- 08 Sep, 2016 29 commits
-
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
slaprunner: uses sshkeys_authority recipe to manage openssh keys, otherwise they may change at any slapos run
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
Also makes the interface more readable
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
This makes easier the development of the webrunner, as it can be deployed within a webrunner
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
Nicolas Wavrant authored
-
- 17 Aug, 2016 1 commit
-
-
Nicolas Wavrant authored
Changes include: * new parameter "no-ipv4-frontend" to prevent the request of an ipv4 frontend. The webrunner cannot provide one, so let's get rid of failing promises. * new paramaters to define the ports of the ssh servers (for runner-importer and runner-exporter). Then no colliding when servers run on the same IP.
-
- 10 Aug, 2016 3 commits
-
-
Julien Muchembled authored
-
Vincent Pelletier authored
-
Vincent Pelletier authored
-
- 09 Aug, 2016 4 commits
-
-
Alain Takoudjou authored
-
Alain Takoudjou authored
-
Alain Takoudjou authored
-
Kirill Smelkov authored
This reverts commit 605e564b. Rationale: Stability matters: Quoting 605e564b: > Besides changing only recv window size at runtime breaks compatibility with > openssh: if we only do `-W 1M` on server and try to upload data with openssh as > client, dropbear complains > > [3302] Apr 17 23:10:06 Exit (slapuser2): Bad packet size 32777 > > and connection terminates. Thus RECV_MAX_PAYLOAD_LEN increase is also > required, which cannot be done via option at runtime: > > https://github.com/mkj/dropbear/blob/DROPBEAR_0.53.1/options.h#L268 > > ---- 8< ---- > /* Maximum size of a received SSH data packet - this _MUST_ be >= 32768 > in order to interoperate with other implementations */ > #ifndef RECV_MAX_PAYLOAD_LEN > #define RECV_MAX_PAYLOAD_LEN 32768 > #endif > ---- 8< ---- > > So let's increase DEFAULT_RECV_WINDOW to 1M and RECV_MAX_PAYLOAD_LEN > appropriately (experimentally found that at 512K the complain goes > away). It turned out that "Bad packet size" did not really went away. For example I've recently hit the following: [14586] Aug 04 19:12:43 Pubkey auth succeeded for 'slapuser16' with key md5 b1:35:06:d3:a5:b1:0b:c6:7f:e6:59:31:ab:3a:e1:56 from 2001:67c:1254:c0::1:49886 [14586] Aug 04 19:12:55 Exit (slapuser16): Integrity error (bad packet size 524500) in .slappartX_runner_sshd.log of my upgraded webrunner with connection being broken. ( nexedi/slapos!68 (comment 17748) ) We could maybe try to play games with increasing RECV_MAX_PAYLOAD_LEN to be more than DEFAULT_RECV_WINDOW but this already turned out to be error-prone. Since when really needed we should be able to replace dropbear with openssh nexedi/slapos!68 (comment 7082) which is both performant and good-compatible, to me the way is: - make current dropbear run stable again, - when we really need to sync large amounts of data (and we should be needing to do soon or already) -> work on replacing dropbear with openssh.
-
- 07 Aug, 2016 3 commits
-
-
Kirill Smelkov authored
- GitLab Software + patches ported to GitLab 8.7.X; - Configs synced with upstream; - No base software upgrades this time because it was all recently upgraded during a590b03e; TODO: allow configuration of trusted proxies /reviewed-by TrustMe
-
Kirill Smelkov authored
Like for 2a835e63 $ git diff 8.6.5+ce.0-0-g342f8be..8.7.9+ce.1-0-gf589ad7 -- files/gitlab-cookbooks/gitlab/templates/default/sv-sidekiq-run.erb is empty.
-
Kirill Smelkov authored
I've manually reviewed git diff 8.6.5+ce.0-0-g342f8be..8.7.9+ce.1-0-gf589ad7 -- \ files/gitlab-config-template/gitlab.rb.template \ files/gitlab-cookbooks/gitlab/attributes/default.rb and modulo trusted proxies there are no interesting changes for us.
-