Commit graph

204 commits

Author SHA1 Message Date
3847c08181 Merge pull request 'updated version of secretmgr' (#5) from new-secretmgr into main
Reviewed-on: #5
2023-01-01 18:47:34 +00:00
Baptiste Jonglez
08c324f1c4 Add new zone to core services 2022-12-29 18:26:52 +01:00
Baptiste Jonglez
1c48fd4ae4 Add new staging zone and node 2022-12-28 16:49:43 +01:00
0d8c6a2d45
Remove obsolete Matrix TLS keys 2022-12-25 23:54:55 +01:00
0becfc2571
Merge branch 'main' into new-secretmgr 2022-12-25 23:47:52 +01:00
b63c03f635
refactor ssh config and move known_hosts 2022-12-25 23:45:53 +01:00
40f5670753
Remove old way of doing email certs (self-signed) 2022-12-25 23:03:37 +01:00
3b74376191
update drone secrets for rotation 2022-12-25 22:50:20 +01:00
8cee3b0043
Update prod secret files 2022-12-25 22:45:05 +01:00
87bb031ed0
Migrate prod cluster secrets to new format 2022-12-25 22:31:18 +01:00
6d6e48c8fa
Improve secretmgr more, update secrets for staging 2022-12-25 22:12:38 +01:00
8d0a7a806d
New secretmgr 2022-12-25 21:03:16 +01:00
7fd81f3470
WIP new secretmgr 2022-12-25 19:52:28 +01:00
11f87a3cd2
staging: add missing secrets, update exiting ones to autogen/autorotate 2022-12-24 23:58:38 +01:00
8d17a07c9b
reorganize some things 2022-12-24 22:59:37 +01:00
912753c7ad
remove useless lines in caribou,origan.nix 2022-12-22 23:16:15 +01:00
8513003388
staging: garage update 2022-12-14 17:52:13 +01:00
7ab91a16e9
Proper nat on origan 2022-12-13 16:01:36 +01:00
3af066397e
Replace carcajou by origan for raft server 2022-12-11 23:13:04 +01:00
dca2e53442
run a bunch of things on new Origan node 2022-12-11 23:02:14 +01:00
578075a925
Add origan node in staging cluster (+ refactor system.stateVersion) 2022-12-11 22:37:28 +01:00
36e6756b3c
staging: update D53 tags to new (simpler) syntax 2022-12-11 21:27:16 +01:00
a1fc396412
Add possible public_ipv4 node tag 2022-12-07 17:13:03 +01:00
4c50dd57f1
staging: reorganize core services and add D53 2022-12-07 16:35:21 +01:00
ab97a7bffd
Staging: Add CNAME target meta parameter, will be used for diplonat auto dns update 2022-12-07 12:32:21 +01:00
1d4599fc1c
prod: update tricot and reduce resource constraints 2022-12-07 12:03:15 +01:00
93e66389f7
staging: update Tricot 2022-12-07 11:21:51 +01:00
4e3db0cd5e
staging: correct public IPs through NAT for wireguard 2022-12-07 11:21:39 +01:00
5bed1e66db
update alps 2022-12-06 16:14:57 +01:00
724f0ccfec
Tricot: updated with enough bins for histogram data 2022-12-06 15:11:35 +01:00
14bea296da
prod: enable site load balancing in tricot 2022-12-06 14:43:58 +01:00
6036f5a1b7
deploy tricot metrics on production 2022-12-06 14:41:53 +01:00
e1ddb2d1d3
staging: tricot do load balancing of garage requests to local nodes 2022-12-06 12:41:12 +01:00
27b23e15ec
Staging: tricot with metrics 2022-12-05 23:42:53 +01:00
b260b01915
staging garage: use new health check endpoint 2022-12-05 16:25:46 +01:00
a1a2a83727
Staging: let nodes use each other as Nix caches (only inside same site) 2022-12-02 11:59:32 +01:00
88ddfea4d5
staging: run grafana from nixpkgs 2022-12-02 00:14:31 +01:00
2482a2f819
staging: run prometheus from nixpkgs 2022-12-01 23:48:46 +01:00
b0405d47a6
staging: remove hcl file for garage on docker 2022-12-01 23:33:16 +01:00
db8638223f
staging: also run Guichet from nix 2022-12-01 23:30:12 +01:00
e67b460ae2
staging: run bottin as nix job 2022-12-01 22:49:55 +01:00
bc88622ea2
Staging: run diplonat as nix job 2022-12-01 22:32:02 +01:00
d3fac34e63
staging: simplify litestream config on nix 2022-12-01 17:35:19 +01:00
18ab08a86c
staging: run node_exporter from nixos; run synapse as non-root 2022-12-01 17:25:53 +01:00
195e340f56
prod: more agressive restart on core services 2022-12-01 17:03:20 +01:00
9d0a2d8914
Run Tricot as Nix flake instead of Docker image 2022-12-01 16:04:47 +01:00
e4684ae169
staging: reduce litestream memory_max because it uses it all 2022-11-30 10:04:42 +01:00
6db4ec5311
staging: update garage 2022-11-29 22:59:55 +01:00
1ac9790806
Staging: remove Docker-based synapse config 2022-11-29 22:03:48 +01:00
ab7a770168
Synapse on Nix works great 2022-11-29 22:02:21 +01:00
55e407a3a4
First version of Matrix-synapse in Nix 2022-11-29 21:19:57 +01:00
4036a2d951
Clean stuff up and update nix driver 2022-11-29 16:21:38 +01:00
fb4c2ef55a
Remove old nomad-driver-nix 2022-11-29 15:41:35 +01:00
14e3e6deff
Staging: cleanup garage job 2022-11-29 14:42:53 +01:00
c9f9ed4c71
Deploy garage on staging using nix2 driver 2022-11-29 14:21:12 +01:00
105c081728
Staging: ability to run Nix jobs using exec2 driver 2022-11-28 22:58:39 +01:00
a327876e25
Remove root, add wg-quick-wg0 after unbound 2022-11-28 10:19:48 +01:00
6659deb544
Add Baptiste ; fix wireguard 2022-11-22 12:09:28 +01:00
945dd4fa9a
Run Garage as a Nomad Nix job on staging cluster 2022-11-17 00:17:56 +01:00
3c5f4b55e6
fix typo 2022-11-17 00:00:13 +01:00
78440a03d2
add+cleanup config 2022-11-16 16:52:38 +01:00
49b0dc2d5b
poc 2 for nix containers: use nomad-driver-nix 2022-11-16 16:28:18 +01:00
eac950c47f
Upgrade to garage v0.8.0-rc2 2022-11-16 11:57:11 +01:00
7df8162913
nix volumes RO 2022-11-16 00:12:14 +01:00
2cd4bf1ee7
Demo running directly a service from the nix store 2022-11-15 23:13:55 +01:00
9e19b2b5a2
Update ssh keys 2022-11-09 18:35:17 +01:00
cade21aa24
Give more resources to core stuff 2022-11-04 12:29:43 +01:00
7587024ff5
staging: change resources for im job 2022-11-04 11:22:54 +01:00
cc945340a1
update telemetry config on staging 2022-11-04 11:09:37 +01:00
b37c4b3196
Updated drone version 2022-11-04 11:09:19 +01:00
ea8185d7e6
Reinstall caribou 2022-11-03 19:25:28 +01:00
40d5665ffe
Upgrade Matrix but disable URL preview 2022-10-28 09:45:00 +02:00
859813440c
Automatic garage node discover on staging through consul 2022-10-18 22:09:55 +02:00
4584b39639
Update celeri config 2022-10-18 15:44:15 +02:00
afc368421d
Rebalance ressource attribution on staging 2022-10-18 10:40:59 +02:00
2592dcaa2d
Update telemetry on staging as well 2022-10-18 10:32:41 +02:00
27214332e9
IPv6 by FDN 2022-10-16 19:10:51 +02:00
5613ed9908
Complete telemetry configuration 2022-10-16 18:12:57 +02:00
42409de1b1 Deploy garage on bespin 2022-10-16 14:17:12 +00:00
a69a71ca00 Add mounts on bespin + tlsproxy 2022-10-16 14:17:12 +00:00
e6f118adb0 Celeri is no more a raft server 2022-10-16 14:17:12 +00:00
2eecece831 Fix typo on IP, add keys 2022-10-16 14:17:12 +00:00
mricher
c48a7e80c3 Fix key 2022-10-16 14:17:12 +00:00
mricher
8797d4450a Add cluster configuration 2022-10-16 14:17:12 +00:00
mricher
6bafa20bf6 Add bespin machines 2022-10-16 14:17:12 +00:00
6942355d43
update readme.md 2022-10-16 11:04:46 +02:00
3247bf69cf
move grafana-new. to grafana. 2022-10-13 11:01:45 +02:00
f4689d25de
Change email address for let's encrypt expiry notifications 2022-10-09 22:57:55 +02:00
b4e737afdf
Rotate ssh key 2022-10-09 17:46:59 +02:00
c239e34a25
IPv6 prefix at Neptune changed again 2022-10-09 17:07:47 +02:00
e8cdd6864a
Split garage deployments in 2 categories
- The ones that will receive some traffic from tricot
 - The ones "only for storage" that will not receive traffic from tricot
2022-10-08 22:23:19 +02:00
32658ff4d3
Add jaeger service to staging to view Garage traces 2022-09-26 15:53:32 +02:00
711b788eb4
Fix restic forget commands 2022-09-26 13:05:53 +02:00
5b88919746
Move cryptpad backup job to backup-daily.hcl 2022-09-26 13:02:38 +02:00
535c90b38e
Replace Adrien's SSH key 2022-09-26 11:37:48 +02:00
f22e242700
SSB experiment 2022-09-21 19:29:08 +02:00
4e939f55fc
Update garage staging 2022-09-21 19:28:54 +02:00
56ff4c5cfd
Prod-like telemetry into staging 2022-09-20 17:13:46 +02:00
9b6bdc7092
Update to garage config 2022-09-20 17:13:36 +02:00
72606368bf
Force Garage to use ipv6 connectivity 2022-09-15 11:57:24 +02:00