aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/scripts (unfollow)
Commit message (Collapse)AuthorLines
2024-06-06Switch to using designated placeholder IPv4 for originless recordsGravatar Joe Banks-3/+3
We currently used something like 1.2.3.4 or 1.1.1.1 as placeholder IP addresses for DNS records where we ran in "originless" mode (the request is always answered by a Cloudflare Worker or a redirect). This changes that so we use designated reserved IPv4 addresses (192.0.2.0) to capture that traffic instead, ensuring that in no circumstance would we leak traffic to an address like 1.1.1.1 or 1.2.3.4 if there was a Cloudflare misconfiguration. Despite the potential risk vectors here being very small, it's a minor change and also helps us ensure configuration works correctly in the future.
2024-06-06Set proxied to true for paste recordGravatar Joe Banks-1/+1
2024-06-06Add paste.pydis.wtf record for forwardingGravatar Joe Banks-0/+8
2024-06-05Add tmpfs to King ArthurGravatar Joe Banks-0/+9
2024-06-04Add automatic HBA rules for all users to connect via mTLSGravatar Joe Banks-3/+9
2024-06-04Add devops user accountGravatar Joe Banks-42/+69
2024-06-04Add CA file to postgresql.confGravatar Joe Banks-0/+2
2024-06-04Add pg_ident.conf fileGravatar Joe Banks-1/+18
2024-06-04Install PostgreSQL documentation packageGravatar Johannes Christ-0/+1
2024-06-03Bump ruff from 0.4.5 to 0.4.7 (#342)Gravatar dependabot[bot]-21/+22
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.4.5 to 0.4.7. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](https://github.com/astral-sh/ruff/compare/v0.4.5...v0.4.7) --- updated-dependencies: - dependency-name: ruff dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>