[01:57:56] Change on 12mediawiki a page OAuth was modified, changed by Shirayuki link https://www.mediawiki.org/w/index.php?diff=1329337 edit summary: prepare for translation [01:59:02] Change on 12mediawiki a page OAuth was modified, changed by Shirayuki link https://www.mediawiki.org/w/index.php?diff=1329338 edit summary: Marked this version for translation [02:00:38] Change on 12mediawiki a page OAuth/ja was created, changed by Shirayuki link https://www.mediawiki.org/w/index.php?title=OAuth%2fja edit summary: Created page with "OAuth" [02:01:10] Change on 12mediawiki a page OAuth/ja was modified, changed by Shirayuki link https://www.mediawiki.org/w/index.php?diff=1329347 edit summary: Created page with "お探しのものは以下のいずれかかもしれません" [02:01:45] Change on 12mediawiki a page OAuth/ja was modified, changed by Shirayuki link https://www.mediawiki.org/w/index.php?diff=1329349 edit summary: Created page with "* [[$ext|Extension:OAuth]] - MediaWiki で OAuth を実装する拡張機能" [02:03:35] Change on 12mediawiki a page OAuth/ja was modified, changed by Shirayuki link https://www.mediawiki.org/w/index.php?diff=1329351 edit summary: Created page with "* [[$auth|認証システム]] - ウィキメディア財団の、OAuth 開発に関連する計画" [02:05:07] Change on 12mediawiki a page OAuth/ja was modified, changed by Shirayuki link https://www.mediawiki.org/w/index.php?diff=1329354 edit summary: Created page with "* $oauth - OAuth についての廃止された情報" [04:26:32] Change on 12mediawiki a page OAuth/es was created, changed by Matiia link https://www.mediawiki.org/w/index.php?title=OAuth%2fes edit summary: Created page with "Puedes estar buscando lo siguiente" [04:28:50] YuviPanda: Can I get a little help with labs-vagrant? It seems ever more broken on precise :( [04:29:53] Change on 12mediawiki a page OAuth/es was modified, changed by Matiia link https://www.mediawiki.org/w/index.php?diff=1329368 edit summary: Created page with "[[$ext|Extensión:OAuth]] - extensión que implementa OAuth en MediaWiki" [04:32:06] Change on 12mediawiki a page OAuth/es was modified, changed by Matiia link https://www.mediawiki.org/w/index.php?diff=1329370 edit summary: Created page with "[[$auth|Sistema Auth]] - planes de la Fundación Wikimedia sobre el desarrollo de OAuth" [04:32:41] Change on 12mediawiki a page OAuth/es was modified, changed by Matiia link https://www.mediawiki.org/w/index.php?diff=1329372 edit summary: Created page with "$oauth - información obsoleta sobre OAuth" [04:34:07] Change on 12mediawiki a page OAuth/es was modified, changed by Matiia link https://www.mediawiki.org/w/index.php?diff=1329374 edit summary: [04:34:11] Change on 12mediawiki a page OAuth/es was modified, changed by Matiia link https://www.mediawiki.org/w/index.php?diff=1329376 edit summary: [04:34:19] Change on 12mediawiki a page OAuth/es was modified, changed by Matiia link https://www.mediawiki.org/w/index.php?diff=1329378 edit summary: [06:34:08] PROBLEM - Puppet failure on tools-exec-gift is CRITICAL: CRITICAL: 33.33% of data above the critical threshold [0.0] [06:44:25] PROBLEM - Puppet failure on tools-webproxy is CRITICAL: CRITICAL: 44.44% of data above the critical threshold [0.0] [07:04:05] RECOVERY - Puppet failure on tools-exec-gift is OK: OK: Less than 1.00% above the threshold [0.0] [07:09:28] RECOVERY - Puppet failure on tools-webproxy is OK: OK: Less than 1.00% above the threshold [0.0] [07:40:16] andrewbogott: good morning. Shall I just create a new instance and hack at it until labs vagrant works? [07:52:13] andrewbogott: ^ [07:52:33] YuviPanda: I can't decide... [07:52:43] Between? [07:53:06] It may make more sense to just separate the wikitech web host from the nova controller, and run the web host on trusty. [07:53:19] That's probably better than remaining the last person on earth to want vagrant on precise. [07:53:35] Yup plus then we can move wikitech off Zend at some point too [07:54:17] So, there's probably nothing for you to do at the moment. I was vaguely hoping to set up a new test cluster before I go on holiday, but that's definitely not going to happen now :) [07:54:25] Heh [07:55:10] andrewbogott: is there a way I can query LDAP for list of roles for a given hostname? [07:55:33] 'list of roles' -- you mean the puppet config? [07:55:58] Yes [07:56:12] yes. But unfortunately it doesn't work in ldaplist, lemme find a better commandline [07:59:31] YuviPanda: ldapsearch -x -D cn=proxyagent,ou=profile,dc=wikimedia,dc=org -b ou=hosts,dc=wikimedia,dc=org -W [08:00:16] Is that all the hosts? [08:01:57] * YuviPanda finds a computer to try [08:02:32] You need the password from /etc/ldap/ldap.conf [08:02:49] yeah, all the hosts. I think if you append a particular fqdn on the end you might get one... [09:28:05] andrewbogott: hmm, is there a trivial way to translate ec2id to fqdn? [09:28:06] or the other way around, rather [09:28:14] find ec2id for given fqdn? [09:28:15] hm... [09:28:15] * YuviPanda looks at ec2id fact [09:28:17] instances know their ec2id [09:28:17] and with the nova commandline you can do it easily, but that's only on virt1000 [09:28:20] It might be in ldap, I'm not sure [09:28:33] oh, hmm [09:28:34] ldap has an ‘asociated domain' [09:28:35] but what I basically want is a way to get fqdn -> puppet roles mapping [09:28:38] I guess I could iterate through ‘em all [09:38:26] I think everything you need is there in ldap, isn't it? So you can just run a query and make a little dict [09:48:21] yeah [09:48:31] * YuviPanda does [09:58:42] YuviPanda: I'm out -- have a good week! [09:58:52] andrewbogott: you too! have fun :) [10:06:30] 3Labs-Team: Add ability to specify checks per puppet role applied to an instance on shinken - https://phabricator.wikimedia.org/T85265#942819 (10yuvipanda) 3NEW [11:07:00] ldap isn’t so bad :) [12:45:53] ok, thanks. [12:45:57] hi folks. anyone can help me in setting up the keys correctly? i did posted the public key in OpenStack and I keep the private key from the same place where I do the ssh but it doesn't work. [12:50:49] ssh marcmiquel@tools-login.wmflabs.org [12:50:49] If you are having access problems, please see: https://wikitech.wikimedia.org/wiki/Access#Accessing_public_and_private_instances [12:50:49] Permission denied (publickey,hostbased). [13:00:26] anyone? [15:33:12] 3operations, Labs-Team, Wikimedia-Labs-wikitech-interface: Use a Puppet ENC to define which classes are included in which nodes (in Labs) - https://phabricator.wikimedia.org/T85279#943067 (10yuvipanda) 3NEW [15:34:08] ah, damn, I didn’t see marcmiquel’s request [15:40:27] PROBLEM - Puppet failure on tools-webproxy is CRITICAL: CRITICAL: 22.22% of data above the critical threshold [0.0] [15:42:05] PROBLEM - Puppet failure on tools-submit is CRITICAL: CRITICAL: 33.33% of data above the critical threshold [0.0] [15:43:28] PROBLEM - Puppet failure on tools-exec-10 is CRITICAL: CRITICAL: 33.33% of data above the critical threshold [0.0] [15:43:41] PROBLEM - Puppet failure on tools-exec-cyberbot is CRITICAL: CRITICAL: 33.33% of data above the critical threshold [0.0] [15:45:11] PROBLEM - Puppet failure on tools-exec-06 is CRITICAL: CRITICAL: 22.22% of data above the critical threshold [0.0] [15:45:51] PROBLEM - Puppet failure on tools-exec-05 is CRITICAL: CRITICAL: 50.00% of data above the critical threshold [0.0] [15:47:21] PROBLEM - Puppet failure on tools-exec-03 is CRITICAL: CRITICAL: 44.44% of data above the critical threshold [0.0] [15:47:53] PROBLEM - Puppet failure on tools-exec-09 is CRITICAL: CRITICAL: 50.00% of data above the critical threshold [0.0] [15:48:09] PROBLEM - Puppet failure on tools-redis is CRITICAL: CRITICAL: 55.56% of data above the critical threshold [0.0] [15:51:20] PROBLEM - Puppet failure on tools-webgrid-tomcat is CRITICAL: CRITICAL: 22.22% of data above the critical threshold [0.0] [15:51:32] PROBLEM - Puppet failure on tools-master is CRITICAL: CRITICAL: 55.56% of data above the critical threshold [0.0] [15:51:40] PROBLEM - Puppet failure on tools-webgrid-05 is CRITICAL: CRITICAL: 33.33% of data above the critical threshold [0.0] [15:51:56] PROBLEM - Puppet failure on tools-exec-11 is CRITICAL: CRITICAL: 66.67% of data above the critical threshold [0.0] [15:52:08] PROBLEM - Puppet failure on tools-exec-15 is CRITICAL: CRITICAL: 44.44% of data above the critical threshold [0.0] [15:52:16] PROBLEM - Puppet failure on tools-exec-wmt is CRITICAL: CRITICAL: 44.44% of data above the critical threshold [0.0] [15:53:25] PROBLEM - Puppet failure on tools-webgrid-02 is CRITICAL: CRITICAL: 55.56% of data above the critical threshold [0.0] [15:53:37] PROBLEM - Puppet failure on tools-trusty is CRITICAL: CRITICAL: 33.33% of data above the critical threshold [0.0] [15:54:03] PROBLEM - Puppet failure on tools-static is CRITICAL: CRITICAL: 62.50% of data above the critical threshold [0.0] [15:54:51] PROBLEM - Puppet failure on tools-exec-12 is CRITICAL: CRITICAL: 33.33% of data above the critical threshold [0.0] [15:55:07] PROBLEM - Puppet failure on tools-exec-gift is CRITICAL: CRITICAL: 66.67% of data above the critical threshold [0.0] [15:55:29] PROBLEM - Puppet failure on tools-mail is CRITICAL: CRITICAL: 66.67% of data above the critical threshold [0.0] [15:55:39] PROBLEM - Puppet failure on tools-login is CRITICAL: CRITICAL: 22.22% of data above the critical threshold [0.0] [15:55:39] PROBLEM - Puppet failure on tools-exec-14 is CRITICAL: CRITICAL: 44.44% of data above the critical threshold [0.0] [15:55:49] PROBLEM - Puppet failure on tools-uwsgi-01 is CRITICAL: CRITICAL: 33.33% of data above the critical threshold [0.0] [15:55:55] PROBLEM - Puppet failure on tools-dev is CRITICAL: CRITICAL: 33.33% of data above the critical threshold [0.0] [15:55:59] PROBLEM - Puppet failure on tools-exec-13 is CRITICAL: CRITICAL: 44.44% of data above the critical threshold [0.0] [15:56:01] PROBLEM - Puppet failure on tools-exec-08 is CRITICAL: CRITICAL: 40.00% of data above the critical threshold [0.0] [15:56:11] PROBLEM - Puppet failure on tools-webgrid-01 is CRITICAL: CRITICAL: 44.44% of data above the critical threshold [0.0] [15:56:19] PROBLEM - Puppet failure on tools-exec-07 is CRITICAL: CRITICAL: 55.56% of data above the critical threshold [0.0] [15:57:48] Coren: ^ can you take a look? [15:57:53] I’ll be back in about 2h [15:58:28] PROBLEM - Puppet failure on tools-exec-04 is CRITICAL: CRITICAL: 22.22% of data above the critical threshold [0.0] [15:58:32] Bleh. Yeah, I'll take a look. [16:00:40] PROBLEM - Puppet failure on tools-webgrid-04 is CRITICAL: CRITICAL: 44.44% of data above the critical threshold [0.0] [16:00:49] PROBLEM - Puppet failure on tools-exec-02 is CRITICAL: CRITICAL: 55.56% of data above the critical threshold [0.0] [16:00:51] PROBLEM - Puppet failure on tools-exec-catscan is CRITICAL: CRITICAL: 60.00% of data above the critical threshold [0.0] [16:00:51] Coren: what are the plans to convert login to trusty? [16:01:05] PROBLEM - Puppet failure on tools-webgrid-03 is CRITICAL: CRITICAL: 66.67% of data above the critical threshold [0.0] [16:01:17] PROBLEM - Puppet failure on tools-shadow is CRITICAL: CRITICAL: 55.56% of data above the critical threshold [0.0] [16:01:29] Beta: not for a long while, but there is a trust bastion available already. [16:01:38] Trusty* [16:02:44] trusty.tools.wmflabs.org [16:03:11] PROBLEM - Puppet failure on tools-exec-01 is CRITICAL: CRITICAL: 55.56% of data above the critical threshold [0.0] [16:04:28] Coren: ran into my first case where I had to use trusty [16:04:57] You can use the trust bastion, and request trusty exec nodes with -l release=trusty [16:05:07] svn started throwing SSL errors on the primary [16:06:16] Coren: it was the damnedest thing too [16:06:52] SSL errors? How odd. [16:07:14] Coren: Yeah, let me grab the exact message [16:08:07] SSL handshake failed: SSL alert received: Handshake failed [16:09:30] Coren: had me banging my head [16:10:05] No wonder. That message is almost as useless as a Windows error [16:10:24] Did you figure out the underlying cause? [16:10:37] Coren: No, just logged into trusty and it worked [16:10:48] think it has something to do with the svn version [16:11:27] That may be it. Honestly subversion isn't getting as much attention lately so something like that can go unnoticed for quite a while. [16:11:57] Coren: login uses 1.6 while trusty uses 1.8 [16:12:48] Yeah, the version is whatever the distro keeps up to date. IIRC, they switch to 1.8 during Raring. [16:13:25] It could also be root certs, but those are normally backported. [16:14:06] Coren: I have a working solution thats not much of a pain [16:14:16] Coren: Like I said I find all the odd bugs [16:15:06] That's because you tend to do things at the tail end of the bell curve. I think you're one of the last svn users. :-) [16:15:41] Even /I/ caved in and switch to git for general use. [16:17:17] Coren: git SUCKS at keeping/merging local changes when a file is changed in the repo [16:17:51] with svn, its svn up [16:18:01] if it cant merge it lets you know [16:18:23] with git, you have to stash, pull, and somehow unstash [16:18:25] Sure, but that's because that's not the way to do it in git. You want a local /commit/ not just locally modified files. When done that way, merges work fine. [16:19:23] (Well, they're not merges then - it's rebasing the local commit. Same result) [16:19:46] And it gives you version control of the local changes. [16:23:09] But yeah, I resisted git a long time too. But to be fair, once you get used to the different workflow idioms, it's actually better than subversion. [16:23:34] It just sucks a lot at trying to use it the way you'd use svn. [16:24:04] Coren: thus why I havent [16:24:21] SVN is stable and works for me [16:25:25] Sure, but then you have to live with the fact that it becomes increasingly more marginal the way RCS did before it. :-) [16:26:56] Coren: this is the first issue Ive had with SVN in 8 years.... and it was because we had an old system in login :P [16:27:44] Herald of things to come. :-) Don't worry, I'm not going to push you into git against your will; but you /should/ look into it eventually. You'll probably find you like it better once you get used to it. [16:28:29] Coren: Better idea, just wait two years for the next better system and then use that :P [16:30:50] Coren: reminds me of an old saying, if its not broken, dont fix it :) [16:35:01] broken comes in flavours [16:35:12] broken for what [16:36:21] GerardM-: ran into a odd SSL error with SVN on tools-login, but tools-trusty worked [16:39:01] Coren: Betacommand's SSL host switched to SNI [16:39:57] er, SVN host* [16:40:24] Betacommand: also, consider hg if git is not your cup of tea. It's supposed to be easier to get started with [16:40:53] but I've drunk too much of the git-fu, so I'm constantly annoyed by how hard it is to do slightly non-trivial things [21:30:41] ping sumanah [21:31:44] Hey there terrrydactyl .... so, go ahead and log into https://wikitech.wikimedia.org - if you don't have an account, make one [21:31:52] and tell me the username [21:35:45] sumanah, had to reset my password [21:35:54] what's the token field supposed to be for? [21:36:22] terrrydactyl: I've forgotten. I think you don't have to fill it in unless you know why you would be filling it in! [21:36:32] okay sounds good [21:36:38] terrrydactyl: you can ignore that, it's for single-use tokens. If you did not set that up, leaving it empty should work! [21:37:01] sumanah: happy holidays! [21:37:18] Hi valhallasw`cloud - happy holidays to you as well! [21:37:24] sumanah, okay, so my username should be Terrrydactyl [21:37:35] keeping things standard. :) [21:38:30] :) ok terrrydactyl I think you will also have to tell Wikimedia Labs what your ssh key is - https://wikitech.wikimedia.org/wiki/Special:Preferences#mw-prefsection-openstack [21:38:54] sumanah, looks like i had it set up already at some point [21:39:02] oh good! [21:39:53] ok terrrydactyl can you now ssh into tools-login.wmflabs.org using Terrrydactyl as your username? [21:40:45] yep! [21:41:18] ok, I'm doing that now, gotta futz with some ssh stuff [21:41:37] but basically now terrrydactyl you can start looking at https://wikitech.wikimedia.org/wiki/Help:Tool_Labs [21:41:50] terrrydactyl: and that should help you start looking around and see what you have access to [21:41:56] okay [21:54:18] terrrydactyl: so, weirdly, I am having trouble ssh'ing into the tools-login server. But if you have any questions, I can try to answer them [21:55:25] are you logging in like this? $ ssh terrrydactyl@tools-login.wmflabs.org [21:57:29] $ ssh tools-login.wmflabs.org [21:57:29] ssh: connect to host tools-login.wmflabs.org port 22: Connection timed out [21:57:33] I'll try with a username [22:02:25] I think I'm getting a timeout [22:03:53] aw [22:04:16] sumanah: as alternatives, you can try tools-dev.wmflabs.org and trusty.tools.wmflabs.org [22:04:28] valhallasw`cloud: to log into? [22:04:33] *nod* [22:04:36] i'm not sure how to fix that. i'm about to head out for lunch. if you're still around after that, maybe we can talk then? [22:04:45] those three servers are the 'bastions' for tool labs [22:05:11] terrrydactyl: ok. [22:05:24] terrrydactyl: if I'd known you had time commitments I would have gone faster [22:05:42] valhallasw`cloud: I'll try that, thanks. [22:05:52] no no. we just decided on food and we wanna try and head out before it closes for xmas eve [22:06:01] go forth [22:06:40] :) thanks! [22:07:02] "Permission denied (publickey,hostbased)." argrgh. [22:11:23] I'm finally in! thanks for your help valhallasw`cloud [22:15:39] sumanah: yw! [22:17:43] so, I became the tool, I am tools.missing-from-wikipedia@tools-dev, I have an index.html page in /public_html/ and it's world-readable, but https://tools.wmflabs.org/missing-from-wikipedia/ says 404 [22:19:59] sumanah: error.log is supposed to give helpful information, but I can't quite figure out what's wrong [22:20:26] maybe it's trying to read public_html/missing-from-wikipedia/index.html ? [22:20:46] sumanah: in general, I'd expect the fcgi handler to pick it up :/ [22:21:10] I'll try copying there... (originally mistyped as "coping" ahahah) [22:21:19] oh, sorry, it does that. It says "2014-12-24 22:18:37: (mod_fastcgi.c.3636) handling it in mod_fastcgi" [22:22:02] so -- seemingly at random -- it used to give me "The URI you have requested, /missing-from-wikipedia/, is not currently serviced." [22:22:10] which it now does basically consistently [22:22:16] no wait now it's a 404 [22:22:27] sumanah: right, that's what you get if lighttpd is not running [22:22:38] but it /is/ running, otherwise you wouldn't get those extensive reports in error.log [22:22:44] $ webservice status [22:22:44] Your webservice is scheduled: [22:22:44] queue instance "mailq@tools-exec-10.eqiad.wmflabs" dropped because it is temporarily not available [22:22:58] right, https://tools.wmflabs.org/missing-from-wikipedia/index works [22:23:27] wow, interesting! [22:23:32] sumanah: so what's happening is this. lighttpd sends the request via fcgi to flask. But your flask app only has a route for @app.route('/index', [22:24:02] (btw it has literally been a year since I touched this code, hence my bwuh confusion about how it works) [22:24:44] sumanah: I think the easiest fix would be to change @app.route('/index' to @app.route('/' [22:24:53] yeah [22:25:16] a nicer fix would be to tell lighttpd somehow it should serve some urls directly, but I think that's somewhat difficult [22:25:39] sumanah: however, the index.html /is/ useful! it's what's shown if lighttpd shuts down for some reason [22:26:07] is there a # for tool lab? [22:26:38] OrenBochman: what do you mean with 'a #'? [22:26:50] channel [22:27:04] this channel is also for tool labs [22:27:11] 10x [22:28:31] how do I access an instance in wmflabs via www? [22:31:35] OrenBochman: that depends. If it's on tool labs, you should be able to view it via tools.wmflabs.org//... [22:31:46] OrenBochman: in the general case, I think you need to tunnel over SSH [22:32:56] 3Tool-Labs-tools-Other: bring back missing-from-wikipedia - https://phabricator.wikimedia.org/T72199#943449 (10sumanah) Sumana here. https://tools.wmflabs.org/missing-from-wikipedia/index is now up - needs futzing-with, though, to improve it, and to make the link from https://tools.wmflabs.org/ actually work! [22:37:17] ok [22:37:52] any idea while all my tool no longer work ? [22:39:26] OrenBochman: which ones? [22:43:33] it ways i ave not enabled the webservice for my tool [22:44:56] orwell01 [22:46:02] OrenBochman: have you started it recently? i.e. did it stop, or did you never start it? [22:47:11] ok [22:47:17] I never started it [22:47:33] it was not required back when I coded this [22:48:26] OrenBochman: in that case, log in to tools-login.wmflabs.org, become , run webservice start [22:51:24] is it possible to view code etc of other tools ? [22:51:45] i.e. ones i did not develop [22:52:09] yes [22:52:19] OrenBochman: generally, yes. Just go to /data/project/ [22:52:34] OrenBochman: some tools have shielded off the entire directory, some just sensitive files [22:56:01] also is there some place recommended for keeping the source of tools in git ? [22:57:49] OrenBochman1: you're free to choose a place yourself. Some of my repos are on github, some are in gerrit. [22:59:53] I ment where do other people put it in gerrit [23:05:50] valhallasw`cloud: I noticed you contributed to quarry - is that deployed as a tool or as a lab instance ? [23:06:05] OrenBochman1: labs/tools/, typically [23:06:09] OrenBochman1: quarry is a labs instance [23:08:36] any idea how the auth is done against meta ? [23:09:19] oauth [23:09:33] I think quarry uses mwoauth, gerrit-patch-uploader uses flask-mwoauth [23:11:25] (both python packages) [23:15:01] any idea of something that does this with php ? [23:20:08] OrenBochman1: not sure. the mediawiki oauth docs might have a few notes [23:20:12] I'm off to bed, good night. [23:28:21] Why do I get a blank page at https://wikitech.wikimedia.org/w/index.php?title=Special:NovaInstance&action=consoleoutput&project=ttmserver&instanceid=456b8070-f46b-4a4e-a2bf-7a60ce6ceb92®ion=eqiad [23:29:14] https://wikitech.wikimedia.org/wiki/Nova_Resource:Ttmserver still thinks I'm not an admin. I don't remember if one needs admin to see console output [23:55:40] Coren: did you get anywhere with why puppet was failing on all of labs?