Page MenuHomeDevCentral
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Today

dereckson renamed T2125: Review Vault policies from vault_secrets_by_role from Review Vault policies to Review Vault policies from vault_secrets_by_role.
Sun, Sep 14, 00:58 · Nasqueron Docker deployment squad, Servers
dereckson triaged T2125: Review Vault policies from vault_secrets_by_role as High priority.
Sun, Sep 14, 00:57 · Nasqueron Docker deployment squad, Servers

Fri, Sep 12

dereckson moved T2123: Fix tests for operations repository from Backlog to Ops on the Technical debt board.
Fri, Sep 12, 17:51 · Technical debt, Servers
dereckson moved T2123: Fix tests for operations repository from Backlog to Pending review on the Servers board.
Fri, Sep 12, 17:51 · Technical debt, Servers
dereckson added a comment to T2123: Fix tests for operations repository.
In T2123#32403, @dereckson wrote:

Tests fix commits will be aggregated in datacube T2123-improve-tests-suite branch, so we can have a look of what's remaining to fix.

Fri, Sep 12, 17:50 · Technical debt, Servers
dereckson added a revision to T2123: Fix tests for operations repository: D3665: Prune unused webserver-content index generator.
Fri, Sep 12, 17:46 · Technical debt, Servers
dereckson added a revision to T2123: Fix tests for operations repository: D3664: Deploy the monitoring Vault policy.
Fri, Sep 12, 17:19 · Technical debt, Servers
dereckson added a revision to T2123: Fix tests for operations repository: D3663: Fix node.resolve_network tests.
Fri, Sep 12, 17:15 · Technical debt, Servers

Thu, Sep 11

dereckson added a revision to T2123: Fix tests for operations repository: D3662: Read flatter docker_networks pillar.
Thu, Sep 11, 23:56 · Technical debt, Servers
dereckson added a revision to T2123: Fix tests for operations repository: D3661: Avoid unittest deprecated aliases.
Thu, Sep 11, 23:09 · Technical debt, Servers
dereckson added a revision to T2123: Fix tests for operations repository: D3660: Fix docker_containers app_port/host test.
Thu, Sep 11, 22:58 · Technical debt, Servers
dereckson added a comment to T2123: Fix tests for operations repository.

Tests commits will be aggregates in datacube T2123-improve-tests-suite branch, so we can have a look of what's remaining to fix.

Thu, Sep 11, 22:18 · Technical debt, Servers
dereckson added a revision to T2123: Fix tests for operations repository: D3659: Handle ssh_keys_by_forest and everywhere_tasks in pillar users test.
Thu, Sep 11, 22:16 · Technical debt, Servers
dereckson updated subscribers of T2123: Fix tests for operations repository.

Going to take this, as I wrote the tests suite, @DorianWinty will review.

Thu, Sep 11, 22:15 · Technical debt, Servers
dereckson triaged T2123: Fix tests for operations repository as High priority.
Thu, Sep 11, 22:15 · Technical debt, Servers

Wed, Sep 10

dereckson added a comment to T2067: Deploy an OpenBSD server.

Why not port encrypt to FreeBSD?

Wed, Sep 10, 22:57 · Servers
dereckson added a comment to T2081: Deploy Snuffleupagus.

Support for PHP 8.4 is still there.

Wed, Sep 10, 22:56 · PHP 8.x support, Product evaluation, Servers, Alkane
dereckson closed T2113: systemd-hostnamed service can't be launched - SELinux blocks it - starship as Resolved by committing rOPSe5ec87dfe258: Allow systemd-hostnamed to create socket when called from Varlink.
Wed, Sep 10, 22:51 · Servers
dereckson closed T2115: Update Dwellers packages as Resolved.

Uninstalled certbot.
Pruned old Python 3 dependencies.
Updated EPEL repo to epel-release-10-6
Updated packages
Reinstalled certbot, now running under Python 3.12 too.

Wed, Sep 10, 22:30 · Servers
dereckson added a comment to T2115: Update Dwellers packages.

Just for information, working on T2113, I've first updated the packages non related to that conflict, so I had fresh packages for both systemd and selinux config.

Wed, Sep 10, 22:24 · Servers
dereckson added a comment to T2122: Package starship for EPEL.

https://snapcraft.io/starship - last update: 27 April 2023 - latest/edge

Wed, Sep 10, 22:10 · Servers
dereckson added a revision to T2113: systemd-hostnamed service can't be launched - SELinux blocks it - starship: D3658: Allow systemd-hostnamed to create socket when called from Varlink.
Wed, Sep 10, 22:06 · Servers
dereckson added a comment to T2113: systemd-hostnamed service can't be launched - SELinux blocks it - starship.

Was looking to offer a fix upstream, like read hostname from /proc/sys/kernel/hostname on Linux, but then I've realised this is an interaction issue with snap, starship, systemd and SELinux.

Wed, Sep 10, 22:03 · Servers
dereckson triaged T2122: Package starship for EPEL as Low priority.
Wed, Sep 10, 22:00 · Servers
dereckson added a comment to T2113: systemd-hostnamed service can't be launched - SELinux blocks it - starship.

Decreasing priority, as it only occurs with Starship.

Wed, Sep 10, 21:12 · Servers
dereckson renamed T2113: systemd-hostnamed service can't be launched - SELinux blocks it - starship from systemd-hostnamed service can't be launched - SELinux blocks it to systemd-hostnamed service can't be launched - SELinux blocks it - starship.
Wed, Sep 10, 21:11 · Servers
dereckson added a comment to T2113: systemd-hostnamed service can't be launched - SELinux blocks it - starship.

Normal behavior observed with the policy:

Wed, Sep 10, 21:10 · Servers
dereckson added a comment to T2113: systemd-hostnamed service can't be launched - SELinux blocks it - starship.

Still an error with last packages versions.

Wed, Sep 10, 21:09 · Servers
dereckson added a comment to T2113: systemd-hostnamed service can't be launched - SELinux blocks it - starship.

audit2allow policy

Wed, Sep 10, 21:01 · Servers
dereckson added a comment to T2103: Upgrade servers to FreeBSD 14.3.

Bumping for 14.3, are still going on, it makes sense to target latest version

Wed, Sep 10, 19:41 · Servers
dereckson renamed T2103: Upgrade servers to FreeBSD 14.3 from Upgrade servers to FreeBSD 14.2 to Upgrade servers to FreeBSD 14.3.
Wed, Sep 10, 19:41 · Servers
dereckson renamed T2112: Renew Vault web server certificate automatically from Renew Vault HTTPS certificate automatically to Renew Vault web server certificate automatically.
Wed, Sep 10, 19:38 · security, Servers
dereckson renamed T2112: Renew Vault web server certificate automatically from Renew Vault HTTP certificate automatically to Renew Vault HTTPS certificate automatically.
Wed, Sep 10, 19:38 · security, Servers
dereckson renamed T2112: Renew Vault web server certificate automatically from Renew Vault certificate to Renew Vault HTTP certificate automatically.
Wed, Sep 10, 19:38 · security, Servers
dereckson added a revision to T2112: Renew Vault web server certificate automatically: D3657: Renew Vault intermediate authority certificate.
Wed, Sep 10, 19:34 · security, Servers
dereckson added a comment to T2112: Renew Vault web server certificate automatically.

First step is to create a script to renew all needed certificates:

Wed, Sep 10, 19:31 · security, Servers
dereckson closed T2116: Drop of OCSP Service as Resolved.
Wed, Sep 10, 19:01 · Servers, Nasqueron Operations Squad
dereckson added a comment to T2116: Drop of OCSP Service.

Applied to Hervil, was missing there.

Wed, Sep 10, 19:01 · Servers, Nasqueron Operations Squad

Tue, Sep 2

DorianWinty added a revision to T1217: Host our DNS servers: D3654: Define nasqueron.org DNS zone.
Tue, Sep 2, 20:41 · Servers
DorianWinty added a revision to T1217: Host our DNS servers: D3652: Define testdom for ook.space to test on windriver dns.
Tue, Sep 2, 17:52 · Servers
dereckson edited P372 DNS - Raw AXFR output - nasqueron.org.
Tue, Sep 2, 17:03 · DNS, Servers

Sun, Aug 31

dereckson closed T2120: Don't allow infinite grow of MariaDB binary log as Resolved by committing rOPS9e78009934a7: Sets the MariaDB binary log expiration.
Sun, Aug 31, 15:48 · DBA, Servers
dereckson added a comment to T2017: Install WindRiver replacement server.

Find more easily the gateway

Sun, Aug 31, 15:31 · Servers

Jul 27 2025

dereckson added a revision to T2120: Don't allow infinite grow of MariaDB binary log: D3645: Sets the MariaDB binary log expiration.
Jul 27 2025, 15:51 · DBA, Servers
dereckson added a comment to T2120: Don't allow infinite grow of MariaDB binary log.

For reference, the configuration contains max_binlog_size = 1000M. This only affects the maximal size of ONE log file, but it can create as many as needed.

Jul 27 2025, 15:47 · DBA, Servers
dereckson added a comment to T2120: Don't allow infinite grow of MariaDB binary log.

For dbserver-mysql role, configuration is located at roles/dbserver-mysql/mysql-server/files/conf.d/server.cnf

Jul 27 2025, 15:45 · DBA, Servers
dereckson triaged T2120: Don't allow infinite grow of MariaDB binary log as High priority.
Jul 27 2025, 15:40 · DBA, Servers

Jun 12 2025

DorianWinty added a revision to T1217: Host our DNS servers: D3641: Get public IPV6 from servers.
Jun 12 2025, 19:06 · Servers

Jun 11 2025

DorianWinty added a revision to T1217: Host our DNS servers: D3640: Deploy KnotDNS on dns server.
Jun 11 2025, 17:37 · Servers

Jun 3 2025

dereckson closed T2118: Load pefs module automatically on devserver role on boot as Resolved by committing rOPS5f9cc5dbd472: Load pefs module at boot time.
Jun 3 2025, 18:38 · Servers
dereckson added a revision to T2118: Load pefs module automatically on devserver role on boot: D3639: Load pefs module at boot time.
Jun 3 2025, 18:37 · Servers
dereckson added a comment to T2118: Load pefs module automatically on devserver role on boot.

There is already a state to enable the module, freebsd_kernel_modules_enable but it only triggers when pefs-kmod is installed, and only to load the module right now.

Jun 3 2025, 18:29 · Servers

Jun 2 2025

dereckson renamed T2118: Load pefs module automatically on devserver role on boot from Load pefs module automatically on Windriver on boot to Load pefs module automatically on devserver role on boot.
Jun 2 2025, 21:19 · Servers
dereckson triaged T2118: Load pefs module automatically on devserver role on boot as Normal priority.
Jun 2 2025, 21:19 · Servers
dereckson created P372 DNS - Raw AXFR output - nasqueron.org.
Jun 2 2025, 20:24 · DNS, Servers
DorianWinty added a comment to T1217: Host our DNS servers.
To start using Knot DNS, you should complete the following tasks:
Jun 2 2025, 20:02 · Servers
dereckson added a comment to T2096: WindRiver Route to Drake private network Ignored .

Same issue after 2025-06-02 reboot for kernel upgrade, route to 172.27.27.1 is still missing.

Jun 2 2025, 13:56 · Drake network, Servers

May 20 2025

dereckson added a revision to T2116: Drop of OCSP Service: D3638: Prune OCSP nginx configuration.
May 20 2025, 21:14 · Servers, Nasqueron Operations Squad
dereckson added a project to T2116: Drop of OCSP Service: Servers.
May 20 2025, 21:01 · Servers, Nasqueron Operations Squad

May 18 2025

dereckson removed a project from T2115: Update Dwellers packages: security.
May 18 2025, 09:07 · Servers
dereckson added a project to T2115: Update Dwellers packages: security.
May 18 2025, 09:06 · Servers
dereckson triaged T2115: Update Dwellers packages as High priority.
May 18 2025, 09:06 · Servers
dereckson triaged T2113: systemd-hostnamed service can't be launched - SELinux blocks it - starship as Normal priority.
May 18 2025, 08:55 · Servers
dereckson triaged T2112: Renew Vault web server certificate automatically as High priority.
May 18 2025, 08:46 · security, Servers

Apr 5 2025

dereckson added a comment to T2106: arcanist doesn't work on PHP 8.4.

After arc land is successful:

Apr 5 2025, 14:12 · DevCentral, Servers
dereckson added a comment to T2106: arcanist doesn't work on PHP 8.4.

Next one detected during arc land:

Apr 5 2025, 14:11 · DevCentral, Servers
dereckson added a comment to T2106: arcanist doesn't work on PHP 8.4.

Next one:

Apr 5 2025, 14:04 · DevCentral, Servers

Mar 28 2025

dereckson added a comment to T1931: Dovecot Provisioning.

Monitoring could be as simple as:`

Mar 28 2025, 17:38 · Mail, Restricted Project, Servers
DorianWinty updated the task description for T1931: Dovecot Provisioning.
Mar 28 2025, 16:59 · Mail, Restricted Project, Servers
dereckson updated the title for P370 windriver smartctl - ada0 from windriver smartctl to windriver smartctl - ada0.
Mar 28 2025, 11:47 · Servers

Mar 27 2025

dereckson renamed T2106: arcanist doesn't work on PHP 8.4 from arcanist doesn't work on PHP 8,4 to arcanist doesn't work on PHP 8.4.
Mar 27 2025, 21:11 · DevCentral, Servers
dereckson updated subscribers of T2106: arcanist doesn't work on PHP 8.4.
Mar 27 2025, 21:10 · DevCentral, Servers
dereckson updated the task description for T2106: arcanist doesn't work on PHP 8.4.
Mar 27 2025, 19:28 · DevCentral, Servers
dereckson added a comment to T2106: arcanist doesn't work on PHP 8.4.

Decreased priority as it was on my local laptop, WindRiver is still 8.3.16.

Mar 27 2025, 19:28 · DevCentral, Servers
dereckson lowered the priority of T2106: arcanist doesn't work on PHP 8.4 from High to Normal.
Mar 27 2025, 19:28 · DevCentral, Servers
DorianWinty added a revision to T1931: Dovecot Provisioning: D3627: Provision custom build of dovecot.
Mar 27 2025, 18:45 · Mail, Restricted Project, Servers
dereckson triaged T2106: arcanist doesn't work on PHP 8.4 as High priority.
Mar 27 2025, 18:33 · DevCentral, Servers
dereckson added a parent task for T2105: Use HE as secondary DNS server: T1217: Host our DNS servers.
Mar 27 2025, 18:26 · DNS, Servers
dereckson added a subtask for T1217: Host our DNS servers: T2105: Use HE as secondary DNS server.
Mar 27 2025, 18:26 · Servers
dereckson updated the task description for T1217: Host our DNS servers.
Mar 27 2025, 18:26 · Servers
DorianWinty triaged T2105: Use HE as secondary DNS server as Normal priority.
Mar 27 2025, 18:25 · DNS, Servers
dereckson added a comment to T1217: Host our DNS servers.

Knot uses also the same format, last dump for nasqueron.org available at P369.

Mar 27 2025, 18:25 · Servers
DorianWinty added a project to T1218: Provision primary DNS server: Restricted Project.
Mar 27 2025, 18:24 · Restricted Project, DNS, Servers

Mar 12 2025

DorianWinty added a revision to T2098: acme.sh configure provisionning of the nginx check and reload: D3626: Permit safe reload of nginx.
Mar 12 2025, 21:29 · Servers

Jan 28 2025

dereckson added a comment to T2103: Upgrade servers to FreeBSD 14.3.

WindRiver looks stable enough, green light for other servers (still router-001 excepted)

Jan 28 2025, 18:42 · Servers

Jan 15 2025

dereckson added a comment to T2103: Upgrade servers to FreeBSD 14.3.
In T2103#32089, @dereckson wrote:

False alert, server correctly booted but doesn't answer ICMP packets, see T2104.

Jan 15 2025, 14:48 · Servers
dereckson closed T2104: WindRiver doesn't answer ICMP packages as Invalid.

Problem from the guest network firewall, not about WindRiver.

Jan 15 2025, 14:47 · Servers
dereckson added a comment to T2103: Upgrade servers to FreeBSD 14.3.

False alert, server correctly booted but doesn't answer ICMP packets, see T2104.

Jan 15 2025, 12:28 · Servers
dereckson triaged T2104: WindRiver doesn't answer ICMP packages as Normal priority.
Jan 15 2025, 12:27 · Servers
dereckson claimed T2103: Upgrade servers to FreeBSD 14.3.

On WindRiver. 14.2 has been upgraded, not alive after reboot.

Jan 15 2025, 11:18 · Servers
dereckson triaged T2103: Upgrade servers to FreeBSD 14.3 as High priority.
Jan 15 2025, 11:18 · Servers

Jan 3 2025

dereckson updated the task description for T2043: Switch to acme.sh instead of certbot.
Jan 3 2025, 12:08 · Operations sprints (Ignite Alkane Propulsion), Servers
dereckson updated the task description for T2043: Switch to acme.sh instead of certbot.
Jan 3 2025, 12:06 · Operations sprints (Ignite Alkane Propulsion), Servers

Jan 2 2025

DorianWinty closed T1548: Update mailer configuration, a subtask of T1547: Consolidate DevCentral Docker image, as Wontfix.
Jan 2 2025, 15:17 · User-Dereckson, DevCentral, Servers, Technical debt, Nasqueron Docker deployment squad, Docker images
DorianWinty added a project to T2098: acme.sh configure provisionning of the nginx check and reload: Servers.
Jan 2 2025, 14:55 · Servers

Dec 3 2024

dereckson added a project to T2096: WindRiver Route to Drake private network Ignored : Drake network.
Dec 3 2024, 17:35 · Drake network, Servers
aceppaluni added a project to T2096: WindRiver Route to Drake private network Ignored : Servers.
Dec 3 2024, 17:30 · Drake network, Servers
dereckson triaged T2095: Disk ada2 lost on WindRiver as High priority.
Dec 3 2024, 02:56 · Servers

Dec 2 2024

dereckson added a comment to T1294: Dockerize tools.nasqueron.org.

Next step: nginx configuration inside the container

Dec 2 2024, 00:03 · Operations sprints (Consolidate them all), Docker images, Nasqueron Tools, Servers

Dec 1 2024

dereckson added a comment to T1294: Dockerize tools.nasqueron.org.

DNS change

Dec 1 2024, 23:55 · Operations sprints (Consolidate them all), Docker images, Nasqueron Tools, Servers
Next
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator