Activity

30 days up to

User

Subprojects

Activity

From 2025-04-13 to 2025-05-12

Today

19:20 tickets #182243: Refactor Redmine theme for progress.o.o: This should be the normalize version ours is based on:
https://github.com/necolas/normalize.css/blob/3.0.2/normali... crameleon
19:13 tickets #182243: Refactor Redmine theme for progress.o.o: Thanks for looking into it. I also wondered about the approach to start from scratch and to only add openSUSE relevan... crameleon
19:08 tickets #182243: Refactor Redmine theme for progress.o.o: I had a quick look at https://github.com/tacerus/redmine-opensuse-theme/blob/refactor/src/sass/components/_opensuse.s... cboltz
18:28 tickets #182243 (New): Refactor Redmine theme for progress.o.o: Currently the theme is https://github.com/tuanpembual/redmine-opensuse-theme with several patches on the package http... crameleon
18:42 tickets #168493 (Closed): monitor.i.o.o rsyslogd dies randomly: rsyslog is gone. crameleon
18:41 tickets #182246 (New): syslog server for SLC1: Currently machines in SLC1 send syslog data to PRG2. This is inefficient. There should be a local syslog server in SL... crameleon
18:38 tickets #166475 (Resolved): Deploy syslog-ng (and forward non-syslog logs to syslog server): Rolled out to all clients last month. crameleon
18:36 tickets #173767 (Resolved): New debuginfod deployment: crameleon
18:36 tickets #176187: doc.opensuse.org : Objekt nicht gefunden: Hello,
where did you find that link? crameleon
18:34 tickets #176799 (Workable): [Heroes VPN] wombelix is inactive: crameleon
18:34 tickets #181514 (Closed): The results of your email commands: crameleon
18:34 tickets #181511 (Closed): The results of your email commands: crameleon
18:33 tickets #181190 (Workable): [Heroes VPN] krauselukas is inactive: crameleon
16:52 tickets #180794: Username Blocking/Banning on paste.o.o: Added. crameleon
16:49 tickets #182045 (Resolved): progress.opensuse.org often responds with "Slow down, fast geeko!" in particular when accessed from SUSE Nbg offices: https://progress.opensuse.org/projects/opensuse-admin/repository/salt/revisions/a93c149d072975412f334de7954005cc7e5f68f9 crameleon
16:11 tickets #182045: progress.opensuse.org often responds with "Slow down, fast geeko!" in particular when accessed from SUSE Nbg offices: https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2460 crameleon
15:58 tickets #182045 (In Progress): progress.opensuse.org often responds with "Slow down, fast geeko!" in particular when accessed from SUSE Nbg offices: crameleon
13:19 tickets #182045: progress.opensuse.org often responds with "Slow down, fast geeko!" in particular when accessed from SUSE Nbg offices: based on this, I find SUSE NUE2 office NAT'd internet traffic to originate from
- `81.95.8.245`
- `2a01:4a0:11::2` crameleon
13:14 tickets #182045 (Workable): progress.opensuse.org often responds with "Slow down, fast geeko!" in particular when accessed from SUSE Nbg offices: crameleon
12:54 tickets #182045: progress.opensuse.org often responds with "Slow down, fast geeko!" in particular when accessed from SUSE Nbg offices: Today multiple blocks observed for my reported external IP address 81.95.8.245 okurz
16:40 Revision d188a45f (salt): Merge branch 'crameleon/progress-office' into 'production': Relax progress.o.o rate limit for SUSE office
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge... cboltz
16:09 Revision a93c149d (salt): Relax progress.o.o rate limit for SUSE office: As multiple users use progress.o.o behind NAT there, relax the request
rate limit and exclude from connection rate li... crameleon
06:52 tickets #182201 (New): mailman3 /usr/local/bin/postfix-domnotfound: mailman3.i.o.o has this:
```
$ more /usr/local/bin/postfix-domnotfound
#!/bin/sh
#
# 20230327 pjessen
# every... crameleon

2025-05-09

21:12 tickets #180794: Username Blocking/Banning on paste.o.o: @crameleon and another frequent flyer "xboxps" sfalken@cloverleaf-linux.org
14:31 tickets #182159 (Rejected): Report deactivated URL: Hi,
that points to a random users home project, users can adjust build targets / repositories in their home projec... crameleon
13:41 tickets #182159 (Rejected): Report deactivated URL: Hi there!
I would like to report that the URL
https://download.opensuse.org/repositories/home:/uibmz:/opsi:/4.3/x... nspit@outlook.com
13:51 tickets #182135 (Resolved): unable to upload files/attachments to progress.opensuse.org in comment: https://build.opensuse.org/package/rdiff/openSUSE:infrastructure:redmine/redmine?linkrev=base&rev=91 crameleon
13:49 tickets #182135 (In Progress): unable to upload files/attachments to progress.opensuse.org in comment: Thanks for confirming. crameleon
13:49 tickets #182135: unable to upload files/attachments to progress.opensuse.org in comment: Yes, perfect.
Thanks a lot! gpathak
13:11 tickets #182135 (Feedback): unable to upload files/attachments to progress.opensuse.org in comment: Hi,
does it work now? crameleon
12:28 tickets #182135 (Resolved): unable to upload files/attachments to progress.opensuse.org in comment: ### Observation
I just realised that I am unable to upload any attachments when I choose "Comment or Edit".
gpathak
08:38 tickets #182045 (Feedback): progress.opensuse.org often responds with "Slow down, fast geeko!" in particular when accessed from SUSE Nbg offices: crameleon
08:35 tickets #181940 (Resolved): l10n.o.o returns 502: Seems they resolved it in the meanwhile. crameleon
00:40 tickets #182015 (Resolved): progress.opensuse.org intermittently goes down and comes back at some specific time: I additionally completed #181676, #181643 and an update to 6.0.5 now. crameleon
00:33 tickets #181643 (Resolved): Switch Redmine to Puma: Done as well: https://progress.opensuse.org/projects/opensuse-admin/repository/salt/revisions/2da01001904e665af5ff450... crameleon
00:19 Revision fcf9a5e5 (salt): Merge branch 'crameleon/progress-cpu' into 'production': Increase progressoo vCPUs
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2459. crameleon

2025-05-08

22:15 tickets #177717: Update to Redmine 6: and #note-32 should be repaired via https://build.opensuse.org/package/rdiff/openSUSE:infrastructure:redmine/redmine-... crameleon
21:54 tickets #177717: Update to Redmine 6: regarding #note-31, it seems the SVG class changed from s18 to s16, this should solve the paperclip: https://build.op... crameleon
18:04 tickets #177717: Update to Redmine 6: The theme just gets worse :-(
![](clipboard-202505081804-rolyw.png)
crameleon
17:58 tickets #177717: Update to Redmine 6: Updating to 6.0.5 reveals yet another CSS problem:
(the paperclip is in the default theme "hidden" and only displa... crameleon
08:55 tickets #177717: Update to Redmine 6: I have created a follow-up ticket: https://progress.opensuse.org/issues/182015 for the issue gpathak
07:29 tickets #177717: Update to Redmine 6: Hi,
I think it's not related to the upgrade but to a recent influx of careless requests from bots (https://monitor... crameleon
07:02 tickets #177717: Update to Redmine 6: Hi since update happened I notice dramatically increased slowness and also up to 5 times during working day I am gett... asmorodskyi
21:00 tickets #181643: Switch Redmine to Puma: Following https://puma.io/puma/file.deployment.html again and this time *ignoring* the "Migrating from Unicorn" secti... crameleon
18:46 tickets #181643: Switch Redmine to Puma: It's quite usable now indeed, but I think about doubling the CPU cores to allow for more workers:
https://gitlab.inf... crameleon
18:32 tickets #181643: Switch Redmine to Puma: It seems enabling `preload` (https://build.opensuse.org/package/rdiff/openSUSE:infrastructure:redmine/redmine?linkrev... crameleon
18:12 tickets #181643: Switch Redmine to Puma: So whilst that worked great in my test setup, in production it is atrociously slow compared to the previous Unicorn s... crameleon
17:53 tickets #181643 (In Progress): Switch Redmine to Puma: https://build.opensuse.org/package/rdiff/openSUSE:infrastructure:redmine/redmine?linkrev=base&rev=84 crameleon
19:00 Revision 2da01001 (salt): Increase progressoo vCPUs: The existing two vCPU cores are often under high load, double cores
to allow for doubling of Puma workers.
Signed-of... crameleon
18:43 tickets #181676 (Feedback): progress.o.o: Enable caching for JS, CSS etc.: Deployed, and confirmed both in Firefox (where it shows the requests with "cached" in the "transferred" column), and ... crameleon
12:47 tickets #181676 (In Progress): progress.o.o: Enable caching for JS, CSS etc.: https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2457 crameleon
12:23 tickets #181676: progress.o.o: Enable caching for JS, CSS etc.: The `Expires` header seems to require passing a full date/time string, and HAProxy does not seem to have an equivalen... crameleon
17:53 Revision 37d08301 (salt): Merge branch 'crameleon/dotenv' into 'production': Block access to .env
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2458. cboltz
17:50 Revision 4fb25846 (salt): Merge branch 'crameleon/progress-expire' into 'production': Allow Redmine asset caching
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2457. cboltz
15:51 Revision a9b40a84 (salt): Allow Redmine asset caching: To reduce the amount of requests needed while browsing through
progress.o.o, allow browsers to cache assets for 7d by... crameleon
15:45 Revision b6c6a207 (salt): Block access to .env: We don't serve such files on any of our websites, but creative
users try to request them anyways. Avoid useless reque... crameleon
14:32 tickets #182045: progress.opensuse.org often responds with "Slow down, fast geeko!" in particular when accessed from SUSE Nbg offices: Hi,
thanks for reporting, I assume that your office makes requests from a shared address / NAT, requiring more lenie... crameleon
14:24 tickets #182045 (Resolved): progress.opensuse.org often responds with "Slow down, fast geeko!" in particular when accessed from SUSE Nbg offices: ### Observation
I found that in particular when accessed from SUSE Nbg offices progress.opensuse.org often responds ... okurz
11:54 tickets #181976: Error 503 on a repo: Hi. Could you share the output from
curl -v https://cdn.opensuse.org/geoip bmwiedemann
00:48 tickets #181976 (New): Error 503 on a repo: Good Afternoon.
After starting my daily update to my tumbleweed installation I was
presented with the following e... alexander.mennie@aol.com
09:51 tickets #181934: Redmine ImageMagick broken primitives / character handling?: I found the other relevant path now, correctly blocked via https://progress.opensuse.org/projects/opensuse-admin/repo... crameleon
09:34 tickets #182015 (Feedback): progress.opensuse.org intermittently goes down and comes back at some specific time: I deployed these changes now (https://progress.opensuse.org/projects/opensuse-admin/repository/salt/revisions/83b9fbd... crameleon
09:00 tickets #182015 (In Progress): progress.opensuse.org intermittently goes down and comes back at some specific time: Hello,
thanks for the ticket, I just submitted some restrictions to Gantt via https://gitlab.infra.opensuse.org/in... crameleon
08:52 tickets #182015 (Resolved): progress.opensuse.org intermittently goes down and comes back at some specific time: ### Observation
We are observing slow response and intermittent service outage for a very short amount of time causi... gpathak
09:33 Revision 20515365 (salt): Merge branch 'crameleon/progress' into 'production': Restrict Redmine Gantt access
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2456. crameleon
08:41 Revision 83b9fbd7 (salt): Restrict Redmine Gantt access: - The Gantt PNG export (which includes the Gantt web view) is currently broken, block
to reduce long error outputs ... crameleon
01:20 tickets #181979 (New): Mirror down for slowroll: Hi,
I believe some of the mirrors are down, but I'm quite new to opensuse
slowroll so Im not too sure. I am in Aus
... itskevintai@gmail.com

2025-05-07

16:00 tickets #181646: code.o.o (Pagure) causes DoS against id.o.o (Ipsilon): If you let me know what you're interested in, sure. On pagure01 I find it still trying to query id.o.o constantly:
... crameleon
15:47 tickets #181646: code.o.o (Pagure) causes DoS against id.o.o (Ipsilon): I'm not a hero, and don't have the right access to look, but can somebody hit me with some logs, so I can have a look... sfalken@cloverleaf-linux.org
13:14 tickets #181934: Redmine ImageMagick broken primitives / character handling?: Even though I blocked `^/projects/.*/issues/gantt` and confirmed neither the Gantt view nor the `/gantt.png` export a... crameleon
11:24 tickets #181934: Redmine ImageMagick broken primitives / character handling?: It seems this primarily ~~(or even only?)~~ affects the Gantt view of the "QA (public)" project. It also seems that t... crameleon
10:22 tickets #181934: Redmine ImageMagick broken primitives / character handling?: This matches https://www.redmine.org/issues/34046 which should have been solved via https://www.redmine.org/issues/38... crameleon
10:13 tickets #181934 (New): Redmine ImageMagick broken primitives / character handling?: I observe some of these:
```
F, [2025-05-07T10:06:39.798133 #16232] FATAL -- : [30d135a7-2c96-49bc-8993-11a14ae39... crameleon
11:14 tickets #181940 (Resolved): l10n.o.o returns 502: crameleon
08:42 tickets #128534: provo-mirror - directory index of "/srv/ftp/pub/opensuse/" is forbidden: It's a bit inconsistent as the other downloadcontent servers don't have a directory listing, but I don't mind much ei... crameleon
05:52 tickets #128534 (Feedback): provo-mirror - directory index of "/srv/ftp/pub/opensuse/" is forbidden: https://slc-downloadcontent.opensuse.org/ has directory-listing enabled now (probably via files on slc-mirror) so I g... bmwiedemann

2025-05-06

21:23 tickets #181838 (Resolved): Change #aeon:opensuse.org IRC bridge: Thanks! crameleon
10:01 tickets #181838 (Resolved): Change #aeon:opensuse.org IRC bridge: as per discussion in the channel; currently it points to #opensuse-microos-desktop, please point to #aeondesktop inst... crameleon
20:17 tickets #169012 (Workable): Cachet bootstrap and sync complete chaos: crameleon
18:07 tickets #181271: openSUSE org on Codeberg: cboltz wrote in #note-3:
> I have a (so far unused) account https://codeberg.org/cboltz so feel free to add me.
D... ph03nix
15:00 tickets #181877 (Resolved): wiki: add jeff_mahoney as admin: Done. crameleon
14:59 tickets #181877 (In Progress): wiki: add jeff_mahoney as admin: crameleon
14:57 tickets #181877 (Resolved): wiki: add jeff_mahoney as admin: Hi folks -
I'd like to be able to add myself to the board members page, but that can only be done with admin privs... jeff_mahoney

2025-05-05

19:28 Revision 9e0d9880 (salt): Merge branch 'crameleon/pillar-runner' into 'production': Factor out runner calls from pillar + cache os_pillar YAML data
See merge request https://gitlab.infra.opensuse.org/... cboltz
12:16 tickets #181769: QGis download link missing: Thanks for your quick response.
BR, Eduardo
El 4/5/25 a las 20:32, crameleon escribió:
> [openSUSE Tracker]
> I... eduardo.dejuan@gmail.com

2025-05-04

18:32 tickets #181769 (Rejected): QGis download link missing: Hi,
"Applications:Geo" is a development project, it is up to maintainers of those projects which build targets they ... crameleon
14:26 tickets #181769 (Rejected): QGis download link missing: Hi
I tried to fetch QGIS packages from the following web page:
https://qgis.org/resources/installation-guide/#s... eduardo.dejuan@gmail.com
18:04 Revision 84ee8662 (salt): Cache os_pillar YAML data: Avoid opening and loading the YAML file multiple times within the
same module to improve efficiency.
It's not quite c... crameleon
17:57 Revision ebbdf9bd (salt): Factor out runner calls from pillar: Runner execution causes pillar rendering to slow down significantly.
Move hosts functions to regular execution module... crameleon
14:05 Revision df25e5ee (salt): Merge branch 'crameleon/master-minion' into 'production': Add master minion IDs
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2452. cboltz
13:01 Revision e2a383a7 (salt): Merge branch 'crameleon/progress-ruby-ext' into 'production': progress: remove d:l:ruby:extensions
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests... cboltz
12:55 Revision b5323d9f (salt): progress: remove d:l:ruby:extensions: No longer needed, relevant packages are in o:i:redmine now.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzen... crameleon
12:24 tickets #161411: Dedicated networks for openSUSE GitHub Runners: There is a network issue with the node exporter if my research was correct:
```
May 04 12:23:47 apollo01 node_export... SchoolGuy
06:22 tickets #180794: Username Blocking/Banning on paste.o.o: Added. crameleon
01:48 tickets #180794: Username Blocking/Banning on paste.o.o: @crameleon, can you add username "Kevin mitnick" to that list please?
They just made a huge dump of nonsense on pa... sfalken@cloverleaf-linux.org

2025-05-03

22:25 tickets #161411: Dedicated networks for openSUSE GitHub Runners: !2447 is now merged/deployed. crameleon
21:15 Revision 38e0abcb (salt): Merge branch 'crameleon/jq' into 'production': Move jq to common
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2453. cboltz
21:14 Revision 76350039 (salt): Merge branch 'crameleon/apollo-wide' into 'production': Asgard: wide internet access for ghr
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests... cboltz
18:42 Revision 448ed787 (salt): Asgard: wide internet access for ghr: As per discussion in https://progress.opensuse.org/issues/161411,
further restriction seem not realistic with setup o... crameleon
18:40 Revision a7df775a (salt): Move jq to common: Planned maintenance tooling will need this to parse systemd JSON output.
It is also useful for parsing machine output... crameleon
18:35 Revision bb5d27dc (salt): Add master minion IDs: Needed for orchestration, Salt runner operates in the master context
and needs to render the pillar as well. Minion I... crameleon
15:35 tickets #181757 (Closed): Search in bugzilla.opensuse.org is not querying the complete database: Good to know that it works again.
Both domains point to the same Bugzilla instance, just slightly different branding. crameleon
15:23 tickets #181757: Search in bugzilla.opensuse.org is not querying the complete database: Thanks for the swift response. After creating this ticket, the problem on bugzilla.opensuse.org disappeared. bugzilla... hui
15:00 tickets #181757: Search in bugzilla.opensuse.org is not querying the complete database: Hi,
I'm afraid we don't manage Bugzilla, but I will try to forward your request.
Best,
Georg crameleon
12:17 tickets #181757 (Closed): Search in bugzilla.opensuse.org is not querying the complete database: Hi admins,
the search function of bugzilla.opensuse.org seems broken since last
Wednesday.
If you do a simple... hui
09:32 tickets #181754: Matomo login loop: I found one obscurity, "ServerName beans.opensuse.org:443" on a vhost with :80, corrected, but did not help. crameleon
09:24 tickets #181754 (New): Matomo login loop: Visiting https://beans.opensuse.org/matomo/, clicking "OPENSUSE HEROES LOGIN" and identifying with idm.i.o.o, throws ... crameleon
09:21 tickets #181739 (Resolved): https://beans.opensuse.org/matomo/: crameleon
09:18 tickets #181751 (Rejected): login to code.o.o not possible: Please follow https://progress.opensuse.org/issues/181646. crameleon
08:39 tickets #181751 (Rejected): login to code.o.o not possible: Trying to log in to c.o.o results in
discoveryfailure
Cheers
Axel docb@opensuse.org

2025-05-02

23:14 Revision eb9f4bb6 (salt): Merge branch 'crameleon/php-fpm-acl-tmpfiles' into 'production': php-fpm: exporter ACL tmpfiles drop-in
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_reques... crameleon
23:13 Revision baf107ac (salt): Merge branch 'crameleon/apollo-firewalld' into 'production': Apollo: manage firewalld
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2444. crameleon
23:12 Revision 8acbe1fc (salt): Merge branch 'crameleon/pagure-openid-atlas' into 'production': Reject pagure01 access to www.o.o/openid
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requ... crameleon
22:58 Revision 07705fad (salt): Reject pagure01 access to www.o.o/openid: This rule is already in place transiently due to pagure01.i.o.o
causing outage of Ipsilon on id.o.o by making over a ... crameleon
20:31 Revision 794ffd06 (salt): Merge branch 'crameleon/matomo-indexphp' into 'production': Matomo needs index.php as well
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2450. cboltz
15:29 tickets #161975: Irish Mirror: Hi Crameleon,
Is there something I can do to assist you?
--
Web World Logo
*Dave Geoghegan*
Manager/Director
Web ... daveg@webworld.ie
15:14 tickets #181739 (In Progress): https://beans.opensuse.org/matomo/: Seems to be a regression from https://progress.opensuse.org/projects/opensuse-admin/repository/salt/revisions/7373f80... crameleon
14:37 tickets #181739: https://beans.opensuse.org/matomo/: / does not look well either:
![](clipboard-202505021436-epmab.png)
crameleon
13:44 tickets #181739 (Resolved): https://beans.opensuse.org/matomo/: Looks like https://beans.opensuse.org/matomo/ is down for some reason. I'm unable to reach a login session. Basically... ddemaio
15:13 Revision 55a7f463 (salt): Matomo needs index.php as well: https://progress.opensuse.org/issues/181739
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> crameleon
07:57 tickets #177717: Update to Redmine 6: Our changes yesterday introduced a regression, the elements in the issue context menu wandered out of the box. :-(
... crameleon
00:03 tickets #161411: Dedicated networks for openSUSE GitHub Runners: Fireactions are installed, but they cannot pull from ghcr.io (GitHub Container Registry). This is not only needed for... SchoolGuy

2025-05-01

23:05 tickets #181676: progress.o.o: Enable caching for JS, CSS etc.: There is no nginx behind progress.o.o, this needs to be implemented in HAProxy (on atlas). crameleon
21:18 tickets #181676 (Feedback): progress.o.o: Enable caching for JS, CSS etc.: Currently, all JS, CSS etc. files on progress.o.o are requested from the server on every page load. They don't get ca... cboltz
20:50 communication #181673 (New): 2025-06-05 18:00 UTC: openSUSE Heroes meeting: Where: https://meet.opensuse.org/heroes
When: 2025-06-05 18:00 UTC / 20:00 CEST
Who: The openSUSE Heroes team and e... cboltz
20:46 communication #180008 (Closed): 2025-05-01 18:00 UTC: openSUSE Heroes meeting: cboltz
20:44 communication #180008: 2025-05-01 18:00 UTC: openSUSE Heroes meeting: 2025-05-01 heroes meeting
Attendees: Christian, Georg, Rachel, Tamar
status reports:
- all machines now use sy... cboltz
20:28 tickets #177717: Update to Redmine 6: Status after working on CSS together in meeting today:
- filter section aligned again
- plus buttons visible again
- ... crameleon
20:10 tickets #177717: Update to Redmine 6: To fix the button that shows the "+" sign:
```
.toggle-multiselect {
display: inline-block;
font-size: ini... cboltz
20:14 tickets #181271: openSUSE org on Codeberg: I have a (so far unused) account https://codeberg.org/cboltz so feel free to add me. cboltz
17:21 tickets #181667 (Resolved): Master Mirror Server: Great, closing for now then.
Best,
Georg crameleon
17:12 tickets #181667: Master Mirror Server: Hi,
just checked we have access to stage.opensuse.org
Sorry I didnt manage to find that url.
I dont need addit... paul.bollinger@adfinis.com
15:16 tickets #181667: Master Mirror Server: Hi,
I believe you should sync from stage.opensuse.org, but it requires allowing your source addresses. Hope mirror... crameleon
13:41 tickets #181667 (Resolved): Master Mirror Server: Dear openSUSE Admins,
we (Adfinis) operate a public mirror Server which is currently
configured to mirror from o... paul.bollinger@adfinis.com
12:23 tickets #155968 (Resolved): Repositories Down: crameleon
12:20 tickets #161975: Irish Mirror: I asked about this again. crameleon
12:18 tickets #177531 (Workable): New Mirror Request - Japan: Thanks for the correction, forwarding to also whitelist on stage.opensuse.org. crameleon
09:47 tickets #181664 (New): Request for Access to openSUSE RSYNC Source for Public Mirror: Dear openSUSE Mirror Team,
We are operating the only public mirror in Saudi Arabia, serving users across the MENA... mirrors@isu.net.sa

2025-04-30

21:06 tickets #181646: code.o.o (Pagure) causes DoS against id.o.o (Ipsilon): This also does not help: https://pagure.io/ipsilon/issue/262. ;-) crameleon
20:41 tickets #181646: code.o.o (Pagure) causes DoS against id.o.o (Ipsilon): ~~I marked code.o.o as down on status.o.o as it seems to serve 502 as a result.~~
Edit: seems it does work occasiona... crameleon
20:39 tickets #181646: code.o.o (Pagure) causes DoS against id.o.o (Ipsilon): I now blocked pagure01.i.o.o from reaching id.o.o.
Please mitigate this situation and let me know to remove the ban ... crameleon
20:36 tickets #181646 (New): code.o.o (Pagure) causes DoS against id.o.o (Ipsilon): This is just from the last 22.5 hours:
```
ldap-proxy (idp proxy server):~ # grep -c 2a07:de40:b27e:1206::a /var/... crameleon
18:22 tickets #181643: Switch Redmine to Puma: FWIW I also investigated Passenger, but we don't have any existing Passenger deployment and it would require setting ... crameleon
18:21 tickets #181643 (Resolved): Switch Redmine to Puma: Currently Redmine on progress.o.o runs with Unicorn. Puma is more modern and, going by short research in online forum... crameleon

2025-04-29

13:12 tickets #181439: Re: Two Spam Accounts in forum: > These I do not find in IDP.
Now I did ... done as well. crameleon
13:11 tickets #181439 (Resolved): Re: Two Spam Accounts in forum: > User:Siennafaleiro‎
> User:Abigailrascon9‎‎
These I do not find in IDP.
> User:Beatricerascon
> User:Scottg... crameleon
13:10 tickets #181436 (Resolved): Two Spam Accounts in forum: crameleon
13:10 tickets #181436 (In Progress): Two Spam Accounts in forum: Done, sorry for the late action. crameleon
08:57 tickets #181271: openSUSE org on Codeberg: That was me btw.
The organisation has now three admins from the openSUSE community. ph03nix

2025-04-28

23:20 tickets #177717: Update to Redmine 6: > I asked about it in https://www.redmine.org/issues/41748#note-9, if it causes an issue I can try to come up with a ... crameleon
23:13 tickets #177717: Update to Redmine 6: For reference, this is the filter look with the default theme:
![](Redmine_Upstream_Theme_Filter_Projects.png)
![... crameleon
23:00 tickets #177717: Update to Redmine 6: Made https://build.opensuse.org/package/rdiff/openSUSE:infrastructure:redmine/redmine-theme-opensuse?linkrev=base&rev... crameleon
22:40 tickets #177717: Update to Redmine 6: Ok, then it's indeed a problem where our theme is involved (I'd guess because it has a different height of the menu b... cboltz
22:17 tickets #177717: Update to Redmine 6: Thank you for the investigation.
I'm afraid it's not an upstream issue, with the default theme it looks correct:
... crameleon
22:00 tickets #177717: Update to Redmine 6: That's an interesting[tm] issue.
The page source contains `<div class="filecontent-container">` which would be ok.... cboltz
18:14 tickets #177717: Update to Redmine 6: Interestingly uploading the screenshot above revealed another CSS issue, opening the preview (/attachments/20207) the... crameleon
18:13 tickets #177717 (In Progress): Update to Redmine 6: crameleon
18:11 tickets #177717: Update to Redmine 6: One more (minor?) theme CSS issue, these filter boxes should probably be aligned horizontally. crameleon
17:36 tickets #181553 (New): events.o.o ERR_TOO_MANY_REDIRECTS due to login.opensuse.org loop: I filed this bug for someone having issues
https://github.com/openSUSE/osem/issues/3587
## Description
When... ddemaio
15:55 tickets #181439: Re: Two Spam Accounts in forum: 3 more spammmers:
User:Beatricerascon
User:Scottgenia
User:Aakruthisingh hui
14:08 tickets #161411: Dedicated networks for openSUSE GitHub Runners: I think Fireactions will give us more room for isolation improvements later on as the jobs will be VM processes from ... crameleon
11:24 tickets #161411: Dedicated networks for openSUSE GitHub Runners: Thank you for your continued support and understanding. I would leave it to you if we use GitHub Actions Runner Contr... SchoolGuy
11:09 tickets #181520 (New): We need to shut down our OpenSUSE mirror :(: Dear community!
I'm here to say to due some directive our Agency changed and our management changed with our name ... Himics.Andras@pro-m.hu
09:51 tickets #181514 (Closed): The results of your email commands: The results of your email command are provided below.
- Original message details:
From: lists.opensuse.org <Admi... kubic-bounces@lists.opensuse.org
09:50 tickets #181511 (Closed): The results of your email commands: The results of your email command are provided below.
- Original message details:
From: lists.opensuse.org <Admi... microos-bounces@lists.opensuse.org

2025-04-27

18:47 tickets #181475 (New): OBS Moderation Problem: I am a moderator on build.o.o, but apparently its either broken, or I'm
not setup properly. I get the notification... sfalken@cloverleaf-linux.org
15:55 tickets #181472 (Resolved): Mail test: crameleon
15:55 tickets #181472 (In Progress): Mail test: crameleon
15:55 tickets #181472 (Resolved): Mail test: Hello,
this is a test to assess whether email based issue creation is still
operational after the update.
Kin... georg@syscid.com
15:48 tickets #177717: Update to Redmine 6: Fonts errors seem related to this diff:
https://www.redmine.org/projects/redmine/repository/svn/revisions/23278/diff... crameleon
15:25 tickets #177717: Update to Redmine 6: - no longer needed packages removed
- updated rubygem packages copypac'd
- updated redmine packages sr'd + accepted... crameleon
15:26 tickets #164281 (Resolved): Redmine queries with "tags" yield 500 error and tag filters unavailable: With https://progress.opensuse.org/issues/177717 a newer version was installed which I hope incorporates the patches. crameleon
14:36 tickets #161411: Dedicated networks for openSUSE GitHub Runners: > on a PR of a member that hasn't made a PR which was merged, the workflow is not executed. This is the mechanism tha... crameleon
13:51 tickets #161411: Dedicated networks for openSUSE GitHub Runners: I would again like to inquire what can be done to finally have something that works for upstream. This is quite impor... SchoolGuy

2025-04-26

21:33 tickets #181439: Re: Two Spam Accounts in forum: Two more spam accounts:
User:Siennafaleiro‎
User:Abigailrascon9‎‎ hui

2025-04-25

14:17 tickets #181439 (Resolved): Re: Two Spam Accounts in forum: Dear admins,
Sorry i made a typo. The spam accounts are in the openSUSE Wiki.
Thanks in advance!
Regards
... hui
13:31 tickets #181436 (Resolved): Two Spam Accounts in forum: Dear admins,
Two Spamaccounts shihowedwed up in the openSUSE Forum and need blocking.
User:Erpqna
User:Asumi... hui
09:52 tickets #181406: gpg key signing file 'repomd.xml' has expired: Key Expires: Fri Sep 20 10:21:47 2024 (EXPIRED) for http://download.opensuse.org/update/tumbleweed/: ```
cat /etc/zypp/repos.d/download.opensuse.org-tumbleweed.repo
[download.opensuse.org-tumbleweed]
name=Hauptaktua... dheidler
09:51 tickets #181406 (New): gpg key signing file 'repomd.xml' has expired: Key Expires: Fri Sep 20 10:21:47 2024 (EXPIRED) for http://download.opensuse.org/update/tumbleweed/: http://download.opensuse.org/update/tumbleweed/
[root@midas ~]# zypper clean -a
Alle Repositorys wurden bereini... dheidler
04:58 tickets #178570 (Resolved): [openSUSEway] Request to create matrix room & telegram bridge: Thank you very much @hellcp @crameleon :) kskarthik
04:55 tickets #178570: [openSUSEway] Request to create matrix room & telegram bridge: Added IRC info to the wiki: https://en.opensuse.org/Portal:OpenSUSEway/Contact kskarthik

2025-04-23

19:45 Revision 9ca8d5d2 (salt): Merge branch 'cboltz-wiki-aa' into 'production': Update wiki AppArmor profiles
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2446.
... crameleon
18:57 Revision f60574aa (salt): Update wiki AppArmor profiles: - httpd: add "status" vhost
- php-fpm: allow writing *.tmpfsfile in images/thumb/
- pygmentize: allow reading images/... cboltz
15:06 tickets #178570: [openSUSEway] Request to create matrix room & telegram bridge: it's already bridged, I was chatting there the other day. crameleon
14:45 tickets #178570: [openSUSEway] Request to create matrix room & telegram bridge: crameleon wrote in #note-19:
> Ok, I registered #openSUSE-openSUSEway, please add to the bridge.
@hellcp please b... kskarthik
14:14 tickets #161411: Dedicated networks for openSUSE GitHub Runners: The runners in openSUSE would be for anyone in the org to use, so yes, that is a much higher level. However, since th... SchoolGuy
14:08 tickets #161411: Dedicated networks for openSUSE GitHub Runners: It's not so much about what's running in the container or VM, I trust we can implement good means of isolation, espec... crameleon
13:22 tickets #161411: Dedicated networks for openSUSE GitHub Runners: Yes, of course, but if you have ephemeral VMs with different containers with names that are previously not known, the... SchoolGuy
11:43 tickets #161411: Dedicated networks for openSUSE GitHub Runners: Thanks for explaining.
> So the VMs will get full internet access
Doesn't this put us in the same situation, wh... crameleon
06:43 tickets #161411: Dedicated networks for openSUSE GitHub Runners: P.S.: Looking at the Ansible code, they are installing everything from source. While we can change this in the long r... SchoolGuy
06:36 tickets #161411: Dedicated networks for openSUSE GitHub Runners: My understanding is that the workloads are executed in the VMs. The VM image type is, in this case, an OCI-compliant ... SchoolGuy
09:41 tickets #181283 (Resolved): Disable IDP Account: Done. crameleon
03:33 tickets #181283 (Resolved): Disable IDP Account: Please disable IDP account Bennettfe <bato3nabit@gmail.com> OBS Spam sfalken@cloverleaf-linux.org

2025-04-22

23:57 tickets #181223 (Resolved): repositories/KDE:/KDE3/openSUSE_Tumbleweed SSL certificate problem: certificate has expired: crameleon
10:27 tickets #181223: repositories/KDE:/KDE3/openSUSE_Tumbleweed SSL certificate problem: certificate has expired: I've managed to step around the issue by editing `/etc/zypp/repos.d/KDE3.repo` and adding `?COUNTRY=de` to the baseur... mchnz
10:20 tickets #181223: repositories/KDE:/KDE3/openSUSE_Tumbleweed SSL certificate problem: certificate has expired: Yes, it looks like it is an issue with a mirror, I just tried a wget. I have set `download.use_geoip_mirror = false`... mchnz
10:19 tickets #181223: repositories/KDE:/KDE3/openSUSE_Tumbleweed SSL certificate problem: certificate has expired: Hard to tell without the zypper.log, if you set the env var ZYPP_MEDIA_CURL_DEBUG=2 the redirects should be logged. zbenjamin
10:17 tickets #181223: repositories/KDE:/KDE3/openSUSE_Tumbleweed SSL certificate problem: certificate has expired: Possibly the same as https://progress.opensuse.org/issues/181229 then? crameleon
10:05 tickets #181223: repositories/KDE:/KDE3/openSUSE_Tumbleweed SSL certificate problem: certificate has expired: I can not see the certificates being expired. Neither the files on disk nor the certs sent by the server are out date... darix
01:34 tickets #181223 (Resolved): repositories/KDE:/KDE3/openSUSE_Tumbleweed SSL certificate problem: certificate has expired: I was trying to do a zypper ref and it's failing for:
https://download.opensuse.org/repositories/KDE:/KDE3/openSUS... mchnz
23:56 tickets #181229 (Resolved): Tumbleweed is saying repository certificates have expired on the Australian mirror: crameleon
23:05 tickets #181229: Tumbleweed is saying repository certificates have expired on the Australian mirror: Resolved.
The machine in question is set to automatically zypper dup and reboot. This inturn is what allows servic... firstyear
04:32 tickets #181229 (Resolved): Tumbleweed is saying repository certificates have expired on the Australian mirror: Hi,
I am running Tumbleweed, and for the last couple of days, although it
says that there are updates available, ... ianmackenz@gmail.com
21:33 Revision f3bd463c (salt): php-fpm: exporter ACL tmpfiles drop-in: If the system has /run on a tmpfs, the Salt managed ACLs would be
lost upon reboots. As the php-fpm package manages /... crameleon
20:11 Revision f1d776e4 (salt): Merge branch 'crameleon/wiki-php-fpm-listen-mode' into 'production': wiki/php-fpm: group socket permissions
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_reques... cboltz
19:50 Revision 03b4c12b (salt): Apollo: manage firewalld: Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> crameleon
19:37 Revision 57d68b67 (salt): wiki/php-fpm: group socket permissions: For php-fpm_exporter to access the socket to read statistics using ACLs,
group r/w permissions must be enabled.
Sign... crameleon
19:25 tickets #177717: Update to Redmine 6: All seems relatively well prepared in openSUSE:infrastructure:redmine:stage. I shall announce some maintenance time t... crameleon
19:07 tickets #177717: Update to Redmine 6: Thanks @mgriessmeier for promptly providing the new licenses, the updated plugins seem to work well with the new Redm... crameleon
19:00 Revision a3a90ce3 (salt): Merge branch 'crameleon/wiki-monitor-php-fpm' into 'production': Monitor PHP-FPM for Wikis
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2437. cboltz
17:15 Revision 140ef8c7 (salt): Monitor PHP-FPM for Wikis: Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> crameleon
13:49 tickets #181271 (New): openSUSE org on Codeberg: Hello geekos,
Some time ago I claimed the openSUSE organization on Codeberg so that
the name and space is reserv... felix.niederwanger@suse.de

2025-04-21

23:18 Revision d816c0c5 (salt): Merge branch 'cboltz-wiki-aa' into 'production': wiki httpd: allow writing to /proc/*/attr/apparmor/current
See merge request https://gitlab.infra.opensuse.org/infra... crameleon
23:10 Revision a74ebe36 (salt): wiki httpd: allow writing to /proc/*/attr/apparmor/current: ... in addition to the older (now fallback) /proc/*/attr/current so that
changing hats works cboltz
23:00 Revision a2a89eec (salt): Merge branch 'cboltz-wiki-aa' into 'production': wiki/AA: allow reading /usr/share/mediawiki_*
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge... crameleon
22:52 Revision 8ff84fe9 (salt): wiki/AA: allow reading /usr/share/mediawiki_*: cboltz
22:47 Revision a2d1bf6e (salt): Merge branch 'crameleon/wiki-symlinks' into 'production': Allow Wiki httpd symlinks
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2440. cboltz
22:44 Revision 3f5cc773 (salt): Merge branch 'crameleon/wiki-apache-log' into 'production': Add quotes to wiki httpd log format
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/... cboltz
22:42 Revision fa44fff7 (salt): Allow Wiki httpd symlinks: Needed for docroot => MediaWiki links.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> crameleon
22:29 Revision 3175e43c (salt): Add quotes to wiki httpd log format: Parts of the format string were treated as individual option arguments.
Signed-off-by: Georg Pfuetzenreuter <mail@ge... crameleon
22:14 Revision ae558a59 (salt): Merge branch 'crameleon/nft-gitlab' into 'production': Display nft artifacts in browser
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2435. cboltz
22:09 Revision 4f7d20b4 (salt): Merge branch 'crameleon/wiki-apache-modules' into 'production': Add proxy module to wiki httpd
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2438. cboltz
22:00 Revision 159dd888 (salt): Add proxy module to wiki httpd: Needs to be loaded prior to proxy_fcgi.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> crameleon
21:38 tickets #165102 (New): Reduce kanidm-unixd logging: Re-opening this because https://github.com/kanidm/kanidm/pull/3397#discussion_r2019797513. crameleon
21:38 Revision ca6d9f4c (salt): Merge branch 'crameleon/wiki-default-version' into 'production': Quote default_version
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2436. cboltz
21:32 Revision 5519bbec (salt): Quote default_version: YAML would convert it to an integer, but it needs to be a string to
preserve the underscore.
Signed-off-by: Georg Pf... crameleon
21:00 Revision a6ecff7d (salt): Display nft artifacts in browser: For evaluating rendered nftables configuration, I prefer to read it in
the browser before deciding to download a file... crameleon
20:42 Revision 89d011e4 (salt): Merge branch 'crameleon/wiki-httpd' into 'production': Refactor wiki httpd + php-fpm setup to formula
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merg... cboltz
17:43 tickets #178684 (Resolved): Download Service issues: Should be normal again, thanks for reporting. crameleon
16:57 Revision 6259fd5c (salt): Add Wiki vhost AppArmor hat: Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> crameleon
16:11 Revision 79b34973 (salt): Merge branch 'crameleon/runner-conc' into 'production': Lower concurrent GitLab CI jobs
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2432. cboltz
15:46 Revision 6b601a54 (salt): Enable php_fpm formula: Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> crameleon
15:46 Revision 4f6b46f9 (salt): Refactor wiki php-fpm setup to formula: Use common formula based PHP FPM structure to align with other services
and to reduce redundant code.
Signed-off-by:... crameleon
15:46 Revision 79650990 (salt): Refactor wiki httpd setup to formula: Use common formula based Apache httpd structure to align with other
services and to reduce redundant code. Add AA pro... crameleon
15:11 Revision 01ebe1e5 (salt): Lower concurrent GitLab CI jobs: Reduce likelihood of out of memory conditions.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> crameleon
14:50 Revision 659d5856 (salt): Merge branch 'crameleon/os-update' into 'production': Rename os-update include
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2433. cboltz
14:49 tickets #123478: arbitrary old archive messages give me a 404 ?: Two years later, I even added the sed command to the package / .spec so that we can install an unmodified mails.rewri... cboltz
13:57 Revision 46a117f7 (salt): Rename os-update include: Formula was changed to install this with a hyphen (matching the source
directory) now.
Signed-off-by: Georg Pfuetzen... crameleon
11:06 tickets #161411: Dedicated networks for openSUSE GitHub Runners: That sounds very interesting, though I am a bit biased because I like Firecracker VMs. ;)
I read through the docum... crameleon
09:36 tickets #161411: Dedicated networks for openSUSE GitHub Runners: GitHub ARC is only suitable for k8s. We can instead try using https://fireactions.io/. That would mean that those eph... SchoolGuy
00:00 tickets #181190 (Workable): [Heroes VPN] krauselukas is inactive: Please prepare the user for removal inactive-heroes@opensuse.org

2025-04-20

21:38 tickets #177717: Update to Redmine 6: The licenses for the RedmineUP plugins (Agile and Checklists) expired, hence I cannot download updates for them. I re... crameleon
20:42 tickets #177717: Update to Redmine 6: Work on free plugins:
- diary - still unmaintained, but patch was simple:
* https://build.opensuse.org/projects... crameleon
18:09 tickets #161411: Dedicated networks for openSUSE GitHub Runners: Weird for the containers to require access to registries, I would expect the host to pull the images.
Sorry, but I... crameleon
16:55 Revision 1b0c3dfa (salt): Merge branch 'crameleon/wiki-limit' into 'production': Block further expensive Wiki requests
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_request... cboltz
16:43 Revision d39c7e40 (salt): Block further expensive Wiki requests: It was found sometimes the "from" parameter is used instead of "days",
handle this and additionally refuse requests w... crameleon
14:05 Revision b93c55e2 (salt): Merge branch 'crameleon/wiki-limit' into 'production': Block expensive Wiki requests
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2430.
... crameleon
14:00 Revision b75153ec (salt): Block expensive Wiki requests: This request pattern was found to be issued by suspected crawlers so
many times that significant load is caused, maki... crameleon

2025-04-19

23:33 tickets #177717: Update to Redmine 6: It seems upstream has the same issue: https://github.com/mrliptontea/PurpleMine2/issues/284 - a patch found in the co... crameleon
22:41 tickets #177717: Update to Redmine 6: Unfortunately the theme's CSS is rather broken:
![](clipboard-202504192240-jmez4.png)
We already had challenges... crameleon
22:29 tickets #177717: Update to Redmine 6: This was related to new Redmine using https://github.com/rails/propshaft, update task needs to compile assets which w... crameleon
20:14 tickets #177717: Update to Redmine 6: I prepared the Ruby 3 + Redmine 6 stack in openSUSE:infrastructure:redmine:stage. The base application generally work... crameleon
14:02 tickets #181178: Remove Ruby 2.7: I should add, no, downgrading to the distribution ruby2.5 which we still ship is, whilst giving us updates, not a sus... crameleon
13:24 tickets #181178 (New): Remove Ruby 2.7: Ruby 2.7 went EOL in 2023, and now the ruby2.7 package in d:l:ruby was deleted too:
```
$ osc log -D devel:langua... crameleon
07:39 tickets #161411: Dedicated networks for openSUSE GitHub Runners: Yes but both the GitHub Actions and the host will need Docker Hub access as reusable GitHub Actions may use this, so ... SchoolGuy
01:16 tickets #161411: Dedicated networks for openSUSE GitHub Runners: Thanks for the investigation, it's rather unfortunate not having this deployed off in-house packages and containers.
... crameleon

2025-04-18

20:02 tickets #161411: Dedicated networks for openSUSE GitHub Runners: Apparently docker.io is just a redirect for other registries that are "hidden". On this page they describe all needed... SchoolGuy
13:14 tickets #161411: Dedicated networks for openSUSE GitHub Runners: My bad, now it works -note though that with ping, while you will no longer get "administratively prohibited" from our... crameleon
12:52 tickets #161411: Dedicated networks for openSUSE GitHub Runners: Either the MR didn't work as intended or the change didn't get deployed.
```
apollo01 (Cobbler GitHub Runner, K3S... SchoolGuy
18:10 tickets #180884 (Resolved): Including supportutils-scrub into the openSUSE GitHub repository: I invited you to the openSUSE github org. After accepting the invite, you can move the repo to openSUSE. cboltz
16:21 Revision d25aa1cc (salt): Merge branch 'crameleon/powerdns-api-proxy' into 'production': Introduce powerdns-api-proxy
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2429. cboltz
15:10 Revision 941d6877 (salt): Introduce powerdns-api-proxy: As we add more services making use of the PowerDNS API, more fine
grained access control is needed to reduce the surf... crameleon
11:59 Revision 6e57b5f0 (salt): Manage o:i:dns repository: Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> crameleon

2025-04-16

00:32 tickets #161963: Prepare GitHub runner servers: apollo02 and apollo04 are fully deployed now as well. crameleon

2025-04-15

22:42 Revision 49fcaf3b (salt): Merge branch 'crameleon/ghr-os' into 'production': Initialize remaining Apollos
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2428.
... cboltz
21:01 Revision f23461e6 (salt): Initialize remaining Apollos: Machines to provide GitHub runners for openSUSE.
Try to unify with existing apollo01 (Cobbler) where possible, but
al... crameleon
20:47 Revision ce73652b (salt): Merge branch 'crameleon/haproxy2' into 'production': syslog-ng: filter out HAProxy handshake failures
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/me... cboltz
20:27 Revision 3fc6cdb9 (salt): Merge branch 'crameleon/apollo-fw-container' into 'production': Asgard: allow ghr access to registries + GitHub packages
See merge request https://gitlab.infra.opensuse.org/infra/s... cboltz
19:07 tickets #161963: Prepare GitHub runner servers: Configured network for apollo02 and apollo04, prepared Salt configuration via https://gitlab.infra.opensuse.org/infra... crameleon
15:59 Revision 2c09bb61 (salt): Asgard: allow ghr access to GitHub packages: Needed for GitHub runner operation on apollo01. Other apollo* nodes will
be appended once ready.
Signed-off-by: Geor... crameleon
15:51 tickets #161411: Dedicated networks for openSUSE GitHub Runners: https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2427 crameleon
13:39 tickets #161411: Dedicated networks for openSUSE GitHub Runners: Right, I also wondered about that but forgot. Will add shortly (and registry.o.o for future action images might be us... crameleon
13:32 tickets #161411: Dedicated networks for openSUSE GitHub Runners: Starting k3s is not possible currently because I forgot to add the fact that we need docker.io access to access the m... SchoolGuy
15:41 Revision c09886cc (salt): Asgard: allow ghr access to registries: Needed for GitHub runner operation on apollo01. Other apollo* nodes will
be appended once ready.
Signed-off-by: Geor... crameleon
00:51 Revision c2580794 (salt): Merge branch 'crameleon/tsp-check' into 'production': Correct TSP backend check status expectation
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_... crameleon
00:46 Revision 7f2dbb32 (salt): syslog-ng: filter out HAProxy handshake failures: HAProxy tends to log these genericly, upon reading clients connecting with
unsupported cipher suites or applications ... crameleon
00:33 Revision 27a41338 (salt): Correct TSP backend check status expectation: Currently the Rails app redirects to HTTPS to the application URL, and
redirects coming from the reverse proxy would ... crameleon

2025-04-14

22:57 Revision f4fbb513 (salt): Merge branch 'crameleon/haproxy' into 'production': Correct proxy.haproxy watch directives
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_reques... crameleon
22:24 Revision 3ffb67a5 (salt): Correct proxy.haproxy watch directives: The service state needs to watch the configuration states, not vice
versa.
Signed-off-by: Georg Pfuetzenreuter <mail... crameleon
22:07 Revision 7b0dc01c (salt): Merge branch 'crameleon/haproxy' into 'production': Relax speed limit, block CN/HK Redmine Git access, unify fallback limits
See merge request https://gitlab.infra.open... cboltz
22:01 Revision 980e0876 (salt): Unify fallback limits: align both public facing HAProxy pairs:
- set same request cap
- add connection cap, matching the request cap, to pre... crameleon
22:01 Revision a1a9a08f (salt): Block CN/HK Redmine Git access: Whilst we already implement wide blocking of cloud providers, lots of
seemingly non-human traffic is still found to c... crameleon
21:33 Revision b8fef6e8 (salt): Enable GeoIP handling on Atlas HAProxy: To allow for country based rules, needed for attack defusion.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetz... crameleon
21:33 Revision a2c2009f (salt): Prepare HAProxy for GeoIP handling: To allow for GeoIP based rules, install a module for handling GeoIP2
data on public facing HAProxy servers.
This patc... crameleon
21:33 Revision 209d0987 (salt): Relax Atlas speed limit: I found this to occasionally hit me in new browsers sessions which open
a larger amount of initial connections, parti... crameleon
19:42 tickets #161963: Prepare GitHub runner servers: Installed OS on apollo02 and apollo04 - but unfortunately still I cannot reach apollo03 for management, the link on t... crameleon
17:29 Revision 7477aacf (salt): Merge branch 'crameleon/tsp-check' into 'production': Add HTTP check to tsp backend
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2423. cboltz
16:29 Revision 6d4942a6 (salt): Add HTTP check to tsp backend: For monitoring and to serve our maintenance page if the service is down.
Signed-off-by: Georg Pfuetzenreuter <mail@g... crameleon
15:10 tickets #180890 (Resolved): TSP no longer updates, dependency wants Ruby 3: Thanks, that resolves the problem at hand, and I suppose we can track modernizing in GitHub. crameleon
15:04 tickets #180890: TSP no longer updates, dependency wants Ruby 3: https://github.com/openSUSE/travel-support-program/pull/298 hellcp
15:09 tickets #180953 (Resolved): tsp.o.o is down: Thanks for the patch @hellcp, deployed and service is online again. crameleon
14:51 tickets #180953: tsp.o.o is down: And yes, can't update it either with the problem described in https://progress.opensuse.org/issues/180890. crameleon
14:50 tickets #180953: tsp.o.o is down: ```
Apr 14 14:49:56 tsp systemd[1]: Started Travel Support Program Rails application.
Apr 14 14:49:56 tsp bundler.r... crameleon
14:19 tickets #180953 (Feedback): tsp.o.o is down: I don't know if it has to deal with the latest merge https://progress.opensuse.org/issues/180890 or if it's just offl... ddemaio
12:24 tickets #180953 (Resolved): tsp.o.o is down: It appears as though tsp.o.o is having an issue. Status.o.o is showing that it is functioning
![](Screenshot%20From%... ddemaio

2025-04-13

20:35 tickets #161411: Dedicated networks for openSUSE GitHub Runners: Requested firewall rules implemented via https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2421. To add "... crameleon
17:05 tickets #161411: Dedicated networks for openSUSE GitHub Runners: I think that the networking for both the Cobbler and the openSUSE Hosts can be identical. The tricky part is that ARC... SchoolGuy
20:15 Revision 1f5e99a8 (salt): Merge branch 'crameleon/apollo-fw-github' into 'production': Asgard: allow ghr access to GitHub + get.k3s.io
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/mer... cboltz
19:53 Revision 41c163ba (salt): Asgard: allow ghr access to GitHub + get.k3s.io: Needed for GitHub runner operation on apollo01. Other apollo* nodes will
be appended once ready.
Signed-off-by: Geor... crameleon
19:52 Revision e8cd178d (salt): Merge branch 'crameleon/apollo-fw' into 'production': Asgard: refactor GitHub ACL
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2420.
A... crameleon
19:28 tickets #161963: Prepare GitHub runner servers: apollo01 is fully deployed now => over to @SchoolGuy.
BMC access to others established, me to install OS there as well. crameleon
17:59 Revision 5944d020 (salt): Asgard: refactor GitHub ACLs: This is the first legacy internet ACL refactoring. The goal is to
whitelist outbound access already at the IPv6 stage... crameleon
17:44 tickets #152863: Refactor outbound ACLs for IPv4 destinations: First part: https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2420. crameleon
15:53 Revision 04a28712 (salt): Merge branch 'crameleon/apollo' into 'production': Correct apollo01 CIDR prefix
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2419.
... crameleon
15:47 Revision 350f0a34 (salt): Correct apollo01 CIDR prefix: Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> crameleon
15:31 tickets #179476 (Rejected): [Heroes VPN] schoolguy is inactive: User is back, account had a wrong email address hence notification did not arrive, corrected now. crameleon
14:30 Revision 56ffe3fb (salt): Merge branch 'crameleon/atlas-log' into 'production': Port HAProxy logging to syslog-ng
See merge request https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/2418. cboltz
14:17 tickets #161774: Flapping HAProxy health checks: This morning, we had massive flapping again. crameleon
14:11 Revision d195d8f3 (salt): Port HAProxy logging to syslog-ng: Deprecate old syslog server further, adjust HAProxy destination to new
syslog server and store data in a dedicated fi... crameleon

« Previous

Also available in: Atom

Project

General

Profile

openSUSE admin

Activity

Activity

Today

2025-05-09

2025-05-08

2025-05-07

2025-05-06

2025-05-05

2025-05-04

2025-05-03

2025-05-02

2025-05-01

2025-04-30

2025-04-29

2025-04-28

2025-04-27

2025-04-26

2025-04-25

2025-04-23

2025-04-22

2025-04-21

2025-04-20

2025-04-19

2025-04-18

2025-04-16

2025-04-15

2025-04-14

2025-04-13