At Nasqueron, I maintain this Phabricator instance, and overview the operations infrastructure.
Website: https://www.dereckson.be/
Individual board: User-Dereckson
At Nasqueron, I maintain this Phabricator instance, and overview the operations infrastructure.
Website: https://www.dereckson.be/
Individual board: User-Dereckson
Local cache is OK.
Salt SELinux module issue
Priority is high as it can affect our certificate renewal process.
$ salt docker-002 state.apply roles/core/certificates/letsencrypt […] ID: selinux_context_certbot_www Function: selinux.fcontext_policy_present Name: /var/letsencrypt-auto Result: True Comment: Started: 18:00:54.789434 Duration: 1865.606 ms Changes: ---------- new: ---------- /var/letsencrypt-auto: ---------- filetype: all files sel_type: httpd_sys_content_t old: ---------- ---------- ID: selinux_context_certbot_www_applied Function: selinux.fcontext_policy_applied Name: /var/letsencrypt-auto Result: True Comment: SElinux policies are already applied for filespec "/var/letsencrypt-auto" Started: 18:00:56.655250 Duration: 7.813 ms Changes: […]
+has_selinux
SELinux context was the default for anything created under /var, which we didn't allow and aren't interested to allow for nginx.
The same issue is triggered by projects_v2, again because there is no repository.
The documentation is now more comprehensive and include the steps to contribute.
Development switched to https://chaoss.github.io/grimoirelab/
That workflow has been added to the main documentation page.
code.nasqueron.org with Hound is stable enough to close this task.
Reference for ABI: https://wiki.osdev.org/System_V_ABI
Authoritative DNS
DNS change
For RHEL 8, we probably only need docker-processes, but roles/paas-docker/devel refers dive too.
There are indeed authoritative:
Done at the console, but DNS records aren't instantaneously updated, and I'm not even sure those are authoritative (they are for poneytelecom.eu):
2024-10 plan:
Choose to only support FreeBSD:14:amd64 ABI or to use /${ABI}/ in path
At first uwsgi.yml and api-exec.conf was two separate files. So the difference of spacing. Let's use 2 spaces everywhere, per .editorconfig.
Allow to customize mime-type so we can serve application/openmetrics-text for metrics. Set PATH so /usr/local/bin is always in path, regardless how the service is launched.
We also need a monitoring script to detect those cases:
I've put a live patch in WindRiver to use ccache-metrics with the correct header, Prometheus can then parse correctly the info type.
Tested with Prometheus, we can see the metrics at http://localhost:9090/graph
Adhere to OpenMetrics format
Need to customize header to adhere to OpenMetrics specification.
Spaces
rm extraneous EOL
Remove os and sys unused imports
$ salt hervil state.apply roles/mailserver/dovecot […] ---------- ID: dovecot_file_config_conf_d Function: file.recurse Name: /usr/local/etc/dovecot/conf.d Result: True Comment: Recursively updated /usr/local/etc/dovecot/conf.d Started: 15:27:53.192961 Duration: 463.675 ms Changes: ---------- /usr/local/etc/dovecot/conf.d/10-mail.conf: ---------- diff: --- +++ @@ -13,6 +13,6 @@ # and will be lost if the state is redeployed. # </auto-generated>
To test and merge after D3491.
Not yet deployed.