#staff | Logs for 2014-03-24
« return
[23:59:17] -!- Cyprus [Cyprus!~Bob@2001:470:e2cf:qw:tigt:gjhu:tphg:zlyr] has joined #staff
[23:58:52] -!- Cyprus has quit []
[23:40:18] <NCommander> "Practical System Administration for Ubuntu"
[23:39:54] <NCommander> I think I might write a book about our sys administration
[23:39:41] <NCommander> In all seriousness
[23:39:38] <NCommander> xlefay, actually
[23:37:23] -!- mode/#staff [+v Cyprus] by SkyNet
[23:32:32] Cyprus|shootme is now known as Cyprus
[23:31:59] <xlefay> scrap that.... he's only using his BNC for idlerpg ... ;')
[23:31:34] <xlefay> in fact, he /quit's -.-
[23:31:21] <xlefay> NCommander: ah I see :)
[23:31:17] <xlefay> pbnjoe has a weird client. He first /part's all channels and then disconnect from the BNC...
[23:30:56] <NCommander> To make sure I can use landscape for this
[23:30:50] <NCommander> xlefay, I need to check with Canonical
[23:30:44] <xlefay> <---- wants to see it :P
[23:30:43] -!- pbnjoe has quit [Quit: Leaving]
[23:30:36] <xlefay> So how about that landscaping? :)
[23:30:22] <xlefay> Yeah, we should look at our options ;)
[23:30:18] -!- mechanicjay has quit [Quit: Leaving.]
[23:30:10] <mechanicjay> later guys :)
[23:30:03] * NCommander knows Debian uses puppet
[23:29:59] <xlefay> mechanicjay: ciao :)
[23:29:58] <NCommander> just saying
[23:29:57] <NCommander> *puppet
[23:29:53] <NCommander> *puppy
[23:29:51] <xlefay> Sounds good, I'll test it some with charybdis ;-)
[23:29:48] * NCommander notes we could also look at something like packet
[23:29:47] <mechanicjay> gentlemen: I must leave my place of employment and go home to my wife and children now.
[23:29:00] <NCommander> put that in the postinst
[23:28:59] <xlefay> naturally
[23:28:53] <NCommander> xlefay, sed magic
[23:28:47] <xlefay> e.g. so the listen gets set correctly, etc.
[23:28:38] <xlefay> I'm talking about ssh config for instance
[23:28:27] <NCommander> xlefay, Depends line, we can pull in a common set of packages
[23:28:18] <NCommander> (also means ifkerberos shits itself, LDAP goes with it)
[23:28:16] <xlefay> We would probably also include deploy/update scripts
[23:28:08] <NCommander> *WINNNNE*
[23:28:05] <NCommander> It just means touching the slapd config file
[23:27:59] <NCommander> That's fine
[23:27:58] <NCommander> If we change that to autheticate against kerberos using kerberos host keys
[23:27:48] <NCommander> mechanicjay, yeah, LDAP the one place with a shared key
[23:27:38] * NCommander apt-get installs mind on xlefay
[23:27:35] <mechanicjay> right, I was also briefly thinking about various application configs.
[23:27:29] <xlefay> aah my mind was elsewhere
[23:27:26] <NCommander> It will generate a .tar.gz automatically when you dpkgpackage -S
[23:27:25] <xlefay> we don't need to recompile ;')
[23:27:18] <NCommander> no original source to fuz with
[23:27:16] <xlefay> ooh FML
[23:27:14] <NCommander> THis is a native package
[23:27:09] <xlefay> NCommander: no it isn't
[23:27:03] <NCommander> xlefay, dch -i is bad?
[23:26:53] <NCommander> If we do krb auth, then there are no passwords in our config files
[23:26:52] <xlefay> To be honest, the repackaging does seem dreadful compared to a simple "git commit -m 'something';git push"
[23:26:43] <NCommander> That's the only thing that requires a shared password off the top of my head
[23:26:35] <NCommander> mechanicjay, we should migrate LDAP to auth against kerberos
[23:26:25] <NCommander> xlefay, yeah
[23:26:13] <mechanicjay> Generally the only configs we don't open are things that have credentials in them, and that's easily enough done with some sort of exclude
[23:26:12] <xlefay> Looks good; so, we'd need the package source/deb locally, and repackage that every time we update a config?
[23:25:24] <NCommander> ^- xlefay how's that look?
[23:25:00] <xlefay> naturally, we want configs open but I'm wondering what if there's a config we don't want shared but I'm coming up empty..
[23:24:51] <NCommander> -- Santiago Vila <sanvila@debian.org> Wed, 13 Feb 2013 11:24:42 +0100
[23:24:49] <NCommander> in the working directory. Closes: #696855. Thanks to Dmitrijs Ledkovs.
[23:24:47] <NCommander> * Quote prefix in make install to fix FTBFS when there are spaces
[23:24:45] <NCommander> hello (2.8-3) unstable; urgency=low
[23:24:44] <NCommander> -- Santiago Vila <sanvila@debian.org> Fri, 16 Aug 2013 09:50:00 +0200
[23:24:44] <NCommander> * Updated config.guess and config.sub.
[23:24:44] <NCommander> binary-reproducible. Closes: #719848.
[23:24:44] <NCommander> * Added '-n' to all debian/rules gzip calls to help the build to be
[23:24:44] <NCommander> hello (2.8-4) unstable; urgency=low
[23:24:43] <NCommander> mechanicjay, xlefay : aptitude changelog *pkg* is what you want
[23:24:02] <NCommander> Aside from their openssh SNAFU, it worked well
[23:23:48] <NCommander> Debian does that
[23:23:42] <NCommander> Expect for SSL keys and such
[23:23:37] <NCommander> I rather have the configs open
[23:23:21] <mechanicjay> NCommander: ah
[23:23:19] * xlefay was literally considering throwing some configs on git (our own private) but.. I would prefer APT if that's viable in the way we need it, which sounds like it does ;-)
[23:23:13] <NCommander> mechanicjay, you have to physically create a new changelog entry to upload
[23:23:07] <NCommander> mechanicjay, built right into the package
[23:22:41] <mechanicjay> xlefay: right, it's be nice to know why we needed to tune the apache config on node x. I value changelogs like that -- especially useful in troubleshooting -- ie. what changed in the last 2 weeks?
[23:22:03] <xlefay> And where would we store those? e.g. configs that shouldn't be shared?
[23:21:49] <NCommander> Which prevents an auto-upgrade
[23:21:44] <NCommander> (aptitude hold *pkg)
[23:21:39] <NCommander> If we don't want to upgrade the package on a given node
[23:21:28] <NCommander> We can pin configurations on specific machines
[23:21:05] <NCommander> Yup
[23:21:02] <xlefay> just a diff packname?
[23:21:00] <NCommander> Yeah
[23:20:57] <xlefay> and that could work per machine basis?
[23:20:49] <NCommander> But apt-get install li69422-configs=X lets you install specific versions
[23:20:35] <NCommander> Launchpad deletes old packages
[23:20:32] <xlefay> e.g. with documentation ready via such a mechanism, we can avoid a lot of crap in the future
[23:20:30] <NCommander> xlefay, yes, but we'd have to have a local package repo
[23:20:09] <xlefay> I'm talking about minor config changes though, e.g. if we can see the changelog, see revisions, revert, etc.. something like that would be neat, does apt-get allow for that per machine basis?
[23:19:26] <NCommander> juju deploy li69422-configs
[23:19:18] <NCommander> mechanicjay, xlefay alternatvely, we can go the juju route
[23:18:58] * xlefay shoots Cyprus|shootme
[23:18:52] Cyprus|mountingswitches is now known as Cyprus|shootme
[23:18:50] <xlefay> they've been crazy ;-)
[23:18:45] <xlefay> ^ me too, but for me it's the past few days
[23:18:33] * mechanicjay is humbled by how much he's learning the last few weeks.
[23:18:12] <xlefay> ^^^^^^^^^^^^^
[23:18:09] <mechanicjay> NCommander: indeed!
[23:18:02] <NCommander> I need to get you guys landscape sub accounts
[23:17:54] <NCommander> And then use landscape or something similiar to fire to all nodes at once
[23:17:44] <NCommander> We can store the package on github
[23:17:23] <xlefay> I see what you're doing now
[23:17:20] <mechanicjay> xlefay: if you sort by percent_comments it's pretty interesting too.
[23:17:19] <NCommander> (ok, four commands)
[23:17:17] <xlefay> oh
[23:17:15] <NCommander> dput
[23:17:13] <NCommander> dpkg-buildpackage -S
[23:17:09] <NCommander> *make edits*
[23:17:07] <NCommander> dch -i (create new change)
[23:17:06] <xlefay> Can we add a commit message in there, for instance?
[23:17:01] <NCommander> its three commands
[23:16:58] <NCommander> Package updating is *easy*
[23:16:50] <NCommander> mechanicjay, just update the config, then run apt-get dist-upgrade
[23:16:38] <mechanicjay> do, when a config gets tweaked, do you need to repackage it?
[23:16:14] <mechanicjay> NCommander: you're the packaging expert
[23:15:43] <NCommander> dpkg's conffiles mechanism allows us to write the ffiles and make sure they never get clobbered
[23:15:22] <NCommander> mechanicjay, then apt-get install li69422-config
[23:15:11] <NCommander> mechanicjay, I rather just package them up
[23:15:08] <mechanicjay> As it's backup, it's perfect. If we need to redeploy a system because it's completely owned, our configs are safe and sound.
[23:14:29] <xlefay> mechanicjay: oxygen is primarily backup but I can see that happening. So, how would we deploy such a system?
[23:13:40] <xlefay> So, obviously, drama works well for generating traffic and comments.
[23:13:38] <mechanicjay> anyway, would it be worth putting a git server on oxygen and using that as our origin server for server configs?
[23:13:26] <xlefay> I notice that the first 10 are all related to SN
[23:13:04] <mechanicjay> :)
[23:13:02] <xlefay> it sure is!
[23:12:55] <mechanicjay> xlefay: yes, but it's dirty
[23:12:46] <xlefay> mechanicjay: the xlsx works fine in libreoffice here ;-)
[23:12:10] <mechanicjay> http://archives.smbfc.net
[23:12:08] <mechanicjay> libreOffce calc link:
[23:11:31] <xlefay> xlsx...
[23:11:26] <mechanicjay> archives.smbfc.net/uploads/soylentnews/stories.xlsx
[23:11:20] <mechanicjay> excel link:
[23:11:08] <mechanicjay> regardless, it's interesting to see at a whole, what stories generated the hits and comments
[23:11:05] <NCommander> I accidently self-spammed us so the total hit count is off by ~approximately 10 M
[23:10:52] <NCommander> THat comes on the stats email as well
[23:10:48] <NCommander> yeah
[23:10:45] <mechanicjay> I think that's clickthroughs, though isn't it?
[23:10:43] <NCommander> ACs don't
[23:10:41] <NCommander> logged in users get counted
[23:10:34] <NCommander> mechanicjay, hits is skewed due to varnish
[23:10:24] <mechanicjay> Story title, hits, comment count, hits/comments percentage
[23:10:13] <xlefay> Yeah, but what would be the most logical set up for something like that?
[23:09:48] <mechanicjay> okay, so I just ran a really interesting report out of the database
[23:09:35] <mechanicjay> Yeah, I'd love some sort of repo for config files. I do that all the time here where we dont have any sort of config management or deployment automation.
[23:09:07] <NCommander> I'd move us there for code management
[23:08:56] <NCommander> If Launchpad had git
[23:08:55] <xlefay> also, thoughts on some sort of version control for config files and such?
[23:08:54] <NCommander> Honestly
[23:08:44] <xlefay> Yes, most definitely a good idea
[23:08:29] <mechanicjay> The dream is that for bigger stuff, if I have a few hours to beat on something I can, dump a status update in the ticket, then you can do the same the next day, etc.
[23:08:13] <xlefay> haha referring to this weekend? :P
[23:08:12] * NCommander ducks
[23:08:11] <NCommander> mechanicjay, we can put it on beryl- oh wait
[23:07:57] <mechanicjay> I want to get it back together and hook it up with ldap so we can track some bigger initiatives withing in sys
[23:07:29] <xlefay> Ah I see
[23:07:24] <mechanicjay> in the move between linodes boxes some perl stuff got lost.
[23:07:13] <mechanicjay> I had rt mostly configured at some point, but without ldap, it was kind of useless
[23:06:59] <mechanicjay> ah yeah, there's been this dream since the inception of altslash to have some sort of internal ticket tracking system....
[23:06:33] <NCommander> And their crap is still in the database
[23:06:31] <xlefay> in the dns file, 'rt'?
[23:06:27] <NCommander> paulej72, the Achievements and Firehouse plugins got disabled, but there files are still lingered
[23:06:26] <cosurgi> time for me to sleep, goodnight
[23:06:19] <mechanicjay> xlefay: yo
[23:06:14] <xlefay> mechanicjay: ping?
[23:06:11] <cosurgi> oops :)
[23:06:06] <NCommander> paulej72, install-slashcode asks
[23:06:03] <cosurgi> [A
[23:05:34] <paulej72> NCommander: when setting up slash how do you set which plugins to load?
[23:05:26] <xlefay> It also explains why we haven't even used 100 GB bandwidth
[23:04:53] <xlefay> hehe, never used linode before but I can see the appeal
[23:04:14] <NCommander> I've heard Linode Managed is amazing, but I don't think we need it
[23:03:58] <NCommander> As I said, they're pricy, but its a justified price tag
[23:03:53] <cosurgi> xlefay: nice! :)
[23:03:47] <NCommander> heh
[23:03:43] <xlefay> "Access denied" :P
[23:03:35] <xlefay> least linode checks access at each URL, that's good ;-)
[23:03:22] <xlefay> hah
[23:02:58] <xlefay> aah I see ;-)
[23:02:53] <NCommander> (there's one you can't see called lighthouse)
[23:02:48] <NCommander> xlefay, I need to get linode to move my personal node off the account though
[23:02:39] <NCommander> xlefay, I do consider linode an internim solution, but we can wait six months to a year before seriously looking at migrating
[23:02:14] <xlefay> NCommander: yeah makes sense
[23:02:01] <xlefay> cosurgi: http://www.imgdumper.nl
[23:01:46] <NCommander> As long as our monthing expenses don't float to over 500 USD, I'm pretty happy just adding what we need
[23:01:25] <NCommander> Linode actually justifies that damn price tag
[23:01:16] <NCommander> BIngo
[23:00:52] <xlefay> *atm*
[23:00:50] <xlefay> So, effectively, our nodes don't even pay for communicating with each other except for oxygen but that's low traffic atm
[23:00:33] <NCommander> New Policy: stuff bigger than a meg gets bittorrented :-P
[23:00:23] <NCommander> Unless we host a 2 GiB file somewhere
[23:00:16] <NCommander> As long as we're rate limiting, we aren't going to get killed
[23:00:14] <xlefay> Yeah, it is now hah
[23:00:08] <NCommander> *moot
[23:00:07] <NCommander> xlefay, so I think the point boot
[23:00:00] <xlefay> NCommander: ooh that's nice!
[22:59:54] <xlefay> Are they serious? Those graphs looks like they were drawn by a four year old
[22:59:46] <NCommander> xlefay, linode only charges outgoing bandwidth, not in
[22:59:39] <NCommander> xlefay, oh, BTW
[22:59:29] * xlefay just holy shit'd on stats.pl
[22:58:47] <xlefay> btw Landon, you here?
[22:58:43] <xlefay> (e.g. you don't want to get caught with your pants down configuring when you really need it [the load balancer, that is])
[22:58:11] <xlefay> Then I'd wait, if it took a shitload of configuring, I'd say better sooner than later
[22:58:07] <NCommander> $20 USD p month is chump change for load balancing
[22:57:54] <NCommander> xlefay, as best I can tell
[22:57:49] <xlefay> And the load balancer, is it near plug 'n play?
[22:57:48] <NCommander> We're fine. Round-robin DNS should do the trick
[22:57:42] <NCommander> Yeah
[22:57:39] <xlefay> Can Varnish handle it for now?
[22:57:26] <NCommander> xlefay, do we just want to plug a loadbalancer in?
[22:57:26] <xlefay> iirc, not every node is publicly advertised (well, the IPs and shit)
[22:57:10] <xlefay> That's true also, but they'd still need to know each node ;)
[22:56:42] <NCommander> They could just fire at each node round-robin
[22:56:34] <NCommander> xlefay, eh, what would per node bandwidth get us
[22:56:10] <xlefay> depending of course how linode deals with that
[22:56:02] <xlefay> Which is nice till a server gets it's ass DDoS'd heavily
[22:55:46] <NCommander> xlefay, when boron came up, another TB was added to our total bandwidth
[22:55:36] <NCommander> xlefay, the other nice feature is that bandwidth is pooled
[22:55:15] <NCommander> If we need to go larger than Linode 4096s, then its time to upgrade
[22:55:00] <NCommander> I rather have that then have shit break on the backend
[22:54:50] <xlefay> I think linode is pretty pricey, but then again you probably pay some for support in the monthly fee too
[22:54:37] <NCommander> xlefay, since we also don't get CPU throttled
[22:54:01] <NCommander> Which honestly means linode is roughly in the right market w.r.t. to pricing
[22:53:38] <NCommander> With the exception of lithium and oxygen, thats everything
[22:53:31] <NCommander> (aka, critical shit)
[22:53:30] <xlefay> Agreed
[22:53:27] <NCommander> But production/user-facing should be dedicated HW
[22:53:17] <NCommander> xlefay, oh, tahts OK
[22:53:13] <NCommander> We could probably colocate edge/staging on the same box
[22:53:12] <xlefay> Need a new dev server to play with? Clone, bam, it's up
[22:52:50] <xlefay> NCommander: it brings a lot of simplicity for us though
[22:52:46] <NCommander> Its OK for linode and dedicated providers
[22:52:34] <NCommander> xlefay, I'm not hugely thrilled with VPSing within ourselves
[22:52:34] <xlefay> and setup raspberry pi clusters :P and one service per cluster :D
[22:52:19] <xlefay> but we could go overboard :P
[22:52:11] <xlefay> Then you'll have to get at least a rack
[22:51:41] * NCommander actually wants everything that is a seperate node to be a seperate physical machine
[22:51:39] <xlefay> That's possible, but costy isn't it?
[22:51:31] <NCommander> xlefay, I'm thinking co-locating with a bunch of boxes
[22:51:22] <xlefay> Long term, I think hetzner or equilevant is best for us ;)
[22:51:21] <NCommander> xlefay, they're expensive, but the super is stupid good, the bandwidth is great, and we can go to per-meter billing if we want
[22:50:59] <xlefay> back when kimsufi still had the OVH panel and crap
[22:50:59] <NCommander> xlefay, to be honest, I rather just keep going the course with linode
[22:50:51] <xlefay> ovh used to be so much better tbh
[22:50:47] <NCommander> xlefay, I'll look into it later
[22:50:42] <xlefay> ah forget about it then
[22:50:40] <NCommander> xlefay, god, this is fucking balls
[22:50:36] <NCommander> and make an account
[22:49:47] <NCommander> I need my customer id
[22:49:44] <xlefay> gateways in different subnets, etc.. maybe they fixed that now
[22:49:42] <NCommander> ah
[22:49:28] <xlefay> least I remember it being trippy as hell
[22:49:15] * xlefay notes OVH network set up is fucking bullshit btw
[22:49:01] <xlefay> How so?
[22:48:53] <NCommander> xlefay, honestly, this is fine for backup, but we'd be nuts for a dedicated server w/ them
[22:48:53] <xlefay> https://www.ovh.com try signing in there NCommander
[22:48:50] <Landon> but I assumed the SN database would have account creation times, so I didn't bother making it too fleshed out
[22:48:38] <Landon> cosurgi: it's run every minute, even! just need to store the results
[22:48:21] <NCommander> This manager sucks
[22:48:19] <NCommander> Yeah
[22:47:39] <xlefay> it says managerv3, which isn't what you have apparently
[22:47:33] <xlefay> NCommander: ignore that one...
[22:47:28] <NCommander> Lets keep it that way
[22:47:26] <NCommander> xlefay, I'm not in love with them. oxygen is our big hocking harddrive in the cloud
[22:47:08] <NCommander> xlefay, http://lowendtalk.com
[22:46:53] * xlefay notes he used to log into ovh.com directly.. guess they made a new panel for kimsufi's
[22:46:40] <xlefay> That's gay, there isn't an expert mode available either?
[22:46:20] <NCommander> xlefay, it doesn't say
[22:45:59] <xlefay> Then we'll have enough boxes without having to get another one ;-)
[22:45:46] <xlefay> Or even use oxygen as the edge or staging
[22:44:39] <xlefay> lol ;)
[22:44:27] <NCommander> Part of being a firefighter is learning to deal with having !air
[22:44:13] * NCommander speaks from personal experience on that.
[22:44:09] <xlefay> If we have enough; we could even consider oxygen as another frontend server (for production) between the US & EU ;-)
[22:43:40] <NCommander> xlefay, I dunno, we could just keep using it until it stops working. That's the usual case for oxygen. You don't notice it until it suddenly goes away.
[22:43:12] <NCommander> xlefay, checking.
[22:43:05] <paulej72> I would like a backup for boron though, I could be included on another lightly used box
[22:43:03] <xlefay> control panel?
[22:43:00] <NCommander> xlefay, I ... don't know?
[22:42:41] <xlefay> So how much bw does oxygen has?
[22:42:34] <NCommander> even kerberos is paying dividines
[22:42:26] <NCommander> No fucking kidding
[22:42:18] <xlefay> I think ldap already paid itself off
[22:42:11] <xlefay> NCommander: that's bullshit ;-)
[22:42:08] <NCommander> ^- hahah, bitches, I was right. See, I have VISION!
[22:41:57] * NCommander notes he was told that we don't have enough machines to justify the headache of LDAP
[22:41:54] <paulej72> si
[22:41:51] <xlefay> paulej72: what NCommander said
[22:41:45] <xlefay> err
[22:41:37] <NCommander> xlefay, that was a happy mistake. lithium is an extremely apt name for the dev server
[22:41:16] <paulej72> sounds better than lithium as the backup
[22:41:14] <xlefay> NCommander: how much bandwidth on oxygen?
[22:41:09] * NCommander likes essential machines being noble gases, and slash boxes named after highly reactive elements :-)
[22:40:50] <NCommander> and sodium can be a reducent machine for web
[22:40:17] <NCommander> and neon can become our new DB backup (that box is one giant single point of failure)
[22:40:02] <NCommander> So we get nitrogen and floride
[22:39:51] * NCommander knew he forgot an element when he setup oxygen
[22:39:49] -!- janrinok has quit [Quit: leaving]
[22:39:43] <NCommander> Say hello to nitrogen
[22:39:38] <xlefay> staging, copy of which DB?
[22:39:21] <NCommander> paulej72, we've got an unused one I'm going to repurpose
[22:39:10] <paulej72> so now we need two more boxes?
[22:38:43] <NCommander> dev is our sandbox (and I want to rename it dogfood :-)
[22:38:29] <NCommander> staging is lastest slashcode against copy of the database
[22:38:22] <NCommander> edge is lastest slashcode running against production database
[22:38:04] <xlefay> Which was?
[22:37:53] <NCommander> xlefay, name dev to staging? I rather go back to the original plan on this
[22:37:39] <NCommander> xlefay, wow, its awesome when our expectations meet reality. What a novelity
[22:37:35] <xlefay> edge, paycheck, what else?
[22:37:31] <xlefay> SO ANYWAY
[22:37:22] -!- LaminatorX has quit [Quit: Web client closed]
[22:37:12] * xlefay actually thought it would be that stupid.
[22:37:04] <xlefay> oh well.. worth a shot
[22:37:01] <test> No quotes found with the text 'Bender'
[22:37:00] <xlefay> !quote Bender
[22:36:59] <test> done - nick
[22:36:59] Bender is now known as test
[22:36:58] <NCommander> The bot needs a sense of self
[22:36:55] <Bender> changing nick to test
[22:36:55] <xlefay> !nick test
[22:36:44] <NCommander> ...
[22:36:42] <Bender> I don't know what Bender said, so I can't quote them!
[22:36:42] <NCommander> !grab Bender
[22:36:41] <Bender> Also in quotes: 2, 5, 6, 7, 8, 9, 10, 11, 12, 13, 15, 17, 18, 19, 21, 22, 23, 25, 27, 28, 29, 30, 31, 32, 33, 35, 37, 42, 43, 46, 52, 53, 54, 55, 58, 61, 62, 66, 79, 80, 81, 82, 83, 84, 85, 86, 87, 89, 90, 91
[22:36:37] <Bender> Quote 0 - <NCommander> mattie_p, I dunno, are you going to mail me an explosive device if I have you edit ANOTHER 3k novel?
[22:36:37] <NCommander> !quote NCommander
[22:36:35] <Bender> No quotes found with the text 'Bender'
[22:36:34] <NCommander> !quote Bender
[22:36:31] <Bender> No quotes found with the text 'Bender'
[22:36:31] <NCommander> !quote Bender
[22:36:24] <Bender> Also in quotes: 2, 5, 6, 7, 8, 9, 10, 11, 12, 13, 15, 17, 18, 19, 21, 22, 23, 25, 27, 28, 29, 30, 31, 32, 33, 35, 37, 42, 43, 46, 52, 53, 54, 55, 58, 61, 62, 66, 79, 80, 81, 82, 83, 84, 85, 86, 87, 89, 90, 91
[22:36:20] <Bender> Quote 0 - <NCommander> mattie_p, I dunno, are you going to mail me an explosive device if I have you edit ANOTHER 3k novel?
[22:36:20] <NCommander> !quote NCommander
[22:36:18] <xlefay> Quotational bait.
[22:36:17] <paulej72> NCommander: no you only play a madman on TV
[22:36:17] <Bender> quote <ID/search string>
[22:36:17] <NCommander> !quote
[22:36:15] <janrinok> OK guys I'm out of here. Have a good one!
[22:36:05] <xlefay> damn you
[22:36:04] <Bender> Added quote 91
[22:36:04] <xlefay> !grab NCommander
[22:36:00] <NCommander> ... well, ok, I'm a madman, but I have a sense of sanity
[22:35:58] <Bender> Added quote 90
[22:35:58] <xlefay> !grab NCommander
[22:35:48] <NCommander> paulej72, of course. I'm not a madman
[22:35:37] <paulej72> NCommander: we should test the theme stuff on edge first with the dev db so we can see if it breaks anything there first
[22:34:29] * NCommander seriously needs a paycheck from project ;-/
[22:34:29] <xlefay> That would seem wise, yes
[22:34:20] <NCommander> xlefay, I actually need to my normal job
[22:34:05] <NCommander> SHit
[22:34:05] <xlefay> (That means, it's done tomorrow, maybe the day after)
[22:33:57] <Bender> todo item 11 added
[22:33:57] <NCommander> !todo make edge a thing
[22:33:36] <NCommander> xlefay, I think we need to poof edge into existence
[22:33:27] <NCommander> There's now and then
[22:33:20] <NCommander> xlefay, I want skins fully dynamic
[22:33:13] <NCommander> xlefay, ?
[22:33:09] <xlefay> doesn't give me what I want tho
[22:33:05] <xlefay> NCommander: stupid and perfect
[22:33:05] <NCommander> shit, my todo list just got longer
[22:32:48] <NCommander> Actually, that's perfect
[22:32:37] <janrinok> lol
[22:32:32] <NCommander> janrinok, some things I have ready made macros
[22:32:32] <paulej72> xlefay: add that quote manualy please
[22:32:20] <janrinok> that was a quick bit of typing NCommander
[22:32:20] <xlefay> That's fucking stupid btw
[22:32:06] <NCommander> NO GRAB
[22:32:01] <NCommander> I'm a fucking moron
[22:31:58] <NCommander> .... I just realized we could do edge that way
[22:31:56] * xlefay sighs
[22:31:52] -!- mrcoolbp has quit []
[22:31:49] <mrcoolbp> = )
[22:31:49] <NCommander> xlefay, you need a seperate vhost for each theme
[22:31:43] <xlefay> mrcoolbp: ttyl ;)
[22:31:43] <NCommander> paulej72, not a problem, I'll hold the release team hat and set the goals for each slashcode release
[22:31:41] <xlefay> NCommander: how so?
[22:31:35] <mrcoolbp> I'm off for now, guys, catch you all later
[22:31:29] <paulej72> I am up for that, but I have never done this before
[22:31:28] <NCommander> xlefay, no.
[22:31:23] <xlefay> paulej72: is the theme support good?
[22:31:08] <NCommander> paulej72, what I want to do is get slashcode to the point we can do a formal MM.YY release, and then production goes from stable to stable
[22:30:42] * LaminatorX is a big fan of formal release processes.
[22:30:28] <xlefay> mrcoolbp: damn you were _TOO_ late1
[22:30:25] <mrcoolbp> ah crap, missed it..
[22:30:17] <Bender> Added quote 89
[22:30:17] <mrcoolbp> !grab NCommander
[22:30:17] <NCommander> paulej72, I want to get a plan for the next release of slashcode, and then go through a formal release process
[22:30:06] <LaminatorX> It seems appropriate.
[22:30:03] <NCommander> paulej72, so he's what I want to do
[22:30:00] <NCommander> LaminatorX, similar to the current journal
[22:29:55] <paulej72> OK a feature request then. Not a bug fix :)
[22:29:53] <NCommander> LaminatorX, if we do this, I want a new slashbox that gives you a list of articles on various nexuses
[22:29:30] <NCommander> paulej72, its something that never worked if we ever had it
[22:29:21] <NCommander> paulej72, its possible there's something in slash already. There's a ton of notification code in places index.pl (i.e., nagging people to subscribe)
[22:29:09] <paulej72> I just want to make sure that this is not something I broke :)
[22:29:04] <xlefay> e.g. show it to go off when there's 60 submissions left, that'll give you a nice safety net
[22:28:42] <paulej72> NCommander: this is a feature that we never had correct?
[22:28:28] <xlefay> NCommander: I would say, if there are less then X submissions show a highlight about it ;-)
[22:27:45] <SkyNet> ^^
[22:27:28] <NCommander> An occassional reminder to users that they should submit?
[22:27:17] <NCommander> paulej72, can we get that put back into the theme or something?
[22:26:57] * mrcoolbp watches as the submissions slowly dissapear...
[22:26:38] <xlefay> NCommander: so there's where I stole that suggestion from ;-)
[22:26:29] <LaminatorX> There will surely be a honeymoon, but my hope is that when it's over our new equilibrium will be higher.
[22:26:18] <NCommander> xlefay, eh, slashdot used to pop automatic messages at the top about submissions and the site is powered by them
[22:26:17] <xlefay> in a weeks time, most people will think "aah others are submitting enough, I can stop."
[22:25:53] <xlefay> I think it's very likely this "boost" of submissions is only temporarily
[22:25:04] <xlefay> NCommander: should work
[22:24:49] <NCommander> LaminatorX, I'm going to hurt you :-P
[22:24:39] <Bender> Added quote 88
[22:24:39] <xlefay> !grab LaminatorX
[22:24:32] * LaminatorX ducks.
[22:24:29] <LaminatorX> How about SoylentCloud and SoylentBI?
[22:24:24] <NCommander> LaminatorX, we probably should color code the various nexuses
[22:24:11] <NCommander> xlefay, hrm, maybe we should add a wildcard, *.dev. should go to dev. That should get Apache vhosting to do the right thing
[22:23:42] <NCommander> LaminatorX, that requires a fair bit of backend setup due to DNS and such. Write up a list of test nexuses, what topics go to what nexuses, and I'll look at getting dev changed this week to experiment
[22:23:27] <cosurgi> Landon: ^
[22:23:23] <cosurgi> This graph actually greps the irclogs, so it relies on you to invoke !current-uid from time to time. Maybe we could ask Landon to set the bot to run it at least once per 24h. Then I could automate creating this graph with no missing points.
[22:23:18] <LaminatorX> Right.
[22:23:09] <NCommander> LaminatorX, that requires creating new Nexuses. It should (theorically) work
[22:23:08] <LaminatorX> With that, we totally could do 40-50 stories a day without spamming main.
[22:22:50] <NCommander> LaminatorX, i.e., yro.slashdot.org?
[22:22:36] <LaminatorX> NCommander, can we do a trial on dev for topics pages, main page split?
[22:22:14] <NCommander> I think we got our new slogan no matter what the name is
[22:22:05] <janrinok> NCommander: I like it!
[22:21:58] <mrcoolbp> NCommander: saw that, I like it
[22:21:40] <janrinok> I will bask in the warm fuzzies for a while then
[22:21:37] <NCommander> Changing the world, one geek at a time
[22:21:37] <NCommander> We just got a slogan suggestion I love
[22:21:35] <cosurgi> janrinok: maybe I should automate doing this graps. That should be a quite simple cronjob...
[22:21:30] <NCommander> Holy cap
[22:21:21] <janrinok> we opened it up to everyone - before that it was invite only I think cosurgi
[22:21:14] <LaminatorX> It remains to be seen whether this pace is a good thing or not, but for the moment I'm happy to let the warm fuzzies flow.
[22:20:50] <cosurgi> I wonder what happened about 2014.02.24, We had a huge jump from 2700 to 3200 users.
[22:20:27] <LaminatorX> That's probably a record, and we didn't even start until well into the morning.
[22:20:00] <janrinok> LaminatorX: we managed to get 29 stories out for Monday - that is a very good effort!
[22:19:31] <cosurgi> unfortunately I have no earlier data. I guess that 2014.02.22 is when the command !current-uid was implemented (by Landon I suppose)
[22:19:05] <janrinok> at least it is still climbing!
[22:18:38] <cosurgi> janrinok: thx. I did it while talking with you about posting stories :)
[22:18:20] -!- mode/#staff [-o cosurgi] by SkyNet
[22:18:20] <cosurgi> .deop
[22:18:18] cosurgi changed topic of #staff to: http://cosurgi.info
[22:18:15] -!- mode/#staff [+o cosurgi] by SkyNet
[22:18:15] <cosurgi> .op
[22:18:10] <janrinok> cosurgi: nice graph!
[22:17:38] <cosurgi> .topic http://cosurgi.info
[22:17:28] <LaminatorX> Some amount of queueing and delay is absolutely necessary. We don't have 24-hour on-shift editors.
[22:17:08] <janrinok> SkyNet: I'm leaving it LaminatorX's capable hands
[22:15:12] <janrinok> Yes, but changes to the software are not top priority at the moment. Once everyone gets on top of their areas we should be able to move forward to the new ideas list.
[22:14:29] <cosurgi> s/modigy/modify/
[22:14:12] <cosurgi> janrinok: hmm.. maybe we could modigy the engine a little bit. So that it shows "accepted" but allows for delay. Maybe giving info "accepted, delayed" ?
[22:14:12] <SkyNet> you stopped posting?!
[22:14:08] <janrinok> I'm just finishing 3.5 hours of full rate non-stop editing. I'm knackered!
[22:13:17] <janrinok> We save some of the non-time critical for quiet periods - but people still complain.
[22:12:39] <janrinok> But it doesn't show as accepted until I process it and put it in the release list - and that is something that many _did_ complain about. They had to wait many hours to see their story.
[22:12:32] <cosurgi> janrinok: OTOH it must be hard to decide about the order. Some mey be really urgent, some may be simply interesting but not urgent..
[22:11:40] <cosurgi> janrinok: I understand. But when people see that it was "accepted" they will just wait patiently until it shows up.
[22:10:46] <janrinok> string*
[22:10:32] <janrinok> cosurgi: You tell 'em why we are not printing their particular story then - they would sting me up after we've been asking for more submissions if all we did was let them die.
[22:09:11] <cosurgi> janrinok: yes, it was definitely too slow, before LaminatorX's call for submissions.
[22:07:51] <janrinok> I can't give you a list of names cosurgi but we have had _lots_ of people saying that there weren't enough stories going out. We decided today that, with a full sub list, we would see what effort was involved and what users say. Your comment is noted - because I can't keep going at this speed either!
[22:07:22] <xlefay> paulej72: sure but then it'd spoof the sender.. can you set a global sender for it?
[22:07:00] <paulej72> xlefay: can we set it to directly connect to the mail server?
[22:06:28] <paulej72> I did that and it does not seem to use that
[22:06:27] <xlefay> wait
[22:06:25] <xlefay> oh
[22:06:14] <janrinok> lol
[22:06:14] <cosurgi> janrinok: who want to go faster? :)
[22:06:05] <mrcoolbp> janrinok: oh I definitely have seen that to be true
[22:06:04] <xlefay> paulej72: can you make it use /usr/bin/mail instead of connecting to localhost?
[22:05:56] <janrinok> cosurgi: ^^^
[22:05:47] <janrinok> Some want us to go faster, some want us to go slower. We just can't win ;)
[22:05:44] <paulej72> by:Slash::Utility::System:/srv/soylentnews.org/local/lib/perl5/site_perl/5.10.1/x86_64-linux/Slash/Utility/System.pm:249
[22:05:43] <paulej72> xlefay: [Mon Mar 24 21:04:06 2014] [error] /users.pl:Slash::Messages:/srv/soylentnews.org/local/lib/perl5/site_perl/5.10.1/Slash/Messages.pm:554:Error sending to 'mrcoolbp@gmail.com' for user 68: /usr/bin/mail not found\nconnect to localhost failed (Connection refused)\nconnect to localhost failed\nconnect to localhost failed (Connection refused) no (more) retries! ;; Which was called
[22:05:37] <cosurgi> janrinok: maybe more like 50-70 minutes would be good... but that's just my humble opinion.
[22:05:13] <cosurgi> janrinok: I still think that's too often...
[22:03:41] <janrinok> cosurgi: ^
[22:03:31] <janrinok> Don't worry, we are slowing down to 1 every 30-45 minutes now that we have cleared a chunk of the subs list
[22:03:11] <paulej72> xlefay: you are now admin on dev
[22:03:01] <mrcoolbp> = )
[22:02:54] <paulej72> mrcoolbp: yes I am trying to get mail forwarding working :)
[22:02:34] <xlefay> paulej72: can you make it use /usr/bin/mail instead of connecting to localhost?
[22:02:33] <cosurgi> janrinok: ;-) IMHO better give people a bit more time.
[22:02:05] <mrcoolbp> paulej72: surely you have more important things to do then to reset my password on dev.soylent ....
[22:01:57] <janrinok> cosurgi: you'll have to learn to read faster.... ;)
[22:01:25] <paulej72> by:Slash::Utility::System:/srv/soylentnews.org/local/lib/perl5/site_perl/5.10.1/x86_64-linux/Slash/Utility/System.pm:249
[22:01:24] <paulej72> xlefay: [Mon Mar 24 21:00:27 2014] [error] /users.pl:Slash::Messages:/srv/soylentnews.org/local/lib/perl5/site_perl/5.10.1/Slash/Messages.pm:554:Error sending to 'mrcoolbp@gmail.com' for user 68: connect to localhost failed (Connection refused)\nconnect to localhost failed\nconnect to localhost failed (Connection refused) no (more) retries! ;; Which was called
[21:59:46] <Bender> The current maximum UID is 3944, owned by LazyBoot
[21:59:46] <cosurgi> !current-uid
[21:57:42] * cosurgi has problems catchin gup
[21:57:25] <xlefay> so you gotta change send_mail variable
[21:57:18] <cosurgi> janrinok: I think that you went too fast with posting more news.
[21:57:16] <xlefay> paulej72: didn't NC say it was dissallowed?
[21:57:02] <xlefay> I'll just use the good ol' pass reset
[21:56:59] <paulej72> [Mon Mar 24 20:54:42 2014] [error] /users.pl:Slash::Messages:/srv/soylentnews.org/local/lib/perl5/site_perl/5.10.1/Slash/Messages.pm:554:Not allowed to send mail; send_mail variable is false ;; Which was called by:Slash::Utility::System:/srv/soylentnews.org/local/lib/perl5/site_perl/5.10.1/x86_64-linux/Slash/Utility/System.pm:249
[21:56:57] <xlefay> "The password for mrcoolbp was emailed to its registered email address. It will remain valid for 3 days."
[21:55:49] <xlefay> I'm only admin @ regular site, not @ dev
[21:54:37] <paulej72> http://dev.soylentnews.org if you are an admin you should see force user to verify account
[21:53:22] <xlefay> paulej72: what's the URL to reset & what info's?
[21:53:08] <xlefay> Good luck.
[21:52:35] <NCommander> Ugh
[21:52:34] * NCommander has to do his day job today
[21:52:28] <NCommander> Documentation: got to love it
[21:52:00] <xlefay> https://help.ubuntu.com <-- good thing I've got that open
[21:51:31] <NCommander> xlefay, you might just want to set apparmor to complain mode, then suck on syslog
[21:51:18] * xlefay sighs
[21:50:29] <paulej72> xlefay: done
[21:50:03] <xlefay> paulej72: can you re-try emailing?
[21:49:29] <xlefay> probably only works if there's something to report
[21:49:10] <xlefay> also.. it seems aa-logprof only worked once for me
[21:49:03] <NCommander> for apps it executes
[21:48:58] <NCommander> xlefay, there's a way to get Apache to get it to look at its own profile
[21:48:42] <paulej72> xlefay: before I sent the email I restarted apache
[21:48:39] <NCommander> (ix)
[21:48:38] <xlefay> Does Apache's profile allow Mail's profile to take affect?
[21:48:38] <NCommander> xlefay, whatever Apache starts inherts its permissions
[21:48:24] <xlefay> So, do I make a profile for /usr/bin/mail or do I include those in Apache?
[21:48:12] <xlefay> This is how it works, right: Apache starts /usr/bin/mail, /usr/bin/mail wants /bin/hostname, right?
[21:47:51] <xlefay> actually, paulej72, I don't think it was related to apache directly
[21:47:32] <NCommander> I fail obviously :-)
[21:47:28] * NCommander facepalms
[21:47:25] <NCommander> ....
[21:47:22] <xlefay> NCommander: I just started aa-logprof..
[21:47:18] * NCommander couldn't get it to attach, I wrote the file from the entirity of the error log in syslog
[21:47:04] <NCommander> xlefay, you got aa-logprof to work with httpd?
[21:47:02] <paulej72> xlefay: I just did a restart and apache will get the hostname when setting up its config
[21:46:44] <NCommander> xlefay, ahahahahah
[21:46:10] <xlefay> why the hell does it want to execute hostname -.-
[21:46:03] <xlefay> Execute: /bin/hostname
[21:46:02] <xlefay> Profile: /srv/soylentnews.org/apache/bin/httpd
[21:46:00] <xlefay> ok:
[21:45:59] <xlefay> aa-logprof IS AWESOME!!
[21:45:42] <paulej72> xlefay: email sent
[21:45:24] <xlefay> dang NC, time for a smoke ;-)
[21:45:18] <xlefay> let's see if it works ;-)
[21:44:45] <paulej72> OK emails seem to be blanked and I have set mine and mrcoolbp's back to mormal
[21:44:30] * NCommander wrote something like 15 commenst on the incorperation page
[21:44:19] * NCommander stops typing
[21:43:56] <xlefay> Well, try to send a mail when you can (and highlight me, please); I just reloaded the apparmor profile, as described in the manual, I want to know if we can forget restarting the webserver itself or not
[21:42:39] <paulej72> not yet seeing if the email setting took first
[21:42:16] <xlefay> paulej72: you set back mrcoolbp's e-mail?
[21:41:11] <xlefay> when they do, that is
[21:41:03] <xlefay> paulej72: let's just hope no-one forgets blanking out users e-mail addresses...
[21:40:42] <paulej72> xlefay: for now no we will not be taking on a new db dump for each deploy
[21:38:52] <xlefay> (don't forget to add that MySQL query in your deploy script, I'm guessing you also take a dump from the prod DB when deploying?
[21:38:08] <xlefay> I'm worried about spamming all users in the DB and crippling the SVC server while doing so
[21:38:06] <paulej72> I'll kill the email addresses
[21:37:50] <xlefay> I'm not worried about fucking up the db
[21:37:37] <paulej72> I guess if fuck up the db, we can always reimport
[21:37:16] <paulej72> hell I don't know
[21:36:09] <xlefay> And there aren't any other quirky email stuff going on?
[21:35:58] <paulej72> should be able to set that to no email for all users
[21:35:32] <xlefay> paulej72: daily story emails? etc..
[21:35:05] <paulej72> no can't blank users emails. need them for password resets
[21:34:41] <xlefay> and just manually re-set back your own e-mails
[21:34:20] <xlefay> was afraid of that, paulej72 you do the blanking?
[21:34:09] <NCommander> else you'll cause eeryone to get "daily story emails"
[21:34:06] <xlefay> NCommander: I just set up, ssmtp > SVC - so they can e-mail ;-)
[21:34:00] <NCommander> Don't re-enable it without blanking out the email database on dev (update users set email = '')
[21:33:46] <NCommander> (the master switch is set to off)
[21:33:42] <NCommander> Email is disabled on dev
[21:33:28] <NCommander> xlefay, yeah
[21:33:05] <xlefay> paulej72: now I'm sure it just uses the local smtp
[21:32:38] <xlefay> break*
[21:32:36] <xlefay> nothing will get slashy and brak?
[21:32:28] <xlefay> paulej72: aah, makes sense. NCommander after setting it into apache's config, service apache restart?
[21:32:09] <xlefay> That's just the mass mail plugin right?
[21:32:08] <paulej72> xlefay: I have a variable for smtp_server and it is currently set to localhost
[21:32:00] <NCommander> xlefay, you'll have to add it to the apparmor config
[21:31:50] <NCommander> xlefay, sounds about right
[21:31:45] <xlefay> https://github.com
[21:31:44] <xlefay> wait..
[21:31:17] <paulej72> xlefay: I am not sure if slash uses /usr/bin/mail. I think it has its own server possibly
[21:30:47] <xlefay> NCommander: ?
[21:30:34] <xlefay> but I'm fairly sure it can't do that because of apparmor
[21:29:54] MrBluze is now known as MrBluze|afk
[21:29:35] <xlefay> paulej72: doesn't matter, everything sent from the "slash" accounts gets re-written to noreply-dev@soylentnews.org, of course that still requires slash to use /usr/bin/mail
[21:28:48] <paulej72> xlefay: adminmail var is set to admin@dev.soylentnews.org
[21:28:38] <LaminatorX> Hey.
[21:28:22] <mrcoolbp> LaminatorX: just saying "hi"
[21:28:08] <xlefay> paulej72: not even lithium shows it in it's logs
[21:28:02] <LaminatorX> Yes?
[21:27:46] <mrcoolbp> hey LaminatorX
[21:26:13] LaminatorX|afk is now known as LaminatorX
[21:26:09] <mrcoolbp> hrm
[21:25:11] <xlefay> not seeing anything in svc's logs yet
[21:24:45] <paulej72> Just sent a password reset email from dev. lets see if it gets through
[21:23:30] <xlefay> just e-mail from whatever e-mail address is configured, as long as it comes from the slash user it'll originate from noreply-dev@soylentnews.org
[21:22:59] <mrcoolbp> heh
[21:22:55] <xlefay> sorry I was eating a sandwich first ;-)
[21:22:50] <xlefay> mrcoolbp: paulej72: seems to be working
[21:17:29] <mrcoolbp> xlefay: let me know when you get it setup if you would
[21:10:59] <mechanicjay> ok
[21:10:39] <xlefay> I'm going to make it 'noreply-dev@soylentnews.org' to keep that separation
[21:10:20] <xlefay> I know
[21:09:41] <mechanicjay> xlefay: postfix will need an account for ssmtp to auth against.
[21:03:28] <mrcoolbp> = (
[21:03:00] <xlefay> they have flash text headers -_-"
[21:02:46] <xlefay> icscard's website is weird...
[21:02:16] <paulej72> ok as I just locked out mrcollbp on dev as I sent a password reset emial to dev null
[21:02:08] <xlefay> (unless anyone has a better idea? that is)
[21:01:41] <xlefay> paulej72: I'll install ssmpt on it so it can use the SVC's box to send e-mails ;-)
[21:01:19] <paulej72> send
[21:01:11] <paulej72> dev can't sen email correct
[20:56:46] <xlefay> That's the only issue with slash & SSL atm but besides that, it just works if you go back to https, you stay signed in, etc.
[20:56:23] <xlefay> well it does... slash just redirects you to http now, but you stay signed in on https
[20:56:00] <paulej72> xlefay: the website really does not work with https either
[20:55:06] <xlefay> paulej72: as long as that doesn't get deployed on prod till the webchat's been moved that's fine but the current webchat doesn't allow https
[20:53:41] <paulej72> I will use // so it will pass http or https depending on the what the user is currently using
[20:53:30] <xlefay> once*
[20:53:07] <xlefay> I'll set up a rewrite rule ones chat = https only so you don't have to change anything later on
[20:52:54] <xlefay> paulej72: Yes, make it http://chat.soylentnews.org for now (instead of https, just in case this gets deployed in advanced o prod, it'll still work)
[20:52:23] <paulej72> xlefay: do you want me to redo the IRC url?
[20:51:53] <paulej72> We need people to test on dev so we can get this out to production
[20:50:52] <NCommander> mechanicjay, don't let the VMS bugs bite
[20:50:46] <xlefay> This is true ;-)
[20:50:43] * mechanicjay goes to freak out
[20:50:42] <NCommander> mechanicjay, we'll be here
[20:50:41] <xlefay> You once mentioned your age to me so ;-)
[20:50:34] <mrcoolbp> well you were only off by 100 years
[20:50:32] <mechanicjay> I need to go for a walk before I burn down my workstation, my laptop and the building I work in.
[20:50:31] <xlefay> mrcoolbp: I was guessing ;-)
[20:50:05] * mrcoolbp notes it's weird that xlefay knows what year he was born in
[20:50:01] <mattie_p> NCmomander: yeah, saw that.
[20:49:58] * NCommander is not a huge fan of the "Read More" bubbles
[20:49:52] <NCommander> paulej72, looks like it rolled out fine
[20:49:43] <paulej72> NCommander: Yes it does and I have the new stuff up on dev
[20:49:36] <xlefay> err, yeah 1984 :P
[20:49:32] <mrcoolbp> = )
[20:49:29] <mrcoolbp> actually I was born in 1984...
[20:49:14] <xlefay> mrcoolbp: "destroying thought trains since 1884" ;)
[20:49:02] <NCommander> paulej72, ok, it works great now
[20:48:54] * mrcoolbp is just doing his job
[20:48:36] <NCommander> mrcoolbp, damn it, stop destroying my trains of thought
[20:48:27] <NCommander> test rollout
[20:48:25] <NCommander> er
[20:48:19] <NCommander> paulej72, I fixed it, running a test vote
[20:48:14] <mrcoolbp> NCommander: if you have time I'd like to touch base on the voting system
[20:47:54] <NCommander> mattie_p, the editoral team ended our story drought shortly after it was posted so I bumped it on the main index
[20:47:20] <mattie_p> NCommander reading the novel now, somehow I missed it yesterday
[20:47:16] <xlefay> FunPika: we haven't really started
[20:47:14] <NCommander> FunPika, probably
[20:47:09] <FunPika> You guys are still going to try to get LDAP running on CentOS?
[20:46:31] <xlefay> That said, how about we both take a look at that ldap stuff for SVC?
[20:46:15] <xlefay> we've already got two of our own deb's for li694-22, so one OS will mean every sys can use our debs ;)
[20:46:12] <NCommander> paulej72, let me edit your script
[20:46:09] <NCommander> paulej72, oh, fuck, you are missing something
[20:46:01] <paulej72> NCommander: when I do the make install on slash
[20:45:50] <xlefay> mechanicjay: btw, one awesome thing about having one platform
[20:45:37] <NCommander> paulej72, that's a perl module
[20:45:34] <mattie_p> I can womp something up, but I'll be a couple hours doing it due to kids and stuff
[20:45:32] <NCommander> paulej72, with apache?
[20:45:19] <paulej72> NCommander: I am getting these errors: Can't locate DBIx/Password.pm
[20:45:16] <mattie_p> I haven't touched it since I sent it
[20:45:08] <NCommander> FunPika, nah, fine as is
[20:45:04] <NCommander> mattie_p, what's the latest draft version of it?
[20:45:02] <FunPika> http://wiki.soylentnews.org Right now the WhosWho has dev/sys all under one header...should it be split again?
[20:44:56] <mattie_p> NCommander, you want me to send that email or will you do it?
[20:44:49] <NCommander> mattie_p, I wrote another novel
[20:44:42] <mattie_p> oh, I thought I was summoned
[20:44:37] <xlefay> There's technically still two functional teams
[20:44:23] <xlefay> To be honest, that merge is shitty
[20:44:11] <NCommander> FunPika, no, its remained its own bubble with a lot of overlap
[20:43:59] <Bender> input 9) upstart job for apache 10) replace mysql SSL certifcates/change soylent password for DB access
[20:43:58] <NCommander> !more
[20:43:52] <FunPika> wait, wasn't sys merged with dev making paulej72 the leader of it
[20:43:52] <Bender> todo for ncommander: 1) make sure install-slashsite installs proper schema 2) quit smoking 3) look at rewiring pollbooth for SERIOUS votes 4) write up YAFAP for nethack 5) find volunteer who may be willing to work on mod_perl rework effort 6) clean production database of unused vars/tables from Tags/FIrehose/Achievements 7) fix slashboxs 8) email to FSF/SPI w/ mattie_p - 1 more
[20:43:52] <NCommander> !todo
[20:43:52] <mechanicjay> NCommander: IDK, since zford left, we'd all just kind of been one big happy family.
[20:43:50] <NCommander> oops
[20:43:48] <NCommander> I think I mentally delgated and didn't tell anyone
[20:43:39] <xlefay> Thought no-one was re-elected after zford
[20:43:36] * NCommander needs to write the org chart
[20:43:27] <NCommander> mechanicjay, I thought you were
[20:43:26] <xlefay> Guess I should have asked you technically :P
[20:43:17] <xlefay> I didn't know that either in that case, mechanicjay, since I already joined Sys, I hope you don't have any objections ;)
[20:42:53] <mechanicjay> NCommander: I am?
[20:42:31] <NCommander> mechanicjay, BTW, I know your head of sys/IS, so I hope you don't mind I stepped on your toes by going physco on the backend
[20:42:21] <mrcoolbp> interesting read: https://github.com
[20:41:46] <NCommander> mechanicjay, https://www.gnu.org - what I plan to do with the old services box :-)
[20:41:38] * xlefay definitely ducking *doesn't want to get smacked*
[20:41:31] <xlefay> I never used Gopher to be honest...
[20:41:25] <xlefay> ah k
[20:39:32] <NCommander> xlefay, I'm going the HURD route for april fools because frankly, I don't think I'm going to find free time between now and then
[20:38:58] <NCommander> xlefay, with what free time :-P
[20:38:27] <xlefay> did you ever finish that?
[20:38:24] * NCommander tries to picture an AJAX'ed lynx
[20:38:22] <xlefay> oooh
[20:38:19] <NCommander> xlefay, I wanted our gopher interface to be that
[20:38:10] <xlefay> $ cat 'article' # plain text ftw.
[20:37:48] <xlefay> NCommander: I mean, like a terminal ;-)
[20:37:35] <NCommander> xlefay, plugins/Ajax
[20:37:24] <NCommander> xlefay, we have an AJAX interface
[20:37:10] <xlefay> I'm still waiting for that ajax term interface to cat articles and stuff.
[20:36:58] <NCommander> paulej72, pull it. Worst you do is commit horrible bloody death
[20:36:54] <xlefay> also, who's doing the frontend stuff?
[20:36:39] <paulej72> If no one objects, I am about to pull the trigger on a new slash deploy on dev
[20:36:22] <NCommander> mechanicjay, that being said, I want to bring up a HURD node for april fools, and seup hurd.soylentnews.org
[20:36:09] <xlefay> Agreed
[20:36:09] <NCommander> mechanicjay, that's what motd and drugs are for
[20:35:15] -!- pbnjoe [pbnjoe!~pbnjoe@Soylent/Users/313/pbnjoe] has joined #staff
[20:35:11] <mechanicjay> Right, but there's no reason to be confusing for no reason, and so standardization on 1 distro is the way to go. Then you don't need remember which soylent boxes are which
[20:34:35] * NCommander likes fish, they're extremely tasty
[20:34:22] <xlefay> Did anyone try this Fish thingy ?
[20:33:52] * NCommander doesn't *hate* pkgsrc, but compared to apt ...
[20:33:42] <NCommander> xlefay, ... ports ... ick ...
[20:33:39] <xlefay> mechanicjay: honestly though, it doesn't matter much - as long as everything runs smoothly, it's all good :)
[20:33:33] <mechanicjay> NCommander: I know, it's okay.
[20:33:32] <NCommander> paulej72, as root
[20:32:53] <xlefay> Although, I second FreeBSD :P
[20:32:52] <paulej72> NCommander: Run the script as root or slash?
[20:32:44] <NCommander> mechanicjay, I never meant to be a nazi on distro :-/
[20:32:44] <xlefay> mechanicjay: well fortunately she's a hottie ;-)
[20:32:16] <mechanicjay> I think though that for the near term getting it kerberized and ldapified should be fine -- also getting some of the config straitened out.
[20:31:46] <mechanicjay> NCommander: xlefay: as everything else is currently Ubuntu, my little services box is feeling like the red-headed step child. As it's unlikely to convince everyone that SuSE or FreeBSD is the way forward, I concede that when that machine gets rebuilt, it should be....Ubuntu.
[20:31:06] <NCommander> paulej72, add "service slash restart" ,and I find its best to stop everything (slash last) thens tart.
[20:30:18] * NCommander shuts up
[20:30:16] <NCommander> wait
[20:30:15] <NCommander> er
[20:30:12] <NCommander> (slashd will explode due to permissions)
[20:30:06] <NCommander> paulej72, *dont* deploy as root, you will break stuff
[20:30:04] <xlefay> xlefay: I understand that, I'm just looking into how that would work with postfix for instance, LDAP would do auth and such, but one can probably set up mappings between domains & ldap user groups
[20:29:56] <NCommander> -rwx------ 1 root root 318 Mar 24 19:23 deployslash.sh
[20:29:56] <NCommander> paulej72, slash@lithium:~/src$ ls -lah deployslash.sh
[20:28:47] <NCommander> paulej72, looking
[20:28:45] <NCommander> xlefay, ldap isn't picky abotu DNS. I wanted to put a hosts file in LDAP, but we discovered that just puts NSS in an infinite loop
[20:28:20] <paulej72> NCommander: I have a deploy script set up on dev: /srv/soylentnews.org/src/deployshash.sh. Can you take a look and let me know if this looks sane for this system. I am deploying out of slashcode which I just did a fresh pull from master
[20:26:35] <xlefay> Probably have to set up mappings, etc. *goes to look it up* ;-)
[20:26:07] <xlefay> (just a curiosity)
[20:26:01] <xlefay> To be honest, I don't think authing against ldap is a bad idea, but I am curious how it'd work with virtual domains, etc..
[20:25:30] <xlefay> ._.
[20:25:27] <xlefay> err, ldap
[20:25:12] * xlefay considers ducking
[20:25:06] <xlefay> so mechanicjay, next thing, integrating ldap with postgresql? :)
[20:24:55] * NCommander bumps his article on the page queue
[20:24:24] <NCommander> you know, BURN THE HERETIC MACHINE
[20:24:22] <xlefay> e.g. one or two OS's in an environment is generally more than enough
[20:24:19] <NCommander> and backport openssh on it and ...
[20:24:12] <xlefay> I don't mind it either, but I prefer things to be standard ;-) that said, I don't care if it stays CentOS
[20:23:57] <NCommander> We just need to figure out how to connect it to LDAP/KRB
[20:23:48] <NCommander> And I don't mind if we leave it centos
[20:23:44] <NCommander> I don't mind diversity
[20:23:30] <NCommander> svc is our walled in netware server. That machine gets no love
[20:23:25] * xlefay pats SVC
[20:23:14] <xlefay> I have to say tho mechanicjay, since most of our stuff is running Ubuntu now, it seems SVC is a bit left out :<
[20:22:34] * xlefay ducks
[20:22:33] <xlefay> NCommander: now all you need to do is also make an RPM for the SVC machine ;-)
[20:22:13] <NCommander> Yay for centralized package management :-)
[20:22:00] <xlefay> ^
[20:21:56] <NCommander> But this might be a case where we just recompile it against openssl and stuff it in the PPA
[20:21:45] <xlefay> That's like MediaWiki being theoretically compatible with PostgreSQL, we all know it's bullshit
[20:21:43] <NCommander> (legal reasons actually)
[20:21:38] <NCommander> I know why Ubuntu and Debian ship with slapd compiled gnutls vs. openssl
[20:21:24] <NCommander> "theorically fully compatible"
[20:21:15] <xlefay> gnutls is fully compatible isn't it?
[20:21:05] * xlefay sighs
[20:21:04] <NCommander> (I have no fucking clue why, but it didn't work until I redid it with gnutls)
[20:21:00] <xlefay> li694-22 Certificate Authority, here we come!
[20:20:53] <NCommander> xlefay, one gotcha. slapd doesn't work with openssl certs
[20:20:43] <NCommander> Instead the million of one self-signed certificates
[20:20:37] <xlefay> Then let's make one.
[20:20:26] <NCommander> Honestly, we need a proper certificate authority for internal DNS
[20:20:04] <xlefay> So it can slurp its way throughout the nodes ;-)
[20:20:02] <NCommander> (kerberos is a non-critical service, but its fucking awesome to have)
[20:19:51] <NCommander> maybe even kdc on oxygen
[20:19:50] <xlefay> Yep
[20:19:40] <NCommander> xlefay, we need to get slurp setup
[20:19:38] <xlefay> that's fugly
[20:19:36] <xlefay> PING pub.oxygen.li694-22 (91.121.158.169) 56(84) bytes of data.
[20:19:28] <xlefay> PING oxygen(2001:41d0:1:dfa9::1) 56 data bytes
[20:19:27] <NCommander> xlefay, that fixed it
[20:19:00] <NCommander> xlefay, http://web.mit.edu
[20:18:46] <NCommander> xlefay, I think I can make kerberos ignore rdns
[20:18:41] * NCommander grumbles
[20:18:35] <NCommander> xlefay, it is in hosts
[20:18:34] <xlefay> are we planning on having a lot of off-site servers? Guess the answer is no?
[20:18:22] <xlefay> Unless I create the reverse 10.8.0 zone...
[20:17:46] <xlefay> actually, you have to do that or add it in /etc/hosts
[20:17:38] <NCommander> xlefay, I can add pub.oxygen.li694-22 principle if need be
[20:17:29] <NCommander> xlefay, yeah, kerberos is really picky about DNS
[20:17:10] <xlefay> ooh...
[20:17:07] <NCommander> (ping from boron)
[20:16:54] <NCommander> xlefay, its resolving itself as pub.oxygen.li684-22
[20:16:51] <xlefay> hmm
[20:16:45] <NCommander> xlefay, which broke kerberos
[20:16:41] <NCommander> xlefay, rdns broke
[20:16:34] <NCommander> paulej72, we might just disable caching on dev for SAN reasons. I used an identical varnish file to test it
[20:16:11] <NCommander> :-)
[20:16:10] <NCommander> paulej72, service varnish restart
[20:15:57] <paulej72> Next I need to know if we should purge the varnish cache on updating slash and if so what is the best command to do this.
[20:15:53] <xlefay> ~ $ ssh oxygen.li694-22 <===== awesome
[20:15:39] <xlefay> aah of course
[20:15:29] <NCommander> xlefay, you can get to it by SSH proxy, its failing kerberos authetication, checking
[20:15:16] <paulej72> NCommander: two things I need, First we need to tune mysql on dev to not hog resources. Not sure what the best settings are for this.
[20:15:07] <xlefay> I was about to check the logs, just linking MJ to some ldap docs you wrote
[20:14:46] <NCommander> xlefay, kerberos authetication failing
[20:14:39] <NCommander> xlefay, huh ... its there
[20:14:20] <NCommander> mechanicjay, I picked it out of your home folder
[20:14:15] <mechanicjay> NCommander: I'm all set now, xlefay filled in my gaps in knowledge.
[20:13:47] <mechanicjay> NCommander: I did read some of it, didn't realize you got my key setup already.
[20:13:20] <NCommander> xlefay, fuck
[20:13:18] <NCommander> mechanicjay, pfft, didn't you read the loads of shiny documentation I wrote?
[20:13:09] <xlefay> NCommander: we can't access oxygen.
[20:12:58] <NCommander> is back
[20:06:01] <xlefay> paulej72: I'll have to give him a password for that ;-)
[20:05:51] <paulej72> mechanicjay: can you kinit?
[20:05:24] <mechanicjay> sob -- it works today!
[20:05:13] <paulej72> mechanicjay ssh to staff.soylentnews.org
[20:05:07] <xlefay> but you ssh in via boron
[20:04:58] <xlefay> it's in ldap, you can ssh into any
[20:04:55] <mechanicjay> staff?
[20:04:51] <mechanicjay> which box?
[20:04:40] <mechanicjay> oh
[20:04:28] <xlefay> actualy, mechanicjay, your ssh key is already in, doesn't it work?
[20:03:47] <xlefay> mechanicjay: can you send your pubkey to me?
[20:02:16] * mrcoolbp wonders if he should just shutup sometimes
[20:02:02] <mrcoolbp> = (
[20:01:51] <xlefay> mrcoolbp: but he hasn't said anything in the past 15 minutes, that's why I'm offering so NC can focus on getting paulej info regarding the dev server ;-)
[20:01:50] <mechanicjay> oh, xlefay very good
[20:01:13] <mrcoolbp> xlefay: he is back ^^
[20:00:41] <xlefay> mechanicjay: I can probably help you with that since NC isn't back yet
[19:59:18] -!- mode/#staff [+v FunPika] by SkyNet
[19:59:18] -!- FunPika [FunPika!~FunPika@Soylent/Staff/Wiki/FunPika] has joined #staff
[19:55:57] * mechanicjay asks NCommander nicely if we get his keys setup.
[19:55:30] * mechanicjay smacks NCommander for nuking everyone's access over the weekend.
[19:55:04] <mechanicjay> NCommander: okay, I thought that was the case. And now that you're here....
[19:47:21] <NCommander> mechanicjay, varnish is an identical setup to production
[19:47:21] <paulej72> OK
[19:47:10] <NCommander> paulej72, fuck. Let me give you my two cents in a minunte
[19:46:45] <paulej72> NCommander: I am trying to get dev setup to do a slash update, but right now mysql is starting too many child processes.
[19:45:56] * NCommander is reading the feedback
[19:45:50] <xlefay> Morning.
[19:45:49] <NCommander> *morning
[19:45:45] <NCommander> moning
[19:45:37] <paulej72> yes looking for the setting
[19:44:41] <xlefay> That can probably be lowered considering Varnish & Memcache
[19:44:22] <paulej72> 31 children
[19:43:36] <xlefay> That's what you get for using MySQL; it having children just makes things even worse.
[19:43:16] <paulej72> mysqld has a bunch of children that are taking up a lot of memory each
[19:40:39] <xlefay> and it really does make sense from Varnish's position, it already listens for HTTP requests, so why not just listen for another one instead of having a secondary interface ;-)
[19:40:09] <paulej72> yes I noticed the swap and high memory useagge
[19:40:08] <xlefay> paulej72: because that's the way varnish is made, a varnish-cli would still send that HTTP request.
[19:39:41] <paulej72> why do we send commands to varnish through http? that seems silly. Can't I have a real command to purge.
[19:39:22] <xlefay> Woa, that dev box is swapping like crazy
[19:38:31] <xlefay> error 429 "Too many requests; 400 TB not accepted"; # hah, I love it ;-)
[19:38:09] <xlefay> Yes, PURGE from localhost @ dev would do it
[19:37:04] <xlefay> *Probably* something like this: 'curl -X "PURGE /" varnish'
[19:36:07] <paulej72> yes, but what command do we need for a full purge
[19:36:00] <xlefay> Yeah, let me check the varnish config on dev
[19:35:46] <mechanicjay> xlefay: purge would be preferable
[19:35:42] <xlefay> Purge is probably better, no?
[19:35:18] <xlefay> mechanicjay: paulej72: you probably don't want to use 'ban'
[19:34:47] <mechanicjay> not sure how varnish is setup on dev
[19:34:38] <paulej72> xlefay: no 96 is still open
[19:34:37] <xlefay> https://www.varnish-cache.org
[19:34:31] <mechanicjay> paulej72: I think this guide should be helpful: http://mesmor.com Requires a stanza on the varnish side though
[19:34:29] <xlefay> paulej72: from what I understand, you'll have to make a specific HTTP "purge" request to varnish directly from the servers localhost
[19:33:45] <mrcoolbp> paulej72: absolutely, somehow I pulled out the "includes" last time. I won't make that mistake again
[19:33:13] <paulej72> mrcoolbp: yes make sure to use the same formatting and divs as about.shtml, so that it will look nice on the page.
[19:32:03] <paulej72> Do you have a command for that as I am not a varnish guy
[19:32:03] <xlefay> https://github.com can be closed right?
[19:31:35] <mrcoolbp> paulej72: Laminator is hoping to have FAQ.shtml finished soon, should I throw in HTdocs and "pull request" when finished?
[19:31:23] <paulej72> I am writing a slash deploy script for dev and that is the last thing i need.
[19:31:19] <xlefay> I would yea
[19:30:39] <paulej72> xlefay: do we need to purge varnish on a slash rebuild?
[19:29:56] <xlefay> mrcoolbp: paulej72: it doesn't matter, you can also use http://chat.soylentnews.org for now, it'll just redirect to SSL soon
[19:29:32] <xlefay> mechanicjay: https://github.com
[19:29:11] <mrcoolbp> martyb was the big helper on those
[19:28:46] <paulej72> organization template
[19:27:51] <mrcoolbp> moderation.shtml and about.shtml ?
[19:27:18] <paulej72> yes I just saw that, I got those links from mrcoolbp I believe, but I could be wrong
[19:25:53] <xlefay> (in your commit, that is)
[19:25:47] <xlefay> paulej72: did you get notified about my comments?
[19:24:36] * mrcoolbp knows of no Jake
[19:24:25] * mrcoolbp know of no Jake
[19:22:35] <xlefay> @ github, he's in the SN team
[19:22:21] <mechanicjay> ?
[19:21:52] <xlefay> Who's Jake?
[19:21:02] <xlefay> auto-deploy when Github says there's something new merged in ;-)
[19:20:40] <xlefay> Just use hooks
[19:20:36] <xlefay> cron sucks for it
[19:20:29] <paulej72> cron can do it
[19:20:21] <paulej72> yes we can auto deployy on dev
[19:19:50] <xlefay> I'm fairly sure we can just forget Gerrit and use GitHub for doing QA and crap, auto-deploy on dev etc.
[19:19:05] <mechanicjay> ah, gotcha
[19:18:28] <xlefay> Agreed, I'm saying auto deploy @ dev
[19:18:11] <mechanicjay> I would argue strongly against an auto deploy to prod. I'm a firm believer than a final go-live should involve a button push, so at least you know someone is paying attention.
[19:17:53] <xlefay> Gerrit > Github > Dev > ? > Production?
[19:17:38] <xlefay> Github > Gerrit > Dev > ? > Production?
[19:17:22] <xlefay> I wonder how the workflow would be
[19:16:56] <xlefay> I think we'll use git-hooks to auto deploy at some point in time, least, that is if we trust everyone who can bypass Gerrit in the future, which no-one should be able to imo ;-)
[19:16:53] <paulej72> OK I found the slashcode git repo on dev
[19:15:31] <mechanicjay> :) take your pick. I think the best worst though. As in it's a great example of a terrible way to do something.
[19:14:53] Cyprus is now known as Cyprus|mountingswitches
[19:14:40] <xlefay> It's all the same, but it works still which is great ;-)
[19:14:27] <xlefay> worst of the best?
[19:14:23] <xlefay> best of the worst?
[19:14:05] <mechanicjay> It's probably the worst (best?) example I can think of for the "Hey we need something up fast! I got it, here!"...and almost 2 months later it's still going ;)
[19:13:25] <mrcoolbp> thanks
[19:13:22] <xlefay> Actually, I'm fairly sure we'll be using something like Gerrit.
[19:13:06] <mechanicjay> mrcoolbp: Please continue to use it, if we want to keep something like it around, I'll build another vm and import the db. I just kinda want there to be a sunset for my laptop being the slashcott server ;)
[19:11:56] <mrcoolbp> mechanicjay: while you are talking about nukin it, mind if I make a story submission, edit, post in order to see the whole process? (can be deleted after)
[19:10:41] <mechanicjay> I'm happy to host a vm, but it needs to be done differently
[19:10:17] <mechanicjay> ...I mean, it's running as a virtualbox vm on my laptop, propped ontop of my server in the basement...just so you understand why I want to do something different with it.
[19:10:10] * mrcoolbp goes to check
[19:09:47] <paulej72> mechanicjay: I think there may be some content on SC that people may want to save.
[19:09:40] <mrcoolbp> aye
[19:09:28] <mechanicjay> mrcoolbp: it is, but I don't want to nuke it until I know it's no longer needed
[19:09:03] <paulej72> Yes I agree mechanicjay. I also plan on using a scrip like the one for SC that you setup so it will be a simple deploy
[19:08:56] <mrcoolbp> mechanicjay: I think dev.soylent is a replacement for slashcott no?
[19:08:25] <mechanicjay> Ideally, it's be nice to fire it off with a script the way we could on slashcott (is that still being used, btw?)
[19:07:55] <mechanicjay> paulej72: Someone should corner NCommander and have him walk through the deployment. FWIW, the deployment process on slashcott is from some earlier version of his instructions, so it's probably similar. I just don't know what specifics the production server may have changed since then.
[19:07:23] <mrcoolbp> paulej72: we should really have someone else that can do that (at least in the future) as he will always be busy setting up NFPs and such
[19:06:04] <paulej72> A lot of shit is fixed already, it just needs to be applied to the site. Right now NCommander is the only one who has deployed code to production or dev. Without his involvement i am not sure when things will be updated.
[19:04:25] <mrcoolbp> paulej72: any idea on a timeframe of when we can deploy code? From what I understand there are a lot of pull requests awaiting deployemtn
[19:03:33] <mrcoolbp> hopefully a lot of that will be resolved shorty, but we do need a cetral location people can goto that has a general idea of where we stand....
[19:02:57] <mrcoolbp> this is interesting: http://soylentnews.org
[19:01:44] <paulej72> priority levels added
[19:01:01] <xlefay> let me just reply that on the request ;-)
[19:00:49] <mechanicjay> xlefay: completely agree
[19:00:41] <xlefay> That would give more flexibility long-term + would allow the editors to still reply quickly.
[19:00:21] <xlefay> mechanicjay: exactly, essentially, I think it would be easier if there are ready to use "reply templates" which can be inserted and edited to include the full/real reason and be sent as a PM instead of just a checkbox
[18:59:13] <mrcoolbp> sure is, but with a list 100-long, it might help them take a step back
[18:59:12] <mechanicjay> xlefay: I agree. I'll admit, I felt discouraged after a rejected story a week or so ago.
[18:58:44] <xlefay> In the end of course, it's up to the devs to decide whether they'll follow the recommendation of those who set the priorities.
[18:58:10] <mrcoolbp> xlefay: yes, some others could be prioritized too
[18:57:19] <xlefay> e.g. the sooner we start doing that, the happier people will be to submit new things, it'd be better for the site long-term ;-)
[18:57:19] <paulej72> Let me set up priority labels
[18:57:12] <mrcoolbp> paulej72: any way to give priority to a bug on the tracker?
[18:56:56] <xlefay> mrcoolbp: I didn't say it was a bug. It's a feature request, obviously, but if we can give it a priority it'd be nice.
[18:56:48] <mrcoolbp> xlefay: is he posting on SN still?
[18:56:47] NerdRPG-Cheater is now known as FoobarBazbot
[18:56:39] <mrcoolbp> lol
[18:56:34] <xlefay> yes, a 400TB one
[18:56:32] FoobarBazbot is now known as NerdRPG-Cheater
[18:56:31] <mrcoolbp> xlefay: and It's not really a critical bug
[18:56:16] <paulej72> we were troll feeding? I missed it,
[18:56:08] <mrcoolbp> there's no "Priority" label xlefay
[18:54:51] <mrcoolbp> sure
[18:54:33] <xlefay> I would put that request as a priority though, it'll help the site in the long-term
[18:53:35] <mrcoolbp> paulej72: https://github.com
[18:53:10] <xlefay> Hey, we stopped feeding the troll, good ;-)
[18:44:35] <mrcoolbp> er uh... you know what I mean
[18:44:26] <mrcoolbp> o problem
[18:44:22] <paulej72> thanks
[18:44:17] <mrcoolbp> yessir
[18:44:11] <paulej72> can you add the one about rejection notices as a feature request
[18:43:52] <mrcoolbp> thank you!
[18:43:40] <mrcoolbp> I would leave it to you to decide critical vs non-critical if I add bugs
[18:43:17] <mrcoolbp> got it, I'll mostly be adding and labeling feature requests
[18:42:56] <paulej72> main
[18:42:45] <paulej72> you now have access. I have been using Critical bug, non critical bug and feature request as my min identifiers
[18:42:16] <mrcoolbp> I will only help organize bugs as per my admin@ contact responsibilities
[18:41:37] <mrcoolbp> not a problem at all.
[18:41:12] <paulej72> mrcoolbp: if you are willing to follow these rules I'll give you access.
[18:40:30] <paulej72> Yes that is what I mean. You would have the ability to merge code with the repo. Currently we do not directly merge code to the repo, we publish code on our own repos and do pull requests to the main repo. Noone should merge their own code until it has been signed offed by someone else in dev.
[18:37:54] <mrcoolbp> you'd have to define: responsibility, but I won't touch anything I'm not supposed to if that's what you mean
[18:37:24] <paulej72> mrcoolbp: the way we have the tracker setup, I would need to give you full access to the slashcode repo. I can do this if you want the responsibility
[18:35:47] <mrcoolbp> but I'm pretty decent at following established conventions
[18:35:19] <mrcoolbp> unless you'd rather keep the organizing within your domain (I could understand that as well)
[18:34:44] <mrcoolbp> to help you out
[18:34:39] * mrcoolbp notes he should have that
[18:34:28] <paulej72> mrcoolbp: you may need greater access to apply labels
[18:34:15] <mrcoolbp> https://github.com
[18:33:55] <mrcoolbp> can't figure out how to do it...
[18:33:50] <mrcoolbp> can I apply labels??
[18:33:44] <mrcoolbp> understood
[18:31:49] <paulej72> those two are different enough that I would want them seperate
[18:31:38] <xlefay> Two different things, two different issues, but "should include more than 10 stories" is more a request of sorts
[18:31:09] <mrcoolbp> okay will do, thanks xlefay
[18:30:55] <mrcoolbp> paulej72: example: bug #38 "RSS feed doesn't include summary" and I have "RSS feed should include more than 10 stories"
[18:30:45] <xlefay> mrcoolbp: we can reference issues, I'd say just create a new issue, we can reference issues whenever we see they are actually related
[18:29:54] <mrcoolbp> paulej72: wrt to github tracker: would you rather a similar issue get posted as a comment to an issue or as a separate issue?
[18:29:07] <mrcoolbp> lol
[18:28:42] <xlefay> err, mechanicjay: thanks! *
[18:28:04] <mrcoolbp> saying "hey" ?
[18:27:48] <mrcoolbp> thanks for what?
[18:27:38] <xlefay> mrcoolbp: hi :)
[18:27:36] <xlefay> mrcoolbp: thanks!
[18:27:22] <mrcoolbp> hey xlefay
[18:26:40] <xlefay> back
[18:18:33] <mrcoolbp> anyone familliar with our RSS feed?
[18:06:53] <mechanicjay> alright, DNS entries cleaned up. only stuff not being used was removed, so there should be no impact.
[17:58:07] * mechanicjay notes that if he had known the tomatoes on his sandwhich were going to be so bland and flavorless, he would have gone without.
[17:57:13] <mechanicjay> xlefay: okay, I'll go ahead and do it, just wanted a sanity check first.
[17:54:51] <Bender> karma - mechanicjay: 9
[17:54:50] <xlefay> mechanicjay++ for the dns clean up ;-)
[17:54:24] <xlefay> I gotta go eat though, bbs
[17:53:47] <xlefay> mechanicjay: am now
[17:51:05] <mrcoolbp> I'll throw it in "Suggestions" for now
[17:50:50] <mrcoolbp> I suggest the dev team to comment on implementing a system that would allow editors to reject a storry with a message that says "your story was rejected because x" (x= dupe, crappy, whatever)
[17:49:37] <mrcoolbp> "reasons" for rejected stories
[17:49:29] <mrcoolbp> A pattern I'm seeing is the suggestion that there are
[17:27:03] LaminatorX is now known as LaminatorX|afk
[16:52:48] <mrcoolbp> *BRB breakfast*
[16:47:33] <mechanicjay> okay, I want to clean up DNS and remove unused/dead entries, but don't want to operate in a vacuum.
[16:46:42] <mrcoolbp> not that I've seen yet
[16:46:31] <mechanicjay> Are NCommander, xlefay or audioguy in the house?
[16:44:49] <mechanicjay> 5 w/ mailboxes
[16:40:53] <mrcoolbp> (xlefay said only one person responded to his email offering sn address)
[16:40:11] <mrcoolbp> mechanicjay: how many people are using mailboxes (squirell mail)?
[16:39:38] <mrcoolbp> hey mechanicjay
[16:39:36] <janrinok> hi mechanicjay
[16:38:34] <mechanicjay> Hi all
[16:33:07] <mrcoolbp> janrinok: thanks for the link, I'm collecting these on: http://wiki.soylentnews.org
[16:21:09] <janrinok> brb
[16:20:32] <janrinok> mrcoolbp: There are a few comments in NCommander's thread regarding voting and polling solutions. I suspect that you have looked at many but http://electoralreform.co.uk is mentioned in one of them. No idea of cost but user Open4D (371) has offered to find out if you want him to.
[16:15:45] <mrcoolbp> it's mostly talking about how they came up with it
[16:15:37] <mrcoolbp> unfortunately the youtube video isn't showing as much of the software as I hoped
[16:12:41] <mattie_p> if the music even contains a human voice she gets upset
[16:12:21] <janrinok> lol OK you know best, I suppose
[16:12:21] <mattie_p> she has her instrumental music on and everything
[16:12:10] <mattie_p> nah, she's on a roll, and I know better then to interrupt when she is like this
[16:11:38] <janrinok> mattie_p: Tell her she can hold her post here for a few minutes while you both watch YouTube together.....
[16:11:29] <mattie_p> FOSS software so we can self host
[16:11:14] <mattie_p> but based on text looks very promising
[16:11:01] <mattie_p> I'd watch the youtube, but wife is typing next to me and doesn't like distractions when she is writing
[16:10:59] <mrcoolbp> we *need* SOMETHING like that
[16:10:42] <mrcoolbp> if only it didn't use JavaScript....
[16:09:38] <janrinok> mattie_p: I like the look of that
[16:09:17] <mattie_p> mrcoolbp first I've seen it
[16:09:13] <mrcoolbp> I'd love to visit france!
[16:08:27] <janrinok> NW France. When we moved here 7 years ago we were on the edge of a small village. Now there are houses being built around us, but we still have a good size plot of land for the garden. The front is a formal (but untidy) garden, and the rear is a veggie plot. We also have a small (and since the storm, smaller) copse of trees.
[16:08:24] <mrcoolbp> https://intertwinkles.org
[16:08:23] <mrcoolbp> mattie_p: did you see this yet?
[16:07:14] * mrcoolbp searches around for his gardening gloves
[16:06:59] <mrcoolbp> where are you located janrinok?
[16:06:44] <janrinok> Come round sometime, I've got a spare spade! ;)
[16:06:06] <mrcoolbp> I have an apartment with no yard = (
[16:05:58] * mrcoolbp is jealous of your garden
[16:04:44] <janrinok> OK. Still a little tired but that will pass. Had workmen here today repairing the last of the damage from the storm some weeks back. Now I have no excuse not to go into the garden and start straightening it out!
[16:03:17] <mrcoolbp> not bad, and yourself?
[16:03:05] <janrinok> LaminatorX's plea has had an effect, at least for today. I just hope it continues. How are you by the way?
[16:02:28] <mrcoolbp> what happened?
[16:02:25] <mrcoolbp> janrinok: saw that!
[15:59:35] <janrinok> hi guys - riches beyond my wildest dreams!
[15:54:45] <mattie_p> alright, see you in a few
[15:53:56] <mrcoolbp> BRB
[15:53:52] <mrcoolbp> I think you did help actually.
[15:53:34] <mattie_p> sorry I couldn't help more
[15:53:25] <mrcoolbp> thanks
[15:53:21] <mattie_p> sounds like a plan
[15:53:14] <mrcoolbp> okay, I'm going to respond to him and try to clarify before I do anything else
[15:52:38] <mattie_p> Mattie p (Talk | contribs | block) (administrator) (Created on 7 February 2014 at 20:26)
[15:52:18] <mattie_p> yes
[15:52:14] <mrcoolbp> I have admin, do you?
[15:51:33] <mattie_p> like, how to edit it
[15:51:22] <mattie_p> I don't know where to look at the user db on wiki though
[15:51:16] <mrcoolbp> I see him
[15:50:48] <mattie_p> NowhereMan (Talk | contribs | block) (Created on 12 February 2014 at 09:24)
[15:50:28] <mattie_p> try this: http://wiki.soylentnews.org
[15:50:27] <mrcoolbp> it's a strange case
[15:50:00] <mrcoolbp> mattie_p: his link to the wiki page showing users didn't really work for me either
[15:49:55] <mattie_p> yeah, for wiki I'd go to FunPika
[15:49:46] <mattie_p> and the email he used doesn't match that uid
[15:49:35] <mrcoolbp> I need FunPika...
[15:49:33] paulej72_away is now known as paulej72
[15:49:31] <mattie_p> yup
[15:49:22] <mrcoolbp> and that UID has another nick attached to it (forget who)
[15:49:06] <mrcoolbp> right
[15:48:50] <mattie_p> http://soylentnews.org
[15:48:24] <mattie_p> NowhereMan isn't a registered username on slash
[15:48:13] <mrcoolbp> (yes NowhereMan)
[15:47:27] <mrcoolbp> I could try a password reset on main I guess, but I think he is getting "no such user" attached to that email. it's hard to tell if his problem is on the wiki or main site from that email
[15:47:16] -!- Cyprus [Cyprus!~Cyprus@q-10-08-393-259.hsd3.tn.comcast.net] has joined #staff
[15:46:44] <mrcoolbp> and yes there's a wiki issue in there too
[15:46:28] <mrcoolbp> the UID he claims is tied to a different nick
[15:46:12] <mrcoolbp> it's really weird
[15:46:10] <mattie_p> NowhereMan?
[15:45:30] <mattie_p> yes, I saw it, but it looks like a wiki issue?
[15:45:16] <mattie_p> I was on the phone for a while with my bro, and then I had to share some of the stories with my wife
[15:45:10] <mrcoolbp> no problem, I sent a user to you the other day, did you see the email?
[15:44:51] <mattie_p> sorry I didn't link back up with you last night
[15:44:46] <mrcoolbp> good morning to you sir
[15:44:33] <mattie_p> by the way, good morning mrcoolbp
[15:44:27] <mattie_p> he's working through them right now
[15:44:16] <mattie_p> yeah, janrinok is on the case
[15:43:42] <mrcoolbp> wow, we have submissions again...
[15:41:51] -!- mode/#staff [+v mrcoolbp] by SkyNet
[15:41:51] -!- mrcoolbp [mrcoolbp!~mrcoolbp@Soylent/Staff/mrcoolbp] has joined #staff
[15:39:49] -!- mode/#staff [+v mechanicjay] by SkyNet
[15:39:49] -!- mechanicjay [mechanicjay!~jhowe@Soylent/Staff/Developer/mechanicjay] has joined #staff
[15:39:14] -!- mechanicjay1 has quit [Client Quit]
[15:38:44] -!- mechanicjay has quit [Ping timeout: 246 seconds]
[15:38:29] -!- mechanicjay1 [mechanicjay1!~jhowe@167.206.pq.yln] has joined #staff
[15:22:28] -!- mode/#staff [+v janrinok] by SkyNet
[15:22:28] -!- janrinok [janrinok!~janrinok@Soylent/Staff/Editor/janrinok] has joined #staff
[14:58:08] -!- mode/#staff [+v mattie_p] by SkyNet
[14:58:08] -!- mattie_p [mattie_p!~mattie_p@Soylent/Staff/Editor/mattiep] has joined #staff
[14:58:08] -!- mattie_p has quit [Changing host]
[14:57:43] mattp is now known as mattie_p
[14:56:02] -!- mattiep has quit [Ping timeout: 246 seconds]
[14:53:12] -!- mattp [mattp!~mattie_p@i-73-121-697-34.hsd8.co.comcast.net] has joined #staff
[14:36:26] -!- mode/#staff [+v mechanicjay] by SkyNet
[14:36:26] -!- mechanicjay [mechanicjay!~jhowe@Soylent/Staff/Developer/mechanicjay] has joined #staff
[14:22:26] -!- mechanicjay has quit [Ping timeout: 246 seconds]
[14:21:10] -!- matt_ has quit [Quit: Web client closed]
[14:14:06] -!- mode/#staff [+v LaminatorX] by SkyNet
[14:14:06] -!- LaminatorX [LaminatorX!~18d900fb@Soylent/Staff/Editor/LaminatorX] has joined #staff
[14:08:15] <MrBluze> done editing
[14:04:05] <matt_> NCommander, ok.
[14:03:21] <NCommander> matt_, I think I'm going to hold off until we see if someone volunteers to seriously go for international incorperation
[14:03:17] -!- mode/#staff [+v mechanicjay] by SkyNet
[14:03:17] -!- mechanicjay [mechanicjay!~jhowe@Soylent/Staff/Developer/mechanicjay] has joined #staff
[13:55:39] <matt_> NCommander, just saw your email. Shall I post the journal entry and send you the link, then?
[13:53:53] -!- mode/#staff [+v matt_] by SkyNet
[13:53:53] -!- matt_ [matt_!~4c76b3cf@t-59-991-957-035.hsd4.ma.comcast.net] has joined #staff
[13:52:27] <MrBluze> it's good NCommander :)
[13:42:04] <MrBluze> more than half done
[13:39:49] <MrBluze> editing
[13:37:59] -!- bytram|away has quit [Ping timeout: 246 seconds]
[13:28:39] * NCommander can't sleep
[13:21:53] -!- weeds has quit [Ping timeout: 246 seconds]
[13:10:38] <MrBluze> same
[13:09:27] bytram is now known as bytram|away
[13:06:08] <bytram> arg... and now I nee to stop and get ready for work. :/
[13:05:57] <bytram> MrBluze, doing well, thanks! Just catching up on e-mail and SN.
[13:05:27] <MrBluze> 6 more
[13:05:23] <MrBluze> hi bytram how u doin
[12:58:00] -!- mechanicjay|afk has quit [Quit: Leaving.]
[12:54:12] <Bender> The current maximum UID is 3944, owned by LazyBoot
[12:54:12] <bytram> !current-uid
[12:49:08] <bytram> good morning MrBluze!
[12:38:35] MrBluze|afk is now known as MrBluze
[12:19:55] -!- mode/#staff [+v bytram] by SkyNet
[12:19:55] -!- bytram [bytram!~pc@Soylent/Staff/Developer/martyb] has joined #staff
[12:01:43] MrBluze is now known as MrBluze|afk
[11:59:19] <xlefay> Me too, for now. Going to watch some episodes of a random show for now ;-)
[11:58:35] -!- FunPika has quit [Quit: Leaving]
[11:55:16] <xlefay> good night NCommander
[11:55:14] <xlefay> alright ;)
[11:47:17] * NCommander clocks out
[11:46:55] <xlefay> bbs
[11:46:24] <xlefay> actually, more like lunch at this point
[11:46:05] <xlefay> but later, first things first: breakfast
[11:45:54] <xlefay> I'll make a wiki page for Carbon, documenting it's set up - what it hosts, the configuration of what it hosts (only that which we want to reveal, naturally), etc.
[11:45:06] <xlefay> also, simply replacing the value might be easier since it's all working atm
[11:44:53] * NCommander will look later
[11:44:51] <xlefay> thought so
[11:44:47] <NCommander> xlefay, not yet
[11:44:45] <xlefay> and if so, what new hostname do you want to give it?
[11:44:44] <NCommander> xlefay, no ... bleh
[11:44:37] <xlefay> you sure you want to do that on production?
[11:44:26] <NCommander> xlefay, dpkg-reconfigure postfix
[11:44:26] <xlefay> btw, we should probably delegate "who manages which group" e.g. let's say we make "ircadmins" to replace the current "ircops" (so we can re-use that for regular /oper's later on), e.g. "ircops" & "ircadmins" can ssh into carbon, but only ircadmins (& sysops) should be able to sudo to root; in which case, I should be the one putting someone in ircadmins or not (as long as I'm the team leader of ircadmins that is)
[11:41:14] <xlefay> One downside about all this, there's dpkg-whatever, apt-whatever, etc... it's hard to keep track! :P
[11:40:58] <xlefay> might have been dpkg-config... I really have to learn all this stuff
[11:40:24] <xlefay> (iirc, debian/ubuntu show ncursus stuff when installing postfix)
[11:40:10] <xlefay> debconf.. is that what brings up the ncursus?
[11:40:03] <xlefay> Probably done via debconf?
[11:39:44] <NCommander> I have no idea who setup the MTA
[11:39:39] * xlefay sighs
[11:39:38] * NCommander notes that excuse is waning :-P
[11:39:28] <NCommander> xlefay, ... blame zford?
[11:39:20] <xlefay> and wth.. localhost.com?
[11:39:19] <NCommander> Greap
[11:39:16] <xlefay> That's why
[11:39:14] <xlefay> mydestination = soylentnews.org, localhost.com, localhost
[11:39:13] <xlefay> myhostname = soylentnews.org
[11:38:17] <xlefay> curious
[11:37:56] <NCommander> xlefay, don't change the config, I'm just curious why it accepted on behalf of @soylentnews.org
[11:37:38] <NCommander> xlefay, yeah
[11:37:22] <xlefay> also, NCommander good luck! (you'll need it when dealing with MySQL :P)
[11:37:10] <xlefay> anyway, the production MTA, you mean on hydrogen right?
[11:36:17] <xlefay> Sorry, I'm not going anywhere near there
[11:35:13] * NCommander evil laughs
[11:35:10] <NCommander> xlefay, speaking of which, mind replacing the MySQL SSL certs for me?
[11:33:08] <xlefay> I really just wish MySQL and derivatives would just die a cold and hard dead *sighs* Oh well, least I don't have to touch it
[11:32:33] <xlefay> <-- even starts writing badly out of excitement ;-)
[11:32:23] <xlefay> That it is* :D
[11:32:14] <xlefay> That is id ;D
[11:32:09] <NCommander> Thats a stupid sexy cache hit
[11:32:08] <xlefay> e.g. if you write the general statements properly, it'll just work, just ensure that the stored procedures work the same from the outside... and it'll just work
[11:32:03] <NCommander> xlefay, Hitrate avg: 0.8705 0.8705 0.8705
[11:32:01] <NCommander> xlefay, MySQL SQL is not generic :-P
[11:31:15] <xlefay> but honestly.... if you write proper generic SQL, it'll mostly just work, stored procedures and stuff make it somewhere more difficult, but that's another story
[11:30:49] <xlefay> Nah kidding I know
[11:30:44] <xlefay> Wow, they do?!
[11:30:35] <NCommander> xlefay, MySQL supports stored proceedures these days
[11:30:05] <xlefay> NCommander: sounds good ;-)
[11:30:00] * xlefay sighs these people have never heard of writing valid, proper SQL have they?
[11:29:30] <NCommander> xlefay, thanks. I set it in the hopper to go live at 13:00 UTC
[11:29:15] <FunPika> "Wikipedia uses MySQL so MediaWiki gets more testing on MySQL than PostgreSQL. While support for PostgreSQL is maintained by volunteers, most core functionality is working."
[11:29:07] <FunPika> xlefay: That's what I'm assuming based on https://www.mediawiki.org
[11:28:52] <xlefay> NCommander: it's well written, kudos! :)
[11:28:33] <MrBluze> im working on it right now
[11:28:25] <MrBluze> yes
[11:28:16] <NCommander> MrBluze, can you read it over when you get back, and edit?
[11:27:41] <NCommander> xlefay, fixed
[11:27:39] <NCommander> xlefay, and yeah
[11:27:37] <NCommander> xlefay, yeah
[11:27:07] <xlefay> NCommander: ^
[11:26:59] <xlefay> FunPika: so technically, we're pretty much required to keep using MySQL unless we care to maintain the PostgreSQL side ourselves in case the volunteers stop?
[11:26:19] <xlefay> s/hast/hash/?
[11:26:14] <xlefay> (MD5SUM salted hast)
[11:25:54] <FunPika> Basically it is maintained, but MySQL has the priority and PostgreSQL is only being maintained by volunteers contributing to MediaWiki's git repository, not by the Wikimedia Foundation's paid developers.
[11:25:49] <xlefay> NCommander: production as in the webserver?
[11:25:16] <NCommander> >N 1 noreply@soylentnew Mon Mar 24 06:49 21/893 SoylentNews user email change for NCommander
[11:25:16] <NCommander> "/var/mail/mcasadevall": 1 message 1 new
[11:25:16] <NCommander> xlefay, vmcasadevall@hydrogen:~$ mail
[11:25:08] <NCommander> xlefay, can you look at production's MTA setup. I got a local piece of mail to mcasadevall
[11:24:52] <xlefay> FunPika: can you elaborate on "theory"? Has it failed in the past? What are the concerns?
[11:24:07] <xlefay> I'm at: The Community Voting System and Voting For Our New Name
[11:20:24] <MrBluze> :)_
[11:20:12] <NCommander> MrBluze, NP
[11:19:50] <MrBluze> just getting a little rugrat to bed .. he keeps running off like a fizzpopper
[11:19:30] -!- SirFinkus [SirFinkus!~textual@l-64-313-06-125.hsd0.wa.comcast.net] has joined #staff
[11:19:11] <MrBluze> sup
[11:19:08] <MrBluze> im here
[11:18:59] -!- SirFinkus has quit [Quit: Textual IRC Client: www.textualapp.com]
[11:18:40] <FunPika> MediaWiki supports PostgreSQL in theory, however it is not perfect. MediaWiki development focuses on MySQL (or now more likely MariaDB) since that is what Wikimedia is using
[11:17:35] <NCommander> MrBluze, you awake yet?
[11:17:23] <xlefay> FunPika: does wiki support postgresql backend? if so, is it wise to migrate? etc.. brb, reading this piece of art
[11:17:21] <NCommander> xlefay, yup :-/
[11:17:00] <xlefay> NCommander: linode's alerts are wankers omg... just got an alert for carbon, all it's doing is serving as a tracker atm
[11:16:35] <NCommander> xlefay, thanks
[11:16:20] <FunPika> xlefay: ?
[11:15:42] <xlefay> should be "will be."?
[11:15:36] <xlefay> "who we are and what we will. "
[11:15:31] * NCommander just has to add a closing
[11:15:12] <xlefay> Thanks, reading ;)
[11:14:58] <NCommander> xlefay, enjoy your admin bits
[11:14:55] <NCommander> xlefay, http://soylentnews.org
[11:14:48] <xlefay> well I can ssh into it and probably give myself subits
[11:14:23] * NCommander wanted feedback
[11:14:19] <NCommander> darn
[11:14:10] <xlefay> No sir, I am not
[11:14:05] <NCommander> xlefay, are you admin on slash?
[11:14:03] <xlefay> FunPika: aah, just the one we paged earlier
[11:14:02] <NCommander> Ugh, almost done
[11:11:55] <xlefay> back ;)
[11:04:45] -!- mode/#staff [+v FunPika] by SkyNet
[11:04:45] -!- FunPika [FunPika!~FunPika@Soylent/Staff/Wiki/FunPika] has joined #staff
[10:59:56] <Bender> todo item 10 added
[10:59:56] <NCommander> !todo replace mysql SSL certifcates/change soylent password for DB access
[10:49:14] <MrBluze> or in a term of government
[10:44:16] <NCommander> Yeash, I constitute more than half the quotes file. That's more protein that in most stakes, or more truth than you get from most politicians in a daily allotment
[10:44:05] <xlefay> k, bbs forreal now ;-)
[10:43:44] * xlefay feels rather proud now.
[10:43:32] <xlefay> oh my.. I got that one
[10:43:28] <Bender> Quote 69 - <xlefay> <-- wishful thinker
[10:43:28] <xlefay> !quote 69
[10:43:26] * xlefay notes NC didn't get 69
[10:42:51] <xlefay> LOL
[10:42:50] <xlefay> So torrent is up; Landon should replace all wiki redirects to remove 'index.php/' and after my shower, I'll be continue doing stuff ;-)
[10:42:17] <NCommander> Exhausting an IP namespace is hardwork don't you know. Pfft, you slackers aren't doing anything to help!
[10:41:51] <xlefay> We could have ran out IPv4 a whole lot sooner ;-)
[10:41:25] <xlefay> I'm just glad IP addresses aren't assigned every time someone !qgrab's you
[10:41:24] <NCommander> :-)
[10:41:18] <Bender> Quote 66 - <NCommander> xlefay, if this Soylent shit doesn't work out, I'm just going to post a million NCommanderisms
[10:41:18] <NCommander> !quote 66
[10:40:56] <NCommander> At this rate, I'm going to have a monopoly on the 80 block
[10:40:44] <Bender> Also in quotes: 2, 5, 6, 7, 8, 9, 10, 11, 12, 13, 15, 17, 18, 19, 21, 22, 23, 25, 27, 28, 29, 30, 31, 32, 33, 35, 37, 42, 43, 46, 52, 53, 54, 55, 58, 61, 62, 66, 79, 80, 81, 82, 83, 84, 85, 86, 87
[10:40:40] <Bender> Quote 0 - <NCommander> mattie_p, I dunno, are you going to mail me an explosive device if I have you edit ANOTHER 3k novel?
[10:40:40] <NCommander> !quote NCommander
[10:40:37] <Bender> quote <ID/search string>
[10:40:37] <NCommander> !quote
[10:40:26] <xlefay> hah :p
[10:40:08] <NCommander> I rather have a funny file then idle my way into the top spot
[10:39:54] <xlefay> dammit :P
[10:39:49] <NCommander> WORTH IT
[10:39:45] <NCommander> -NerdRPG- Penalty of 0 days, 02:39:30 added to your timer for nick change.
[10:39:45] <NCommander> * You are now known as NCommander
[10:39:45] <NCommander> -NerdRPG- Penalty of 0 days, 02:39:30 added to your timer for nick change.
[10:39:45] <NCommander> xlefay,
[10:39:33] <xlefay> NCommander: so how much did that cost you in idlerpg?
[10:39:27] NotCommander is now known as NCommander
[10:39:21] <xlefay> :O
[10:39:19] <Bender> Quote 87 - <NCommander> <NCommander> * xlefay giggles like a little girl every time he sees them ;-)
[10:39:19] <xlefay> !quote 87
[10:39:18] <Bender> I don't know what 87 said, so I can't quote them!
[10:39:18] <NotCommander> !grab 87
[10:39:15] <Bender> Added quote 87
[10:39:15] <NotCommander> !grab NCommander
[10:39:12] NCommander is now known as NotCommander
[10:39:07] <NCommander> <NCommander> * xlefay giggles like a little girl every time he sees them ;-)
[10:39:00] <xlefay> ;')
[10:38:58] <Bender> Quote 86 - <NCommander> !grab NCommander
[10:38:58] <xlefay> !quote 86
[10:38:52] <Bender> Added quote 86
[10:38:52] <NCommander> !grab NCommander
[10:38:52] <NCommander> * xlefay giggles like a little girl every time he sees them ;-)
[10:38:43] * NCommander meant that as !grab bait :-P
[10:38:40] <xlefay> and see, that was a /me, you can't quote me on that
[10:38:34] * xlefay giggles like a little girl every time he sees them ;-)
[10:38:23] <xlefay> quite frankly, I don't mind seeing them either
[10:38:06] <NCommander> xlefay, frankly, if you're sick of seeing me in the quotes database, stop grabbing my quotes. They don't add themselves you know.
[10:37:49] <MrBluze> s/verbodeness/verbosity
[10:36:31] <xlefay> :P\
[10:36:24] <NCommander> xlefay, :-)
[10:35:52] <xlefay> dammit
[10:35:50] <Bender> Added quote 85
[10:35:50] <xlefay> !grab NCommander
[10:35:49] <Bender> Also in quotes: 2, 5, 6, 7, 8, 9, 10, 11, 12, 13, 15, 17, 18, 19, 21, 22, 23, 25, 27, 28, 29, 30, 31, 32, 33, 35, 37, 42, 43, 46, 52, 53, 54, 55, 58, 61, 62, 66, 79, 80, 81, 82, 83, 84
[10:35:45] <Bender> Quote 0 - <NCommander> mattie_p, I dunno, are you going to mail me an explosive device if I have you edit ANOTHER 3k novel?
[10:35:44] <xlefay> !quote NCommander
[10:35:35] <NCommander> xlefay, not my fault that I was combined with the unfortunate qualities of quotability and verboness
[10:27:28] <xlefay> Don't you think, that's just a LITTLE bit excessive?
[10:27:12] <xlefay> also, holy shit./
[10:26:57] <xlefay> Bender: s/mattie/MrBluze/
[10:26:47] <Bender> Also in quotes: 2, 5, 6, 7, 8, 9, 10, 11, 12, 13, 15, 17, 18, 19, 21, 22, 23, 25, 27, 28, 29, 30, 31, 32, 33, 35, 37, 42, 43, 46, 52, 53, 54, 55, 58, 61, 62, 66, 79, 80, 81, 82, 83, 84
[10:26:43] <Bender> Quote 0 - <NCommander> mattie_p, I dunno, are you going to mail me an explosive device if I have you edit ANOTHER 3k novel?
[10:26:43] <xlefay> !quote NCommander
[10:05:22] <xlefay> e.g. "_autodiscover._tcp" could mean anything to anyone, but some know it's for auto discovery of mailservers ;-)
[10:04:58] <xlefay> (although, most of it is self explanatory, some things aren't for the non-dns trained eye)
[10:04:43] <xlefay> mechanicjay|afk: ping, can we clean up the soylentnews.org zone file some time and document it?
[09:18:40] * xlefay segfaults
[09:18:38] <xlefay> "NOTE: Changes made to a master zone will take effect in our nameservers every quarter hour. "
[09:17:36] <xlefay> honestly... I hate the firefox copy 'n paste of URLs
[09:09:13] <NCommander> xlefay, yay
[09:08:31] <xlefay> http://50.116.18.95
[09:08:26] * xlefay notes NCommander is going to like this
[08:06:16] -!- LaminatorX has quit [Quit: Web client closed]
[07:43:56] * NCommander notes apparmor is a bit weird in this regard, as is selinux
[07:43:56] <xlefay> I'm first testing with apparmor a bit before I go onto apache/lithium
[07:43:47] <NCommander> I'm not sure
[07:43:32] <xlefay> /usr/lib/postgresql/9.3/bin/ => usr.lib.postgresql.??.bin
[07:43:20] <NCommander> (see /etc/apparmor.d on lithium)
[07:43:17] <xlefay> I mean about my example
[07:43:05] <NCommander> xlefay, apache has a . in its path
[07:42:56] <NCommander> xlefay, no, its a .
[07:41:56] <xlefay> so would I name it 9_3?
[07:41:44] <NCommander> odd
[07:41:29] <xlefay> not even connected
[07:41:19] <xlefay> nothing
[07:41:17] <xlefay> nope
[07:41:15] <NCommander> you been doing something on helium?
[07:41:11] <NCommander> Your Linode, helium, has exceeded the notification threshold (1000) for disk io rate by averaging 1108.00 for the last 2 hours. The dashboard for this specific Linode is located at: <https://manager.linode.com/linodes/dashboard/helium>
[07:41:10] <NCommander> xlefay,
[07:37:37] <xlefay> I'm guessing 9.3 in the file name would resolve to 9/3/?
[07:37:28] <xlefay> would that mean 9_3 in the apparmor file name?
[07:37:18] <xlefay> usr.lib.postgresql.bin.postgres => /usr/lib/postgresql/bin/postgresql _BUT_ I've got /usr/lib/postgresql/9.3/bin/
[07:36:48] <xlefay> hmm question
[07:35:47] * xlefay downloads the postgresql's one
[07:34:04] <NCommander> Less pain than SELinux
[07:33:45] <xlefay> http://bazaar.launchpad.net
[07:33:34] * xlefay notes this one apparmor repo @ LP is handy
[07:32:42] MrBluze|afk is now known as MrBluze
[07:25:49] <xlefay> +h
[07:25:46] <xlefay> Yea :P
[07:24:23] <NCommander> If we get a perl guy then it will be relatively easy
[07:22:56] * NCommander pokes around a bit in slash
[07:21:34] <xlefay> Yeah, that looks pretty simple
[07:21:21] <xlefay> "You will need PHP 4.3.0 or greater to use this library." <- whenever I read specifically '4.*' I ain't using that library ever.
[07:21:12] <NCommander> OpenID is almost idiot proof
[07:20:58] <NCommander> xlefay, http://search.cpan.org
[07:20:02] <NCommander> Five minutes of perl
[07:20:00] <NCommander> Like
[07:19:59] <NCommander> OpenID looks stupid trivia
[07:19:55] <NCommander> Actually
[07:19:52] <NCommander> xlefay, yeah
[07:19:51] * NCommander looks at this
[07:19:27] <xlefay> didn't I mention that the other day, it 500'ing?
[07:19:16] <NCommander> We have a SOAP API
[07:19:11] <NCommander> Huh
[07:19:00] <xlefay> interesting ;D
[07:18:41] <NCommander> You'd never know it was openid without checking the code
[07:18:33] <NCommander> xlefay, Launchpad, the Ubuntu wiki, and REVU all use openid to login.ubuntu.com, but doesn't ask for a openid URL
[07:18:14] <NCommander> Redirect right to a OpenID landing page when you click login
[07:17:55] <xlefay> Anyone who knows their DB stuff, generally does
[07:17:52] <NCommander> So the trick to making openid not look stupid
[07:17:40] <NCommander> <3 postgres
[07:17:35] <xlefay> 9.3 runs nicely on my box
[07:17:11] <xlefay> PostgreSQL?
[07:16:57] <NCommander> Hrm
[07:16:54] <NCommander> xlefay, its a consumer
[07:16:20] <xlefay> Does our slash already allow open id auths?
[07:16:02] <xlefay> I'm going to suggest we start using PostgreSQL wherever possible, since we do want to go there eventually, right?
[07:15:57] <NCommander> Paging FunPika
[07:15:53] <NCommander> Believe so
[07:15:39] <xlefay> Hmm, the wiki supports PostgreSQL?
[07:15:22] <NCommander> (you can make it work non-stupidly)
[07:15:15] <NCommander> xlefay, for single-signon, we should use openid for the wiki http://www.mediawiki.org
[07:15:13] <xlefay> haha :P
[07:14:52] <xlefay> ... of course, there is ;-)
[07:14:51] <NCommander> hrm
[07:14:48] <Bender> Added quote 84
[07:14:48] <xlefay> !grab NCommander
[07:14:44] <NCommander> There's a perl module for that
[07:14:40] <NCommander> Eh, its not THAT hard
[07:14:33] <xlefay> but guessing you can't without a lot of hacking
[07:14:30] <NCommander> ssh keys good enough
[07:14:21] <xlefay> If you can use it for other stuff, e.g. slash by all means
[07:14:08] <NCommander> No kidding
[07:14:06] <NCommander> Yeah
[07:14:03] <xlefay> For SSH, I'd say, that would be a bit too much :P
[07:14:03] <NCommander> Despite the name, its not dependent on Google
[07:13:50] <NCommander> Yeah
[07:13:42] <xlefay> oh OATH
[07:13:32] <xlefay> Something to do with oauth iirc?
[07:13:25] <xlefay> I've heard of the google authenticator before
[07:13:09] <NCommander> xlefay, http://code.google.com
[07:13:06] <NCommander> xkhttp://code.google.com
[07:12:23] <xlefay> This is'll save a lot of effort in the long run, 2 factor is inconvenient at times
[07:12:17] <NCommander> I'm going to get sysops to riot of me
[07:12:06] <xlefay> I don't think this as sadistic tho :P
[07:12:02] <NCommander> (I want the option for 2-factor for slash soonish)
[07:11:53] <NCommander> xlefay, if I was truly sadistic, I'd require two-factor authetication
[07:11:33] * NCommander is a strong believer in single signon
[07:11:28] <NCommander> xlefay, for Apache/HTTP authetication
[07:11:15] <NCommander> xlefay, BTW, you can use mod_auth_kerberos
[07:10:59] <xlefay> It does sound awesome tho :D
[07:10:54] <xlefay> haha yea :P
[07:10:36] <NCommander> xlefay, well, oper via krb5. kinit on 127.0.0.1, become IRC superuser. Connect suadmin on the site (possibly overkill but nice to think about :-))
[07:09:53] <NCommander> actually, once the KDC slave is setup, we could auth directly
[07:08:37] <xlefay> Such as?
[07:08:08] <NCommander> xlefay, that being said, krb5 + VPN offers some interesting authetication possibilities
[07:07:55] <NCommander> xlefay, pfft, I'll autheticate with kerberos here locally, then really go to town
[07:07:20] <xlefay> "last logged in from firefighters.li694-22." :P
[07:07:10] <xlefay> wish I could change it's PTR record without breaking stuff :P
[07:06:48] <xlefay> w00t w00t
[07:06:28] <xlefay> just so the awesome people can ssh into firefighters instead :P
[07:06:19] <xlefay> just added a cname for it :P
[07:05:49] <NCommander> I'm happy
[07:05:48] <NCommander> I got firefighters in LDAP
[07:05:26] <xlefay> nslookup firefighters.li694-22.
[07:04:05] <xlefay> would be too painful atm :p
[07:03:45] <NCommander> Ah well
[07:03:41] * NCommander should have called the node firefighters ...
[07:03:06] <NCommander> xlefay, I don't want boron becoming beryllium 2.0 though
[07:02:53] <NCommander> xlefay, for the moment, can install stuff on user demand
[07:01:47] <xlefay> only plain HTML and crap atm?
[07:01:41] <xlefay> The staff user dir, what stuff can we use?
[07:01:21] <xlefay> yeah :)
[07:00:40] <NCommander> xlefay, probably the uninstall script got mucked
[07:00:13] <xlefay> OK that worked!
[06:59:21] <xlefay> Yes, I'm looking at that page :P
[06:59:16] <NCommander> xlefay, possibly
[06:59:11] <xlefay> can I just remove it and reinstall it and all will be fixed? (the lazy way)
[06:59:00] <xlefay> I tried upgrading to the last package
[06:59:00] <NCommander> xlefay, http://status.soylentnews.org
[06:58:45] * NCommander is tired and doesn't want to look
[06:58:41] <NCommander> ...
[06:58:39] <NCommander> fuck
[06:58:39] <NCommander> er
[06:58:36] <NCommander> xlefay, did you upgrade to the latest page?
[06:58:20] <NCommander> xlefay, http://status.soylentnews.org
[06:57:00] <xlefay> s/</|/
[06:56:51] <xlefay> invoke-rc.d: unknown initscript, /etc/init.d/charybdis not found. <-- did the upgrade, what do I need to do at this point to make it go away? < NCommander
[06:56:34] <xlefay> ok.. how do I fix this crazy error?
[06:56:20] <xlefay> *updates charybdis-li694-22"
[06:55:52] * xlefay might have fallen a bit in love with our set up here..
[06:55:35] <xlefay> >.<
[06:55:26] <xlefay> I wonder if we can apparmor bender... maybe a bit too far?
[06:55:06] <xlefay> btw, I also want to LXC some stuff on IRC box, for "playgrounds" on experimenting with stuff; so we don't risk breaking other stuff
[06:54:48] * NCommander needs to setup status.soylentnews.org
[06:54:42] * NCommander rolls eyes
[06:54:20] <xlefay> The way it's supposed to be ;-)
[06:54:10] <NCommander> Apache isn't doing anything
[06:54:06] <NCommander> No wonder the site feels more responsible
[06:53:55] <xlefay> That's amazing!
[06:53:53] <xlefay> LOL
[06:53:47] <xlefay> Sounds about right
[06:53:42] <NCommander> The new varnish config is *really* doing its job
[06:53:29] <NCommander> Holy shit
[06:53:27] <NCommander> cache hitrate: 88%
[06:53:07] <NCommander> xlefay, so we've had 202k hits on varnish in 11 hours
[06:51:53] <NCommander> xlefay, this was a stupidly productive weekend
[06:51:47] <NCommander> sweet
[06:51:40] <xlefay> consider it done
[06:51:40] <NCommander> xlefay, it isn't by the linode image
[06:51:37] <xlefay> "Looking for someone to work out the necessary sudo voodoo"
[06:51:20] -!- mrcoolbp has quit []
[06:50:31] <mrcoolbp> off to bed, see y'all tomorrow
[06:49:07] <xlefay> I thought it came by default :P
[06:49:05] <NCommander> xlefay, check out the email to the list, see if I forgot anything
[06:48:51] <NCommander> xlefay, apt-get install apparmor :-)
[06:48:45] <xlefay> haha yea, that's what I was looking for
[06:48:40] <xlefay> like what apt-file does ;-)
[06:48:37] <NCommander> for packages in general, apt-file
[06:48:36] <xlefay> apt-file search aa-genprof
[06:48:31] <NCommander> For installed, dpkg -S
[06:48:28] <NCommander> xlefay, files in general, or installed?
[06:47:44] <NCommander> (its been too long)
[06:47:40] <NCommander> xlefay, what's whatprovides do?
[06:46:53] <xlefay> NCommander: does apt has something like yum whatprovides?
[06:46:42] <mrcoolbp> should be interesting
[06:46:31] <mrcoolbp> okay, let's try that and see what happens then
[06:46:05] <xlefay> http://soylentnews.org
[06:45:48] <NCommander> xlefay, aa-genprof is your friend
[06:45:39] <xlefay> NCommander: first thing I'm going to do tomorrow is try to apparmor charybdis ;-)
[06:45:36] <mrcoolbp> also how do you do that password reset? on slashcott I was doing it through the admin panel
[06:45:09] <mrcoolbp> he has an email showing it is
[06:45:00] <xlefay> so it isn't his then
[06:44:55] <mrcoolbp> by another nick anyway
[06:44:45] <mrcoolbp> UID owned by someone else
[06:44:39] <mrcoolbp> he claims to have a U
[06:44:23] <xlefay> mrcoolbp: well you know his e-mail address, did you try a password reset first? (e.g. just enter his e-mail?)
[06:43:31] <xlefay> yeah it grabs the group for a certain user
[06:43:31] <mrcoolbp> xlefay: going to forward a user to you, claims to have registered a nick but I can't find him (and he can't log in)
[06:42:24] <NCommander> xlefay, just getrgid for the user
[06:42:15] <NCommander> xlefay, just getrpid for the user
[06:41:37] <xlefay> Unfortunately, charybdis doesn't support direct ldap :<
[06:41:33] * NCommander wonders if we can just kerberos it
[06:41:26] <NCommander> hrm
[06:41:23] <xlefay> I could write a script that gets the public key of people in the ircops group, create a local file for opers, re-generate config file (I should make a script for that); and rehash the server
[06:40:52] <xlefay> btw, the link I sent to the challenge
[06:40:46] <xlefay> That's really nice ;-) We should try that on dev sometime :P
[06:40:35] <NCommander> Thats an hours work, tops
[06:40:32] <NCommander> That wouldn't even be hard to implement
[06:40:22] <xlefay> exactly
[06:40:20] <NCommander> slash_suadmin == 10000
[06:40:13] <NCommander> xlefay, if user is editoral == seclevel 100
[06:40:11] -!- pbnjoe has quit [Quit: Leaving]
[06:40:05] <NCommander> xlefay, bingo.
[06:40:01] <xlefay> just create another group
[06:40:00] <NCommander> xlefay, http://stackoverflow.com
[06:39:57] <xlefay> That'd be neat, then you can also do the setuid bits via LDAP, no?
[06:39:29] <NCommander> Then perl just needs to run id to get permissions
[06:39:23] <NCommander> xlefay, add a field in the database for POSIX account
[06:39:15] <NCommander> xlefay, thinking about it, we don't need it to talk to ldap directly
[06:39:08] <NCommander> hrm
[06:39:07] <NCommander> xlefay, actually ...
[06:38:57] <xlefay> https://github.com
[06:38:53] <xlefay> btw*
[06:38:52] <NCommander> xlefay, actually, its probably easier to make that work with kerberos vs. ldap itself
[06:38:48] <xlefay> but
[06:38:47] <xlefay> Yeah :p
[06:38:39] <NCommander> xlefay, so every box that runs services run slapd :-)
[06:38:27] <xlefay> Also, services stall if LDAP is down >.<
[06:38:19] <xlefay> I suppose so :P
[06:38:07] <NCommander> This problem can be solved with MORE REPLICATION
[06:37:59] <NCommander> xlefay, so run slurpd/slapd on the ircd nodes
[06:37:52] <xlefay> In which case, EVERYTHING will be fuckt
[06:37:42] <NCommander> TO attach authetication tokens to slash account
[06:37:42] <xlefay> hah, in which case, the IRCd could also but I'm just so afraid of what'll happen if our LDAP kicks out (in it's entire, even when we have replication)
[06:37:30] <NCommander> There's already infrastructure for that in place for OpenID
[06:37:20] <NCommander> actually, thats not THAT hard
[06:37:16] <xlefay> Technically, a link between slash <-> openldap would be awesome
[06:37:13] * NCommander coughs
[06:37:12] <NCommander> xlefay, so we get slash to autheticate with ldap
[06:37:01] <xlefay> NCommander: we could, but we want to integrate with the normal site right?
[06:36:47] <NCommander> xlefay, I don't mind having normal users in there, if we ever have public shell accounts, they'll be in LDAP, just not in firefighters
[06:36:27] <NCommander> xlefay, we can migrate the nickserv database into LDAP
[06:36:11] <xlefay> rest = existing db
[06:36:05] <xlefay> NCommander: IRC services + ldap works for /ns id, but that'd break the rest
[06:35:55] <NCommander> xlefay, (yes, we can autheticate our staff on their home machines. Yes its sexy)
[06:35:47] <xlefay> https://github.com
[06:35:14] <NCommander> xlefay, you know, with the VPN, it IS possible to get kerberos tickets on 127.0.0.1 ...
[06:34:57] <NCommander> xlefay, we can extend the LDAP schema if we need more information for IRC services
[06:33:37] <xlefay> no worries
[06:33:36] <xlefay> it is now ;-)
[06:32:47] <NCommander> oops
[06:32:45] <NCommander> Thought it was there ...
[06:32:45] <xlefay> docs just say 127.0.0.1:8080
[06:32:39] <xlefay> I'll put it in the docs
[06:32:35] <NCommander> xlefay, phpmyadmin is also available
[06:32:29] <NCommander> I didn't put that URL up?
[06:32:25] <xlefay> oh lol!
[06:32:19] <NCommander> xlefay, oh, http://127.0.0.1:8080
[06:32:04] <xlefay> the ssh tunnel itself just returns "It works!" on which I just reply "yeah... but it doesn't show me what I need!"
[06:31:57] <NCommander> xlefay, yeah, its bound to 127.0.0.1 :-)
[06:31:45] <xlefay> btw, NCommander, is there a special host file required to get access to the phpldap?
[06:31:12] <mrcoolbp> NCommander: nvm, just saw that there will be error messages displayed to users
[06:29:01] <mrcoolbp> NCommander: where are the lameness filter paramaters? I'd like to have those public somewhere (maybe attached to the FAQ)
[06:28:07] <xlefay> I'm going to look if the IRCd comes with some apparmoring
[06:27:19] <xlefay> Then again, I was looking if we could feed it into LDAP, so we could have a group of IRCops in there, the "single staff management" thingy kinda sticks with me :P
[06:26:26] <xlefay> but the rsa key seems more interesting
[06:26:21] <xlefay> for /oper, we currently have requirement of certificate fingerprint (certfp) + ssl only, etc...
[06:25:56] <xlefay> Was just looking through IRCd configs
[06:25:45] <xlefay> no
[06:25:36] <NCommander> xlefay, fighting with athamie?
[06:24:38] <xlefay> I can understand why. btw: "/* rsa key: the public key for this oper when using Challenge." looks interesting
[06:23:32] <NCommander> and that's why I stopped using kmail
[06:22:47] <mrcoolbp> eek
[06:22:21] <xlefay> click email, pres delete, wait 10 seconds for it to actually delete
[06:22:10] <xlefay> I really have to install Thunderbird, kmail is sluggish
[06:22:08] <NCommander> xlefay, ?
[06:22:02] * xlefay sighs
[06:21:40] <xlefay> NCommander: it's on my rather lengthy todo list ;-)
[06:21:30] <NCommander> chop chop
[06:21:28] <NCommander> xlefay, need ability to do procmailing for soylentnews
[06:19:32] <xlefay> least you don't have to do it on a ton of clients
[06:19:23] <xlefay> That's why I love server side filtering
[06:18:36] <xlefay> too lazy to sort it all, figure if I ever need something, I'll just imap to the read-only backup ;-)
[06:18:20] <xlefay> err, a full folder*
[06:18:15] <xlefay> I just did it cause I was tired of having full folders
[06:18:09] <xlefay> well if you've got a backup there isn't much of a problem
[06:17:12] <mrcoolbp> go*
[06:17:07] <mrcoolbp> I could never fo through with it
[06:16:20] <xlefay> "just in case"
[06:16:16] <xlefay> Of course, I did have a back up ;-)
[06:15:48] <xlefay> it was
[06:15:44] <mrcoolbp> oh that would be liberating
[06:15:32] * xlefay remembers the time he /dev/null'd his inbox
[06:15:27] <mrcoolbp> heh
[06:15:21] <xlefay> mrcoolbp: another option is /dev/null, it generally works _really_ well
[06:15:00] <mrcoolbp> NCommander: perfect thanks!
[06:14:48] <mrcoolbp> mattiep: kids in bed yet?
[06:14:10] <NCommander> mrcoolbp, any sysop, xlefay or myself probably as we currently know the best on the new setup
[06:13:09] * mrcoolbp has a love/hate with his inbox (mostly hate though)
[06:12:43] <mrcoolbp> I can send them to him I guess...I just know his inbox is approaching the insanity of yours
[06:12:14] <mrcoolbp> mattiep helped a few times
[06:11:53] <mrcoolbp> NCommander: when there is an issue with a user I can't solve I used to send them to zak, who would you recommend these days?
[06:03:57] <mrcoolbp> thanks
[06:03:48] <NCommander> mrcoolbp, yes, and yes
[06:00:38] <mrcoolbp> xlefay: no worries, happy to have someone at all
[05:59:57] <mrcoolbp> NCommander: xlefay: some users have been confused that they need to create a new acount in wiki (can't use SN login). Should we throw a disclaimer on wiki saying you must create a new account. Is there plans to have single sign on eventually?
[05:59:44] <xlefay> Once I finally find a darn job, I'll have to cut down on stuff ;)
[05:59:30] <xlefay> In fairness, as it stands, I'm the one person in the staff that has the most time in the day ;-)
[05:58:49] <mrcoolbp> NCommander: xlefay joined "Community Support"
[05:58:30] <NCommander> mrcoolbp, we have new staff?
[05:58:15] <NCommander> xlefay, think so, check the email I'm writing in a few minutes
[05:57:04] <xlefay> Only local replication, and kerberos integration, correct NC?
[05:56:18] <mrcoolbp> so still a bit of work to do?
[05:55:44] <xlefay> NCommander: finished most of the LDAP set up so far ;-)
[05:54:38] <mrcoolbp> xlefay: is LDAP all setup?
[05:53:30] <xlefay> haha ^^
[05:53:21] <mrcoolbp> cheers
[05:53:03] <mrcoolbp> oh and I for one welcome my new team member.
[05:52:21] <xlefay> don't worry hehe
[05:52:02] <mrcoolbp> not trying to take aways from all your efforts at all
[05:51:50] <mrcoolbp> yes, I know I can see you've been busy, still importnant that people know what is being worked on etc.
[05:50:56] <xlefay> Important things first tho ;-)
[05:50:43] <xlefay> I know
[05:49:38] <mrcoolbp> xlefay: just a friendly reminder you still have a little work to do on that IRC team page
[05:41:31] <xlefay> I really wish we could make snapshots in advance :<
[05:41:19] <xlefay> It sure is ;-) I'll check into Amanda tomorrow and possible alternatives, and I'll set it up (naturally, starting with dev)
[05:40:53] * NCommander notes we were stupidly productive
[05:40:45] <NCommander> FUcking long list
[05:40:43] <NCommander> xlefay, I'm doing a writeup of everything we did this weekend
[05:40:32] * xlefay uses his ZNC's built in *notes system
[05:40:10] <xlefay> er.. I shouldn't be adding it to bender
[05:40:01] <Bender> todo item 3 added
[05:40:01] <xlefay> !todo upstart job for Apache
[05:39:51] <xlefay> oh god, that sounds bad didn't it?
[05:39:49] <NCommander> 9 now
[05:39:44] <xlefay> !take NCommander 10
[05:39:41] <xlefay> Cool, will do
[05:39:35] <NCommander> xlefay, you can practice on lithium, its an identical apache setup
[05:39:30] <xlefay> For production?
[05:39:24] <xlefay> @daily root /etc/init.d/slashd restart # something like that?
[05:39:21] <NCommander> xlefay, feel free to take 10 from me
[05:39:12] <NCommander> I was feeling snarky
[05:39:08] <Bender> 1 item deleted
[05:39:08] <NCommander> !todo-done 9
[05:39:03] <xlefay> Seriously.. #9?
[05:39:02] <NCommander> bleck
[05:38:54] <Bender> input 9) get mechanicjay|afk to crontab auto restarts for slash 10) upstart job for apache
[05:38:54] <xlefay> !more
[05:38:39] <Bender> todo for ncommander: 1) make sure install-slashsite installs proper schema 2) quit smoking 3) look at rewiring pollbooth for SERIOUS votes 4) write up YAFAP for nethack 5) find volunteer who may be willing to work on mod_perl rework effort 6) clean production database of unused vars/tables from Tags/FIrehose/Achievements 7) fix slashboxs 8) email to FSF/SPI w/ mattie_p - 1 more
[05:38:37] <NCommander> !todo
[05:38:35] <Bender> 1 item deleted
[05:38:35] <NCommander> !todo-done 7
[05:38:24] <Bender> todo for ncommander: 1) make sure install-slashsite installs proper schema 2) quit smoking 3) look at rewiring pollbooth for SERIOUS votes 4) write up YAFAP for nethack 5) find volunteer who may be willing to work on mod_perl rework effort 6) clean production database of unused vars/tables from Tags/FIrehose/Achievements 7) make LDAP a thing yesterday 8) fix slashboxs - 1 more
[05:38:24] <NCommander> !todo
[05:38:23] <NCommander> ugh
[05:38:22] <NCommander> xlefay, I think I can do it ...
[05:37:55] <xlefay> NCommander: paulej72_away: can anyone grant me to make a repository under SoylentNews? It's for the IRC stuff.
[05:36:42] <xlefay> btw Landon, you probably have to teach it the concept of CTCP first
[05:18:34] <Bender> todo item 24 added
[05:18:34] <Landon> !todo subscribe to ctcp actions in quote plugin
[05:18:13] * Landon shakes fist
[05:18:10] <NCommander> Being /me makes you unquotable
[05:18:01] <Landon> curseeeeeeeeeeeeeeeeees
[05:17:56] <Landon> damn
[05:17:55] <Bender> Quote 83 - <NCommander> xlefay, feel free to volunteer for Netherlands :-)
[05:17:55] <Landon> !quote 83
[05:17:52] <Bender> Added quote 83
[05:17:52] <Landon> !grab NCommander
[05:17:40] * NCommander needs more asses to ride
[05:17:34] <NCommander> xlefay, feel free to volunteer for Netherlands :-)
[05:16:42] <xlefay> NCommander: just read the mail, very nice. Thank you! ;)
[05:15:16] <Landon> seeing*
[05:15:13] <Landon> funny seeting artifacts of current-uid from the bot's account
[05:15:02] <Landon> heh
[05:14:59] <Bender> The current maximum UID is 3944, owned by LazyBoot
[05:14:59] <Landon> !current-uid
[05:06:51] <NCommander> xlefay, check email
[04:52:38] -!- martyb|zzz has quit [Ping timeout: 246 seconds]
[04:50:42] paulej72 is now known as paulej72_away
[04:46:10] <martyb|zzz> good night everybody! thanks for all the help!
[04:45:55] bytram is now known as martyb|zzz
[04:43:05] <Bender> karma - bacon: 26
[04:43:05] <bytram> bacon++
[04:43:04] <xlefay> no worries
[04:43:02] <bytram> and, why not?
[04:42:57] <Bender> karma - xlefay: 33
[04:42:57] <bytram> xlefay++
[04:42:54] <Bender> karma - ncommander: 11
[04:42:54] <bytram> NCommander++
[04:42:48] <bytram> xlefay, many thanks for the putty help!
[04:42:35] <bytram> thanks-you!
[04:42:31] <bytram> NCommander, yay! I'm onto staff, with a saved profile :^)
[04:41:35] <paulej72> later
[04:41:22] <bytram> paulej72, g'nite!!!!!!!!
[04:41:17] <xlefay> night, ciao :)
[04:41:08] <paulej72> going to bed see you all tomorrow.
[04:38:58] <NCommander> we need a staff KSP
[04:38:57] <xlefay> ;)
[04:38:50] <NCommander> oh, thats right
[04:38:43] <xlefay> e.g. the gpg trust model and stuff
[04:38:37] <xlefay> NCommander: probably has to do with trust
[04:38:20] <NCommander> xlefay, it worked fine to upload to the PPA
[04:38:13] <NCommander> xlefay, odd
[04:38:11] <NCommander> O_o?
[04:37:59] <xlefay> The signature is valid, but the key's validity is unknown. ;-)
[04:37:36] <xlefay> done
[04:37:00] <NCommander> xlefay, I renewed the expiration. Do a refresh to get it
[04:36:56] <xlefay> yea
[04:36:55] <bytram> oay, I need to creaet a NEW session...
[04:36:51] <NCommander> xlefay, on my GPG key?
[04:36:28] <xlefay> woah, Invalid Signature, NCommander? :)
[04:36:01] <xlefay> Yes, I would do that if I were you.
[04:35:54] <xlefay> next time, click the session, load, connection
[04:35:50] <bytram> xlefay, methnks I needed to save session *befoer* I catually connected?
[04:35:42] <xlefay> you fill in all the settings, then one the first page/tab of putty, you fill in a name (on the bottom of the screen) and press "save"
[04:35:19] <xlefay> wb lol :p
[04:33:10] <bytram> xlefay, k, I'm back!
[04:33:06] <xlefay> yep
[04:32:26] <bytram> xlefay, did that once before, but don't remmeber how... hold on I'm dealing with kpasswd
[04:31:32] <xlefay> bytram: best to save sessions in putty ;-)
[04:30:29] <xlefay> oh nice!
[04:30:09] <NCommander> Possible way to proxycommand with putty
[04:30:02] <NCommander> ^_ bytram
[04:29:59] <NCommander> xlefay, http://monkeyswithbuttons.wordpress.com
[04:29:47] <xlefay> guess that's what you get for using windows bytram :P
[04:29:38] <NCommander> xlefay, pfft, better than the alternative
[04:29:16] <xlefay> poor martyb, he can't even ssh to another node without first kinit'ing
[04:28:57] <bytram> I'm on boron
[04:28:55] <NCommander> bytram, let me give you your kerberos passwd
[04:28:53] <bytram> NCommander, xlefay S U C C E S S ! ! ! !
[04:28:42] <xlefay> NCommander: that's fine, I'll look into it further ;-)
[04:28:33] <xlefay> he got signed in
[04:28:31] <NCommander> this weekend has been exhausting
[04:28:26] <NCommander> xlefay, I'm kinda going to go on soy-hitatus
[04:28:15] <NCommander> Well, at least its asking for a key
[04:28:13] <xlefay> NCommander: yeah so we'll deal with the other stuff tomorrow ;-)
[04:28:05] <bytram> doh!
[04:27:56] <xlefay> bytram: the encrypted bible and all, remember?
[04:27:50] <bytram> rsa-key-20140323
[04:27:39] <bytram> passphrase for key...
[04:27:36] <NCommander> xlefay, I am, need to write emails
[04:27:22] <xlefay> NCommander: we'll deal with the backup stuff tomorrow (unless you're staying up much longer), same goes for the bittorrent stuff
[04:27:12] <NCommander> bytram, try it now
[04:27:10] <NCommander> ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAqtNySaHALmD96itgubnSs18CvYuRJAf+t3/sQ8jMYv4lcLzCcOyNrM6fzBH6KWqQa0x9UhkpMjyJsIE94qDAoNANtfZ+mSG5D+pNJb2nC5R9C1cjIZf41zIXLhsh6OwlO1cI0/KnKwz1moeHuYLtNzNDEe1Ir2D29oO7bm8R4BIM3fUR8BNy2wo+UarQJqezIvqUPOoxmiNGmTLdI5Fd8M5ODJ9d2wZZs60x2B23qw6S4f1eClwRAoTXaUK0GWnSFxbUzsLCsti5qxfr5q1mdS7XIsvoNAum9gITqwTG7EMkMFUUVckT5tMBTzwnSlM9yo4C86ZKvxjzAAO3Oodk7Q==
[04:27:10] <NCommander> bytram, root@helium:/root# /etc/ssh/ldap_ssh.sh martyb
[04:26:04] * bytram is holding on
[04:25:49] <NCommander> Hold on
[04:25:48] <NCommander> bytram, your key got linewrapped
[04:24:52] <NCommander> its getting base64 encoded
[04:24:48] <NCommander> Oh
[04:24:28] <bytram> NCommander, do I need to do something to fix the format on my end? or is that something you do there?
[04:24:03] <bytram> xlefay, Oh! <heh> my bad.
[04:23:41] <xlefay> bytram: I'm actually looking at the docs from NC
[04:23:15] <bytram> xlefay, much obliged!
[04:22:57] <xlefay> NCommander: '''s don't work in <pre>'s, I'll fix
[04:22:31] <NCommander> Its in the wrong format
[04:22:29] <NCommander> fuck
[04:22:28] <NCommander> oh
[04:21:46] <NCommander> hrm
[04:21:46] <NCommander> ....
[04:21:44] <NCommander> root@helium:/root#
[04:21:44] <NCommander> root@helium:/root# /etc/ssh/ldap_ssh.sh martyb
[04:21:32] <bytram> NCommander, k, thanks!
[04:21:24] <NCommander> bytram, let me make sure your key is correct
[04:20:18] <bytram> NCommander, hmmm... should I generate another one?
[04:20:10] <NCommander> xlefay, does that look sane and well written
[04:19:34] * NCommander notes varnish needs a writeup, as does apache, but those can wait
[04:19:25] <NCommander> I think thats the last of the major TODOs here.
[04:19:18] <NCommander> http://wiki.soylentnews.org
[04:19:17] <NCommander> BTW, kerberos administration page written
[04:19:08] <NCommander> bytram, it didn't like your key
[04:18:19] <bytram> 2014-03-23 23:16:52 Disconnected: No supported authentication methods available (server sent: )
[04:18:17] <bytram> 2014-03-23 23:16:52 No credentials are available in the security package.
[04:18:13] <bytram> 2014-03-23 23:16:52 GSSAPI authentication initialisation failed
[04:18:11] <bytram> 2014-03-23 23:16:51 Attempting GSSAPI authentication
[04:18:09] <bytram> 2014-03-23 23:16:51 Using SSPI from SECUR32.DLL
[04:18:07] <bytram> 2014-03-23 23:16:51 Server refused our key
[04:18:05] <bytram> 2014-03-23 23:16:51 Offered public key
[04:18:03] <bytram> 2014-03-23 23:16:47 Reading private key file "C:\Program Files\PuTTY\keys\private.20140323a.ppk"
[04:18:01] <bytram> 2014-03-23 23:16:46 Initialised HMAC-SHA-256 server->client MAC algorithm
[04:17:59] <bytram> 2014-03-23 23:16:46 Initialised AES-256 SDCTR server->client encryption
[04:17:57] <bytram> 2014-03-23 23:16:46 Initialised HMAC-SHA-256 client->server MAC algorithm
[04:17:55] <bytram> 2014-03-23 23:16:46 Initialised AES-256 SDCTR client->server encryption
[04:17:53] <bytram> 2014-03-23 23:16:46 ssh-rsa 2048 b0:82:21:50:dd:e7:fc:4a:e0:1e:ff:0c:c2:46:1d:1d
[04:17:51] <bytram> 2014-03-23 23:16:46 Host key fingerprint is:
[04:17:49] <bytram> 2014-03-23 23:16:42 Doing Diffie-Hellman key exchange with hash SHA-256
[04:17:47] <bytram> 2014-03-23 23:16:42 Doing Diffie-Hellman group exchange
[04:17:46] <bytram> 2014-03-23 23:16:41 We claim version: SSH-2.0-PuTTY_Release_0.63
[04:17:46] <bytram> 2014-03-23 23:16:41 Using SSH protocol version 2
[04:17:46] <bytram> 2014-03-23 23:16:41 Server version: SSH-2.0-OpenSSH_6.5p1 Ubuntu-6~precise1
[04:17:46] <bytram> 2014-03-23 23:16:41 Connecting to 173.255.194.21 port 99
[04:17:46] <bytram> 2014-03-23 23:16:40 Looking up host "staff.soylentnews.org"
[04:17:34] <bytram> xlefay, here comes the log...
[04:16:57] -!- Dopefish has quit [Quit: Web client closed]
[04:16:56] <bytram> same error
[04:15:11] <bytram> sure.
[04:15:02] <xlefay> (instead of 22)
[04:14:58] <xlefay> bytram: can you re-connect on port 99 ?
[04:14:51] <bytram> I can send you the log
[04:14:03] <xlefay> That's rather odd
[04:13:24] <bytram> same error.
[04:12:13] <bytram> xlefay, logical name of remote host(e.g. for SSH key lookup)
[04:11:00] <bytram> yup
[04:10:53] <xlefay> re-check
[04:10:45] <bytram> thought so.
[04:10:40] <xlefay> Are you submitting your ssh key?
[04:10:35] <xlefay> No supported authentication methods available [preauth]
[04:10:26] <xlefay> [martyb's IP] failed - POSSIBLE BREAK-IN ATTEMPT!
[04:10:15] <bytram> waiting...
[04:10:12] <bytram> "login as:" and I entered my username
[04:10:09] <xlefay> what was the error on your side?
[04:10:06] <xlefay> ok got you now
[04:10:03] <bytram> looks better...
[04:09:50] <xlefay> bytram: try again
[04:09:24] <xlefay> NCommander: am checking but not getting an alert from martyb's user
[04:09:14] <bytram> trying to get to staff.soylentnews.org
[04:09:13] <NCommander> xlefay, check auth.log
[04:09:00] <xlefay> bytram: where are you connecting to?
[04:08:46] <NCommander> xlefay, agreed
[04:08:40] <mrcoolbp> okay
[04:08:37] <bytram> server unexpectedly closed netork connection
[04:08:36] <NCommander> mrcoolbp, let me finish writing this wiki page
[04:08:18] <xlefay> but we should publish those signatures nonetheless
[04:08:09] <xlefay> kidding*
[04:08:08] <xlefay> bytram: kiddding, accept it
[04:08:03] * xlefay notes we should publish those signatures..
[04:08:02] <bytram> tugh to type, hold on.
[04:07:52] <xlefay> yes, what is it?
[04:07:47] <bytram> the server's rsa2 key fingerprint is...
[04:07:34] <bytram> xlefay, I've got a security alert: the server's host key is not cached in the registry. You have no guarantee that the server is the computer you think it is.
[04:06:57] <mrcoolbp> NCommander: I know you've been very busy with the backend stuff, we have a plan for the public vote in case we don't have the time to re-work the poolbooth that would utilize audioguys email voting method he coded, have a sec?
[04:06:49] -!- pbnjoe [pbnjoe!~pbnjoe@Soylent/Users/313/pbnjoe] has joined #staff
[04:06:43] <xlefay> bytram: good, then you should be able to connect
[04:06:25] <bytram> xlefay, that's the one I gave to putty
[04:06:06] <xlefay> .ppk or something
[04:06:04] <xlefay> NCommander: the ssh key = good on our side, but putty uses it's own format to send it
[04:05:50] <bytram> the server's host key is not cached in the registry...
[04:04:15] <bytram> NCommander, I made it using puttygen, so I'd like to think it knows how to format things for itself. :/
[04:03:43] <NCommander> It had the putty certificate things on it
[04:03:30] <NCommander> bytram, I think he sent me the right forward
[04:03:15] <bytram> does that mean I need to create a new key and send that to NCommander ?
[04:02:51] <bytram> xlefay, woops... lost me there. oh, oh.
[04:02:36] <xlefay> Putty doesn't accept plain ssh keys... it needs it's own format and deals with it internally.
[04:02:11] <xlefay> Otherwise you'll have to throw it through puttygen in order to make putty be able to read it (least, iirc)
[04:01:53] <xlefay> btw.. you didn't as audioguy suggested make an openssh key, right?
[04:01:38] <xlefay> I don't quite remember
[04:01:34] <xlefay> ehm, you have to go to "ssh" in the sidebar and search there...
[04:01:15] <bytram> xlefay, where do I put my SSH key?
[04:00:36] <bytram> xlefay, I see that, thanks!
[04:00:23] <xlefay> it'll default to 22
[04:00:20] <xlefay> (you don't actually have to fill it in)
[04:00:09] <NCommander> bytram, I haven't used putty in ages
[04:00:07] <bytram> k
[04:00:03] <NCommander> bytram, 22
[04:00:01] <xlefay> 22
[03:59:54] <bytram> hold on... what port?
[03:59:33] <bytram> NCommander, I apologize. it's late, I'm tired, and not thinking clearly. Are you familiar enough with putty to walk me through?
[03:58:44] <mrcoolbp> ah
[03:58:26] <NCommander> mrcoolbp, the machine names are on the wiki, but we don't publish them in DNS
[03:58:07] <bytram> ^^^^^^^^^^
[03:57:57] <bytram> indirection for the obfuscation.
[03:57:55] <mrcoolbp> you just did...this is public channel...
[03:57:33] <NCommander> bytram, staff == boron. We don't expose the machine names to the world
[03:57:21] <bytram> NCommander, will do.
[03:57:17] <bytram> NCommander, huh? where's boron ?
[03:56:53] <NCommander> bytram, staff.soylentnews.org
[03:56:49] <Dopefish> that's gross
[03:56:18] <bytram> NCommander, so, I'm trying to connect to ?? boron.soylentnws.org ??
[03:56:16] <bytram> NCommander, so, I'm trying to connect to ?? boron.soylennews.org ??
[03:55:21] <bytram> gladly try any *other* ssh client, though.
[03:55:10] <mrcoolbp> bytram: thanks for you help/feedback bytram: much appreciated
[03:54:43] <bytram> I tried cygwin years ago... install so borked up my system it took me a couple weeks to getit working again.
[03:54:39] * NCommander licks Dopefish
[03:54:33] -!- mode/#staff [+v Dopefish] by SkyNet
[03:54:33] -!- Dopefish [Dopefish!~47b1d396@Soylent/Staff/Editor/Dopefish] has joined #staff
[03:54:13] <NCommander> bytram, you could install cygwin SSH :-P
[03:54:11] <bytram> I'm on win XP
[03:54:00] <NCommander> bytram, not used to SSH?
[03:53:29] <bytram> am trying... am not used to putty; it's umm >different<
[03:52:58] <NCommander> bytram, kerberos principle generated, let me know when you're on boron
[03:51:26] * NCommander is generating your kerberos principle
[03:51:01] <bytram> bear with me here..
[03:50:50] <bytram> NCommander, i'm back...
[03:50:36] <NCommander> bytram, see if you can access staff.soylentnews.org
[03:50:30] <NCommander> bytram, installed
[03:48:23] <bytram> NCommander, brb
[03:48:21] <NCommander> bytram, http://wiki.soylentnews.org
[03:48:07] <NCommander> bytram, read this while you wait, as you need to use kerberos since you use putty and can't proxy
[03:47:52] <NCommander> bytram, I'm installing your SSH key, and generating kerberos principle for you
[03:47:36] <NCommander> uid=2508(martyb) gid=2500(firefighters) groups=2500(firefighters),2501(sysops),2502(db),2503(dev_team),2504(prod_access)
[03:47:36] <NCommander> bytram, root@helium:~# id martyb
[03:46:11] <bytram> NCommander, Great! THANKS!
[03:46:00] <NCommander> bytram, I'm installing your LDAP user now
[03:45:59] <xlefay> :/
[03:45:41] <NCommander> xlefay, nope
[03:45:38] <NCommander> !sysops
[03:45:23] * NCommander is too tired to take command
[03:44:28] <mrcoolbp> I got the feedback, just follow instructions in the email for the actual domain gathering (add a domain)
[03:43:38] <bytram> i replied to you here, am now putting into e-mail
[03:43:16] <mrcoolbp> bytram, did you respond to the email?
[03:41:48] <bytram> xlefay, wish I could, am heading to bed in about 5 minutes.
[03:41:10] <xlefay> someone take command ;-)
[03:41:07] xlefay changed topic of #staff to: woop woop
[03:40:45] <bytram> mrcoolbp, besides... "We are number 1, yay!" is what I'd normally think of when ordering things by preference... #1 is best/favorite/preferred
[03:39:51] <bytram> mrcoolbp, one issue... scoring is backwards... say another choice comes up; but you're stuck at a max of "9". need to go the other way.
[03:38:53] <mrcoolbp> heh
[03:38:38] <xlefay> ^ no-one ever says that about m&m's for instance..
[03:38:16] <bytram> mrcoolbp, let me check... brb (too many m's)
[03:37:41] <bytram> MrBluze|afk, lemme cchk; brb
[03:37:25] <mrcoolbp> bytram: email received?
[03:36:39] <xlefay> least.. they do here
[03:36:35] <xlefay> /notices highlight too
[03:36:27] <xlefay> Then again, I could also bring the 'sysops' group back in GroupServ and people can /ms send !sysops message
[03:36:02] <bytram> xlefay, better!
[03:35:52] <xlefay> how about... !alert <team> <message> ;-)
[03:35:51] <bytram> !ics alert=yellow
[03:35:46] * NCommander wants !fudge
[03:35:36] <xlefay> Wouldn't be a bad solution
[03:35:34] <bytram> NCommander, better to have an !ics
[03:35:21] <NCommander> which pings all of us
[03:35:18] <NCommander> xlefay, implement a !emergency in the bot
[03:35:05] <Bender> karma - ncommander: 10
[03:35:04] <bytram> NCommander++ # a much belated token of thanks!
[03:35:03] <Bender> karma - ncommander: 9
[03:35:02] <bytram> NCommander++ # a much belated token of thanks!
[03:34:51] <bytram> NCommander, I have no doubt. hold on...
[03:34:50] <xlefay> NCommander: funny thing about this morning is.. no-one cared to highlight me, I was still here (but not looking at IRC), and I went to bed 15 minutes before stderr highlighted me without intending my specifically ;-)
[03:34:42] <NCommander> we have proper access permissions now :-)
[03:34:41] <mrcoolbp> bytram: check you're email, this is the first round of a test poll
[03:34:36] <NCommander> bytram, a lot worse
[03:34:30] <NCommander> bytram, believe it or not, it was worse before I got this shit setup
[03:34:20] <bytram> s/i/it/
[03:34:16] <bytram> i was FRUSTRATING.
[03:34:01] <bytram> NCommander, FYI... I *wasted* over an hour this morning waiting for anybody to appear who had *access* to fix production...
[03:33:17] <NCommander> bytram, be happy we kerberos :-)
[03:33:12] <NCommander> bytram, I'm sorry :-/
[03:32:57] <bytram> NCommander, I would be
[03:32:56] <xlefay> bytram:
[03:32:46] * NCommander notes kerberos really is good for that
[03:32:42] <NCommander> xlefay, who was using putty?
[03:32:27] <xlefay> s/seems/is/
[03:32:20] <xlefay> /home/backups/ seems fine ;)
[03:32:18] <NCommander> I just got the damn thing up
[03:32:15] <NCommander> no
[03:32:01] <xlefay> Unless you reinstall oxygen with expert mode ;')
[03:31:58] <NCommander> bleh
[03:31:57] <NCommander> ok, /home/backups/hostname
[03:31:52] <NCommander> gah
[03:31:50] <NCommander> oh
[03:31:49] <xlefay> @ oxygen
[03:31:46] <xlefay> partition scheme
[03:31:41] <NCommander> xlefay, ?
[03:31:32] <xlefay> Unless you're going to symlink it to something in /home, that's not going to work out well
[03:30:41] <NCommander> xlefay, I recommend though we store whatever in /srv/backup/*hostname*
[03:30:26] <xlefay> That's generally true *awaits a comment from Audioguy*
[03:29:40] <NCommander> Backups: Those things you wish you had BEFORE shit hit the fan
[03:29:30] <NCommander> xlefay, nope
[03:29:06] <xlefay> Seems interesting, have you used it before?
[03:28:14] <NCommander> ^- xlefay
[03:28:09] <NCommander> http://wiki.zmanda.com
[03:27:58] * bytram had one once, great microwave!
[03:27:39] <NCommander> er, ARMANA
[03:27:30] <bytram> that's just an *instance* of the *kind* of problem...
[03:27:01] <bytram> there was a consensus of what needed to be done, that there were no negative consequences, and ... I couldn't do a thing but *WAIT* for someone else to appear.
[03:26:58] <xlefay> *googles it*
[03:26:47] <xlefay> "armada"?
[03:26:39] <NCommander> xlefay, we could do something like armada
[03:26:30] <xlefay> So, put the service slashd restart in a cronjob and we'll have that stuff done
[03:26:27] <NCommander> xlefay, so ... backups. I'm still open to ideas here
[03:26:06] <bytram> but that's just an example.
[03:25:46] <xlefay> dammit you noticed that eh? :)
[03:25:34] <NCommander> xlefay, I'd feel bad if you were funny :-P
[03:25:31] <bytram> I am very nervous about doing *anything* that would cause unintended consequences. well nigh paranoid. only for emergency use.
[03:25:15] <xlefay> NCommander: maan you broke my joke :'(
[03:25:08] <NCommander> We should probably just put that in a crontab
[03:25:02] <NCommander> xlefay, service slashd restart isn't rocket science
[03:24:51] <xlefay> bytram: how sure are you about production access? :)
[03:24:46] <bytram> twice now, I've known that I just needed to restart slashd and had my hands tied.
[03:24:29] <NCommander> and prod_access
[03:24:25] <xlefay> Thus, you're in the dev_team?
[03:24:13] <bytram> NCommander, but seriously, I don't really need master of the universe privs, but I'd like to be able to help with development on the dev server and be able to do what's neeeded on the prod box when it is wonky... under the guidance of others, of course.
[03:24:03] <xlefay> Sure, what's "never going to happen" in Chinese?
[03:23:17] <NCommander> xlefay, why don't you add some international domains to our TLD :-P
[03:23:01] <xlefay> s/bot/box/
[03:23:00] <bytram> NCommander, more like "Security through o7y"
[03:22:57] <xlefay> Ok, so that bittorrent bot?
[03:22:50] <xlefay> Another keeper ;-)
[03:22:45] <Bender> Added quote 82
[03:22:45] <xlefay> !grab NCommander
[03:22:31] <xlefay> LOL
[03:22:26] <NCommander> Security through i18n :-)
[03:22:13] <bytram> NCommander, oh oh.... can I ssh into that?
[03:21:49] <bytram> NCommander, ROFLMAO!
[03:21:35] <NCommander> bytram, that's easy. We'll decide based on where the server is physically located. If its in the US, Aluminum. If its in UK Aluminium. If its in China then its 铝
[03:21:28] <bytram> was bored one day and memorized the first 18 elements or so.
[03:20:41] <bytram> nope... but I did get a "5" on the AP chem test.
[03:20:21] <NCommander> bytram, I smell a chemistry major
[03:20:19] * bytram looks forward to the Aluminum/Aluminium debate =)
[03:19:09] <bytram> https://en.wikipedia.org
[03:18:46] <bytram> NCommander, not atomic *weight*... atomic *number*
[03:18:30] <bytram> NCommander, tey're unstable or flamable only at STP; we're safe at about 20 kelvin or so... right?
[03:18:18] * NCommander is curious what happens when robin or mechanicjay|afk come back and wonder what happened to the servers
[03:17:41] <NCommander> I can add an atomic weight column :-0
[03:17:39] -!- FunPika has quit [Quit: Leaving]
[03:17:32] <mrcoolbp> ?
[03:17:20] -!- mode/#staff [-o mrcoolbp] by SkyNet
[03:17:08] * bytram wishes the elements were listed in the order that they appear in the periodic table
[03:17:04] <xlefay> more gasses would most definitely make things go boom
[03:16:54] <xlefay> Well then, I'd argue against neon :P
[03:16:44] * NCommander looks forward to when we get to metalic elements
[03:16:37] <bytram> NCommander, king of the universe?
[03:16:33] <NCommander> or highly flamable
[03:16:28] <NCommander> What's concerning me is that most of our servers are unstable
[03:16:19] <xlefay> err, fellow coworkers
[03:16:13] * xlefay looks down on all his servents
[03:16:02] <mrcoolbp> = (
[03:15:56] <NCommander> bytram, which permissions do you need :-)
[03:15:56] <xlefay> That was funny ;-)
[03:15:55] -!- mode/#staff [-o mrcoolbp] by SkyNet
[03:15:55] <mrcoolbp> .deop
[03:15:50] <mrcoolbp> .deop = (
[03:15:47] <xlefay> damn bot
[03:15:46] <Bender> Added quote 81
[03:15:46] <xlefay> !grab NCommander
[03:15:43] <xlefay> !GRAB NCommander
[03:15:31] <bytram> NCommander, I'm confused... you asked for what *boxes* and gave me a link to list of *groups*
[03:15:23] <NCommander> xlefay, long enough I've forgotten what oxygen was like until I booted it up
[03:14:44] * xlefay looks at NCommander, how long have you been sitting there?
[03:14:30] <xlefay> tssk. mrcoolbp what are you doing in my realm?
[03:14:03] -!- mode/#staff [+o mrcoolbp] by SkyNet
[03:14:03] <mrcoolbp> .op
[03:13:23] <xlefay> bytram: http://wiki.soylentnews.org
[03:13:22] <bytram> would like accss to dev; and on an emergency basis to prod (to, e.g., bounce slashd)
[03:13:21] <NCommander> bytram, http://wiki.soylentnews.org
[03:13:11] <xlefay> bytram: dev?
[03:12:50] <mrcoolbp> nice
[03:12:50] <bytram> NCommander, not sure of the naming conventions you have now...
[03:12:34] <bytram> mrcoolbp, I just sent an e-mail to martyb@SN and it was autoforwarded back to me.
[03:12:24] <NCommander> bytram, what boxes do you need access to?
[03:12:24] <mrcoolbp> lol
[03:12:21] <xlefay> Only one did, cosurgi
[03:12:15] <mrcoolbp> and?
[03:12:14] <xlefay> people have to respond in order to get a mailbox ;-)
[03:12:06] <mrcoolbp> yeah
[03:12:01] <xlefay> I send an e-mail to the entire list
[03:11:56] <mrcoolbp> my mailbox is working pretty well
[03:11:53] * xlefay sighs
[03:11:48] <mrcoolbp> xlefay: do you know how the mailbox rollout is coming?
[03:11:41] <xlefay> you can't generally send from email@SN (with forwarder only) without spoofing
[03:11:25] <xlefay> e.g. email@SN -> real@email
[03:11:24] <mrcoolbp> xlefay: noted, that should work
[03:11:11] <bytram> mrcoolbp, let me try something first, brb
[03:11:11] <xlefay> mrcoolbp: it's email@SN that only gets forwarded
[03:11:09] <NCommander> mrcoolbp, I haven't, but I've been so deep in the backend that I haven't seen daylight for three days
[03:11:00] <xlefay> and yeah, we should NCommander :p
[03:10:57] <mrcoolbp> bytram that will work, what is it?
[03:10:42] <mrcoolbp> hee
[03:10:40] <bytram> IIRC, I have a forwarding addy.
[03:10:36] <xlefay> gotcha!
[03:10:34] <Bender> Added quote 80
[03:10:34] <xlefay> !grab NCommander
[03:10:33] <mrcoolbp> NCommander: Did you see my "new plan" email? We should be able to start the collection of domains in the next day or so.
[03:10:29] <NCommander> xlefay, noble gases
[03:10:21] <bytram> mrcoolbp, I thnk so,but am not sure...
[03:10:17] <xlefay> "neon"?
[03:10:04] <NCommander> That way we can have the noble servers
[03:09:57] <NCommander> We shold try and get neon to be our DB backup
[03:09:50] <NCommander> Oooh
[03:09:43] <xlefay> It's definitely making things a whole lot easier for us ;-)
[03:09:40] <NCommander> mrcoolbp, nice work
[03:09:18] <mrcoolbp> we are testing the email voting scheme, do you have an SN email address yet?
[03:09:00] <NCommander> kerberos too
[03:08:55] <NCommander> xlefay, single sign on is seriously paying dividines for the time I spent getting it up
[03:08:34] <bytram> mrcoolbp, what do you have?
[03:08:28] <xlefay> beryllium*
[03:08:04] <xlefay> Let's first see what MJ thinks
[03:07:59] <xlefay> So we'll leave berillium alone for now?
[03:07:21] <xlefay> hahahaha yea
[03:07:13] * NCommander loves how half the nodes came into existence this weekend
[03:07:10] <xlefay> also fixed the {staff,status} the wiki doesn't like |'s in between stuff
[03:07:04] <mrcoolbp> bytram: available for some testing?
[03:06:55] <xlefay> Yep, I saw it earlier
[03:06:26] <NCommander> xlefay, http://wiki.soylentnews.org - node list is up
[03:06:19] <xlefay> Agreed, but I wouldn't enjoy using oxygen as a frontend SSH server ;-)
[03:06:17] <NCommander> xlefay, hrm ... we could use kerberosed rsh, might be faster
[03:05:53] <NCommander> xlefay, necessary evil
[03:05:39] <xlefay> oxygen is definitely the slowest hop (because of the VPN, that is)
[03:05:14] <xlefay> Whereas with boron, you go: boron -> other node
[03:05:00] <xlefay> you would: oxygen -> boron -> other node
[03:04:51] <xlefay> Even for me, going through boron to other nodes is faster than going to oxygen, so I'm guessing the reverse would be the same
[03:04:24] <xlefay> NCommander: I was thinking the same but I don't think that's going to add anything but latency.
[03:04:14] <mrcoolbp> cool
[03:04:02] <NCommander> though since it needs to go to boron for VPN ...
[03:03:55] <NCommander> xlefay, we might want to use this box as a secondary SSH proxy ...
[03:03:46] <NCommander> mrcoolbp, its google voiced
[03:03:43] <NCommander> mrcoolbp, oh you can text my normal number
[03:03:31] <mrcoolbp> NCommander: let us know when you get the cell setup, I'm hesistant to make voice calls....
[03:03:01] <xlefay> Haha, it is!
[03:02:55] <NCommander> SHINY
[03:02:54] <NCommander> xlefay, bi-drectional
[03:02:49] <NCommander> xlefay, we're KRB5ed
[03:02:46] <NCommander> mrcoolbp, no :-/
[03:01:54] <mrcoolbp> NCommander: the phone you provided is not a cell (i.e. doesn't accept texts) correct?
[03:00:48] <NCommander> ktab generated
[02:59:11] <xlefay> And so it does ;-)
[02:59:08] <NCommander> xlefay, no
[02:59:01] <xlefay> krb5.conf iirc
[02:59:01] <NCommander> xlefay, kinit works
[02:58:56] <xlefay> Did you set the /etc/krb-thing-config?
[02:58:24] <xlefay> http://wiki.soylentnews.org
[02:58:22] * NCommander is giving it a bit of a hand in locating its brain
[02:58:13] <NCommander> I think something isn't going across the VPN
[02:58:06] <NCommander> xlefay, its having issues
[02:58:01] <NCommander> damn it
[02:58:00] <NCommander> kinit: Client not found in Kerberos database while getting initial credentials
[02:58:00] <NCommander> mcasadevall@oxygen:~$ kinit
[02:56:56] <audioguy> mrcoolbp: pm
[02:56:53] <xlefay> The program 'kinit' can be found in the following packages:
[02:56:46] <xlefay> It doesn't appear to be installed?
[02:56:46] <mrcoolbp> audioguy: is it ready to go?
[02:56:33] <NCommander> It couldn't find the kerberos servers
[02:56:29] <NCommander> huh
[02:56:26] <audioguy> mrcoolbp - good, got things working with three separate pages, added a few little frills f=to make the user inteface better.
[02:56:18] <NCommander> yay
[02:56:15] * xlefay notes the AAAA records are good for something in the end anyway!
[02:56:05] <xlefay> But it's pretty awesome, we're doing it via IPv6.
[02:56:02] <mrcoolbp> cool
[02:55:59] <xlefay> nvm, forgot about the SSH proxy -_-"
[02:55:57] <NCommander> mrcoolbp, we added a European backup node
[02:55:50] <NCommander> xlefay, huh?
[02:55:50] <mrcoolbp> do tell
[02:55:49] <xlefay> nvm
[02:55:43] <NCommander> mrcoolbp, our cloud got an interesting new addition
[02:55:40] <xlefay> err, type: w
[02:55:36] <xlefay> NCommander: @ oxygen: 2
[02:55:15] <xlefay> if it does, lock it down - if not, it's terribly slow anyway
[02:55:07] <xlefay> Yes, let's first see if it'll stays working
[02:55:04] <mrcoolbp> audioguy: how's everything lookin'?
[02:54:57] * NCommander will leave it as is for now
[02:54:53] <NCommander> xlefay, .... point
[02:54:45] <xlefay> Yes, in which case, nothing can happen anyway, right?
[02:54:43] <mrcoolbp> good to be seen
[02:54:36] <bytram> mrcoolbp, good to "see" you!
[02:54:33] <NCommander> Which means no remote login
[02:54:28] <NCommander> xlefay, if the VPN goes down, LDAP goes down
[02:54:10] <xlefay> NCommander: actually, just lock down SSH - if it goes wrong, you simply boot the rescue system
[02:53:59] <NCommander> >.<;
[02:53:58] <NCommander> xlefay, ... you're proxying through the US to reach a server in france
[02:53:42] <NCommander> xlefay, it doesn't look like I have a backup console, so if LDAP goes in, direct root SSH is the only way to go
[02:53:41] <xlefay> Creating directory '/home/xlefay'.
[02:53:39] <xlefay> Warning: Permanently added 'oxygen.li694-22' (ECDSA) to the list of known hosts.
[02:53:38] * mrcoolbp returns finally
[02:53:36] <audioguy> I hope nothing TOO important depends upon this link. ;-)
[02:53:25] <NCommander> xlefay, I'm *not* super locking SSH down on oxygen
[02:53:05] -!- mode/#staff [+v mrcoolbp] by SkyNet
[02:53:05] -!- mrcoolbp [mrcoolbp!~mrcoolbp@Soylent/Staff/mrcoolbp] has joined #staff
[02:52:52] <NCommander> audioguy, I dunno, I think our cloud might be raining
[02:52:40] <NCommander> yay
[02:52:39] <audioguy> A cloud within a cloud
[02:52:36] <NCommander> Creating directory '/home/mcasadevall'.
[02:52:35] <NCommander> Warning: Permanently added 'pub.oxygen.li694-22' (ECDSA) to the list of known hosts.
[02:52:35] <NCommander> Are you sure you want to continue connecting (yes/no)? yes
[02:52:35] <NCommander> ECDSA key fingerprint is 2f:06:2c:f5:44:a8:19:f8:81:b8:08:e4:c9:4e:48:0f.
[02:52:35] <NCommander> The authenticity of host 'pub.oxygen.li694-22 (<no hostip for proxy command>)' can't be established.
[02:52:35] <NCommander> mcasadevall@tranquility:~/src/charybdis/charybdis-li694-3.4.2$ ssh pub.oxygen.li694-22
[02:52:30] <xlefay> done
[02:52:27] <NCommander> xlefay, this is kludgy :-/
[02:52:06] <audioguy> I understand. ;-)
[02:51:45] <xlefay> eek... there goes that format
[02:51:32] <xlefay> oh...
[02:51:28] <NCommander> oxygen.li694-22 == 91.121.158.169
[02:51:17] <NCommander> xlefay, no, oxygen itself needs that
[02:50:56] <xlefay> [00:09] root@boron $
[02:50:54] <xlefay> pub.oxygen.li694-22 has IPv6 address 2001:41d0:1:dfa9::1
[02:50:53] <xlefay> pub.oxygen.li694-22 has address 91.121.158.169
[02:50:51] <xlefay> [00:09] root@boron $ host pub.oxygen
[02:50:42] <xlefay> pub.oxygen ?
[02:50:34] <NCommander> xlefay, oxygen isn't resolving from boron
[02:50:20] <xlefay> "cloud"
[02:50:18] <xlefay> Actually.. we just made our own sort of cloud ;')
[02:50:11] <NCommander> audioguy, basically need to wait until all the credit we have on Linode is burned through
[02:50:01] <NCommander> audioguy, cloud was quick. I want to move us to dedicated infrastructure within 3 months
[02:48:16] <audioguy> Cloud shit. SPIT
[02:47:42] <audioguy> AH, now I understand. Me, I like having control over my own hardware.
[02:47:07] <NCommander> audioguy, we don't control the internal LAN, so we can't tell it to route 10.x.x.x packets across switches
[02:46:49] <NCommander> audioguy, the problem isn't the connection
[02:46:39] <audioguy> Its just connecting two internal networks, right?
[02:46:25] <xlefay> It caches right?
[02:46:21] <audioguy> I still don't understand why a normal vpn setup won't do this.
[02:44:57] <NCommander> (its two levels of TLS going through each other)
[02:44:41] <NCommander> (NSS takes several seconds to do anything)
[02:44:36] <NCommander> But it works
[02:44:34] <NCommander> Its LAGGY as fuck
[02:44:23] <NCommander> uid=2500(mcasadevall) gid=2501(sysops) groups=2501(sysops),2500(firefighters),2502(db),2503(dev_team),2504(prod_access)
[02:44:23] <NCommander> xlefay, root@ns359611:/usr/share/ca-certificates# id mcasadevall
[02:40:03] <xlefay> so you'll have the default resolv.conf going out, and you'll have the tunneled stuff going through our DNS
[02:39:37] <xlefay> That reminds me, you can set the DNS in openvpn config iirc
[02:39:27] <NCommander> we are in business
[02:39:19] <NCommander> GOT IT
[02:39:17] <NCommander> Address: 192.168.136.231
[02:39:17] <NCommander> Name: carbon.li694-22
[02:39:17] <NCommander> Address: 192.168.174.17#53
[02:39:17] <NCommander> Server: 192.168.174.17
[02:39:17] <NCommander> root@ns359611:/etc/openvpn# nslookup carbon 192.168.174.17
[02:38:27] <xlefay> fixed
[02:38:25] <xlefay> NCommander: nameserver 8.8.8.8
[02:38:21] <NCommander> xlefay, do you know where they have it saved?
[02:38:19] <audioguy> split dns
[02:38:17] <xlefay> audioguy: you're right, let me do that ;-)
[02:38:16] * NCommander wishes he saved the original resolv.conf
[02:38:09] <NCommander> shit
[02:38:07] <xlefay> actually
[02:37:59] <audioguy> just make one machine a slave, internal only
[02:37:54] <xlefay> "One oughta be enough for everybody"
[02:37:19] <audioguy> you only need one
[02:37:19] <NCommander> hrm
[02:37:18] <NCommander> DNS traffic just not going through
[02:37:14] <NCommander> yeah
[02:37:13] <xlefay> and just for coverage, we could have oxygen as tertiary
[02:36:51] <xlefay> (that would be fixed if we were to move the current external DNS over to helium & boron) ;-)
[02:36:36] <xlefay> hmm ;-)
[02:36:08] <NCommander> oops
[02:36:08] <NCommander> xlefay, only having the nodes in there means it can't resolve staff.soylentnews.org :-)
[02:35:55] <xlefay> :o
[02:35:51] * NCommander broke DNS setup
[02:35:48] <NCommander> shit
[02:35:46] <NCommander> oops
[02:35:46] <NCommander> er
[02:35:14] <NCommander> need redirect-gateway
[02:35:12] <xlefay> nslookup carbon 192.168.174.17
[02:35:11] <NCommander> oh
[02:34:59] <xlefay> hmm :/
[02:34:16] <NCommander> xlefay, hrm, DNS traffic isn't being routed
[02:33:58] <audioguy> Europorn, here we come! ;-)
[02:33:49] <xlefay> That inspires a lot of trust, rofl
[02:33:42] <Bender> Added quote 79
[02:33:42] <xlefay> !grab NCommander
[02:33:41] <xlefay> LOL
[02:32:38] <NCommander> Whatever we do, don't reboot boron without a good reason
[02:32:27] <NCommander> audioguy, the networking config here is a bit wonky
[02:31:57] <audioguy> So we COULD set our default route to the heart of Europe, and surf in a country with sane privacy laws. ;-)
[02:31:46] * NCommander runs through the node setup instructions
[02:31:08] <xlefay> now let's update /etc/resolv.conf ;-)
[02:31:03] <xlefay> Fuck yes
[02:30:47] <NCommander> (that's helium's SSH port)
[02:30:34] <NCommander> YAY
[02:30:32] <NCommander> SSH-2.0-OpenSSH_6.5p1 Ubuntu-6~precise1
[02:30:32] <NCommander> Escape character is '^]'.
[02:30:32] <NCommander> Connected to 192.168.174.17.
[02:30:32] <NCommander> Trying 192.168.174.17...
[02:30:32] <NCommander> xlefay, root@ns359611:/etc/openvpn# telnet 192.168.174.17 22
[02:29:15] <xlefay> Don't forget bcrypt naturally.
[02:28:53] <xlefay> and rot13, of course.
[02:28:46] <xlefay> Good luck!
[02:28:46] <bytram> h, wait... .hsould I also rot26 it?
[02:28:22] <bytram> ok, brb!
[02:28:13] <xlefay> of course you shuffle dat string first, and in between each time
[02:28:02] <xlefay> bytram: you do all of them, then, you encrypt that string with multiple encryption methods and then you use one real encryption algo, and THEN you have a key
[02:27:52] <bytram> LOL! I can hax passphraze?
[02:27:51] <paulej72> bytram: orginal aramaic
[02:27:36] <bytram> hmm, maybe I should use the Nestle new testament greek?
[02:27:35] <audioguy> The cat sounds like the best option, overall. ;-)
[02:27:06] <bytram> xlefay, I agree, but the question is what translation to use? KJV, RSV, NRSV, NAB, or should I just catenate them all together and use THAT? =)
[02:27:04] <audioguy> Latin editions preferred, ov course.
[02:26:27] <audioguy> I've used ip rewriting in iptables to do that sort of thing.
[02:25:51] <xlefay> but, the bible would still be preferable
[02:25:43] <bytram> k
[02:25:38] <xlefay> bytram: honestly, 40 chars is more than fine
[02:25:38] <bytram> xlefay, how about a range of lengths?
[02:25:16] <audioguy> routing still not working?
[02:25:11] <xlefay> bytram: I'm not going to reveal that sensitive information ;-)
[02:24:54] <NCommander> FUck it, I'm going to masquerade it
[02:24:50] <xlefay> so you'll need a secondary password too
[02:24:49] <NCommander> ah
[02:24:44] <xlefay> Although, the SSH key will only get *you* as far as boron, from there you'll need to kinit through
[02:24:40] <bytram> xlefay, how long are YOUR passphrases?
[02:24:21] <xlefay> This is our entire infra we're talking about bytram :P
[02:24:18] <audioguy> The bible is really secure for a passphrase.
[02:23:59] <audioguy> eye
[02:23:55] <audioguy> Minor format change obvious to the ryr.
[02:23:53] <xlefay> bytram: 40 chars pfffffft
[02:23:47] <bytram> suggestions on pass-phrase length? is 40 chars enough?
[02:23:39] <xlefay> That's why I'm saying, good thing we've got Kerberos ;-)
[02:23:34] <audioguy> One thing - if I remenber right I had to make some small mod to the key putty created to make it work
[02:23:30] <NCommander> xlefay, yeah
[02:23:16] <xlefay> audioguy: true, however - you can only SSH to boron. Without Kerberos, he wouldn't be able to get anywhere else, since the other servers don't have his ssh key ;-)
[02:22:42] <audioguy> Putty handles normal connections fine.
[02:21:49] <xlefay> NCommander: guess it's a good thing we've got kerberos, otherwise PuTTy clients would have a hard time ;-)
[02:21:01] <bytram> audioguy, okay, thanks!
[02:20:42] <audioguy> ssh2 rsa
[02:20:26] <bytram> looking to create an ssh key; I've got PuTTYgen running... what kind of key do you need? SSH-1(RSA) or SSH-2 RSA or SSH-2 DSA?
[02:20:06] <FunPika> It is not full wiki admin, but it does have a few extra rights other than locking and unlocking the DB (for example you can edit the sidebar and other interface messages)
[02:20:05] <xlefay> Thank you FunPika, that helps a lot ;-)
[02:19:41] <xlefay> bytram: hi ;-)
[02:19:28] <bytram> g'day everyone!
[02:19:02] <xlefay> LaminatorX: for now that could work I suppose; in long term, perhaps we could code something that'll automatically post an alert (a simple, alert, not an entire story) asking for new submissions if the queue gets lower than a predefined value
[02:18:58] <FunPika> I created a new group with that ability on the wiki and added you to it
[02:18:32] <NCommander> AH
[02:18:31] <NCommander> https://community.openvpn.net
[02:18:04] <xlefay> FunPika: did you grant me admin privileges?
[02:17:59] <LaminatorX> I'm thinking about putting up a story tomorrow morning calling on members to submit a story each week. Thoughts?
[02:17:42] <FunPika> xlefay: You should be able to lock the database now by using http://wiki.soylentnews.org and unlock it using http://wiki.soylentnews.org
[02:16:45] <LaminatorX> Looks like I need to look at the status tab more often
[02:16:18] <LaminatorX> heh. So it was.
[02:16:04] <xlefay> more like last week, march 14
[02:15:50] <LaminatorX> Looks like it was from earlier this week re contact@sn
[02:15:45] <xlefay> don't default that
[02:15:42] <xlefay> err, right
[02:15:30] <audioguy> you don't want default down that link though
[02:14:51] <NCommander> xlefay, probably
[02:14:32] <audioguy> oh , just the default help. I was hpoing for a cisco IOS type thing. ;-)
[02:14:19] <xlefay> what was it?
[02:14:09] <xlefay> LaminatorX: I don't recall that memo
[02:14:00] MrBluze is now known as MrBluze|afk
[02:13:32] <audioguy> really? never notied that ;-)
[02:13:30] <xlefay> route add 10.8.0.0 default gw 10.8.0.1 dev tun0 # something like that?
[02:13:04] <xlefay> will tell you ;-)
[02:13:01] <xlefay> route add
[02:12:52] * NCommander tries to remember the route command syntax
[02:12:42] <NCommander> Stand by
[02:12:41] <NCommander> that isn't a proper route
[02:12:38] <NCommander> oh wait
[02:12:34] <audioguy> perhaps proxy arp needed?
[02:12:10] <audioguy> and the other thigs Ii was wondering about was the NOARP
[02:11:56] <NCommander> 10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
[02:11:56] <NCommander> audioguy, never mind, I did 10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
[02:11:41] <NCommander> audioguy, thanks
[02:11:39] <NCommander> audioguy, er, no I didn't
[02:11:36] <NCommander> xlefay, uh ... hrm
[02:11:09] <xlefay> Also, NCommander: bittorrent, which node? (stderr has obviously decided to leave and asked me to move our stuff off his server)
[02:10:35] <audioguy> on both sides.
[02:10:21] <audioguy> did you add a route?
[02:10:01] <NCommander> telnet: Unable to connect to remote host: No route to host
[02:10:01] <NCommander> Trying 192.168.174.17...
[02:10:01] <NCommander> root@ns359611:/etc/openvpn# telnet 192.168.174.17 22
[02:10:00] * NCommander fiddles with iptables
[02:09:11] <xlefay> std, not gresecurity :'[
[02:09:04] <xlefay> oh my that's disappointing
[02:08:53] <NCommander> Linux ns359611.ip-91-121-158.eu 3.10.23-xxxx-std-ipv6-64 #1 SMP Tue Mar 18 14:48:24 CET 2014 x86_64 x86_64 x86_64 GNU/Linux
[02:08:53] <NCommander> xlefay, root@ns359611:/etc/openvpn# uname -a
[02:08:38] <xlefay> NCommander: btw, what kernel is that beast running?
[02:08:25] <NCommander> plan b
[02:08:24] <NCommander> ok
[02:08:23] <NCommander> yeah ...
[02:07:50] <xlefay> LOL
[02:07:49] <audioguy> NOARP ?
[02:07:30] <NCommander> I don't think I've ever seen that before
[02:07:12] <NCommander> That's a new error
[02:07:09] <NCommander> From 91.121.128.164 icmp_seq=1 Time to live exceeded
[02:07:09] <NCommander> PING 192.168.174.17 (192.168.174.17) 56(84) bytes of data.
[02:07:09] <NCommander> root@ns359611:/etc/openvpn# ping 192.168.174.17
[02:07:07] <xlefay> Writing docs like this, not so much. Unlike NC, I'm not going to give a primer on DNS. Just going to tell you a few simple things.
[02:06:37] <xlefay> btw, I really, really hate writing documentation. Documentation for code? Sureeeeeeeeee that's simple.
[02:05:39] * NCommander debates if he wants to risk just doing normal routing
[02:05:34] <xlefay> doesn't sound so exciting as liftoff tho ;'(
[02:05:32] <NCommander> xlefay, hrm
[02:05:28] <xlefay> err, route*
[02:05:24] <xlefay> And we've got liftoff!
[02:05:18] * NCommander whimpers
[02:05:14] <NCommander> We have a route
[02:05:09] <NCommander> xlefay, 192.168.0.0 10.8.0.5 255.255.128.0 UG 0 0 0 tun0
[02:02:46] * xlefay goes to stand real pretty and waits
[02:02:34] <NCommander> stand by
[02:02:33] * NCommander is getting it to push routes
[02:02:28] <NCommander> xlefay, yeah
[02:02:04] <xlefay> That on the bbox?
[02:02:03] <NCommander> We have a VPN bridge
[02:01:54] <NCommander> RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
[02:01:52] <NCommander> collisions:0 txqueuelen:100
[02:01:52] <NCommander> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
[02:01:52] <NCommander> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
[02:01:52] <NCommander> UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
[02:01:52] <NCommander> inet addr:10.8.0.6 P-t-P:10.8.0.5 Mask:255.255.255.255
[02:01:52] <NCommander> xlefay, tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[02:01:45] <xlefay> also, NC, bittorrent tracker, which node?
[02:01:20] <xlefay> Least, at all times we'll have full backups from nodes in case we missed stuff
[02:01:09] <xlefay> That's good to know for whenever we're really building the migration strategy ;-)
[02:00:20] <NCommander> xlefay, yeah
[02:00:13] <xlefay> e.g. so we could *technically* with the right set up throw it into something else to boot?
[01:59:54] <xlefay> wait, if you can clone a hdd from a linode, then you can mount it - can you not DD it then and later on convert it to another format?
[01:58:13] * xlefay sees a building burning down
[01:57:55] * NCommander plugs the client in
[01:57:32] <NCommander> audioguy, not really ... not if you have properly routable address space :-P
[01:57:20] <NCommander> inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
[01:57:20] <audioguy> Isn't hat just what a vpn does normally?
[01:57:20] <NCommander> tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[01:57:19] <NCommander> TAP bridge is up
[01:57:02] * NCommander feels unclean
[01:56:40] <xlefay> exactly, what I was thinking but the "world IP addresses" was rather confusing ;-)
[01:56:37] <NCommander> That gives me the bloody jeevees
[01:56:20] <xlefay> It'll be able to ping carbon, internally
[01:56:19] <NCommander> 192.168.x should route properly through the VPN
[01:56:06] <NCommander> xlefay, if we're natting through a VPN, and set the routing tables on oxygen correctly
[01:56:06] <NCommander> xlefay, no
[01:55:30] <xlefay> carbon.li694-22. -> pub_ip, etc..?
[01:55:20] <xlefay> As in, changing carbon and such to show their public IPs?
[01:55:07] <xlefay> "The world IP addresses"?
[01:55:00] <NCommander> I should be able to poke all the internal nodes
[01:54:53] <NCommander> It solves the problem
[01:54:51] <NCommander> But
[01:54:44] <NCommander> Holy indigestion
[01:54:39] <NCommander> xlefay, we publish the world IP addresses in the li694 zone
[01:54:27] <xlefay> I'm fairly sure that's what I meant by proxying via boron ;-)
[01:54:20] <NCommander> xlefay, outside node can resolve internal IPs
[01:54:09] <xlefay> oh god
[01:53:54] * NCommander squirms
[01:53:53] <LaminatorX> HAHAHAHAHA
[01:53:48] <NCommander> xlefay, ... NAT
[01:53:43] <NCommander> I know how to solve this
[01:53:41] <xlefay> The joy... ;')
[01:53:36] <NCommander> OH GOD
[01:53:11] <LaminatorX> I don't think I need one. If you want me to be on the in case of emergency list to restart slashd or something I could probably do so.
[01:52:58] <NCommander> xlefay, https://library.linode.com
[01:52:22] <xlefay> (for obvious reasons)
[01:52:13] <xlefay> correct
[01:52:03] <NCommander> xlefay, as different hostnames ...
[01:51:54] <xlefay> it also has the public ones
[01:51:53] <NCommander> LaminatorX, do you need a shell account ? :-)
[01:51:44] <NCommander> xlefay, the DNS has the internal IPs on it
[01:51:41] <LaminatorX> I take it that's what the request for publik keys was about?
[01:51:33] <NCommander> xlefay, the problem is we don't have a proper subnet
[01:51:22] <xlefay> That sounds kinda weird, but I suppose nothing is.
[01:51:12] -!- mode/#staff [+v bytram] by SkyNet
[01:51:12] -!- bytram [bytram!~pc@Soylent/Staff/Developer/martyb] has joined #staff
[01:51:09] <xlefay> We are.
[01:51:08] <NCommander> xlefay, nothing is stopping us from (and I hate to say this) LDAPing over the internet
[01:50:52] <NCommander> xlefay, we *are* doing TLS authetication
[01:50:44] * NCommander mulls
[01:50:41] <NCommander> wait
[01:50:40] <NCommander> actually ...
[01:50:40] * NCommander notes this is ugly routing
[01:50:14] <NCommander> BLeh
[01:50:13] <NCommander> xlefay, means I need to get slurp up though
[01:49:19] <xlefay> Or we could do that ;-)
[01:49:11] <NCommander> xlefay, problem solved.
[01:49:07] <NCommander> xlefay, but we could push directly via IPv6 outbound
[01:48:51] <NCommander> xlefay, actually, its not a huge deal. We need the VPN for LDAP+Kerberos
[01:48:34] <xlefay> I'm going for, let's just proxy everything via boron, like a similar way we do with SSH; surely that's possible?
[01:48:32] <NCommander> xlefay, I'm debating on how best to handle this.
[01:47:17] <xlefay> NCommander: hmm, I'm not fond of using pull itself, we could even create one hop in between (e.g. servers > boron > backup) but wouldn't be nice...
[01:46:13] <xlefay> LaminatorX: sounds good.
[01:46:00] <NCommander> xlefay, unless we do this as a pull
[01:45:56] <LaminatorX> I'll fwd those to you later this evening, xlefay.
[01:45:39] * NCommander notes this just got ugly
[01:45:35] <NCommander> from all nodes
[01:45:33] <NCommander> xlefay, hrm ... we need to be able to get bi-directional traffic to/from the VPN
[01:44:54] <NCommander> LaminatorX, yeah we can get him editor bits on dev
[01:44:53] <FunPika> I usually just use a special page on the wiki to do it, only accessible to bureaucrats currently.
[01:44:28] <xlefay> I'll look into if there's something wrong, it's probably just a temp error
[01:44:13] <xlefay> LaminatorX: can you forward one of those mails to me xander@xandev.nl please
[01:44:00] <xlefay> I will give you a heads up when we do, however if you're not around - how do I enable the maintenance mode?
[01:43:43] <xlefay> we're currently _not_ doing anything with the SVC box, can you disable maintenance mode?
[01:43:36] <FunPika> ?
[01:43:32] <xlefay> FunPika:
[01:43:16] <LaminatorX> I sent two to the staff list last night, and they got weird replies from the server.
[01:42:30] <xlefay> "bounced emails"?
[01:40:30] <LaminatorX> (That being the more important of the bounced emails.)
[01:39:56] <LaminatorX> GungnirSniper is our newest editor. We need permissions for him, and I wanted to see about training him on the dev system. Is that feasible?
[01:39:54] <NCommander> boron.li694-22
[01:39:51] <NCommander> no
[01:39:50] <NCommander> actually
[01:39:33] <NCommander> staff.soylentnews.org
[01:39:31] <NCommander> er
[01:39:29] * NCommander sets the common name o the certificate to boron
[01:37:43] <xlefay> yea
[01:37:03] <NCommander> xlefay, this looks really easy https://help.ubuntu.com
[01:36:29] <xlefay> I've done it before, I'll take a look at it
[01:36:19] <NCommander> xlefay, I'm going to setup a tap bridge from boron to the new node
[01:36:10] <NCommander> xlefay, actually, openvpn pretty idiot proof
[01:34:56] <NCommander> IPsec - that's hard
[01:34:51] * NCommander notes openvpn pretty easy
[01:34:42] <NCommander> xlefay, do you know how to setup VPN?
[01:34:25] <NCommander> Awesome
[01:34:25] <NCommander> Welcome to Ubuntu 12.04.4 LTS (GNU/Linux 3.10.23-xxxx-std-ipv6-64 x86_64)
[01:34:25] <NCommander> root@ns359611.ip-91-121-158.eu's password:
[01:34:23] <NCommander> mcasadevall@tranquility:~/src/charybdis$ ssh root@ns359611.ip-91-121-158.eu
[01:33:20] <NCommander> xlefay, got it
[01:32:12] <xlefay> NCommander: you normally get an e-mail from them
[01:32:01] <NCommander> How to fuck do I get in?
[01:32:00] <xlefay> NCommander: perferablly one which includes two highend (but not too costly) dedicated servers on which we can virtualize ourselves + hot failover and crap
[01:31:57] <NCommander> xlefay, ok .. it provisioned
[01:31:28] <NCommander> xlefay, I think we need to get a linode abandonment plan when we burn through our lumps of credit
[01:31:15] <xlefay> Yes, it does.
[01:31:10] <xlefay> "so that local IPv6 traffic within one facility" that's kinda a bitch tho..
[01:31:08] <NCommander> :-/
[01:31:06] <NCommander> Honestly, gluing two IPv4 private networks sounds saner
[01:30:49] <xlefay> no shit :o
[01:30:46] <NCommander> Since we want it to route through the VPN tunnel
[01:30:39] <NCommander> The routing going to be a bitch though
[01:30:26] <NCommander> That's fucking sweet
[01:30:21] <NCommander> xlefay, so if we use IPv6, it just works
[01:30:14] <NCommander> xlefay, - There is no need! We have designed our IPv6 accounting so that local IPv6 traffic within one facility does NOT count against your transfer quota. Use them just like private IPs.
[01:30:12] <NCommander> OH
[01:30:09] <xlefay> but then again I suppose using a VPN as a proxy in that case wouldn't be neat either
[01:30:07] <NCommander> There is no need! We have designed our IPv6 accounting so that local IPv6 traffic within one facility does NOT count against your transfer quota. Use them just like private IPs.
[01:29:44] <xlefay> NCommander: oh I thought you meant to the backup box
[01:29:37] * xlefay kicks linode >.<
[01:29:35] <NCommander> Which defeats the point :-)
[01:29:29] <xlefay> which does suck
[01:29:22] <xlefay> so, you'll simply VPN over IPv6, it just won't work internally..
[01:29:21] <NCommander> xlefay, so does linode, but only on the front facing interface
[01:29:13] <NCommander> xlefay, yeah
[01:29:12] <xlefay> e.g. OVH has ipv6 support
[01:29:07] <xlefay> NCommander: then, you make the VPN act as a tunnel, no?
[01:28:56] <NCommander> IPv4ing two private namespaces kinda sucks
[01:28:50] <NCommander> I'd like to connect the tunnel on IPv6 only
[01:28:41] * NCommander *really* wishes we had IPv6 on the internal backend
[01:28:29] <xlefay> ha! ;)
[01:28:29] <NCommander> Hrm ...
[01:28:22] <NCommander> audioguy, real men compile their code on NFS
[01:28:08] <audioguy> Well, would not normally compile over such a llink. ;-)
[01:27:57] <NCommander> xlefay, setup a new node, put lxc, and then do reverse proxying to the Apache instances
[01:27:46] <xlefay> Yeah, they're using some funny stuff, network boot, etc...
[01:27:44] <NCommander> xlefay, honestly, at this point, I think its torch and burn is the way to go
[01:27:36] <NCommander> xlefay, SVC == burn it with fire?
[01:27:31] <NCommander> xlefay, holy crap their provisioning is installed
[01:27:27] <xlefay> I was thinking about testing LDAP stuff with CentOS so we know what we have to do with our SVC box ;-)
[01:27:22] <NCommander> LaminatorX, not sure
[01:27:15] <LaminatorX> I got some emails from lists bounces yesterday when things were weirde. did they go through to staff eventually?
[01:27:06] <NCommander> xlefay, rather not introduce more CentOS into our lives, and we have nice documentation for Ubuntu
[01:27:04] <xlefay> (least, last time I was with OVH/Kimsufi, that is)
[01:26:54] <xlefay> You can provision whatever on it whenever you want
[01:26:49] <NCommander> audioguy, its fine for basic stuff, but FUSE gets wonky if you do something like try and compile something
[01:26:48] <xlefay> NCommander: it's just an idea tho ;-)
[01:26:32] <NCommander> xlefay, I already provisioned Ubuntu onto it
[01:26:29] <audioguy> Really good way to do little mounts. I tried this between my home machine and my remote, and was surpised it maintained the mount after two weeks of dynamic dns changes etc.
[01:26:15] <xlefay> The kimsufi box
[01:26:12] <xlefay> and then later on just re-use the VPN for backup up stuff to the Ubuntu OS (which will initially run CentOS)
[01:26:06] <NCommander> what backup machine?
[01:25:44] <xlefay> NCommander: I was actually thinking, if we get a VPN up - we could throw CentOS on the back up machine temporarily and try a ldap set up there
[01:25:23] -!- mode/#staff [+v LaminatorX] by SkyNet
[01:25:23] -!- LaminatorX [LaminatorX!~44bc6685@Soylent/Staff/Editor/LaminatorX] has joined #staff
[01:25:23] <NCommander> audioguy, I do, but only sparingly, its quirky
[01:25:14] <xlefay> yep
[01:25:10] <audioguy> Either of you ever use sshfs?
[01:25:06] <NCommander> actually, if we kerberos, and setup a root krb account, we COULD make pull work nicely
[01:24:37] <NCommander> yay!
[01:24:36] <NCommander> then we can kerberos it, and LDAP it
[01:24:12] <NCommander> We can use boron's network interface as bandwidth out from there shouldn't cause the rest to be effected
[01:23:51] <NCommander> That's probably a good idea
[01:23:45] <NCommander> xlefay, hrm ...
[01:23:39] <xlefay> In this situation, VPN would be awesome for it ;-)
[01:23:25] <NCommander> *PASS*
[01:23:24] <xlefay> But, kimsufi is from OVH, last time I had servers with them, every install of CentOS and stuff came with gresecurity ;-)
[01:23:23] * NCommander would like to have LDAP authethication working, but that means getting slurp to work over the internet
[01:22:59] <xlefay> oh I'm not either ;-)
[01:22:50] <NCommander> We're using it basically as a big honking HDD
[01:22:44] <NCommander> xlefay, I'm not hugely worried too much on apparmor on this box
[01:22:31] <xlefay> It'll probably come with a gresecurity kernel
[01:22:07] <xlefay> Ok ;-)
[01:21:58] <NCommander> xlefay, Ubuntu 12.04.LTS
[01:21:52] <xlefay> Which OS are you throwing on it?
[01:21:51] <NCommander> */just saying*
[01:21:48] <NCommander> xlefay, er ... dcpromo is *really* easy for directory services
[01:21:32] <xlefay> ;-)
[01:21:31] <xlefay> also, NCommander s/backing up POSIX ->//
[01:21:12] <xlefay> :P
[01:21:07] <xlefay> s/don\'t//
[01:20:57] <NCommander> unless you abuse internix or cygwin
[01:20:49] <NCommander> xlefay, backing up POSIX -> Windows is a bitch
[01:20:21] <xlefay> Oh, I don't mind, really.
[01:20:00] * NCommander ducks
[01:19:59] * NCommander gives xlefay a Windows Server installation
[01:19:19] <audioguy> Then you later go, well, I have a little bit left here, I'll just change that to 95%, then... ;-)
[01:18:47] <NCommander> Ok, order is processed
[01:18:45] <audioguy> yeah.
[01:18:30] <audioguy> Not arguing with push, just saying a check is needed.
[01:18:27] <NCommander> audioguy, landscape will yell at me when it gets to 85% full
[01:18:20] <NCommander> audioguy, I can put it on landscape
[01:17:44] <audioguy> I do with to change my dns, because I have a brain dead nin fixed ip address here at home in the countryy.
[01:17:39] <NCommander> audioguy, well, push also means we can do the mysqldump on each node, and push that seperately
[01:14:41] <audioguy> ssh run remote script to check disk full, exit with email if full, then do backup if ok.
[01:13:38] <audioguy> You'll want some way to check then ;-)
[01:13:12] <NCommander> audioguy, I don't want anything being able to remote auth straight to root
[01:12:59] <NCommander> audioguy, pull is a bit annoying because we need to smack rsync to sudo to root
[01:12:43] <xlefay> We could always set up an alert for when the disk is almost full ;-)
[01:12:15] <xlefay> I'm guessing they use WOL + network imaging, etc.
[01:12:11] <audioguy> If you do a pull model, it makes it easier to deal with stuff like 'backup full'. Of course that would never, ever happen to us. ;-)
[01:11:45] <NCommander> Server creation in process
[01:11:45] <xlefay> The server itself should be online pretty quick
[01:11:40] <NCommander> Paid
[01:11:21] <NCommander> xlefay, waiting for paypal to auth payment, and then for the server to exist
[01:09:59] <NCommander> xlefay, well, reading the EULA firrst
[01:08:39] <xlefay> awesome ;-)
[01:08:28] <NCommander> xlefay, creating a node
[01:07:41] <xlefay> brb though, docs
[01:07:36] <xlefay> Sure
[01:06:39] <NCommander> xlefay, we should make sure to do I/O rate limiting on rsync though
[01:06:21] <xlefay> exactly
[01:05:52] <NCommander> xlefay, it also makes permissions easiers; we don't have to deal with rsync trying to sudo to root, we can just have a local service account
[01:05:50] <xlefay> btw, the 8 euros doesn't incl. vat, disregard my earlier messages about that; had a brainfart ;-)
[01:05:24] <xlefay> LOL
[01:05:18] <NCommander> Thats depressing. I rather have a cooler country, not one which surrenders at the first sign of resistence :-P
[01:05:15] <xlefay> I think push, if a node ever gets replaced or whatnot, the backup node won't be trying to pull it
[01:04:59] <NCommander> xlefay, so we can only be in France
[01:04:31] <NCommander> xlefay, hrm, whats the best way to do this, push model or pull model
[01:04:16] <NCommander> Alright, back
[01:03:01] <xlefay> btw, writing the dns docs in the hitchikers guide to li694-22
[00:53:31] -!- Popeidol [Popeidol!~matt@558-04-736-30.dyn.iinet.net.au] has joined #staff
[00:46:41] <xlefay> awesome, thank you.
[00:46:31] <FunPika> all right wiki should be backed up
[00:45:29] -!- stderr [stderr!~pohol@GetOffMyLawn/stderr] has parted #staff
[00:43:44] * xlefay sighs
[00:41:13] <xlefay> the regular price 8.00 = including vat. Only the set up fee has vat included
[00:41:01] <xlefay> ooh wait
[00:40:16] <xlefay> 8.00 + 21% vat = regular price
[00:40:05] <xlefay> 21.59 € in total, for the first month. Second month would be cheaper, of course
[00:39:44] <xlefay> 3.60 euro vat (21%), meaning:
[00:39:35] * xlefay notes there is a small installation fee of 10 euros though
[00:39:18] <MrBluze> drugs would be more fun
[00:39:10] <xlefay> btw, this is a dedicated server tho eh, and if *all* goes well, it'd be setup in 2 minutes ;-)
[00:37:58] <xlefay> NCommander: you sure we can't call it after a drug?
[00:37:52] <NCommander> xlefay, smoke first, then setup
[00:37:42] * NCommander guesses oxygen just got taken off the node name list
[00:37:38] <xlefay> Sure, I'll get it set up, if you get the server first
[00:37:18] <NCommander> maybe
[00:37:12] <xlefay> you're highlighting me and asking who wants to get this set up, is that a hint? ;-)
[00:37:09] <NCommander> xlefay, what we can do is create a sysops account in LDAP
[00:36:50] <NCommander> xlefay, who wants to get this setup?
[00:36:40] <xlefay> ;-)
[00:36:27] <xlefay> $11
[00:36:23] <NCommander> xlefay, and sold
[00:36:06] <xlefay> https://www.kimsufi.com look at the bottom 8 euro/m
[00:35:51] <NCommander> xlefay, yes
[00:35:41] <xlefay> would 500 GB suffice?
[00:35:40] <mattiep> maybe someone write an ask soylent article?
[00:35:07] <mattiep> thus the or something
[00:34:57] <xlefay> We don't trust them, at all.
[00:34:52] <NCommander> Rather not do that
[00:34:47] <mattiep> we could probably dropbox or something, if we trust them with our data
[00:34:46] <NCommander> Could work
[00:34:43] <NCommander> Hrm
[00:34:14] <xlefay> rsync that stuff
[00:34:08] <xlefay> NCommander: rent a low-end box with lot's of hdd space somewhere ;-)
[00:33:59] * NCommander notes with kerberos setup, we can have a single script run from any node, and back up the world
[00:33:43] <NCommander> Ideas?
[00:33:42] <mattiep> lets do that soon
[00:33:41] <NCommander> We need offsite backup
[00:33:38] <mattiep> it was on my todo list to ask at some point, but then it dropped off
[00:33:37] * NCommander coughs
[00:33:32] <NCommander> mattiep, no.
[00:33:26] <mattiep> have we tested backup/restore procedures yet?
[00:33:23] <NCommander> xlefay, due to the way kerberos works, we should work on the live copy, and restore if we fuck it up
[00:32:54] <xlefay> So we'll have a working copy, just in case.
[00:32:50] <NCommander> There's free space on that linode so I can just clone it as a new partition
[00:32:41] <xlefay> NCommander: ooh yes, let's do that.
[00:32:35] <NCommander> xlefay, I can duplicate the HDD actually
[00:32:27] <xlefay> NCommander: let's start with something like: yum remove -y -f '*' # :)
[00:31:58] <xlefay> In fact, please back it up in it's entire.
[00:31:49] <xlefay> FunPika: Yes, please do so.
[00:31:42] <xlefay> That's just great ;-)
[00:31:41] * NCommander looks at the node
[00:31:36] <NCommander> xlefay, no
[00:31:30] <xlefay> so you can't make a snapshot first?
[00:31:26] <xlefay> oh..
[00:31:19] * FunPika could back up the wiki database pretty quickly if needed
[00:31:19] <NCommander> linode's backups don't work properly with centos
[00:31:11] <xlefay> The mailing list wouldn't be so happy
[00:31:09] <NCommander> Probably
[00:31:03] <xlefay> Mail would survive a small interruption if I do fuck something up, as for the wiki, best to move it somewhere else first for safe guarding
[00:31:01] <NCommander> xlefay, yeah
[00:30:25] <xlefay> mailing list, mail, wiki @ svc
[00:29:24] <xlefay> boron = staff only, no?
[00:29:19] <xlefay> forums on it still
[00:28:55] <NCommander> boron? :-)
[00:28:52] <NCommander> xlefay, ugh, maybe should migrate somewhere else
[00:28:44] <NCommander> :-P
[00:28:43] <NCommander> xlefay, screw up, and we loose the documentation
[00:28:40] <xlefay> and mail
[00:28:35] <NCommander> xlefay, the only thing on its the wiki
[00:28:27] <xlefay> I'll happily try my luck on a clone but I'm not doing it on the production machine :p
[00:28:25] <NCommander> s/out/our/g
[00:28:17] <NCommander> Its out walled in Netware Server that no one knows whats on it
[00:28:12] <xlefay> Only if you deploy a clone for it..
[00:28:08] * NCommander notes berylium is that blasted blackbox in the concern
[00:27:59] <NCommander> xlefay, ready to tempt fate on that box?
[00:27:48] <xlefay> I'm just thinking about the centos ldap stuff
[00:27:10] <NCommander> Adding a host is documented
[00:27:07] <xlefay> I know :P
[00:27:01] <NCommander> add_principle *username*@LI694-22
[00:27:00] <NCommander> add_principle *username*@LI694-222
[00:26:52] <NCommander> xlefay, to create a user is one command
[00:26:44] <NCommander> xlefay, its shockingly simple
[00:26:38] <NCommander> Email
[00:26:38] <xlefay> Fortunately, learning it isn't impossible ;-)
[00:26:34] <NCommander> Kerberos documentation, handy notes in motd
[00:25:56] <NCommander> :-/
[00:25:54] * NCommander notes that robinld and mechanicjay llkely have no krb5 experience
[00:25:32] <xlefay> Cause li694-22 is going to be so cryptic in 10 years, and new people will be asking "Wait, what's li694-22?"
[00:25:30] <NCommander> I think I need to write the guide on Kerberos for idiots
[00:25:10] <xlefay> Good, good.
[00:25:04] <NCommander> We can leave an alias :-)
[00:24:57] <xlefay> :<
[00:24:53] <NCommander> */killjoy*
[00:24:49] <NCommander> xlefay, we'll probably retire it when we move to dedicated infrastructure
[00:23:50] <xlefay> li694-22 = going to be an awesome name in 10 years
[00:23:47] <NCommander> It wouldn't be difficult, just need to write the charms and setup a local store
[00:23:38] <NCommander> Honestly
[00:23:33] <xlefay> juju deploy li69422-awesomeness
[00:23:29] <audioguy> Don't know MrBluze
[00:23:21] <NCommander> juju deploy slashcode :-)
[00:23:15] <xlefay> On the bright side however, apt seems to give you a lot of options to reconfigure it ;-)
[00:23:14] <NCommander> xlefay, if we really want to get stupid snazzy, we need to juju the backend
[00:23:05] <MrBluze> Gentoo is non US based is it?
[00:22:44] <audioguy> With binaries, you are stuck with how they were compiled.
[00:22:17] <audioguy> What is cool about the compiles is that the process itself handles MOST of the dependency problems - gnu configure deals with it
[00:21:37] * NCommander uses gentoo to benchmark compiler changes and CFLAGS
[00:21:35] <MrBluze> or something.. cripes my spelling is going down the toilet
[00:21:28] <MrBluze> renowned
[00:21:11] <MrBluze> Gentoo is renound for it anyway .. lfs
[00:21:09] <audioguy> Gentoo make is very easy to build from source, just emerge xxxx all else just happens.
[00:20:51] <xlefay> If you want a source Linux? Gentoo is really the way to go.
[00:20:37] <xlefay> MrBluze: only if you use BBS which is another pain
[00:20:29] <MrBluze> arch still allows for source only
[00:20:25] <audioguy> Well, I am into servers and minimalist systems for them. For a user machine, that is a different project entirely.
[00:20:14] <NCommander> MrBluze, customization is a bit hard. We don't have an easy version of USE flags
[00:19:59] <MrBluze> i thought there was nothing stopping you from building from sources in debian
[00:19:34] <audioguy> The thing I found was that I spent as much time resolving dependencies and removing crap I did not want from binary distros asit toool to do all the Gentoo compiles. But that was 10 years ago - today, hardware is so fast the compiles are nothing.
[00:19:28] <xlefay> I didn't find it that bad either till you need some huge ass package ;-)
[00:19:13] <NCommander> Unless openoffice updated
[00:19:08] <NCommander> xlefay, I didn't find it too bad
[00:18:16] <xlefay> emerge -_-"
[00:18:11] <xlefay> The only reason I used Gentoo was to learn - I even ran it for a while on my desktop but honestly... I don't have the time to wait for every darn update ;-)
[00:18:00] <MrBluze> or debian stable and compile all your packages
[00:17:59] <audioguy> But I roll out as binaries, easy
[00:17:48] <audioguy> Yeah, my solution is essentially to only update what is needed for security, every two tyears, completel reinstall.
[00:17:36] <NCommander> *but*, I don't want to deal with constantly updating software
[00:17:34] <MrBluze> gentoo
[00:17:28] <NCommander> There's value in compiling everything from scratch
[00:17:04] <NCommander> So I could reasonably use it for servers
[00:16:51] <audioguy> Gentoo. Though if Gentoo pisses me off enough I will go there.
[00:16:49] <NCommander> audioguy, I want a source based distro without the rolling releases :-/
[00:16:28] <xlefay> Also, fairly sure MJ is better at CentOS then me.
[00:16:25] <NCommander> audioguy, gentoo or LFS?
[00:16:07] <xlefay> but I wouldn't start doing that on production though..
[00:16:05] <audioguy> [gave up on binary distros 10 years ago]
[00:15:58] <NCommander> LDAP - that's hard
[00:15:52] <NCommander> kerberos is idiot proof, thats easy
[00:15:51] <xlefay> I'm fairly familiar with it.. which now I'm regretting.
[00:15:45] * NCommander would LIKE to get beryillium LDAP-ed and kerberosed
[00:15:44] <audioguy> Why?
[00:15:30] <audioguy> No.
[00:15:06] <NCommander> audioguy, xlefay, are either of you super familiar with CentOS?
[00:14:40] <audioguy> Yes, keep it up, I like it. ;-)
[00:14:33] <NCommander> audioguy, http://wiki.soylentnews.org - how the client stuff is setup everywhere (at least on global services)
[00:14:05] <NCommander> audioguy, have you seen the other pages I wrote?
[00:13:55] <xlefay> for people like me who have different usernames locally and on SSH, that will save them some pain trying to figure it out ;-)
[00:13:28] <xlefay> looks good NCommander, I just added something to the .ssh/config excerpt
[00:12:34] MrBluze|afk is now known as MrBluze
[00:11:25] <mattiep> roflmao audioguy
[00:11:00] <audioguy> [deep cpncern]
[00:09:37] <audioguy> Should I send a red alert to staff list? Someone has obviously hacked NCommanders account, and is writing stuff on the wiki. Clearly this is not normal behavior.
[00:06:51] * NCommander adds some useful information to the various motds
[00:04:03] <NCommander> Does that look sane, esp with SSH proxying and kerberos?
[00:03:53] <NCommander> mattiep, xlefay audioguy http://wiki.soylentnews.org