928eb17 | Chmarkine | 24 March 2015, 06:40:28 UTC | donate - Enable HSTS max-age=7 days https://donate.wikimedia.org is HTTPS only. Bug: T40516 Change-Id: If5c937602ad3ed8e5bed06b875ce994c0b4848f2 | 20 April 2015, 14:36:59 UTC |
9df44f5 | Dzahn | 20 April 2015, 14:36:28 UTC | Merge "scholarships - Increase HSTS max-age to 1 year" into production | 20 April 2015, 14:36:28 UTC |
717da48 | Chmarkine | 23 March 2015, 21:30:05 UTC | scholarships - Increase HSTS max-age to 1 year The current HSTS max-age for https://scholarships.wikimedia.org is 7 days. Bug: T40516 Change-Id: Ibfbf321533f7c030e7aea75a9e48234f4fb17c3e | 20 April 2015, 14:34:18 UTC |
2d42541 | Chmarkine | 21 March 2015, 04:28:45 UTC | gdash - Enable HSTS max-age=7 days I29515ddd redirects http://gdash.wikimedia.org to https://gdash.wikimedia.org. So enable HSTS on this domain. Bug: T40516 Change-Id: Ibcc91ae7ed79900cc59cfb04b9c20f5f4f8e9789 | 20 April 2015, 14:33:39 UTC |
a901f5b | Dzahn | 20 April 2015, 14:33:28 UTC | Merge "dbtree - Raise HSTS max-age to 1 year and add always flag" into production | 20 April 2015, 14:33:28 UTC |
fa72154 | Chmarkine | 06 April 2015, 22:44:25 UTC | dbtree - Raise HSTS max-age to 1 year and add always flag I898aef75 enabled HSTS with a 7 days max-age. Bug: T40516 Change-Id: Iaedc362df270468fcfa9c23d4b0f748dee5e502d | 20 April 2015, 14:32:21 UTC |
5836db8 | Chmarkine | 24 March 2015, 19:54:48 UTC | Add "always" flag when add HSTS header in Apache Without the "always" flag, HSTS headers are only set for 2xx responses. "'Always' in this context refers to whether headers you add will be sent during both a successful and unsucessful response" https://httpd.apache.org/docs/2.2/mod/mod_headers.html#header Bug: T40516 Change-Id: I5189b9f208e1dda7e7844171df1e7a87d5e5a03b | 20 April 2015, 14:32:05 UTC |
49df00f | Chmarkine | 21 March 2015, 02:08:37 UTC | RT - Enable HSTS max-age=7 days https://rt.wikimedia.org/ is HTTPS only. Bug: T40516 Change-Id: I0d4d0afe4033a7583a5f8a8042c5a0c28bf84eed | 20 April 2015, 14:31:08 UTC |
4566ebd | Chmarkine | 21 March 2015, 02:25:16 UTC | ishmael - Enable HSTS max-age=7 days https://ishmael.wikimedia.org is HTTPS only. Bug: T40516 Change-Id: I832e85fe0b94c3fb610785e71d7a96144833ac7f | 20 April 2015, 14:29:38 UTC |
1e11336 | Filippo Giunchedi | 25 March 2015, 16:58:06 UTC | graphite: enable locking writes our graphite clustering plan involves using carbonate while carbon-cache is running, this can potentially lead to corrupted whisper files if locking isn't used, see also https://github.com/jssjr/carbonate/issues/19 Bug: T86316 Change-Id: I76b064acf3b7ccad17313a4f05c3b72b3b01b798 | 20 April 2015, 13:24:27 UTC |
5ab07f6 | YuviPanda | 20 April 2015, 07:47:20 UTC | tools: Fix typo in tool-uwsg-python Change-Id: I6394a29b9e3fa9fcc23eecc99a3b667b59061d12 | 20 April 2015, 07:48:05 UTC |
0ea7510 | YuviPanda | 20 April 2015, 06:26:48 UTC | tools: Set $PORT as well for tool-nodejs Change-Id: I285089906fa641c08d52261e928d5ae09c01cf09 | 20 April 2015, 06:27:15 UTC |
bcb97aa | YuviPanda | 20 April 2015, 05:51:06 UTC | tools: Clean up unused imports in tool-nodejs Change-Id: Ia6029661af9867f2e642796e9d2eac8db6e11538 | 20 April 2015, 05:51:41 UTC |
2d476a2 | YuviPanda | 20 April 2015, 05:50:11 UTC | tools: Default uwsgi tools to having 4 worker processes Otherwise they can't serve more than one request at a time. Change-Id: I62ed5de6057dbc7ac68fc602fb7a994548741661 | 20 April 2015, 05:50:42 UTC |
e6e14aa | Tim Landscheidt | 19 April 2015, 22:35:13 UTC | Tools: Ensure that webservice is not called by normal users Bug: T66219 Bug: T96491 Change-Id: I22d0839330fcca61daa2405800a341239d151329 | 19 April 2015, 22:36:20 UTC |
1ba7b7e | andrewbogott | 19 April 2015, 15:59:37 UTC | Revert "Switch nova scheduler pool to use new labvirt* nodes" Reverting because only one out of 7 of my test instances came up. Dang. This reverts commit fcf75b01b05d48e3ec0cdf50bec7fc1d1d2dfb41. Change-Id: I7bebd97dc5c7f4512ad98acd9e3b550ec74e5c6d | 19 April 2015, 16:00:12 UTC |
fcf75b0 | andrewbogott | 19 April 2015, 15:40:50 UTC | Switch nova scheduler pool to use new labvirt* nodes Change-Id: I3710fe833b08598ab88898a3cd723f056bba6f41 | 19 April 2015, 15:40:50 UTC |
3f5aeb7 | andrewbogott | 19 April 2015, 15:07:27 UTC | On post-kvm distros, link kvm binary to qemu-system-x86_64 This supports migration of vintage instances from precise virt hosts to trusy hosts. Change-Id: I93c58e8377171bcd79df3da76d70a219653eaadc | 19 April 2015, 15:09:22 UTC |
b91bcec | Ori Livneh | 18 April 2015, 22:50:06 UTC | coal: fix archive def and file path Change-Id: Id9d44a9eafb303b4e01aa364937ad42981d7f1e6 | 18 April 2015, 22:50:06 UTC |
266ff9f | YuviPanda | 18 April 2015, 20:26:57 UTC | tools: Overcommit memory for redis instances Until I81d749a81399fef8caa05301909dea8ab21ee51c gets merged Change-Id: I4f903c247548c5c7da54767c844a850f5b9c4f89 | 18 April 2015, 20:30:03 UTC |
84a5ad1 | Ori Livneh | 18 April 2015, 18:17:57 UTC | coal: fix args Change-Id: I200f352e3883ee2b44285bae1074af7dc70b0505 | 18 April 2015, 18:18:22 UTC |
317845b | Kunal Mehta | 18 April 2015, 04:31:24 UTC | tox: Remove 'data_admin_lint' environment To be merged once jenkins is using the 'py27' enviornment Change-Id: I031376ac0fd7be3e979bc0b161c3532649b29305 | 18 April 2015, 05:05:24 UTC |
d2f5816 | Kunal Mehta | 18 April 2015, 04:30:40 UTC | admin: Turn data_admin into a real unit test This splits the data_admin script into two, one for sorting (still in data_admin.py) and data_test.py for linting. data_test.py uses the unittest library and is run by nosetests. At the same time, stop using a custom tox enviornment and use a standard one like py27. This will simplify configuration on jenkins side, and make it easier to add other tests in the future. Change-Id: I23ef32b981ca30b3bd1e8e9a9062906a2c5b32d2 | 18 April 2015, 05:05:22 UTC |
d2a5d41 | YuviPanda | 18 April 2015, 03:37:31 UTC | tools: Setup replication from master to all slave proxies Bug: T96334 Change-Id: If782d1343a760c5e2f91a514eeb3bfa26bb4de35 | 18 April 2015, 03:58:53 UTC |
c3c8f72 | Ori Livneh | 18 April 2015, 01:53:22 UTC | coal: use set_wakeup_fd & poll for interval timer Change-Id: I4757a6a992e998d6b16d13fe5f6fa9fc636944e1 | 18 April 2015, 02:07:57 UTC |
b1266d5 | Alex Monk | 15 April 2015, 16:30:04 UTC | Note which LDAP groups are allowed in HTTP login prompts mentioning labs Change-Id: I81ebc62cb3a5af5ced764cf3a581465e74b5453c | 17 April 2015, 22:14:59 UTC |
00bd7f1 | Coren | 17 April 2015, 21:15:44 UTC | Merge "Labs: set_strip_cache for labstores" into production | 17 April 2015, 21:15:44 UTC |
dc9a7c4 | Yuvipanda | 17 April 2015, 21:14:10 UTC | Merge "dynamicproxy: Open firewall for proxymanager" into production | 17 April 2015, 21:14:10 UTC |
56a7b33 | Coren | 17 April 2015, 20:37:40 UTC | Labs: set_strip_cache for labstores Not pretty, but because the pseudofiles in /sys are ephemeral and only exist after the raid arrays are assembled, it's easiest to simply do the setting at puppet-time than attempt to hook into an udev event - which wouldn't even allow us to change the setting onto a live system anyways. Bug: T96045 Change-Id: I0ae43ac52d86c7e1ab7656abf34f8e5b0ca40686 | 17 April 2015, 21:13:49 UTC |
9edf0aa | Kunal Mehta | 17 April 2015, 05:44:26 UTC | data_admin: Use yaml.safe_load() Because it's safe... Change-Id: I85e9d706b15cf9f0902e14c1251554bfc66ff022 | 17 April 2015, 20:34:18 UTC |
a7210ee | Andrew Otto | 17 April 2015, 20:13:38 UTC | Update cdh module with revert of spark app hue change Change-Id: I8e3a95f2160bd67750fd7c382787975ffe60faca | 17 April 2015, 20:14:03 UTC |
b4ca0e8 | Andrew Otto | 17 April 2015, 20:05:02 UTC | Update cdh module with spark app in hue Change-Id: I361e1d829535ca7d59e492e4567ed384b585120e | 17 April 2015, 20:05:24 UTC |
55d2aea | gage | 17 April 2015, 19:35:42 UTC | Add mforns as deployer Bug:T96163 Change-Id: Ice2c87d01d38f1927f8f479aac3cb45bfcca67e7 | 17 April 2015, 19:35:42 UTC |
61af239 | Chad Horohoe | 15 April 2015, 02:30:07 UTC | Use Diffusion to support r1234 links in Gerrit Change-Id: Iaab070a1a6897ca7f7a066385d38e2528306c60c | 17 April 2015, 19:25:31 UTC |
71d5543 | Dzahn | 17 April 2015, 19:15:01 UTC | Merge "Add sqlite3 and pixz utilities on html dumps host" into production | 17 April 2015, 19:15:01 UTC |
2edf11c | Gabriel Wicke | 17 April 2015, 00:38:39 UTC | Add sqlite3 and pixz utilities on html dumps host - The sqlite3 commandline tool is useful to inspect dump databases / verify correctness. - pixz is used for multi-threaded lzma compression Change-Id: I9ca5273261e08c4f75d1ec46747303b75c2337b1 | 17 April 2015, 19:01:46 UTC |
c068bbb | gage | 17 April 2015, 18:27:29 UTC | Give joal sudo on eventlog1001.eqiad.wmnet + grant access to hafnium Adds joal to eventlogging-admins & eventlogging-roots group Bug:T95905 Change-Id: Iea2637bb767865e26c3ccd725dcd5e2297d1193e | 17 April 2015, 18:49:02 UTC |
add7afb | Gergő Tisza | 17 April 2015, 17:30:05 UTC | Fix invalid JSON in job runner config Bug: T96236 Change-Id: Ifc4334fd20f641a01fb6cca01001f9a07c7418f2 | 17 April 2015, 17:30:41 UTC |
c28b815 | Arlo Breault | 30 March 2015, 20:35:42 UTC | Fix 5xx retry for parsoid backend * Seems like this retry503 is required ... at least it is present for all the others where retry5xx == 1 is set. * Noticed in T94139 and T96239 Change-Id: Ic236980d7b0fe1a119b455d2821885b588b51b69 | 17 April 2015, 17:05:52 UTC |
ae055fb | Andrew Otto | 17 April 2015, 16:14:54 UTC | Use chained cert for archiva if ca_name is set Change-Id: If1b7214c8d8c30330757f2d8b920e80c15ca5baf | 17 April 2015, 16:16:31 UTC |
775970b | Andrew Otto | 17 April 2015, 15:41:19 UTC | Use GlobalSign cert in cert chain for archiva by default Change-Id: I1361f0189b49cbbae5b9643b1a222d22338ef7c1 | 17 April 2015, 15:55:45 UTC |
33d2852 | Tim Landscheidt | 17 April 2015, 14:19:34 UTC | dynamicproxy: Open firewall for proxymanager Bug: T88216 Change-Id: Ic7bbf3bbd029a9e4fb32718622d12adcef20c1e8 | 17 April 2015, 14:19:34 UTC |
cc2b86a | andrewbogott | 17 April 2015, 14:16:35 UTC | Update tls_allowed_dn_list again The dn for our new CA cert is slightly different from the old one. Bug T96291 Change-Id: I281b2da39d1363a26d26f8eac6f90b2a830a12ec | 17 April 2015, 14:16:35 UTC |
11a9705 | andrewbogott | 16 April 2015, 23:00:58 UTC | Add labvirt hosts to tls_allowed_dn_list Change-Id: Ie0e5132a40c63d149668a110d2cb17ec82c465ae | 16 April 2015, 23:02:37 UTC |
a9fba58 | Andrew Bogott | 17 April 2015, 13:43:27 UTC | Merge "Issue new certificate for virt-star" into production | 17 April 2015, 13:43:27 UTC |
1bdac2b | Alexandros Kosiaris | 17 April 2015, 12:40:44 UTC | Merge "Kill the old unused package-builder manifests" into production | 17 April 2015, 12:40:44 UTC |
209e32f | Antoine Musso | 17 April 2015, 12:30:07 UTC | zuul: update monitoring regex check 0889192 switched Zuul install to be provided by a Debian package. The merger and server process are now in /usr/bin and are invoked using python from the zuul venv /usr/share/python/zuul/bin/python. Change-Id: Ia4d5667df870b7b60ef48c5dba412bd196ada5e5 | 17 April 2015, 12:30:07 UTC |
8968ecb | Alexandros Kosiaris | 17 April 2015, 12:23:34 UTC | Merge "base: be pedantic about template filenames" into production | 17 April 2015, 12:23:34 UTC |
a448e17 | Alexandros Kosiaris | 17 April 2015, 12:23:02 UTC | Merge "base: bash.bashrc ERB variable qualifiers" into production | 17 April 2015, 12:23:02 UTC |
d3a89fa | Alexandros Kosiaris | 17 April 2015, 12:13:25 UTC | package_builder: Use mirrors.wikimedia.org Instead of nova.clouds.archive.ubuntu.com Change-Id: I312c9cbff6e416a494ad2a22c64aeead3a4458af | 17 April 2015, 12:14:50 UTC |
b9ea412 | Alexandros Kosiaris | 17 April 2015, 12:10:38 UTC | Merge "zuul: switch install to a Debian package" into production | 17 April 2015, 12:10:38 UTC |
92eab6e | Ariel T. Glenn | 17 April 2015, 11:20:29 UTC | disable rate limits on html dumps backend, proxy has them also move nginx conf file to files dir, it has no vars so it's not a template Change-Id: I3faab0fd6aaad23a47da1f7fa850488fc69274f3 | 17 April 2015, 11:20:29 UTC |
23dc0fb | Alexandros Kosiaris | 17 April 2015, 10:42:22 UTC | base: bash.bashrc ERB variable qualifiers Change-Id: I00195ede158fc669157caf7635c3fbc34c7bc6b2 | 17 April 2015, 10:45:16 UTC |
3bae8cb | Alexandros Kosiaris | 17 April 2015, 10:44:25 UTC | base: be pedantic about template filenames Add .erb file extension Change-Id: I6efd96305f6d43d3cc032091ad8a2750b92e329c | 17 April 2015, 10:45:16 UTC |
05f7cb5 | Alexandros Kosiaris | 17 April 2015, 10:20:59 UTC | squid3: use extra_modules in Rakefile Instead of hardcoding creation and destruction of linked modules, rely on a single variable and some for loops Change-Id: I92868db64dd4f19de3f4fdbfc5ce7353b8a6e3ee | 17 April 2015, 10:23:15 UTC |
5972e45 | Filippo Giunchedi | 17 April 2015, 09:31:03 UTC | statsite: allow instance settings to be fetched from hiera port has been left out because it is expected to be instantiated per-instance explicitly in manifests, hostname would yield surprises because AFAIK hiera wouldn't expand variables e.g. ${::hostname} if specified Change-Id: I1dd21ce3e9432751d50a8c6ca2fdcb1434f696bd | 17 April 2015, 10:08:06 UTC |
1eef931 | Alexandros Kosiaris | 09 April 2015, 12:40:42 UTC | Reimage copper as jessie with role::package::builder Change-Id: I15c2d7e323af3f9adfbb739830c6d6d259604f45 | 17 April 2015, 09:56:32 UTC |
0889192 | Antoine Musso | 08 April 2015, 12:12:46 UTC | zuul: switch install to a Debian package Bug: T48552 Change-Id: I7eb60ed9ffbbb60140e1dcfd516db51732167ed0 | 17 April 2015, 09:09:29 UTC |
da3c2a8 | YuviPanda | 17 April 2015, 02:19:43 UTC | labmon: Enable extended statsite counters for labs Bug: T95703 Change-Id: Ib14c0e1d2ced05c9fbefb94c630eedd06a44ed55 | 17 April 2015, 09:08:44 UTC |
87f3e13 | Alexandros Kosiaris | 17 April 2015, 08:57:00 UTC | Issue new certificate for virt-star Following the issuing of labvirt-star in https://gerrit.wikimedia.org/r/204612 and the discussion in T96291, issue a new certificate from wmf_ca_2014_2017 for virt-star Bug: T96291 Change-Id: I893e867c1dc539b708ca0d893af0ba958b473b45 | 17 April 2015, 09:00:16 UTC |
95c8b41 | Alexandros Kosiaris | 17 April 2015, 08:22:29 UTC | Merge "package_builder: Reflect rename of /etc/apt/preferences.d/wikimedia" into production | 17 April 2015, 08:22:29 UTC |
98ffd5c | YuviPanda | 17 April 2015, 03:32:06 UTC | tools: Register only with 'active' proxy This will stop attempting to register with all present proxies and register only with active proxy. Data will be replicated between the proxies themselves via redis replication. Bug: T96334 Change-Id: I3a483e03df433ca6938e6e08b54e8b7929b93495 | 17 April 2015, 03:32:06 UTC |
1133587 | YuviPanda | 17 April 2015, 03:12:13 UTC | tools: Allow redis access between proxies This allows replication between the redis instances! Bug: T96335 Change-Id: I2807df8300819b96871c92ae2c56f79da7a8ec39 | 17 April 2015, 03:12:13 UTC |
12976b8 | YuviPanda | 17 April 2015, 03:02:31 UTC | tools: Install redis-tools on trusty bastions Change-Id: I7a7e2e82d848bf2531c0c7fa723f56c69e31a20b | 17 April 2015, 03:02:31 UTC |
e67ecd6 | YuviPanda | 17 April 2015, 02:55:30 UTC | dynamicproxy: Don't open up proxy api only to internal users Open it to everyone! Rely on security groups to restrict it. This is being read up from wikitech. Change-Id: Ib2aedccae922ccf42c32262ff7c7c6510d888730 | 17 April 2015, 02:57:31 UTC |
6e7d80c | YuviPanda | 17 April 2015, 02:33:10 UTC | dynamicproxy: Do not bind redis only on localhost This allows specific opening up of redis to elsewhere for replication Bug: T96335 Change-Id: I97a9641678563804881f06c6014d9fc72df8ad67 | 17 April 2015, 02:34:57 UTC |
e365a18 | YuviPanda | 17 April 2015, 02:34:10 UTC | dynamicproxy: Include firewall for base proxy Everything should be opened up already. Bug: T96335 Change-Id: Iba3902ef2fcc08f8f3992319cc5c17088e7739fd | 17 April 2015, 02:34:57 UTC |
4658ed5 | YuviPanda | 17 April 2015, 02:01:36 UTC | dynamicproxy: Explicitly open port for dynamicproxy-api Change-Id: Ifd620151d00a2df583ca17bd9b4732feec18961f | 17 April 2015, 02:01:36 UTC |
dd6973e | YuviPanda | 17 April 2015, 01:46:30 UTC | tools: Enable firewall on webproxies Bug: T96335 Change-Id: I118fb4871939ddb4c51d8fc99407b089f63fe6c2 | 17 April 2015, 01:46:30 UTC |
f5bc5cb | YuviPanda | 17 April 2015, 01:11:58 UTC | tools: Explicitly open port for proxylistener Bug: T96335 Change-Id: I7da34ffcbb13de1597c36f7186a389ed8bc9f6b3 | 17 April 2015, 01:13:51 UTC |
40e04d6 | YuviPanda | 17 April 2015, 01:02:22 UTC | dynamicproxy: Add ferm rules for http / https Bug: T96335 Change-Id: I441bb25f91a4436c79d36771d82432d5186f262f | 17 April 2015, 01:13:28 UTC |
eec57f7 | Ori Livneh | 16 April 2015, 23:50:59 UTC | coal: pass a materialized list to numpy.median numpy.median() doesn't like generator inputs. Change-Id: I9ed218ed27acc32897239778617fec78433e542f | 16 April 2015, 23:51:34 UTC |
be20689 | Tim Landscheidt | 16 April 2015, 23:27:49 UTC | package_builder: Reflect rename of /etc/apt/preferences.d/wikimedia Change I1ebf184ccd7d4bf8575ca12d9fa51064147479c9 named apt preferences consistently /etc/apt/preferences.d/*.pref, inter alia renaming /etc/apt/preferences.d/wikimedia. package_builder was created before that change was merged. This change updates it accordingly. Change-Id: I422cdd9662519b1e7a2f979adaff3f4fce7a5e00 | 16 April 2015, 23:27:49 UTC |
e4f1c52 | dzahn | 16 April 2015, 22:39:19 UTC | dumps::zim: fix nginx listening port and docroot - with the previous setting nginx would not listen on 10.64.32.168 but we want it to so dataset1001 can proxy to it - the docroot being /srv/www/htmldumps we would try to get ./htmldumps/htmldumps/ when accessing http://dumps.wikimedia.org/htmldumps/ so that was a 404 Bug:T94457 Change-Id: I5380f9b5a70a2a5032d568cfc73f914cc7b07c66 | 16 April 2015, 22:42:27 UTC |
71ce186 | dzahn | 16 April 2015, 22:18:26 UTC | dumps::zim: open port 80 for http connections Node 'francium' has base::firewall and connections to port 80 must be allowed, at least from the dumps hosts, who proxy to this. It has a private IP though so external clients already can't access it. Want me to limit it to _only_ dataset1001 nevertheless? Bug:T94457 Change-Id: Ic5e12fd3fcb130df9186823c1a1144d820e928bb | 16 April 2015, 22:27:20 UTC |
e793d78 | dzahn | 16 April 2015, 21:58:25 UTC | Merge "dumps::zim: fix template source line" into production | 16 April 2015, 21:58:25 UTC |
87be9f7 | Ori Livneh | 16 April 2015, 21:57:10 UTC | coal: explicitly import logging.handlers Change-Id: I9b1edc11662aea42834991b70cf2512211072512 | 16 April 2015, 21:57:53 UTC |
3bf0b5f | dzahn | 16 April 2015, 21:55:26 UTC | dumps::zim: fix template source line A template needs to be used like: content => template('dumps/nginx.dumps.conf.erb'), with nginx::site. Bug:T94457 Change-Id: I101037650bb81d7109eaacfbd2ed80f3e86ef310 | 16 April 2015, 21:57:18 UTC |
3d1dcb3 | dzahn | 16 April 2015, 21:52:18 UTC | Merge "dumps::zim: fix nginx setup / basic site template" into production | 16 April 2015, 21:52:18 UTC |
c1618b7 | dzahn | 16 April 2015, 21:45:45 UTC | dumps::zim: fix nginx setup / basic site template Add missing nginx site template for zim dumps to fix puppet run on francium. Could not retrieve information from environment production source(s) puppet:///modules/dumps/nginx.zim.conf Basic nginx template and fix filename to .erb. Bug:T94457 Change-Id: I039f147da7773e5a79488489007eea6b5499b568 | 16 April 2015, 21:51:21 UTC |
c372b8f | dzahn | 16 April 2015, 21:32:28 UTC | Merge "integration: move redirect out of .htaccess" into production | 16 April 2015, 21:32:28 UTC |
a680e46 | dzahn | 16 April 2015, 17:35:13 UTC | lint: indentation fixes in roles All of these fix a: WARNING: indentation of => is not properly aligned One more step towards being able to re-enable that check again. Bug:T93645 Change-Id: I6a49e08dfe220eefc24096b0da201eb214caddf1 | 16 April 2015, 21:27:57 UTC |
59027b0 | andrewbogott | 16 April 2015, 21:22:06 UTC | Have libvirtd use the newer wmf_ca_2014_2017.pem on labvirt* Change-Id: I1ee83a30041956fe92163149b18b3cf0f69ad43d | 16 April 2015, 21:22:06 UTC |
89ccec1 | Ori Livneh | 16 April 2015, 21:13:25 UTC | coal: add some comments, fix a couple of typos Change-Id: Idfc7d2745bb4a9294c364f7bd44f47b01ae87ca4 | 16 April 2015, 21:13:25 UTC |
b9d3ca9 | Andrew Bogott | 16 April 2015, 21:04:23 UTC | Merge "Populate labvirtstar from wmf_ca_2014_2017" into production | 16 April 2015, 21:04:23 UTC |
0a1225c | Ori Livneh | 16 April 2015, 20:57:44 UTC | Rename rrd-navtiming to 'coal'; log to Whisper file instead of RRD Change-Id: Ic1da7a5471fa83e423e8516f1cfe3aa33f8b7123 | 16 April 2015, 20:58:29 UTC |
702ee9a | andrewbogott | 16 April 2015, 20:53:38 UTC | Merge "Tidy up codfw nova config a bit." into production | 16 April 2015, 20:53:38 UTC |
5818010 | andrewbogott | 16 April 2015, 20:51:53 UTC | Tidy up codfw nova config a bit. Still mostly c/p Change-Id: Ie1af02e9159f06f63005cd63ef07f9b9ad1f2e8c | 16 April 2015, 20:51:53 UTC |
07fe777 | dzahn | 16 April 2015, 20:30:27 UTC | dumps::zim: libsqlite3 is actually libsqlite3-0 Fix the package name, libsqlite3 can't be found, it's called libsqlite3-0 here. Bug:T94457 Change-Id: I0f64f294fb13095c0a9a494722b457c788b2414f | 16 April 2015, 20:30:27 UTC |
9a01c9a | dzahn | 16 April 2015, 20:18:12 UTC | dumps::zim: add role and firewall to francium Basic role for ZIM/HTML dumps and base::firewall per default. Holes for services will have to be added. Bug:T94457 Bug:T93113 Change-Id: Ia3a50d6601e3c530956150db113f988cba0b0ce9 | 16 April 2015, 20:18:12 UTC |
54edcd9 | dzahn | 16 April 2015, 20:08:42 UTC | site.pp: add node francium.eqiad.wmnet Adding francium back to puppet for html/zim dumps. It existed in DNS from the past and has been reclaimed from spares. Bug:T94457 Bug:T93113 Change-Id: Ib120d37eb823d9739ace5b110178828f3c5ceb03 | 16 April 2015, 20:08:42 UTC |
bc97d85 | andrewbogott | 16 April 2015, 20:02:45 UTC | Merge "Add a codfw nova config." into production | 16 April 2015, 20:02:45 UTC |
58f0618 | Dzahn | 16 April 2015, 19:57:19 UTC | Merge "html dumps will be served from host where they are produced, via proxy" into production | 16 April 2015, 19:57:19 UTC |
2a2c542 | Alexandros Kosiaris | 16 April 2015, 19:39:42 UTC | Populate labvirtstar from wmf_ca_2014_2017 This is a followup commit for f90aa14 setting up a certificate from our own internal CA and not the old defunct one Bug: T96291 Change-Id: I9f17270814b8de1e128b2143cb22fe13e03b8ef7 | 16 April 2015, 19:53:51 UTC |
90a669b | andrewbogott | 16 April 2015, 19:35:39 UTC | Add a codfw nova config. Most of this just points back at eqiad for now, but it's needed to keep labcontrol2001 happy. Change-Id: Ib5ba34144d2018b9d0e60b6023e46853055d396a | 16 April 2015, 19:36:43 UTC |
30ac326 | andrewbogott | 16 April 2015, 17:25:14 UTC | Tune up use of the nova_ldap sink handler Change-Id: I1df2c1b5c02aba66de1848ac0117c2df447602f8 | 16 April 2015, 17:37:33 UTC |
d8f11b2 | Giuseppe Lavagetto | 16 April 2015, 15:43:42 UTC | dhcp: update mw2128 mac address Change-Id: I4dab5f0757a9b809481edce453bc919bb0b7bea6 | 16 April 2015, 15:43:42 UTC |
2f69cec | Andrew Otto | 16 April 2015, 15:25:24 UTC | Add oozie queue that uses DRF scheduling mode Change-Id: I6d20ad0bd3fbdb66051ac6bb681f8afb52e18358 | 16 April 2015, 15:25:24 UTC |
74d2356 | andrewbogott | 16 April 2015, 15:05:01 UTC | Merge "Have sink create ldap host entries." into production | 16 April 2015, 15:05:01 UTC |
0393466 | andrewbogott | 16 April 2015, 04:42:10 UTC | Change the keystone token cleanup cron. Now run hourly with a limit -- the previous query was so gigantic that it essentiall never finished; instead we have to whittle the table down gradually. Change-Id: I004f6bad81905c4026a6e778c5764f9e11ead04f | 16 April 2015, 04:47:12 UTC |