- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Oct 29 2017
Oct 29 2017
Ensure userlist isn't world-readable
dereckson closed T1267: Set userlist.db chmod to avoid it's world readable as Resolved by committing rOPS715b85e5d950: Ensure userlist isn't world-readable.
Works but the software itself rewrites periodically the file as 644.
Eglide highstate is correct, excepted for the PHP libraries and a former bug to the Let's encrypt timer we can solve independently.
dereckson closed T1286: Eglide Salt minion doesn't respond, a subtask of T1034: Switch from root@ SSH login to sudo capabilities on every server, as Resolved.
dereckson closed T1286: Eglide Salt minion doesn't respond, a subtask of T1285: Update tomjerr SSH key, as Resolved.
dereckson closed T1286: Eglide Salt minion doesn't respond, a subtask of T1287: New changes are currently blocked on Eglide, as Resolved.
Salt master
$ salt eglide state.apply roles/shellserver/odderon/config eglide: ---------- ID: odderon_fix_permissions_and_ownership Function: cmd.run Name: chmod 640 /opt/odderon/var/darkbot/userlist.db Result: True Comment: Command "chmod 640 /opt/odderon/var/darkbot/userlist.db" run Started: 15:22:18.005520 Duration: 47.53 ms Changes: ---------- pid: 32647 retcode: 0 stderr: stdout: ---------- ID: odderon_fix_permissions_and_ownership Function: cmd.run Name: chown odderon:nasqueron-irc /opt/odderon/var/darkbot/userlist.db Result: True Comment: Command "chown odderon:nasqueron-irc /opt/odderon/var/darkbot/userlist.db" run Started: 15:22:18.054366 Duration: 40.816 ms Changes: ---------- pid: 32649 retcode: 0 stderr: stdout:
Fix cmd.run multi command syntax
$ salt-call state.apply roles/shellserver/odderon/config The function "chown odderon:nasqueron-irc /opt/odderon/var/darkbot/userlist.db" in state "odderon_fix_permissions_and_ownership" in SLS "roles/shellserver/odderon/config" has whitespace, a function with whitespace is not supported, perhaps this is an argument that is missing a ":"
Apparently, was a network issue.
dereckson added a reverting change for rOPSc18cf34de2bb: Provision ops accounts on Eglide: rOPSd4a2340aa322: Drop wheel group configuration.
Drop wheel group configuration
dereckson committed rOPSf3a236a7afe4: Create an ops group with full sudo capability (authored by dereckson).
Create an ops group with full sudo capability
Salt master
$ salt eglide state.apply roles/shellserver/users … ---------- ID: group_ops Function: group.present Name: ops Result: True Comment: New group ops created Started: 00:56:24.790152 Duration: 835.725 ms Changes: ---------- gid: 3001 members: - dereckson - sandlayth name: ops passwd: x … $ salt eglide state.apply roles/core/sudo eglide: ---------- ID: /etc/sudoers.d/ops Function: file.managed Result: True Comment: File /etc/sudoers.d/ops updated Started: 01:27:44.142002 Duration: 217.149 ms Changes: ---------- diff: New file mode: 0644
Now we've a correct state
Fix syntax
Fix loop issue
ID: dereckson
Function: user.present
Result: True
Comment: Updated user dereckson
Started: 00:25:19.129254
Duration: 133.455 ms
Changes:
----------
shell:
/bin/zsh
----------
ID: amj
Function: user.present
Result: True
Comment: Updated user amj
Started: 00:25:19.435983
Duration: 115.81 ms
Changes:
----------
shell:
/bin/zshdereckson committed rOPS0c5513912e52: Set zsh as default shell for dereckson and amj (authored by dereckson).
Set zsh as default shell for dereckson and amj
Oct 28 2017
Oct 28 2017
dereckson lowered the priority of T1286: Eglide Salt minion doesn't respond from Unbreak Now! to High.
Working now, some cleaning needed.
Changes have been applied.
Install Boost on dev servers
Ysul
$ arc patch D1125 $ /home/dereckson/dev/nasqueron/operations local: ---------- ID: devserver_software_dev_c Function: pkg.installed Result: True Comment: All specified packages are already installed Started: 23:53:33.392554 Duration: 339.279 ms Changes: ---------- … Summary for local ------------- Succeeded: 12 Failed: 0 ------------- Total states run: 12 Total run time: 12.461 s
[ Prioritized as low, as currently, noone received a virus to our installation. Feel free to switch this to normal for a sporadic mail, to high if you're flooded non stop. ]
The minion has been restarted.
dereckson updated the title for P266 Test run of highstate on Eglide from /tmp/T1286.log to Test run of highstate on Eglide.
dereckson committed rOPSaf951f183348: Don't rebuild darkbot when lock file is there (authored by dereckson).
Don't rebuild darkbot when lock file is there
3 and 1 done. I'm watching the minion log to check it's well resolved
dereckson added a parent task for T1286: Eglide Salt minion doesn't respond: T1287: New changes are currently blocked on Eglide.
So last step is to propagate the change to Eglide restarting the minion.
I prepared such a change Wednesday, and committed now, as @tomjerr confirmed the key is working fine (per your manual add).
Update SSH key for tomjerr
Provide EditorConfig information
dereckson updated subscribers of T1254: Ensure non-Nasqueron domains DNS don't contain A records to old Dwellers IP.
@amj has noticed phabricator.wolfplex.be didn't respond to ping.
@Sandlayth I don't currently have an access to Eglide, so you can do one of the following things:
dereckson moved T1034: Switch from root@ SSH login to sudo capabilities on every server from Eglide to Pending review on the Servers board.
dereckson added a subtask for T1285: Update tomjerr SSH key: T1286: Eglide Salt minion doesn't respond.
Oct 27 2017
Oct 27 2017
dereckson committed rOPScb97f7e29d69: Ensure node.has always return a boolean (authored by dereckson).
Ensure node.has always return a boolean
dereckson closed T1284: node.has doesn't return boolean when parameter is string as Resolved by committing rOPScb97f7e29d69: Ensure node.has always return a boolean.
Oct 26 2017
Oct 26 2017
Install CLI browsers on dev servers
Oct 25 2017
Oct 25 2017
Improve Arcanist shell scripts
We're sure it only reads.
Assign webserver-core role to Ysul
dereckson committed rOPS9b5a9ef4e407: Allow a server not to have Let's encrypt domains in pillar (authored by dereckson).
Allow a server not to have Let's encrypt domains in pillar
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator