d7d4ecbce1
Add GitLab Pages for "Service Agreements"
...
Ref: https://gitlab.archlinux.org/archlinux/service-agreements/-/merge_requests/16
2021-08-22 13:13:36 +02:00
9f54f8e07b
Add reproducible-notes for hosting packages.json
...
This subdomain hosts gitlab CI produced and updated notes for
unreproducible packages.
2021-07-31 15:46:35 +02:00
5ece8b98c2
Scale up lists to CPX11
...
Archiving arch-commits mails maxes out the single vCPU of CX11 and
results in High CPU Prometheus alert. If we decide not to maintain
mail archive for arch-commits, then we can likely scale back down.
2021-07-24 14:13:26 +03:00
3ba230b17c
Replace runner1 with a new bigger box
...
CPU: Intel Xeon E5-2620 -> E-2288G
Disk: 2x~1TB -> 2x~500GB
2021-07-21 00:40:59 +02:00
373d4918cd
Add redirects for git.archlinux.org using a map
2021-07-14 20:03:54 +02:00
faba3a3d7c
misc/get_key.py: load vault file without chdir'ing
...
Now that misc/get_key.py checks if the vault file passed to it exists,
we cannot pass paths only resolvable from the root directory. Instead,
use paths that make sense relative to the current directory and avoid
calling chdir when loading the vault file.
Fixes: 7754214604
2021-07-07 15:18:41 +03:00
9c2ca6851c
tf-stage1: Update commented out SOA entries
2021-07-07 13:40:59 +03:00
98f72a541a
tf-stage1: Update nameservers
...
Closes #207
2021-07-07 11:11:35 +02:00
032763987c
Send promtail logs and scrap its metrics over WireGuard
2021-07-06 22:21:41 +00:00
79f7d59910
Goodbye luna
...
https://lists.archlinux.org/pipermail/arch-dev-public/2021-July/030471.html
Fix #86
2021-07-04 12:46:01 +00:00
06d4826aac
Make the lists.al.org VPS the new lists server
...
Fix #356
2021-06-30 09:30:31 +00:00
41c5a5e26c
Add initial playbook for lists.archlinux.org
...
nginx, certbot, postfix and mailman are still missing and the DNS is
still pointing to luna.
2021-06-30 09:30:31 +00:00
1ed1ee0f34
Increase the volume size (100->150GB) for monitoring.al.org
...
Loki is using a lot of storage (~8GB per week).
2021-06-23 15:59:19 +02:00
d4206f7762
Create a redirect for the CoC
...
Fix #354
2021-06-16 00:28:16 +00:00
db1ccafcf1
Remove removed svn2gittest.archlinux.org machine
2021-06-09 12:09:20 +02:00
d2b110d250
Add dashboards.archlinux.org for public Grafana dashboards
...
Co-authored-by: Kristian Klausen <kristian@klausen.dk>
2021-05-13 23:28:01 +02:00
723f147129
Add tu bylaws website domain
...
The TU Bylaws is currently deployed as part of the aurweb role which
makes it more work for devops and with gitlab pages TU's can deploy it
themself.
2021-05-08 21:24:53 +02:00
889ecc98df
Add openpgpkey.master-key domain
...
The WKD setup for master-key.archlinux.org requires this domain to
obtain the master keys via WKD. As WKD falls back to archlinux.org which
contains no .well-known/openpgpkey entry.
2021-04-27 22:30:51 +02:00
147003aac1
Increase monitoring.archlinux.org from cx21 to cx31
2021-04-27 02:28:11 +02:00
29ed9fa602
Update whatcanidofor verification code
2021-04-22 20:49:07 +02:00
3c9d2abc8e
Fix asknot domain
...
Eg. https://whatcanidoforfedora.org/ and
https://whatcanidoformozilla.org/ . Mea culpa.
2021-04-19 14:52:25 -04:00
67aeede014
resize monitoring for loki
...
Loki keeps logs it returns in ram, resulting in the oom killer on 2GB's
of ram.
2021-04-08 23:11:38 +02:00
a5da021b56
Setup Pages for new bugs.archlinux.org snapshot service[1]
...
Fix #303
[1] https://gitlab.archlinux.org/archlinux/archlinux-bugs-snapshotter
2021-04-05 07:43:02 +02:00
8100dcc85e
Add logging CNAME to monitoring
...
This allows us to get proper certificates for loki which will run on logging.archlinux.org
on the same machine as monitoring.archlinux.org.
2021-03-29 02:31:42 +02:00
cef74fb629
Add 100G volume to monitoring
...
It was getting very cramped with only a few MBs left. It appears currently we only get about 6 months worth of data out of 20G
so 100G seems reasonable.
2021-03-19 05:41:40 +01:00
fabccd0f61
"Move" NM connectivity check file to a subdomain
...
The file should not be on the main domain as it adds unnecessary
complexity to the archweb role and there is a bigger chance that we
unintentionally break connectivity checking (which has happened in the
past[1][2]).
This doesn't remove the file from the main domain[3], as we need to ship
a updated NetworkManager package first.
[1] https://www.reddit.com/r/archlinux/comments/keai0g/does_anyone_know_if_this_is_normal/
[2] https://www.reddit.com/r/gnome/comments/ke9ytm/network_manager_popup/
[3] http://www.archlinux.org/check_network_status.txt
Fix #239
2021-02-25 20:23:56 +01:00
3124cfd933
Add hedgedoc as new service
...
This adds a collaborative markdown editor as newly offered service which
is available via login for all Arch Linux Staff with an option to allow
anonymous edits by users (not default). Users are managed via keycloak
and require the Staff role to be allowed in, non staff keycloak users
currently will receive an internal server error due to an upstream
issue.
2021-02-01 21:59:30 +01:00
44f497e52b
Remove dragon ( fixes #267 )
2021-01-31 13:54:14 +01:00
83cbb36866
Add build.archlinux.org
2021-01-26 18:06:09 +01:00
38dc229288
improve terraform handling of virtual machine domains
...
machine.domain has been an mandatory attribute which creates
<domain>.archlinux.org entries automagically. For migrations this can be
a problem if <domain>.archlinux.org supposed to point to a different
machine. Adding the new machine with the same domain leads to additional
DNS entries. The DNS ends up pointing to both machines in this case.
By making the domain attribute optional for machines, we allow the new
machines to be created without any domain pointing to them.
2021-01-25 14:56:08 +01:00
dae6eb662a
tf-stage1/archlinux: Remove unneeded quotation marks from ed25519 domainkey
2021-01-19 08:10:55 +00:00
d6786ea148
tf-stage1/archlinux: Fix the ttl entry for lists
...
The ttl must be aligned with the previous entries.
2021-01-13 17:22:19 +00:00
f494ff60ca
tf-stage1/archlinux: Lower lists TTL and create the new lists server
...
Lowered the CNAME DNS record TTL for lists to 600 and created a new cx11 server
to migrate lists.archlinux.org to.
2021-01-13 17:22:18 +00:00
8327ffd974
Deploy man.archlinux.org
2021-01-11 14:55:29 +01:00
d4fe2fcd4a
Remove WKD role, replaced by Gitlab Pages
2021-01-10 20:36:35 +01:00
410a66c9de
Lower openpgpkey.archlinux.org ttl for gitlab pages
...
The WKD will be migrated to Gitlab Pages, requiring a lowering of DNS
TTL.
2021-01-10 20:36:07 +01:00
e6e4746f3b
tf-stage1/archlinux: Remove unused luna2._domainkey{,.aur,.lists}
2020-12-31 13:36:35 +01:00
b122032369
add fixes to minimize changes introduced by !241
2020-12-31 02:26:40 +01:00
e5f0e961e9
tf-stage1/archlinux: Pull mail.al.org ip addresses from hcloud
2020-12-31 01:00:30 +00:00
274c98d69e
tf-stage1/archlinux: Add ttl to archlinux_org_txt example
2020-12-31 01:00:30 +00:00
2897fa6f19
tf-stage1/archlinux: Pull homedir.al.org IP addresses from hcloud
2020-12-31 01:00:30 +00:00
77d2c7b317
tf-stage1/archlinux: Drop MTA-STS, MX, SPF and TLS-RPT templating
...
We need to keep the balance between automation and readability.
2020-12-31 01:00:30 +00:00
f02c9674fd
tf-stage1/archlinux: Refactor MTA-STS, MX, SPF and TLS-RPT logic
2020-12-31 01:00:30 +00:00
676136e792
tf-stage1/archlinux: Move most al.org TXT to a variable to ease management
2020-12-31 01:00:30 +00:00
0327cd0b3e
tf-stage1/archlinux: Move luna domainkey to the lists.al.org subdomain
...
luna uses the luna domainkey now, instaed of the luna2 domainkey. The
list (hosted on luna) also use lists.archlinux.org for all ml now[1].
[1] https://lists.archlinux.org/pipermail/arch-dev-public/2020-December/030248.html
2020-12-30 00:29:38 +01:00
3ac0a774ae
tf-stage1/archlinux: Remove all apollo entries
...
Removed the A/AAAA entries for apollo, as well as any CNAME's pointing to it. Also
removed the domain key for apollo.
2020-12-29 07:55:41 -03:00
e2ff62c2c8
tf-stage1/archlinux: Move mailman to redirect
...
Pointed the mailman CNAME to the new redirect machine for finishing the apollo migration.
2020-12-29 06:14:01 -03:00
d4aeec3c65
remove wildcard domain for pkgbuild.com
2020-12-28 20:17:43 +01:00
1af9bd0fa1
rollback master-key from CNAME to A/AAAA since the CNAME cannot be processed by hetzner temporarily
2020-12-28 03:04:34 +01:00
59efb62f65
fix cname entries which cannot point to the root domain
2020-12-28 02:46:56 +01:00
Kristian Klausen
Jelle van der Waa
Evangelos Foutras
Thorben Günther
Sven-Hendrik Haase
Daniel M. Capella
Frederik Schwan
Giancarlo Razzolini