From c57ca6ab119defca7be507e16e19f37ef3559f9d Mon Sep 17 00:00:00 2001 From: Brendan Golden Date: Wed, 12 Feb 2025 22:30:23 +0000 Subject: [PATCH 1/4] feat: adding another runner to speed up deployment Closes #139 --- applications/git/forgejo_runner.nix | 56 ++++++++++++++-------------- machines/glados.nix | 5 +++ machines/wheatly.nix | 5 ++- secrets/forgejo/runners/ssh.age | Bin 1381 -> 1491 bytes secrets/forgejo/runners/token.age | 19 ---------- secrets/forgejo/runners/token1.age | Bin 0 -> 1138 bytes secrets/forgejo/runners/token2.age | 21 +++++++++++ secrets/secrets.nix | 6 ++- 8 files changed, 63 insertions(+), 49 deletions(-) delete mode 100644 secrets/forgejo/runners/token.age create mode 100644 secrets/forgejo/runners/token1.age create mode 100644 secrets/forgejo/runners/token2.age diff --git a/applications/git/forgejo_runner.nix b/applications/git/forgejo_runner.nix index 29029cb..c43ecec 100644 --- a/applications/git/forgejo_runner.nix +++ b/applications/git/forgejo_runner.nix @@ -15,21 +15,23 @@ in { options.services.skynet."${name}" = { enable = mkEnableOption "Skynet ForgeJo Runner"; - runner = { - name = mkOption { - type = types.str; - default = config.networking.hostName; - }; + name = mkOption { + type = types.str; + default = config.networking.hostName; + }; - website = mkOption { - default = "https://forgejo.skynet.ie"; - type = types.str; - }; + website = mkOption { + default = "https://forgejo.skynet.ie"; + type = types.str; + }; - user = mkOption { - default = "gitea-runner"; - type = types.str; - }; + user = mkOption { + default = "gitea-runner"; + type = types.str; + }; + + secret = mkOption { + type = types.path; }; }; @@ -40,23 +42,23 @@ in { ]; age.secrets.forgejo_runner_token = { - file = ../../secrets/forgejo/runners/token.age; - owner = cfg.runner.user; - group = cfg.runner.user; + file = cfg.secret; + owner = cfg.user; + group = cfg.user; }; # make sure the ssh config stuff is in teh right palce systemd.tmpfiles.rules = [ - #"d /home/${cfg.runner.user} 0755 ${cfg.runner.user} ${cfg.runner.user}" - "L+ /home/${cfg.runner.user}/.ssh/config 0755 ${cfg.runner.user} ${cfg.runner.user} - ${./ssh_config}" + #"d /home/${cfg.user} 0755 ${cfg.user} ${cfg.user}" + "L+ /home/${cfg.user}/.ssh/config 0755 ${cfg.user} ${cfg.user} - ${./ssh_config}" ]; age.secrets.forgejo_runner_ssh = { file = ../../secrets/forgejo/runners/ssh.age; mode = "600"; - owner = "${cfg.runner.user}"; - group = "${cfg.runner.user}"; + owner = "${cfg.user}"; + group = "${cfg.user}"; symlink = false; - path = "/home/${cfg.runner.user}/.ssh/skynet/root"; + path = "/home/${cfg.user}/.ssh/skynet/root"; }; nix = { @@ -94,14 +96,14 @@ in { # give teh runner user a home to store teh ssh config stuff systemd.services.gitea-runner-default.serviceConfig = { DynamicUser = lib.mkForce false; - User = lib.mkForce cfg.runner.user; + User = lib.mkForce cfg.user; }; users = { - groups."${cfg.runner.user}" = {}; - users."${cfg.runner.user}" = { + groups."${cfg.user}" = {}; + users."${cfg.user}" = { #isSystemUser = true; isNormalUser = true; - group = cfg.runner.user; + group = cfg.user; createHome = true; shell = pkgs.bash; }; @@ -118,8 +120,8 @@ in { package = pkgs.forgejo-actions-runner; instances.default = { enable = true; - name = cfg.runner.name; - url = cfg.runner.website; + name = cfg.name; + url = cfg.website; tokenFile = config.age.secrets.forgejo_runner_token.path; labels = [ ## optionally provide native execution on the host: diff --git a/machines/glados.nix b/machines/glados.nix index 842da0c..5e499d8 100644 --- a/machines/glados.nix +++ b/machines/glados.nix @@ -28,6 +28,7 @@ in { imports = [ ../applications/git/gitlab.nix ../applications/git/forgejo.nix + ../applications/git/forgejo_runner.nix ]; deployment = { @@ -43,5 +44,9 @@ in { backup.enable = true; gitlab.enable = true; forgejo.enable = true; + forgejo_runner = { + enable = true; + secret = ../secrets/forgejo/runners/token2.age; + }; }; } diff --git a/machines/wheatly.nix b/machines/wheatly.nix index f38000b..cb9cdb6 100644 --- a/machines/wheatly.nix +++ b/machines/wheatly.nix @@ -39,6 +39,9 @@ in { services.skynet = { host = host; backup.enable = true; - forgejo_runner.enable = true; + forgejo_runner = { + enable = true; + secret = ../secrets/forgejo/runners/token1.age; + }; }; } diff --git a/secrets/forgejo/runners/ssh.age b/secrets/forgejo/runners/ssh.age index 7a716d1b83c03bf40c05fa613d047819829ce36a..ffda5eb6e8a0c5b981cac03e17035e0102c69a43 100644 GIT binary patch literal 1491 zcmZY8`;XHE00(eHFgoCf1`+}%j-WBzGPbU3*8<+rZQY}LwtEjQ(5_v#?$NGm*RD~> z1w?`xjfbK_Jjfvm7sQAlQ8^KFZ~-HRyNk*RifBAzL?VzFgQ7p5f59i;?>AqX=d4`4 zAh#u@EY??wGH+`ECTq93*(_N()&W5PYEA=^7RAhYqC(p%je40@lq%xl^>Rg*LMW4~ z3k1=0#VArqL9Ewapdu!c26HVVsTGKzCj+W1z{kO0CX>-wSmdZ2V??9bAnJ0sXk@zP zj2n58H%p{W$fS;?Dl%iyG6anfkQVk7ft;Evt5MC%N9|HZQw5)9N*DQ*!=pKUde&$q z8H*#MgyKmG7NoWoc2gSHKsCr?XW3wIy2fJm7R8%&+7(LHy=vL*01YlslYNTlE;T3{ ztP4aW%PLp^1rwORl15Bzzf`HAkX)lVq1t4aNP(;gl}Ip-SGXn|MQda^1gNl&2x!wa zD9WOsW`+%*X<)de6;v&amPS!Bo)78~G?7I}E)__)MHPre5Z3L*O&Fr`V32y3{ zxNwU`LY@F!WMhcE1o}aT6f1>djJp*7Uy}`lBY57NaspYu=H(zehBOj3D5&Kk4hAVF z@e+)98&QNMXs$*9p(<$tYqC&cNCmbVMG}HTL4Z)l3OmZeML-Zu$Za5sXPuGfN8sJE?7-OqdB8GZEsmKUq)1S4sYoOj% zLTOu~M7xs+<>pd}xR*?s5U<8EfP+N}STf7x{DKTMrA!K7s?87zL%a{hT|x=OF^HV5 zc^a{#pEOeu#hC+TXI6)4JVlpsVoUHUPMEdX<1x1j^>|`fSRnIB05>J*76v$_oX-X4 z^^8B05E^Q@lBC@c!tlnMK1}LtX8I=|Ur`X}4ex{A zEB+Q+wr*(lwPS;udRAVzarP*A^YAz1_)nw1kAJ&)(_6bI$dA;)!y~s(eSM(o=AnhA z@yV^f%o^xh{K@|I_5Gup->Eq}`oQ$$!Lu7?4vb99Khk~kqBeSIQJ;8va`zp!aAo|} z+Fj-PWWQ_f;}b706ZN5)b58Gg_y@hy+jHM?{N%h%TzLEL@PY?!Z5!G1`V*&w=K3|S^soC=>CG?NyZ*9vNtm&8 zBC&Qvm9xQ`Fe`t1)*Af%C98KHd&7!8^5OQa-MI&sethQ8j)hy(1rYA)!O)8av*gr6 z+m7!>E!Nj|w!>R^p{r{~=e1b1dyRGIujha>fB3*#*w5c*2OgXA1#xm<`#rl>d~k3< zaOj!(vq&$r_wb6I&-WNVlHXnJRhA>eiK%m*vEJotFE1XQOKqCJ{?AqJjXUq$XlzmT ZK2^Ai-%IqLm-b9;=oqvP936f>{V$RnB&q-a literal 1381 zcmZ9{`;XHE007_|9)g1eBFgcIFa$wZj&_f(8#z3-uIqYR+qKtq4-P}ub!~5tZtd1? z#gIVaA;ySA5sg7PAqt`r;glG`2ghA_h(;5@5Fe;;!NWsA;M7FapYJdD^6`?`E|vwY zS*a;%d8MjJfZ?>YKW5i;xn0b;Ajs*rbIyuM2JEQ9lm(xa4H)%TexHHRE82NGuE#44K0XeWK=x zTNzcd`!uP6k)WHf{N8dr!k2N{poD^6E6J=x6-Z}@QC*2*(-qKdRYG($Fu15{7} zya@nox~fh$nZS{VVwQV*ec2}IRKtz*L@gHp4MwtiETUG7iAmaWEB;c>kuODRKo^y+ zs0EiQ!n}u-*aXBy)lk}ou?WnSX+TafzA6`va$pEA2O1z*ilKz;V2W5+OE6jP|M)}= zB6EJXX*U%)sp~O{n<*R_NkTwp(-Y ziA11IWV1xIS3}*HA_X%Nr*wgC+6<9^Z=zQ9iCvOpw+gvNNtI+Kk*h$40(t^vQgDYD z9t&zL-pul9tSV*F&S+D$DXxqW!RZL#h#R046D${oxad;Zz&)f;#RQLxMv56$@fU@O zT9ng#nrW|#Nes^zwPKL*gF&qZq4`FR^k5u|q|G94IG~E*XE?y^mTVQnir}2+ahY|Z z!g5FkCvg~0Foie~P;{eM?xyr4oRj5Vb)uG6c&A9)gCP@3`x;3TY0^$dQ{@B;661a> z6GU~Yw;GDN@gyDKL>?tptdGd3bI(x1bDmw zMLoUwNKuPXNr4QMoFS=_3YAEV_NPS^Ms4lw?e;p8^6IjyPyo;{Z7L~mJlh~BS(Qzz zAeT#+-wTN`CmBV3x=lH^>yhDEW4~G1t;<8NRGt}J15UjepZVt5@s+pxTF>G@ zIR3=#=KFE?tWUR}1#TEkWAph3hW=UHQr~hVd7_Q}X}UU+KQL<3*8IL?PusHx9Gj2+ zyJ8wkOp}#zJ4p=*P z-&^DHo#Snj=`T8~x9-A+hCUuP=yb=NaBMYo&!L(7wHYlt4vJ%goh=Jev;P_v-adnG zIT5&T`mY-=PW@!=!Vk8N4s!jk_B;(;Ik>KJc-{a5O+GqL#$R0O>6vt6W2ABQPRnZ$ z(ziS~_W7Et%km#}2#c-U4<|cXzinxCo&IXWvepIL(eL+Pe`@sXrXFbLUcPyJ;QX8? zhn;iN4?q6Gu|I*Oe^1_cedOJJ%LW$pUmjSpsAZt1dGYo8aX4^#(&jTmvrk}K7w%nr ztFFAD@(elKz7ZhigGjtlGOZ%JwY0fNf^ ABme*a diff --git a/secrets/forgejo/runners/token.age b/secrets/forgejo/runners/token.age deleted file mode 100644 index 2bdb872..0000000 --- a/secrets/forgejo/runners/token.age +++ /dev/null @@ -1,19 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 V1pwNA kZ6MC1GXuminn2Hlomkep1wIv1lp6KpJOJcpXkhQWWM -K1B58FSyb4QpINlhuvVv4dGFNjTChU1KNoezZcS/a6Y --> ssh-ed25519 4PzZog pbxwzRvcsOgY9hd48BZEOH6VHFLn93gJ8yDHQyNIiSI -Fa/Z6si9vyox/pmPvWTndyYCQxo7tcvdlRuTgw6IY9g --> ssh-ed25519 dA0vRg OW2y/LkN/287NVuRRlSpihR+k/MZ+a0R5cIrHFne6RI -U0ZqipfDlpz9LeXKNWkl7tYCnsBjSQz8q4mETBVEalI --> ssh-ed25519 5Nd93w jDy3i1Z1NWYqdVdw4h+maaBjokVWNrSfHtSQotb2bWg -PtgX9L78wpJHiX4lmP+H0bfRZd/tNfHrUEAShJ38ss8 --> ssh-ed25519 q8eJgg BCaUEZ3H3BglgKPAbl/ITQaEv9Jc2rRAoFuPXhy4WFI -DMqJu0vjDJ8rIXLSL17Dx4Aoq8Uhdo4jU8g1jTSvMK4 --> ssh-ed25519 KVr8rw dKk0SN9SXTQsPwMFiKKMuoRwzTHJB8kr33nadRzBoDc -m2xPKYFMC/y5fKkgaBc+5TVg9ZH+zVSM9I4I3htSm7I --> ssh-ed25519 fia1eQ NGl1o/38iTm6QiQB7pl0NBkohMZGLMeaXZ37TV184B4 -zk/DTLhuGfhDU3gNA7S0BjGOowteEhR9v5oNmOkWTGU --> ssh-ed25519 CqOTGQ JbZYKqGfWeVu/JEAAeC6wE4QvKLEeidvggQnm6beJxA -ArogOkTDAnvC1SKPkSGapNix2W6yvku1QFOFs9bvuGA ---- yWZoUAOfSIL4FbWSAvhVkOEbUA1u3XPGKB1gNka/xfo -zlȑ LC$?Hc|۹.-j l}9:KӮU^IO6 \ No newline at end of file diff --git a/secrets/forgejo/runners/token1.age b/secrets/forgejo/runners/token1.age new file mode 100644 index 0000000000000000000000000000000000000000..50ad61e1019d108e153f0a30a0a6bd6fa460a806 GIT binary patch literal 1138 zcmZY7yX)(800nR-hYmUja^Ws@aws+V<{eNWX{^*((f3IQsbgJXIBw zKJeBCbiLAkFJTlnWhfZqdkt3u8tvy+&he5A=rAfdbR*g;-66FjGHB3xEi@Q!vv>p1 zHxT8{tXI=k2P7ix)?}eD8iP}gQB@}cCd0?@`c!V4MX}GQ8+@-dR4B)fO-^CL7N$X> z^7%*tX2(Mok$^o@JC|NRV={JN1%SkM%FJN3Y0*R6ujXmR_XBEuG!{9X9is@hP|l^rjYn5;cLRn$VWM>Q7j+#yP{w(r_ny12k*qvCxNUx;cxG?D0M+-%)xb`yR4Ymmk~G9K<~^@ z3HI=@^eR)TG(KE7$WiXSV&rE&DPS;y65UQf8iI@%zoZ3vh41|i=!t12yGGe=wY5&Z z@X1x9S)wslq2em9c(P5KtI61qd@YE`G9>N7t=zFWTjMZXJd#tA$4_Sb4zY@h6;Oao zad@SXoUfZ1jK{z(+|$sIH6D2F)_6hdP7{m9a|Ogeh1+RgLa8-$d1;--cH?vajr(hQ zIm26pQXySbR?IBJWy?uZq!4?kRYfvmCf7^dv={q5<}4IVG;G@3okQqxx8-uaRkyZT zd2qGb=t#=9os{fQhz5~Q^n{fXx1q6fwy|ZM*OAx0EdToP?O#9q_N6yv_lf>& z$vu1Z;iI2F`)Pdtw=Z6P@99_Z4^Kb+ER$_Hh7L*hSq OC;a>ChmXI3{`?;^U~!xP literal 0 HcmV?d00001 diff --git a/secrets/forgejo/runners/token2.age b/secrets/forgejo/runners/token2.age new file mode 100644 index 0000000..3c1c894 --- /dev/null +++ b/secrets/forgejo/runners/token2.age @@ -0,0 +1,21 @@ +age-encryption.org/v1 +-> ssh-ed25519 V1pwNA DmSENr+7db9t/epcMdOAjr2qt4rSHWopkuS3/xyz+xY +ClfO4iYTReIp6jvUBqQutkXx4XRJ++u8EsspNdDZ8kw +-> ssh-ed25519 4PzZog QzQ5iPiSSruoDS+PDNI+/6PnIYEnnFTvnrxK4W2ZK3Y +iTETtsauc6clML06hoMr7kinsOirURTECfB/PzJaFT4 +-> ssh-ed25519 dA0vRg UCPTgYh2/8JTajlTIgvk64eKNNMHe4ZxIDILxIGAL18 +Qj0ZS/iNwusCONf9Rh05ftd4cHSmWz7bLZ8HHtQewMo +-> ssh-ed25519 5Nd93w D/87p469o+CW9TOqQb4C+3a9+xRvZ4bzk7vr0wXhdRk +E/uvMfpOPvWosWS4s18f+xmexQcpJ0NED1N35pL5IjI +-> ssh-ed25519 q8eJgg pSW+R1LjAdCTL/ys1X93jSSC+ga1phB8iYqAJ1Ic0yw +IFl+195woVbHjz23w3mxBPkjtbfke3C+jYacWWKOpio +-> ssh-ed25519 KVr8rw KfPs+1IA7M7dYqkUW9vty+xl/8loMZDgVFee/ZR+F0M +mTK9yjQR18aKfw/xEdfsnGXPKxqDi1bKPj2mLtB2Xg4 +-> ssh-ed25519 fia1eQ M7nASBk9cGmZmMHf115JAazAEx3tS+sIVB49KlXltWc +YJ48iqVSJQooltbXvw+olKC4ZZt9a92TR2uQ0xROAPY +-> ssh-ed25519 CqOTGQ CeIqatgAbFS8oNy3fOOJdIkLM0X9AwV2zbpQHcOcICM +qAHOkFsbM5fTxcpLFz9Iz16MVBA1oVqlxUADrLxDRrA +-> ssh-ed25519 uZzB3g eA/GpdA5UKoleGcq9BHwj59Hz86YX7oF3LoG6zZ1ogE +sIs5D3s72gVGglG37S0eDLUTEzuy2U9Nbi03aOJ3W4c +--- rkCxZNLeKI9HMNZnwiFRaL1AsIUYtXYJT/YyJ1UMRqc +!Vp-p|_to Ukt`@ xzWں GF=]iY;YOi}J/, \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix index ca7480f..cad986a 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -77,6 +77,7 @@ let gitlab_runners = [ wheatly + glados ]; grafana = [ @@ -117,7 +118,8 @@ in { "gitlab/runners/runner01.age".publicKeys = users ++ gitlab_runners; "gitlab/runners/runner02.age".publicKeys = users ++ gitlab_runners; - "forgejo/runners/token.age".publicKeys = users ++ gitlab_runners; + "forgejo/runners/token1.age".publicKeys = users ++ gitlab_runners; + "forgejo/runners/token2.age".publicKeys = users ++ gitlab_runners; "forgejo/runners/ssh.age".publicKeys = users ++ gitlab_runners; # for ldap @@ -130,7 +132,7 @@ in { "backup/restic_pw.age".publicKeys = users ++ restic; # discord bot and discord - "discord/token.age".publicKeys = users ++ discord; + "discord/token1.age".publicKeys = users ++ discord; # email stuff "email/details.age".publicKeys = users ++ ldap ++ discord; From af828b56e5d454a30e9e4878d72906e4a3f17892 Mon Sep 17 00:00:00 2001 From: Brendan Golden Date: Fri, 14 Feb 2025 11:52:13 +0000 Subject: [PATCH 2/4] doc: updated the servers list --- ITD/Server_Inventory.csv | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/ITD/Server_Inventory.csv b/ITD/Server_Inventory.csv index dfbc30d..f4c6ed9 100644 --- a/ITD/Server_Inventory.csv +++ b/ITD/Server_Inventory.csv @@ -14,11 +14,14 @@ SKYNET00012,skynet,Active,193.1.96.165,Nixos-24.05,Skynet server. (DMZ) SKYNET00013,neuromancer,Active,193.1.99.080,Nixos-24.05,Local Backup Server SKYNET00014,cadie,Active,193.1.99.077,Nixos-24.05,"Services VM, has nextcloud to start with" SKYNET00015,marvin,Active,193.1.99.081,Nixos-24.05,Trainee testing server -SKYNET00016,optimus,Active,193.1.99.090,Debian-12,Games server manager (replacing SKYNET00006 soon) -SKYNET00017,bumblebee,Active,193.1.99.091,Debian-12,Game server - Minecraft +SKYNET00016,optimus,Retired,193.1.99.090,Debian-12,Games server manager (replacing SKYNET00006 soon) +SKYNET00017,bumblebee,Retired,193.1.99.091,Debian-12,Game server - Minecraft SKYNET00018,calculon,Active,193.1.99.082,Nixos-24.05,"Public Services such as binary cache, Open Governance and Keyserver" SKYNET00019,deepthought,Active,193.1.99.112,Nixos-24.05,Backup Test Server using restic SKYNET00020,ariia,Active,193.1.99.083,Nixos-24.05,"Metrics, Grafana and Prometheus" SKYNET00021,ash,Active,193.1.99.114,NA,Server Room Network access SKYNET00022,ultron,Active,193.1.99.084,Proxmox,VM Host -SKYNET00023,optimus-test,Active,193.1.99.085,Nixos,Testing flake for Pelecian \ No newline at end of file +SKYNET00023,optimus-test,Retired,193.1.99.085,Nixos,Testing flake for Pelecian +SKYNET00024,optimus,Active,193.1.99.090,Nixos,Games server manager (replaced SKYNET00016) +SKYNET00025,bumblebee,Active,193.1.99.091,Nixos,Game server - Minecraft (replaced SKYNET00017) +SKYNET00027,Raspberry Pi,Active,193.1.99.085,Raspbian,Proxmox Qurom server \ No newline at end of file From 8b168f3b11afd0c01105c1c138a5144dea51abc0 Mon Sep 17 00:00:00 2001 From: Brendan Golden Date: Fri, 14 Feb 2025 11:52:37 +0000 Subject: [PATCH 3/4] doc: add teh pending port request for teh forgejo runner --- ITD/Firewall_Rules.csv | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ITD/Firewall_Rules.csv b/ITD/Firewall_Rules.csv index 1563996..b8b1b97 100644 --- a/ITD/Firewall_Rules.csv +++ b/ITD/Firewall_Rules.csv @@ -43,4 +43,5 @@ SKYNET_FIREWALL_00031,Add,i24-06-04_017,Complete,All,-,193.1.99.83,SKYNET00020," SKYNET_FIREWALL_00032,Remove,i24-06-04_017,Complete,All,-,193.1.99.90,SKYNET00016,8080,-,Had incorrectly opened 8080 on the main panel SKYNET_FIREWALL_00033,Add,i24-06-04_017,Complete,All,-,193.1.99.91,SKYNET00017,8080,-,Websocket for admin panel on games management server ,Add,i24-07-15_112,Denied,193.1.99.75,-,-,-,22,-,Response from ITD - 'Our IT Security team have advised that port 22 and port 2222 are only to be allowed through the VPN and will not be opened to allow inbound ssh connections directly from the internet' -SKYNET_FIREWALL_00034,Add,i25-01-26_075,Complete,All,-,193.1.99.91,SKYNET00017,-,23318-23325,Ports for Minecraft Bedrock on the main games server. \ No newline at end of file +SKYNET_FIREWALL_00034,Add,i25-01-26_075,Complete,All,-,193.1.99.91,SKYNET00017,-,23318-23325,Ports for Minecraft Bedrock on the main games server. +,Add,,Pending,193.1.99.75,SKYNET00008,193.1.96.165,SKYNET00012,22,-,Allow our forgejo runner to access and deploy to teh external server \ No newline at end of file From 82108776ce97bd4d782d1ed48e3cd09f4fe00378 Mon Sep 17 00:00:00 2001 From: Brendan Golden Date: Wed, 19 Feb 2025 10:00:58 +0000 Subject: [PATCH 4/4] doc: updated teh spreadsheet for the ports --- ITD/Firewall_Rules.csv | 2 +- ITD/Server_Inventory.csv | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ITD/Firewall_Rules.csv b/ITD/Firewall_Rules.csv index b8b1b97..c955339 100644 --- a/ITD/Firewall_Rules.csv +++ b/ITD/Firewall_Rules.csv @@ -44,4 +44,4 @@ SKYNET_FIREWALL_00032,Remove,i24-06-04_017,Complete,All,-,193.1.99.90,SKYNET0001 SKYNET_FIREWALL_00033,Add,i24-06-04_017,Complete,All,-,193.1.99.91,SKYNET00017,8080,-,Websocket for admin panel on games management server ,Add,i24-07-15_112,Denied,193.1.99.75,-,-,-,22,-,Response from ITD - 'Our IT Security team have advised that port 22 and port 2222 are only to be allowed through the VPN and will not be opened to allow inbound ssh connections directly from the internet' SKYNET_FIREWALL_00034,Add,i25-01-26_075,Complete,All,-,193.1.99.91,SKYNET00017,-,23318-23325,Ports for Minecraft Bedrock on the main games server. -,Add,,Pending,193.1.99.75,SKYNET00008,193.1.96.165,SKYNET00012,22,-,Allow our forgejo runner to access and deploy to teh external server \ No newline at end of file +SKYNET_FIREWALL_00035,Add,i25-02-14_114,Complete,193.1.99.75,SKYNET00008,193.1.96.165,SKYNET00012,22,-,Allow our forgejo runner to access and deploy to teh external server \ No newline at end of file diff --git a/ITD/Server_Inventory.csv b/ITD/Server_Inventory.csv index f4c6ed9..d9a63f5 100644 --- a/ITD/Server_Inventory.csv +++ b/ITD/Server_Inventory.csv @@ -24,4 +24,4 @@ SKYNET00022,ultron,Active,193.1.99.084,Proxmox,VM Host SKYNET00023,optimus-test,Retired,193.1.99.085,Nixos,Testing flake for Pelecian SKYNET00024,optimus,Active,193.1.99.090,Nixos,Games server manager (replaced SKYNET00016) SKYNET00025,bumblebee,Active,193.1.99.091,Nixos,Game server - Minecraft (replaced SKYNET00017) -SKYNET00027,Raspberry Pi,Active,193.1.99.085,Raspbian,Proxmox Qurom server \ No newline at end of file +SKYNET00027,vision,Active,193.1.99.085,Raspbian,Proxmox Qurom server \ No newline at end of file