New pages
From Nasqueron Agora
- 21:24, 2 October 2025 Operations grimoire/Recommended SSH configuration (hist | edit) [1,343 bytes] Dereckson (talk | contribs) (Created page with "== Consolidated OpenSSH configuration == The introduction of ProxyJump has simplified the bastion configuration since OpenSSH version 7.5: <syntaxhighlight> Host *.nasqueron.drake ProxyJump windriver.nasqueron.org Host 172.27.27.* ProxyJump windriver.nasqueron.org </syntaxhighlight> Older version of OpenSSH can use instead: <code>ProxyCommand "ssh -W %h:%p windriver.nasqueron.org"</code> == Use bastion as proxy == To connect on a server where the port 22 i...")
- 23:35, 25 September 2025 Naemon (hist | edit) [4,700 bytes] Dereckson (talk | contribs) (Created page with "'''Naemon''' has been identified as a simple and maintained solution for a Nagios-compatible monitoring system. Shinken and Sensu have been dismissed as open core solutions. == Naemon deployment and FreeBSD porting plan = == Overview == To improve Nasqueron infrastructure monitoring, we propose a three-step approach using Naemon, a Nagios-compatible monitoring system. Our 2024 test showed compatibility with FreeBSD is a reasonable middle-term goal, but need a sensibl...")
- 17:15, 24 September 2025 Limiting Factor (hist | edit) [2,084 bytes] Dereckson (talk | contribs) (Created page with "== Development with Limiting Factor == === Axum === Gotchas during development of With axum and limiting-factor-axum: ==== Order of extractors ==== [https://docs.rs/axum/latest/axum/extract/index.html#the-order-of-extractors axum::extract order of extractors] - the request is consumed by an extractor, so it must be the LAST parameter of any request handler method. For example, to use RequestBody: <syntaxhighlight language="rust"> use limiting_factor_axum::api::guards:...")
- 21:34, 22 September 2025 Monday office hours/2025-09-22 (hist | edit) [1,325 bytes] Dereckson (talk | contribs) (Created page with "Our focus was to switch DNS hosting authoritative source to ns1.nasqueron.org server, and switch HE ones as secondary. == DNS == ;Infrastructure changes: * {{T|1217}}: ns1.nasqueron.org is now the primary DNS server, DNS can be managed on Git with history and review ;Code merge: * {{D|3654}}: Define nasqueron.org DNS zone * {{D|3691}}: Use @ syntax for zone apex ;Administrative changes: * '''HE:''' nasqueron.org zone managed as secondary in nasqueron DNS account * '''...")
- 21:29, 17 September 2025 Nasqueron Labs (hist | edit) [357 bytes] Dereckson (talk | contribs) (Created page with "== Next labs == {| class="wikitable" |+ Nasqueron Labs to come |- ! Task !! Title !! Planning date !! Organizer |- | {{T|2126}} || Authenticate CI to Vault with OIDC (Jenkins x OpenBao) || ''to determine with interested nasquenautes'' || Dereckson |}")
- 23:24, 15 September 2025 Operations grimoire/Services (hist | edit) [1,646 bytes] Dereckson (talk | contribs) (Created page with "== Systemd, rc and runit == Nasqueron infrastructure uses 3 services software: {| class="wikitable" |+ Service management |- ! OS !! Use case !! Software !! Commands |- | FreeBSD || Standard || rc || service <service> <command> |- | Linux || Standard || systemd || systemctl <command> <service> |- | Linux || Docker containers || runit || sv <service> <command> |} Note how systemd inverts the general order by putting the command before the service. == Systemd == === Se...")
- 12:52, 14 September 2025 Dev zone/Reports (hist | edit) [1,836 bytes] Dereckson (talk | contribs) (Created page with "The Nasqueron internal reports repository is a monorepo containing SQL queries and tools to produce reports about Nasqueron internal data. == Python tools == === Configure PYTHONPATH === Python allows to develop several packages at the same time providing all the src/ folders to your PYTHONPATH variables. First, ensure you don't have any module installed through .whl running <code>pip freeze</code>. If you see something like <code>nasqueron-reports==0.1.0</code>, it co...")
- 21:56, 12 September 2025 Dev zone/Vault (hist | edit) [10,300 bytes] Dereckson (talk | contribs) (Created page with "This page explains how to query vault from an application. For infrastructure point of view, see Operations grimoire/Vault and Operations grimoire/Eglide/Vault. == Guides == === Python with hvac === In Python, the [https://python-hvac.org/ hvac library] is recommended. ==== Step 1 - Connect to Vault ==== Connection is straightforward and works out of the box even without parameters: <syntaxhighlight lang="python"> VAULT_CA_CERTIFICATE = "/usr/local/share/cert...")