[02:09:19] 20 files changed, 1208 deletions(-) [02:09:21] So satisfying [02:09:42] which commit [02:18:19] You really cooked up something [02:19:32] I'm inclined to agree https://www.wikidata.org/wiki/Wikidata:Orb_Open_Graph [02:33:12] added a new feature; 12 additions and 20 deletions lopl [02:33:13] lol* [02:33:15] https://github.com/wikimedia-gadgets/JWB/commit/f1d22d3487d503e6a1300961c8226c6c45b654a4 [09:41:07] @rhinosf1 there's one browser that supports HTTPS AliasMode records [09:41:32] it's Safari [10:13:36] @bluemoon0332 Apple leading the way [10:13:48] I guess we hope cloudflare will give us fixed IPs [10:14:06] Otherwise tbh I'd rather stop offering dns than create individual sites for everyone [10:15:00] @bluemoon0332 are all of miraheze.com, miraheze.wiki, orain.org, wikitide.com and wiki.surf on the origin cert [11:18:52] MacFan4000: Actually we still need the ssl-certificate script for at least requesting CSRs for the origin certs every 15 years [11:19:37] We've got 15 years to make it work though [11:19:51] We also should move to authenticated origin pulls at some point [11:20:00] With the origin cert [11:20:17] we can do so right now for *.miraheze.org [11:20:32] I've actually been eyeing that setting lately [11:21:01] @bluemoon0332 are all them domains on origin cert? [11:21:09] So I can tick it off on the task [11:22:24] I'll check [11:22:45] I also need to create a task for dnssec on the other domains [11:23:15] That would be cool [11:23:43] I'd need to add their CA for this and add some settings to NGINX [11:23:58] @bluemoon0332 you could do it on beta as a test cause beta is fully cf [11:24:52] I'll create tasks before I go away for origin pull and dnssec [11:24:56] So I don't forget while away [11:27:13] I will share the CF script too [11:31:13] @rhinosf1 lmk when the task for origin pull is created [11:31:28] Will do [11:31:52] You want to be assigned to it? [11:31:59] yeah assign it to me [11:32:17] 🙂 [11:51:06] You check? [11:51:17] not yet [11:57:11] [1/6] miraheze.com: on redirects.yaml, uses LE cert [11:57:12] [2/6] miraheze.wiki: on redirects.yaml, uses LE cert [11:57:12] [3/6] orain.org: is using the miraheze.org origin cert on certs.yaml [11:57:12] [4/6] wikitide.com: not on the ssl repo, not on puppet [11:57:13] [5/6] wiki.surf: on redirects.yaml, uses LE cert [11:57:13] [6/6] @rhinosf1 [11:58:03] They all can be on the origin cert [11:58:20] wikitide.com seems to be completely unused tho [11:58:28] It works [11:58:37] It shows the Miraheze.org home page [11:58:47] Which is the default tbh [11:58:52] That's all it's used for [11:59:17] All the domains we own show at least landing [12:16:33] @bluemoon0332 https://gist.github.com/RhinosF1/c6944dbf47a26427aa271faa270ea57e [12:19:39] @bluemoon0332 https://issue-tracker.miraheze.org/T12554 [12:36:48] @bluemoon0332 https://issue-tracker.miraheze.org/T12551 confuses me [13:19:12] https://cdn.discordapp.com/attachments/1006789349498699827/1281967004135456808/Screenshot_20240907-081859.png?ex=66dda44f&is=66dc52cf&hm=0cfccf365606a2c002b28b5b91d3f09a204ad515475c89ba90074315b1526e6f& [13:19:17] I'm sorry??? [13:22:24] it's dominionstrategywiki [13:22:29] scroll down [13:22:34] to the most jobs list [13:22:40] I just saw [13:22:59] that should be easy to clear [13:23:27] started building at 8am this morning [13:23:45] been on the downward since an hour ago [13:24:03] unassisted it would clear in 3 hours [13:24:37] that's not exactly that much of a problem, it's designed to cope with that @agentisai [13:25:00] I don't remember too well how resilient the jobrunner is [13:25:12] it's a lot better [13:25:47] refreshLinks is a bit weird [13:26:06] there's quite a few jobs that then generate more jobs [13:26:12] and then can quite quickly drop [13:26:24] although sometimes refreshLinks' OOMs [13:29:09] I haven't seen refreshLink OOM in a while [13:29:14] looks like cause is a now stopped mass upload [13:29:33] I figured as I see a bunch of thumbnail jobs as well [13:30:03] Job count is now at <25k [13:30:29] 8 thousand odd files [13:31:27] WHAT THE FU- [13:31:33] That’s new [13:31:39] we got a problem [13:31:49] that's most definately a copyvio [13:34:17] oh nice [13:35:02] well maybe not [13:35:02] actually [13:35:09] seems the fandom wiki only has a single editor [13:35:33] it's a mass import of images + text from fandom [13:36:16] but as far as I can see https://dominionstrategy.fandom.com/wiki/Special:ListUsers only has the one editor [13:36:19] cc @agentisai [13:37:14] @agentisai re run runJobs please [13:37:21] to sweep up all the generated jobs [13:38:58] Where [13:39:32] nowhere [13:40:10] :squint: [13:41:00] it is about the 1 in a thousand times mass importing without attribution is fine [13:41:06] cause there's only one editor [13:41:15] done [13:42:25] it said exit 0 but grafana hasn't updated [13:55:11] is the ca folder on the ssl repo just there for fun? [13:55:43] quite possibly [13:55:56] it doesn't get copied by even the ssl::allcerts class, seems unused, but https://github.com/miraheze/ssl/commit/4a4773fd53cbad1bc3f52d58af86ba6237e7e8f2 [13:57:42] @bluemoon0332 it is used https://github.com/miraheze/puppet/blob/master/modules/base/manifests/ssl.pp#L9 [13:58:39] i'm not sure the cf certs being in there is the best idea [13:58:46] we don't want them valid for all traffic [14:04:33] I guess it is going to the certificate dir then [14:09:58] Works for me [14:10:07] It could just go in puppet [14:10:34] Cause like the ssl repo actually becomes redirects + domain audits [14:10:40] Not actually much to do with ssl [14:10:47] Which actually means TLS [14:10:54] @bluemoon0332 [16:30:44] @bluemoon0332 https://meta.miraheze.org/wiki/Custom_domains?diff=prev&oldid=421588 [16:33:33] @bluemoon0332 merge https://github.com/miraheze/ssl/pull/802 [16:34:35] and do the on-wiki bit [19:07:10] @cosmicalpha can you remove custom domain in ManageWiki on isocasgwiki [19:09:14] https://github.com/miraheze/ssl/pull/803