This project is archived. Its data is read-only.

Improve the firewall config and code of the new test email server for Jenkins Agents

Firewall improvements:

Cleanup unused firewall config in Jenkins Agents
Force Jenkins Agents to connect directly to the VM's IP:
- Export rules so isoworkers-mail.tails.net accepts from Jenkins Agents in mail and http(s) ports.
- Map isoworkers-mail.tails.net to 192.168.126.20 in Jenkins Agents
- Remove the tirewall::public_service entries for mail (leave port 80)
- Remove custom firewall rules added to Iguana.

Code improvements:

Move the client email password config to hieradata/role/isoworker.eyaml
Move the Nginx config from node definition to a profile.
Move the Libvirt hosts firewall config to exported resources in the same profile as above.
~~Refactor tails::tester::support::email* to a profile (same as above, probably).~~ → Deferred to #16958

Missing bits:

Test suite: allow Thunderbird to connect to tes... (tails!1268 - merged)
Apply improvements to the firewall config once again.
Check that Thunderbird tests keep working.

Edited Nov 23, 2023 by Zen Fu

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Assignee Loading

Time tracking Loading