At Nasqueron, I maintain this Phabricator instance, and overview the operations infrastructure.
Website: https://www.dereckson.be/
Individual board: User-Dereckson
User Details
User Details
- User Since
- Nov 11 2014, 04:38 (591 w, 5 d)
- Roles
- Administrator
- Availability
- Available
Yesterday
Yesterday
dereckson added inline comments to D4006: Automate CARP activation and parameter preemption.
dereckson requested changes to D4006: Automate CARP activation and parameter preemption.
Sat, Mar 14
Sat, Mar 14
dereckson retitled D4004: Pemit acme.sh to run reload script from Pemit acmesh to use sudo on script to Pemit acme.sh to run reload script.
dereckson added a comment to D4004: Pemit acme.sh to run reload script.
(ah you did it: {{ dirs.bin }}/acmesh-dovecot_postfixReload is well without the extension in D4003)
dereckson added inline comments to D4004: Pemit acme.sh to run reload script.
dereckson added a comment to D4004: Pemit acme.sh to run reload script.
Oh just I notice here the .sh at line 17, but not at line 16.
dereckson retitled D4003: Reload Dovecot, Postfix and nginx when certificate is renewed from Define script for reload of Dovecot and Postfix to Reload Dovecot, Postfix and nginx when certificate is renewed.
Fri, Mar 13
Fri, Mar 13
dereckson requested review of D4002: Avoid timeout extracting info from video playlist.
dereckson committed rVIPER53ab9e7eb65e: Switch to yt-dlp to get video metadata (authored by dereckson).
Switch to yt-dlp to get video metadata
dereckson requested review of D4001: Try to install Salt 3006.8 as test dependency.
dereckson requested review of D4000: Install git-absorb on shellserver and devserver roles.
Configured at OVH level.
Thu, Mar 12
Thu, Mar 12
dereckson retitled D3974: Synchronize nodes pillar with NetBox information from Synchronize nodes.sls with NetBox pillar to Synchronize nodes pillar with NetBox information.
dereckson added a comment to D3988: Configure strongSwan as IPsec implementation.
Test to deploy this final version on Complector with a test=True to see if it's still no-op.
dereckson requested changes to D3988: Configure strongSwan as IPsec implementation.
dereckson triaged T1772: Design LDAP schema for Nasqueron login and identity services as High priority.
It has been asserted a LDAP is the easiest deployment road for Keycloak operation, supported out of the box, without any custom development needed. If we store users in a MariaDB or PostgreSQL database, we need custom development to explain to Keycloak how to use it.
dereckson added a comment to T1771: Evaluate Keycloak as identity and access management solution.
One of the important thing to note is Keycloak federates user information from external storage.
dereckson placed T1771: Evaluate Keycloak as identity and access management solution up for grabs.
Wed, Mar 11
Wed, Mar 11
dereckson requested changes to D3943: Add MOTD for router-003 and router-002 to complete router configuration.
I'd suggest to use node.resolve_network to find public IP address.
dereckson added inline comments to D3990: Standardize NTP configuration.
Tue, Mar 10
Tue, Mar 10
dereckson abandoned D3179: Use 4 spaces as indent.
Done separately as part of early 2026 commits.
Superseded by the current stage of the project.
Fri, Mar 6
Fri, Mar 6
dereckson committed rOPS6302a43b3981: Update dependencies for ViperServ video extraction (authored by dereckson).
Update dependencies for ViperServ video extraction
dereckson retitled D3996: Simplify autochmod-git from Use directly find without xargs to fix repository permissions to Simplify autochmod-git.
dereckson updated the diff for D3996: Simplify autochmod-git.
I've discovered X option in chmod that solves the issue nicely, by setting executable bit only where needed (already executable files and directories), so we can keep the find approach and stay safe for whitespaces.
Added missing " "
dereckson added a comment to D3996: Simplify autochmod-git.
About shellcheck linter issues.
dereckson requested review of D3996: Simplify autochmod-git.
Thu, Mar 5
Thu, Mar 5
dereckson added a comment to D3994: Add Terminator plugin support for resolve-hash.
Duplicate of D3976.
Duplicate of D3976.
dereckson added a comment to D3986: Configure CARP on routers.
OK, nice work, ready.
Wed, Mar 4
Wed, Mar 4
dereckson added a comment to D3993: Added missing " ".
To deploy to all IntraNought VMs.
dereckson requested changes to D3974: Synchronize nodes pillar with NetBox information.
Virtually OK, but one critical flag missing from pillarize for ongoing IPv6 connectivity
dereckson added a comment to T2269: Failed to start Configure 4to6 tunnel through Hurricane Electric.
For context, when we apply Salt configuration, it currently checks if ipv6-setup-tunnel is running.
dereckson updated the task description for T2269: Failed to start Configure 4to6 tunnel through Hurricane Electric.
dereckson updated the task description for T2269: Failed to start Configure 4to6 tunnel through Hurricane Electric.
dereckson moved T2269: Failed to start Configure 4to6 tunnel through Hurricane Electric from Backlog to Servers on the IPv6 board.
dereckson edited the content of Python track.
dereckson updated subscribers of T1694: Cache hash queries.
@Duranzed As a follow-up for the Terminator plugin, that one could be interesting too.
dereckson requested changes to D3976: Add plugin for terminator to resolve hashes.
Plugin works, but now we need to polish the two README files.
dereckson retitled D3979: Retrieve CARP configuration for a specific node from add helper get_carp_entries() to _modules/node.py and unit tests to Retrieve CARP configuration for a specific node.
dereckson added a comment to D3986: Configure CARP on routers.
Configuration logic. Looks good to me.
dereckson retitled D3986: Configure CARP on routers from Add CARP configuration to Configure CARP on routers.
dereckson retitled D3986: Configure CARP on routers from Add CARP configuration in role/router/carp/carp.sls to Add CARP configuration.
dereckson updated the summary of D3986: Configure CARP on routers.
dereckson requested changes to D3988: Configure strongSwan as IPsec implementation.
Service part OK.
dereckson retitled D3987: Allow all servers to read IPsec in Vault from Vault configuration to read ipsec key to Allow all servers to read IPsec in Vault.
dereckson retitled D3988: Configure strongSwan as IPsec implementation from IPsec strongswan configuration to Configure strongSwan as IPsec implementation.
dereckson updated the summary of D3989: Add dark mode toggle button.
dereckson added a comment to D3992: Fix scrollbar layout shift on all pages.
Per https://cbea.ms/git-commit/ titles of your commit messages should be much shorter.
dereckson requested changes to D3990: Standardize NTP configuration.
Tue, Mar 3
Tue, Mar 3
dereckson added a comment to D3988: Configure strongSwan as IPsec implementation.
No link to a task in description?
dereckson retitled D3990: Standardize NTP configuration from Standardize NTP configuration (T1223) to Standardize NTP configuration.
OK for Wolfplex too.
Mon, Mar 2
Mon, Mar 2
Sat, Feb 28
Sat, Feb 28
dereckson added a comment to D3983: Add new SSH key for new ptdradmin PC-GUI computer.
Applied to WindRiver.
dereckson committed rOPSa31b892b1d11: Add new SSH key for new ptdradmin PC-GUI computer (authored by ptdradmin).
Add new SSH key for new ptdradmin PC-GUI computer
dereckson requested review of D3984: Help to install Arcanist dependencies.
Request authenticated through IRC + DevCentral commit + prior knowledge of upcoming commit irl + familiar pattern of activity.
dereckson retitled D3983: Add new SSH key for new ptdradmin PC-GUI computer from ptdradmin: Add new SSH key for PC-GUI to Add new SSH key for new ptdradmin PC-GUI computer.
Thu, Feb 26
Thu, Feb 26
dereckson added a comment to T2266: Improve Python requirements for Operations repository.
@yousra I think pip install salt==3006.8 should work, with dependencies.
Caught this issue during dependencies test.
dereckson requested review of D3978: Use jdiff instead of jsondiff.
dereckson added a comment to T2266: Improve Python requirements for Operations repository.
Salt dependencies are reasonable enough to add to requirements.txt:
Wed, Feb 25
Wed, Feb 25
dereckson moved T1695: Write a Terminator plugin to resolve hashes from Next to In progress on the Resolve hash board.
dereckson awarded D3976: Add plugin for terminator to resolve hashes a Like token.
dereckson requested changes to D3976: Add plugin for terminator to resolve hashes.
dereckson added a comment to D3976: Add plugin for terminator to resolve hashes.
Plugin works, but we need more metadata:
dereckson added a comment to T2266: Improve Python requirements for Operations repository.
If Salt dependencies are the issue, a possibility is to define requirements from https://github.com/saltstack/salt/tree/master/requirements
dereckson raised the priority of T2266: Improve Python requirements for Operations repository from Normal to High.
Mon, Feb 23
Mon, Feb 23
dereckson updated the summary of D3976: Add plugin for terminator to resolve hashes.
dereckson requested changes to D3976: Add plugin for terminator to resolve hashes.
dereckson added a comment to D3976: Add plugin for terminator to resolve hashes.
Repository move
dereckson added a comment to D3976: Add plugin for terminator to resolve hashes.
Not for the operations repository, it's for rRESOLVEHASH.
Sat, Feb 21
Sat, Feb 21
dereckson added a comment to T2263: Document GitLab token procedure.
For (1), it was disabled between March 2022 (D2569) and August 2024 (forum thread reporting the issue).