Skip to content
E. Dunham edited this page Aug 29, 2016 · 19 revisions

Servo's infrastructure is managed with SaltStack. Issues directly related to to the infrastructure's configuration should be filed on the SaltFS repo.

General infrastructure issues are filed under the A-Infrastructure tag in the main Servo issue tracker.

DNS

Servo's DNS and SSL are managed through CloudFlare. Credentials for logging into CloudFlare are in the doc with all the other secrets. DNS entries are accessed by clicking the blue square labeled "DNS" in the row of blue squares near the top of the page.

AWS S3 file hosting

We use S3 to host nightlies and the downloads page. The servo-builds bucket can be accessed directly at https://servo-builds.s3.amazonaws.com/index.html. Due to redirection silliness, the buckets download.servo.org and dl.servo.org exist. Their sole purpose is to redirect traffic to the servo-builds bucket in the way that AWS demands; nobody can nor should upload any files to them ever.

The "Servo Developer Preview Downloads" page on S3 is raw HTML, CSS, and bootstrap yanked from the servo.org main page in June 2016. Edit it by downloading the HTML, making changes, and re-uploading to the servo-builds S3 bucket (sorry!). The files are available in this repo: https://github.com/servo/download.servo.org.

If it's super urgent or you're impatient, you can then create a CloudFront invalidation to remove cached copies of the old version of the page. Or you can just wait half an hour; see below.

CloudFront

The best way to serve files hosted in S3 over HTTPS and from a custom domain is to use CloudFront, which is a content distribution network much like CloudFlare but specialized for and provided by AWS.

  • DNS, managed through the CloudFlare UI, points dl.servo.org and download.servo.org at the CloudFront distribution's address (d10nsvo3b5tzwm.cloudfront.net)
  • CloudFront redirects all HTTP requests to HTTPS (configured here, login obviously required) and tries to serve users a cached copy of the file they requested when possible
    • Default TTL is currently set to 30 minutes, so it's not caching very hard -- this is configurable by editing each "behavior" under the "behaviors" tab in the cloudfront distribution's settings in the AWS console GUI
    • The distribution is currently only set to use US and Europe edge locations, since they're a bit cheaper
    • CloudFront uses the SSL cert that we give it (created with letsencrypt and using DNS to prove we control the domains) to encrypt traffic between users and CDN endpoints
    • If users complain about slow downloads, we can enable more endpoints near them

Handing out permissions

https://github.com/servo/servo/wiki/Governance has guidance on who should get which perms.

Tidy on PyPi

This guide is good.

To release a new version:

  • Make sure you have ~/.pypirc with the creds from the secrets doc
  • Bump the version in servo/python/tidy/setup.py
  • servo/python/tidy $ python setup.py sdist upload -r pypitest
  • Check that it showed up here
  • servo/python/tidy $ python setup.py sdist upload -r pypi
  • Check that it showed up here

Other Links

General information about the project's infrastructure goes in this wiki and should be linked from this list:

Clone this wiki locally