Activity
From 2024-03-21 to 2024-04-19
Today
- 13:11 tickets #116227: mirror wiki needs updating
- pjessen wrote in #note-6:
> Andrii, I am not sure if you have quite understood how an admin of an openSUSE mirror wor... - 11:55 Revision 3dd7558b (salt): Merge branch 'crameleon/apache-status' into 'production'
- Monitor Apache httpd
See merge request infra/salt!1720 - 11:53 Revision 58c31db6 (salt): Merge branch 'crameleon/nginx-common' into 'production'
- Include common nginx pillar in osc-collab/manpages
See merge request infra/salt!1718 - 11:51 Revision 0fbe7bfa (salt): Merge branch 'crameleon/pagure-nginx-monitor' into 'production'
- Allow monitor access to pagure01/nginx_exporter
See merge request infra/salt!1719 - 11:51 Revision 1b42c43c (salt): Merge branch 'crameleon/netbox' into 'production'
- Correct netbox1.i.o.o host name
See merge request infra/salt!1717 - 01:58 Revision 9a4c6456 (salt): Monitor Apache httpd
- Equip all apache2 servers with a status listener and exporter and
configure the collection through Prometheus.
Signe...
2024-04-18
- 23:11 Revision 25518c28 (salt): Allow monitor access to pagure01/nginx_exporter
- For collection of nginx metrics.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 23:03 Revision 8cc5553c (salt): Include common nginx pillar in osc-collab/manpages
- Machines have nginx applied, should hence at least use our base
settings.
Signed-off-by: Georg Pfuetzenreuter <mail@... - 21:56 Revision 2fe3980b (salt): Correct netbox1.i.o.o host name
- Minion is called netbox1, name the VM resource respectively.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetze... - 21:41 Revision cf5a0ce4 (salt): Merge branch 'crameleon/nginx-status' into 'production'
- Monitor NGINX
See merge request infra/salt!1709 - 21:35 Revision 2e4385e8 (salt): Merge branch 'crameleon/netbox' into 'production'
- Initialize NetBox
See merge request infra/salt!1670 - 21:29 Revision bcc8f840 (salt): Initialize NetBox
- Configuration for new NetBox network, VM, database, and reverse proxy.
Signed-off-by: Georg Pfuetzenreuter <mail@geo... - 21:01 tickets #159267 (New): Configure PostgreSQL / repmgr switchover
- Our primary/secondary PostgreSQL pair on mirrordb{1,2}.i.o.o is currently not capable of automatically switching the ...
- 20:47 Revision ffa0381d (salt): Merge branch 'crameleon/fetch' into 'production'
- fetch-image: checksum re-download
See merge request infra/salt!1715 - 19:18 Revision 2a62bf2c (salt): test_nginx: create RuntimeDirectory
- NGINX tries to bind Unix socket listeners when testing the
configuration.
Signed-off-by: Georg Pfuetzenreuter <mail@... - 18:36 Revision 9b5c841c (salt): Monitor NGINX
- Equip all NGINX servers with a stats listener and exporter and
configure the collection through Prometheus.
Since we ... - 18:34 Revision 52f54d66 (salt): fetch-image: checksum re-download
- Only re-downloading the signature seems to not have helped - it
again worked during testing, but failed after the ima... - 16:52 tickets #159252: Fwd: Re: On the efficacy of the openSUSE Board
- See https://progress.opensuse.org/issues/159075 and https://progress.opensuse.org/issues/158922. We need to reach out...
- 13:52 tickets #159252 (New): Fwd: Re: On the efficacy of the openSUSE Board
- why on earth would this message, to project@lists.opensuse.org get rejected by the election-officials list?
----... - 16:45 tickets #159261 (New): Issue login code.o,o
- Hi,
Today, after Attila made me and admin on code.o.o/project/mods-team, I got
thrown out of code.o.o . Seeing t... - 13:18 tickets #158850: New mirror opensuse on mirroronet.pl
- I see that the mirror is being added. Thanks a lot.
I'm looking at https://mirrors.opensuse.org/ and I see a typo... - 10:36 tickets #158850 (In Progress): New mirror opensuse on mirroronet.pl
- 12:22 Revision f903c032 (salt): Merge branch 'crameleon/nodegroup-galera' into 'production'
- Add Galera node group
See merge request infra/salt!1714 - 12:21 Revision e3eadf66 (salt): Merge branch 'crameleon/prometheus-storage' into 'production'
- Increase Prometheus samples retention
See merge request infra/salt!1713 - 12:19 Revision aa5fa3ac (salt): Merge branch 'crameleon/backup-monitor' into 'production'
- Add backup share to monitor
See merge request infra/salt!1712 - 10:42 tickets #9792: Lizards account for YaST Team
- This ticket was set to **Normal** priority but was not updated [within the SLO period](http://example.com). Please co...
2024-04-17
- 22:21 Revision c803130c (salt): Add Galera node group
- Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
- 21:09 tickets #159195 (Closed): Repo server IP address not in DNS
- Hi,
cdn.opensuse.org is a CNAME to a domain operated by Fastly, the company hosting the CDN. We do not control the... - 16:51 tickets #159195 (Closed): Repo server IP address not in DNS
- Hi,
Have a system that firewall restricts all outbound traffic except a few
certain allowances, notably opensuse... - 18:35 Revision 89b702d8 (salt): Merge branch 'crameleon/mysql' into 'production'
- Import my.cnf for mysqld-exporter
See merge request infra/salt!1685 - 18:30 Revision b7873b3a (salt): Import my.cnf for mysqld-exporter
- Exporter needs to authenticate to conduct performance schema queries.
Import the previously manually managed MySQL cl... - 17:57 Revision ce5ff10f (salt): Increase Prometheus samples retention
- Raise the default 15 days to 1 year, and utilize an additional
disk to store the data.
Signed-off-by: Georg Pfuetzen... - 17:44 Revision 20f5fd8a (salt): Add backup share to monitor
- ... and move NFS backup mount boilerplate to a common include.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuet... - 17:06 communication #159108: Repository 'update-sle (15.5)' is invalid.
- vkrevs wrote in #note-1:
> Not sure why this is marked as "Private". Can someone change it to "public" pls.
Looks... - 07:20 communication #159108: Repository 'update-sle (15.5)' is invalid.
- Not sure why this is marked as "Private". Can someone change it to "public" pls.
- 07:12 communication #159108 (New): Repository 'update-sle (15.5)' is invalid.
- $ zypper lr --uri | grep update-sle
55 | openSUSE:update-sle | update-sle (15.5) ... - 16:29 tickets #159075 (Workable): Weird error message from Mailman
- Thanks for confirming! Then that was likely the issue in #158922 as well.
We should still reach out to the election-... - 11:40 tickets #159075: Weird error message from Mailman
- crameleon wrote in #note-1:
> Duplicates #158922, the election-officials mailing list is subscribed to the project m... - 08:16 tickets #159075 (Feedback): Weird error message from Mailman
- Duplicates #158922, the election-officials mailing list is subscribed to the project mailing list. Not ideal, but was...
2024-04-16
- 22:59 tickets #158874: cannot login to events.opensuse.org - to obtain a ticket for openSUSE Conference 2024
- Hi,
Thanks for confirming, much appreciated.
I look forward to the event, see you then.
Cheers
Daniel
On 4/11/24... - 21:07 tickets #159075 (Workable): Weird error message from Mailman
- Hi,
I sent out an email to project@ and received this message:
=======
Your message to the Election Officials...
2024-04-15
- 11:49 Revision ad4d6360 (salt): Merge branch 'crameleon/gitlab-certificate' into 'production'
- Remove old GitLab certificate
See merge request infra/salt!1708 - 02:42 Revision e475ac8a (salt): Remove old GitLab certificate
- Entry was missed in b4799daf5d85bc401dfadc7c1d338c1cad44312c.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetz...
2024-04-14
- 23:33 tickets #158934 (New): Clarify license of ca-certificates-opensuse
- While moving the package ca-certificates-freeipa-opensuse to ca-certificates-opensuse, I noticed a license mismatch.
... - 20:20 Revision fbcd1da8 (salt): Merge branch 'crameleon/tsp-socket' into 'production'
- Repair TSP Puma socket
See merge request infra/salt!1706 - 20:13 Revision 18c4d4ca (salt): Repair TSP Puma socket
- The socket activation did not work properly, and did not place
the file in a FHS compliant location.
Drop it in favor... - 19:47 tickets #158931: TSP Ruby stack broken
- Hacking around that, I was now able to bring it up again.
All very ugly, please someone configure this properly:
- ... - 19:39 tickets #158931: TSP Ruby stack broken
- Reinstalling postgresql12-server-devel did not bring the file (which turns out to be an alternatives link) back, but ...
- 19:35 tickets #158931: TSP Ruby stack broken
- ```
tsp (Travel Support Program webapp):/srv/www/travel-support-program # rpm -ql postgresql12-server-devel|grep /us... - 19:31 tickets #158931: TSP Ruby stack broken
- The instructions in https://github.com/openSUSE/travel-support-program/blob/master/doc/INSTALL.md#getting-started don...
- 19:24 tickets #158931: TSP Ruby stack broken
- Also tried:
```
tsp (Travel Support Program webapp):/srv/www/travel-support-program # sudo -u tsp bundle.ruby.rub... - 19:22 tickets #158931 (New): TSP Ruby stack broken
- First this:
```
Installing mini_racer 0.6.3 with native extensions
Gem::Ext::BuildError: ERROR: Failed to build ... - 19:32 Revision 4272dc0c (salt): Merge branch 'crameleon/haproxy-alerts' into 'production'
- Configure HAProxy alerts
See merge request infra/salt!1590 - 19:17 Revision be4b7e46 (salt): Merge branch 'crameleon/postfix-metrics-quiet' into 'production'
- Silence queue metric checks
See merge request infra/salt!1703 - 19:16 Revision 8fcf4295 (salt): Merge branch 'crameleon/firewalld-purge' into 'production'
- Purge unmanaged firewalld zones
See merge request infra/salt!1704 - 17:01 tickets #158928 (Blocked): mtail core dump on mx{1,2}
- https://build.opensuse.org/request/show/1167675
- 16:57 tickets #158928 (In Progress): mtail core dump on mx{1,2}
- Ah, it turns out, I patched this 2 months ago in https://build.opensuse.org/request/show/1130993 - on mx-test, I had ...
- 16:17 tickets #158928: mtail core dump on mx{1,2}
- Package is the same:
```
mx-test (mx-test.o.o):~ # zypper se -is mtail
...
i+ | mtail | package | 3.0.0rc51-b... - 16:16 tickets #158928 (Blocked): mtail core dump on mx{1,2}
- On mx-test.i.o.o I successfully implemented mtail to gather additional Postfix metrics.
Somehow the same setup (appl... - 15:23 Revision 7e29a7f2 (salt): Purge unmanaged firewalld zones
- Ensure only the zones managed by Salt are active on machines.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetz... - 15:12 tickets #152713: Manage orbit using Salt
- orbit20 done.
- 14:32 tickets #152713 (In Progress): Manage orbit using Salt
- 15:07 Revision ab776e20 (salt): Silence queue metric checks
- Move stderr echos behind a DEBUG variable to reduce clutter in the
system journal.
Signed-off-by: Georg Pfuetzenreut... - 14:56 Revision e465741a (salt): Merge branch 'crameleon/asgard-hel' into 'production'
- Allow Asgard access to idm.i.o.o
See merge request infra/salt!1702 - 14:53 Revision cdb03c10 (salt): Merge branch 'crameleon/pam-config' into 'production'
- Preserve pam-config files
See merge request infra/salt!1701 - 14:51 Revision 012dc963 (salt): Allow Asgard access to idm.i.o.o
- Legacy LDAP authentication was replaced with Kanidm.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.... - 14:35 Revision 87927b30 (salt): Preserve pam-config files
- 377a4c09aac121ae071b13f664899521e4cb8862 was implemented to
keep the pam-config package installed - keep the files ow... - 14:32 Revision dd16e5c5 (salt): Merge branch 'crameleon/vm-common-target' into 'production'
- Better target device naming on common hosts
See merge request infra/salt!1698 - 14:18 Revision 8cfaa0c1 (salt): Better target device naming on common hosts
- Import same logic as in falkor.xml.j2 to avoid trailing dots and
duplicate naming.
Signed-off-by: Georg Pfuetzenreut... - 14:11 Revision c200c11f (salt): Merge branch 'crameleon/ca-cert' into 'production'
- Update CA certificates package name
See merge request infra/salt!1700 - 14:08 Revision af649271 (salt): Merge branch 'crameleon/mtail-facl' into 'production'
- Configure ACL on syslog fifo for mtail
See merge request infra/salt!1699 - 13:52 Revision bf1c3956 (salt): Update CA certificates package name
- Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
- 13:48 Revision df15b4f9 (salt): Configure ACL on syslog fifo for mtail
- Allow the mtail user to read from the syslog pipe.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 10:46 Revision b2803f10 (salt): Merge branch 'crameleon/zypper-metrics' into 'production'
- Avoid exit on needs-rebooting query
See merge request infra/salt!1692 - 10:33 Revision cb295d01 (salt): Merge branch 'crameleon/kanidm-dependency' into 'production'
- Kanidm client: consolidate files, adjust dependencies
See merge request infra/salt!1694 - 10:26 Revision c8421a08 (salt): Merge branch 'crameleon/get_roles_slash' into 'production'
- get_roles: correct role directory handling
See merge request infra/salt!1691 - 10:23 Revision 7e0760c5 (salt): Merge branch 'crameleon/libexec-first' into 'production'
- Move libexec directory state up
See merge request infra/salt!1693 - 10:15 Revision e2f0e5f7 (salt): Merge branch 'crameleon/asgard' into 'production'
- Reduce Asgard disk size
See merge request infra/salt!1696 - 10:14 Revision d4815a23 (salt): Merge branch 'crameleon/repo-oss' into 'production'
- Remove duplicate distribution repository
See merge request infra/salt!1697
2024-04-13
- 23:24 tickets #157798 (Resolved): Migrate FreeIPA consumers to Kanidm
- 13:53 Revision 59c255dc (salt): Remove duplicate distribution repository
- New physical machines are installed with a "openSUSE-Leap-<version>-<count>"
repository pointing to distribution/leap... - 13:21 Revision 9489580b (salt): Reduce Asgard disk size
- Upon enrolling Orbit hypervisors in Salt it was found that the
is-size of the Asgard root disks is larger than the ac... - 13:17 Revision 5f8026cb (salt): Adjust kanidm-unixd-tasks dependencies
- Remove odd circular dependency and run all package installation states
first, then engage kanidm-unixd, then kanidm-u... - 13:17 Revision 274ba288 (salt): Consolidate Kanidm files + require packages
- - Add a requirement on the package installation to the files to
avoid "parent directory not present" errors when ap... - 12:51 Revision c6b6f4d8 (salt): Move libexec directory state up
- Avoid "No directory to create /usr/local/libexec/foo in" when
applying role.base on new machines.
Signed-off-by: Geo... - 12:44 Revision d5e62fb3 (salt): Avoid exit on needs-rebooting query
- The script is correctly configured to fail on errors, but the
needs-rebooting call needs to be exempted in order for ... - 11:14 Revision 18d19837 (salt): get_roles: correct role directory handling
- Repair a failure on roles using "<foo>/init.sls" instead of
"foo.sls" as their entrypoint.
Signed-off-by: Georg Pfue... - 10:29 Revision 84237aae (salt): Merge branch 'crameleon/asgard-dcc' into 'production'
- Allow mx-test outbound DCC access
See merge request infra/salt!1676 - 10:23 Revision f39c3819 (salt): Allow mx-test outbound DCC access
- For evaluating DCC (Distributed Checksum Clearinghouse) mx-test is
allowed to reach public DCC servers on the interne...
2024-04-12
- 15:43 communication #151492 (Resolved): VPN Security Configuration
- Implementation complete:
https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/1687
https://progress.opensu... - 15:30 Revision 12a44ec1 (salt): Merge branch 'crameleon/lzo' into 'production'
- Disable OpenVPN LZO compression
See merge request infra/salt!1687 - 15:23 Revision 577ee456 (salt): Disable OpenVPN LZO compression
- Disable compression due to security issues as announced.
https://community.openvpn.net/openvpn/wiki/Compression
http...
2024-04-11
- 21:36 tickets #158874: cannot login to events.opensuse.org - to obtain a ticket for openSUSE Conference 2024
- Daniel, in worst case you can just show up - the registration gives us an idea how many people will come to the confe...
- 20:52 tickets #158874 (New): cannot login to events.opensuse.org - to obtain a ticket for openSUSE Conference 2024
- Hi all,
Sorry not sure where to file this, I'm looking to attend openSUSE Conference 2024.
I've registered for a... - 16:11 tickets #158823: Spam user in oSC website
- Duplicates #153142.
- 11:23 communication #158820 (Resolved): Lists of openSUSE are not available
- Hi,
thanks for reporting, and sorry for the trouble.
Unfortunately the software is flawed and leaks memory. There... - 09:17 tickets #158850 (In Progress): New mirror opensuse on mirroronet.pl
- Country: Poland
Admin Name: Piotr Maluty
Admin Email: piotr.maluty@ringieraxelspringer.pl
Subscribed to mirror@lis...
2024-04-10
- 23:22 tickets #158823 (New): Spam user in oSC website
- Please, review and delete *cutegirls* account.
I found in https://events.opensuse.org/users/429139
It is spam/porn.... - 21:13 Revision efb6939b (salt): Merge branch 'crameleon/language' into 'production'
- Block Wiki index.php queries without language header
See merge request infra/salt!1686 - 20:57 Revision b1ecff74 (salt): Block Wiki index.php queries without language header
- Recently lots of malicious traffic hitting index.php on the various
language wikis is observed, originating from quic... - 19:44 communication #158820 (Resolved): Lists of openSUSE are not available
- Hi there,
https://lists.opensuse.org/archives/ is not available anymore.
Regards,
Frank - 15:34 tickets #154984: beans.opensuse.org login issues
- It looks like there could be a typo in log_writeres[] = file. It should be log_writers[] = file. Could that cause the...
2024-04-09
- 18:18 tickets #158685 (Resolved): Regaining admin access to releaseteam@lists.opensuse.org/
- Done:
```
>>> list = client.get_list("releaseteam@lists.opensuse.org")
>>> list.add_owner('dimstar@opensuse.org'... - 10:23 tickets #158685 (Resolved): Regaining admin access to releaseteam@lists.opensuse.org/
- Hello admins!
Could you please grant admin/ownership rights for
releaseteam@lists.opensuse.org to DimStar (in cc)...
2024-04-08
- 21:23 Revision 0725da05 (salt): Merge branch 'crameleon/ipoo-plain' into 'production'
- Switch ip.o.o to plain text
See merge request infra/salt!1684 - 21:20 Revision b454270a (salt): Merge branch 'crameleon/textfile' into 'production'
- Refactor Prometheus textfile collection
See merge request infra/salt!1674 - 21:14 Revision 28d7dab8 (salt): Switch ip.o.o to plain text
- Existing JSON syntax was wrong, replace with plain output instead
of repairing it since there is not much need for JS... - 21:12 Revision 3f037d16 (salt): Refactor Prometheus textfile collection
- - Move existing postfix-queue-size metrics script and systemd units
to common location
- Implement concept of base ... - 20:48 Revision 90bcf935 (salt): Merge branch 'crameleon/services-fillup' into 'production'
- Switch services sysconfig header handling
See merge request infra/salt!1669 - 20:31 Revision cd6caf22 (salt): Switch services sysconfig header handling
- Refactor to use our common suse_sysconfig.header state, reducing
redundant code.
Signed-off-by: Georg Pfuetzenreuter... - 20:30 tickets #158643 (New): Calendar redis setup is broken
- There are two places where redis is used in calendar, one is sidekiq which is also used by clockwork, and the other i...
- 20:15 Revision 4c94a907 (salt): Merge branch 'crameleon/sysconfig' into 'production'
- Enable sysconfig formula
See merge request infra/salt!1679 - 20:14 Revision 4b2fc829 (salt): Merge branch 'crameleon/redmine-fonts' into 'production'
- Install fonts for Redmine
See merge request infra/salt!1681 - 20:07 Revision 608f9f95 (salt): Merge branch 'crameleon/atlas-ban' into 'production'
- Enable network blacklist on Atlas http frontends
See merge request infra/salt!1683 - 19:57 Revision 0a09bcb3 (salt): Enable network blacklist on Atlas http frontends
- The regular "http" frontend uses a network blacklist file.
- adjust http-misc frontend to use the same blacklist file... - 19:52 Revision 24f51f24 (salt): Install fonts for Redmine
- Needed for rendering some Gantt graphics.
https://progress.opensuse.org/issues/158634
Signed-off-by: Georg Pfuetzenr... - 19:52 Revision 0009a6c3 (salt): Enable sysconfig formula
- Explicitly enable it as we use its functionality in this repository
as well and not only in formulas having it as a p... - 19:50 Revision 5ead084c (salt): Merge branch 'crameleon/test-states' into 'production'
- Sync state modules in test environment
See merge request infra/salt!1680 - 19:45 Revision 702de571 (salt): Move test module syncs
- file_roots need to be set up prior to loading modules in order for
formula provided modules to be covered.
Signed-of... - 19:45 Revision 1519a8ce (salt): Sync state modules in test environment
- We now make use of custom state modules, load them in the test suite.
Signed-off-by: Georg Pfuetzenreuter <mail@geor... - 19:25 Revision 4eaf70e2 (salt): Merge branch 'crameleon/mariadb-monitor' into 'production'
- Manage mysqld-exporter
See merge request infra/salt!1678 - 16:27 communication #154885: Dropping Redmine "Favourite Projects" plugin
- Plugin uninstalled, waiting to remove stale database entries.
- 16:23 communication #154885 (In Progress): Dropping Redmine "Favourite Projects" plugin
- Sent this email to heroes@ on 2024-03-26:
>Hello!
>
>As preparation for future Redmine updates, I will remove th... - 16:12 tickets #158634 (Resolved): Redmine magick font issue
- Solved by installing `google-opensans-fonts`, now https://progress.opensuse.org/projects/opensuse-leap-15-6/issues/ga...
- 16:11 tickets #158634 (In Progress): Redmine magick font issue
- 16:11 tickets #158634 (Resolved): Redmine magick font issue
- Found this in the logs:
```
I, [2024-04-08T16:05:41.281011 #1178] INFO -- : [c5337522-003a-4689-aa18-12932e62483... - 13:55 Revision 26fe7990 (salt): Manage mysqld-exporter
- This imports the previously manually managed configuration for
mysqld-exporter into role.mariadb.
Signed-off-by: Geo... - 13:09 Revision a6210b8f (salt): Merge branch 'crameleon/asgard-odin-smtp' into 'production'
- Allow VPN clients SMTP access to mx-test
See merge request infra/salt!1675
2024-04-07
- 22:37 Revision a2ca403c (salt): Allow VPN clients SMTP access to mx-test
- For testing mail server configuration while connected to the VPN.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pf... - 22:10 Revision 7c0eebdc (salt): Merge branch 'crameleon/fetch' into 'production'
- fetch-image: signature re-download
See merge request infra/salt!1673 - 20:10 Revision 9135d5ab (salt): fetch-image: signature re-download
- It was found that upon checksum changes, the signature file would
not get re-downloaded, causing verify operations to... - 19:45 Revision cbc18f2e (salt): Merge branch 'crameleon/mail-pipe' into 'production'
- Configure mtail on mailservers
See merge request infra/salt!1666 - 19:45 Revision 6aa8bb92 (salt): Merge branch 'crameleon/monitor-zypper' into 'production'
- Collect metrics about pending updates/reboots
See merge request infra/salt!1672 - 19:38 Revision 1423d236 (salt): Configure mtail on mailservers
- This configures rsyslog to dump Postfix logs into a named pipe
which mtail can then read from in order to generate me... - 14:29 Revision 774a87cd (salt): Collect metrics about pending updates/reboots
- Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
- 12:38 Revision e9374571 (salt): Merge branch 'crameleon/header' into 'production'
- Add fillup compatible formula header
See merge request infra/salt!1667 - 12:35 Revision 725db767 (salt): Merge branch 'crameleon/cluster-sudo' into 'production'
- Allow passwordless multipath -l
See merge request infra/salt!1671 - 11:22 Revision 83dd7170 (salt): Merge branch 'crameleon/mybackup' into 'production'
- mybackup: add mariadb role + configure firewall + increase memory
See merge request infra/salt!1661 - 10:38 Revision 8249f412 (salt): Merge branch 'crameleon/mail-exclude' into 'production'
- Exclude proxy connections from mail log
See merge request infra/salt!1665 - 10:21 Revision f4d7faec (salt): Exclude proxy connections from mail log
- Avoid cluttering /var/log/mail* with connect/disconnect messages
from HAProxy health checks.
Signed-off-by: Georg Pf... - 09:16 Revision 905a0765 (salt): Allow passwordless multipath -l
- Another command required by lun_provision.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 01:28 Revision 94500908 (salt): Add fillup compatible formula header
- This adds an equivalent to the existing managed_by_salt_sysconfig
header for use by formula states, accompanying the
... - 01:09 Revision d45896ba (salt): Merge branch 'crameleon/orbit-asgard' into 'production'
- Set Asgard interfaces to passthrough + allow mode key in interfaces + allow bootproto override in bond maco + update ...
- 01:04 Revision 09bcf9e1 (salt): Import Orbit network configuration
- Update configuration to align with production:
- use bridge interface between bond and os-bare to allow for
sha... - 01:04 Revision 608a211e (salt): Allow bootproto override in bond macro
- Signed-off-by: Georg Pfuetzenreuter <georg.pfuetzenreuter@suse.com>
- 01:04 Revision 4215c844 (salt): Allow mode key in interfaces
- Allow "mode" to be overwritten - the setting is already supported in
pillar/infra/init.sls but has so far only been u... - 01:04 Revision 2e2ec4d5 (salt): Set Asgard interfaces to passthrough
- This has already been used in production and is now imported
as part of enrolling Orbit hypervisors into Salt.
The A...
2024-04-06
- 19:51 Revision 7b09edb4 (salt): Increase mybackup memory
- Albeit trying various tuning options, the the MariaDB replica
server seems to consistently use 6-7G of memory. Apart ... - 19:51 Revision 77fbf381 (salt): Configure firewall on mybackup
- Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
- 19:50 Revision d8d230b2 (salt): Add mariadb role to mybackup
- Machine currently runs a manually managed MariaDB server.
Add the respective role, for now mainly to cover it in the
... - 18:34 Revision 0ae6f171 (salt): Merge branch 'crameleon/mx-test-tls' into 'production'
- Add certificate for mx-test
See merge request infra/salt!1664 - 00:27 Revision 09274757 (salt): Add certificate for mx-test
- Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2024-04-05
- 22:06 Revision bb47344f (salt): Merge branch 'crameleon/matrix' into 'production'
- Matrix: reduce whitespace in nginx worker configuration, rename unit source files
See merge request infra/salt!1663 - 21:59 Revision 487fea0c (salt): Merge branch 'crameleon/hosts' into 'production'
- Lower resources of database and mx-test hosts
See merge request infra/salt!1660 - 13:55 tickets #158535 (New): Mailing list delivery issues to Google
- Hundreds of emails are being stalled with messages such as the following:
```
(host alt1.gmail-smtp-in.l.google.c...
2024-04-04
- 22:39 Revision 5473926c (salt): Rename Matrix unit source files
- Reduce confusion by naming the source files similar to what
they're installed as.
Signed-off-by: Georg Pfuetzenreute... - 22:19 Revision 209d8594 (salt): Reduce whitespace in Matrix nginx configurations
- Make rendered file more readable.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 22:11 tickets #158491 (Resolved): Login to forums.opensuse.org fails
- Hi,
thanks for reporting, and apologies for the trouble. Issue has been resolved.
Cheers,
Georg - 14:51 tickets #158491 (Resolved): Login to forums.opensuse.org fails
- Since this morning I can no longer log into forums.opensuse.org (see
attachment for error message).
Login to
... - 22:03 Revision 5b522e00 (salt): Merge branch 'crameleon/matrix-worker' into 'production'
- Repair Synapse workers nginx configuration
See merge request infra/salt!1662 - 21:58 Revision 3b623ffa (salt): Repair Synapse workers nginx configuration
- - repair numbering, needs to use outer loop index
- reduce whitespace
Signed-off-by: Georg Pfuetzenreuter <mail@geor... - 21:15 communication #151492: VPN Security Configuration
- Replied to my announcement to correct a mistake:
>> On April 5th, LZO compression will be disabled on the OpenVPN ... - 21:10 communication #151492: VPN Security Configuration
- Announcement sent to heroes@:
> Hello!
>
> We are implementing changes to the Heroes OpenVPN.
> There are thre... - 00:14 Revision e29bae31 (salt): Lower resources of database and mx-test hosts
- Based on assessment of data from the last month these machines can
do with less resources.
Signed-off-by: Georg Pfue...
2024-04-03
- 23:53 tickets #155032: MySQL/Galera backups incomplete
- Done, first backup succeeded, timer for automatic backups re-enabled.
- 22:19 tickets #155032 (In Progress): MySQL/Galera backups incomplete
- The output above just hints at the nsca target address. The setup is well explained https://progress.opensuse.org/pro...
- 19:54 Revision d2ff669c (salt): Merge branch 'crameleon/pdns-sqlite' into 'production'
- Remove duplicate sqlite3 package
See merge request infra/salt!1659 - 19:52 Revision 926732f6 (salt): Merge branch 'crameleon/pdns' into 'production'
- Enable EDNS on recursors
See merge request infra/salt!1658 - 19:48 Revision cc1479c6 (salt): Remove duplicate sqlite3 package
- Already listed in the PowerDNS formula.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 19:45 Revision c9a80fdc (salt): Enable EDNS on recursors
- Enabled by default after PowerDNS Recursor 5.0.0, but Leap
currently only ships 4.8.6.
Signed-off-by: Georg Pfuetzen... - 16:49 Revision 8c6471f0 (salt): Merge branch 'crameleon/pdns' into 'production'
- Update PowerDNS configuration keys
See merge request infra/salt!1657 - 16:43 tickets #157798: Migrate FreeIPA consumers to Kanidm
- All minions in Provo migrated as well. Highly unspectacular.
- 16:14 tickets #157798: Migrate FreeIPA consumers to Kanidm
- Patch to raise timeouts applied, all minions in Nuremberg migrated.
- 00:43 tickets #157798: Migrate FreeIPA consumers to Kanidm
- - slimhat resolved by magic, chip was found to be a different issue
- @firstyear investigates double-attempt issue a... - 16:31 Revision 052bba4f (salt): Update PowerDNS configuration keys
- Tumbleweed received version 4.9.0, which removed deprecated
options, making this patch needed for Tumbleweed based se... - 13:46 tickets #157852: error with trying to login to openSUSE Wiki
- crameleon wrote in #note-8:
> @ddemaio Please have SUSE investigate why your email address in IDP changed without yo... - 12:20 tickets #157852: error with trying to login to openSUSE Wiki
- @ddemaio Please have SUSE investigate why your email address in IDP changed without your knowledge to avoid this happ...
- 07:51 tickets #157852 (Resolved): error with trying to login to openSUSE Wiki
- Thank you cboltz. It works. I never though capital letters would have such an effect. SUSE must have changed it. Than...
- 12:02 tickets #153055 (Closed): Can not join the release team on calendar.opensuse.org
- No feedback
- 11:47 tickets #158275: matrix01 broken packages
- The new package that fixes synapse is in factory already and should be in Tumbleweed soon
- 11:43 Revision 6ccb6ad2 (salt): Merge branch 'crameleon/monitor-internal' into 'production'
- Switch monitor.i.o.o vhost to TLS
See merge request infra/salt!1656 - 11:40 Revision 2f604832 (salt): Merge branch 'crameleon/tumbleweed' into 'production'
- Preserve libnss_usrfiles2 and pam-config
See merge request infra/salt!1655 - 11:11 tickets #158290: discord.service broken
- Thanks, I already removed the Appservice from Salt.
- 11:11 tickets #158290: discord.service broken
- This is expected right now, I'm working on a replacement for the bridge
- 10:14 Revision b374cbfc (salt): Switch monitor.i.o.o vhost to TLS
- Align with the reverse proxy vhosts.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 01:10 Revision 665e2e72 (salt): Merge branch '20240403-kani-unixd-conn-timeout' into 'production'
- Raise connection timeouts
See merge request infra/salt!1654 - 00:39 Revision 377a4c09 (salt): Preserve libnss_usrfiles2 and pam-config
- c93a2983 and 841d4303 explain why libnss_usrfiles2 and pam-config
are to be preserved on Tumbleweed - e2432fd5 remove... - 00:32 tickets #158392: Switching src.opensuse.org from Gitea to Forgejo
- Hi,
this tool is hosted by SUSE as part of OBS, and not community maintained like other openSUSE services.
Assign... - 00:28 tickets #158359 (Resolved): Kanidm login asks for TOTP instead of passphrase
- Thank you! I did not spot this interface in FreeIPA before. Will keep it in mind for next time.
2024-04-02
- 22:59 Revision 4e82c095 (salt): Raise connection timeouts
- 20:29 tickets #157852: error with trying to login to openSUSE Wiki
- Yeah, I expected the failure - but this time, I have logs ;-)
Turns out, you indeed didn't change your mail addres... - 06:44 tickets #157852: error with trying to login to openSUSE Wiki
- Hi Christian,
Thanks. I had the same issue. I logged in at round 08:42.
v/r
Doug
On Sat, Mar 30, 2024 at 8:30 P... - 20:06 communication #156874: 2024-04-04 18:00 UTC: openSUSE Heroes meeting
- Note: Europe switched to summer time, which means the UTC time is now 18:00.
- 19:41 Revision b6653d97 (salt): Merge branch 'crameleon/promact-out' into 'production'
- Correct output path in check-mysql script
See merge request infra/salt!1653 - 16:37 Revision bdacb1e6 (salt): Correct output path in check-mysql script
- profile.monitoring.prometheus.promact creates the directory under
/srv/www, repair the script respectively.
Signed-o... - 11:49 Revision 6500ae13 (salt): Merge branch 'crameleon/libexec-mode' into 'production'
- Set mode for libexec directory
See merge request infra/salt!1652 - 08:35 Revision ce1d51d1 (salt): Set mode for libexec directory
- In profile.postfix we create libexec/systemd with mode 0750, which
reflects onto the parent directory. Allow the pare... - 02:32 tickets #158392 (New): Switching src.opensuse.org from Gitea to Forgejo
- Hi,
Ever since the for-profit company took over Gitea, a bunch of the developers have made a fork known as Forgejo...
2024-04-01
- 23:40 tickets #158359: Kanidm login asks for TOTP instead of passphrase
- See attached screenshot. They do have an OTP associated with their account, as do 4 others. Kanidm is correctly promp...
- 15:05 tickets #158359 (Resolved): Kanidm login asks for TOTP instead of passphrase
- Hi,
user "bmwiedemann" can not log in https://idm.i.o.o, upon entering their username, the UI asks for a TOTP toke... - 16:27 Revision 64a053ef (salt): Merge branch 'crameleon/vpn-public-http' into 'production'
- Allow plain HTTP access from VPN clients to Atlas
See merge request infra/salt!1651 - 15:22 tickets #158362 (New): Opensuse Kernel Mirror Timeout
- Hello,
Zypper dup returns this error with reaching the servers.
Timeout exceeded when accessing 'http://cdn.opensus... - 14:14 Revision 5f55fb5b (salt): Allow plain HTTP access from VPN clients to Atlas
- Allow utilizing services useful with "curl" without getting stuck
on port 80 - IPv4 over the internet already allows ... - 13:43 tickets #157798: Migrate FreeIPA consumers to Kanidm
- Another "odd" client: chip.infra.opensuse.org - here authentication works, but I am always prompted for a passphrase.
- 13:21 Revision 3808d7b9 (salt): Merge branch 'crameleon/ipoo' into 'production'
- Implement ip.opensuse.org
See merge request infra/salt!1650 - 13:15 Revision 494878c5 (salt): Merge branch 'crameleon/acme-firewall' into 'production'
- Adjust firewall rules for acme.i.o.o
See merge request infra/salt!1645 - 13:00 Revision 8facb3ef (salt): Implement ip.opensuse.org
- Simple public "what is my IP address" service to fetch ones client
IP address as seen from the openSUSE infrastructur... - 11:52 Revision e1fbb09b (salt): Adjust firewall rules for acme.i.o.o
- - allow ping in addition to ssh for all entries, needed for
the connectivity check run before certificate deploymen... - 10:46 Revision e9c74330 (salt): Merge branch 'crameleon/sssd' into 'production'
- Clean up leftover sssd logs
See merge request infra/salt!1649 - 10:45 Revision 85bd0b5c (salt): Merge branch 'crameleon/action-exclude' into 'production'
- Exclude opensuse-action in Karma
See merge request infra/salt!1646 - 10:44 Revision a30582e7 (salt): Merge branch 'crameleon/haproxy-default' into 'production'
- Move HAProxy AppArmor overrides
See merge request infra/salt!1643 - 10:42 Revision 963f6b84 (salt): Merge branch 'crameleon/haproxy-blacklist' into 'production'
- Refactor HAProxy network blacklist
See merge request infra/salt!1642 - 10:41 Revision 33a4c605 (salt): Merge branch 'crameleon/libnss' into 'production'
- Remove Tumbleweed conditional from legacy auth
See merge request infra/salt!1648 - 08:43 Revision 661b2351 (salt): Clean up leftover sssd logs
- sssd is no longer installed, remove left behind logs.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter... - 08:40 Revision e2432fd5 (salt): Remove Tumbleweed conditional from legacy auth
- Some Leap machines have seemingly unrelated packages which pull
these in, causing an installation/removal back and fo... - 06:28 Revision 60df0f84 (salt): Exclude opensuse-action in Karma
- Hide duplicate alerts on https://alerts.i.o.o.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 05:33 Revision 734c4833 (salt): Merge branch 'crameleon/download-certificate' into 'production'
- Add certificate for download.o.o
See merge request infra/salt!1644 - 05:24 Revision 58ac6cb5 (salt): Add certificate for download.o.o
- Deployed to stage3.o.o to cover outages of Pontifex.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.... - 00:39 Revision b0f53655 (salt): Move HAProxy AppArmor overrides
- "defaults" refers to the HAProxy defaults section, move the
AppArmor pillar for HAProxy out, aligning with the zypper... - 00:39 Revision 329455cc (salt): Refactor HAProxy network blacklist
- - move to a separate file for easier listing of many entries
- extend list of Amazaon networks
- add Alibaba (absurd ...
2024-03-31
- 23:06 Revision 9d80dfd4 (salt): Merge branch 'crameleon/pam-config' into 'production'
- Preserve pam-config on Tumbleweed
See merge request infra/salt!1641 - 23:01 Revision 2749bb5c (salt): Merge branch 'crameleon/postgresql' into 'production'
- Disable PostgreSQL archive_mode
See merge request infra/salt!1640 - 22:59 Revision 841d4303 (salt): Preserve pam-config on Tumbleweed
- If removed, it gets re-installed on distribution upgrades (pulled
in through some unknown package) and replaces the c... - 22:53 Revision 0878ec96 (salt): Disable PostgreSQL archive_mode
- We currently do not use archiving / setting is already commented
in production.
Signed-off-by: Georg Pfuetzenreuter ... - 22:31 Revision 7a18e9ce (salt): Merge branch 'crameleon/paste-ruby' into 'production'
- Allow paste.i.o.o access to rubygems.org
See merge request infra/salt!1637 - 22:30 Revision dee33b4f (salt): Merge branch 'crameleon/nfs' into 'production'
- Set NFS default to v4 + use uniform booleans in common pillar
See merge request infra/salt!1636 - 22:28 Revision 4ed96310 (salt): Merge branch 'crameleon/redis-localhost' into 'production'
- Bind Redis to localhost
See merge request infra/salt!1638 - 22:26 Revision 55808814 (salt): Merge branch 'crameleon/paste-assets' into 'production'
- Correct Paste assets check
See merge request infra/salt!1639 - 21:25 Revision c1a3aaa6 (salt): Correct Paste assets check
- Repair wrong check path to restore idempotency.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 21:22 Revision 36fc8fdf (salt): Bind Redis to localhost
- On machines using a local Redis instance using TCP, bind Redis
to localhost only to avoid unnecessary exposure to the... - 21:16 Revision 099e6209 (salt): Allow paste.i.o.o access to rubygems.org
- Wish I knew.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 20:59 Revision f25a605e (salt): Merge branch 'crameleon/prometheus-mail' into 'production'
- Configure custom email alert template
See merge request infra/salt!1514 - 20:54 Revision 5b0019d3 (salt): Configure custom email alert template
- Plain text with relevant details for better usability.
Not perfect, has uneven empty lines between the sections, but
... - 20:42 Revision 570c3623 (salt): Merge branch 'crameleon/paste' into 'production'
- Make profile.paste idempotent + update secret
See merge request infra/salt!1613 - 20:37 Revision 521b71fa (salt): Make profile.paste idempotent, set nodejs version
- Apply same checks as in profile.calendar to avoid repetitive
changes.
Set nodejs version since capability resolving d... - 20:37 Revision 4c0f376e (salt): Update paste secret
- Change found in production, origin or reason unknown.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter... - 20:13 Revision b07cdd4f (salt): Adjust mirrordb NFS mount for v4
- Use relative path (server side export uses fsid=0) to work
with the new default of NFSv4.
Additionally, swap the line... - 20:04 Revision d1a61f40 (salt): Use uniform booleans in common pillar
- The majority of boolean YAML keys use lowercase values, change
the capitalized ones respectively for a more uniform a... - 20:02 Revision c6c793da (salt): Set NFS default to v4
- Assume modern NFS v4 mounts for all roles.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 19:40 Revision 50b55dca (salt): Merge branch 'crameleon/mailman-memcached' into 'production'
- Set Mailman3 Memcached socket to be group r/w
See merge request infra/salt!1635 - 19:34 Revision 93d37990 (salt): Set Mailman3 Memcached socket to be group r/w
- Mailman-web access the Memcached socket through group membership of
its service user.
Signed-off-by: Georg Pfuetzenr... - 17:47 Revision 2a9aca14 (salt): Merge branch 'crameleon/mailman-packages' into 'production'
- Correct mailman3 package names
See merge request infra/salt!1634 - 17:37 Revision c678f715 (salt): Correct mailman3 package names
- Whilst it's all Python, they use different naming schemes.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenr... - 17:09 Revision 6528753f (salt): Merge branch 'crameleon/calendar-redis' into 'production'
- Adjust Redis macro for non-TCP operation + Switch Calendar Redis backend to Unix socket
See merge request infra/salt... - 17:05 Revision c5c04d71 (salt): Merge branch 'crameleon/mailman-packages' into 'production'
- Use system_python for mailman3 packages
See merge request infra/salt!1633 - 16:34 tickets #157798: Migrate FreeIPA consumers to Kanidm
- ```
# salt slimhat.infra.opensuse.org cmd.run 'id crameleon'
slimhat.infra.opensuse.org:
id: 'crameleon': no such... - 16:23 tickets #157798: Migrate FreeIPA consumers to Kanidm
- One originally minor issue I found is that sometimes it takes ~2 attempts to SSH into a machine, I assume it needs to...
- 14:53 Revision 7845470e (salt): Use system_python for mailman3 packages
- Capabilities do not resolve through Salt, assume default Python
version (which the Mailman stack is now always built ... - 14:14 Revision 9fa15af4 (salt): Merge branch 'crameleon/mailman-memcached' into 'production'
- Remove duplicate Memcached package declaration
See merge request infra/salt!1632 - 14:10 Revision 0f77ea5b (salt): Switch Calendar Redis backend to Unix socket
- Avoid superfluous localhost TCP listener.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 14:08 Revision f39cb7dd (salt): Remove duplicate Memcached package declaration
- Mailman3 gets Memcached included through the formula now.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenre... - 13:58 Revision ddb28351 (salt): Adjust Redis macro for non-TCP operation
- Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
- 13:49 Revision 23587239 (salt): Merge branch 'crameleon/matrix-discord' into 'production'
- Remove Discord appservice
See merge request infra/salt!1628 - 13:46 Revision eaefa4eb (salt): Merge branch 'crameleon/mailman-memcached' into 'production'
- Configure memcached for Mailman
See merge request infra/salt!1479 - 13:26 Revision 698fcebd (salt): Merge branch 'crameleon/calendar' into 'production'
- Import changes from calendar.i.o.o
See merge request infra/salt!1612 - 13:20 Revision 79778403 (salt): Import changes from calendar.i.o.o
- Importing miscellaneous manual changes found on the the machine.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfu... - 13:18 Revision cbe93487 (salt): Configure memcached for Mailman
- This equips mailman-web with a memcached cache in an attempt to
slightly improve performance.
As a bonus, a typo in t... - 11:49 Revision beaff241 (salt): Merge branch 'crameleon/discourse-sidekiq' into 'production'
- Repair discourse-sidekiq service name
See merge request infra/salt!1630 - 11:48 Revision 4b5808e4 (salt): Merge branch 'crameleon/pretty-salt' into 'production'
- Switch lock module to formula, resolve linter suggestions on and remove exclude for Salt modules
See merge request i... - 03:22 Revision ef7a35f6 (salt): Repair discourse-sidekiq service name
- The state containing "sidekiq" in its name should enable the
Sidekiq service and not duplicate the Puma one.
Signed-...
2024-03-30
- 21:53 Revision 9c177ec4 (salt): Enable linting for Salt modules
- - remove exclude for Salt module directories
- whitelist lines with Salt dunder dictionaries
Signed-off-by: Georg Pf... - 21:51 Revision f1990c65 (salt): Switch lock state module to formula
- Remove redundant downstream copy.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 21:51 Revision 06d35269 (salt): Apply linter suggestions in os_network
- - run isort
- replace unused variable
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 21:42 Revision 6011ede7 (salt): Merge branch 'crameleon/mirrordb' into 'production'
- Configure NFS shares in PostgreSQL role
See merge request infra/salt!1629 - 21:37 Revision 1899d43a (salt): Configure NFS shares in PostgreSQL role
- e06d672c66d5838dc13197bb9f6353dade25ff30 repaired the NFS exports
on backup.i.o.o - configure them on the clients res... - 19:30 tickets #157852: error with trying to login to openSUSE Wiki
- Sounds like your problem isn't caused by the "usual suspect", therefore I enabled the debug log for your account.
... - 19:20 Revision 7681b33b (salt): Remove Discord appservice
- Quoting #opensuse-admin:
"that's broken anyway, can be disabled"
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfu... - 19:10 tickets #157798: Migrate FreeIPA consumers to Kanidm
- All minions in Prague have been switched to Kanidm.
Major regression due to missing to test on Tumbleweed was the re... - 19:08 tickets #158281 (Resolved): Forum is down site says operational
- Sorry about that. Is resolved already.
- 16:31 tickets #158281 (Resolved): Forum is down site says operational
- We are very sorry, but the requested service is currently not available.
Please check our [Status page](https://st... - 19:01 tickets #158290 (New): discord.service broken
- ```
matrix (matrix.o.o):~ # systemctl start discord ; journalctl -fu discord
Mar 30 18:58:03 matrix systemd[1]: Sta... - 18:57 tickets #158287 (New): telegram.service broken
- ```
Mar 30 18:48:38 matrix python3.11[777]: [2024-03-30 18:48:38,318] [CRITICAL@mau.init] Unexpected error in main e... - 18:06 Revision 12bbe0dc (salt): Merge branch 'crameleon/tumbleweed' into 'production'
- Preserve libnss_usrfiles2 on Tumbleweed
See merge request infra/salt!1627 - 17:05 Revision c93a2983 (salt): Preserve libnss_usrfiles2 on Tumbleweed
- Removing this package was found to be dangerous on Tumbleweed, causing
the removal of various system packages, includ...
2024-03-29
- 19:31 Revision 2ee05aa1 (salt): Merge branch 'crameleon/backup' into 'production'
- Add backup role / restore NFS for mirrordb backups
See merge request infra/salt!1626 - 19:30 Revision 5accbb33 (salt): Merge branch 'crameleon/progress' into 'production'
- Add data disk to progressoo.i.o.o
See merge request infra/salt!1624 - 19:28 Revision bfdb7ae7 (salt): Merge branch 'crameleon/haproxy-stats' into 'production'
- Adjust HAProxy stats pillar
See merge request infra/salt!1625 - 19:28 Revision fc0569c0 (salt): Merge branch 'crameleon/promact' into 'production'
- Promact: configure webhook in Alertmanager + enable templating
See merge request infra/salt!1623 - 18:52 tickets #158275 (New): matrix01 broken packages
- ```
Problem: the to be installed heisenbridge-1.14.6-4.2.noarch requires 'python311-ruamel.yaml = 0.17.35', but this... - 14:32 Revision e06d672c (salt): Add backup role / restore NFS for mirrordb backups
- The manual exports configuration on backup.i.o.o broke with the
migration.
Reinstate it by adding a backup role which... - 14:23 Revision ca5227ea (salt): Adjust HAProxy stats pillar
- Upstream patch merged after agreement on key change from "stats_sockets"
to "stats".
Signed-off-by: Georg Pfuetzenre... - 14:11 Revision d8214ec4 (salt): Enable templating in Promact states
- - render variables in configuration instead of plainly printing them
- add common header to script
Signed-off-by: Ge... - 14:07 Revision 2111e0cf (salt): Add data disk to progressoo.i.o.o
- To offload /var/lib/redmine/files which stores arbitrary
attachments uploaded by users on https://progress.opensuse.o... - 13:55 Revision 1a0db1df (salt): Configure Promact webhook
- Forward alerts to Promact for action processing.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 13:40 communication #151492: VPN Security Configuration
- Drafted email and requested feedback from @cboltz and @firstyear.
- 13:10 communication #151492 (In Progress): VPN Security Configuration
- 1. user/password authentication disabled by @firstyear via https://gitlab.infra.opensuse.org/infra/salt/-/merge_reque...
- 13:16 Revision 35b8bfb6 (salt): Merge branch 'crameleon/promact' into 'production'
- Configure Promact and MySQL processlist action
See merge request infra/salt!1619 - 00:11 Revision 57ecdddf (salt): Allow monitor access to Galera
- Allow for PROCESS queries through a Promact script.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 00:11 Revision 0ae294c6 (salt): Configure Promact and MySQL processlist action
- To gain better visibility into the cause of alerts, Promact
is deployed to act on webhooks received by Alertmanager.
...
2024-03-28
- 23:08 Revision 452799ba (salt): Merge branch 'crameleon/libexec' into 'production'
- Create /usr/local/libexec on Leap
See merge request infra/salt!1620 - 23:03 Revision 796d2688 (salt): Create /usr/local/libexec on Leap
- This directory is already shipped by default on Tumbleweed where
it is used as the local equivalent of %_libexecdir -... - 22:48 Revision ced221d9 (salt): Merge branch 'crameleon/test-prometheus' into 'production'
- test_prometheus: correct rules check
See merge request infra/salt!1621 - 22:24 Revision 3c58814b (salt): test_prometheus: correct rules check
- - files moved under salt/, correct path
- prevent this situation from not being caught by refactoring
the function ... - 20:02 Revision 8838cb58 (salt): Merge branch 'crameleon/postfix-queue-thresholds' into 'production'
- Tune Postfix flush queue threshold
See merge request infra/salt!1618 - 20:00 Revision 43647c79 (salt): Merge branch 'crameleon/kanidm-base' into 'production'
- Merge kanidm.client into base
See merge request infra/salt!1617 - 17:16 Revision 99163fd6 (salt): Tune Postfix flush queue threshold
- The stray files left by an unwoken flush(8) process correlate with
the relay_domains configured in postconf(5).
Sign... - 16:57 communication #156874: 2024-04-04 18:00 UTC: openSUSE Heroes meeting
- Plan to discuss the GDRP process. I'll provide some clarification on a process and can discuss if anything needs to b...
2024-03-27
- 23:43 Revision 176ac645 (salt): Merge kanidm.client into base
- Migrate Unix clients from FreeIPA to Kanidm for shell
authentication.
Signed-off-by: Georg Pfuetzenreuter <mail@geor... - 21:50 Revision 3e17219d (salt): Merge branch 'crameleon/postfix-queue-thresholds' into 'production'
- Tune Postfix alerting thresholds
See merge request infra/salt!1616 - 21:17 Revision b1e2efc1 (salt): Merge branch 'crameleon/hel-https' into 'production'
- Allow global HTTPS access to Hel
See merge request infra/salt!1614 - 18:05 Revision cd79e1bc (salt): Tune Postfix alerting thresholds
- - improve values based off data gathered in the last three days
to make alerts more meaningful, especially for mx*.... - 17:09 tickets #157798: Migrate FreeIPA consumers to Kanidm
- Since the Matomo authentication is currently broken anyways, and the lack of logging in the application making both r...
- 16:24 tickets #157246 (Feedback): Mail to opensuse-factory rejected as spam
- 16:23 tickets #158134: MicroOS snapshot announcements AND mails to admin@opensuse.org being blocked as spam
- > Please correct the spam filtering promptly..this situation is rather silly
I also suggest to keep in mind that t... - 16:21 tickets #158134 (Rejected): MicroOS snapshot announcements AND mails to admin@opensuse.org being blocked as spam
- Hi,
while you did not include mail headers, it sounds quite similar to https://progress.opensuse.org/issues/157246, ... - 09:16 tickets #158134 (Rejected): MicroOS snapshot announcements AND mails to admin@opensuse.org being blocked as spam
- Hello Admins,
My email account rbrown@suse.de is used to send MicroOS release
snapshot announcements
These are... - 13:47 tickets #155185: meet-o-o disconnect/mute with three attendees
- We've had complains again today. Richard required multiple reconnects etc, but that's partially also because of his c...
- 08:04 tickets #157852: error with trying to login to openSUSE Wiki
- cboltz wrote in #note-2:
> A wrong / not updated password probably wouldn't give you a MWException.
>
> The usual... - 00:28 Revision 56e48aa9 (salt): Allow global HTTPS access to Hel
- Needed for kanidm-unixd which will be deployed on all machines to
reach idm.i.o.o.
Signed-off-by: Georg Pfuetzenreut...
2024-03-26
- 22:09 tickets #157852: error with trying to login to openSUSE Wiki
- A wrong / not updated password probably wouldn't give you a MWException.
The usual suspect for a MWException after... - 14:51 tickets #157852: error with trying to login to openSUSE Wiki
- Wrong project, moving.
- 22:04 Revision bbe1c221 (salt): Merge branch 'crameleon/orbit-cluster' into 'production'
- Assign orbits to orbit cluster
See merge request infra/salt!1611 - 21:58 Revision c1768cd9 (salt): Merge branch 'crameleon/zypp-memory' into 'production'
- Raise minimum memory to 1G
See merge request infra/salt!1610 - 15:12 Revision b860c301 (salt): Merge branch 'pagure' into 'production'
- Refactor Pagure configuration, add Redis pillar macro, switch calendar/paste Redis configuration
See merge request i... - 15:04 Revision f318e1af (salt): Refactor calendar/paste Redis configurations
- No longer use Pagure inherited configuration, switch to common
a named Redis instance defined using the common pillar... - 15:04 Revision e0c77cf8 (salt): Refactor Pagure configuration
- - reconfigure to use Redix over a Unix socket
- switch Redis configuration to pillar
- delete nginx TLS configuration... - 15:04 Revision d28e89df (salt): Add Redis pillar macro
- Some roles require a local Redis instance with generic settings.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfu... - 13:46 Revision 401dc511 (salt): Assign orbits to orbit cluster
- Signed-off-by: Georg Pfuetzenreuter <georg.pfuetzenreuter@suse.com>
2024-03-25
- 23:20 Revision 061ccac4 (salt): Raise minimum memory to 1G
- Lately zypper always runs out of memory during package installations
on systems with 768MB memory.
Signed-off-by: Ge... - 22:16 tickets #157867 (Closed): [redmine] Some issues cannot be retrieved via REST API
- Glad to hear. :)
- 22:15 tickets #157867: [redmine] Some issues cannot be retrieved via REST API
- Yes, all good now, thanks :)
- 22:12 tickets #157867: [redmine] Some issues cannot be retrieved via REST API
- :-) I was about to say, I'm pretty sure `curl` does not contain any code to read a `REDMINE_API_KEY` variable.
No ... - 22:11 tickets #157867: [redmine] Some issues cannot be retrieved via REST API
- Sorry, I was being stupid :(
I need to specify `-H X-Redmine-API-Key: ...`
I mixed curl up with the script I was work... - 22:06 tickets #157867: [redmine] Some issues cannot be retrieved via REST API
- Sorry to not mention it, but I am authenticated.
I did
```
% export REDMINE_API_KEY=...
% curl https://progress.o... - 22:00 tickets #157867 (Feedback): [redmine] Some issues cannot be retrieved via REST API
- Hi,
I do not think there is an issue specific to the API.
One of your example tickets (https://progress.opensus... - 11:21 tickets #157867: [redmine] Some issues cannot be retrieved via REST API
- I found 4 issues in our [backlog](https://progress.opensuse.org/issues?query_id=230) of 47 tickets that are showing t...
- 10:47 tickets #157867: [redmine] Some issues cannot be retrieved via REST API
- This resulted in a private ticket accidentally. Now I can't make it public.
- 10:46 tickets #157867 (Closed): [redmine] Some issues cannot be retrieved via REST API
- ## Observation
See https://progress.opensuse.org/issues/157858#note-7
For example
```
curl https://progress.ope... - 22:08 tickets #157897 (Blocked): Account problem: urls from idp-portal.suse.com defect
- Hi,
thanks for reporting. I forwarded it to SUSE: https://sd.suse.com/browse/SD-152439 (internal ticket).
Best,... - 14:25 tickets #157897 (Blocked): Account problem: urls from idp-portal.suse.com defect
- Dear Admins,
emails from idp-portal.suse.com contain defect urls,
so confirmation of email addresses for new acco... - 20:35 tickets #157459 (Resolved): Descriptions of tickets with special unicode characters included yield "Internal server error 500"
- Great, thanks for confirming!
- 14:02 tickets #157459: Descriptions of tickets with special unicode characters included yield "Internal server error 500"
- Thanks a lot!
- 10:54 tickets #157459: Descriptions of tickets with special unicode characters included yield "Internal server error 500"
- #157870 looks awesome now. Thanks a lot. You can resolve the ticket if you are happy with it as well.
- 20:34 Revision 2759b5aa (salt): Merge branch 'crameleon/discourse-collector' into 'production'
- Allow Prometheus access to Discourse collector
See merge request infra/salt!1608 - 20:29 Revision 31e32251 (salt): Merge branch 'crameleon/odin-push-public' into 'production'
- Push os-public through OpenVPN
See merge request infra/salt!1609 - 20:19 Revision 0ada56f0 (salt): Push os-public through OpenVPN
- In 7876bac9b553c4d72b93be7ec61ebdec19788984 the firewall rules
were extended to grant VPN clients the same access to ... - 20:13 Revision 531b00e5 (salt): Allow Prometheus access to Discourse collector
- The discourse-prometheus-collector service shipped with the package
was equipped with an IP address allow list - exte... - 19:54 Revision 20ec979e (salt): Merge branch 'crameleon/libvirt-guests' into 'production'
- Configure libvirt-guests on standalone hypervisors
See merge request infra/salt!1606 - 19:53 Revision 087dfafc (salt): Merge branch 'crameleon/discourse-3.3' into 'production'
- Bump discourse_mail_receiver
See merge request infra/salt!1607 - 19:40 Revision 3a30d16d (salt): Merge branch 'crameleon/postfix-queue-metrics-optimize' into 'production'
- Slightly optimize Postfix spool counting
See merge request infra/salt!1604 - 19:33 Revision bc129309 (salt): Bump discourse_mail_receiver
- Discourse runs with Ruby 3.3 now.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 19:18 Revision 6a672a89 (salt): Merge branch 'crameleon/discourse-prometheus' into 'production'
- Configure Discourse monitoring
See merge request infra/salt!1605 - 16:07 Revision 223f074f (salt): Configure libvirt-guests on standalone hypervisors
- Shut down running VM's on hypervisor shutdown and ensure the same VM's
get started again during the next boot of the ... - 14:48 Revision 052c1115 (salt): Atlas: unify internal path rules
- - add host rule to existing Grafana login rule to avoid it matching
with unrelated applications
- move both interna... - 12:51 Revision 647b474d (salt): Merge branch 'crameleon/prometheus-lint-fatal' into 'production'
- test_prometheus: fail on linting errors
See merge request infra/salt!1601 - 12:47 Revision 1aeb5f77 (salt): Merge branch 'crameleon/mail-alerts' into 'production'
- Extend wait time for Postfix mail alerts
See merge request infra/salt!1602 - 12:41 Revision 35c6a39d (salt): Merge branch 'crameleon/legacy-smtp' into 'production'
- Allow legacy networks to access SMTP on Hel
See merge request infra/salt!1603 - 07:25 tickets #157852 (Resolved): error with trying to login to openSUSE Wiki
- I'm getting the following error when logging in en.opensuse.org. I trying to login and the next page I get is:
[9c... - 03:57 Revision 998cffe3 (salt): Configure Discourse monitoring
- Enable Discourse metrics endpoint and configure it as a target
in Prometheus.
Public access to forums.o.o/metrics is ... - 01:32 Revision 13ab5bc0 (salt): Slightly optimize Postfix spool counting
- Increase performance by not dumping file names into the wc pipe.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfu... - 01:24 Revision 78373d3a (salt): Allow legacy networks to access SMTP on Hel
- Adjust global rule to allow hosts in legacy sites to send mail
through relay.i.o.o.
Additionally, adjust the line ord... - 01:08 Revision 7b2de9f1 (salt): Extend wait time for Postfix mail alerts
- Our postfix-queue-size-metrics.timer is set to run every five
minutes, wait for at least one metrics update before tr...
2024-03-24
- 23:58 Revision 79af02d0 (salt): test_prometheus: fail on linting errors
- Fail test on duplicate alert names.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 23:58 Revision 8170a587 (salt): Merge branch 'crameleon/postfix-metrics-start' into 'production'
- Start postfix-queue-size-metrics with postfix
See merge request infra/salt!1599 - 23:56 Revision df011e40 (salt): Merge branch 'crameleon/discourse-health' into 'production'
- Add HTTP check to forums backend
See merge request infra/salt!1598 - 23:55 Revision 8613626f (salt): Merge branch 'crameleon/prometheus-disk-duplicate' into 'production'
- Rename duplicate disk space alerts
See merge request infra/salt!1600 - 23:09 Revision 8206dc16 (salt): Rename duplicate disk space alerts
- Not a fatal problem, but to quote the linter:
"Might cause inconsistency while recording expressions"
Signed-off-by:... - 23:05 Revision be9c631c (salt): Start postfix-queue-size-metrics with postfix
- Avoid timer staying down if Postfix gets temporarily stopped.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetz... - 22:34 Revision 732fc201 (salt): Add HTTP check to forums backend
- To serve our maintenance page instead of an nginx error if
Discourse is down.
Signed-off-by: Georg Pfuetzenreuter <m... - 22:24 Revision fd2653be (salt): Merge branch 'crameleon/mail-alerts' into 'production'
- Configure Postfix queue alerts
See merge request infra/salt!1597 - 22:19 Revision 3e6714ea (salt): Configure Postfix queue alerts
- This adds alerting for unusual Postfix queue sizes.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 21:40 tickets #157459 (Feedback): Descriptions of tickets with special unicode characters included yield "Internal server error 500"
- One backup and a few seconds later
```
MariaDB [redmine]> ALTER TABLE journal_details CONVERT TO CHARACTER SET ut... - 21:37 tickets #157459 (In Progress): Descriptions of tickets with special unicode characters included yield "Internal server error 500"
- Hi,
thanks for making the ticket.
I found why it works in comments, but not in ticket descriptions:
```
Mar... - 19:44 Revision 6975026c (salt): Configure HAProxy alerts
- Inspired by
https://samber.github.io/awesome-prometheus-alerts/rules.html#haproxy-2
but heavily customized.
Signed-o... - 18:33 Revision 6a4797b8 (salt): Merge branch 'crameleon/misc-alerts' into 'production'
- Configure member alias update alerts
See merge request infra/salt!1596 - 18:19 Revision 80a82c87 (salt): Configure member alias update alerts
- Replacement for the removed nsca status updates.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 17:34 Revision 55cc7a22 (salt): Merge branch 'crameleon/postfix-queue-metrics' into 'production'
- Collect Postfix queue size metrics
See merge request infra/salt!1595 - 16:29 Revision 0cd45997 (salt): Collect Postfix queue size metrics
- Allow for monitoring of Postfix queue sizes.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 15:14 Revision 75b49217 (salt): Merge branch 'crameleon/prometheus-textfiles' into 'production'
- Prepare node exporters for textfile collection + migrate get_member_aliases
See merge request infra/salt!1594 - 13:50 Revision 3a511d18 (salt): get_member_aliases: unify spacing
- Majority of the file uses spaces, adjust the few lines using tabs
respectively to make for a more uniform appearance.... - 13:50 Revision ecec85ac (salt): get_member_aliases: migrate to Prometheus
- Replace legacy nsca status updates with Prometheus textfile metrics.
Signed-off-by: Georg Pfuetzenreuter <mail@georg... - 13:31 Revision a0ea549f (salt): Prepare node exporters for textfile collection
- In order to facilitate collection of metrics for applications which
do not expose any natively, as well as to replace... - 12:09 Revision 472b0d35 (salt): Merge branch 'crameleon/disk-alerts' into 'production'
- Improve disk space alerts
See merge request infra/salt!1593 - 12:05 Revision aa2cf888 (salt): Merge branch 'crameleon/asgard-nodegroup' into 'production'
- Add node group for Asgard
See merge request infra/salt!1592 - 03:15 Revision 332320b2 (salt): Improve disk space alerts
- In an attempt to improve alerting accuracy and to be more lenient
with "low" disk space on machines with large partit... - 00:50 Revision 440a8137 (salt): Add node group for Asgard
- Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2024-03-23
- 23:29 Revision 0c345e24 (salt): Merge branch 'crameleon/misc-v6' into 'production'
- Allow atlas_misc HTTP/HTTPS access over IPv6
See merge request infra/salt!1583 - 23:27 Revision 917369c8 (salt): Merge branch 'crameleon/sort-yml' into 'production'
- sort_yaml: support .yml suffix
See merge request infra/salt!1589 - 23:25 Revision 4b96dfb8 (salt): Merge branch 'crameleon/elasticsearch-exporter' into 'production'
- Replace prometheus-elasticsearch_exporter
See merge request infra/salt!1591 - 23:24 Revision deb9e52c (salt): Merge branch 'crameleon/asgard-vpn-public' into 'production'
- Allow VPN clients to access Atlas
See merge request infra/salt!1587 - 22:31 Revision b99f3f4a (salt): Replace prometheus-elasticsearch_exporter
- Switch obsolete exporter to the modern one which ships with a new
package name.
Signed-off-by: Georg Pfuetzenreuter ... - 20:50 Revision 7088b011 (salt): sort_yaml: support .yml suffix
- Used for Prometheus related YAML files.
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net> - 20:41 Revision d748bcf7 (salt): Merge branch 'cboltz-wikisearch' into 'production'
- Fix casing in elasticsearch.service AppArmor drop-in
See merge request infra/salt!1588 - 20:36 Revision 9b3d75a0 (salt): Fix casing in elasticsearch.service AppArmor drop-in
- 18:48 Revision 7876bac9 (salt): Allow VPN clients to access Atlas
- This allows VPN clients which route the os-public segment through
the tunnel instead of over the internet to access t... - 18:01 Revision 73113ccc (salt): Merge branch 'crameleon/alerts' into 'production'
- Simplify Prometheus alerting rules management
See merge request infra/salt!1585 - 17:57 Revision 84068990 (salt): Merge branch 'crameleon/asgard-prometheus' into 'production'
- Asgard: add rules for HAProxy/Ping metrics collection
See merge request infra/salt!1584 - 17:56 Revision 78ba89a1 (salt): Merge branch 'crameleon/atlas-internal' into 'production'
- Atlas: serve error page for internal login
See merge request infra/salt!1586 - 17:29 Revision 06f7cf93 (salt): Merge branch 'crameleon/kanidm-recursive' into 'production'
- Resolve recursive kanidm-unixd require
See merge request infra/salt!1582 - 16:27 Revision c762e2e1 (salt): Atlas: serve error page for internal login
- Grafana now uses OIDC authentication. Avoid directing users to
idm.i.o.o (which cannot be reached from the internet) ... - 15:21 tickets #157798: Migrate FreeIPA consumers to Kanidm
- Grafana done. As part of the change, Grafana administrators are now managed through the "grafana-admins" group, and e...
- 13:54 tickets #157798: Migrate FreeIPA consumers to Kanidm
- GitLab done. As part of the change, GitLab administrators are now managed using the "gitlab-admins" group in Kanidm.
- 13:53 tickets #157798 (In Progress): Migrate FreeIPA consumers to Kanidm
- 13:53 tickets #157798 (Resolved): Migrate FreeIPA consumers to Kanidm
- This tracks switching all Heroes services from FreeIPA to Kanidm authentication.
Where possible, LDAP should be repl... - 12:41 Revision baa03c69 (salt): yamllint: cover salt/files/
- Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
- 12:31 Revision 97e9543c (salt): Simplify Prometheus alerting rules management
- Move out of pillar to static files to make adding new rule files
easier and to avoid issues with escaping new line ch... - 10:36 Revision c837f3ef (salt): Allow monitor access to Asgard ping metrics
- Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
- 10:32 Revision 64451152 (salt): Allow monitor access to HAProxy metrics
- Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2024-03-22
- 11:50 Revision 15e8ccfb (salt): Allow atlas_misc HTTP/HTTPS access over IPv6
- This should have always been allowed, unsure how it was missed.
Signed-off-by: Georg Pfuetzenreuter <georg.pfuetzenr... - 03:33 tickets #157708 (Resolved): pagure01 runs out of disk space
- Solved, maybe lasts a bit longer now.
- 03:31 tickets #157708: pagure01 runs out of disk space
- Moved /srv/gitolite and /var/lib/redis underneath /data and bind mounted the directories back. Now pagure_web does no...
- 03:18 tickets #157708 (Resolved): pagure01 runs out of disk space
- I removed some log files and lowered the fail2ban and nginx logrotate limits as an intermediary measure.
Needs to be... - 02:16 Revision 7d949c7f (salt): Resolve recursive kanidm-unixd require
- With the introduction of the "require_in" on
"remove_old_ldap_auth_packages" in
11c2df43fd47f07ea573321bd92b42942d145...
2024-03-21
- 23:16 Revision d30108a9 (salt): Merge branch 'crameleon/kanidm' into 'production'
- Clean up PAM/SSSD on Kanidm clients
See merge request infra/salt!1581 - 21:30 communication #154831: IRC Moderator Setup
- No worries, works fine for me.
-lxqt *was* bridged in the past, It's entirely possible that Jacob didn't include i... - 21:27 communication #154831 (Resolved): IRC Moderator Setup
- OK, you can +o yourself in #opensuse{,-chat,-lxqt} as needed now. Please keep https://libera.chat/guides/catalyst#onl...
- 21:14 communication #154831: IRC Moderator Setup
- #openSUSE and #openSUSE-chat would be good. It gets no traffic, but I am the "owner" of #lxqt:opensuse.org on matri...
- 21:01 communication #154831 (Feedback): IRC Moderator Setup
- Hi,
we can grant you operator privileges in selected channels, any specific ones you're interested in moderating? ...
Also available in: Atom