infra - The PyDis DevOps boiler house, the engine room, where the magic happens.

	Commit message (Collapse)	Author	Age	Lines
...
*	Add CORS config for Thallium	Joe Banks	2024-08-19	-0/+7
\|
*	Add signing key for thallium	Chris Lovering	2024-08-19	-0/+0
\|
*	Reflect pydis.wtf cert into merge	Joe Banks	2024-08-18	-4/+4
\|
*	Thallium Backend to merch-api	Joe Banks	2024-08-18	-26/+26
\|
*	Add manifests for thallium	Chris Lovering	2024-08-18	-0/+79
\|
*	Switch to LE prod for owlcorp.uk	Joe Banks	2024-08-18	-1/+1
\|
*	Add owlcorp.uk TLS certificate	Joe Banks	2024-08-18	-0/+18
\|
*	Reformat scripts with latest ruff rules	Chris Lovering	2024-08-12	-2/+2
\|
*	Update modmail secrets	Chris Lovering	2024-08-02	-0/+0
\|
*	Update modmail secrets	Chris Lovering	2024-08-02	-0/+0
\|
*	Ensure int64 values are stored as strings	Chris Lovering	2024-08-02	-0/+0
\|
*	Update Modmail secrets	Chris Lovering	2024-08-02	-0/+0
\|
*	Configure Loki to retain logs for 30 days maximum	Joe Banks	2024-07-31	-0/+2
\|
*	Only deploy DNS on main if DNS path is updated	Chris Lovering	2024-07-30	-8/+40
\|
*	Also reflect ghcr pull secret to modmail namespace	Chris Lovering	2024-07-26	-0/+0
\|
*	Move ghcr-pull-secret to use reflection, rather than duplicating the secret	Chris Lovering	2024-07-26	-0/+0
\|
*	Add LDAP secrets to King Arthur	Joe Banks	2024-07-26	-0/+0
\|
*	Mount IPA CA to King Arthur	Joe Banks	2024-07-26	-18/+23
\|
*	Reflect IPA CA to bots namespace	Joe Banks	2024-07-26	-2/+2
\|
*	Mount new config for LDAP to Grafana and add IPA CA cert	Joe Banks	2024-07-26	-2/+14
\|
*	Add LDAP bind user password for Grafana	Joe Banks	2024-07-26	-0/+0
\|
*	Add new Grafana LDAP config and ldap.toml config	Joe Banks	2024-07-26	-0/+65
\|
*	Move IPA CA to be a cluster-wide configmap (with Reflector)	Joe Banks	2024-07-26	-34/+39
\|
*	Add new modmail secrets	Chris Lovering	2024-07-26	-0/+0
\|
*	Redirect requests to root to account config page	Joe Banks	2024-07-25	-13/+17
\|
*	chore(deps): update registry.k8s.io/kube-state-metrics/kube-state-metrics ↵	renovate[bot]	2024-07-24	-1/+1
\| \| \| \| \| \| \| \| \|	docker tag to v2.13.0 (#412) \| datasource \| package \| from \| to \| \| ---------- \| ----------------------------------------------------- \| ------- \| ------- \| \| docker \| registry.k8s.io/kube-state-metrics/kube-state-metrics \| v2.12.0 \| v2.13.0 \| Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
*	Remove ghost blog	Chris Lovering	2024-07-22	-99/+0
\|
*	chore(deps): update ghost docker tag to v5.88	renovate[bot]	2024-07-22	-1/+1
\| \| \| \| \| \|	\| datasource \| package \| from \| to \| \| ---------- \| ------- \| ---- \| ---- \| \| docker \| ghost \| 5.87 \| 5.88 \|
*	Add a trust store to Keycloak for the IPA generated CA	Joe Banks	2024-07-21	-1/+44
\| \| \| \| \| \| \|	This allows us to authenticate requests to LDAP with LDAPS and ensure a) authenticity and b) security of the transmission. Signed-off-by: Joe Banks <[email protected]>
*	chore(deps): update quay.io/keycloak/keycloak docker tag to v25.0.2	renovate[bot]	2024-07-18	-1/+1
\| \| \| \| \| \|	\| datasource \| package \| from \| to \| \| ---------- \| ------------------------- \| ------ \| ------ \| \| docker \| quay.io/keycloak/keycloak \| 25.0.1 \| 25.0.2 \|
*	Update node_exporter daemonset to 1.27+ featureset	Joe Banks	2024-07-18	-3/+3
\|
*	chore(deps): update quay.io/prometheus/node-exporter docker tag to v1.8.2	renovate[bot]	2024-07-18	-1/+1
\| \| \| \| \| \|	\| datasource \| package \| from \| to \| \| ---------- \| -------------------------------- \| ------ \| ------ \| \| docker \| quay.io/prometheus/node-exporter \| v1.2.0 \| v1.8.2 \|
*	chore(deps): update ghost docker tag to v5.87	renovate[bot]	2024-07-18	-1/+1
\| \| \| \| \| \|	\| datasource \| package \| from \| to \| \| ---------- \| ------- \| ---- \| ---- \| \| docker \| ghost \| 5.78 \| 5.87 \|
*	Add certbot post deploy hook to reload nginx	Chris Lovering	2024-07-16	-1/+2
\|
*	Document current redis database usage	Chris Lovering	2024-07-16	-0/+7
\|
*	Add redis url secret to forms-backend	Chris Lovering	2024-07-16	-0/+0
\|
*	Add Admins to Grafana authorized Team IDs	Joe Banks	2024-07-14	-1/+1
\|
*	Bump mogno mem requests and limit	Chris Lovering	2024-07-10	-2/+2
\|
*	Add sumer code jam announcement channel id	Chris Lovering	2024-07-05	-0/+1
\|
*	Add YouTube API key to king-arthur	Chris Lovering	2024-07-05	-0/+3
\| \| \| \|	This also documents secrets that were already present in the file.
*	Update Sir Robin to CJ11 (#399)	Boris Muratov	2024-07-03	-1/+1
\|
*	Move noqa definition required in latest ruff version	Chris Lovering	2024-07-01	-2/+2
\|
*	Allow new kube-state-metrics image to watch ingresses	Joe Banks	2024-07-01	-0/+1
\|
*	Move away from vendored kube-state-metrics	Joe Banks	2024-07-01	-1/+1
\|
*	Add issuer for Vault certificates in tooling namespace	Joe Banks	2024-06-27	-0/+5
\| \| \| \| \|	We will use this to deploy internal TLS certificates from a self-signed CA that allows for TLS traffic within the cluster.
*	Add deployment of Keycloak	Joe Banks	2024-06-27	-0/+122
\|
*	Scale AM back to 3 replicas	Chris Lovering	2024-06-24	-1/+1
\|
*	Add ff-bot deployment	Joe Banks	2024-06-16	-0/+82
\|
*	Add Kubernetes volume alerts	Joe Banks	2024-06-16	-0/+11
\| \| \| \| \| \| \| \| \| \| \|	It seems that Linode has added storage reporting info to the CSI driver allowing us to pick up on the storage use of persistent volume claims within the cluster. This creates and deploys an alert that will report if any volume has under 10% of space left. I have excluded Prometheus as our TSDB retention settings mean that it will always stay just below it's volume size by design.
*	Update Loki config with new compactor preferences for retention modes	Joe Banks	2024-06-13	-1/+6
\| \| \| \| \| \| \| \| \|	* `retention_enabled`: enable retention mode within the compactor * `delete_request_store`: store deletion requests within the s3 cluster that is also used to house log chunks * `delete_request_cancel_period`: do not exercise log deletion instructions until at least one hour has passed to prevent accidental deletion