Page MenuHomeDevCentral
People dereckson

dereckson (Sébastien Santoro)
Nasqueron founderAdministrator

Projects (90)
View All

Calendar

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Wednesday

  • Clear sailing ahead.

User Details

User Since
Nov 11 2014, 04:38 (552 w, 6 d)
Roles
Administrator
Availability
Available

At Nasqueron, I maintain this Phabricator instance, and overview the operations infrastructure.

Website: https://www.dereckson.be/

Individual board: User-Dereckson

Recent Activity
View All

Thu, Jun 12

dereckson accepted D3641: Get public IPV6 from servers.
Thu, Jun 12, 19:22

Tue, Jun 3

dereckson closed D3639: Load pefs module at boot time.
Tue, Jun 3, 18:38
dereckson closed T2118: Load pefs module automatically on devserver role on boot as Resolved by committing rOPS5f9cc5dbd472: Load pefs module at boot time.
Tue, Jun 3, 18:38 · Servers
dereckson committed rOPS5f9cc5dbd472: Load pefs module at boot time (authored by dereckson).
Load pefs module at boot time
Tue, Jun 3, 18:38
dereckson accepted D3639: Load pefs module at boot time.
Tue, Jun 3, 18:37
dereckson added a revision to T2118: Load pefs module automatically on devserver role on boot: D3639: Load pefs module at boot time.
Tue, Jun 3, 18:37 · Servers
dereckson requested review of D3639: Load pefs module at boot time.
Tue, Jun 3, 18:37
dereckson added a comment to T2118: Load pefs module automatically on devserver role on boot.

There is already a state to enable the module, freebsd_kernel_modules_enable but it only triggers when pefs-kmod is installed, and only to load the module right now.

Tue, Jun 3, 18:29 · Servers

Mon, Jun 2

dereckson renamed T2118: Load pefs module automatically on devserver role on boot from Load pefs module automatically on Windriver on boot to Load pefs module automatically on devserver role on boot.
Mon, Jun 2, 21:19 · Servers
dereckson triaged T2118: Load pefs module automatically on devserver role on boot as Normal priority.
Mon, Jun 2, 21:19 · Servers
dereckson created P372 DNS - Raw AXFR output - nasqueron.org.
Mon, Jun 2, 20:24 · DNS, Servers
dereckson added a comment to T2096: WindRiver Route to Drake private network Ignored .

Same issue after 2025-06-02 reboot, route to 172.27.27.1 is still missing.

Mon, Jun 2, 13:56 · Drake network, Servers

Tue, May 20

dereckson requested review of D3638: Prune OCSP nginx configuration.
Tue, May 20, 21:14
dereckson added a revision to T2116: Drop of OCSP Service: D3638: Prune OCSP nginx configuration.
Tue, May 20, 21:14 · Servers, Nasqueron Operations Squad
dereckson added a project to T2116: Drop of OCSP Service: Servers.
Tue, May 20, 21:01 · Servers, Nasqueron Operations Squad
dereckson merged task T2114: Improve nginx SSL stapling configuration into T2116: Drop of OCSP Service.
Tue, May 20, 20:57
dereckson merged T2114: Improve nginx SSL stapling configuration into T2116: Drop of OCSP Service.
Tue, May 20, 20:57 · Servers, Nasqueron Operations Squad

Sun, May 18

dereckson added a revision to T2114: Improve nginx SSL stapling configuration: D3637: Switch from certificates bundle to chain for nginx OCSP.
Sun, May 18, 09:43
dereckson closed D3636: Update Let's Encrypt intermediate certificates for OCSP.
Sun, May 18, 09:26
dereckson committed rOPSeb1c41a8d8ef: Update Let's Encrypt intermediate certificates for OCSP (authored by dereckson).
Update Let's Encrypt intermediate certificates for OCSP
Sun, May 18, 09:26
dereckson accepted D3636: Update Let's Encrypt intermediate certificates for OCSP.

Accepting for update, but not a solution to the issue described in T2114.

Sun, May 18, 09:25
dereckson requested review of D3636: Update Let's Encrypt intermediate certificates for OCSP.
Sun, May 18, 09:21
dereckson removed a project from T2115: Update Dwellers packages: security.
Sun, May 18, 09:07 · Servers
dereckson added a project to T2115: Update Dwellers packages: security.
Sun, May 18, 09:06 · Servers
dereckson triaged T2115: Update Dwellers packages as High priority.
Sun, May 18, 09:06 · Servers
dereckson triaged T2114: Improve nginx SSL stapling configuration as Normal priority.
Sun, May 18, 09:05
dereckson triaged T2113: systemd-hostnamed service can't be launched - SELinux blocks it as Normal priority.
Sun, May 18, 08:55 · Servers
dereckson triaged T2112: Renew Vault certificate as High priority.
Sun, May 18, 08:46 · security, Servers

Apr 15 2025

dereckson closed D3635: Bump dependencies.
Apr 15 2025, 07:01
dereckson committed rAPISRVLOGSe4661699b0a5: Bump dependencies (authored by dereckson).
Bump dependencies
Apr 15 2025, 07:01
dereckson accepted D3635: Bump dependencies.
Apr 15 2025, 07:01
dereckson requested review of D3635: Bump dependencies.
Apr 15 2025, 07:00
dereckson closed D3634: Read /status from REQUEST_URI.
Apr 15 2025, 06:56
dereckson committed rAPISRVLOGS3e72564cab41: Read /status from REQUEST_URI (authored by dereckson).
Read /status from REQUEST_URI
Apr 15 2025, 06:56
dereckson accepted D3634: Read /status from REQUEST_URI.
Apr 15 2025, 06:55
dereckson updated the diff for D3634: Read /status from REQUEST_URI.

Restricting diff to actual change

Apr 15 2025, 06:55
dereckson updated the summary of D3634: Read /status from REQUEST_URI.
Apr 15 2025, 06:54
dereckson requested review of D3634: Read /status from REQUEST_URI.
Apr 15 2025, 06:54
dereckson edited projects for T2111: Bump dependencies for API servers log PHP version, added: Nasqueron API, Monitoring and reporting; removed Alkane.
Apr 15 2025, 06:38 · Monitoring and reporting, Nasqueron API
dereckson triaged T2111: Bump dependencies for API servers log PHP version as High priority.
Apr 15 2025, 06:37 · Monitoring and reporting, Nasqueron API

Apr 5 2025

dereckson added a comment to T2106: arcanist doesn't work on PHP 8.4.

After arc land is successful:

Apr 5 2025, 14:12 · DevCentral, Servers
dereckson closed D3633: Add new SSH key for dereckson.
Apr 5 2025, 14:12
dereckson committed rOPS92dbc237793e: Add new SSH key for dereckson (authored by dereckson).
Add new SSH key for dereckson
Apr 5 2025, 14:12
dereckson added a comment to T2106: arcanist doesn't work on PHP 8.4.

Next one detected during arc land:

Apr 5 2025, 14:11 · DevCentral, Servers
dereckson accepted D3633: Add new SSH key for dereckson.
Apr 5 2025, 14:08
dereckson requested review of D3633: Add new SSH key for dereckson.
Apr 5 2025, 14:08
dereckson added a comment to T2106: arcanist doesn't work on PHP 8.4.

Next one:

Apr 5 2025, 14:04 · DevCentral, Servers
dereckson added a comment to T2107: j'aimerais avoir une présence permanente sur internet.

Une fois que tu as retrouvé les accès SSH pour le web statique:

Apr 5 2025, 13:55 · Eglide, security
dereckson added projects to T2107: j'aimerais avoir une présence permanente sur internet: security, Eglide.
Apr 5 2025, 13:51 · Eglide, security
dereckson added a comment to T2107: j'aimerais avoir une présence permanente sur internet.

Oui, oui, c'est possible.

Apr 5 2025, 13:51 · Eglide, security

Mar 29 2025

dereckson accepted D3631: Split ViMbAdmin config.
Mar 29 2025, 23:39
dereckson retitled D3631: Split ViMbAdmin config from Split Vimbadmin config to Split ViMbAdmin config.
Mar 29 2025, 23:39

Mar 28 2025

dereckson added a comment to T1931: Dovecot Provisioning.

Monitoring could be as simple as:`

Mar 28 2025, 17:38 · Mail, Restricted Project, Servers
dereckson created P371 windriver smartctl - ada1.
Mar 28 2025, 11:47
dereckson updated the title for P370 windriver smartctl - ada0 from windriver smartctl to windriver smartctl - ada0.
Mar 28 2025, 11:47 · Servers
dereckson created P370 windriver smartctl - ada0.
Mar 28 2025, 11:45 · Servers

Mar 27 2025

dereckson renamed T2106: arcanist doesn't work on PHP 8.4 from arcanist doesn't work on PHP 8,4 to arcanist doesn't work on PHP 8.4.
Mar 27 2025, 21:11 · DevCentral, Servers
dereckson updated subscribers of T2106: arcanist doesn't work on PHP 8.4.
Mar 27 2025, 21:10 · DevCentral, Servers
dereckson accepted D3629: Switch mail send to local delivery.
Mar 27 2025, 21:02
dereckson closed D3592: Bump default Node.js version to 22 for FreeBSD ports.
Mar 27 2025, 20:45
dereckson committed rOPSb05d0eb9e2c6: Bump default Node.js version to 22 for FreeBSD ports (authored by dereckson).
Bump default Node.js version to 22 for FreeBSD ports
Mar 27 2025, 20:45
dereckson accepted D3623: Provision DevCentral local configuration.
Mar 27 2025, 20:44
dereckson accepted D3592: Bump default Node.js version to 22 for FreeBSD ports.
Mar 27 2025, 20:34
dereckson accepted D3627: Provision custom build of dovecot.
Mar 27 2025, 20:31
dereckson accepted D3628: Split Dovecot configuration.
Mar 27 2025, 20:06
dereckson accepted D3626: Permit safe reload of nginx.
Mar 27 2025, 19:54
dereckson requested changes to D3627: Provision custom build of dovecot.
Mar 27 2025, 19:47
dereckson requested changes to D3628: Split Dovecot configuration.

Well the issue with this split is we execute tasks in that order when running again the role on a fresh machine:

Mar 27 2025, 19:31
dereckson updated the task description for T2106: arcanist doesn't work on PHP 8.4.
Mar 27 2025, 19:28 · DevCentral, Servers
dereckson added a comment to T2106: arcanist doesn't work on PHP 8.4.

Decreased priority as it was on my local laptop, WindRiver is still 8.3.16.

Mar 27 2025, 19:28 · DevCentral, Servers
dereckson lowered the priority of T2106: arcanist doesn't work on PHP 8.4 from High to Normal.
Mar 27 2025, 19:28 · DevCentral, Servers
dereckson triaged T2106: arcanist doesn't work on PHP 8.4 as High priority.
Mar 27 2025, 18:33 · DevCentral, Servers
dereckson added a parent task for T2105: Use HE as secondary DNS server: T1217: Host our DNS servers.
Mar 27 2025, 18:26 · DNS, Servers
dereckson added a subtask for T1217: Host our DNS servers: T2105: Use HE as secondary DNS server.
Mar 27 2025, 18:26 · Servers
dereckson updated the task description for T1217: Host our DNS servers.
Mar 27 2025, 18:26 · Servers
dereckson added a comment to T1217: Host our DNS servers.

Knot uses also the same format, last dump for nasqueron.org available at P369.

Mar 27 2025, 18:25 · Servers
dereckson created P369 DNS - Raw AXFR output - nasqueron.org.
Mar 27 2025, 18:21 · DNS

Mar 13 2025

dereckson requested changes to D3626: Permit safe reload of nginx.

Looks good to me, source file to update.

Mar 13 2025, 17:31

Jan 28 2025

dereckson added a comment to T2103: Upgrade servers to FreeBSD 14.2.

WindRiver looks stable enough, green light for other servers (still router-001 excepted)

Jan 28 2025, 18:42 · Servers
dereckson added a comment to D3625: Move .browserlistrc file into a package.json section.

New config

Jan 28 2025, 18:39
dereckson requested changes to D3623: Provision DevCentral local configuration.
Jan 28 2025, 18:36

Jan 15 2025

dereckson added a comment to T2103: Upgrade servers to FreeBSD 14.2.
In T2103#32089, @dereckson wrote:

False alert, server correctly booted but doesn't answer ICMP packets, see T2104.

Jan 15 2025, 14:48 · Servers
dereckson closed T2104: WindRiver doesn't answer ICMP packages as Invalid.

Problem from the guest network firewall, not about WindRiver.

Jan 15 2025, 14:47 · Servers
dereckson added a comment to T2103: Upgrade servers to FreeBSD 14.2.

False alert, server correctly booted but doesn't answer ICMP packets, see T2104.

Jan 15 2025, 12:28 · Servers
dereckson triaged T2104: WindRiver doesn't answer ICMP packages as Normal priority.
Jan 15 2025, 12:27 · Servers
dereckson claimed T2103: Upgrade servers to FreeBSD 14.2.

On WindRiver. 14.2 has been upgraded, not alive after reboot.

Jan 15 2025, 11:18 · Servers
dereckson triaged T2103: Upgrade servers to FreeBSD 14.2 as High priority.
Jan 15 2025, 11:18 · Servers

Jan 6 2025

dereckson added a comment to D3623: Provision DevCentral local configuration.

The configuration option "_comment" is not recognized. It may be misspelled, or it might have existed in an older version of the software. It has no effect, and should be corrected or deleted.

Jan 6 2025, 22:55
dereckson added a comment to T2100: Switch to local delivery instead of mailgun.

Should use port 587 for submission. Port 25 (smptd) should be server-to-server only.

Jan 6 2025, 22:54 · Nasqueron Operations Squad, DevCentral, Mail

Jan 3 2025

dereckson updated the task description for T2043: Switch to acme.sh instead of certbot.
Jan 3 2025, 12:08 · Operations sprints (Ignite Alkane Propulsion), Servers
dereckson updated the task description for T2043: Switch to acme.sh instead of certbot.
Jan 3 2025, 12:06 · Operations sprints (Ignite Alkane Propulsion), Servers
dereckson closed D3624: Update TLS certificates paths for mail.nasqueron.org.
Jan 3 2025, 11:48
dereckson committed rOPS45924b056323: Update TLS certificates paths for mail.nasqueron.org (authored by dereckson).
Update TLS certificates paths for mail.nasqueron.org
Jan 3 2025, 11:48
dereckson requested review of D3624: Update TLS certificates paths for mail.nasqueron.org.
Jan 3 2025, 11:44
dereckson awarded D3623: Provision DevCentral local configuration a Evil Spooky Haunted Tree token.
Jan 3 2025, 11:40
dereckson added a comment to D3623: Provision DevCentral local configuration.

I like it, that's a good step to improve automation for DevCentral container.

Jan 3 2025, 11:40
dereckson requested changes to D3623: Provision DevCentral local configuration.
Jan 3 2025, 11:40

Dec 24 2024

dereckson closed T2097: Grafana doesn't have permissions to run database migrations as Resolved.

Incident fixed, Grafana is running.

Dec 24 2024, 14:37 · Monitoring and reporting
dereckson added a comment to T2097: Grafana doesn't have permissions to run database migrations.

Path to where Grafana stores the sqlite3 database (if used), file-based sessions (if used), and other data. This path is usually specified via command line in the init.d script or the systemd service file.

Dec 24 2024, 14:37 · Monitoring and reporting
dereckson closed D3622: Create Grafana data directory.
Dec 24 2024, 14:37
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator