Operations grimoire: Difference between revisions
From Nasqueron Agora
No edit summary |
|||
| (26 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
[[File:Nasqueron Operations Grimoire.jpg|thumb|320px|right|The Nasqueron operations grimoire tries to document the more arcane aspects of our complex infrastructure.]] | |||
Welcome to the Nasqueron operations grimoire (NOG). | Welcome to the Nasqueron operations grimoire (NOG). | ||
| Line 7: | Line 9: | ||
== Infrastructure == | == Infrastructure == | ||
* [[/Environments]] | * [[/Environments]] | ||
* [[/Kubernetes]] | * [[/Kubernetes]] | ||
* [[/Docker engine]] | * [[/Docker engine]] | ||
* [[/Salt]] | * [[/Salt]] | ||
=== OS-specific === | |||
;By OS | |||
* [[/FreeBSD]] | |||
* [[/RHEL]] | |||
;All OSes | |||
* [[/NTP]] | |||
* [[/Packages repository]] | |||
* [[/Services]]: systemd, runit and rc | |||
=== Storage === | |||
* [[/ZFS]] | |||
=== Observability === | |||
* [[/Grafana]] | |||
* [[/Logs]] | |||
* [[/Prometheus]] | |||
=== Network === | |||
* [[/Network]] | |||
* [[/DNS]] | * [[/DNS]] | ||
* [[/Firewall]] | |||
* [[/IPv6]] | |||
* [https://netbox.nasqueron.org/ NetBox] | |||
== Services == | == Services == | ||
| Line 34: | Line 59: | ||
* [[/Mumble]] | * [[/Mumble]] | ||
* [[/Mastodon]] (social.nasqueron.org) | * [[/Mastodon]] (social.nasqueron.org) | ||
* [[/Openfire]] (XMPP) | |||
=== IRC bots === | === IRC bots === | ||
| Line 61: | Line 87: | ||
; Services for web applications | ; Services for web applications | ||
* [[/Orbeon]] | * [[/Anubis]] if you need to protect from LLM scraping traffic | ||
* [[/Orbeon]] if you're in need of a form | |||
=== CI/CD === | === CI/CD === | ||
| Line 70: | Line 97: | ||
* [[/Sentry]] | * [[/Sentry]] | ||
* [[/Vault]] | * [[/Vault]] | ||
=== Shellserver === | |||
* [[/Eglide/Vault]] | |||
== Services configuration == | == Services configuration == | ||
''This section contains general information not related to a specific service.'' | ''This section contains general information not related to a specific service.'' | ||
* [[/ | * [[/TLS certificates]] (Let's encrypt / letsencrypt) | ||
== Checklists == | == Checklists == | ||
=== SSH === | |||
* [[/Recommended SSH configuration]] | |||
=== Infrastructure === | === Infrastructure === | ||
* [[/How to add a server to the Nasqueron servers pool]] | * [[/How to add a server to the Nasqueron servers pool]] | ||
* [[/How to attach a new virtual disk]] | * [[/How to attach a new virtual disk]] | ||
* [[/Reboot checklist]] | |||
=== Network === | === Network === | ||
| Line 88: | Line 122: | ||
* [[/Git operations in production containers]] | * [[/Git operations in production containers]] | ||
* [[/Add a service to Docker PaaS]] | * [[/Add a service to Docker PaaS]] | ||
* [[/Docker Hub]] | |||
=== Salt === | === Salt === | ||
| Line 99: | Line 134: | ||
== Appendices == | == Appendices == | ||
* [[/Changelog]] | |||
* [[/Contacts]] | * [[/Contacts]] | ||
* [[/Contribute]] | |||
* [[/Decom]] | |||
* [[/Evaluated products]] | * [[/Evaluated products]] | ||
* [[/External services]] | * [[/External services]] | ||
* [[/Incidents]] | * [[/Incidents]] | ||
* [[/Legacy archive]] | |||
* [[/OID]] | |||
* [[/Old content report]] | |||
* [[/Policies]] | * [[/Policies]] | ||
* [[/Who]] | |||
[[Category:Operations grimoire|*]] | |||
[[Category:Reference]] | [[Category:Reference]] | ||
Latest revision as of 17:57, 6 February 2026
Welcome to the Nasqueron operations grimoire (NOG).
This grimoire is a reference about our infrastructure and services hosted with procedures we follow to build, maintain and deploy.
Our infrastructure is open, mainly documented in operations repository, and we actively encourage contributions from the community.
Infrastructure
OS-specific
- By OS
- All OSes
- /NTP
- /Packages repository
- /Services: systemd, runit and rc
Storage
Observability
Network
Services
Core services
- Messages queues
- Databases
- Ops
Identity management
- /Login (Auth Grove)
Collaborative tools
- /DevCentral (Phabricator)
- /Etherpad
- /Mumble
- /Mastodon (social.nasqueron.org)
- /Openfire (XMPP)
IRC bots
Web
- Common documentation for all webserver roles
- Where to host?
- /Docker engine for Docker containers front-end
- /Alkane for PHP and static sites
- SaaS for common applications
- Other sites
- /Sites on Eglide
- /Sites on Ysul (currently migrating to Alkane)
- Services for web applications
CI/CD
Shellserver
Services configuration
This section contains general information not related to a specific service.
- /TLS certificates (Let's encrypt / letsencrypt)
Checklists
SSH
Infrastructure
- /How to add a server to the Nasqueron servers pool
- /How to attach a new virtual disk
- /Reboot checklist
Network
Docker
- /Restart a Docker engine
- /Dwellers to DevCentral
- /Git operations in production containers
- /Add a service to Docker PaaS
- /Docker Hub
Salt
- /Operations repository
- /Deploy with Salt
- /Create and revoke user accounts on Salt servers
- /Provision user homefiles
