Project

General

Profile

Feature #13284

Feature #13246: Core work

Core work: Sysadmin (Adapt our infrastructure)

Added by intrigeri almost 2 years ago. Updated about 1 month ago.

Status:
Confirmed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
06/30/2017
Due date:
% Done:

0%

QA Check:
Feature Branch:
Type of work:
Sysadmin
Blueprint:
Starter:
Affected tool:

Description

Note that on top of the tickets blocking this one, there's some extra budget for:

  • updating Puppet modules
  • updating Jenkins plugins
  • making our infrastructure more reliable and sustainable, that should be allocated based on a cost/benefit analysis (initial candidates were: #6185, #9826, #11869, #11870, #11880, automated tests of our Puppet code).

Related issues

Blocked by Tails - Feature #12160: Upgrade all systems to Stretch Resolved 01/27/2016
Blocked by Tails - Feature #11834: Migrate our infrastructure to Puppet 4 Resolved 09/24/2016
Blocked by Tails - Bug #11808: Upgrade Redmine on labs.r.n Resolved 09/19/2016
Blocked by Tails - Bug #10068: Upgrade to Jenkins 2.x, using upstream packages In Progress 01/08/2018
Blocked by Tails - Feature #11806: Update server storage planning needs for at least 2017 Resolved 09/19/2016
Blocked by Tails - Feature #13528: Upgrade buse to Stretch Resolved 07/28/2017
Blocked by Tails - Feature #13529: Upgrade puppet-git.lizard to Stretch Resolved 07/28/2017
Blocked by Tails - Bug #14587: Remove Gitolite from buse Resolved 08/25/2015
Blocked by Tails - Bug #10093: Upgrade to Gitolite v3 on puppet-git.lizard Confirmed 08/25/2015
Blocked by Tails - Bug #12589: Enabling LUKS-backed PVs on lizard takes ages in the initramfs Resolved 05/24/2017
Blocked by Tails - Bug #12463: MariaDB backups on buse, ecours and puppet-git.lizard trigger useless/noisy email notifications since the upgrade to Stretch Resolved 04/20/2017
Blocked by Tails - Bug #14688: apticron cronjob on buse sends warnings over email Resolved 09/19/2017
Blocked by Tails - Bug #15071: Make our server backup process more usable In Progress 11/28/2018
Blocked by Tails - Bug #15153: Upgrade icinga2 Puppet module Rejected 01/08/2018
Blocked by Tails - Feature #15154: Update Puppet modules: 2017Q2 → 2018Q1 edition Resolved 01/08/2018
Blocked by Tails - Feature #11833: Make our Puppet code compatible with the "future" parser Resolved 09/24/2016
Blocked by Tails - Feature #11838: Upgrade Puppet agents to Puppet 4 Resolved 09/24/2016
Blocked by Tails - Feature #11837: Upgrade Puppet master to Puppet 4 Resolved 09/24/2016
Blocked by Tails - Feature #11836: Stop stringifying Puppet facts Resolved 09/24/2016
Blocked by Tails - Feature #15490: Remove MariaDB on puppet-git.lizard Resolved 04/05/2018
Blocked by Tails - Feature #15492: Set up PuppetDB backups Resolved 04/06/2018
Blocked by Tails - Bug #15493: Adjust monitoring check for Puppet runs for Puppet master 4.x Resolved 04/06/2018
Blocked by Tails - Feature #15499: Update Puppet modules: 2018Q2 → 2018Q3 edition Resolved 04/09/2018
Blocked by Tails - Feature #15500: Update Puppet modules: 2018Q4 → 2019Q2 edition In Progress 04/09/2018
Blocked by Tails - Feature #15501: Server hardware (2017-2019 edition): evaluate some of the options In Progress 04/08/2018
Blocked by Tails - Feature #14588: Self-host our website Resolved 10/03/2018
Blocked by Tails - Feature #15502: Update Jenkins modules: 2018Q2 → 2018Q3 edition Rejected 09/30/2018
Blocked by Tails - Feature #15503: Update Jenkins modules: 2018Q4 → 2019Q1 edition Confirmed 03/31/2019
Blocked by Tails - Feature #15096: Create high level documentation for our infrastructure Confirmed 12/23/2017
Blocked by Tails - Feature #15097: Risk analysis on our infrastructure Confirmed 12/23/2017
Blocked by Tails - Feature #15509: Switch to saz/puppet-sudo Resolved 04/09/2018
Blocked by Tails - Feature #15510: Switch to the puppetlabs/apt module In Progress 04/09/2018
Blocked by Tails - Feature #15511: Switch to another Puppet module to manage Postfix Resolved 04/09/2018
Blocked by Tails - Feature #15512: Switch to another Puppet module to manage Puppet Confirmed 04/09/2018
Blocked by Tails - Feature #15513: Switch to the puppetlabs/mysql module Resolved 04/09/2018
Blocked by Tails - Bug #15555: PuppetDB is regularly unavailable Resolved 04/28/2018
Blocked by Tails - Bug #15647: PuppetDB is broken since 2018-06-10 Resolved 06/11/2018
Blocked by Tails - Bug #15650: libtools-nrepl-clojure updates kept back on puppet-git Resolved 06/12/2018
Blocked by Tails - Feature #15780: Update server storage planning needs for 2019-2020 Rejected 08/09/2018
Blocked by Tails - Bug #15918: Move Redmine out of *.riseup.net Resolved 09/06/2018
Blocked by Tails - Bug #15919: Move Redmine to a new virtualization host Confirmed 09/06/2018 12/31/2019
Blocked by Tails - Feature #11344: Enable libvirt's AppArmor support on lizard Resolved 04/13/2016
Blocked by Tails - Feature #15798: Jenkins access for new FT members Resolved 09/26/2018
Blocked by Tails - Feature #15981: Define security policy for access that gives arbitrary code execution on the Tails infrastructure Resolved 09/26/2018
Blocked by Tails - Feature #16028: /mirrors.json is not synced with gitolite@d53ykjpeekuikgoq.onion Resolved 10/03/2018
Blocked by Tails - Bug #16121: Migrate our Schleuder lists outside of boum.org Resolved 12/11/2018
Blocked by Tails - Bug #16124: URLs without explicit .html are not redirected anymore Resolved 11/13/2018
Blocked by Tails - Bug #16172: Upgrade the puppet-concat module Resolved 11/29/2018
Blocked by Tails - Feature #16173: Upgrade the icingaweb2 Puppet module Confirmed 11/29/2018
Blocked by Tails - Feature #16165: make puppet-lizard-manifests suitable for masterless puppet In Progress 11/28/2018
Blocked by Tails - Feature #16197: fix puppet-tails' vpn for masterless puppet Resolved 12/06/2018
Blocked by Tails - Feature #16196: fix puppet-sshd for masterless puppet Resolved 12/06/2018
Blocked by Tails - Feature #16217: Migrate some of our Schleuder lists to puscii Resolved 12/11/2018
Blocked by Tails - Feature #16218: Migrate some of our Schleuder lists to lizard Resolved 12/27/2018
Blocked by Tails - Bug #16213: user module raises warning about real_gid Resolved 12/10/2018
Blocked by Tails - Feature #16215: Add monitoring to stone Confirmed 12/10/2018
Blocked by Tails - Feature #16214: Add stone to our VPN Resolved 12/10/2018
Blocked by Tails - Bug #16220: Website's "add trailing slash" trick is partly broken Resolved 12/11/2018
Blocked by Tails - Bug #16232: Run a nameserver for the {amnesia,tails}.boum.org sub-zones In Progress 12/18/2018
Blocked by Tails - Bug #16251: Fix tails@ configuration Rejected 12/27/2018
Blocked by Tails - Bug #16252: Schleuder keys update cronjob fails for our lists at puscii Resolved 12/27/2018
Blocked by Tails - Bug #16253: Schleuder keys update cronjob fails for our lists on lizard Resolved 12/27/2018
Blocked by Tails - Bug #16254: Update sysadmin team doc wrt. new services: Schleuder and DNS Resolved 12/28/2018
Blocked by Tails - Bug #16255: puscii fails to deliver email to boum.org Resolved 12/28/2018
Blocked by Tails - Bug #16256: SPF issue while sending mail to lists hosted by puscii Resolved 12/28/2018
Blocked by Tails - Bug #16263: /etc/cron.daily/spamassassin fails on mail.lizard Resolved 01/03/2019
Blocked by Tails - Bug #16267: WhisperBack reports are not delivered Resolved 01/04/2019
Blocked by Tails - Bug #16460: Upgrade puppet-git.lizard to Buster Confirmed 02/12/2019
Blocked by Tails - Bug #16542: Refresh ikiwiki wrappers when ikiwiki.setup.erb is updated Resolved 03/07/2019
Blocked by Tails - Feature #15878: Switch to GitLab Confirmed 08/30/2018

History

#1 Updated by intrigeri almost 2 years ago

  • Blocked by Bug #11680: Upgrade server hardware (2017-2019 edition) added

#2 Updated by intrigeri almost 2 years ago

#3 Updated by intrigeri almost 2 years ago

#4 Updated by intrigeri almost 2 years ago

  • Blocks deleted (Feature #11834: Migrate our infrastructure to Puppet 4)

#5 Updated by intrigeri almost 2 years ago

  • Blocked by Feature #11834: Migrate our infrastructure to Puppet 4 added

#6 Updated by intrigeri almost 2 years ago

  • Description updated (diff)

#7 Updated by intrigeri almost 2 years ago

  • Blocked by Bug #11808: Upgrade Redmine on labs.r.n added

#8 Updated by intrigeri almost 2 years ago

  • Blocked by Bug #13285: Migrate to upstream Puppet Icinga2 module added

#9 Updated by intrigeri almost 2 years ago

  • Blocked by Bug #10068: Upgrade to Jenkins 2.x, using upstream packages added

#10 Updated by intrigeri almost 2 years ago

  • Blocked by Feature #11806: Update server storage planning needs for at least 2017 added

#11 Updated by intrigeri over 1 year ago

#12 Updated by intrigeri over 1 year ago

  • Blocked by Feature #13529: Upgrade puppet-git.lizard to Stretch added

#13 Updated by intrigeri over 1 year ago

  • Blocked by Bug #14587: Remove Gitolite from buse added

#14 Updated by intrigeri over 1 year ago

  • Blocked by Bug #10093: Upgrade to Gitolite v3 on puppet-git.lizard added

#15 Updated by intrigeri over 1 year ago

  • Blocked by Bug #12589: Enabling LUKS-backed PVs on lizard takes ages in the initramfs added

#16 Updated by intrigeri over 1 year ago

  • Blocked by deleted (Bug #12589: Enabling LUKS-backed PVs on lizard takes ages in the initramfs)

#17 Updated by intrigeri over 1 year ago

  • Blocked by Bug #12589: Enabling LUKS-backed PVs on lizard takes ages in the initramfs added

#18 Updated by intrigeri over 1 year ago

  • Blocked by Bug #12463: MariaDB backups on buse, ecours and puppet-git.lizard trigger useless/noisy email notifications since the upgrade to Stretch added

#19 Updated by intrigeri over 1 year ago

  • Blocked by Bug #14688: apticron cronjob on buse sends warnings over email added

#20 Updated by groente over 1 year ago

  • Blocked by Bug #14732: add diskspace to isobuilder1-4 added

#21 Updated by intrigeri over 1 year ago

  • Blocked by deleted (Bug #14732: add diskspace to isobuilder1-4)

#22 Updated by intrigeri over 1 year ago

  • Blocked by Bug #15071: Make our server backup process more usable added

#23 Updated by intrigeri over 1 year ago

  • Blocked by deleted (Bug #13285: Migrate to upstream Puppet Icinga2 module)

#24 Updated by intrigeri over 1 year ago

  • Blocked by Bug #15153: Upgrade icinga2 Puppet module added

#25 Updated by intrigeri over 1 year ago

  • Blocked by Feature #15154: Update Puppet modules: 2017Q2 → 2018Q1 edition added

#26 Updated by intrigeri over 1 year ago

#27 Updated by intrigeri over 1 year ago

  • Blocked by Feature #11833: Make our Puppet code compatible with the "future" parser added

#28 Updated by intrigeri over 1 year ago

#29 Updated by intrigeri over 1 year ago

#30 Updated by intrigeri over 1 year ago

#31 Updated by intrigeri about 1 year ago

  • Blocked by deleted (Feature #15155: Upgrade the jenkins Puppet module)

#32 Updated by intrigeri about 1 year ago

  • Blocked by Feature #15490: Remove MariaDB on puppet-git.lizard added

#33 Updated by intrigeri about 1 year ago

#34 Updated by intrigeri about 1 year ago

  • Blocked by Bug #15493: Adjust monitoring check for Puppet runs for Puppet master 4.x added

#35 Updated by intrigeri about 1 year ago

  • Blocked by Feature #15499: Update Puppet modules: 2018Q2 → 2018Q3 edition added

#36 Updated by intrigeri about 1 year ago

  • Blocked by Feature #15500: Update Puppet modules: 2018Q4 → 2019Q2 edition added

#37 Updated by intrigeri about 1 year ago

  • Blocked by deleted (Bug #11680: Upgrade server hardware (2017-2019 edition))

#38 Updated by intrigeri about 1 year ago

  • Blocked by Feature #15501: Server hardware (2017-2019 edition): evaluate some of the options added

#39 Updated by intrigeri about 1 year ago

#40 Updated by intrigeri about 1 year ago

  • Blocked by Feature #15502: Update Jenkins modules: 2018Q2 → 2018Q3 edition added

#41 Updated by intrigeri about 1 year ago

  • Blocked by Feature #15503: Update Jenkins modules: 2018Q4 → 2019Q1 edition added

#42 Updated by intrigeri about 1 year ago

  • Blocked by Bug #11869: CI: use locally hosted Git repositories on Lizard added

#43 Updated by intrigeri about 1 year ago

  • Blocked by Feature #11355: Re-enable Jenkins notifications on ISO build/test failure added

#44 Updated by intrigeri about 1 year ago

  • Blocked by Feature #15096: Create high level documentation for our infrastructure added

#45 Updated by intrigeri about 1 year ago

  • Blocked by Feature #15097: Risk analysis on our infrastructure added

#46 Updated by intrigeri about 1 year ago

#47 Updated by intrigeri about 1 year ago

  • Blocked by Feature #15510: Switch to the puppetlabs/apt module added

#48 Updated by intrigeri about 1 year ago

  • Blocked by Feature #15511: Switch to another Puppet module to manage Postfix added

#49 Updated by intrigeri about 1 year ago

  • Blocked by Feature #15512: Switch to another Puppet module to manage Puppet added

#50 Updated by intrigeri about 1 year ago

  • Blocked by Feature #15513: Switch to the puppetlabs/mysql module added

#51 Updated by intrigeri 12 months ago

  • Blocked by Bug #15555: PuppetDB is regularly unavailable added

#52 Updated by intrigeri 11 months ago

  • Blocked by Bug #15647: PuppetDB is broken since 2018-06-10 added

#53 Updated by intrigeri 10 months ago

  • Blocked by Bug #15650: libtools-nrepl-clojure updates kept back on puppet-git added

#54 Updated by intrigeri 9 months ago

  • Blocked by Feature #15780: Update server storage planning needs for 2019-2020 added

#55 Updated by intrigeri 8 months ago

  • Blocked by Bug #15918: Move Redmine out of *.riseup.net added

#56 Updated by intrigeri 8 months ago

  • Blocked by Bug #15919: Move Redmine to a new virtualization host added

#57 Updated by intrigeri 8 months ago

  • Subject changed from Core work 2017Q2→2019Q1: Sysadmin (Adapt our infrastructure) to Core work 2017Q2→2019Q2: Sysadmin (Adapt our infrastructure)

#58 Updated by intrigeri 7 months ago

  • Blocked by Feature #11344: Enable libvirt's AppArmor support on lizard added

#59 Updated by intrigeri 7 months ago

#61 Updated by intrigeri 7 months ago

  • Blocked by Feature #15981: Define security policy for access that gives arbitrary code execution on the Tails infrastructure added

#62 Updated by intrigeri 6 months ago

  • Blocked by Feature #16028: /mirrors.json is not synced with gitolite@d53ykjpeekuikgoq.onion added

#63 Updated by intrigeri 5 months ago

  • Blocked by Bug #16121: Migrate our Schleuder lists outside of boum.org added

#64 Updated by intrigeri 5 months ago

  • Blocked by Bug #16124: URLs without explicit .html are not redirected anymore added

#65 Updated by intrigeri 5 months ago

  • Blocked by Bug #16142: Consider giving sajolida access to the web logs of our website added

#66 Updated by intrigeri 5 months ago

  • Blocked by deleted (Bug #16142: Consider giving sajolida access to the web logs of our website)

#67 Updated by intrigeri 5 months ago

  • Blocked by Bug #16172: Upgrade the puppet-concat module added

#68 Updated by intrigeri 5 months ago

  • Blocked by Feature #16173: Upgrade the icingaweb2 Puppet module added

#69 Updated by intrigeri 5 months ago

  • Blocked by Feature #16165: make puppet-lizard-manifests suitable for masterless puppet added

#70 Updated by intrigeri 5 months ago

  • Blocked by Feature #16197: fix puppet-tails' vpn for masterless puppet added

#71 Updated by intrigeri 5 months ago

  • Blocked by Feature #16196: fix puppet-sshd for masterless puppet added

#72 Updated by intrigeri 4 months ago

  • Blocked by Feature #16217: Migrate some of our Schleuder lists to puscii added

#73 Updated by intrigeri 4 months ago

  • Blocked by Feature #16218: Migrate some of our Schleuder lists to lizard added

#74 Updated by intrigeri 4 months ago

  • Blocked by Bug #16213: user module raises warning about real_gid added

#75 Updated by intrigeri 4 months ago

#76 Updated by intrigeri 4 months ago

#77 Updated by intrigeri 4 months ago

  • Blocked by Bug #16220: Website's "add trailing slash" trick is partly broken added

#78 Updated by intrigeri 4 months ago

  • Blocked by Bug #16232: Run a nameserver for the {amnesia,tails}.boum.org sub-zones added

#79 Updated by intrigeri 4 months ago

  • Blocked by Bug #16251: Fix tails@ configuration added

#80 Updated by intrigeri 4 months ago

  • Blocked by Bug #16252: Schleuder keys update cronjob fails for our lists at puscii added

#81 Updated by intrigeri 4 months ago

  • Blocked by Bug #16253: Schleuder keys update cronjob fails for our lists on lizard added

#82 Updated by intrigeri 4 months ago

  • Blocked by Bug #16254: Update sysadmin team doc wrt. new services: Schleuder and DNS added

#83 Updated by intrigeri 4 months ago

  • Blocked by Bug #16255: puscii fails to deliver email to boum.org added

#84 Updated by intrigeri 4 months ago

  • Blocked by Bug #16256: SPF issue while sending mail to lists hosted by puscii added

#85 Updated by intrigeri 4 months ago

  • Blocked by Bug #16263: /etc/cron.daily/spamassassin fails on mail.lizard added

#86 Updated by intrigeri 4 months ago

  • Blocked by Bug #16267: WhisperBack reports are not delivered added

#87 Updated by intrigeri 2 months ago

  • Blocked by Bug #16460: Upgrade puppet-git.lizard to Buster added

#88 Updated by intrigeri about 2 months ago

  • Blocked by Bug #16542: Refresh ikiwiki wrappers when ikiwiki.setup.erb is updated added

#89 Updated by intrigeri about 1 month ago

  • Subject changed from Core work 2017Q2→2019Q2: Sysadmin (Adapt our infrastructure) to Core work: Sysadmin (Adapt our infrastructure)

#90 Updated by intrigeri about 1 month ago

  • Assignee deleted (intrigeri)

#91 Updated by intrigeri about 1 month ago

  • Blocked by deleted (Feature #11355: Re-enable Jenkins notifications on ISO build/test failure)

#92 Updated by intrigeri about 1 month ago

  • Blocked by deleted (Bug #11869: CI: use locally hosted Git repositories on Lizard)

#93 Updated by intrigeri 10 days ago

Also available in: Atom PDF