Page MenuHomeDevCentral
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Oct 12 2024

dereckson edited projects for T1602: Provision ACME DNS credentials for core domains on each servers, added: Operations sprints (Ignite Alkane Propulsion); removed Operations sprints (Consolidate them all).
Oct 12 2024, 09:47 · Operations sprints (Ignite Alkane Propulsion), security, Servers
dereckson moved T1602: Provision ACME DNS credentials for core domains on each servers from Pending review to Not for this sprint on the Operations sprints (Consolidate them all) board.
Oct 12 2024, 09:47 · Operations sprints (Ignite Alkane Propulsion), security, Servers
dereckson added a comment to T1602: Provision ACME DNS credentials for core domains on each servers.

This is still needed for acme.sh if we want to provision different *.nasqueron.org certificates on different servers.

Oct 12 2024, 09:47 · Operations sprints (Ignite Alkane Propulsion), security, Servers
dereckson moved T2043: Switch to acme.sh instead of certbot from Backlog to Working on on the Operations sprints (Ignite Alkane Propulsion) board.
Oct 12 2024, 09:45 · Operations sprints (Ignite Alkane Propulsion), Servers
dereckson added a project to T2043: Switch to acme.sh instead of certbot: Operations sprints (Ignite Alkane Propulsion).
Oct 12 2024, 09:45 · Operations sprints (Ignite Alkane Propulsion), Servers
dereckson added a comment to T1599: Install TLS wildcard certificates for nginx fallback vhost.

Really blocked by T1602 if we want to have this on any server without copying private keys around.

Oct 12 2024, 09:45 · Operations sprints (Ignite Alkane Propulsion), Servers
dereckson removed a subtask for T2043: Switch to acme.sh instead of certbot: T1599: Install TLS wildcard certificates for nginx fallback vhost.
Oct 12 2024, 09:44 · Operations sprints (Ignite Alkane Propulsion), Servers
dereckson edited parent tasks for T1599: Install TLS wildcard certificates for nginx fallback vhost, added: T1602: Provision ACME DNS credentials for core domains on each servers; removed: T2043: Switch to acme.sh instead of certbot.
Oct 12 2024, 09:44 · Operations sprints (Ignite Alkane Propulsion), Servers
dereckson added a subtask for T1602: Provision ACME DNS credentials for core domains on each servers: T1599: Install TLS wildcard certificates for nginx fallback vhost.
Oct 12 2024, 09:44 · Operations sprints (Ignite Alkane Propulsion), security, Servers
dereckson added a parent task for T1599: Install TLS wildcard certificates for nginx fallback vhost: T2043: Switch to acme.sh instead of certbot.
Oct 12 2024, 09:44 · Operations sprints (Ignite Alkane Propulsion), Servers
dereckson added a subtask for T2043: Switch to acme.sh instead of certbot: T1599: Install TLS wildcard certificates for nginx fallback vhost.
Oct 12 2024, 09:44 · Operations sprints (Ignite Alkane Propulsion), Servers
dereckson edited projects for T1599: Install TLS wildcard certificates for nginx fallback vhost, added: Operations sprints (Ignite Alkane Propulsion); removed Operations sprints (Consolidate them all).
Oct 12 2024, 09:43 · Operations sprints (Ignite Alkane Propulsion), Servers
dereckson closed T1341: Document what to do if php-fpm lost pid files as Resolved.
Oct 12 2024, 09:40 · PHP 8.x support, Operations sprints (Consolidate them all), documentation, PHP 7 deployment, Servers
dereckson added a revision to T1341: Document what to do if php-fpm lost pid files: D3512: Prune new rc service name php_fpm.
Oct 12 2024, 09:39 · PHP 8.x support, Operations sprints (Consolidate them all), documentation, PHP 7 deployment, Servers
dereckson triaged T1341: Document what to do if php-fpm lost pid files as Normal priority.

The problem is somewhat fixed by two things:

Oct 12 2024, 09:36 · PHP 8.x support, Operations sprints (Consolidate them all), documentation, PHP 7 deployment, Servers
dereckson closed T1563: Declare MKV as video format in nginx configuration as Wontfix.

That's an issue for Chrome to report upstream.

Oct 12 2024, 09:26 · Operations sprints (Consolidate them all), Servers, Salt
dereckson moved T2037: Provide roll on devserver role from New port to Port published on the freebsd-port-wanted board.
Oct 12 2024, 09:14 · Servers, freebsd-port-wanted
dereckson moved T2046: Deploy Medusa on devserver role from New port to Port published on the freebsd-port-wanted board.
Oct 12 2024, 09:14 · upstream, freebsd-port-wanted, Vault, Servers
dereckson added a revision to T2046: Deploy Medusa on devserver role: D3508: Publish alkane, roll, phpfpm_exporter, medusa and salt-tower.
Oct 12 2024, 07:49 · upstream, freebsd-port-wanted, Vault, Servers
dereckson added a revision to T2037: Provide roll on devserver role: D3508: Publish alkane, roll, phpfpm_exporter, medusa and salt-tower.
Oct 12 2024, 07:49 · Servers, freebsd-port-wanted

Oct 10 2024

dereckson added a revision to T2039: Automate Poudriere deployment: D3504: Scrape ccache metrics.
Oct 10 2024, 22:02 · Servers

Oct 9 2024

dereckson closed T2048: Setup reverse DNS for 195.154.30.15 as Resolved.

Local cache is OK.

Oct 9 2024, 18:47 · Servers
dereckson lowered the priority of T2051: Can't renew TLS certificates verified through HTTP on docker engines from High to Normal.
Oct 9 2024, 18:45 · security, Nasqueron Docker deployment squad, Servers
dereckson updated the task description for T2051: Can't renew TLS certificates verified through HTTP on docker engines.
Oct 9 2024, 18:45 · security, Nasqueron Docker deployment squad, Servers
dereckson added a comment to T2051: Can't renew TLS certificates verified through HTTP on docker engines.

Salt SELinux module issue

Oct 9 2024, 18:45 · security, Nasqueron Docker deployment squad, Servers
dereckson updated the task description for T2051: Can't renew TLS certificates verified through HTTP on docker engines.
Oct 9 2024, 18:07 · security, Nasqueron Docker deployment squad, Servers
dereckson added a revision to T2051: Can't renew TLS certificates verified through HTTP on docker engines: D3501: Allow nginx to read /.well-known/acme-challenge.
Oct 9 2024, 17:48 · security, Nasqueron Docker deployment squad, Servers
dereckson moved T2051: Can't renew TLS certificates verified through HTTP on docker engines from Backlog to Pending review on the Servers board.
Oct 9 2024, 17:43 · security, Nasqueron Docker deployment squad, Servers
dereckson moved T2051: Can't renew TLS certificates verified through HTTP on docker engines from Backlog to Working on on the Nasqueron Docker deployment squad board.

SELinux context was the default for anything created under /var, which we didn't allow and aren't interested to allow for nginx.

Oct 9 2024, 17:43 · security, Nasqueron Docker deployment squad, Servers
dereckson triaged T2051: Can't renew TLS certificates verified through HTTP on docker engines as High priority.
Oct 9 2024, 16:02 · security, Nasqueron Docker deployment squad, Servers
dereckson created T2051: Can't renew TLS certificates verified through HTTP on docker engines.
Oct 9 2024, 16:01 · security, Nasqueron Docker deployment squad, Servers

Oct 8 2024

dereckson moved T1676: Serve Zed on webserver-alkane from In progress to Backlog on the User-Dereckson board.
Oct 8 2024, 00:46 · User-Dereckson, Servers, PHP 8.x support, Zed
dereckson moved T1937: Update FreeBSD packages Nasqueron repository from Backlog to Pending review on the Servers board.
Oct 8 2024, 00:46 · Servers, User-Dereckson
dereckson moved T1937: Update FreeBSD packages Nasqueron repository from Backlog to Code review / Peering on the User-Dereckson board.
Oct 8 2024, 00:46 · Servers, User-Dereckson
dereckson moved T1681: Publish schema.nasqueron.org from Next to Backlog on the User-Dereckson board.
Oct 8 2024, 00:45 · Schemas, Salt, User-Dereckson, Servers
dereckson moved T2049: Release api-exec from Backlog to Next on the User-Dereckson board.
Oct 8 2024, 00:45 · Nasqueron API, User-Dereckson, Servers
dereckson moved T2049: Release api-exec from Backlog to New ideas on the Nasqueron API board.
Oct 8 2024, 00:44 · Nasqueron API, User-Dereckson, Servers
dereckson added a project to T2049: Release api-exec: Nasqueron API.
Oct 8 2024, 00:44 · Nasqueron API, User-Dereckson, Servers
dereckson triaged T2049: Release api-exec as Low priority.
Oct 8 2024, 00:44 · Nasqueron API, User-Dereckson, Servers
dereckson moved T2039: Automate Poudriere deployment from Backlog to Pending review on the Servers board.
Oct 8 2024, 00:32 · Servers
dereckson triaged T2043: Switch to acme.sh instead of certbot as High priority.
Oct 8 2024, 00:15 · Operations sprints (Ignite Alkane Propulsion), Servers
dereckson added a comment to T2048: Setup reverse DNS for 195.154.30.15.

Authoritative DNS

Oct 8 2024, 00:15 · Servers
dereckson added a revision to T2037: Provide roll on devserver role: D3499: Install vault-medusa and roll on devserver role.
Oct 8 2024, 00:11 · Servers, freebsd-port-wanted
dereckson added a revision to T2046: Deploy Medusa on devserver role: D3499: Install vault-medusa and roll on devserver role.
Oct 8 2024, 00:11 · upstream, freebsd-port-wanted, Vault, Servers
dereckson added a revision to T1937: Update FreeBSD packages Nasqueron repository : D3498: Support several ABI for FreeBSD packages repository.
Oct 8 2024, 00:05 · Servers, User-Dereckson

Oct 7 2024

dereckson added a revision to T1850: Move packages from Ysul to WindRiver: D3497: Serve packages.nasqueron.org from WindRiver.
Oct 7 2024, 23:26 · Operations sprints (Ignite Alkane Propulsion), Alkane, Servers
dereckson added a comment to T1850: Move packages from Ysul to WindRiver.

DNS change

Oct 7 2024, 23:20 · Operations sprints (Ignite Alkane Propulsion), Alkane, Servers
dereckson added a comment to T1850: Move packages from Ysul to WindRiver.

For RHEL 8, we probably only need docker-processes, but roles/paas-docker/devel refers dive too.

Oct 7 2024, 22:49 · Operations sprints (Ignite Alkane Propulsion), Alkane, Servers
dereckson added a comment to T2048: Setup reverse DNS for 195.154.30.15.

Those two are indeed authoritative:

Oct 7 2024, 22:22 · Servers
dereckson moved T2048: Setup reverse DNS for 195.154.30.15 from Working on to Pending review on the Servers board.
Oct 7 2024, 22:19 · Servers
dereckson added a comment to T2048: Setup reverse DNS for 195.154.30.15.

Done at the console, but DNS records aren't instantaneously updated, and I'm not even sure those are authoritative (they are for poneytelecom.eu):

Oct 7 2024, 22:19 · Servers
dereckson moved T2048: Setup reverse DNS for 195.154.30.15 from Backlog to Working on on the Servers board.
Oct 7 2024, 22:15 · Servers
dereckson triaged T2048: Setup reverse DNS for 195.154.30.15 as High priority.
Oct 7 2024, 22:15 · Servers
dereckson added a comment to T1850: Move packages from Ysul to WindRiver.

2024-10 plan:

Oct 7 2024, 21:02 · Operations sprints (Ignite Alkane Propulsion), Alkane, Servers
dereckson added a comment to T1937: Update FreeBSD packages Nasqueron repository .

Choose to only support FreeBSD:14:amd64 ABI or to use /${ABI}/ in path

Oct 7 2024, 20:52 · Servers, User-Dereckson
dereckson added a revision to T1850: Move packages from Ysul to WindRiver: D3496: Deploy freebsd-repo role on WindRiver.
Oct 7 2024, 20:44 · Operations sprints (Ignite Alkane Propulsion), Alkane, Servers
dereckson added a revision to T1850: Move packages from Ysul to WindRiver: D3495: Create datacube for FreeBSD Nasqueron packages repository.
Oct 7 2024, 20:40 · Operations sprints (Ignite Alkane Propulsion), Alkane, Servers
dereckson added a subtask for T2046: Deploy Medusa on devserver role: T1850: Move packages from Ysul to WindRiver.
Oct 7 2024, 20:27 · upstream, freebsd-port-wanted, Vault, Servers
dereckson added a subtask for T2037: Provide roll on devserver role: T1850: Move packages from Ysul to WindRiver.
Oct 7 2024, 20:27 · Servers, freebsd-port-wanted
dereckson added parent tasks for T1850: Move packages from Ysul to WindRiver: T2046: Deploy Medusa on devserver role, T2037: Provide roll on devserver role.
Oct 7 2024, 20:27 · Operations sprints (Ignite Alkane Propulsion), Alkane, Servers
dereckson triaged T2047: Dovecot :stats listen to world on port 9900 as Normal priority.
Oct 7 2024, 20:17 · Servers, Mail
dereckson moved T2047: Dovecot :stats listen to world on port 9900 from Backlog to Pending review on the Servers board.
Oct 7 2024, 20:17 · Servers, Mail
dereckson moved T2047: Dovecot :stats listen to world on port 9900 from Backlog - On hold pending T1475 to Pending review on the Mail board.
Oct 7 2024, 20:16 · Servers, Mail
dereckson renamed T2047: Dovecot :stats listen to world on port 9900 from Dovecot :stats listen to world on port 9000 to Dovecot :stats listen to world on port 9900.
Oct 7 2024, 20:16 · Servers, Mail
dereckson added a comment to T1931: Dovecot Provisioning.

We also need a monitoring script to detect those cases:

Oct 7 2024, 01:08 · Mail, Restricted Project, Servers
dereckson added a revision to T2039: Automate Poudriere deployment: D3494: Serve ccache metrics and other utilities through api-exec.
Oct 7 2024, 00:17 · Servers

Oct 6 2024

dereckson added a revision to T2039: Automate Poudriere deployment: D3492: Export metrics for ccache.
Oct 6 2024, 17:50 · Servers
dereckson added a revision to T1931: Dovecot Provisioning: D3491: Substitute Jinja variables in Dovecot configuration.
Oct 6 2024, 15:34 · Mail, Restricted Project, Servers
dereckson added a parent task for T2047: Dovecot :stats listen to world on port 9900: T1931: Dovecot Provisioning.
Oct 6 2024, 15:33 · Servers, Mail
dereckson added a subtask for T1931: Dovecot Provisioning: T2047: Dovecot :stats listen to world on port 9900.
Oct 6 2024, 15:33 · Mail, Restricted Project, Servers
dereckson added a revision to T2047: Dovecot :stats listen to world on port 9900: D3490: Listen to 172.27.27.3 for Dovecot statistics.
Oct 6 2024, 15:19 · Servers, Mail
dereckson added a revision to T2039: Automate Poudriere deployment: D3489: Give more resources to build huge ports in Poudriere.
Oct 6 2024, 14:32 · Servers
dereckson updated the task description for T2047: Dovecot :stats listen to world on port 9900.
Oct 6 2024, 11:32 · Servers, Mail
dereckson claimed T2047: Dovecot :stats listen to world on port 9900.
Oct 6 2024, 11:30 · Servers, Mail

Oct 5 2024

dereckson added a comment to T2039: Automate Poudriere deployment.

I've tested poudriered but bump on {"type":"error","message":"Expecting a string for the arguments"} with testport

Oct 5 2024, 23:01 · Servers
dereckson added a revision to T2039: Automate Poudriere deployment: D3486: Use ccache with poudriere.
Oct 5 2024, 19:07 · Servers
dereckson closed T2042: salt-wrapper is missing from devserver, a subtask of T2017: Install WindRiver replacement server, as Resolved.
Oct 5 2024, 19:01 · Servers
dereckson closed T2042: salt-wrapper is missing from devserver as Resolved by committing rOPS1742ae616a70: Install salt-wrapper on devserver role.
Oct 5 2024, 19:01 · Salt, Servers
dereckson moved T2037: Provide roll on devserver role from Working on to Pending review on the Servers board.
Oct 5 2024, 17:19 · Servers, freebsd-port-wanted
dereckson added a comment to T2037: Provide roll on devserver role.
In T2037#30771, @dereckson wrote:

https://windriver.nasqueron.org/poudriere/base14-dereckson_dev/2024-10-05_12h25m58s/logs/errors/roll-2.6.1.log

Oct 5 2024, 17:19 · Servers, freebsd-port-wanted
dereckson updated the task description for T2044: Upgrade FreeBSD servers still on 14.0 to 14.1.
Oct 5 2024, 15:06 · Servers
dereckson added a comment to T2037: Provide roll on devserver role.

https://windriver.nasqueron.org/poudriere/base14-dereckson_dev/2024-10-05_12h25m58s/logs/errors/roll-2.6.1.log

Oct 5 2024, 12:41 · Servers, freebsd-port-wanted
dereckson moved T2046: Deploy Medusa on devserver role from Backlog to Pending review on the Servers board.
Oct 5 2024, 12:22 · upstream, freebsd-port-wanted, Vault, Servers
dereckson moved T2046: Deploy Medusa on devserver role from Backlog to New port on the freebsd-port-wanted board.
Oct 5 2024, 12:21 · upstream, freebsd-port-wanted, Vault, Servers
dereckson moved T2046: Deploy Medusa on devserver role from Backlog to To check again on the upstream board.
Oct 5 2024, 12:21 · upstream, freebsd-port-wanted, Vault, Servers
dereckson triaged T2046: Deploy Medusa on devserver role as Normal priority.
Oct 5 2024, 12:21 · upstream, freebsd-port-wanted, Vault, Servers
dereckson added a comment to T2044: Upgrade FreeBSD servers still on 14.0 to 14.1.

Taking db-A-001.

Oct 5 2024, 11:59 · Servers

Oct 4 2024

DorianWinty added a comment to T2043: Switch to acme.sh instead of certbot.

Message from acme.sh-3.0.9:

Oct 4 2024, 17:25 · Operations sprints (Ignite Alkane Propulsion), Servers

Oct 3 2024

dereckson moved T2042: salt-wrapper is missing from devserver from Backlog to Servers config on the Salt board.
Oct 3 2024, 22:03 · Salt, Servers
dereckson moved T2042: salt-wrapper is missing from devserver from Backlog to Pending review on the Servers board.
Oct 3 2024, 22:03 · Salt, Servers
dereckson added a revision to T2042: salt-wrapper is missing from devserver: D3481: Install salt-wrapper on devserver role.
Oct 3 2024, 21:31 · Salt, Servers
dereckson triaged T2044: Upgrade FreeBSD servers still on 14.0 to 14.1 as High priority.
Oct 3 2024, 21:18 · Servers
DorianWinty added a comment to T2043: Switch to acme.sh instead of certbot.

https://github.com/acmesh-official/acme.sh/wiki/Stateless-Mode

Oct 3 2024, 19:51 · Operations sprints (Ignite Alkane Propulsion), Servers
dereckson created Blog Post: WindRiver moved to a new home. New SSH keys..
Oct 3 2024, 19:42 · security, Servers
DorianWinty created T2043: Switch to acme.sh instead of certbot.
Oct 3 2024, 19:39 · Operations sprints (Ignite Alkane Propulsion), Servers
dereckson added a comment to T2040: Supersede Vault by OpenBao.

Yes, it's a fork from Vault 1.14 so we've all the features of token generation. back to the shorter s. tokens).

Oct 3 2024, 17:26 · security, Servers, Vault
DorianWinty added a comment to T2040: Supersede Vault by OpenBao.
  • about the UI it could be usefull managing secrets more easyly
Oct 3 2024, 17:23 · security, Servers, Vault
dereckson added a parent task for T2042: salt-wrapper is missing from devserver: T2017: Install WindRiver replacement server.
Oct 3 2024, 17:20 · Salt, Servers
dereckson added a subtask for T2017: Install WindRiver replacement server: T2042: salt-wrapper is missing from devserver.
Oct 3 2024, 17:20 · Servers
dereckson triaged T2042: salt-wrapper is missing from devserver as Normal priority.
Oct 3 2024, 17:20 · Salt, Servers
First
Prev
Next
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator