With your changes regarding secure connection:
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Jan 21 2016
Jan 18 2016
Added opportunistic TLS for client and server connections:
Configuration changed in ~/.pg_service.conf and ~/.pg_pass (for the port)
pgbouncer has been setup on prado (port 6432) and should proxy all connections to postgres 9.4.
Now that the first batch import (github + snapshot.debian.org + gnu.org) is done and we won't be importing other sources for a while, a full object store backup from uffizi to banco has now started.
louvre# for i in `seq 0 9` a b c d e f; do lvextend -L +5T vg-data/$i; done
Jan 12 2016
I'd be in favor of working with three clusters then:
That sounds sensible. We should be able to export a LV from our spinning rust storage to prado for that "mirrors" postgresql cluster.
Agreed, pgbouncer would be nice (and IIRC also the choice that Dimitri recommended to us a while back).
The latest pgbouncer release (1.7) supports TLS, hba and unix peer authentification so looks like a good candidate. I submitted a bug to Debian to ask for an update of the package : https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=810816
Dec 17 2015
Dec 15 2015
This is now done. It worked well, but it's really slow.
Dec 14 2015
Done during the 2015-12 reboot
Dec 12 2015
Starting local restore for server swh using backup 20151204T074046 Destination directory: /srv/storage/0/barman-backup-restore-test-T237/ Copying the base backup. Copying required WAL segments. Generating archive status files Identify dangerous settings in destination directory.
Added DNAT configuration to louvre:/etc/network/interfaces.
Dec 10 2015
this is now ongoing on banco, in a screen session of user barman
Dec 9 2015
- foreach $i in 0..f
- Created 10TB logical volume vg-swhbackup/backup$i
- Created XFS filesystem on /dev/mapper/vg--swhbackup-backup$i
- Created directory /srv/storage/space/$i
- Mounted /dev/mapper/vg--swhbackup-backup$i on /srv/storage/space/$i
- foreach $j in 0..f
- Created directories /srv/storage/space/$i/$i$j and /srv/softwareheritage/objects/$i$j
- Mounted directory /srv/storage/space/$i/$i$j on /srv/softwareheritage/objects/$i$j
Done (lv name: vg-swhbackup/barman, size = 20TB)
Done (vg name: vg-swhbackup).
Done.
Turns out the /etc/network/interfaces syntax for the bond interface was wrong T_T. Fixed.
Dec 7 2015
Dec 3 2015
Nov 5 2015
Oct 29 2015
Actually, I ran logrotate -f /etc/logrotate.conf and it ran okay.
I removed the culprit file (which was empty). I suppose it's a side effect of the out of disk issue of last week.
Oct 21 2015
Deployed via puppet during the migration of T18.
Deployed via puppet and DNS updated.
Oct 20 2015
this has been scripted on the current hosting site, dumps can be generated whenever we want them to be available
Oct 19 2015
Signed certificates and private keys for *.softwareheritage.org and *.internal.softwareheritage.org are now available in rPWD.
Oct 16 2015
Status update: Nicolas has submitted the CSR(s), waiting for DigiCert to ack.
Oct 15 2015
Oct 14 2015
This is now done. Some details:
And apache through to rSPPROFa11a325c.
uWSGI has been deployed through rSPPROFb76ea39d4
Oct 13 2015
Oct 12 2015
The systemd service file has been added, but it doesn't go well with the other phabricator daemons that are running...
Oct 9 2015
Added another setting "notification.types" : ["task", "cmit"]
Added a setting "notifications.verbosity" in the bot config file. The default disabled notifications...
We can configure "application emails" to route inbound email to phabricator applications. We can then use Herald rules to route those addresses properly.
Pending DNS propagation, this should be done.
done in rSPPFIX840582c1d52c and rSPPFIXf97729a999d3
swh's puppet state of art - https://forge.softwareheritage.org/diffusion/SENV/