Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | baserock_ostree: Add the private GitLab CI key (encrypted)sam/ostree | Sam Thursfield | 2017-07-13 | 1 | -0/+167 |
| | |||||
* | baserock_ostree: Enable write access | Sam Thursfield | 2017-07-13 | 7 | -2/+37 |
| | | | | | | | | | | | So far this is limited to the existing Baserock ops team, and a new key that I will try to install into our GitLab CI configuration so that build runners can push artifacts. We don't to hand out access too widely because we currently don't do any verification that the submitted artifacts actually corresponds to the cache key that it's supposed to. This is fine as long as access is limited to autobuilders that we control and trusted developers. | ||||
* | firewall.yml: Open morph-cache-server port on git-server security group | Sam Thursfield | 2017-07-13 | 1 | -1/+11 |
| | | | | | | This is used by YBD for resolving remote Git commit SHA1s to tree SHA1s. Previously the port was opened by the shared-artifact-cache security group, but it no longer is. | ||||
* | Add ostree.baserock.org system | Sam Thursfield | 2017-07-13 | 12 | -787/+911 |
| | | | | | | | | | | | | | This is a new instance that can be used as an artifact cache by the BuildStream build tool. Anyone can download artifacts over HTTPS. Those given SSH access to the machine can write to the artifact cache (this will likely be limited to automated build machines). DNS is now set to point cache.baserock.org and ostree.baserock.org to the HAProxy frontend. The SSL certificate for the frontend-haproxy system has been regenerated to include the cache.baserock.org and ostree.baserock.org domains. | ||||
* | firewall.yml: Update to use OpenStack modules from Ansible 2.0 | Sam Thursfield | 2017-07-13 | 2 | -351/+262 |
| | | | | Previously we depended on 3rd party openstack-ansible-modules. | ||||
* | Remove obsolete hosts | Sam Thursfield | 2017-07-12 | 1 | -4/+0 |
| | |||||
* | README.mdwn: Remove Masons | Sam Thursfield | 2017-07-12 | 1 | -33/+0 |
| | | | | | | These are obsolete, see: https://listmaster.pepperfish.net/pipermail/baserock-dev-baserock.org/2017-January/013765.html | ||||
* | README.mdwn: Replace Yum with DNF | Sam Thursfield | 2017-07-12 | 1 | -1/+1 |
| | |||||
* | Merge branch 'pedro/no-push-notifications' into 'master' | Pedro Alvarez Piedehierro | 2017-05-22 | 2 | -6/+6 |
|\ | | | | | | | | | Pedro/no push notifications See merge request !3 | ||||
| * | baserock_bots: restart bot, to update changes in serverpedro/no-push-notifications | Pedro Alvarez Piedehierro | 2017-05-22 | 1 | -2/+2 |
| | | |||||
| * | baserock_bots: Disable push notifications for Baserock | Pedro Alvarez Piedehierro | 2017-05-22 | 1 | -4/+4 |
|/ | |||||
* | Merge branch 'pedro/gitlab-bot-multichannel' into 'master' | Pedro Alvarez Piedehierro | 2017-05-22 | 2 | -9/+45 |
|\ | | | | | | | | | baserock_bots: configure Gitlab bot for Baserock too See merge request !2 | ||||
| * | baserock_bots: configure Gitlab bot for Baserock toopedro/gitlab-bot-multichannel | Pedro Alvarez Piedehierro | 2017-05-22 | 2 | -9/+45 |
|/ | |||||
* | Merge branch 'pedro/ssl-may-2017' into 'master' | Pedro Alvarez Piedehierro | 2017-05-21 | 19 | -1626/+1884 |
|\ | | | | | | | | | Pedro/ssl may 2017 See merge request !1 | ||||
| * | Fixes for SSL keys generation/deployment | Pedro Alvarez Piedehierro | 2017-05-20 | 2 | -2/+19 |
| | | |||||
| * | Update SSL certs | Pedro Alvarez Piedehierro | 2017-05-20 | 17 | -1624/+1865 |
|/ | |||||
* | Add Ansible scripts for Gitlab IRC bot | Pedro Alvarez Piedehierro | 2017-05-15 | 4 | -0/+98 |
| | |||||
* | Update certificates in Gerrit instance | Pedro Alvarez | 2017-05-02 | 2 | -8/+11 |
| | |||||
* | Apply manually changes from previous commit for frontend.pem | Pedro Alvarez | 2017-05-02 | 2 | -59/+96 |
| | |||||
* | Ensure all certificate files needed are created | Pedro Alvarez | 2017-05-02 | 3 | -8/+16 |
| | |||||
* | certs: Make spec.bo and docs.bo part of the frontend cert | Pedro Alvarez | 2017-03-22 | 4 | -679/+685 |
| | |||||
* | baserock_frontend: Prepare to redirect spec and docs subdomains | Pedro Alvarez Piedehierro | 2017-03-22 | 1 | -3/+10 |
| | | | | This will let us use easily more SSL certs from our HAProxy instance | ||||
* | Add dnsapi.config.txt file for SSL generation | Pedro Alvarez | 2017-03-17 | 1 | -0/+6 |
| | |||||
* | Remove old SSL certificate files | Pedro Alvarez | 2017-03-17 | 3 | -285/+0 |
| | |||||
* | Add notes for SSL certs generation and setup | Pedro Alvarez | 2017-03-17 | 1 | -0/+97 |
| | |||||
* | baserock_storyboard: Update for new SSL certs | Pedro Alvarez | 2017-03-17 | 1 | -3/+3 |
| | |||||
* | ansible.cfg: Allow Ansible tmpfiles to be readable by any user | Pedro Alvarez | 2017-03-17 | 1 | -1/+2 |
| | | | | | | This worksaround an issue with newer versions of Ansible. See https://docs.ansible.com/ansible/become.html#becoming-an-unprivileged-user for more information. | ||||
* | baserock_frontend: Update for new SSL certs | Pedro Alvarez | 2017-03-17 | 1 | -8/+5 |
| | |||||
* | baserock_trove: Adapt for new certs | Pedro Alvarez | 2017-03-17 | 2 | -6/+6 |
| | |||||
* | Add new SSL certs | Pedro Alvarez | 2017-03-17 | 8 | -0/+1674 |
| | |||||
* | Add letsencrypt Root certificate | Pedro Alvarez | 2017-03-17 | 1 | -0/+58 |
| | | | | | Combination of "ISRG Root X1" and "Encrypt Authority X3" certificates downloaded from https://letsencrypt.org/certificates/ | ||||
* | baserock_frontend: Remove acl rules for deprecated servers | Pedro Alvarez | 2017-03-17 | 1 | -18/+0 |
| | |||||
* | Start logging #buildstream in GimpNet | Pedro Alvarez | 2017-02-02 | 2 | -4/+13 |
| | |||||
* | Upgrade Gerrit to 2.13.1 | Pedro Alvarez | 2016-10-06 | 1 | -1/+1 |
| | | | | Change-Id: I144f449a22cdcae6967bacf5f3c08ce660a998d8 | ||||
* | Add #cip in Freenode to irclogs | Pedro Alvarez | 2016-09-19 | 2 | -1/+4 |
| | | | | Change-Id: Iccbaedfcfde6025f0f76959771c59f4615ecc0e8 | ||||
* | Add #trustable in Freenode to irclogs | Pedro Alvarez | 2016-09-15 | 2 | -1/+3 |
| | | | | Change-Id: I8b974008f4c4c487c3386131993b442f936eb146 | ||||
* | Use Ansible Vaults to contain secret files/variables | Pedro Alvarez | 2016-08-15 | 17 | -7/+539 |
| | | | | | | | | | | Having them in files lying around in a local repository is dangerous, they could be commited and pushed by accident. Also, having these files in a mail is not good either, and makes this repository complicated to use for us. Change-Id: I644e1fb8228e3cb081a004547abaf654e9c449b7 | ||||
* | baserock_storyboard: Upgrade Ansible role to 2.1.0 | Pedro Alvarez | 2016-07-19 | 1 | -1/+1 |
| | | | | | | | This new version allows configuring the instance with comments edition. Change-Id: I1b889b630f72e17588f332f31d6f9f1a45d5cb7c | ||||
* | Upgrade gerrit to 2.12.3 | Pedro Alvarez | 2016-07-11 | 1 | -3/+3 |
| | | | | | | | | | This new version brings bugs and security fixes, see release notes for more info: https://gerrit.googlesource.com/gerrit/+/HEAD/ReleaseNotes/ReleaseNotes-2.12.3.txt Change-Id: I8848c50339994263513362096e2f0126989d5bd4 | ||||
* | baserock_storyboard: Update to new role version (2.0.2), and Ansible 2.0.1 | Pedro Alvarez | 2016-06-24 | 4 | -8/+6 |
| | | | | Change-Id: I829c2af49210e348ec26fe601c93f80dade3648b | ||||
* | baserock_gerrit: Ensure hostname is 'gerrit' and not '$HOSTNAME' | Pedro Alvarez | 2016-05-16 | 1 | -0/+1 |
| | | | | Change-Id: I420d839b895cd263d9b912506a74811125b5b9e4 | ||||
* | Merge remote-tracking branch 'definitions/master' | Pedro Alvarez | 2016-05-16 | 4 | -5/+7 |
|\ | |||||
| * | Upgrade util-linux to v2.28 | Pedro Alvarez | 2016-05-16 | 1 | -2/+2 |
| | | | | | | | | | | | | | | | | | | | | Systemd requires a version >= 2.27.1, and 2.28 also includes various btrfs fixes. For more infromation see the release notes: http://git.baserock.org/cgit/delta/util-linux.git/tree/Documentation/releases/v2.28-ReleaseNotes Change-Id: If6d44eb3d06eb7f511b9a5b6ea2166a7cf0af468 | ||||
| * | strata/core/util-linux.morph: Compile with --enable-libmount-force-mountinfo | Javier Jardón | 2016-05-16 | 1 | -0/+1 |
| | | | | | | | | | | | | Required by systemd (see systemd README) Change-Id: I65d8dae4c31c31ddc4de8fa90f4faa83518c20d3 | ||||
| * | lvm2: Update udev rules path to /usr/lib | Pedro Alvarez | 2016-05-16 | 1 | -2/+3 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | These udev rules were being ignored since we configured Systemd to install things in /usr/bin and /usr/lib in 0a0da35e1a693fc909d1628f5e81cb3b2693c057. LVM device nodes weren't being created, and as a result, systems that had LVM volumes configured in fstab, weren't booting. Installing the udev rules in /usr/lib fixes the problem. Change-Id: Ia3372676700c78c655af8721bb8568549eb64666 | ||||
| * | Upgrade tbdiff to get a fix for upgrades | Pedro Alvarez | 2016-05-16 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | Symlinks weren't being updated during upgrades, keeping the current version even if that wasn't modified by the user. Change-Id: I2f4290108d7dddc3bef5f25d3eb1e331be77e748 | ||||
* | | Merge remote-tracking branch 'definitions/master'pedro/openssl101t | Pedro Alvarez | 2016-05-13 | 167 | -708/+1673 |
|\ \ | |/ | | | | | Change-Id: I3c7b31d2006dafd8b69386cbee41d0d568b348eb | ||||
| * | Add erlang dependency to x86 IVI systems, and update erlang to OTP-18.3.3 | Lauren Perry | 2016-05-13 | 3 | -2/+6 |
| | | | | | | | | Change-Id: I89ad3271debed5b697c0c610daef79045c263917 | ||||
| * | Update cryptography and cffi (fix broken build) | Paul Sherwood | 2016-05-12 | 1 | -4/+4 |
| | | | | | | | | Change-Id: If1d05c8590882b3855970e733d9043af8162a8f4 | ||||
| * | strata/qt5-tools-qtwayland.morph: Build compositor API | Javier Jardón | 2016-05-12 | 2 | -1/+6 |
| | | | | | | | | Change-Id: I9de23958e878796412288dc374c1fca6e5fe94e2 |