Kristian Klausen
d7d4ecbce1
Add GitLab Pages for "Service Agreements"
...
Ref: https://gitlab.archlinux.org/archlinux/service-agreements/-/merge_requests/16
2021-08-22 13:13:36 +02:00
Jelle van der Waa
9f54f8e07b
Add reproducible-notes for hosting packages.json
...
This subdomain hosts gitlab CI produced and updated notes for
unreproducible packages.
2021-07-31 15:46:35 +02:00
Evangelos Foutras
5ece8b98c2
Scale up lists to CPX11
...
Archiving arch-commits mails maxes out the single vCPU of CX11 and
results in High CPU Prometheus alert. If we decide not to maintain
mail archive for arch-commits, then we can likely scale back down.
2021-07-24 14:13:26 +03:00
Kristian Klausen
3ba230b17c
Replace runner1 with a new bigger box
...
CPU: Intel Xeon E5-2620 -> E-2288G
Disk: 2x~1TB -> 2x~500GB
2021-07-21 00:40:59 +02:00
Jelle van der Waa
373d4918cd
Add redirects for git.archlinux.org using a map
2021-07-14 20:03:54 +02:00
Evangelos Foutras
faba3a3d7c
misc/get_key.py: load vault file without chdir'ing
...
Now that misc/get_key.py checks if the vault file passed to it exists,
we cannot pass paths only resolvable from the root directory. Instead,
use paths that make sense relative to the current directory and avoid
calling chdir when loading the vault file.
Fixes: 7754214604
("Rewrite get_key.py to use click instead of typer")
2021-07-07 15:18:41 +03:00
Evangelos Foutras
9c2ca6851c
tf-stage1: Update commented out SOA entries
2021-07-07 13:40:59 +03:00
Thorben Günther
98f72a541a
tf-stage1: Update nameservers
...
Closes #207
2021-07-07 11:11:35 +02:00
Kristian Klausen
032763987c
Send promtail logs and scrap its metrics over WireGuard
2021-07-06 22:21:41 +00:00
Kristian Klausen
79f7d59910
Goodbye luna
...
https://lists.archlinux.org/pipermail/arch-dev-public/2021-July/030471.html
Fix #86
2021-07-04 12:46:01 +00:00
Kristian Klausen
06d4826aac
Make the lists.al.org VPS the new lists server
...
Fix #356
2021-06-30 09:30:31 +00:00
Kristian Klausen
41c5a5e26c
Add initial playbook for lists.archlinux.org
...
nginx, certbot, postfix and mailman are still missing and the DNS is
still pointing to luna.
2021-06-30 09:30:31 +00:00
Kristian Klausen
1ed1ee0f34
Increase the volume size (100->150GB) for monitoring.al.org
...
Loki is using a lot of storage (~8GB per week).
2021-06-23 15:59:19 +02:00
Kristian Klausen
d4206f7762
Create a redirect for the CoC
...
Fix #354
2021-06-16 00:28:16 +00:00
Kristian Klausen
db1ccafcf1
Remove removed svn2gittest.archlinux.org machine
2021-06-09 12:09:20 +02:00
Sven-Hendrik Haase
d2b110d250
Add dashboards.archlinux.org for public Grafana dashboards
...
Co-authored-by: Kristian Klausen <kristian@klausen.dk>
2021-05-13 23:28:01 +02:00
Jelle van der Waa
723f147129
Add tu bylaws website domain
...
The TU Bylaws is currently deployed as part of the aurweb role which
makes it more work for devops and with gitlab pages TU's can deploy it
themself.
2021-05-08 21:24:53 +02:00
Jelle van der Waa
889ecc98df
Add openpgpkey.master-key domain
...
The WKD setup for master-key.archlinux.org requires this domain to
obtain the master keys via WKD. As WKD falls back to archlinux.org which
contains no .well-known/openpgpkey entry.
2021-04-27 22:30:51 +02:00
Sven-Hendrik Haase
147003aac1
Increase monitoring.archlinux.org from cx21 to cx31
2021-04-27 02:28:11 +02:00
Jelle van der Waa
29ed9fa602
Update whatcanidofor verification code
2021-04-22 20:49:07 +02:00
Daniel M. Capella
3c9d2abc8e
Fix asknot domain
...
Eg. https://whatcanidoforfedora.org/ and
https://whatcanidoformozilla.org/ . Mea culpa.
2021-04-19 14:52:25 -04:00
Jelle van der Waa
67aeede014
resize monitoring for loki
...
Loki keeps logs it returns in ram, resulting in the oom killer on 2GB's
of ram.
2021-04-08 23:11:38 +02:00
Kristian Klausen
a5da021b56
Setup Pages for new bugs.archlinux.org snapshot service[1]
...
Fix #303
[1] https://gitlab.archlinux.org/archlinux/archlinux-bugs-snapshotter
2021-04-05 07:43:02 +02:00
Sven-Hendrik Haase
8100dcc85e
Add logging CNAME to monitoring
...
This allows us to get proper certificates for loki which will run on logging.archlinux.org
on the same machine as monitoring.archlinux.org.
2021-03-29 02:31:42 +02:00
Sven-Hendrik Haase
cef74fb629
Add 100G volume to monitoring
...
It was getting very cramped with only a few MBs left. It appears currently we only get about 6 months worth of data out of 20G
so 100G seems reasonable.
2021-03-19 05:41:40 +01:00
Kristian Klausen
fabccd0f61
"Move" NM connectivity check file to a subdomain
...
The file should not be on the main domain as it adds unnecessary
complexity to the archweb role and there is a bigger chance that we
unintentionally break connectivity checking (which has happened in the
past[1][2]).
This doesn't remove the file from the main domain[3], as we need to ship
a updated NetworkManager package first.
[1] https://www.reddit.com/r/archlinux/comments/keai0g/does_anyone_know_if_this_is_normal/
[2] https://www.reddit.com/r/gnome/comments/ke9ytm/network_manager_popup/
[3] http://www.archlinux.org/check_network_status.txt
Fix #239
2021-02-25 20:23:56 +01:00
Jelle van der Waa
3124cfd933
Add hedgedoc as new service
...
This adds a collaborative markdown editor as newly offered service which
is available via login for all Arch Linux Staff with an option to allow
anonymous edits by users (not default). Users are managed via keycloak
and require the Staff role to be allowed in, non staff keycloak users
currently will receive an internal server error due to an upstream
issue.
2021-02-01 21:59:30 +01:00
Sven-Hendrik Haase
44f497e52b
Remove dragon ( fixes #267 )
2021-01-31 13:54:14 +01:00
Sven-Hendrik Haase
83cbb36866
Add build.archlinux.org
2021-01-26 18:06:09 +01:00
Frederik Schwan
38dc229288
improve terraform handling of virtual machine domains
...
machine.domain has been an mandatory attribute which creates
<domain>.archlinux.org entries automagically. For migrations this can be
a problem if <domain>.archlinux.org supposed to point to a different
machine. Adding the new machine with the same domain leads to additional
DNS entries. The DNS ends up pointing to both machines in this case.
By making the domain attribute optional for machines, we allow the new
machines to be created without any domain pointing to them.
2021-01-25 14:56:08 +01:00
Kristian Klausen
dae6eb662a
tf-stage1/archlinux: Remove unneeded quotation marks from ed25519 domainkey
2021-01-19 08:10:55 +00:00
Giancarlo Razzolini
d6786ea148
tf-stage1/archlinux: Fix the ttl entry for lists
...
The ttl must be aligned with the previous entries.
2021-01-13 17:22:19 +00:00
Giancarlo Razzolini
f494ff60ca
tf-stage1/archlinux: Lower lists TTL and create the new lists server
...
Lowered the CNAME DNS record TTL for lists to 600 and created a new cx11 server
to migrate lists.archlinux.org to.
2021-01-13 17:22:18 +00:00
Sven-Hendrik Haase
8327ffd974
Deploy man.archlinux.org
2021-01-11 14:55:29 +01:00
Jelle van der Waa
d4fe2fcd4a
Remove WKD role, replaced by Gitlab Pages
2021-01-10 20:36:35 +01:00
Jelle van der Waa
410a66c9de
Lower openpgpkey.archlinux.org ttl for gitlab pages
...
The WKD will be migrated to Gitlab Pages, requiring a lowering of DNS
TTL.
2021-01-10 20:36:07 +01:00
Kristian Klausen
e6e4746f3b
tf-stage1/archlinux: Remove unused luna2._domainkey{,.aur,.lists}
2020-12-31 13:36:35 +01:00
Frederik Schwan
b122032369
add fixes to minimize changes introduced by !241
2020-12-31 02:26:40 +01:00
Kristian Klausen
e5f0e961e9
tf-stage1/archlinux: Pull mail.al.org ip addresses from hcloud
2020-12-31 01:00:30 +00:00
Kristian Klausen
274c98d69e
tf-stage1/archlinux: Add ttl to archlinux_org_txt example
2020-12-31 01:00:30 +00:00
Kristian Klausen
2897fa6f19
tf-stage1/archlinux: Pull homedir.al.org IP addresses from hcloud
2020-12-31 01:00:30 +00:00
Kristian Klausen
77d2c7b317
tf-stage1/archlinux: Drop MTA-STS, MX, SPF and TLS-RPT templating
...
We need to keep the balance between automation and readability.
2020-12-31 01:00:30 +00:00
Kristian Klausen
f02c9674fd
tf-stage1/archlinux: Refactor MTA-STS, MX, SPF and TLS-RPT logic
2020-12-31 01:00:30 +00:00
Kristian Klausen
676136e792
tf-stage1/archlinux: Move most al.org TXT to a variable to ease management
2020-12-31 01:00:30 +00:00
Kristian Klausen
0327cd0b3e
tf-stage1/archlinux: Move luna domainkey to the lists.al.org subdomain
...
luna uses the luna domainkey now, instaed of the luna2 domainkey. The
list (hosted on luna) also use lists.archlinux.org for all ml now[1].
[1] https://lists.archlinux.org/pipermail/arch-dev-public/2020-December/030248.html
2020-12-30 00:29:38 +01:00
Giancarlo Razzolini
3ac0a774ae
tf-stage1/archlinux: Remove all apollo entries
...
Removed the A/AAAA entries for apollo, as well as any CNAME's pointing to it. Also
removed the domain key for apollo.
2020-12-29 07:55:41 -03:00
Giancarlo Razzolini
e2ff62c2c8
tf-stage1/archlinux: Move mailman to redirect
...
Pointed the mailman CNAME to the new redirect machine for finishing the apollo migration.
2020-12-29 06:14:01 -03:00
Frederik Schwan
d4aeec3c65
remove wildcard domain for pkgbuild.com
2020-12-28 20:17:43 +01:00
Frederik Schwan
1af9bd0fa1
rollback master-key from CNAME to A/AAAA since the CNAME cannot be processed by hetzner temporarily
2020-12-28 03:04:34 +01:00
Frederik Schwan
59efb62f65
fix cname entries which cannot point to the root domain
2020-12-28 02:46:56 +01:00