|
3a8588a1ea
|
Open ports 80 and 443 on all Orion nodes
|
2023-01-04 11:10:10 +01:00 |
|
|
da78f3671e
|
staging: deploy things on bespin
|
2023-01-04 10:06:06 +01:00 |
|
|
26f78872e6
|
staging: add node df-pw5 at bespin
|
2023-01-04 10:02:21 +01:00 |
|
|
c11b6499b8
|
prod: deploy d53
|
2023-01-04 09:35:40 +01:00 |
|
|
6478560087
|
prod: update tricot
|
2023-01-03 21:14:02 +01:00 |
|
|
fe805b6bab
|
Fix prometheus ssl certs
|
2023-01-03 21:00:10 +01:00 |
|
|
606668e25e
|
fill in cname_target and public_ipv4 for prod cluster
|
2023-01-03 19:27:35 +01:00 |
|
|
18eef6e8e7
|
Staging: Reduce resource requirements to pack more things
|
2023-01-03 18:25:32 +01:00 |
|
|
af73126f45
|
fix deploy_pki
|
2023-01-02 13:51:13 +01:00 |
|
|
d588764748
|
don't rotate grafana password
|
2023-01-01 20:44:28 +01:00 |
|
|
3847c08181
|
Merge pull request 'updated version of secretmgr' (#5) from new-secretmgr into main
Reviewed-on: Deuxfleurs/nixcfg#5
|
2023-01-01 18:47:34 +00:00 |
|
|
ad6db2f1c5
|
Remove hardcoded years in deuxfleurs.nix
|
2023-01-01 19:43:35 +01:00 |
|
Baptiste Jonglez
|
95540260cb
|
Fix doc, app/frontend has been merged in app/core
|
2022-12-29 18:27:12 +01:00 |
|
Baptiste Jonglez
|
08c324f1c4
|
Add new zone to core services
|
2022-12-29 18:26:52 +01:00 |
|
Baptiste Jonglez
|
de41f3db4e
|
Document how to run jobs
|
2022-12-29 14:22:28 +01:00 |
|
Baptiste Jonglez
|
1c48fd4ae4
|
Add new staging zone and node
|
2022-12-28 16:49:43 +01:00 |
|
|
0d8c6a2d45
|
Remove obsolete Matrix TLS keys
|
2022-12-25 23:54:55 +01:00 |
|
|
0becfc2571
|
Merge branch 'main' into new-secretmgr
|
2022-12-25 23:47:52 +01:00 |
|
|
b63c03f635
|
refactor ssh config and move known_hosts
|
2022-12-25 23:45:53 +01:00 |
|
|
40f5670753
|
Remove old way of doing email certs (self-signed)
|
2022-12-25 23:03:37 +01:00 |
|
|
2bbf540945
|
Remove convertsecrets script, we're done with that
|
2022-12-25 22:57:33 +01:00 |
|
|
3b74376191
|
update drone secrets for rotation
|
2022-12-25 22:50:20 +01:00 |
|
|
8cee3b0043
|
Update prod secret files
|
2022-12-25 22:45:05 +01:00 |
|
|
87bb031ed0
|
Migrate prod cluster secrets to new format
|
2022-12-25 22:31:18 +01:00 |
|
|
6d6e48c8fa
|
Improve secretmgr more, update secrets for staging
|
2022-12-25 22:12:38 +01:00 |
|
|
8d0a7a806d
|
New secretmgr
|
2022-12-25 21:03:16 +01:00 |
|
|
7fd81f3470
|
WIP new secretmgr
|
2022-12-25 19:52:28 +01:00 |
|
|
11f87a3cd2
|
staging: add missing secrets, update exiting ones to autogen/autorotate
|
2022-12-24 23:58:38 +01:00 |
|
|
8d17a07c9b
|
reorganize some things
|
2022-12-24 22:59:37 +01:00 |
|
|
4b527c4db8
|
document scheduler config
|
2022-12-23 00:24:17 +01:00 |
|
|
827987d201
|
cleanup
|
2022-12-23 00:07:02 +01:00 |
|
|
94a9c8afa8
|
security for deployment on prod
|
2022-12-22 23:59:51 +01:00 |
|
|
0e1574a82b
|
More doc reorganization
|
2022-12-22 23:44:00 +01:00 |
|
|
3e5e2d60cd
|
reorganize documentation
|
2022-12-22 23:33:10 +01:00 |
|
|
912753c7ad
|
remove useless lines in caribou,origan.nix
|
2022-12-22 23:16:15 +01:00 |
|
|
4d637c91b1
|
remove outdated telemetry doc
|
2022-12-22 18:01:46 +01:00 |
|
|
b47334d7d7
|
Replace deploy_wg by a NixOS activation script
|
2022-12-14 18:02:30 +01:00 |
|
|
cc70cdc660
|
write about why not ansible
|
2022-12-14 17:52:36 +01:00 |
|
|
8513003388
|
staging: garage update
|
2022-12-14 17:52:13 +01:00 |
|
|
7ab91a16e9
|
Proper nat on origan
|
2022-12-13 16:01:36 +01:00 |
|
|
3af066397e
|
Replace carcajou by origan for raft server
|
2022-12-11 23:13:04 +01:00 |
|
|
dca2e53442
|
run a bunch of things on new Origan node
|
2022-12-11 23:02:14 +01:00 |
|
|
578075a925
|
Add origan node in staging cluster (+ refactor system.stateVersion)
|
2022-12-11 22:37:28 +01:00 |
|
|
36e6756b3c
|
staging: update D53 tags to new (simpler) syntax
|
2022-12-11 21:27:16 +01:00 |
|
|
a1fc396412
|
Add possible public_ipv4 node tag
|
2022-12-07 17:13:03 +01:00 |
|
|
4c50dd57f1
|
staging: reorganize core services and add D53
|
2022-12-07 16:35:21 +01:00 |
|
|
ab97a7bffd
|
Staging: Add CNAME target meta parameter, will be used for diplonat auto dns update
|
2022-12-07 12:32:21 +01:00 |
|
|
1d4599fc1c
|
prod: update tricot and reduce resource constraints
|
2022-12-07 12:03:15 +01:00 |
|
|
93e66389f7
|
staging: update Tricot
|
2022-12-07 11:21:51 +01:00 |
|
|
4e3db0cd5e
|
staging: correct public IPs through NAT for wireguard
|
2022-12-07 11:21:39 +01:00 |
|