Operations grimoire: Difference between revisions

From Nasqueron Agora
(Created page with "Welcome to the Nasqueron operations grimoire (NOG). = Disaster recovery = == Reseeding the infrastructure == === Create a K/V store for credentials === Install a key value st...")
 
 
(74 intermediate revisions by 4 users not shown)
Line 1: Line 1:
[[File:Nasqueron Operations Grimoire.jpg|thumb|320px|right|The Nasqueron operations grimoire tries to document the more arcane aspects of our complex infrastructure.]]
Welcome to the Nasqueron operations grimoire (NOG).
Welcome to the Nasqueron operations grimoire (NOG).


= Disaster recovery =
This grimoire is a reference about our infrastructure and services hosted with procedures we follow to build, maintain and deploy.
== Reseeding the infrastructure ==
 
=== Create a K/V store for credentials ===
Our infrastructure is open, mainly documented in {{repo|operations}} repository, and we actively encourage contributions from the community.
Install a key value store for credentials.
 
== Infrastructure ==
* [[/Environments]]
* [[/Kubernetes]]
* [[/Docker engine]]
* [[/Salt]]
 
=== OS-specific ===
* [[/FreeBSD]]
* [[/RHEL]]
* [[/Packages repository]]
 
=== Storage ===
* [[/ZFS]]
 
=== Network ===
* [[/Network]]
* [[/DNS]]
* [[/Firewall]]
* [[/IPv6]]
* [https://netbox.nasqueron.org/ NetBox]
 
== Services ==
=== Core services ===
; Messages queues
* [[/Kafka]]
* [[/RabbitMQ]]
 
; Databases
* [[/MySQL]]
* [[/PostgreSQL]]
 
; Ops
* [[/NetBox]]
 
=== Identity management ===
* [[/Login]] (Auth Grove)
 
=== Collaborative tools ===
* [[/DevCentral]] (Phabricator)
* [[/Etherpad]]
* [[/Mumble]]
* [[/Mastodon]] (social.nasqueron.org)
* [[/Openfire]] (XMPP)
 
=== IRC bots ===
* [[/Dæghrefn]] (eggdrop)
* [[/Odderon]] (darkbot)
 
=== Mail ===
* [[/Mail]]
* [[/Mail/DKIM]]
* [[/Mail/Sympa]]
 
=== Web ===
; Common documentation for all webserver roles
* [[/Web/Headers]]
 
; Where to host?
* [[/Docker engine]] for Docker containers front-end
* [[/Alkane]] for PHP and static sites
 
; SaaS for common applications
* [[MediaWiki SaaS]]
* [[/WordPress]]
 
; Other sites
* [[/Sites on Eglide]]
* [[/Sites on Ysul]] (currently migrating to Alkane)
 
; Services for web applications
* [[/Orbeon]]
 
=== CI/CD ===
* [[/Broker]]
* [[/Docker registry]]
* [[/Jenkins]]
* [[/Notifications center]]
* [[/Sentry]]
* [[/Vault]]
 
=== Shellserver ===
* [[/Eglide/Vault]]
 
=== Observability ===
* [[/Grafana]]
* [[/Prometheus]]
 
== Services configuration ==
''This section contains general information not related to a specific service.''
* [[/TLS certificates]] (Let's encrypt / letsencrypt)
 
== Checklists ==
=== Infrastructure ===
* [[/How to add a server to the Nasqueron servers pool]]
* [[/How to attach a new virtual disk]]
* [[/Reboot checklist]]
 
=== Network ===
* [[/Checklist router post-restart]]
 
=== Docker ===
* [[/Restart a Docker engine]]
* [[/Dwellers to DevCentral]]
* [[/Git operations in production containers]]
* [[/Add a service to Docker PaaS]]
* [[/Docker Hub]]
 
=== Salt ===
* [[/Operations repository]]
* [[/Deploy with Salt]]
* [[/Create and revoke user accounts on Salt servers]]
* [[/Provision user homefiles]]
 
== SIG ==
* [[/Onboarding]]


We recommend an offline resource, we bring online only when needed.
== Appendices ==
* [[/Changelog]]
* [[/Contacts]]
* [[/Contribute]]
* [[/Decom]]
* [[/Evaluated products]]
* [[/External services]]
* [[/Incidents]]
* [[/Legacy archive]]
* [[/Policies]]
* [[/Old content report]]
* [[/Who]]


We use [https://github.com/oleiade/trousseau Trousseau], which requires:
[[Category:Operations grimoire|*]]
* A go environment and make to build it (but a Debian package is available)
[[Category:Reference]]
* PGP keys for password

Latest revision as of 13:00, 10 November 2024

The Nasqueron operations grimoire tries to document the more arcane aspects of our complex infrastructure.

Welcome to the Nasqueron operations grimoire (NOG).

This grimoire is a reference about our infrastructure and services hosted with procedures we follow to build, maintain and deploy.

Our infrastructure is open, mainly documented in operations repository, and we actively encourage contributions from the community.

Infrastructure

OS-specific

Storage

Network

Services

Core services

Messages queues
Databases
Ops

Identity management

Collaborative tools

IRC bots

Mail

Web

Common documentation for all webserver roles
Where to host?
SaaS for common applications
Other sites
Services for web applications

CI/CD

Shellserver

Observability

Services configuration

This section contains general information not related to a specific service.

Checklists

Infrastructure

Network

Docker

Salt

SIG

Appendices