Commit graph

20 commits

Author SHA1 Message Date
Pierre Bourdon 0dd333c573
postgres: add mTLS support
New client certs can be minted via the provided script, which is meant
to be run on the postgres server (where the CA private key is
conveniently deployed).
2024-08-16 07:59:12 +02:00
Pierre Bourdon 37bcb261ab
ssh-keys: add build-coord, rekey secrets 2024-08-13 22:36:30 +02:00
Ilya K f8cad42b5c Set up alertmanager-hookshot-adapter 2024-08-09 14:03:56 +00:00
raito 80c4757571 gerrit01: add a one-way-sync service
It's basic and does not handle conflicts which needs to be manually
managed.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-19 17:52:44 +02:00
raito da7175303c buildbot: add support for remote builders via baremetal machines
For now, only builder-3 is used.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 18:28:26 +02:00
raito a56426e6c9 secrets: rekey for new machine (buildbot)
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 18:00:51 +02:00
raito 7789e9ce75 services/buildbot: init
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 18:00:51 +02:00
Luke Granger-Brown 2b8f42dcda secrets: add gerrit-prometheus-bearer-token 2024-07-15 11:02:54 +00:00
Pierre Bourdon f74d1ca0f6
hydra: start signing paths 2024-07-10 17:34:57 +02:00
Ilya K 787b3af638 Add wob-vpn-gw key, rekey metrics push password for it 2024-07-10 15:13:05 +03:00
Pierre Bourdon afaf49eb97
secrets: rekey 2024-07-10 01:05:05 +02:00
raito 3828721e4f services/netbox: enable OIDC via Lix SSO
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-09 02:45:58 +02:00
Ilya K 563e0685d4 Metrics fixups
- fix grafana-agent config format
- rekey metrics-push-password for fodwatch
2024-07-08 10:01:25 +03:00
Ilya K 40ba3c4ae7 Prepare for remote push metrics 2024-07-08 09:33:59 +03:00
Ilya K 2441d18f17 Add Loki + Promtail setup 2024-07-05 16:10:31 +00:00
Ilya K 63b31e98cf Add Grafana/Prometheus/Mimir minimal setup
More later, Loki also later.
2024-07-05 16:10:31 +00:00
Pierre Bourdon bf8fe65f9f
bagel-box: update ssh host key & rekey 2024-07-04 13:59:18 +02:00
raito e3f3c87c0d meta01: init
Includes:

- Raito VM module
- Raito proxy aware NGINX module
- Base server module
- Sysadmin module
- New SSH keys
- Netbox module

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-01 19:40:37 +02:00
Pierre Bourdon 73aecaef41
hydra: provide S3 and SSH credentials (via agenix) 2024-06-24 20:59:19 +02:00
Pierre Bourdon 04bd33e32c
infra: add agenix, add s3 credentials 2024-06-24 18:03:20 +02:00