summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* README: Fix CA cert generation instructionssam/update-ca-certsSam Thursfield2017-10-201-2/+2
|
* Update SSL certificatesSam Thursfield2017-10-2010-1478/+1463
| | | | Old ones had expired
* Merge branch 'sam/readme-in-gitlab' into 'master'Ben Brown2017-10-131-0/+0
|\ | | | | | | | | Rename README so it gets displayed in GitLab See merge request baserock/infrastructure!10
| * Rename README so it gets displayed in GitLabSam Thursfield2017-10-131-0/+0
|/
* README.mdwn: Fix SSL certificate instructionsSam Thursfield2017-10-041-0/+6
| | | | I mangled these in 7018cd6011afda6afca722719465538e63f00a6a.
* Merge branch 'document-ci' into 'master'Sam Thursfield2017-10-041-22/+33
|\ | | | | | | | | Document how the Baserock runners for GitLab CI are set up See merge request baserock/infrastructure!9
| * README.mdwn: Document GitLab CI runners setupdocument-ciSam Thursfield2017-10-041-0/+36
| |
| * README.mdwn: No need to update SSL certificates for the obsolete servicesSam Thursfield2017-10-041-26/+1
| |
* | Merge branch 'kill-obsolete' into 'master'Pedro Alvarez Piedehierro2017-10-0495-3827/+8
|\ \ | |/ | | | | | | Kill obsolete system definitions See merge request baserock/infrastructure!8
| * README.mdwn: Remove "creating new repos" sectionkill-obsoleteSam Thursfield2017-10-041-33/+0
| | | | | | | | | | We now use GitLab for Git hosting, so it's pretty obvious how to create repos.
| * README.mdwn: Update introSam Thursfield2017-10-041-8/+8
| | | | | | | | We no longer want everything to be hosted on Baserock eventually.
| * Remove vestigial Opengrok systemSam Thursfield2017-10-048-261/+0
| | | | | | | | This never got finished. Try http://codesearch.debian.net/ :-)
| * Remove definitions for obsolete systemsSam Thursfield2017-10-0486-3216/+0
| | | | | | | | | | | | | | Some of these systems are still up for now, but their demise has ben announced: https://listmaster.pepperfish.net/pipermail/baserock-dev-baserock.org/2017-September/013812.html
| * README.mdwn: Remove documentation for obsolete systemsSam Thursfield2017-10-041-309/+0
|/
* Merge branch 'sam/jonathanmaw-ostree-access' into 'master'Pedro Alvarez Piedehierro2017-09-292-0/+2
|\ | | | | | | | | Give Jonathan Maw push access to ostree.baserock.org See merge request baserock/infrastructure!7
| * Give Jonathan Maw push access to ostree.baserock.orgSam Thursfield2017-09-292-0/+2
|/ | | | | Jonathan has done an armv8l64 bootstrap with BuildStream and I want to get all of those artifacts into our cache.
* Merge branch 'sam/update-ostree' into 'master'Sam Thursfield2017-07-214-1/+34
|\ | | | | | | | | baserock_ostree: Update for changes in BuildStream See merge request !6
| * baserock_ostree: Update for changes in BuildStreamsam/update-ostreeSam Thursfield2017-07-214-1/+34
|/ | | | | | | | | We now need a timer job to update the summary file, see: https://buildstream.gitlab.io/buildstream/artifacts.html#summary-file-updates I also updated BuildStream which changes the artifact push protocol. Sadly the protocol isn't versioned yet so old versions will now fail to push with weird errors.
* Merge branch 'sam/ostree' into 'master'Pedro Alvarez Piedehierro2017-07-1318-1150/+1360
|\ | | | | | | | | Add ostree.baserock.org definitions See merge request !5
| * baserock_ostree: Add the private GitLab CI key (encrypted)sam/ostreeSam Thursfield2017-07-131-0/+167
| |
| * baserock_ostree: Enable write accessSam Thursfield2017-07-137-2/+37
| | | | | | | | | | | | | | | | | | | | | | So far this is limited to the existing Baserock ops team, and a new key that I will try to install into our GitLab CI configuration so that build runners can push artifacts. We don't to hand out access too widely because we currently don't do any verification that the submitted artifacts actually corresponds to the cache key that it's supposed to. This is fine as long as access is limited to autobuilders that we control and trusted developers.
| * firewall.yml: Open morph-cache-server port on git-server security groupSam Thursfield2017-07-131-1/+11
| | | | | | | | | | | | This is used by YBD for resolving remote Git commit SHA1s to tree SHA1s. Previously the port was opened by the shared-artifact-cache security group, but it no longer is.
| * Add ostree.baserock.org systemSam Thursfield2017-07-1312-787/+911
| | | | | | | | | | | | | | | | | | | | | | | | | | This is a new instance that can be used as an artifact cache by the BuildStream build tool. Anyone can download artifacts over HTTPS. Those given SSH access to the machine can write to the artifact cache (this will likely be limited to automated build machines). DNS is now set to point cache.baserock.org and ostree.baserock.org to the HAProxy frontend. The SSL certificate for the frontend-haproxy system has been regenerated to include the cache.baserock.org and ostree.baserock.org domains.
| * firewall.yml: Update to use OpenStack modules from Ansible 2.0Sam Thursfield2017-07-132-351/+262
| | | | | | | | Previously we depended on 3rd party openstack-ansible-modules.
| * Remove obsolete hostsSam Thursfield2017-07-121-4/+0
| |
| * README.mdwn: Remove MasonsSam Thursfield2017-07-121-33/+0
| | | | | | | | | | | | These are obsolete, see: https://listmaster.pepperfish.net/pipermail/baserock-dev-baserock.org/2017-January/013765.html
| * README.mdwn: Replace Yum with DNFSam Thursfield2017-07-121-1/+1
|/
* Merge branch 'pedro/no-push-notifications' into 'master'Pedro Alvarez Piedehierro2017-05-222-6/+6
|\ | | | | | | | | Pedro/no push notifications See merge request !3
| * baserock_bots: restart bot, to update changes in serverpedro/no-push-notificationsPedro Alvarez Piedehierro2017-05-221-2/+2
| |
| * baserock_bots: Disable push notifications for BaserockPedro Alvarez Piedehierro2017-05-221-4/+4
|/
* Merge branch 'pedro/gitlab-bot-multichannel' into 'master'Pedro Alvarez Piedehierro2017-05-222-9/+45
|\ | | | | | | | | baserock_bots: configure Gitlab bot for Baserock too See merge request !2
| * baserock_bots: configure Gitlab bot for Baserock toopedro/gitlab-bot-multichannelPedro Alvarez Piedehierro2017-05-222-9/+45
|/
* Merge branch 'pedro/ssl-may-2017' into 'master'Pedro Alvarez Piedehierro2017-05-2119-1626/+1884
|\ | | | | | | | | Pedro/ssl may 2017 See merge request !1
| * Fixes for SSL keys generation/deploymentPedro Alvarez Piedehierro2017-05-202-2/+19
| |
| * Update SSL certsPedro Alvarez Piedehierro2017-05-2017-1624/+1865
|/
* Add Ansible scripts for Gitlab IRC botPedro Alvarez Piedehierro2017-05-154-0/+98
|
* Update certificates in Gerrit instancePedro Alvarez2017-05-022-8/+11
|
* Apply manually changes from previous commit for frontend.pemPedro Alvarez2017-05-022-59/+96
|
* Ensure all certificate files needed are createdPedro Alvarez2017-05-023-8/+16
|
* certs: Make spec.bo and docs.bo part of the frontend certPedro Alvarez2017-03-224-679/+685
|
* baserock_frontend: Prepare to redirect spec and docs subdomainsPedro Alvarez Piedehierro2017-03-221-3/+10
| | | | This will let us use easily more SSL certs from our HAProxy instance
* Add dnsapi.config.txt file for SSL generationPedro Alvarez2017-03-171-0/+6
|
* Remove old SSL certificate filesPedro Alvarez2017-03-173-285/+0
|
* Add notes for SSL certs generation and setupPedro Alvarez2017-03-171-0/+97
|
* baserock_storyboard: Update for new SSL certsPedro Alvarez2017-03-171-3/+3
|
* ansible.cfg: Allow Ansible tmpfiles to be readable by any userPedro Alvarez2017-03-171-1/+2
| | | | | | This worksaround an issue with newer versions of Ansible. See https://docs.ansible.com/ansible/become.html#becoming-an-unprivileged-user for more information.
* baserock_frontend: Update for new SSL certsPedro Alvarez2017-03-171-8/+5
|
* baserock_trove: Adapt for new certsPedro Alvarez2017-03-172-6/+6
|
* Add new SSL certsPedro Alvarez2017-03-178-0/+1674
|
* Add letsencrypt Root certificatePedro Alvarez2017-03-171-0/+58
| | | | | Combination of "ISRG Root X1" and "Encrypt Authority X3" certificates downloaded from https://letsencrypt.org/certificates/
View Lorry Controller Status