security, Notifications center

Feb 16 2023

dereckson added a revision to T930: Secrets to migrate from DevCentral to Vault: D2800: Switch credentials from Zemke-Rhyme to Vault.
Feb 16 2023, 21:27 · User-Dereckson, Vault, Nasqueron Operations Squad, security
dereckson added a revision to T1425: Provision secrets through Salt: D2800: Switch credentials from Zemke-Rhyme to Vault.
Feb 16 2023, 21:27 · security, Nasqueron Operations Squad, Vault, Salt

Feb 9 2023

dereckson closed T1733: Store credentials in Vault as Resolved.
Feb 9 2023, 22:25 · security, Vault, Dæghrefn
dereckson updated subscribers of T1770: Drop credentials from MySQL containers' environment.
Feb 9 2023, 21:56 · Operations sprints (Ignite Alkane Propulsion), Nasqueron Docker deployment squad, Salt, security
dereckson moved T1770: Drop credentials from MySQL containers' environment from Backlog to Servers config on the Salt board.
Feb 9 2023, 21:55 · Operations sprints (Ignite Alkane Propulsion), Nasqueron Docker deployment squad, Salt, security
dereckson triaged T1770: Drop credentials from MySQL containers' environment as Normal priority.
Feb 9 2023, 21:55 · Operations sprints (Ignite Alkane Propulsion), Nasqueron Docker deployment squad, Salt, security

Feb 7 2023

DorianWinty moved T1484: Upgrade Laravel framework from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Feb 7 2023, 21:09 · Restricted Project, security, Technical debt, Notifications center

Feb 6 2023

dereckson moved T1765: SELinux context is missing for /etc/nginx configuration files from Backlog to Servers config on the Salt board.
Feb 6 2023, 20:42 · Operations sprints (Ignite Alkane Propulsion), Salt, security, Nasqueron Docker deployment squad, Servers
dereckson triaged T1765: SELinux context is missing for /etc/nginx configuration files as Normal priority.
Feb 6 2023, 20:41 · Operations sprints (Ignite Alkane Propulsion), Salt, security, Nasqueron Docker deployment squad, Servers
dereckson added a comment to T1627: Supersede equatower.nasqueron.org by docker-002.nasqueron.org.
In T1627#23666, @dereckson wrote:

Perhaps replace references here too: https://code.nasqueron.org/?q=equatower&i=nope&literal=nope&files=&excludeFiles=&repos=

Feb 6 2023, 20:38 · Operations sprints (Consolidate them all), Servers, Salt, security

Sep 25 2022

dereckson added a revision to T1484: Upgrade Laravel framework: D2716: Update to Laravel 9.
Sep 25 2022, 07:32 · Restricted Project, security, Technical debt, Notifications center

Sep 23 2022

DorianWinty closed T1484: Upgrade Laravel framework as Resolved.

For now we are in Laravel 9

Sep 23 2022, 21:43 · Restricted Project, security, Technical debt, Notifications center
DorianWinty moved T1484: Upgrade Laravel framework from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Sep 23 2022, 21:33 · Restricted Project, security, Technical debt, Notifications center

Sep 14 2022

DorianWinty moved T1484: Upgrade Laravel framework from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Sep 14 2022, 17:31 · Restricted Project, security, Technical debt, Notifications center

Sep 13 2022

DorianWinty added a revision to T1484: Upgrade Laravel framework: D2710: Update dependencies.
Sep 13 2022, 17:35 · Restricted Project, security, Technical debt, Notifications center
DorianWinty added a revision to T1484: Upgrade Laravel framework: D2709: Update dependencies.
Sep 13 2022, 14:01 · Restricted Project, security, Technical debt, Notifications center
DorianWinty moved T1484: Upgrade Laravel framework from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Sep 13 2022, 10:45 · Restricted Project, security, Technical debt, Notifications center

Jun 25 2022

dereckson moved T1292: userlist.db is saved in 644 from Backlog to Darkbot bugs on the Odderon board.
Jun 25 2022, 01:04 · C, good-first-issue, security, Odderon
dereckson added a parent task for T1656: Convert daeghrefn. for Uspection use: T934: Documentation site.
Jun 25 2022, 01:03 · upsection, security, documentation, IRC, Dæghrefn
dereckson moved T1656: Convert daeghrefn. for Uspection use from Backlog to Documentation on the Dæghrefn board.
Jun 25 2022, 01:02 · upsection, security, documentation, IRC, Dæghrefn

Jun 5 2022

DorianWinty added a comment to T1484: Upgrade Laravel framework.

For now, Laravel 8 :

Jun 5 2022, 07:18 · Restricted Project, security, Technical debt, Notifications center

Jun 4 2022

DorianWinty added a project to T1484: Upgrade Laravel framework: Restricted Project.
Jun 4 2022, 21:26 · Restricted Project, security, Technical debt, Notifications center
dereckson updated the task description for T1484: Upgrade Laravel framework.
Jun 4 2022, 20:05 · Restricted Project, security, Technical debt, Notifications center
dereckson added a comment to T1484: Upgrade Laravel framework.

@DorianWinty Would be useful to apply https://laravel.com/docs/9.x/upgrade so we're really up to date.

Jun 4 2022, 20:04 · Restricted Project, security, Technical debt, Notifications center
dereckson assigned T1484: Upgrade Laravel framework to DorianWinty.
Jun 4 2022, 20:02 · Restricted Project, security, Technical debt, Notifications center

May 12 2022

dereckson added a revision to T1733: Store credentials in Vault: D2687: Configure ViperServ eggdrops to use Vault.
May 12 2022, 22:54 · security, Vault, Dæghrefn
dereckson added a revision to T1733: Store credentials in Vault: D2686: Fetch credentials from Vault.
May 12 2022, 22:22 · security, Vault, Dæghrefn
dereckson triaged T1733: Store credentials in Vault as Normal priority.
May 12 2022, 22:22 · security, Vault, Dæghrefn

May 8 2022

dereckson triaged T1732: Save PHP errors in a separate log than stdout/the nginx error one as High priority.
May 8 2022, 17:30 · security, Docker images, DevCentral

Apr 15 2022

dereckson added a comment to T1616: Build a bastion - load balancers - private instances network topology.

For Salt and Vault, we're already using the private network.

Apr 15 2022, 19:21 · security, Operations sprints (Consolidate them all)
dereckson closed T1619: Connect all baremetal servers to Drake network as Resolved.

We're done here :)

Apr 15 2022, 19:20 · Servers, Drake network, security, Operations sprints (Consolidate them all)
dereckson closed T1619: Connect all baremetal servers to Drake network, a subtask of T1702: Deploy Complector aka la source, as Resolved.
Apr 15 2022, 19:20 · Salt, Vault, security, Servers
dereckson closed T1619: Connect all baremetal servers to Drake network, a subtask of T1616: Build a bastion - load balancers - private instances network topology, as Resolved.
Apr 15 2022, 19:20 · security, Operations sprints (Consolidate them all)
dereckson updated the task description for T1619: Connect all baremetal servers to Drake network.
Apr 15 2022, 19:20 · Servers, Drake network, security, Operations sprints (Consolidate them all)
dereckson added a comment to T1702: Deploy Complector aka la source.

Vault is live and Salt deployments were successful to cloudhugger dwellers windriver ysul (and Complector itself).

Apr 15 2022, 19:19 · Salt, Vault, security, Servers
dereckson added a revision to T1616: Build a bastion - load balancers - private instances network topology: D2672: Prune salt-primary role on Ysul and WindRiver.
Apr 15 2022, 19:16 · security, Operations sprints (Consolidate them all)
dereckson added a revision to T1702: Deploy Complector aka la source: D2672: Prune salt-primary role on Ysul and WindRiver.
Apr 15 2022, 19:16 · Salt, Vault, security, Servers
dereckson added a revision to T1425: Provision secrets through Salt: D2671: Avoid a server to keep access to stale Vault policies.
Apr 15 2022, 19:11 · security, Nasqueron Operations Squad, Vault, Salt
dereckson added a revision to T1425: Provision secrets through Salt: D2669: Avoid to share credentials between dev and prod Docker engines.
Apr 15 2022, 17:53 · security, Nasqueron Operations Squad, Vault, Salt

Apr 12 2022

dereckson closed T648: Secure access to etcd as Wontfix.

Per T644.

Apr 12 2022, 22:18 · security, Nasqueron Docker deployment squad, Servers

Apr 3 2022

dereckson updated the task description for T930: Secrets to migrate from DevCentral to Vault.
Apr 3 2022, 19:49 · User-Dereckson, Vault, Nasqueron Operations Squad, security
dereckson added a revision to T1425: Provision secrets through Salt: D2649: Provide compatibility methods with Zemke-Rhyme for Vault.
Apr 3 2022, 18:59 · security, Nasqueron Operations Squad, Vault, Salt

Mar 29 2022

dereckson added a revision to T1702: Deploy Complector aka la source: D2624: Deploy Vault.
Mar 29 2022, 22:54 · Salt, Vault, security, Servers

Mar 26 2022

dereckson added a revision to T1702: Deploy Complector aka la source: D2639: Allow to recreate Vault configuration as DRP plan B.
Mar 26 2022, 15:19 · Salt, Vault, security, Servers
dereckson added a revision to T1425: Provision secrets through Salt: D2638: Deploy policies for Vault.
Mar 26 2022, 15:09 · security, Nasqueron Operations Squad, Vault, Salt

Mar 24 2022

dereckson moved T930: Secrets to migrate from DevCentral to Vault from Backlog to In progress on the User-Dereckson board.
Mar 24 2022, 00:50 · User-Dereckson, Vault, Nasqueron Operations Squad, security
dereckson added a project to T930: Secrets to migrate from DevCentral to Vault: User-Dereckson.
Mar 24 2022, 00:49 · User-Dereckson, Vault, Nasqueron Operations Squad, security
dereckson updated the task description for T930: Secrets to migrate from DevCentral to Vault.
Mar 24 2022, 00:48 · User-Dereckson, Vault, Nasqueron Operations Squad, security
dereckson updated the task description for T930: Secrets to migrate from DevCentral to Vault.
Mar 24 2022, 00:46 · User-Dereckson, Vault, Nasqueron Operations Squad, security
dereckson claimed T930: Secrets to migrate from DevCentral to Vault.

Migrated secrets

Mar 24 2022, 00:43 · User-Dereckson, Vault, Nasqueron Operations Squad, security

Mar 22 2022

dereckson added a revision to T1702: Deploy Complector aka la source: D2615: Deploy Vault and Salt master on Complector.
Mar 22 2022, 18:29 · Salt, Vault, security, Servers
dereckson added a revision to T1619: Connect all baremetal servers to Drake network: D2594: Reconfigure GRE tunnels.
Mar 22 2022, 18:20 · Servers, Drake network, security, Operations sprints (Consolidate them all)
dereckson added a revision to T1619: Connect all baremetal servers to Drake network: D2596: Set kernel state for router.
Mar 22 2022, 18:19 · Servers, Drake network, security, Operations sprints (Consolidate them all)
dereckson added a revision to T1616: Build a bastion - load balancers - private instances network topology: D2596: Set kernel state for router.
Mar 22 2022, 18:18 · security, Operations sprints (Consolidate them all)

Mar 15 2022

dereckson added a parent task for T1619: Connect all baremetal servers to Drake network: T1702: Deploy Complector aka la source.
Mar 15 2022, 00:44 · Servers, Drake network, security, Operations sprints (Consolidate them all)
dereckson added a subtask for T1702: Deploy Complector aka la source: T1619: Connect all baremetal servers to Drake network.
Mar 15 2022, 00:44 · Salt, Vault, security, Servers
dereckson added a parent task for T1702: Deploy Complector aka la source: Unknown Object (Maniphest Task).
Mar 15 2022, 00:44 · Salt, Vault, security, Servers
dereckson added a parent task for T1702: Deploy Complector aka la source: T923: Switch Vault to restricted network.
Mar 15 2022, 00:43 · Salt, Vault, security, Servers
dereckson updated the task description for T1702: Deploy Complector aka la source.
Mar 15 2022, 00:43 · Salt, Vault, security, Servers
dereckson created T1702: Deploy Complector aka la source.
Mar 15 2022, 00:42 · Salt, Vault, security, Servers
dereckson reopened T1627: Supersede equatower.nasqueron.org by docker-002.nasqueron.org as "Open".

Perhaps replace references here too: https://code.nasqueron.org/?q=equatower&i=nope&literal=nope&files=&excludeFiles=&repos=

Mar 15 2022, 00:40 · Operations sprints (Consolidate them all), Servers, Salt, security
dereckson added a comment to T1627: Supersede equatower.nasqueron.org by docker-002.nasqueron.org.

All tasks seem done, as we've docker-001 running for more than one year without any issue.

Mar 15 2022, 00:37 · Operations sprints (Consolidate them all), Servers, Salt, security
First
Prev
Next
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator