[14:46:19] <Ada_Lovelace> Hello everybody! :)
[14:50:01] <IonutVan_> hi
[14:50:35] <Ada_Lovelace> Who wants to log our meeting?
[14:51:42] <tampakrap> I'm logging
[14:51:58] <Ada_Lovelace> Cool. :)
[14:56:48] <IonutVan_> I knew that the meeting was postponed because of FOSDEM and now I have some visitors. But, I will check the logs, of course
[14:57:36] <cboltz> IonutVan_: some of us are at fosdem
[14:57:43] <cboltz> come to the ownCloud booth ;-)
[14:57:50] <Ada_Lovelace> You can read all here, too. That will be enough for you.
[14:58:10] <IonutVan_> cboltz, I am not there :)
[14:58:23] <Ada_Lovelace> We are using the ownCloud wifi at FOSDEM. :)
[14:58:25] <cboltz> your fault ;-)
[14:58:28] <IonutVan_> Ada_Lovelace, I will have a look from time to time :)
[14:58:45] <IonutVan_> cboltz, :P
[15:00:19] <Ada_Lovelace> Let's start the meeting. :)
[15:00:53] <Ada_Lovelace> We saw new attacks on our infrastructure.
[15:01:09] <Ada_Lovelace> Look to news.opensuse.org.
[15:01:48] *** Joins: orangecms (~cyrevolt@2001:67c:1810:f055:410:62c6:1e9b:8295)
[15:01:56] <orangecms> helloooo
[15:02:35] <Ada_Lovelace> Theo? What do you say?
[15:03:09] <tampakrap> regarding the attack?
[15:03:15] <Ada_Lovelace> Yes
[15:03:40] <IonutVan_> Ada_Lovelace, there is a vulnerability in wordpress 4.7.1. https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html
[15:03:45] <tampakrap> the issue has been raised to MF-IT to update wordpress and restore the content, and make sure nothing else was touched
[15:03:58] <tampakrap> also notified my managed christian
[15:04:12] <tampakrap> meanwhile, if you can find somebody at fosdem that has proper access to restore the content do it please
[15:04:18] <Ada_Lovelace> Ok. We'll recommend Doug to change the password, too.
[15:04:24] <tampakrap> I asked for access as well
[15:04:41] <tampakrap> the password doesn't have to be changed
[15:04:45] <Ada_Lovelace> Who is admin for wordpress?
[15:05:00] <tampakrap> I don't know
[15:05:12] <tampakrap> I'm trying to figure out
[15:05:21] <Ada_Lovelace> I'll ask Doug.
[15:05:41] <Ada_Lovelace> Anybody gave him access....
[15:06:33] <IonutVan_> what about a kind of list with: service -> responsible person? I think something like that could be useful
[15:07:34] <tampakrap> IonutVan_: already wip https://progress.opensuse.org/projects/opensuse-admin-wiki/wiki/List_of_machines
[15:08:04] *** Joins: lars_ (bc69a4a6@gateway/web/freenode/ip.188.105.164.166)
[15:08:13] <tampakrap> but news.o.o along with the rest of the services that are hosted in provo have people from MF-IT as responsible, and I am not sure who is supposed to be our opensuse admin from MF-IT provo now
[15:08:55] <Ada_Lovelace> @Lars: Do you know wordpress admins?
[15:09:12] <lars_> Ada_Lovelace: not really, sorry.
[15:09:37] <lars_> ...and sorry for being late, but my pidgin does not want to log in :-/
[15:09:41] <Ada_Lovelace> Ok. My next step after the meeting: Asking Doug who gave him access.
[15:10:00] <lars_> Do we have a bot - or someone who is keeping a log ?
[15:10:01] <tampakrap> Ada_Lovelace: the guy that gave him access could be whoever has appropriate perms to do that on the wordpress instance
[15:10:02] <Ada_Lovelace> We speak about the spam on news.opensuse.org
[15:10:15] <tampakrap> doesn't mean that the same guy has appropriate perms to udpate wordpress
[15:10:19] <tampakrap> lars_: I am logging
[15:10:25] <Ada_Lovelace> Yes. And the person has admin access...
[15:10:27] <lars_> thanks!
[15:10:42] <tampakrap> maybe not, this is what I am trying to explain
[15:10:50] <Ada_Lovelace> ok
[15:10:57] <cboltz> the interesting detail is that news.o.o seems to get wordpress updates - just not fast enough :-/
[15:11:06] <tampakrap> feel free to ask douglas who gave him access, but the person he might point you out doesn't necessarily mean he is the guy we are searching for
[15:11:17] <lars_> you mean that "Hacked By MuhmadEmad" entry?
[15:11:23] <Ada_Lovelace> yes
[15:11:32] <lars_> ah, ok
[15:12:05] *** Joins: mrz__ (~mrz@122.177.219.203)
[15:12:14] <lars_> IMHO the problem is the same as with all the other services hosted "outside" Nuremberg: we do not really have access nor do we really know who takes care, right?
[15:12:21] <Ada_Lovelace> We need a wordpress update very fast.
[15:12:42] <lars_> well: we do not only need an update, we need someone who can shut down the instance and investigate the issue
[15:12:44] <Ada_Lovelace> UI access as a admin should be enough
[15:12:59] <tampakrap> nope it is not
[15:13:02] <lars_> otherwise nobody will know what else might be affected
[15:13:14] * cboltz considers switching to S9Y, which is "boring" on the security side (maybe one update per year)
[15:13:28] <cboltz> (but obviously, that's a long-term goal, nothing for today)
[15:13:48] *** Quits: mrz_ (~mrz@122.177.196.36) (Ping timeout: 240 seconds)
[15:14:07] <lars_> well: I'm always thinking why we do not have the "Automatic-Update" feature enabled for all the wordpress instances, if the admins do not really care
[15:14:44] <lars_> but I'm also not sure if the problem was not simply the password rom Doug - so without further investigation, I doubt that everything we want or do is senseless
[15:14:51] <tampakrap> it is not the password
[15:14:59] <tampakrap> so I will sum up because you are missing the details
[15:15:06] <lars_> probably yes, right
[15:15:16] <tampakrap> there is a vuln on 4.7.1, fixed on 4.7.2 regarding API
[15:15:28] <tampakrap> I sent a mail to people that might be able to restore the post
[15:15:32] <lars_> tampakrap: do you know if some one escalated the issue already ?
[15:15:48] <tampakrap> and also raised a ticket to MF-IT, and pointed it to cmueller already so he can mark it as urgent
[15:15:55] <lars_> ok, thanks!
[15:15:58] <tampakrap> you have a copy of that in ops-services@s.d
[15:16:30] <tampakrap> so what we need to do is: 1) more people with admin access on the UI (already volunteered for that) 2) figure out who is our provo opensuse contact
[15:16:40] <cboltz> what does urgent mean in provo terms? *SCNR*
[15:16:43] <tampakrap> 3) shut down the instance and check what has been compromised
[15:17:02] <lars_> funny: lizards.opensuse.org seems currently not to be affected
[15:17:18] <tampakrap> 4) restore the posts
[15:17:24] <tampakrap> 5) update wordpress and bring it back online
[15:17:26] <tampakrap> that's all
[15:17:35] <lars_> tampakrap: ui access will not really help if the crap is on the system already ;-)
[15:18:00] <tampakrap> I know but it is an improvement
[15:18:07] <tampakrap> because root access I know we can't get
[15:18:23] <tampakrap> and not only for this case, but for the future as well
[15:18:23] <Ada_Lovelace> That was the reason for me to speak with Doug additionally....
[15:19:11] <lars_> tampakrap: no, I doubt that we will get root access...
[15:19:28] <tampakrap> my point exactly
[15:19:50] <cboltz> looks like news.o.o is the next thing to migrate to the new infra...
[15:19:59] <tampakrap> even if they can set up wordpress to run with a dedicated user and give me access to this user I would be happy
[15:20:08] <tampakrap> so I can update wordpress myself instead of waiting for them
[15:20:18] <tampakrap> but I'm pretty sure any ssh access to that machine is restricted
[15:21:16] <lars_> tampakrap: well, the plan was to migrate everything openSUSE related to the Provo cloud asap
[15:21:25] <lars_> that included also all the PHP-stuff
[15:21:33] <Ada_Lovelace> What is the status? ;)
[15:22:01] <lars_> but as it looks like we get more and more problems, I think we need to escalate it further and check for alternatives
[15:22:34] <tampakrap> regarding opensuse cloud, last thing I heard is that it was supposed to be ready on friday, but on friday I was sick and didn't get the final status
[15:22:41] <lars_> Ada_Lovelace: the status is a bit better than a few weeks ago - but still not satisfying
[15:23:07] <cboltz> what's the problem this time?
[15:23:15] <lars_> tampakrap: if it would not be so sad, I would say: did you ask which Friday ? ;-)
[15:23:48] <lars_> cboltz: you should ask gschlotter for details
[15:24:07] <orangecms> We could also ask for sponsoring at DigitalOcean, they are quite open and approachable
[15:24:09] <tampakrap> yeah let's not make assumptions, we can have a concrete status from gschlotter on monday
[15:24:19] <lars_> cboltz: but IMHO the access to the storage was the last problem - before the connection got lost completely
[15:24:41] <lars_> but that's all I can tell from a far view point
[15:24:49] <cboltz> nice[tm]
[15:24:54] <lars_> orangecms: good idea? Do you have any contacts?
[15:25:05] <cboltz> gschlotter: do you know more details?
[15:25:30] <tampakrap> he is not here
[15:26:24] <orangecms> Well, I could approach Allan Jude, who's running the BSDNow podcast, and that is sponsored by DO
[15:26:37] <orangecms> He's at the FreeBSD stand :-)
[15:26:58] <cboltz> another option would be to ask Hetzner if they can sponsor some servers
[15:28:04] <Ada_Lovelace> noris networks is the sponsor of debian. I don't believe they support openSUSE....
[15:28:32] <Ada_Lovelace> heinlein is open for us and has got his own ISP.
[15:29:16] <Ada_Lovelace> But he isn't at FOSDEM.
[15:29:28] <orangecms> It would also be a cool thing if DigitalOcean could be bumped to offer openSUSE images in general. For now they have Ubuntu, FreeBSD, Fedora, Debian, CoreOS and CentOS
[15:29:49] <lars_> cool ideas!
[15:29:54] <Ada_Lovelace> Should I ask Peer?
[15:30:07] <lars_> I would say: go for it! for all ideas
[15:30:17] <lars_> better to have too much alternatives in the end than nothing ;-)
[15:30:45] <lars_> Ada_Lovelace: ..and you probably want to get the openSUSE board with you
[15:31:06] <Ada_Lovelace> He can become our rack sponsor instead of marketing sponsor. :)
[15:31:07] <lars_> as I think we need to push the Provo guys to get things done asap
[15:31:40] <cboltz> this time please _really_ take a video of it ;-)
[15:32:23] <lars_> cboltz: I think "50 shades of Provo" might not be a good title :-)
[15:32:45] <cboltz> why not? ;-)
[15:33:00] <cboltz> oh, wait - make it "100 shades of Provo" ;-)
[15:34:21] <lars_> do we have some other topics ?
[15:34:28] <orangecms> Absolutely, I'll go over there later and poke Allan :D
[15:35:28] *** Joins: kl_eisbaer1 (~kl_eisbae@dslb-188-105-164-166.188.105.pools.vodafone-ip.de)
[15:35:35] <Ada_Lovelace> I'll write tomorrow (after my last test in Computer Science this semester).
[15:36:23] <kl_eisbaer1> so we do not have other topics than the hacked news.o.o ?
[15:36:41] <cboltz> we have ;-)
[15:36:54] <cboltz> do you prefer a nice one or a not-so-nice one first?
[15:37:09] <lars_> after the first topic, I would prefer a nice one :-)
[15:37:10] <Ada_Lovelace> No.No.
[15:37:11] <orangecms> Start with the bad ones :D
[15:37:21] <lars_> *seufz*
[15:37:24] <lars_> ok
[15:37:28] * orangecms sighs
[15:37:39] <Ada_Lovelace> status of progress
[15:38:08] <cboltz> we have lots of bitrotting tickets
[15:38:23] <cboltz> and lots of them even block external contributors
[15:38:28] <Ada_Lovelace> Who wants to create all the OBS repositories?
[15:38:55] <Ada_Lovelace> Who wants to add mirrors or fixes issues there?
[15:38:56] <lars_> Ada_Lovelace: that area will be covered by Darix in a few days
[15:39:07] <cboltz> define "a few" ;-)
[15:39:12] <lars_> Ada_Lovelace: ...and mirrors was a topic for mcaj and gschlotter
[15:39:13] <Ada_Lovelace> What is "in a few days"?
[15:39:25] <lars_> Ada_Lovelace: once he feels better, I would say
[15:39:38] <Ada_Lovelace> Should we assign it all to them? ;)
[15:40:43] <lars_> Ada_Lovelace: I would say yes
[15:41:00] <Ada_Lovelace> Ok. We'll do. :)
[15:41:04] <lars_> Ada_Lovelace: and use the "Due date"
[15:41:18] <Ada_Lovelace> How long do they have time?
[15:41:34] <lars_> Ada_Lovelace: as they are not here, I would say we need to think for them
[15:41:39] <lars_> what about 2 weeks ?
[15:41:40] <tampakrap> put me there as well
[15:42:25] <Ada_Lovelace> We are happy with 2 weeks. We would have a really empty queue if they would fix all in this time. :)
[15:42:26] <lars_> should we think about an "obs" and "mirror" group ?
[15:42:40] <Ada_Lovelace> Ok. We'll add you.
[15:42:50] <tampakrap> we have both
[15:42:56] <tampakrap> group and category
[15:43:18] <tampakrap> I would actually kill groups and keep categories only
[15:43:20] <Ada_Lovelace> But admin groups. And Adrian asked why he got these issues.
[15:43:40] <tampakrap> I don't follow
[15:43:45] <Ada_Lovelace> He doesn't create OBS repositories.
[15:43:54] <tampakrap> true, darix does
[15:44:19] <Ada_Lovelace> Adrian is in the OBS admin group and doesn't fix "Create repository" issues.
[15:44:30] <cboltz> BTW: is there a way to see who is "behind" a group in progress? (as in: who gets mailed?)
[15:44:33] <tampakrap> correct, don't assign them to obs group but to darix
[15:44:41] <tampakrap> cboltz: yes at the admin settings
[15:44:48] <tampakrap> you want a link?
[15:44:52] <lars_> cboltz: IMHO only progress admins can have a look who is in which group
[15:45:05] <tampakrap> https://progress.opensuse.org/groups
[15:45:19] <cboltz> that goes 403 for me
[15:45:24] <orangecms> This looks interesting, regaring news.o.o http://www.zone-h.org/archive/notifier=muhmademad?zh=1
[15:46:00] <lars_> Ada_Lovelace: so we have assigned all mirror and OBS tickets. Are there more ?
[15:46:14] <Ada_Lovelace> Yes.
[15:46:53] <cboltz> there are 5 pages with various tickets that don't fit into any group
[15:46:59] <cboltz> (or I was too lazy to sort them)
[15:47:13] <cboltz> so please check them and assign them to the right person
[15:47:18] <cboltz> (and set the due date ;-)
[15:47:31] <orangecms> Apparently someone has simply automated crawling the web for WP < 4.7.2 instances and injects her defacements automatically.
[15:47:37] <Ada_Lovelace> We'll have fun with 2 weeks. ;)
[15:48:27] <tampakrap> anything more? should we move?
[15:48:40] <Ada_Lovelace> next topic: wiki ideas
[15:50:18] <Ada_Lovelace> We had a discusion on our wiki mailing list because of too many tools for documentation. I found the github extension for mediawiki. So we can get upstream docu from github. All will be loaded from there at the timestamp of loading the wiki page. :)
[15:50:56] <Ada_Lovelace> We will have the updated documentation in the wiki you can ever have. ^^
[15:51:01] <cboltz> for an example, see http://paste.opensuse.org/68489949
[15:51:16] <cboltz> (just a random README.md loaded into the test wiki on my laptop)
[15:51:24] <Ada_Lovelace> We tested it today. :)
[15:51:34] <tampakrap> I don't follow sorry
[15:51:37] <cboltz> at the wiki side, it's just    {{#github:README.md|openSUSE/geekodoc|develop}}
[15:51:40] <tampakrap> bear with me, still sick
[15:51:58] <cboltz> tampakrap: think of "iframes on steroids" ;-)
[15:52:16] <tampakrap> you create a github repository, and then load its README.md into the opensuse wiki?
[15:52:25] <cboltz> right
[15:52:51] <cboltz> and it gets updated automatically if it changes on github
[15:53:00] <Ada_Lovelace> We don't want to write documentation. We want to automate it with the github extension (documentation of different projects on github).
[15:53:02] <tampakrap> okay and if I change it on the web?
[15:53:10] <tampakrap> doesn't get automatically committed on github?
[15:53:26] <cboltz> in the wiki, you just need    {{#github:README.md|openSUSE/geekodoc|develop}}
[15:53:34] <cboltz> so you can't edit it directly in the wiki
[15:53:38] <tampakrap> ah okay, so you can't touch it
[15:54:01] <tampakrap> okay and which repos' docs you want to load on the wiki?
[15:54:12] <tampakrap> or you just want to offer it as a generic feature for the community?
[15:54:16] <Ada_Lovelace> You work in github then.That's easier for our developers, too.
[15:54:33] <cboltz> we'll offer it as feature for everybody who wants to use it
[15:54:38] <orangecms> You can add above/below if you want to state errata or have more info etc
[15:54:47] <orangecms> The best thing would be contributing to upstream imho
[15:54:59] <Ada_Lovelace> We want to represent it at the next oSC.
[15:55:22] <tampakrap> okay
[15:55:39] <tampakrap> assuming there are no security concerns for this plugin, +1 from me
[15:55:55] <Ada_Lovelace> Thanks! We'll try it.
[15:56:55] <tampakrap> okay anything further to discuss on it, or it was just to inform us?
[15:57:23] <Ada_Lovelace> We wanted to get your feedback and your SUSE view.
[15:58:06] <tampakrap> there's no SUSE view, we are all volunteers here :)
[15:58:09] <tampakrap> next topic?
[15:58:13] <Ada_Lovelace> You know many SOSE developers who write documentations. Do they prefer github?
[15:58:44] <tampakrap> there are quite of suse/opensuse projects on github
[15:59:12] <tampakrap> what everyone prefers is not that relevant actually, there are reasons to use a web wiki or a git based documentation based on various factors
[15:59:18] <Ada_Lovelace> Yes. That's it!
[16:00:02] <tampakrap> so next topic?
[16:00:24] <orangecms> tampakrap, should everyone you created an account for on gitlab.o.o have received some individual inviation email?
[16:00:35] <Ada_Lovelace> It seems we have all finished.
[16:00:40] <tampakrap> so my turn
[16:00:59] <tampakrap> as orangecms said, gitlab.o.o is on the internet now, along with the salt repository
[16:01:30] <tampakrap> relevant people should have gotten a mail with their account, and also should have been granted appropriate permissions to see the salt repository
[16:01:38] <tampakrap> if you didn't get one of those two, let me know please
[16:01:58] * orangecms raises a hand
[16:02:14] <tampakrap> also, I will create two-three VMs for testing purposes so we can experiment
[16:02:14] <lars_> tampakrap: I'm not sure, but I guess if  I can not log in any more, I can simply use the "password forgotten" link, right?
[16:02:31] <tampakrap> orangecms: what's your connect profile please?
[16:02:39] <tampakrap> lars_: yes and if it doesn't work let me know please
[16:02:46] <lars_> ok, thanks
[16:03:04] <orangecms> It's orangecms
[16:03:31] <tampakrap> in order to check out the repo you need to put in your .ssh/config something that cboltz will tell you, I don't have it now handy sorry :)
[16:04:03] <tampakrap> I also sent mail to a few opensuse guys that are quite experienced with salt, one of them joined us already
[16:04:21] <orangecms> Yup, I've done that already
[16:04:37] <orangecms> the SSH config I mean :)
[16:04:45] <tampakrap> regarding the salt code, you do NOT have access to the production branch (yet)
[16:04:55] <orangecms> It's here https://progress.opensuse.org/projects/opensuse-admin-wiki/wiki/Salt_repository_layout
[16:05:05] <cboltz> the details for SSH are in the admin wiki, and a link to it is on the heroes ML
[16:05:12] <tampakrap> so you will need to file merge requests and one of me, darix kl_eisbaer and gschlotter should be able to merge it
[16:05:28] <orangecms> It's fine, I prefer having a review anyway
[16:05:40] <orangecms> brb
[16:06:06] <tampakrap> for questions regarding ops/structure/whatever feel free to contact me
[16:06:13] <tampakrap> questions?
[16:06:57] <tampakrap> I take that as a no
[16:06:59] <cboltz> FYI - I'll probably ping you in the next days to get the wiki salt files into the repo
[16:07:08] <tampakrap> okay
[16:07:12] <lars_> tampakrap: I know it's in the repo, but which hosts and which formulas (or files) are under Salt control now? Do you have some percentages=
[16:07:25] <lars_> s/=/?
[16:07:30] <tampakrap> lars_: this brings me to my last topic :)
[16:07:47] <tampakrap> although already said it before, just so that everybody is aware
[16:08:03] <tampakrap> I have started a wiki page with inventory regarding all of the opensuse hosts https://progress.opensuse.org/projects/opensuse-admin-wiki/wiki/List_of_machines
[16:08:15] <lars_> ...and also interesting to me is: https://progress.opensuse.org/issues/16126
[16:08:47] <tampakrap> it has the hosts fqdn, cnames, admin contacts, to which salt environment they belong and to which virt cluster
[16:09:01] <tampakrap> so I started with the machines that are under the opensuse.org salt master, minnie.opensuse.org
[16:09:11] <lars_> as it looks like we need to make sure that we know which packages are currently comming from other repositories before we disable the non-standard ones
[16:09:22] <tampakrap> and I will continue with the opensuse.org or mixed suse/opensuse hosts that are controlled by SUSE-IT
[16:09:28] <tampakrap> and the hsots that are in provo
[16:09:41] <cboltz> FYI: doug said that henne created his account for news.o.o
[16:09:45] <lars_> tampakrap: this list seems to be handcrafted
[16:09:55] <tampakrap> yes still wip
[16:09:57] <lars_> tampakrap: isn't there a way to get it automated via Salt ?
[16:10:11] <lars_> otherwise I fear that this table will get outated very soon
[16:10:16] <tampakrap> it is, but the information is in salt first
[16:11:06] <lars_> tampakrap: ok, so my question would be: can we agree on using only Salt to host this information?
[16:11:26] <lars_> having duplicate information somewhere is always the starting point of nightmares
[16:11:32] <tampakrap> regarding your repos ticket, I replied there already, I took care of the packages' being in the openSUSE:infrastructure repo, so please be more specific on what is missing so I can fix it (I did like 3 hosts only iirc)
[16:11:57] <tampakrap> to do this, we need to agree on how to have that info in salt first (documented)
[16:12:01] <lars_> ...and if we need the information about the hosts and their admins in Salt anyway, I do not really see why we need to maintain a manual list elsewhere
[16:12:10] <tampakrap> then I can create the script that exports them from salt and puts them into the wiki
[16:12:29] <lars_> tampakrap: I did not tell you which hosts I mean because this would be the easy fix ;-)
[16:12:31] <tampakrap> and yes I really support this idea
[16:12:38] <cboltz> lars_: I completely agree about storing this in salt, but _for now_ the list in the wiki is better than nothing
[16:12:55] <tampakrap> cboltz: putting the info into salt is much less effort than the wiki page
[16:12:56] <lars_> tampakrap: we should run a script that prints out all the packages NOT from our standard repos
[16:13:39] <lars_> tampakrap: if it's currently more effort to maintain the list in the wiki, please stop doing it and concentrate on the real work :-)
[16:14:08] <lars_> once we have time, we can write a script to update a wiki page automatically - if this is still needed
[16:14:37] <tampakrap> agreed
[16:15:15] <lars_> cboltz: and having an updated list in the wiki is a good starting point for failures, so even if I can understand your wish (especially as wiki admin ;-), I would love to NOT have it
[16:15:28] <lars_> s/updated/outdated/
[16:17:16] <lars_> for the package issue, here is a very quick hack:
[16:17:19] <lars_> for pkg in $(rpmqpack); do rpm -q --qf "%{NAME} %{DISTURL}\n" $pkg | grep -v "openSUSE:Leap:42.2"; done
[16:18:24] <lars_> or maybe better search for the DISTRIBUTION string, which should not match "openSUSE Leap 42.2"
[16:18:57] <lars_> something like this (together with the list in /etc/nagios/check_zypper-ignores.txt) should bring us on the right track
[16:19:27] <lars_> I guess especially the check_zypper-ignores.txt file should indeed be very helpfull for a first look on a machine
[16:19:43] <lars_> because there I listed all the unmaintained packages anyway
[16:19:53] <tampakrap> I also have the code ready to install a bunch of packages on salt based on roles (also for common packages)
[16:19:56] <Ada_Lovelace> Theo: You should lolgin into the atreju cluster and shutdown the vm with wordpress.
[16:19:58] <lars_> so it's just a question if all those packages in that file are still installed
[16:20:24] <lars_> Ada_Lovelace: we do not have access to those machines - they are running in Provo, not in NUE
[16:20:25] <tampakrap> there will be able also the opportunity to select from which repo you want the package installed
[16:20:49] <tampakrap> then the zypper-ignores.txt can be generated from salt as well
[16:20:51] <Ada_Lovelace> via UI, too?
[16:21:01] <lars_> tampakrap: that sounds great !
[16:21:21] <lars_> Ada_Lovelace: not at all
[16:24:01] <tampakrap> I have another topic regarding naming pattern, but I'll skip it for the meeting and probably discuss it over mail
[16:24:12] <tampakrap> so if there is nothing else to discuss let's close the meeting please
[16:24:20] <tampakrap> as I'm sick and want to go back to bed
[16:24:21] <lars_> tampakrap: can you sent me the ticket ID for the hacked wordpress , please?
[16:24:27] <Ada_Lovelace> nothing else
[16:24:50] <tampakrap> lars_: didn't get an incident response yet, do they create them manually?
[16:24:59] <lars_> tampakrap: please do not ask ;-)
[16:25:25] <lars_> tampakrap: JFYI: I added Mike and Roland into the loop
[16:25:28] <tampakrap> okay meeting over then, next one 5th of march
[16:25:40] <tampakrap> good
[16:25:43] <lars_> but now to something completely different - if you agree ;-)
[16:25:44] <Ada_Lovelace> good
[16:25:59] <lars_> https://demo.cachethq.io/
[16:25:59] <Ada_Lovelace> close the log ;)
[16:26:16] <lars_> I was thinking about the status page that I wanted to create
[16:26:55] <lars_> ...and my current assumption (if I look on our "always red" monitoring page): if we just use the output from our monitoring as status page, that will not really be what our users want to see
[16:27:07] <lars_> even if we use the business process add-on
[16:27:33] <lars_> So what do your think about the idea to use the software "Cachet" https://github.com/CachetHQ/Cachet instead ?
[16:27:52] <lars_> there we can create Categories (like OBS, Email, Wiki) and add information there
[16:28:00] <lars_> information from humans like us
[16:28:11] <lars_> or information from ticket or monitoring systems
[16:28:35] <lars_> the only problem I have at the moment. Cachet can be patched to accept LDAP accounts - but not more
[16:29:07] <lars_> and as long as we do not have the FreeIPA solution ready, I'm unsure how to proceed
[16:29:31] <lars_> because I do not want to open it up for everyone inside the community how might have a wiki account to create incidents there
[16:29:59] <lars_> instead again just allowing us access
[16:30:16] <lars_> this might be the same number of people who now has access to the github pages
[16:30:48] <lars_> so I'm a bit blocked by now by the availability of the FreeIPA solution :-(
[16:31:06] <lars_> ....otherwise, it might be a good time now to think if Cachet would make sense as status page ?
[16:31:14] <lars_> What do YOU think?
[16:31:29] <Ada_Lovelace> We have to close the session. The FOSDEM is closed in half an hour.
[16:31:37] <lars_> ok
[16:31:54] <lars_> Just write me an email ;-)
[16:32:07] <lars_> ....and sent some pictures from FOSDEM :-)
[16:32:13] <Ada_Lovelace> I'll add you on CC in  the mail to Peer. :)
[16:32:51] <IonutVan_> it seems that the spam was removed from news.o.o. https://news.opensuse.org/
[16:33:06] <cboltz> lars_: no pictures - you'll need to come to FOSDEM next year to see it ;-)
[16:33:23] <lars_> och, menno! ;-)
[16:33:46] <Ada_Lovelace> Doug has got the information. :)
[16:34:34] <Ada_Lovelace> Bye!