Activity
From 06/26/2020 to 07/25/2020
07/25/2020
- TF 09:35 AM Task #7502 (Closed): Create script to create new / updated FreeBSD image for OpenNebula
- Deployed.
07/24/2020
- TF 04:00 PM Task #8093 (Closed): Spring cleaning in dot-cdist/manifest
- I just cleaned up dot-cdist/manifest. Closing.
- TF 02:51 PM Task #7545: Switch production LDAPs to cdist-managed alpine
- ldap3.ungleich.ch is now synced to ldap1 and ldap2. I will replace ldap2 and ldap1 in a few days. I'll announce and try to do it early in the morning.
- TF 02:10 PM Task #7545: Switch production LDAPs to cdist-managed alpine
- Diff on files in /etc/(open)ldap/schema:
- TF 02:03 PM Task #7545: Switch production LDAPs to cdist-managed alpine
- Issue tracked down to `objectClass: ldapPublicKey`. The schema might have to be synced by hand / put into cdist.
- TF 01:44 PM Task #7545: Switch production LDAPs to cdist-managed alpine
- OUs sync properly but not user entries:
```
Jul 24 11:43:50 alpine local4.debug slapd[26218]: syncrepl_entry: rid=002 be_search (0)
Jul 24 11:43:50 alpine local4.debug slapd[26218]: syncrepl_entry: rid=002 ou=customer,dc=ungleich,dc... - TF 01:43 PM Task #7545: Switch production LDAPs to cdist-managed alpine
- ldap3.ungleich.ch is now syncing with existing ldap1 and ldap2, although some objects fail to sync:
On ldap3.ungleich.ch:
07/22/2020
- TF 05:23 PM Task #8314: Deploy our own integration server for Matrix
- Dimension looks pretty good: https://github.com/turt2live/matrix-dimension
- TF 03:39 PM Task #8314 (Closed): Deploy our own integration server for Matrix
- TF 04:37 PM Task #8251: Matrix homeserver autodiscovery in client does not work.
- PS: would be nice to make this login UI more obvious.
- TF 04:37 PM Task #8251 (Closed): Matrix homeserver autodiscovery in client does not work.
- Patched for ungleich.ch and cdist updated for .well-known URLs served by ungleich.ch
- TF 04:31 PM Task #8251: Matrix homeserver autodiscovery in client does not work.
- Found out what was wrong:
* Homeserver discovery is only done from the username. The homserver URL selection panel never use it.
* Some CORS issue on the discovery side, can be fixed by setting the CORS header on the server. - TF 04:15 PM Task #8251 (In Progress): Matrix homeserver autodiscovery in client does not work.
- TF 04:14 PM Task #8315 (Closed): Add LDAP support to sourcehut
- I believe we could reuse some sourcehut parts to ungleich's benefits. I already wrote minimal logic for LDAP support in sourcehut's meta app, and need to extend it in order to support password-reset and registrations. It could help sprea...
- NS 04:02 PM Task #7601: Setup an SSH jump host
- Very easy:
* ssh config ("MatchUser != root") disallowing all commands
* configuring the OS or PAM to authenticate against ldap (subtree of dc=ungleich,dc=ch)
* Basically disallowing shell
* nft rules to allow to jump to 2a0a:e5c0:... - TF 03:20 PM Task #7601: Setup an SSH jump host
- @nico please dump anything you want to say on the subject on this issue. I'll do without next time I go over this issue :-)
- TF 03:27 PM Task #7345 (In Progress): Cleanup & upstream matrix-related types
- Components are slowly being upstreamed.
* __matterbridge is in dot-cdist
* __matrix_riot has a PR opened against cdist-contrib.
* __matrix_synapse is being cleaned up / has a WIP PR opened against cdist-contrib.
TODO: Menti... - TF 03:24 PM Task #7162 (Waiting): Submit a patch for the alpine bird2 package to run as user bird
- I just added a gentle reminder / bump on the merge request. Waiting on alpine right now.
- NS 10:50 AM Task #6642 (Closed): Create iPXE image that boots in IPv6 only environment and burn it to the X520 NIC
- NS 10:50 AM Task #6646 (Closed): Load iPXE from IPv4 and chainload ipxe configuration via IPv6
- NS 10:50 AM Task #6645 (Closed): Setup APU as IPv6 boot server
- NS 10:50 AM Task #6644 (Closed): Netboot server via IPv4 / internal NIC
- NS 10:50 AM Task #6643 (Closed): Reinstall / APU as tftp server
07/21/2020
- TF 11:03 AM Task #7502 (Feedback): Create script to create new / updated FreeBSD image for OpenNebula
- Script is comitted to ungleich-tools, generated will soon be made avaulable to DCL customers by @mravi.
07/20/2020
- TF 11:10 AM Task #7545 (In Progress): Switch production LDAPs to cdist-managed alpine
- * ldap3.ungleich.ch has been allocated.
* cdist configuration has been simplified, now making use of __openldap_server (alpine support being upstreamed via https://code.ungleich.ch/ungleich-public/cdist/-/merge_requests/909)
* ldap3.un...
07/01/2020
- NS 11:47 AM Task #7337 (Rejected): Import network documentation to Netbox
- NS 11:47 AM Task #7335 (Rejected): Add alpine ceph install/helper scripts to ungleich-tools
- NS 11:47 AM Task #7260 (Rejected): Add rng pci-e device to vms
- NS 11:41 AM Task #7108 (Rejected): Document / update ceph documentation to bootstrap from zero
- TF 06:48 AM Task #8251 (Closed): Matrix homeserver autodiscovery in client does not work.
- Well-known URLs such as https://ungleich.ch/.well-known/matrix/client should allow clients to discover the correct HS address -> does not work for some reason.
See https://matrix.org/docs/spec/client_server/r0.6.1#get-well-known-matri...