Infrastructure
Servo's infrastructure is managed with SaltStack. Issues directly related to to the infrastructure's configuration should be filed on the SaltFS repo.
General infrastructure issues are filed under the A-Infrastructure tag in the main Servo issue tracker.
Servo's DNS and SSL are managed through CloudFlare. Credentials for logging into CloudFlare are in the doc with all the other secrets. DNS entries are accessed by clicking the blue square labeled "DNS" in the row of blue squares near the top of the page.
We use S3 to host nightlies and the downloads page. The servo-builds2 bucket can be accessed directly at https://servo-builds2.s3.amazonaws.com/index.html. Due to redirection silliness, the buckets download.servo.org and dl.servo.org exist. Their sole purpose is to redirect traffic to the servo-builds2 bucket in the way that AWS demands; nobody can nor should upload any files to them ever.
The "Servo Developer Preview Downloads" page on S3 is raw HTML, CSS, and bootstrap yanked from the servo.org main page in June 2016. Edit it by downloading the HTML, making changes, and re-uploading to the servo-builds S3 bucket (sorry!). The files are available in this repo: https://github.com/servo/download.servo.org.
If it's super urgent or you're impatient, you can then create a CloudFront invalidation to remove cached copies of the old version of the page. Or you can just wait half an hour; see below.
The best way to serve files hosted in S3 over HTTPS and from a custom domain is to use CloudFront, which is a content distribution network much like CloudFlare but specialized for and provided by AWS.
- DNS, managed through the CloudFlare UI, points
dl.servo.organddownload.servo.orgat the CloudFront distribution's address (d10nsvo3b5tzwm.cloudfront.net) - CloudFront redirects all HTTP requests to HTTPS (configured here, login obviously required) and tries to serve users a cached copy of the file they requested when possible
- Default TTL is currently set to 30 minutes, so it's not caching very hard -- this is configurable by editing each "behavior" under the "behaviors" tab in the cloudfront distribution's settings in the AWS console GUI
- The distribution is currently only set to use US and Europe edge locations, since they're a bit cheaper
- CloudFront uses the SSL cert that we give it (created with letsencrypt and using DNS to prove we control the domains) to encrypt traffic between users and CDN endpoints
- If users complain about slow downloads, we can enable more endpoints near them
https://servo.org/contributing/#collaborators has guidance on who should get which perms.
This guide is good.
To release a new version:
- Make sure you have
~/.pypircwith the creds from the secrets doc - Bump the version in
servo/python/tidy/setup.py servo/python/tidy $ python setup.py sdist upload -r pypitest- Check that it showed up here
servo/python/tidy $ python setup.py sdist upload -r pypi- Check that it showed up here
General information about the project's infrastructure goes in this wiki and should be linked from this list:
- Adding a repo to Homu
- CI Services we use
- Homu UI
- Updating the Rust compiler used by Servo
- Buildbot administration - has list of IPs
- Buildbot UI
- SaltStack Administration
- Servo's Highfive
- Servo's Crowbot
- Removing push notifications from IRC hooks
- IRC Bots in
#servoand related channels - TaskCluster and Servo