Baptiste Jonglez
7e88a88e04
prod: garage: Enable on-demand-tls check for *.garage S3 endpoint
...
We were hitting Let's Encrypt rate limits because we were generating
thousands of non-sense certificates like "foo.bar.baz.garage.deuxfleurs.fr"
See https://crt.sh
Subdomains of garage.deuxfleurs.fr only make sense when accessing buckets
through S3 with vhost-style, so let's enable the on-demand-tls check to
make sure that the bucket exists in Garage.
In the long term, we might want to have a wildcard certificate for this
usage, or simply stop supporting vhost-style S3 access.
2024-06-08 17:14:48 +02:00
Baptiste Jonglez
9fc22d72d4
garage: harmonize staging and prod (checks, services)
2024-06-08 16:43:18 +02:00
e746768de1
hotfix garage
2024-05-17 20:29:05 +02:00
96ead9a597
prod: garage v1.0.0-rc1
2024-04-01 20:11:24 +02:00
62bd80a346
garage: update to v0.9.2 final
2024-03-01 18:11:36 +01:00
71e959ee79
prod: update to garage 0.9.2-rc1
2024-02-29 16:19:21 +01:00
a21493745d
prod: update diplonat and make garage restart on template changes again
...
Diplonat update prevents unnecessary flapping of autodiscovered ip
addresses, which was the cause of useless restarts of the garage daemon.
But in principle we want Garage to be restarted if the ipv6 address
changes as it indicates changes in the network.
2024-01-17 12:38:53 +01:00
516ab9ad91
stop reloading config file
2023-12-19 08:36:26 +01:00
47e982b29d
garage prod: use dynamically determined ipv6 addresses
2023-12-13 17:33:56 +01:00
d694ddbe2c
Move garage's redirections to a dedicated service
...
Reason:
- do not slow down the garage web endpoint
- required now that we map domain name to a garage bucket
2023-12-04 12:32:46 +01:00
af242486a3
add degrowth
2023-12-04 12:16:41 +01:00
7da4510ee8
tricot update
2023-12-01 16:02:09 +01:00
52044402ac
add some redirections
2023-11-29 17:08:13 +01:00
ea8b2e8c82
màj garage prod
2023-10-16 14:54:16 +02:00
56e19ff2e5
remove default HTTP CSP, put your CSP in your HTML
2023-10-03 16:00:11 +02:00
a490f082bc
prod: remove all apps from orion, add some missing in scorpio
2023-09-04 19:05:18 +02:00
ecb4cabcf0
prod garage: add health check using admin api's '/health'
2023-08-27 13:56:51 +02:00
aaa80ae678
final csp
2023-07-23 14:36:04 +02:00
132ad670a1
lines
2023-07-23 13:59:35 +02:00
1c623c796a
update garage and let it use more ram
2023-03-16 14:18:59 +01:00
f7be968531
TODOs in deuxfleurs.nix because the old world is maybe mixing with the new
2023-03-15 18:19:01 +01:00
6a287ffb57
prod: garage v0.8.1
2023-03-06 14:39:12 +01:00
c11b6499b8
prod: deploy d53
2023-01-04 09:35:40 +01:00
14bea296da
prod: enable site load balancing in tricot
2022-12-06 14:43:58 +01:00
eac950c47f
Upgrade to garage v0.8.0-rc2
2022-11-16 11:57:11 +01:00
42409de1b1
Deploy garage on bespin
2022-10-16 14:17:12 +00:00
e8cdd6864a
Split garage deployments in 2 categories
...
- The ones that will receive some traffic from tricot
- The ones "only for storage" that will not receive traffic from tricot
2022-10-08 22:23:19 +02:00
72606368bf
Force Garage to use ipv6 connectivity
2022-09-15 11:57:24 +02:00
1749a98e86
Update LDAP configuration
2022-08-31 10:25:58 +02:00
72d033dcd4
Remove garage files at bad location, add basic telemetry
2022-08-25 13:59:40 +02:00
e37c1f9057
Deploy Matrix
2022-08-25 01:02:16 +02:00
cfb1d623d9
Reconfigure services to use correct tricot url, TLS fails
2022-08-24 17:31:08 +02:00