Page MenuHomeDevCentral
Feed Advanced Search

Advanced Search
Use Results
Hide Query

May 20 2023

dereckson attached a referenced file: F2221257: Screenshot 2023-05-20 at 18.52.56.png.
May 20 2023, 17:31 · DevCentral, security
dereckson created an object: Setup 2FA.
May 20 2023, 17:31 · DevCentral, security
dereckson added a comment to T1879: Draft a 2FA policy.

2FA enabled

May 20 2023, 16:48 · discussion, security, DevCentral
dereckson created T1879: Draft a 2FA policy.
May 20 2023, 16:48 · discussion, security, DevCentral
dereckson updated the task description for T1878: Allow to run queries for reporting.
May 20 2023, 15:45 · Monitoring and reporting, security, DBA, Servers
dereckson added a comment to T1878: Allow to run queries for reporting.

As a minimum, to have somewhere (a reports repository?) where we can write those report queries could already be useful, so we don't lose them.

May 20 2023, 15:43 · Monitoring and reporting, security, DBA, Servers
dereckson created T1878: Allow to run queries for reporting.
May 20 2023, 15:42 · Monitoring and reporting, security, DBA, Servers
dereckson triaged T1877: Evaluate Alcali - Salt front-end as Normal priority.
May 20 2023, 14:25 · security, Salt, Servers, Product evaluation

May 19 2023

dereckson updated the task description for T1861: Configure static IPv6 on WindRiver.
May 19 2023, 02:17 · security, Servers, IPv6

May 18 2023

dereckson closed T1779: Provision docker-002 Docker Engine as Resolved.
May 18 2023, 12:00 · Salt, Docker images, Servers, security
dereckson added a comment to T1779: Provision docker-002 Docker Engine.

Server is live and stable.

May 18 2023, 12:00 · Salt, Docker images, Servers, security
dereckson added a comment to T1521: Restrict MySQL access.

Subtask removed to simplify the graph. It's the task where db-B-001 has been created and so solved this one.

May 18 2023, 11:55 · Operations sprints (Consolidate them all), security, Servers
dereckson removed a subtask for T1521: Restrict MySQL access: T1803: Move and migrate Ysul production services elsewhere.
May 18 2023, 11:54 · Operations sprints (Consolidate them all), security, Servers
dereckson moved T1616: Build a bastion - load balancers - private instances network topology from Backlog to Not for this sprint on the Operations sprints (Consolidate them all) board.
May 18 2023, 11:53 · security, Operations sprints (Consolidate them all)
dereckson added a subtask for T1521: Restrict MySQL access: T1803: Move and migrate Ysul production services elsewhere.
May 18 2023, 11:46 · Operations sprints (Consolidate them all), security, Servers
dereckson closed T1521: Restrict MySQL access as Resolved.
May 18 2023, 11:45 · Operations sprints (Consolidate them all), security, Servers
dereckson closed T1521: Restrict MySQL access, a subtask of T1619: Connect all baremetal servers to Drake network, as Resolved.
May 18 2023, 11:45 · Servers, Drake network, security, Operations sprints (Consolidate them all)
dereckson added a comment to T1521: Restrict MySQL access.

Resolved by db-B-001 deployment: MySQL server doesn't have a public IP anymore

May 18 2023, 11:45 · Operations sprints (Consolidate them all), security, Servers
dereckson closed T1702: Deploy Complector aka la source as Resolved.
May 18 2023, 11:44 · Salt, Vault, security, Servers
dereckson closed T1627: Supersede equatower.nasqueron.org by docker-002.nasqueron.org as Resolved.
In T1627#23666, @dereckson wrote:

Perhaps replace references here too: https://code.nasqueron.org/?q=equatower&i=nope&literal=nope&files=&excludeFiles=&repos=

May 18 2023, 09:43 · Operations sprints (Consolidate them all), Servers, Salt, security
dereckson added a revision to T1627: Supersede equatower.nasqueron.org by docker-002.nasqueron.org: D3103: Supersede Equatower references by docker-002.
May 18 2023, 09:42 · Operations sprints (Consolidate them all), Servers, Salt, security
dereckson added a revision to T1627: Supersede equatower.nasqueron.org by docker-002.nasqueron.org: D3102: Supersede Equatower references by docker-002.
May 18 2023, 09:38 · Operations sprints (Consolidate them all), Servers, Salt, security
dereckson added a revision to T1627: Supersede equatower.nasqueron.org by docker-002.nasqueron.org: D3101: Supersede Equatower references by docker-002.
May 18 2023, 09:35 · Operations sprints (Consolidate them all), Servers, Salt, security
dereckson renamed T1627: Supersede equatower.nasqueron.org by docker-002.nasqueron.org from Supersede equatower.nasqueron.org by docker-001.nasqueron.org to Supersede equatower.nasqueron.org by docker-002.nasqueron.org.
May 18 2023, 09:35 · Operations sprints (Consolidate them all), Servers, Salt, security

May 15 2023

dereckson added a comment to T1145: Don't truncate passwords.

Password truncation
Passwords are explicitly truncated to 25 characters in load_helpers functions:

May 15 2023, 17:08 · security, Odderon

May 13 2023

dereckson added a comment to T1861: Configure static IPv6 on WindRiver.

DUID published in Vault under ops/secrets/network/DUID/2001:bc8:2e84:700::

May 13 2023, 13:27 · security, Servers, IPv6
dereckson moved T1861: Configure static IPv6 on WindRiver from Backlog to Analysis / under discussion on the Servers board.
May 13 2023, 12:24 · security, Servers, IPv6
dereckson triaged T1861: Configure static IPv6 on WindRiver as Normal priority.
May 13 2023, 12:24 · security, Servers, IPv6
dereckson added a comment to T1861: Configure static IPv6 on WindRiver.

2001:bc8:2e84:700:: /56 should be used for WindRiver addresses.

May 13 2023, 12:23 · security, Servers, IPv6
dereckson added a comment to T1861: Configure static IPv6 on WindRiver.

Autoconfig IP isn't in our block

May 13 2023, 12:14 · security, Servers, IPv6
dereckson added a project to T1861: Configure static IPv6 on WindRiver: security.
May 13 2023, 12:08 · security, Servers, IPv6

May 6 2023

dereckson moved T1770: Drop credentials from MySQL containers' environment from Backlog to Backlog - Docker on the Operations sprints (Ignite Alkane Propulsion) board.
May 6 2023, 15:55 · Operations sprints (Ignite Alkane Propulsion), Nasqueron Docker deployment squad, Salt, security
dereckson moved T1765: SELinux context is missing for /etc/nginx configuration files from Backlog to Backlog - Docker on the Operations sprints (Ignite Alkane Propulsion) board.
May 6 2023, 15:55 · Operations sprints (Ignite Alkane Propulsion), Salt, security, Nasqueron Docker deployment squad, Servers

Apr 13 2023

dereckson closed T1829: Don't listen to world SSH for IntraNought servers as Resolved by committing rOPSe295e695501b: Don't listen to world SSH for IntraNought servers.
Apr 13 2023, 23:59 · security, Servers
dereckson added a revision to T1829: Don't listen to world SSH for IntraNought servers : D3012: Don't listen to world SSH for IntraNought servers.
Apr 13 2023, 23:47 · security, Servers

Apr 12 2023

dereckson added a revision to T1829: Don't listen to world SSH for IntraNought servers : D3004: Resolve private network interface.
Apr 12 2023, 19:39 · security, Servers
dereckson triaged T1829: Don't listen to world SSH for IntraNought servers as High priority.
Apr 12 2023, 00:26 · security, Servers

Apr 2 2023

dereckson moved T1763: Detect if a new VMWARE ESXi patch version is available from Backlog to Checks on the Monitoring and reporting board.
Apr 2 2023, 10:23 · User-inidal, Monitoring and reporting, security

Mar 28 2023

dereckson added a comment to T1779: Provision docker-002 Docker Engine.

https://api.nasqueron.org/infra/servers.json

Mar 28 2023, 01:05 · Salt, Docker images, Servers, security

Mar 24 2023

dereckson closed T720: Ysul: cannot stat /etc/login.conf: Not permitted in capability mode as Resolved.

Not present in recent FreeBSD machines, so I guess it was solved during an OS upgrade.

Mar 24 2023, 01:14 · security, Servers

Mar 7 2023

dereckson closed T1425: Provision secrets through Salt as Resolved.

All secrets are now stored in Vault and provisioned through Salt, with policies restricting access to secrets by node.

Mar 7 2023, 20:26 · security, Nasqueron Operations Squad, Vault, Salt
dereckson closed T930: Secrets to migrate from DevCentral to Vault as Resolved.
Mar 7 2023, 20:19 · User-Dereckson, Vault, Nasqueron Operations Squad, security
dereckson added a comment to T930: Secrets to migrate from DevCentral to Vault.

And with the Zemke-Rhyne decom, we're done.

Mar 7 2023, 20:19 · User-Dereckson, Vault, Nasqueron Operations Squad, security
dereckson added a revision to T930: Secrets to migrate from DevCentral to Vault: D2854: Decommission Zemke-Rhyne.
Mar 7 2023, 20:14 · User-Dereckson, Vault, Nasqueron Operations Squad, security
dereckson added a revision to T1779: Provision docker-002 Docker Engine: D2851: Decommission docker-001.
Mar 7 2023, 19:51 · Salt, Docker images, Servers, security
dereckson added a revision to T1779: Provision docker-002 Docker Engine: D2787: Provision docker-002.
Mar 7 2023, 19:10 · Salt, Docker images, Servers, security

Mar 4 2023

dereckson added a revision to T1779: Provision docker-002 Docker Engine: D2837: Update tommy_cd back-end URL.
Mar 4 2023, 19:05 · Salt, Docker images, Servers, security

Mar 3 2023

dereckson closed T1594: Acquisitariat and Etherpad issue as Resolved.

Those issues are resolved now we use Vault to provision passwords.

Mar 3 2023, 20:15 · Operations sprints (Consolidate them all), Vault, security, Nasqueron Docker deployment squad
dereckson added a revision to T1779: Provision docker-002 Docker Engine: D2827: Update api.nasqueron.org API configuration.
Mar 3 2023, 19:08 · Salt, Docker images, Servers, security
dereckson added projects to T1779: Provision docker-002 Docker Engine: Servers, Docker images, Salt.
Mar 3 2023, 19:05 · Salt, Docker images, Servers, security
dereckson added a revision to T1779: Provision docker-002 Docker Engine: D2826: Update api-datasources service URL.
Mar 3 2023, 17:16 · Salt, Docker images, Servers, security
dereckson triaged T1779: Provision docker-002 Docker Engine as High priority.
Mar 3 2023, 17:15 · Salt, Docker images, Servers, security
dereckson closed T1775: Provision notifications CLI configuration file as Resolved by committing rOPS936e401ff3a4: Update connection information to broker for notifications CLI.
Mar 3 2023, 16:59 · Salt, security, Notifications center

Mar 2 2023

dereckson moved T1775: Provision notifications CLI configuration file from Backlog to Pending review on the security board.
Mar 2 2023, 17:38 · Salt, security, Notifications center
dereckson claimed T1775: Provision notifications CLI configuration file.
Mar 2 2023, 17:38 · Salt, security, Notifications center
dereckson added a revision to T1775: Provision notifications CLI configuration file: D2824: Update connection information to broker for notifications CLI.
Mar 2 2023, 17:38 · Salt, security, Notifications center
dereckson closed T1776: Avoid Salt to print diff against files with credentials as Resolved by committing rOPSeda2176a0476: Don't print diff changes when credentials can be exposed.
Mar 2 2023, 17:28 · security, Salt
dereckson added a revision to T1776: Avoid Salt to print diff against files with credentials: D2823: Don't print diff changes when credentials can be exposed.
Mar 2 2023, 17:28 · security, Salt
dereckson created T1776: Avoid Salt to print diff against files with credentials.
Mar 2 2023, 17:18 · security, Salt
dereckson triaged T1775: Provision notifications CLI configuration file as Normal priority.
Mar 2 2023, 17:17 · Salt, security, Notifications center

Feb 16 2023

dereckson added a revision to T930: Secrets to migrate from DevCentral to Vault: D2800: Switch credentials from Zemke-Rhyme to Vault.
Feb 16 2023, 21:27 · User-Dereckson, Vault, Nasqueron Operations Squad, security
dereckson added a revision to T1425: Provision secrets through Salt: D2800: Switch credentials from Zemke-Rhyme to Vault.
Feb 16 2023, 21:27 · security, Nasqueron Operations Squad, Vault, Salt

Feb 9 2023

dereckson closed T1733: Store credentials in Vault as Resolved.
Feb 9 2023, 22:25 · security, Vault, Dæghrefn
dereckson updated subscribers of T1770: Drop credentials from MySQL containers' environment.
Feb 9 2023, 21:56 · Operations sprints (Ignite Alkane Propulsion), Nasqueron Docker deployment squad, Salt, security
dereckson moved T1770: Drop credentials from MySQL containers' environment from Backlog to Servers config on the Salt board.
Feb 9 2023, 21:55 · Operations sprints (Ignite Alkane Propulsion), Nasqueron Docker deployment squad, Salt, security
dereckson triaged T1770: Drop credentials from MySQL containers' environment as Normal priority.
Feb 9 2023, 21:55 · Operations sprints (Ignite Alkane Propulsion), Nasqueron Docker deployment squad, Salt, security

Feb 7 2023

DorianWinty moved T1484: Upgrade Laravel framework from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Feb 7 2023, 21:09 · Restricted Project, security, Technical debt, Notifications center

Feb 6 2023

dereckson moved T1765: SELinux context is missing for /etc/nginx configuration files from Backlog to Servers config on the Salt board.
Feb 6 2023, 20:42 · Operations sprints (Ignite Alkane Propulsion), Salt, security, Nasqueron Docker deployment squad, Servers
dereckson triaged T1765: SELinux context is missing for /etc/nginx configuration files as Normal priority.
Feb 6 2023, 20:41 · Operations sprints (Ignite Alkane Propulsion), Salt, security, Nasqueron Docker deployment squad, Servers
dereckson added a comment to T1627: Supersede equatower.nasqueron.org by docker-002.nasqueron.org.
In T1627#23666, @dereckson wrote:

Perhaps replace references here too: https://code.nasqueron.org/?q=equatower&i=nope&literal=nope&files=&excludeFiles=&repos=

Feb 6 2023, 20:38 · Operations sprints (Consolidate them all), Servers, Salt, security
dereckson triaged T1763: Detect if a new VMWARE ESXi patch version is available as High priority.
Feb 6 2023, 20:28 · User-inidal, Monitoring and reporting, security

Sep 25 2022

dereckson added a revision to T1484: Upgrade Laravel framework: D2716: Update to Laravel 9.
Sep 25 2022, 07:32 · Restricted Project, security, Technical debt, Notifications center

Sep 23 2022

DorianWinty closed T1484: Upgrade Laravel framework as Resolved.

For now we are in Laravel 9

Sep 23 2022, 21:43 · Restricted Project, security, Technical debt, Notifications center
DorianWinty moved T1484: Upgrade Laravel framework from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Sep 23 2022, 21:33 · Restricted Project, security, Technical debt, Notifications center

Sep 14 2022

DorianWinty moved T1484: Upgrade Laravel framework from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Sep 14 2022, 17:31 · Restricted Project, security, Technical debt, Notifications center

Sep 13 2022

DorianWinty added a revision to T1484: Upgrade Laravel framework: D2710: Update dependencies.
Sep 13 2022, 17:35 · Restricted Project, security, Technical debt, Notifications center
DorianWinty added a revision to T1484: Upgrade Laravel framework: D2709: Update dependencies.
Sep 13 2022, 14:01 · Restricted Project, security, Technical debt, Notifications center
DorianWinty moved T1484: Upgrade Laravel framework from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Sep 13 2022, 10:45 · Restricted Project, security, Technical debt, Notifications center

Jun 25 2022

dereckson moved T1292: userlist.db is saved in 644 from Backlog to Darkbot bugs on the Odderon board.
Jun 25 2022, 01:04 · good-first-issue, security, Odderon
dereckson added a parent task for T1656: Convert daeghrefn. for Uspection use: T934: Documentation site.
Jun 25 2022, 01:03 · upsection, security, documentation, IRC, Dæghrefn
dereckson moved T1656: Convert daeghrefn. for Uspection use from Backlog to Documentation on the Dæghrefn board.
Jun 25 2022, 01:02 · upsection, security, documentation, IRC, Dæghrefn

Jun 5 2022

DorianWinty added a comment to T1484: Upgrade Laravel framework.

For now, Laravel 8 :

Jun 5 2022, 07:18 · Restricted Project, security, Technical debt, Notifications center

Jun 4 2022

DorianWinty added a project to T1484: Upgrade Laravel framework: Restricted Project.
Jun 4 2022, 21:26 · Restricted Project, security, Technical debt, Notifications center
dereckson updated the task description for T1484: Upgrade Laravel framework.
Jun 4 2022, 20:05 · Restricted Project, security, Technical debt, Notifications center
dereckson added a comment to T1484: Upgrade Laravel framework.

@DorianWinty Would be useful to apply https://laravel.com/docs/9.x/upgrade so we're really up to date.

Jun 4 2022, 20:04 · Restricted Project, security, Technical debt, Notifications center
dereckson assigned T1484: Upgrade Laravel framework to DorianWinty.
Jun 4 2022, 20:02 · Restricted Project, security, Technical debt, Notifications center

May 12 2022

dereckson added a revision to T1733: Store credentials in Vault: D2687: Configure ViperServ eggdrops to use Vault.
May 12 2022, 22:54 · security, Vault, Dæghrefn
dereckson added a revision to T1733: Store credentials in Vault: D2686: Fetch credentials from Vault.
May 12 2022, 22:22 · security, Vault, Dæghrefn
dereckson triaged T1733: Store credentials in Vault as Normal priority.
May 12 2022, 22:22 · security, Vault, Dæghrefn

May 8 2022

dereckson triaged T1732: Save PHP errors in a separate log than stdout/the nginx error one as High priority.
May 8 2022, 17:30 · security, Docker images, DevCentral

Apr 15 2022

dereckson added a comment to T1616: Build a bastion - load balancers - private instances network topology.

For Salt and Vault, we're already using the private network.

Apr 15 2022, 19:21 · security, Operations sprints (Consolidate them all)
dereckson closed T1619: Connect all baremetal servers to Drake network as Resolved.

We're done here :)

Apr 15 2022, 19:20 · Servers, Drake network, security, Operations sprints (Consolidate them all)
dereckson closed T1619: Connect all baremetal servers to Drake network, a subtask of T1702: Deploy Complector aka la source, as Resolved.
Apr 15 2022, 19:20 · Salt, Vault, security, Servers
dereckson closed T1619: Connect all baremetal servers to Drake network, a subtask of T1616: Build a bastion - load balancers - private instances network topology, as Resolved.
Apr 15 2022, 19:20 · security, Operations sprints (Consolidate them all)
dereckson updated the task description for T1619: Connect all baremetal servers to Drake network.
Apr 15 2022, 19:20 · Servers, Drake network, security, Operations sprints (Consolidate them all)
dereckson added a comment to T1702: Deploy Complector aka la source.

Vault is live and Salt deployments were successful to cloudhugger dwellers windriver ysul (and Complector itself).

Apr 15 2022, 19:19 · Salt, Vault, security, Servers
dereckson added a revision to T1616: Build a bastion - load balancers - private instances network topology: D2672: Prune salt-primary role on Ysul and WindRiver.
Apr 15 2022, 19:16 · security, Operations sprints (Consolidate them all)
dereckson added a revision to T1702: Deploy Complector aka la source: D2672: Prune salt-primary role on Ysul and WindRiver.
Apr 15 2022, 19:16 · Salt, Vault, security, Servers
dereckson added a revision to T1425: Provision secrets through Salt: D2671: Avoid a server to keep access to stale Vault policies.
Apr 15 2022, 19:11 · security, Nasqueron Operations Squad, Vault, Salt
dereckson added a revision to T1425: Provision secrets through Salt: D2669: Avoid to share credentials between dev and prod Docker engines.
Apr 15 2022, 17:53 · security, Nasqueron Operations Squad, Vault, Salt
First
Prev
Next
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator