Welcome to rOPS, the Nasqueron operations repository.
Nasqueron infrastructure servers support our budding community of creative people, writers, developers and thinkers.
Nasqueron follows the principle of "Infrastructure as Code" to offer documentation, reproducibility, transparency and to allow external contributions.
It contains:
- server configuration
- deployment information for our applications and services
We mainly rely on Salt for deployment and automation.
Both Nasqueron servers and side projects we manage are in scope.
For example, the Eglide service is configured through roles/core (common to every server) and roles/shellserver (specific).
A. Services are organized in roles and units.
- Roles: a role is a goal a service accomplishes (e.g. mailserver, paas-docker)
- Units: a unit is a component needed to achieve this goal (e.g. an userland software collection, a nginx server)
Directories follow roles/<role>/<unit>.
Those files are known a states.
If configuration files for a unit should be stored,
a subfolder files is created at unit level.
If anything escape to the role and unit logic organization,
like for CVE hotfixes, hotfixes/ directory is used.
B. Structured data is stored in the pillar/ directory.
Those files are known as pillar.
This data is structured as we found suitable to express it cleanly, and queried from states, directly or through functions.
C. States should mostly be easy-to-read templates, without any more programmation than simple if and for templating logic.
If more is needed, functions are created in Salt custom modules:
- Execution modules are stored in
_modules/ - States modules are stored in
_states/
D. This repository is the source of truth for users, groups and ports:
- UIDs document unique usernames and the UIDs for system accounts
- GIDs document the same information for the groups
- PORTS contain the list of reserved application ports
E. Units and integration tests are stored in _tests/
Contributions are welcome to this repository, especially if you wish to:
- improve our infrastructure
- install or configure something on a Nasqueron server
- install or configure something on a project we manage (like Eglide)
- help to migrate services to Salt
You can follow this contributor guide to send a commit for review. This procedure is open to everyone.
Issues can be reported on the #Servers component on DevCentral, the Nasqueron Phabricator instance.
Support for contributors is provided on Libera #nasqueron-ops.
The repository uses the following terminology:
- Salt primary server: server that issues commands to other servers, including itself
- Node: a server, baremetal or VM configured by Salt
A lot of configuration as code is trivial, and so ineligible for copyright per threshold of originality
When this is not the case, the code is licensed under BSD-2-Clause if not otherwise specified.