Operations grimoire/External services

From Nasqueron Agora
Revision as of 10:00, 10 March 2023 by Dereckson (talk | contribs) (GeoLite2)

Amazon Web Services (AWS)

S3, account managed by Sandlayth.

Docker Hub

Organization account, administrative access by Sandlayth and Dereckson.

2021-09-12: request for open source as part of the https://www.docker.com/blog/expanded-support-for-open-source-software-projects done, mainly as automated builds have been disabled in the free team plan.

GeoLite2

Account at MaxMind for GeoLite2 databases, created by Dereckson.

Account credentials stored in Vault under ops/infra/maxmind. There aren't the API credentials, for example Sentry ones are stored at ops/secrets/nasqueron/sentry/geoipupdate.

Gandi

Some domains names:

  • eglide.org, account managed by Sandlayth
  • ook.space, account managed by Dereckson

GitHub

Organization account
Administrative access by Sandlayth and Dereckson
Some OAuth could be on Dereckson account. When found, should be switched to Nasqueron (see T1109).
Alken-Orin
As automated agent, there is an Alken-Orin account to link GitHub to CI/CD.
This account is also used to fetch code from GitHub through the `staging_private_repository` Salt state. To that end, the Salt deploy SSH key is added to this account.
Credentials at K53.

Google

OAuth for DevCentral, account managed by Dereckson (under espace-win.org Google Apps organization)

Hurricane Electric

IPv6 connectivity, account 'nasqueron'.

Note: DNS for nasqueron.org is currently handled on the 'dereckson' account.

instances.mastodon.xyz

Credentials for this account are stored in K103.

Mailgun

Account managed by Dereckson.

2020-02-28: account upgraded to Flex, as it's not possible anymore to add custom domains to the free plan. From July, mails will cost 0.80$ / 1000. To avoid any financial abuse, (i) a 1000 mail accounts limit is currently in (we can update it in account settings) (ii) the credit card associated for this account is limited to 5 € / month.

PURL

/NET/Nasqueron is managed by the Dereckson Internet Archive account.

Online / Scaleway

Online
  • Ysul, account managed by Dereckson, billed to Dereckson
  • WindRiver, account managed by Dereckson, billed to Trantorium
Scaleway
  • Eglide, account managed by Sandlayth, billed to Sandlayth
    • Following organization account introduction, Dereckson has now access too.

OVH / SoYouStart

Servers:

  • Dreadnought, account managed by Dereckson, billed to Wolfplex
  • CloudHugger, account managed by Dereckson, billed to Trantorium

Sendgrid

Account managed by Dereckson.

Wikimedia

OAuth authentication, managed by Dereckson