July 2021 - Heroes - openSUSE Mailing Lists

lots of spam via openSUSE lists
by Michael Ströder 16 Aug '21

16 Aug '21

HI! I'm receiving lots of spam messages (see example Received: headers below). Is Spamassasin working correctly? Ciao, Michael. --------------------------- snip --------------------------- Received: from hydra.opensuse.org (proxy-nue1.opensuse.org [195.135.221.145]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (Client did not present a certificate) by srv1.stroeder.com (Postfix) with ESMTPS id 2A7C92194E for <michael(a)stroeder.com>; Thu, 15 Jul 2021 18:29:46 +0200 (CEST) Received: from mailman3.infra.opensuse.org (mailman3.infra.opensuse.org [192.168.47.80]) by hydra.opensuse.org (Postfix) with ESMTP id 586E223AE6; Thu, 15 Jul 2021 16:12:35 +0000 (UTC) Received: from mx2.opensuse.org (mx2.infra.opensuse.org [192.168.47.96]) by mailman3.infra.opensuse.org (Postfix) with ESMTP id C4CBF6FB for <packaging(a)lists.opensuse.org>; Wed, 3 Mar 2021 08:49:16 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mx2.infra.opensuse.org X-Spam-Level: *** X-Spam-Status: No, score=4.0 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HTML_FONT_LOW_CONTRAST,HTML_MESSAGE,LONG_HEX_URI, MIME_HTML_ONLY,RCVD_IN_BL_SPAMCOP_NET,T_REMOTE_IMAGE autolearn=disabled version=3.4.2 X-Spam-Virus: No Received: from a55-249.smtp-out.eu-west-1.amazonses.com (a55-249.smtp-out.eu-west-1.amazonses.com [54.240.55.249]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by mx2.opensuse.org (Postfix) with ESMTPS for <opensuse-packaging(a)opensuse.org>; Wed, 3 Mar 2021 08:49:14 +0000 (UTC)

4 3

Fwd: Packaging Discourse
by Adrien Glauser 27 Jul '21

27 Jul '21

Running as a container + freezing instead of packaging as .rpm + migrating are two recommendations I fully support. Can we proceed this way? What would be the strongest blockers if any? -------- Message transféré -------- Sujet : Re: Packaging Discourse Date : Tue, 27 Jul 2021 05:16:54 +0000 De : Attila Pinter <adathor(a)protonmail.com> Répondre à : Attila Pinter <adathor(a)protonmail.com> Pour : Adrien Glauser <adrien.glauser(a)gmail.com> Copie à : Marcus Rueckert <mrueckert(a)suse.de>, KaratekHD(a)opensuse.org Hi All, I started to play around with the Discourse rpm, but I doubt that this route should be taken. It is not recommended by upstream to package it due to the heavy dependencies and the effort it takes to maintain such package. Wouldn't it be more reasonable to take the containerization avenue on the matter? We could still add our own branding and apply changes where needed and push the image to registry-o-o. Just my two cents, but if we put if we're to replace vbulletin it gives us a chance to innovate and taking the MicroOS+container route and automate as much as we can IMHO would worth it. While we're at the VBulletin part, I know Adrien already suggested to freeze the forums as is, archive it and leave it in a ro state. This is not unheard of in the FOSS world. Or the licensing would cause issue and best to migrate everything? (Sorry if this is the wrong thread for this last bit.) -- Br, A. Sent with ProtonMail Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Monday, July 19th, 2021 at 8:38 PM, Adrien Glauser <adrien.glauser(a)gmail.com> wrote: > "Discourse is packaged already to be used" > > ... What is there left to do with so that the openSUSE has its Discourse instance up and running? How can we help you with? > > Le 19/07/2021 à 12:03, Marcus Rueckert a écrit : > > > On Sat, 17 Jul 2021 09:55:31 +0200 > > > > Adrien Glauser adrien.glauser(a)gmail.com wrote: > > > > > Hello Marcus, > > > > > > Sorry to reply to an old email, but I wanted to catch up with the > > > > > > Discourse migration todo list. After months of other priorities I am > > > > > > finally able to secure some time to do this, and I have 1-2 other > > > > > > folks ready to help me. > > > > > > Sasi and other heroes have told us that you were the latest person > > > > > > who had their hands on it. Could you share with us the next steps > > > > > > there are to do, according to you? Do we need to Salt or is there > > > > > > something else to do on the roadmap? If yes, how would you suggest > > > > > > going about it? > > > > > > Discourse is packaged already and ready to be used? > > > > https://discuss.pixls.us/ > > > > uses it e.g. > > > > darix > >

1 0

A few "Who/Where" questions ahead of a community REST API
by Adrien Glauser 24 Jul '21

24 Jul '21

Dear Heroes, As mentioned in the last Heroes meeting we (Jens, Martín and I) are looking into building a user-friendly REST API to allow users across the entire platforms (web, Matrix, Telegram, Discord, future forums) to perform a variety of queries. The ultimate goal is to make important community tools and services more accessible by providing a single, user-friendly interface where basically any question that doesn't need a human respondent can be addressed by a simple query. (That's half the of it; it other half is to make channels, people and activities more discoverable, but that's for another day.) The domain of resources we want to provide access to is evolving as we learn new things about oS infra but it goes roughly like: - packages listed under "zypper search" - packages displayed on build.opensuse.org - documentation - the opensue bugzilla - progress/pagure - community news & activities (from news-o-o) and more. Now before we start building new tools we'd like to see if we can use tools that exist already. Thus we would like to know a few things: 1) Since this API is likely to depend on bots to provide in-app searches, we need to know if the bots bridging between the various instant messaging services could be used to forward queries to the API. Who's maintaining that / these bots and where can read the code? 2) Bugzilla comes with a REST API from version 5+; does bugzilla.opensuse.org have this feature currently enabled? Who should we get in touch with to negotiate enabling it? 3) Does Progress expose an API for doing queries and if yes, where's the docs about using this feature? Thanks a lot, any piece of information would be greatly appreciated! Best, Adrien

4 12

Re: mirroring of http://download.opensuse.org/update/leap/15.3/backports still not working
by Bernhard M. Wiedemann 18 Jul '21

18 Jul '21

On 15/07/2021 20.43, Per Jessen wrote: > Andrii Nikitin wrote: > >> >>> Andrii is there anything I can do? shouldn't we take this to >>> mirror(a)opensuse.org? >> >> mirror(a)opensuse.org is in CC, but the problem is not with mirrors, but >> with the folder on ftp-stage, which is empty. > > Isn't this simply dealt with by hardlinking > > /srv/ftp/pub/opensuse/update/leap/15.3/backports > > as > > /srv/ftp-stage/pub/opensuse/update/leap/15.3/backports > > > However, trying to do that fails with "invalid cross-device link" which > I don't really get. I think, this discussion is rather off-topic for most mirror operators on the ML => moving to heroes who should be the ones operating pontifex2 (I also did some work there in the past). You cannot hardlink directories anyway. What you could do is do a bind mount from one place to the other. I added to fstab: /srv/ftp/pub/opensuse/repositories/openSUSE:/Backports:/SLE-15-SP3:/Update/standard /srv/ftp-stage/pub/opensuse/update/leap/15.3/backports bind bind 0 0 there were already similar lines next to it, e.g. /srv/ftp/pub/opensuse/repositories/openSUSE:/Backports:/SLE-15-SP3:/Update/standard /srv/ftp/pub/opensuse/update/leap/15.3/backports auto bind 0 0 /srv/ftp/pub/opensuse/update /srv/ftp-stage/pub/opensuse/update auto bind 0 0

2 1

DNSSec enabled for opensuse.org - and other stuff
by Lars Vogdt 11 Jul '21

11 Jul '21

Hi Sorry that I missed the meeting. I just forgot it... Here are my short notes (sorry, long day, just trying to make it short): * DNSSec is enabled for opensuse.org domain since last weekend. Meanwhile also the caches should be purged and all DNS servers should provide valid responses. Please check, if we missed something... * mirrordb2 is currently the one and only PostgreSQL DB. I am not 100% sure if this is really wanted, but... ...on the other side, it forced me to think about a backup of the databases. Currently there is a NFS mount (mirrordb2:/backup) from backup.infra.opensuse.org, allowing the postgresql-backupscript to dump a backup of each database (individually) every day around midnight. * The new (Hey, nearly...) widehat is ready and syncing. I just did neither find the time to prepare some more VMs (like MX, static, DB-Server, more?) nor to exchange it with the current one. Sorry for that. I hope to find some time during the next two weeks for this. As result, our old widehat aka rsync.opensuse.org will not be available for a day. * There is still some old stuff up and running, that we should shut down, if we follow our old policy (or should I better say: idea?): + users.o.o -> old ELGG instance + wiki.o.o -> old mediawiki instance + elections.o.o -> old helios instance Any objections? * We could simply upgrade Redmine (aka progress.o.o) to the latest version, if we would not use these old, self-backed plugins. Some of them might be obsolete already, some not used - but others? Anyway: there is progress-test.o.o - a new machine running the new Redmine on an old DB dump. Authentication does not work (yet), as we might simply switch to one of the supported authentication mechanisms (and get rid of another, old plugin). Anyone interested to drive this? * We plan to move more and more traffic to the MirrorCache instances during the next days, to test them under more load. For this, ~50% of the traffic on download.o.o will be redirected to the MirrorCache instance. This should be transparent for the users. For those interested: https://mirrorcache-eu.opensuse.org/ looks more and more like http://download.opensuse.org/ - but still needs some styling to be "openSUSE". * DNS management is meanwhile on chip: https://chip.infra.opensuse.org/ If you like to get access, please ping me. LDAP authentication works, but we need to put you in the right group in the WebUI, so you can edit DNS settings. Note 1: infra.opensuse.org is currently still on FreeIPA. Can be moved at any time. I'm just waiting for *your* go here. After that, everything DNS related is on chip. Note 2: `pdnutil edit-zone opensuse.org` on the command line might be much easier. Don't worry, if you get asked if you want to increase the serial number of the zone once you saved your changes. Please answer 'y', so the DNS servers get aware of your changes (they just compare the serial to know if something has changed). * There is a backup.infra.opensuse.org machine with 3T space, waiting to get filled by clients. Anyone who wants to suggest a good, open source, backup tool? * I like to build some redundancy of machines running in Nuermberg in Provo and at our CoLo, to survive outages better in the future. Anyone, who wants to join this "project business continuity"? With kind regards, Lars

4 9

How to join?
by Attila Pinter 09 Jul '21

09 Jul '21

Hi, Noticed as of late a few issues around the infra and I would be interested in helping out with the admin workload and was wondering how could one join the Heroes? What are the requirements? -- Br, A.

4 3

Meeting minutes
by Christian Boltz 06 Jul '21

06 Jul '21

Hello, here are the meeting minutes of today's meeting. * postgresql database issues in the last weeks should be fixed (downgraded to postgresql 12 for now) * internal network issues caused short outages last week (caused by a misconfigured switch, fixed in the meantime) * matrix problems * federated messages are delayed or lost * some encrypted chats cannot be decrypted - need to drop/renew keys in Elements * ssh forward for pagure was silently removed because non-interactive updates are not done * automatic updates should be done via cron-job applied via salt * board wants calendar system deployed ; also for Doc ; fedora's fedocal https://calendar.fedoraproject.org/ * discourse related to vbulletin migration * Adrien + Jens want to help ; https://code.opensuse.org/heroes/salt * needs some packaging work * and data migration * Adrien proposed unified API for querying openSUSE services for bots+users ; auth with id.opensuse.org openid or openidc * add an equivalent of Fedora badges for recognizing openSUSE users across different platforms * Telegram bots: * unify using above API * Jens' bot is already modular (https://github.com/KaratekHD/Nemesis) * problems in one module can break the whole thing, but output will point towards the bad module * there is a bot to search packages * one CAPTCHA bot * one doc search bot * forums DDoS on 2021-07-05 from Chinese IPs Regards, Christian Boltz -- Cool{,o} page! [Bernhard Voelker in opensuse-factory about the Staging Dashboard]

1 0

Reminder: Heroes meeting on Tuesday
by Christian Boltz 06 Jul '21

06 Jul '21

Hello, the next heroes meeting will be on Tuesday (2021-07-06) at 18:00 UTC / 20:00 CEST in https://meet.opensuse.org/heroes So far, https://progress.opensuse.org/issues/93366 lists the usual suspects^Wtopics ;-) - feel free to add whatever you want to discuss, or just bring it up in the meeting. Regards, Christian Boltz -- > Then many hours later after everyone has gone to sleep: There is no such thing "everyone has gone to sleep", this is a 24/7 community, with people worldwide. [> Archie Cobbs and Cristian Rodríguez in opensuse-buildservice]

2 1

SUSEhelp/Limnoria on IRC
by Christopher Yeleighton 05 Jul '21

05 Jul '21

Hi, I miss SUSEhelp on IRC. I know the bot itself is called Limnoria. Any plans to reconnect it? Thank you.

2 1

2022

2021

2020

2019

2018

2017

2016

Heroes July 2021