Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
Sébastien Luttringer
infrastructure
Commits
81e29c04
Commit
81e29c04
authored
May 02, 2020
by
Sven-Hendrik Haase
Browse files
Merge branch 'master' of
ssh://git.archlinux.org/srv/git/infrastructure
parents
eacdda3e
f5500702
Changes
3
Hide whitespace changes
Inline
Side-by-side
README.md
View file @
81e29c04
...
@@ -212,7 +212,7 @@ The following steps should be used to update our managed servers:
...
@@ -212,7 +212,7 @@ The following steps should be used to update our managed servers:
#### Services:
#### Services:
-
~/user/ webhost
-
~/user/ webhost
### accounts.archlinux.org
### accounts.archlinux.org
This server is /special/. It runs keycloak and is central to our unified Arch Linux account management world.
This server is /special/. It runs keycloak and is central to our unified Arch Linux account management world.
...
@@ -240,8 +240,9 @@ So to set up this server from scratch, run:
...
@@ -240,8 +240,9 @@ So to set up this server from scratch, run:
## reproducible.archlinux.org
## reproducible.archlinux.org
### Services
### Services
-
Runs a master rebuilderd instance with two PIA workers (repro1.pkgbuild.com
-
Runs a master rebuilderd instance with two PIA workers (repro1.pkgbuild.com,
and repro2.pkgbuild.com).
repro2.pkgbuild.com and repro3.pkgbuild.com).
repro3.pkgbuild.com is packet.net machine which runs Ubuntu.
## Ansible repo workflows
## Ansible repo workflows
...
...
group_vars/all/root_access.yml
View file @
81e29c04
...
@@ -31,7 +31,7 @@ root_gpgkeys:
...
@@ -31,7 +31,7 @@ root_gpgkeys:
-
CFA6AF15E5C74149FC1D8C086D1655C14CE1C13E
# bluewind
-
CFA6AF15E5C74149FC1D8C086D1655C14CE1C13E
# bluewind
-
F3691687D867B81B51CE07D9BBE43771487328A9
# bpiotrowski
-
F3691687D867B81B51CE07D9BBE43771487328A9
# bpiotrowski
-
86CFFCA918CF3AF47147588051E8B148A9999C34
# foutrelis
-
86CFFCA918CF3AF47147588051E8B148A9999C34
# foutrelis
-
605071ECA86C954B866585C0567A6F396F2CFC03
# fukawi2
-
605071ECA86C954B866585C0567A6F396F2CFC03
# fukawi2
https://keybase.io/fukawi2/pgp_keys.asc
-
ECCAC84C1BA08A6CC8E63FBBF22FB1D78A77AEAB
# grazzolini
-
ECCAC84C1BA08A6CC8E63FBBF22FB1D78A77AEAB
# grazzolini
-
8218F88849AAC522E94CF470A5E9288C4FA415FA
# heftig
-
8218F88849AAC522E94CF470A5E9288C4FA415FA
# heftig
-
E499C79F53C96A54E572FEE1C06086337C50773E
# jelle
-
E499C79F53C96A54E572FEE1C06086337C50773E
# jelle
...
...
playbooks/tasks/fetch-borg-keys.yml
View file @
81e29c04
...
@@ -12,9 +12,20 @@
...
@@ -12,9 +12,20 @@
command
:
"
/usr/local/bin/borg
key
export
::
/dev/stdout"
command
:
"
/usr/local/bin/borg
key
export
::
/dev/stdout"
register
:
borg_key
register
:
borg_key
-
name
:
fetch borg offsite key
command
:
"
/usr/local/bin/borg-offsite
key
export
::
/dev/stdout"
register
:
borg_offsite_key
-
name
:
save borg key
-
name
:
save borg key
shell
:
gpg --batch --armor --encrypt --output - >"{{playbook_dir}}/../../borg-keys/{{inventory_hostname}}.gpg" {% for userid in root_gpgkeys %}--recipient {{userid}} {% endfor %}
shell
:
gpg --batch --armor --encrypt --output - >"{{playbook_dir}}/../../borg-keys/{{inventory_hostname}}.gpg" {% for userid in root_gpgkeys %}--recipient {{userid}} {% endfor %}
args
:
args
:
stdin
:
"
{{borg_key.stdout}}"
stdin
:
"
{{borg_key.stdout}}"
chdir
:
"
{{playbook_dir}}/../.."
chdir
:
"
{{playbook_dir}}/../.."
delegate_to
:
localhost
delegate_to
:
localhost
-
name
:
save borg offsite key
shell
:
gpg --batch --armor --encrypt --output - >"{{playbook_dir}}/../../borg-keys/{{inventory_hostname}}-offsite.gpg" {% for userid in root_gpgkeys %}--recipient {{userid}} {% endfor %}
args
:
stdin
:
"
{{borg_offsite_key.stdout}}"
chdir
:
"
{{playbook_dir}}/../.."
delegate_to
:
localhost
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment