[03:11:45] <Pathoschild>	 Is there any way to access labsdb from outside Tools Labs? That would be helpful during development.
[03:18:23] <Pathoschild>	 Never mind, found it: https://wikitech.wikimedia.org/wiki/Nova_Resource:Tools/Help#Configuring_MySQL_Workbench :)
[08:21:07] <petan>	 @token-remind
[10:39:21] <lbenedix>	 is it possible to get the start time of a finished job?
[10:47:06] <grrrit-wm>	 (03CR) 10Faidon Liambotis: [V: 032] add an SSH keypair for authdns [labs/private] - 10https://gerrit.wikimedia.org/r/93883 (owner: 10Faidon Liambotis)
[11:25:41] <hedonil>	 lbenedix: already found an answer to your question?
[11:29:02] <hedonil>	 lbenedix: try   qacct -o <your-tool-account-name> -j <your_task_name>    see also:  http://linux.die.net/man/1/qacct
[11:38:52] <hashar>	 !log deployment-prep upgrading packages on deployment-parsoid2
[11:38:58] <labs-morebots>	 Logged the message, Master
[11:41:58] <lbenedix>	 hedonil: my solution was looking for the creation date of the .err and .out files
[11:46:35] <hedonil>	 lbenedix: the qacct -o .. -j .. gives you an output of your jobs with this jobname including start/end time and exit status (success/failed)
[12:09:28] <hashar>	 !log deployment-prep apt-get dist-upgrade on deployment-eventlogging
[12:09:34] <labs-morebots>	 Logged the message, Master
[16:22:48] <grrrit-wm>	 (03CR) 10Hashar: "Damian, are you still around ? :-]" [labs/nagios-builder] - 10https://gerrit.wikimedia.org/r/80963 (owner: 10Hashar)
[16:33:19] <ugh>	 Damianz_: can you take a look at https://en.wikipedia.org/wiki/Wikipedia:Administrators%27_noticeboard#User:ClueBot_NG ? it's pasting the TFA into warnings
[16:38:09] <grrrit-wm>	 (03CR) 10DamianZaremba: [C: 032 V: 032] "Yep - missed this. Looks good." [labs/nagios-builder] - 10https://gerrit.wikimedia.org/r/80963 (owner: 10Hashar)
[16:53:22] <grrrit-wm>	 (03CR) 10Hashar: "Thank you :-]" [labs/nagios-builder] - 10https://gerrit.wikimedia.org/r/80963 (owner: 10Hashar)
[17:34:00] <ugh>	 Damianz_: ping
[17:48:12] <ugh>	 Coren: ping
[17:48:15] <ugh>	 er
[17:48:20] <ugh>	 any tool labs root
[17:48:27] <ugh>	 YuviPanda|away, petan 
[17:48:36] <Coren>	 ugh: What's up?
[17:49:03] <ugh>	 pm
[17:58:42] <Damianz_>	 Coren: Thanks - changed now. Derpy doing it fast and hacky due to being borked moment.
[17:58:51] <Damianz_>	 Also number of notifications for a bot when logging into the gui is lolz
[17:58:55] <ugh>	 Damianz_: ohhai
[17:58:58] <ugh>	 i just send you an email
[17:59:11] <ugh>	 Damianz_: also, do oyu know what the TFA issue is?
[18:00:31] <Damianz_>	 ugh: TFA? on talk page?
[18:00:56] <ugh>	 Damianz_: https://en.wikipedia.org/w/index.php?title=User_talk:37.239.2.230&diff=prev&oldid=580477525
[18:01:16] <Damianz_>	 I feel not too bad - andrewbogott left the production nova ldap password in labs once :D #trolldistraction
[18:01:26] <ugh>	 heh
[18:01:31] <ugh>	 so can i unblock it now?
[18:01:41] <Damianz_>	 Yeah should be good
[18:02:11] <Damianz_>	 I'll add sanity checking the right permissions and refusing to start if wrong to the cleanup todo list. I need to push up all the code hacks I put in for tools and work on cleaning them up tbh.
[18:02:21] <ugh>	 unblocked
[18:03:09] <Betacommand>	 Coren: you around?
[18:03:18] <Damianz_>	 Thanks
[18:03:35] <Coren>	 Betacommand: ¿Que pasa?
[18:03:49] <Betacommand>	 Coren: any progress on https://bugzilla.wikimedia.org/show_bug.cgi?id=54074
[18:04:00] <Damianz_>	 ugh: The '(No difference)' note? Don't really see what's wrong apart from that
[18:04:35] <ugh>	 Damianz_: er, did you look at the warning? it added the TFA in it
[18:04:45] <ugh>	 "The Blackwater fire was caused by a lightning...."
[18:05:11] <Damianz_>	 oh
[18:05:12] <Damianz_>	 hmm
[18:05:13] <ugh>	 Damianz_: it's also doing stuff like https://en.wikipedia.org/w/index.php?title=User_talk:184.183.156.190&diff=prev&oldid=580479280
[18:05:20] <ugh>	 so i wonder if its not able to get the page text properly
[18:06:00] <ugh>	 brb
[18:06:07] <Damianz_>	 I think I've seen this before - when people do stuff with images and it's to do with the title getting stuff. Should be fixable pretty easily I think.
[18:06:08] <Coren>	 Betacommand: Frankly, that was simply put aside in my "tons of small mostly cosmetic fixes to handle when free time allows"; albeit the existence of free time implies vast quantities of optimism.  :-)  I don't think I can fix his in LDAP without risking other breakage, but I can work around it in the global .profile.
[18:06:17] <Damianz_>	 Got to go to dinner in like 20min though - so might go on the todo list
[18:06:57] <Coren>	 Betacommand: Lemme see if I can do a quick fix.
[18:09:19] <ugh_>	 Damianz_: ok, but it needs to get fixed soon 
[18:25:42] <Betacommand>	 Coren: thanks works
[18:26:05] <Betacommand>	 Now 70% of my line isnt the pwd
[18:27:35] <Betacommand>	 Damianz_: any update on cluebot reboot?
[18:28:02] <Damianz_>	 Betacommand: Should be up and running - still has talkpage bug as ugh said, will look at. Got to go to dinner so bbl
[18:28:15] <Damianz_>	 (It's also reverting stuff atm, so I'd say working)
[18:31:31] <Damianz_>	 193gb of logs - Coren can the grid rotate its logs/if I remove then will it get a new fh without me restarting the process (so I can write my own rotation) or you're gonna get tb of logs fast :(
[18:33:32] <Coren>	 Damianz_: Annoyingly enough, gridengine has no support for log switching.  Personally, I recommend that you don't rely on its logging of stderr and stdout and do your own logging (which you can then rotate as you will).  The default .out and .err are only useful for single-run jobs and fatals.
[18:34:42] <Damianz_>	 That sucks, though really the logging currently sucks
[18:34:50] * Damianz_  adds to todo list... really going to dinner now

[18:36:17] <Coren>	 (although you could do so trickery in your script by doing a fsync(), copy, ftruncate() of stderr/stdout if you really wanted to)
[18:39:28] <Damianz_>	 That never ends that well
[19:58:34] <YuviPanda>	 andrewbogott: ping?
[19:58:42] <andrewbogott>	 YuviPanda: what's up?
[19:58:44] <YuviPanda>	 andrewbogott: any idea about the certs, and why they don't seem to take?
[19:59:20] <andrewbogott>	  /etc/ssl/private/star.wmflabs.org.key is empty.  Not sure why yet...
[19:59:37] <YuviPanda>	 andrewbogott: hmm, perhaps it needs to be specifically installed in some private repo?
[19:59:40] <YuviPanda>	 or... something?
[19:59:53] <andrewbogott>	 probably.  But… you made it work once before, right?
[19:59:57] <YuviPanda>	 andrewbogott: Ryan_Lane did something last time, IIRC
[20:00:03] <andrewbogott>	 oh, ok.
[20:00:12] <YuviPanda>	 andrewbogott: something other than just applying the puppet classes, IIRC
[20:02:31] <andrewbogott>	 The role class has 'privatekey => false'
[20:02:46] <andrewbogott>	 I see that in the code, if that is set to 'true' then it will install the key from labs private, which is non-empty.
[20:03:06] <andrewbogott>	 YuviPanda: any idea if that's what we need?
[20:09:52] <mutante>	 a volunteer who tried to sign up on wikitech told me he gets. "There was either an authentication database error or you are not allowed to update your external account.". I know we've had these before, but where do i send him again? 
[20:10:44] <mutante>	 andrewbogott: YuviPanda the .key comes from private repo, the cert from public repo
[20:10:56] <andrewbogott>	 mutante:  Most often that is because the user is trying to create a shell name with invalid characters.
[20:11:00] <andrewbogott>	 For instance, uppercase letters
[20:11:13] <mutante>	 they are both installed by install_certificate
[20:11:31] <mutante>	 you also get the key from it
[20:11:44] <mutante>	 as long as the file names are correct
[20:11:52] <andrewbogott>	 mutante: OK.  It's clear that if you specify privatekey => false that it installs an empty key.   I'm just wondering if there was some intentional/security reason why yuvi wrote it that way.
[20:12:20] <mutante>	 andrewbogott: let me ask him which name exactly he is trying to use, good point
[20:13:06] <mutante>	 gotcha, didn't see the "privatekey => false" part right away
[20:13:15] <mutante>	 didnt have a reason to use that
[20:13:21] <YuviPanda>	 andrewbogott: I think Ryan_Lane did that bit
[20:13:28] <YuviPanda>	 don't fully remember
[20:17:53] <andrewbogott>	 YuviPanda: Hm, the key on proxy-dammit is different from the key in the labs private repo.
[20:18:01] <andrewbogott>	 So… I guess I will copy that same key over.
[20:18:02] <mutante>	 my guess is the key has been copied manually
[20:18:04] <mutante>	 on that old instance
[20:18:17] <mutante>	 or it's in private/labs
[20:18:27] <mutante>	 ah
[20:22:42] <andrewbogott>	 YuviPanda: OK, nginx seems happy now.
[20:22:51] <andrewbogott>	 I guess I should add a checkbox to the gui to specify http vs. https?
[20:23:03] <YuviPanda>	 andrewbogott: to the backend? 
[20:23:18] <andrewbogott>	 YuviPanda: I mean, like, on this page https://wikitech.wikimedia.org/w/index.php?title=Special:NovaProxy&action=create&project=mwreview
[20:23:23] <YuviPanda>	 andrewbogott: I'm okay with just making everything http in the cluster
[20:23:23] <andrewbogott>	 replace the 'port' field with a checkbox
[20:23:46] <andrewbogott>	 Oh...
[20:23:49] <YuviPanda>	 moment, marktraceur is dragging me away
[20:23:51] <andrewbogott>	 You're right, I'm confused.
[20:23:52] <YuviPanda>	 i'll brb
[20:23:54] <andrewbogott>	 ok
[20:33:47] <YuviPanda>	 andrewbogott: back
[20:33:50] <YuviPanda>	 andrewbogott: I don't think we can/should have a https checkbox
[20:35:13] <andrewbogott>	 YuviPanda:  You don't think we should proxy https requests at all?
[20:35:24] <andrewbogott>	 I may not understand what Ryan was asking about...
[20:35:41] <YuviPanda>	 andrewbogott: no, Ryan was talking about the proxy not listening on 443, which we've now fixed
[20:36:21] <andrewbogott>	 So what will happen if someone accesses a proxied host via https?
[20:39:38] <andrewbogott>	 hm, apparently the answer to that is 'it works just fine'
[20:41:56] <YuviPanda>	 andrewbogott: indeed!
[20:42:00] <YuviPanda>	 andrewbogott: it acts as an SSL terminator
[20:42:14] <andrewbogott>	 ok then :)
[20:43:51] <YuviPanda>	 andrewbogott: :D
[23:35:43] <Kolega2357>	 Why I am not create Hosted tools on http://tools.wmflabs.org ?