scottk/Biohazard
1
0
Fork 0
mirror of https://github.com/outbackdingo/Biohazard.git synced 2026-04-06 07:04:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,656 Commits 1 Branch 0 Tags
014e6fbf9bba3238b36047feaffcd87f2bd8cc70
Commit Graph

2656 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
JJGadgets
014e6fbf9b fix(ceph/sinon): enable toolbox 2024-05-24 07:41:43 +08:00
JJGadgets
198aa4f6db fix(ceph/sinon): OSD failure domain 2024-05-24 00:24:04 +08:00
JJGadgets
ea645def73 fix(flux): rm nested anti-prune patches 2024-05-23 17:36:09 +08:00
JJGadgets
91cc9140e8 fix(sinon): add csi-addons 2024-05-23 17:27:19 +08:00
JJGadgets
ec4c910baf fix(flux): prune disable patches 2024-05-23 17:01:17 +08:00
JJGadgets
53a1836082 fix(flux): prune disable patches 2024-05-23 16:58:16 +08:00
JJGadgets
ce3870947f fix(flux): prune disable patches 2024-05-23 16:54:34 +08:00
JJGadgets
4744668372 fix(external-snapshotter): update to v6.3.4 2024-05-23 16:48:54 +08:00
JJGadgets
b311a66ff8 fix(flux): add prune disable patches 
I wonder how well those nested patches will work
 2024-05-23 16:38:59 +08:00
JJGadgets
e8b66a5aed chore(external-secrets): rm AWS-SSM 
been using 1Password
 2024-05-23 16:26:06 +08:00
JJGadgets
c7ea72b3a3 fix(sinon): add VolumeSnapshots, VolSync, democratic-csi local 2024-05-23 16:21:16 +08:00
JJGadgets
e558fe78f3 fix(sinon): add rook-ceph 
lol Devin
 2024-05-23 10:32:30 +08:00
JJGadgets
fb28a64e41 fix(EMQX): LDAP allow all search 
why does EMQX look for an error response to check LDAP health

625fcd5821/apps/emqx_ldap/src/emqx_ldap.erl (L217-L222)

console error:

emqx-core-cc7b58b74-1 emqx 2024-05-23T01:54:41.783339+00:00 [debug] msg: eldap_info, log: search request = {'SearchRequest',"cn=checkalive",wholeSubtree,derefAlways,0, 0,false, {approxMatch,{'AttributeValueAssertion',[],[]}}, []}
emqx-core-cc7b58b74-1 emqx 2024-05-23T01:54:41.784371+00:00 [debug] msg: eldap_info, log: search reply = {ok,{'LDAPMessage',2, {searchResDone, {'LDAPResult',insufficientAccessRights,[],[], asn1_NOVALUE}}, asn1_NOVALUE}}
emqx-core-cc7b58b74-1 emqx 2024-05-23T01:54:41.784660+00:00 [debug] msg: eldap_bind_info, log: search request = {'SearchRequest',"cn=checkalive",wholeSubtree,derefAlways,0, 0,false, {approxMatch,{'AttributeValueAssertion',[],[]}}, []}
emqx-core-cc7b58b74-1 emqx 2024-05-23T01:54:41.785168+00:00 [debug] msg: eldap_bind_info, log: search reply = {ok,{'LDAPMessage',2, {searchResDone, {'LDAPResult',insufficientAccessRights,[],[], asn1_NOVALUE}}, asn1_NOVALUE}}
emqx-core-cc7b58b74-1 emqx 2024-05-23T01:54:41.785455+00:00 [warning] msg: alarm_is_deactivated, name: <<"emqx_authn_ldap:4">
 2024-05-23 10:00:36 +08:00
JJGadgets
44855347e3 fix(EMQX): rm TLS tmp, LDAP bindDN 2024-05-23 08:26:58 +08:00
JJGadgets
f8a1b59cef fix(EMQX): TLS 2024-05-23 07:07:01 +08:00
JJGadgets
53efaec54d fix(EMQX): secret mounts, TLS 2024-05-23 06:56:10 +08:00
JJGadgets
81f54247a8 fix(EMQX): pod-security 2024-05-23 06:48:38 +08:00
JJGadgets
ec7ccd6ec0 fix(EMQX): netpols 2024-05-23 06:44:26 +08:00
JJGadgets
68bac04a9f fix(EMQX): brackets 2024-05-23 06:39:53 +08:00
JJGadgets
2209ffaf13 fix(EMQX): rm clusterRole->Role postRenders 
fun experiment to limit RBAC scope to same namespace

but causes reflector.go cache errors as it queries cluster scope
 2024-05-23 06:33:48 +08:00
JJGadgets
9aea41e985 fix(EMQX): glauth config dir 2024-05-23 06:30:35 +08:00
JJGadgets
8e3e9ab341 fix(EMQX): postRenders 2024-05-23 06:20:16 +08:00
JJGadgets
e8f75248e5 feat: add EMQX 2024-05-23 06:12:43 +08:00
JJGadgets
0c9d00206f fix(flux): Recreate deployment strategy 2024-05-23 03:35:47 +08:00
JJGadgets
1c46bf4bb5 fix(flux): Recreate deployment strategy 2024-05-23 03:25:20 +08:00
JJGadgets
f8638e387b fix(flux): Recreate deployment strategy 2024-05-23 03:24:45 +08:00
JJGadgets
f9d4ef8f79 fix(flux): Recreate deployment strategy 2024-05-23 03:20:51 +08:00
JJGadgets
39416c7b55 fix(flux): Recreate deployment strategy 2024-05-23 03:19:13 +08:00
JJGadgets
1c30b5b095 fix(flux): Recreate deployment strategy 2024-05-23 03:15:33 +08:00
JJGadgets
fe227a89ff fix(flux): Recreate deployment strategy 2024-05-23 03:13:37 +08:00
JJGadgets
f085b535c8 feat(rook-ceph/cluster)!: add Sinon, reorg for multi cluster 2024-05-23 03:08:25 +08:00
JJGadgets
b306147f6f feat(sinon/talos): kube-scheduler default topologySpreadConstraints 2024-05-23 02:34:43 +08:00
JJGadgets
1b0cda7f33 fix: flux expose webhook receiver, cleanup biohazard/flux 2024-05-22 23:48:25 +08:00
JJGadgets
f78256ba74 fix(external-secrets): oops 2024-05-22 07:29:08 +08:00
JJGadgets
97179b77e0 fix(external-secrets): ks healthcheck 2024-05-22 07:27:57 +08:00
JJGadgets
c1a4ed82ad fix(external-secrets/1p): secret names 2024-05-22 07:18:51 +08:00
JJGadgets
1fea6afe56 fix(external-secrets): bootstrap cleanup 2024-05-22 01:24:47 +08:00
JJGadgets
1ba1d03bd0 fix(cilium): bootstrap cleanup 2024-05-21 21:26:53 +08:00
JJGadgets
d326e87845 fix(sinon/flux): bootstrap cleanup 2024-05-21 21:25:18 +08:00
JJGadgets
3f41343db0 fix(sinon/flux): bootstrap cleanup 2024-05-21 21:18:50 +08:00
JJGadgets
4a8a0ce4eb fix(cilium): bootstrap cleanup 2024-05-21 21:18:06 +08:00
JJGadgets
95b5d16ea8 fix(monitoring): move netpols 
TODO: need to harden that netpol
 2024-05-21 20:46:35 +08:00
JJGadgets
1fa037d29a fix(monitoring): move netpols 
TODO: need to harden that netpol
 2024-05-21 20:45:22 +08:00
JJGadgets
5ba9c8ae7b feat!: Flux localhost bootstrap from 1P, add Sinon cluster 
- installs Flux in hostNetwork mode binded to localhost to new clusters

- rework Taskfiles for new bootstrap flow, including loading secrets direct from 1Password with no SOPS for secret zero

- use 1Password for both talsecret and talenv for talhelper genconfig

- remove SOPS secrets

- add Sinon cluster, used as NAS

- cleanup ExternalSecret and 1P Connect's Flux ks for smoother bootstrap

- try out 1Password Connect as extraContainer in external-secrets deployment to avoid secrets going over network

- general cleanup
 2024-05-21 13:49:50 +08:00
tinfoild[bot]
54f4117a42 fix(container): update image ghcr.io/tchapi/davis to v4.4.3 (#898) 
Co-authored-by: tinfoild[bot] <140665299+tinfoild[bot]@users.noreply.github.com>
 2024-05-20 02:28:20 +00:00
tinfoild[bot]
e62d8b03dd chore(container): update image docker.io/inspircd/inspircd-docker to 6885500 (#905) 
Co-authored-by: tinfoild[bot] <140665299+tinfoild[bot]@users.noreply.github.com>
 2024-05-20 02:11:07 +00:00
JJGadgets
941c1151f5 fix(onepassword-connect): don't double base64 
ESO docs are wrong?
 2024-05-20 09:27:32 +08:00
JJGadgets
67203c8f0a fix(onepassword-connect): netpol for documents, ES for credentials 2024-05-20 09:17:05 +08:00
tinfoild[bot]
624b82d571 fix(container): update image ghcr.io/fluxcd/source-controller to v1.2.5 (#903) 
Co-authored-by: tinfoild[bot] <140665299+tinfoild[bot]@users.noreply.github.com>
 2024-05-20 00:50:52 +00:00
JJGadgets
71759eef2e feat(bootstrap/flux)!: build Flux v2.2.3 localhost install manifests (#902) 
Co-authored-by: tinfoild[bot] <140665299+tinfoild[bot]@users.noreply.github.com>
 2024-05-20 07:46:22 +08:00