Page MenuHomeSoftware Heritage

olasd (Nicolas Dandrimont)
UserAdministrator

Projects (7)

User Details

User Since
Sep 7 2015, 3:25 PM (227 w, 6 d)
Roles
Administrator

Recent Activity

Fri, Jan 17

olasd accepted D2539: Rewrite test_content_get_partition_empty to not assume partitions are based on sha1..
Fri, Jan 17, 4:26 PM

Thu, Jan 16

olasd committed rSPSITEeb179416dbcd: Set an icinga check URI for the keycloak reverse proxy (authored by olasd).
Set an icinga check URI for the keycloak reverse proxy
Thu, Jan 16, 7:31 PM
olasd changed the status of T2162: Setup a centralized authentication service, a subtask of T1982: Add user authentication and permissions to swh-web, from Open to Work in Progress.
Thu, Jan 16, 7:30 PM · Web app
olasd changed the status of T2162: Setup a centralized authentication service, a subtask of T2163: Hook up sentry to centralized authentication, from Open to Work in Progress.
Thu, Jan 16, 7:30 PM · Sentry
olasd changed the status of T2162: Setup a centralized authentication service from Open to Work in Progress.

Keycloak has been installed on a new vm, and the (empty) install is available at https://idp.softwareheritage.org/.

Thu, Jan 16, 7:30 PM · System administration
olasd committed rSPPRIVCf16997184b8c: Add keycloak admin password (authored by olasd).
Add keycloak admin password
Thu, Jan 16, 7:16 PM
olasd committed rSPSITE60706cdf5601: pgbouncer: add ignore_startup_parameters setting (authored by olasd).
pgbouncer: add ignore_startup_parameters setting
Thu, Jan 16, 7:04 PM
olasd committed rSENVa482a98b28cf: Add facts for kelvingrove (authored by olasd).
Add facts for kelvingrove
Thu, Jan 16, 6:52 PM
olasd committed rSENVb4061f1b01f8: Import module treydock/keycloak (authored by olasd).
Import module treydock/keycloak
Thu, Jan 16, 6:52 PM
olasd committed rSPSITE97bfeb200d7b: Improve letsencrypt livedns hook (authored by olasd).
Improve letsencrypt livedns hook
Thu, Jan 16, 5:59 PM
olasd committed rSPSITEb190daac32cd: Add keycloak letsencrypt certificate (authored by olasd).
Add keycloak letsencrypt certificate
Thu, Jan 16, 5:59 PM
olasd committed rDSTOC2cac3392eb49: Implement origin lookup by sha1 (authored by olasd).
Implement origin lookup by sha1
Thu, Jan 16, 5:22 PM
olasd committed rDSTOCa3fd8269308a: Migrate tox.ini to extras = xxx instead of deps = .[testing] (authored by olasd).
Migrate tox.ini to extras = xxx instead of deps = .[testing]
Thu, Jan 16, 5:22 PM
olasd committed rDSTOC1594e25710c6: Drop unused listener extra (authored by olasd).
Drop unused listener extra
Thu, Jan 16, 5:22 PM
olasd committed rDSTOCdf4df8bf2ac5: Merge tox test environment configurations (authored by olasd).
Merge tox test environment configurations
Thu, Jan 16, 5:22 PM
olasd committed rDSTOCbb5d4051a491: Add minimal test coverage for swh.storage.schemata (authored by olasd).
Add minimal test coverage for swh.storage.schemata
Thu, Jan 16, 5:22 PM
olasd committed rDSTOCd788677c0ff4: Fix bogus NotImplementedError on Area.index_uris (authored by olasd).
Fix bogus NotImplementedError on Area.index_uris
Thu, Jan 16, 5:22 PM
olasd committed rSPPRIVCb41e77d9723e: Add keycloak postgresql password (authored by olasd).
Add keycloak postgresql password
Thu, Jan 16, 5:09 PM
olasd committed rSPSITEf33091701164: Add proper dependency between fish and /usr/bin/fish users (authored by olasd).
Add proper dependency between fish and /usr/bin/fish users
Thu, Jan 16, 4:43 PM
olasd added a reverting change for rSPSITE679317a0c964: Revert "deploy/webapp.pp: Modify static_dir location": rSPSITEa62060881e9b: Revert "Revert "deploy/webapp.pp: Modify static_dir location"".
Thu, Jan 16, 3:37 PM
olasd committed rSPSITEa62060881e9b: Revert "Revert "deploy/webapp.pp: Modify static_dir location"" (authored by olasd).
Revert "Revert "deploy/webapp.pp: Modify static_dir location""
Thu, Jan 16, 3:37 PM
olasd closed D2540: deploy/webapp.pp: Modify static_dir location.
Thu, Jan 16, 3:37 PM
olasd added a comment to T2029: cran lister: Align lister to output list of tarballs per origin.
Thu, Jan 16, 1:44 PM · Origin-CRAN, Archive coverage

Wed, Jan 15

olasd closed T2101: Bootstrap Debian packaging for swh.search as Resolved.
Wed, Jan 15, 6:31 PM · Archive search
olasd merged task T2174: Add debian package for swh-search into T2101: Bootstrap Debian packaging for swh.search.
Wed, Jan 15, 6:31 PM · System administration, Archive search
olasd merged T2174: Add debian package for swh-search into T2101: Bootstrap Debian packaging for swh.search.
Wed, Jan 15, 6:31 PM · Archive search
olasd accepted D2530: Decode textual content from utf-8 before displaying it.

Accepting in so far as my concerns have been handled.

Wed, Jan 15, 2:38 PM
olasd requested changes to D2530: Decode textual content from utf-8 before displaying it.
Wed, Jan 15, 11:44 AM

Tue, Jan 14

olasd added a reverting change for D2519: deploy/webapp.pp: Modify static_dir location: rSPSITE679317a0c964: Revert "deploy/webapp.pp: Modify static_dir location".
Tue, Jan 14, 9:16 PM
olasd committed rSPSITE679317a0c964: Revert "deploy/webapp.pp: Modify static_dir location" (authored by olasd).
Revert "deploy/webapp.pp: Modify static_dir location"
Tue, Jan 14, 9:16 PM
olasd added a reverting change for rSPSITEbcb9f19cd827: deploy/webapp.pp: Modify static_dir location: rSPSITE679317a0c964: Revert "deploy/webapp.pp: Modify static_dir location".
Tue, Jan 14, 9:16 PM
olasd committed rSPSITEb8ae8f12b61a: Add esnode3 to logstash config (authored by olasd).
Add esnode3 to logstash config
Tue, Jan 14, 6:07 PM
olasd closed T2174: Add debian package for swh-search, a subtask of T2167: Deploy swh-search, as Resolved.
Tue, Jan 14, 4:52 PM · System administration, Archive search
olasd closed T2174: Add debian package for swh-search as Resolved.

After a few small hoops (adding the elasticsearch repository for tests, backporting python3-elasticsearch and its dependencies), swh.search is now packaged for unstable and buster.

Tue, Jan 14, 4:52 PM · System administration, Archive search
olasd added a comment to D2527: Filter out swh/__init__.py from package.

D'oh. Landed via 4c5fe6995561f566dc7c3439932bca010cf31850. Thanks!

Tue, Jan 14, 4:40 PM
olasd accepted D2514: Add env var SWH_MAIN_PACKAGE to initialize sentry_sdk with a release..
Tue, Jan 14, 2:40 PM

Mon, Jan 13

olasd committed rSPSITEe039031ab411: Move the weekly report to swh-devel. (authored by olasd).
Move the weekly report to swh-devel.
Mon, Jan 13, 4:04 PM
olasd committed rSPSITEfd50fe11bbe5: Add crontabs to compress and purge old puppet reports (authored by olasd).
Add crontabs to compress and purge old puppet reports
Mon, Jan 13, 1:46 PM

Thu, Jan 9

olasd added a reverting change for rSPSITEaf7666c82820: Add metrics_path and scheme variables to exported prometheus scrape configs: rSPSITE22d2f14cb93c: Partially revert "Add metrics_path and scheme variables to exported prometheus….
Thu, Jan 9, 12:42 PM
olasd committed rSPSITE22d2f14cb93c: Partially revert "Add metrics_path and scheme variables to exported prometheus… (authored by olasd).
Partially revert "Add metrics_path and scheme variables to exported prometheus…
Thu, Jan 9, 12:42 PM
olasd committed rSPSITEbc675bf15f22: Make icinga2 disk excludes confirugrable (authored by olasd).
Make icinga2 disk excludes confirugrable
Thu, Jan 9, 11:35 AM

Wed, Jan 8

olasd committed rSPSITE2be3fd2d9600: Merge remote-tracking branch 'origin/production' into production (authored by olasd).
Merge remote-tracking branch 'origin/production' into production
Wed, Jan 8, 4:51 PM
olasd closed T2116: web API: whitelist swh-team machines as Resolved.

The archive.internal.softwareheritage.org cert is now valid (via rSPSITEbdddd7804bbb).

Wed, Jan 8, 2:37 PM · System administration, Web app
olasd closed T1164: Dar backups fill up disk space on client machines, a subtask of T1282: Revisit backups, as Resolved.
Wed, Jan 8, 2:34 PM · System administration
olasd closed T1164: Dar backups fill up disk space on client machines as Resolved.

dar backups have now been replaced with a setup around borg-backup and borgmatic, which only needs a small cache on the machines that are being backed up. borg is fast enough and its dedup is efficient enough that we're able to backups every hour now.

Wed, Jan 8, 2:34 PM · System administration
olasd committed rSPSITE29881592b9d3: Cleanup hardcoded bind resource records (authored by olasd).
Cleanup hardcoded bind resource records
Wed, Jan 8, 2:22 PM
olasd committed rSPSITE589b7dfc5238: Only generate DNS records for the proper subdomains (authored by olasd).
Only generate DNS records for the proper subdomains
Wed, Jan 8, 2:22 PM

Tue, Jan 7

olasd accepted D2503: Fix support of VCSs whose HEAD branch is an alias..

All this logic should probably end up in swh.storage.algorithms, because I'm sure swh.web also has a subtly different algorithm to pick a default branch.

Tue, Jan 7, 5:51 PM
olasd committed rSPSITE53878d3adda3: Refactor puppet profiles to simplify them (authored by olasd).
Refactor puppet profiles to simplify them
Tue, Jan 7, 5:39 PM
olasd committed rSPSITEf036a922b641: Set the icinga check uri for sentry to a relevant path (authored by olasd).
Set the icinga check uri for sentry to a relevant path
Tue, Jan 7, 3:50 PM
olasd committed rSPSITE849c5e3cf614: Add icinga_check_uri parameter to reverse_proxy resources (authored by olasd).
Add icinga_check_uri parameter to reverse_proxy resources
Tue, Jan 7, 3:50 PM
olasd committed rSPSITE3e0a27992123: Only warn if letsencrypt certificate expires 25 days from now, not 60 days (authored by olasd).
Only warn if letsencrypt certificate expires 25 days from now, not 60 days
Tue, Jan 7, 2:57 PM

Mon, Jan 6

olasd closed T1940: Update documentation about easy-rsa certificate generation as Resolved.

Done while reviewing old certificates.

Mon, Jan 6, 10:21 PM · System administration
olasd updated the task description for T979: Migrate TLS certificates away from the *.softwareheritage.org wildcards.
Mon, Jan 6, 5:59 PM · System administration
olasd closed T1654: expired SSL certificate for archive.internal.softwareheritage.org as Resolved.

Fixed via rSPSITEbdddd780

Mon, Jan 6, 5:58 PM · System administration
olasd committed rSPPRIVC9b351d47f1af: Add sharing_id for swh.network domain (authored by olasd).
Add sharing_id for swh.network domain
Mon, Jan 6, 4:55 PM
olasd closed T1273: elasticsearch: about the elk stack policy upgrade? as Resolved.

The puppet manifests have been updated to hardcode the ELK stack version, and ensure they stay there with package pinning.

Mon, Jan 6, 4:30 PM · System administration
olasd closed T1202: swh services: Monitor swh-worker@.service's status as Resolved.

I guess https://grafana.softwareheritage.org/d/Gyww7RfWz/workers-overview?orgId=1 implements this.

Mon, Jan 6, 4:28 PM · Metrics/monitoring, System administration
olasd closed T1090: SSH timeouts on new Azure VMs as Resolved.

I'm pretty sure that this was a symptom of the MTU issue which has since been fixed at the gateway.

Mon, Jan 6, 4:25 PM · System administration
olasd closed T1089: Puppet recipes fail to install apt-transport-https on new hosts as Resolved.

Fixed a while ago with rSPSITEe43c6cce.

Mon, Jan 6, 4:24 PM · System administration
olasd closed T1014: Add tytso to the proxmox cluster as Resolved.

tytso is now properly a member of the proxmox cluster.

Mon, Jan 6, 4:23 PM · System administration
olasd closed T1014: Add tytso to the proxmox cluster, a subtask of T1012: Integrate tytso in the swh infra, as Resolved.
Mon, Jan 6, 4:23 PM · System administration
olasd closed T1012: Integrate tytso in the swh infra as Resolved.

That's been done for a while now.

Mon, Jan 6, 4:23 PM · System administration
olasd closed T1916: Fix invalid status.s.o certificate, a subtask of T979: Migrate TLS certificates away from the *.softwareheritage.org wildcards, as Resolved.
Mon, Jan 6, 4:18 PM · System administration
olasd closed T1916: Fix invalid status.s.o certificate as Resolved.

At the point of this report, status.softwareheritage.org was /not/ supposed to be accessible via https.

Mon, Jan 6, 4:18 PM · System administration
olasd closed T793: Move elasticsearch log cluster configuration inside puppet as Resolved.

Done (via the profile::elasticsearch puppet module).

Mon, Jan 6, 4:14 PM · System administration (Elasticsearch consolidation (W24/2018))
olasd closed T793: Move elasticsearch log cluster configuration inside puppet, a subtask of T792: Make the elasticsearch logging cluster actually a cluster, as Resolved.
Mon, Jan 6, 4:14 PM · System administration (Elasticsearch consolidation (W24/2018))
olasd accepted D2496: writer/__init__.py: Fix UnboundLocalError.

Thanks!

Mon, Jan 6, 4:12 PM
olasd closed T789: Logrotate for systemd-journald as Resolved.

Done via rSPSITEfed9cd721

Mon, Jan 6, 4:11 PM · System administration
olasd requested changes to D2496: writer/__init__.py: Fix UnboundLocalError.

This is plain Python AST stupid^Wbehavior:

Mon, Jan 6, 3:46 PM
olasd committed rSPSITE35fdfa1e7063: Add borgmatic cron to borg clients (authored by olasd).
Add borgmatic cron to borg clients
Mon, Jan 6, 12:10 PM

Fri, Jan 3

olasd committed rDJNLa9fb7c733a4f: Support short-hand syntax in get_journal_writer (authored by olasd).
Support short-hand syntax in get_journal_writer
Fri, Jan 3, 7:59 PM
olasd committed rDJNLa764e409058a: Add systemd watchdog support (authored by olasd).
Add systemd watchdog support
Fri, Jan 3, 7:45 PM
olasd closed D2494: Add systemd watchdog support.
Fri, Jan 3, 7:45 PM
olasd committed rDJNL942d23f62425: Add producer_config key to kafka journal writer (authored by olasd).
Add producer_config key to kafka journal writer
Fri, Jan 3, 7:45 PM
olasd closed D2493: Add producer_config key to kafka journal writer.
Fri, Jan 3, 7:45 PM
olasd committed rSPSITEac8b6f33e33f: Allow unbound to forward requests to in-addr.arpa zones (authored by olasd).
Allow unbound to forward requests to in-addr.arpa zones
Fri, Jan 3, 7:26 PM
olasd committed rSPSITEc4d9b5d8e9d8: Use proper syntax for exported resource collection (authored by olasd).
Use proper syntax for exported resource collection
Fri, Jan 3, 7:22 PM
olasd committed rSPSITE0d0f92215511: Sensitive doesn't play well with exported resources (authored by olasd).
Sensitive doesn't play well with exported resources
Fri, Jan 3, 7:22 PM
olasd committed rSPSITE8dbfa42856ee: Add prefix for the borgmatic consistency section (authored by olasd).
Add prefix for the borgmatic consistency section
Fri, Jan 3, 7:13 PM
olasd committed rSPSITE6cf2694347ca: Remove from= restriction from ssh key as it interacts poorly with UseDNS=no (authored by olasd).
Remove from= restriction from ssh key as it interacts poorly with UseDNS=no
Fri, Jan 3, 7:13 PM
olasd committed rSPSITEa1ce8ba19ee8: Proper borg init command run (authored by olasd).
Proper borg init command run
Fri, Jan 3, 7:13 PM
olasd committed rSPSITEffaa659c3b32: Move borgmatic config to proper default path (authored by olasd).
Move borgmatic config to proper default path
Fri, Jan 3, 7:13 PM
olasd committed rSPSITE3506113efe45: Set the ssh key file in borgmatic config (authored by olasd).
Set the ssh key file in borgmatic config
Fri, Jan 3, 7:13 PM
olasd committed rSPSITEaee69e8a8764: Add /etc/borgmatic directory (authored by olasd).
Add /etc/borgmatic directory
Fri, Jan 3, 6:26 PM
olasd committed rSPSITEc603fdb11018: The borg backup package is called borgbackup (authored by olasd).
The borg backup package is called borgbackup
Fri, Jan 3, 6:24 PM
olasd committed rSPSITE4f8f8e93c792: Bootstrap borg backup setup (authored by olasd).
Bootstrap borg backup setup
Fri, Jan 3, 6:22 PM
olasd committed rSPSITE9477931db455: Drop rsnapshot configuration (authored by olasd).
Drop rsnapshot configuration
Fri, Jan 3, 6:22 PM
olasd committed rSPSITEfc98abcf5c6b: Rename dar variables to generic backups variables (authored by olasd).
Rename dar variables to generic backups variables
Fri, Jan 3, 6:22 PM
olasd committed rSENVcdb057d9657d: Update ocd facts (authored by olasd).
Update ocd facts
Fri, Jan 3, 5:49 PM
olasd committed rSENVfceea2285026: Remove legacy environment_data_provider setting (authored by olasd).
Remove legacy environment_data_provider setting
Fri, Jan 3, 5:22 PM
olasd committed rSPSITE0a49e2d3ece8: Remove reference to $ssl_chain/key in stats_web vhost definition (authored by olasd).
Remove reference to $ssl_chain/key in stats_web vhost definition
Fri, Jan 3, 4:22 PM

Thu, Jan 2

olasd closed T790: Turn off syslog, a subtask of T752: logrotate log spam: "error: error creating output file: FILE File exists", as Resolved.
Thu, Jan 2, 4:06 PM · System administration
olasd committed rSPSITE4512617a8c19: Disable rsyslog on all servers (authored by olasd).
Disable rsyslog on all servers
Thu, Jan 2, 4:06 PM
olasd committed rSPSITEfed9cd721e4a: Add crontab entry to rotate journald logs (only if they're properly synced) (authored by olasd).
Add crontab entry to rotate journald logs (only if they're properly synced)
Thu, Jan 2, 4:06 PM
olasd closed T790: Turn off syslog as Resolved by committing rSPSITE4512617a8c19: Disable rsyslog on all servers.
Thu, Jan 2, 4:06 PM · System administration
olasd accepted D2490: Add tests for --warning and --critical..
Thu, Jan 2, 3:51 PM
olasd accepted D2488: Add tests for error statuses in check_vault..
Thu, Jan 2, 3:50 PM
olasd accepted D2487: Make vault tests use mocked_time fixture..
Thu, Jan 2, 3:50 PM
olasd accepted D2484: Add a check_deposit command..
Thu, Jan 2, 3:49 PM