Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
Sébastien Luttringer
infrastructure
Commits
a369b2b3
Verified
Commit
a369b2b3
authored
Jul 04, 2019
by
Jan Alexander Steffens (heftig)
Browse files
README.md: Normalize indent
parent
1a9380de
Changes
1
Hide whitespace changes
Inline
Side-by-side
README.md
View file @
a369b2b3
...
...
@@ -8,7 +8,7 @@ It also contains git submodules so you have to run `git submodule update --init
## Requirements
Install these packages:
-
terraform
-
terraform
### Instructions
...
...
@@ -42,7 +42,7 @@ Note that some roles already run this automatically.
We use packer to build snapshots on hcloud to use as server base images.
In order to use this, you need to install packer and then run
packer build -var $(misc/get_key.py misc/vault_hetzner.yml hetzner_cloud_api_key env) packer/archlinux.json
packer build -var $(misc/get_key.py misc/vault_hetzner.yml hetzner_cloud_api_key env) packer/archlinux.json
This will take some time after which a new snapshot will have been created on the primary hcloud archlinux project.
...
...
@@ -87,75 +87,75 @@ Arch-audit can be used to find servers in need of updates for security issues.
The following steps should be used to update our managed servers:
*
pacman -Syu
*
manually update the kernel, since it is in IgnorePkg by default
*
sync
*
checkservices
*
reboot
*
pacman -Syu
*
manually update the kernel, since it is in IgnorePkg by default
*
sync
*
checkservices
*
reboot
## Servers
### vostok
#### Services
-
backups
-
backups
### orion
#### Services
-
repos/sync (repos.archlinux.org)
-
sources (sources.archlinux.org)
-
archive (archive.archlinux.org)
-
torrent tracker hefurd (tracker.archlinux.org)
-
repos/sync (repos.archlinux.org)
-
sources (sources.archlinux.org)
-
archive (archive.archlinux.org)
-
torrent tracker hefurd (tracker.archlinux.org)
### apollo
#### Services
-
bbs (bbs.archlinux.org)
-
wiki (wiki.archlinux.org)
-
aur (aur.archlinux.org)
-
flyspray (bugs.archlinux.org)
-
mailman
-
planet (planet.archlinux.org)
-
bugs (bugs.archlinux.org)
-
archweb
-
patchwork
-
projects (projects.archlinux.org)
-
bbs (bbs.archlinux.org)
-
wiki (wiki.archlinux.org)
-
aur (aur.archlinux.org)
-
flyspray (bugs.archlinux.org)
-
mailman
-
planet (planet.archlinux.org)
-
bugs (bugs.archlinux.org)
-
archweb
-
patchwork
-
projects (projects.archlinux.org)
### soyuz
#### Services
-
build server (pkgbuild.com)
-
releng
-
sogrep
-
/~user/ webhost
-
irc bot (phrik)
-
matrix
-
docker images
-
arch boxes (packer)
-
build server (pkgbuild.com)
-
releng
-
sogrep
-
/~user/ webhost
-
irc bot (phrik)
-
matrix
-
docker images
-
arch boxes (packer)
### dragon
#### Services
-
build server (pkgbuild.com)
-
sogrep
-
build server (pkgbuild.com)
-
sogrep
### state.cloud.archlinux.org
#### Services:
-
postgres server for terraform state
-
postgres server for terraform state
### quassel.archlinux.org
#### Services:
-
quassel core
-
quassel core
## Ansible repo workflows
### Replace vault password and change vaulted passwords
-
Generate a new key and save it as ./new-vault-pw:
`pwgen -s 64 1 > new-vault-pw`
-
`for i in $(ag ANSIBLE_VAULT -l); do ansible-vault rekey --new-vault-password-file new-vault-pw $i; done`
-
Change the key in misc/vault-password.gpg
-
`rm new-vault-pw`
-
Generate a new key and save it as ./new-vault-pw:
`pwgen -s 64 1 > new-vault-pw`
-
`for i in $(ag ANSIBLE_VAULT -l); do ansible-vault rekey --new-vault-password-file new-vault-pw $i; done`
-
Change the key in misc/vault-password.gpg
-
`rm new-vault-pw`
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment