An error occurred fetching the project authors.
  1. 17 Jul, 2020 4 commits
  2. 14 Jul, 2020 1 commit
  3. 22 Jun, 2020 1 commit
  4. 06 Mar, 2020 1 commit
  5. 02 Mar, 2020 1 commit
  6. 20 Feb, 2020 1 commit
  7. 19 Nov, 2019 1 commit
  8. 04 Oct, 2019 1 commit
    • Thomas Gambier's avatar
      do not create two wrappers for the same executable if hash change · ed707d3b
      Thomas Gambier authored
      Prevent creating 2 wrapper for the same service if hash changed. Here, one service is exited because port is used by the firt to service to start:
      
          slappart6:runner-sshd-4248650e36a9a26a6481df1baffd9f58-on-watch                RUNNING   pid 27835, uptime 0:03:45
          slappart6:runner-sshd-b3b68f4278ceb84691ec27521ea229eb-on-watch                EXITED    Mar 06 04:52 PM
      
      To achieve that, update slapos.cookbook and use hash-existing-files option of wrapper recipe
      
      hash-existing-files list all the files used for hash that are not
      handled by buildout. For those files, the hash is calculated as soon as
      the __init__ function so that if there is a change in those files,
      buildout will remove the existing wrapper (it will uninstall the
      section) and replace it with the new wrapper.
      
      /reviewed-on nexedi/slapos!525
      ed707d3b
  9. 27 Sep, 2019 4 commits
  10. 18 Jul, 2019 1 commit
  11. 10 Jul, 2019 1 commit
  12. 20 Jun, 2019 1 commit
    • Łukasz Nowak's avatar
      caddy-frontend: Add promise for rejected slaves · 2a6967d6
      Łukasz Nowak authored
      Frontend operator shall have easy access to information about rejected
      slaves, possibly the best in the JSON file.
      
      Also the keys for the human readable information are slave's titles, not
      references.
      
      The information is published via hand crafted HTTPS endpoint.
      
      Note: The SSL certificate is generated manually. Existing caucase is special
            for KeDiFa, this is another step to move all generated certificates (or
            otherwise self-signed) to internal, full automatic caucase.
      2a6967d6
  13. 28 May, 2019 1 commit
  14. 23 Apr, 2019 2 commits
  15. 15 Apr, 2019 1 commit
  16. 12 Apr, 2019 1 commit
    • Łukasz Nowak's avatar
      caddy-frontend: Sort slave list during processing · eb33377c
      Łukasz Nowak authored
      This mostly useful during tests to have stable results, especially when
      some slaves are rejected.
      
      This change is expected to be no-op during normal run.
      
      Note: The slave rejection system does not guarantee any ordering, as the sort
            order can change, because of parameters can reorder slaves. Thus, even
            if slave A was requested before slave B, and they conflict each other,
            slave A can be rejected instead of "expected" slave B.
      eb33377c
  17. 13 Mar, 2019 5 commits
    • Łukasz Nowak's avatar
      caddy-frontend: Switch AIKC to default true · a198be7f
      Łukasz Nowak authored
      It is better to have automation similar to previous implementation by
      default.
      a198be7f
    • Łukasz Nowak's avatar
    • Łukasz Nowak's avatar
      caddy-frontend: Implement AIKC · 28a1283d
      Łukasz Nowak authored
      AIKC - Automatic Internal Kedifa's Caucase CSR signing, which can be triggered
      by option automatic-internal-kedifa-caucase-csr.
      
      It signs all CSR which match csr_id and certificate from the nodes which needs them.
      28a1283d
    • Łukasz Nowak's avatar
      caddy-frontend: Expose csr_id over HTTPS · 7c5c99b1
      Łukasz Nowak authored
      csr_id is exposed over HTTPS with short living self signed certificate,
      which is transmitted via SlapOS Master. Thanks to this, it is possible to
      match csr_id with certificate of given partition and take decision if it shall
      be signed or not.
      
      This is "quite secure" apporach, a bit better than blidny trusting what CSR
      to sign in KeDiFa. The bootstrap information, which is short living
      (certificates are valid for 5 days), resides in SlapOS Master. The csr_id
      is not directly known to SlapOS Master, and shall be consumed as fast as
      possible by frontend cluster operator in order to sign CSR appearing in
      KeDiFa caucase. The known possible attack vector requires that attacker knows
      caucased HTTP listening port and can hijack HTTPS traffic to the csr_id-url
      to get the human approve his own csr_id. The second is hoped to be overcomed
      by publishing certificate of this endpoint via SlapOS Master.
      
      Unfortunately caucase-updater prefix is directly used to find real CSR, as the
      one generated is just a template for rerequest, thus csr_id would be different
      from really used by caucase-updater.
      7c5c99b1
    • Łukasz Nowak's avatar
      caddy-frontend: Implement KeDiFa SSL information · bc2b1742
      Łukasz Nowak authored
      Use KeDiFa to store keys, and transmit the url to the requester for master
      and slave partitions.
      
      Download keys on the slave partitions level.
      
      Use caucase to fetch main caucase CA.
      
      kedifa-caucase-url is published in order to have access to it.
      
      Note: caucase is prepended with kedifa, as this is that one.
      
      Use kedifa-csr tool to generate CSR and use caucase-updater macro.
      
      Switch to KeDiFa with SSL Auth and updated goodies.
      
      KeDiFa endpoint URLs are randomised.
      
      Only one (first) user certificate is going to be automatically accepted. This
      one shall be operated by the cluster owner, the requester of frontend master
      partition.
      
      Then he will be able to sign certificates for other users and also for
      services - so each node in the cluster.
      
      Special trick from https://security.stackexchange.com/questions/74345/provide-subjectaltname-to-openssl-directly-on-command-line
      is used for one command generation of extensions in the certificate.
      Note: We could upgrade to openssl 1.1.1 in order to have it really
      simplified (see https://security.stackexchange.com/a/183973 )
      
      Improve CSR readability by creating cluster-identification, which is master
      partition title, and use it as Organization of the CSR.
      
      Reserve slots for data exchange in KeDiFa.
      bc2b1742
  18. 08 Mar, 2019 1 commit
  19. 07 Mar, 2019 3 commits
  20. 01 Mar, 2019 1 commit
    • Łukasz Nowak's avatar
      caddy-frontend: Publish only active slaves from main partition · 9714a74c
      Łukasz Nowak authored
      As some of the nodes can lag behind, the system can be in state, that those
      nodes will send inactive (also destroyed) slave publish information. Before
      publishing it to master, check if each of slaves is really present on master.
      
      Tasks:
      
       - [x] prove it really works on simulated environment
       - [x] check impact on massive simulated environment
       - [x] cover with a test (optionally)
       - [ ] check test results with this change
      
      /reviewed-on nexedi/slapos!519
      9714a74c
  21. 10 Feb, 2019 1 commit
  22. 22 Nov, 2018 1 commit
  23. 21 Nov, 2018 1 commit
  24. 20 Nov, 2018 3 commits
  25. 17 Sep, 2018 1 commit