This tag identifies security issue.
Details
Details
Description
Mon, Oct 6
Mon, Oct 6
dereckson updated the task description for T2132: Propagate acme.sh certificate so Dovecot can read it.
Tue, Sep 23
Tue, Sep 23
dereckson updated the task description for T2132: Propagate acme.sh certificate so Dovecot can read it.
dereckson updated the task description for T2132: Propagate acme.sh certificate so Dovecot can read it.
dereckson updated the task description for T2132: Propagate acme.sh certificate so Dovecot can read it.
dereckson updated the task description for T2132: Propagate acme.sh certificate so Dovecot can read it.
dereckson updated the task description for T2132: Propagate acme.sh certificate so Dovecot can read it.
dereckson moved T2132: Propagate acme.sh certificate so Dovecot can read it from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Mon, Sep 22
Mon, Sep 22
Thu, Sep 18
Thu, Sep 18
dereckson updated the task description for T2040: Supersede Vault by OpenBao.
dereckson updated the task description for T2040: Supersede Vault by OpenBao.
dereckson added a comment to T2040: Supersede Vault by OpenBao.
So, there is a new reason to do the upgrade.
Sun, Sep 14
Sun, Sep 14
dereckson moved T1580: Deploy ACME-specific DNS server from DNS Server / KnotDNS to AcmeDNS on the DNS board.
dereckson moved T1580: Deploy ACME-specific DNS server from Backlog to DNS Server / KnotDNS on the DNS board.
Wed, Sep 10
Wed, Sep 10
dereckson renamed T2112: Renew Vault web server certificate automatically from Renew Vault HTTPS certificate automatically to Renew Vault web server certificate automatically.
dereckson renamed T2112: Renew Vault web server certificate automatically from Renew Vault HTTP certificate automatically to Renew Vault HTTPS certificate automatically.
dereckson renamed T2112: Renew Vault web server certificate automatically from Renew Vault certificate to Renew Vault HTTP certificate automatically.
dereckson added a comment to T2112: Renew Vault web server certificate automatically.
First step is to create a script to renew all needed certificates:
May 18 2025
May 18 2025
Apr 5 2025
Apr 5 2025
dereckson added a comment to T2107: j'aimerais avoir une présence permanente sur internet.
Une fois que tu as retrouvé les accès SSH pour le web statique:
- WindRiver: automatiquement https://windriver.nasqueron.org/~xcombelle est disponible si tu places des fichiers dans /var/home-wwwroot/xcombelle (je ne sais plus si ça se crée automatiquement avec symlink vers $HOME/public_html, à vérifier)
- Eglide: https://www.eglide.org/~xcombelle pour $HOME/public_html
dereckson added projects to T2107: j'aimerais avoir une présence permanente sur internet: security, Eglide.
Nov 2 2024
Nov 2 2024
Oct 27 2024
Oct 27 2024
dereckson moved T2075: Generate SSH keys for backup purpose from Backlog to Backup infrastructure on the Backups board.
dereckson moved T2075: Generate SSH keys for backup purpose from Servers config to Require Salt dev on the Salt board.
dereckson moved T2075: Generate SSH keys for backup purpose from Backlog to Servers config on the Salt board.
Oct 23 2024
Oct 23 2024
Oct 13 2024
Oct 13 2024
dereckson moved T1861: Configure static IPv6 on WindRiver from Backlog to Knowledge sharing is needed on the IPv6 board.
dereckson added a comment to T1861: Configure static IPv6 on WindRiver.
So, to get routing back:
Oct 12 2024
Oct 12 2024
Not sure of the current benefit to use TC2.
dereckson moved T1486: Evaluate Archery from Backlog to Not for this sprint on the Operations sprints (Move the ambiant lights) board.
dereckson added a comment to T1602: Provision ACME DNS credentials for core domains on each servers.
This is still needed for acme.sh if we want to provision different *.nasqueron.org certificates on different servers.
Oct 9 2024
Oct 9 2024
dereckson lowered the priority of T2051: Can't renew TLS certificates verified through HTTP on docker engines from High to Normal.
dereckson updated the task description for T2051: Can't renew TLS certificates verified through HTTP on docker engines.
dereckson added a comment to T2051: Can't renew TLS certificates verified through HTTP on docker engines.
Salt SELinux module issue
dereckson updated the task description for T2051: Can't renew TLS certificates verified through HTTP on docker engines.
dereckson moved T2051: Can't renew TLS certificates verified through HTTP on docker engines from Backlog to Pending review on the Servers board.
dereckson moved T2051: Can't renew TLS certificates verified through HTTP on docker engines from Backlog to Working on on the Nasqueron Docker deployment squad board.
SELinux context was the default for anything created under /var, which we didn't allow and aren't interested to allow for nginx.
dereckson triaged T2051: Can't renew TLS certificates verified through HTTP on docker engines as High priority.