[00:01:01] hmm ok [01:28:46] 3Tool-Labs, pywikibot-core, Pywikibot-login.py, Possible-Tech-Projects: Pywikibot: Implement support for OAuth - https://phabricator.wikimedia.org/T74065#1026822 (10jayvdb) [01:30:47] labs-morebots: you ok? [01:30:48] I am a logbot running on tools-exec-13. [01:30:48] Messages are logged to wikitech.wikimedia.org/wiki/Server_Admin_Log. [01:30:48] To log a message, type !log . [01:51:17] hi, I'm not getting to acces a labs instance, I don't know what I'm doing wrong, I tried using the two ways that is on 'Help:access' page: http://dpaste.com/17C7T63 [01:57:41] with verbose mode: http://dpaste.com/1YKSBVM [02:00:45] danilo: so, that paste shows you succeeding in access to bastion [02:01:34] So things are mostly right on your end... [02:01:51] have you set up proxy command? [02:03:32] andrewbogott: no, it is the first time I'm accessing a labs project outside Tool Labs, how can I do that? [02:04:15] https://wikitech.wikimedia.org/wiki/Help:Access#Accessing_instances_with_ProxyCommand_ssh_option_.28recommended.29 [02:04:22] you also need to be a member of the project, of course :) [02:07:53] hmm, I have already done that: http://dpaste.com/1E2R26S [02:08:34] I don’t have time to help anymore, sorry. [02:08:45] As I mentioned, you do need to be in the project :) Other than that, the docs should be adequate. [02:09:52] yes, I'm adimin on the project... ok, thanks [02:31:13] I want to create a thing in WMF Labs for collecting usernames at edit-a-thons. Per my organization's existing practice I will do all the disclaimer stuff ("Wikimedia Foundation wants to use your data to make its programs better," etc. etc.). Is there anything I need to keep in mind specifically for the back-end / storage stuff? [03:01:54] !log testlabs testing the log by logging a test [03:01:57] Logged the message, dummy [03:02:38] harej: this is the right place to ask about such a thing, but you’re in a bit of a timezone gap. European and North American daytime hours are more likely to get you an answer. [03:02:58] Sad thing is, I *am* North American. I just happen to keep very, uh, broad hours. [03:10:33] Anyways, I read some of the documentation. It suggests I shouldn't be doing what I want to do. [03:10:34] oh well! [03:18:27] 3Labs: Move wikitech web interface to a dedicated server - https://phabricator.wikimedia.org/T88300#1027037 (10Andrew) wikitech is on silver now, and seems happy. It's not behind a varnish yet, though [03:50:23] harej: if you need help let me know [03:50:35] Ah, Betacommand. My old business partner. [03:51:33] harej: your idea sounds fairly simple as long as you dont collect passwords [03:52:10] I have no plans on collecting passwords. I just need the usernames. But the WMF Labs terms of use does not allow username collection except for temporary use. [03:52:46] harej: can you point that out> [03:52:49] We don't pair usernames with other PII (it is our policy not to), but we're interested in storing longer than 30 days [03:53:00] https://wikitech.wikimedia.org/wiki/Wikitech:Labs_Terms_of_use [03:53:04] > You should not collect or store private data or personally identifiable information, such as user names, passwords, or IP addresses (“Private Information”) from the individuals using your Labs Project (“End Users”), except when complying with the conditions listed below. [03:53:10] > Purge, anonymize, or aggregate any Private Information you store no more than 30 days after storing it; [03:54:15] harej: I wouldnt consider usernames to be private information [03:54:30] "personally identifiable information, such as user names" [03:54:54] harej: I think that wording might need tweaked [03:55:25] that'll be up to the lawyers [03:56:41] But seriously if all your collecting is usernames and nothing else, you shouldnt have an issue [03:56:55] well, usernames and random survey questions [03:57:08] especially if you use labs-tools as you will not have access to IP information [03:57:36] harej: Ill poke coren tomorrow, but I dont see an issue at all [04:07:13] harej: you might even want to use http://www.mediawiki.org/wiki/OAuth/For_Developers which would handle and verify the editors for your survey [04:08:01] Is there a particular reason why I would need to use OAuth if I just need the username? [04:14:47] harej: it ensures that the user is who they claim they are [04:15:05] otherwise your data may have issues [04:15:32] in practice this hasn't really been a problem; it's mostly in person data collection [04:15:41] but it may streamline the process and prevent people from mis-entering their user name [04:16:44] does it get around the limitations impose by the labs terms of use? [04:17:42] harej: Im going to talk with coren and loop legal in if needed to take care of that for you [04:17:49] Alright, thanks [04:18:09] but at this time of day none of them are around [04:24:47] Indeed not. I shouldn't even be working right now. I just felt like it, for some reason. [04:25:23] harej: there's a bug (and patch!) that introduces a slightly simplified version of OAuth if you want it just for authentication and not actually taking actions. [04:26:40] How soon will it be integrated? [05:31:43] (03PS1) 10Mattflaschen: Initial commit [labs/tools/phabricator-bug-status] - 10https://gerrit.wikimedia.org/r/189670 [05:33:07] (03PS2) 10Mattflaschen: Initial commit [labs/tools/phabricator-bug-status] - 10https://gerrit.wikimedia.org/r/189670 (https://phabricator.wikimedia.org/T539) [05:33:18] (03CR) 10Mattflaschen: [C: 032] Initial commit [labs/tools/phabricator-bug-status] - 10https://gerrit.wikimedia.org/r/189670 (https://phabricator.wikimedia.org/T539) (owner: 10Mattflaschen) [05:33:23] (03CR) 10Mattflaschen: [V: 032] Initial commit [labs/tools/phabricator-bug-status] - 10https://gerrit.wikimedia.org/r/189670 (https://phabricator.wikimedia.org/T539) (owner: 10Mattflaschen) [08:23:36] hello [08:24:27] i am attempting to connect to enwikisource database from tools-login, but am denied :( [08:24:37] SELECT command denied to user 's52440'@'10.68.16.7' for table 'page' [08:24:46] can anyone suggest what I may be doing wrong? [08:32:11] agh, the "_p"! [08:32:17] :) [08:32:34] i'll blame the beer..... [09:05:09] 3Living-Style-Guide, Tool-Labs, MobileFrontend: npm version on tools-login.wmflabs.org is incompatible with MobileFrontend package.json used by the KSS styleguide - https://phabricator.wikimedia.org/T89093#1027309 (10Spage) 3NEW [09:45:07] 3Tool-Labs, pywikibot-core, Pywikibot-login.py, Possible-Tech-Projects: Pywikibot: Implement support for OAuth - https://phabricator.wikimedia.org/T74065#1027366 (10Qgil) @jayvdb, as part of T76341, I have documented the requirements for **Featured** #Possible-Tech-Projects [[ https://phabricator.wikimedia.org/p... [09:59:55] 3Tool-Labs, pywikibot-core, Pywikibot-login.py, Possible-Tech-Projects: Pywikibot: Implement support for OAuth - https://phabricator.wikimedia.org/T74065#1027381 (10jayvdb) @qgil, which part of that definition of Featured are you concerned about? fwiw, I feel I could do this task in 2-3 weeks. There are alread... [10:23:42] PROBLEM - Free space - all mounts on tools-webproxy is CRITICAL: CRITICAL: tools.tools-webproxy.diskspace._var.byte_percentfree.value (<12.50%) [10:25:49] 3Tool-Labs, pywikibot-core, Pywikibot-login.py, Possible-Tech-Projects: Pywikibot: Implement support for OAuth - https://phabricator.wikimedia.org/T74065#1027468 (10Qgil) I'm only concerned about all Featured projects having that checklist spelled and complete in the task description. [10:33:37] RECOVERY - Free space - all mounts on tools-webproxy is OK: OK: All targets OK [10:33:39] 3Tool-Labs, pywikibot-core, Pywikibot-login.py, Possible-Tech-Projects: Pywikibot: Implement support for OAuth - https://phabricator.wikimedia.org/T74065#1027481 (10valhallasw) [11:17:01] Hi. Can I request quick deletion of a tool? [11:17:11] one of my tools actually [12:09:35] PROBLEM - Free space - all mounts on tools-webproxy is CRITICAL: CRITICAL: tools.tools-webproxy.diskspace._var.byte_percentfree.value (<22.22%) [12:19:36] RECOVERY - Free space - all mounts on tools-webproxy is OK: OK: All targets OK [13:32:48] ebraminio: you should be able to remove it yourself [13:33:51] Betacommand: I can not see the option, where should I find it? [13:35:22] ebraminio: one sec, let me dig up the info [13:39:30] ebraminio: https://wikitech.wikimedia.org/wiki/Special:NovaServiceGroup [13:39:50] ebraminio: keep in mind all data in the tool will be lost, and its not reverseable [13:40:21] Betacommand: You must be a member of the projectadmin role in project tools to perform this action. [13:40:40] ebraminio: to use the remove service group? [13:41:10] Yes [13:41:21] odd [13:41:36] on the link I've PMd you [13:42:45] Poke coren in 2-3 hours [13:43:20] Okay, thanks [13:43:24] I'm aroundish now, but still in "first coffee mode" - if you can explain whatever you need me for in simple terms, I might be able to help. :-) [13:43:42] Coren: delete a tool [13:46:38] Yeah, tool deletion is restricted because it's one-way and potentially very destructive. What tool is this? [13:47:11] ebraminio: ^ [13:47:50] Coren: On the link I've PMd. Thank you [13:52:06] ebraminio: I'll be able to do that for you shortly. [13:53:32] Coren: That would be great, just please don't remove my other tools :) [14:17:07] hi, I'm not getting to acces a labs instance, I don't know what I'm doing wrong, I tried using the two ways that is on 'Help:Access' page: http://dpaste.com/17C7T63 ( with verbose mode: http://dpaste.com/1YKSBVM ) [15:47:44] ebraminio: There's lots of stuff in that home. You sure? [15:48:57] Coren: Just cleanupped them manually. Yes, thank you. [15:49:36] 3Tool-Labs, pywikibot-core, Pywikibot-login.py, Possible-Tech-Projects: Pywikibot: Implement support for OAuth - https://phabricator.wikimedia.org/T74065#1028203 (10Halfak) @jayvdb I'm not very familiar with pywikipediabot's inner workings, but I expect that we'll have little trouble working with mwoauth. Stat... [15:49:58] ebraminio: It's gone. [15:50:12] Thank you :) [16:01:37] Coren: I have a question about labs ToS [16:01:46] Shoot [16:02:39] It considers usernames as non-public information that cannot be kept for more than 30 days... yet usernames are very public.... [16:04:21] The issue isn't the username proper so much as the username combined with other data such as when (and whether) it used a tool, etc. Clearly, just a list of usernames isn't a problem. [16:05:59] Coren: I know a user that wants to do a survey feedback for edit-a-thons, how could that be done without violating the ToS and yet still have usable information [16:06:49] Well, for one, simply following the rule that collecting information needs to explain what information is collected and for how long would go a long way. [16:06:59] (and why) [16:07:24] An editathon survey seems to me to be entirely in scope and okay, provided there is good disclosure. [16:08:47] Coren: what about the 30 day rule? [16:09:30] disclosure shouldnt be an issue [16:12:38] Well, the 30 days rule would require anonymization or aggregation after that delay; and I would expect that most surveys are more interested in the aggregates than the individual bits of datum - but provided that how the data is to be retained and used then I see no issue. Also, avoiding collection of unnecessary data (limit to the needful) makes things better. [16:13:06] (e.g. if you don't *need* a timestamp of when the survey was filled, don't collect it; and so on) [16:14:08] Like all rules, the TOS explains the "things that are okay", but things can be okay beyond that. This seems to be an entirely legitimate thing. [16:14:30] And I'd *much* rather something like this be done in Labs than - say - on a google form. [16:24:44] Coren: thanks for the info. Ill talk with the dev [16:54:02] 3Wikimedia-DNS, Wikimedia-Labs-wikitech-interface, Wikimedia-Extension-setup: Install MobileFrontend on wikitech - https://phabricator.wikimedia.org/T87633#1028329 (10Andrew) [16:57:45] I'm not getting to access a labs instance, http://dpaste.com/17C7T63 , someone knows what I am doing wrong? [17:14:30] danilo: Connection timed out means either the instance is down, or there is firewalling that prevents you from using it. [17:14:57] danilo: Have you checked the project's security (aka network) groups? [17:17:03] Coren: the instance have "default" security group: https://wikitech.wikimedia.org/wiki/Nova_Resource:I-0000081b.eqiad.wmflabs [17:17:33] danilo: Sure, but what "default" means depends on the project. Which is it? [17:23:11] Coren: where can I see that? in https://wikitech.wikimedia.org/wiki/Special:NovaSecurityGroup I see only "revscoring" link, but not a "add group" link (I am admim on the project) [17:23:59] What project is this? [17:24:11] revscoring [17:24:24] Ah. :-) Gimme a sec. [17:24:50] ... what. [17:25:02] Hm, give me a minute. [17:26:23] You don't see a table with one row labled 'default'? [17:26:48] Wait - your default rule is entirely empty! (dafu?) When was this project created? [17:27:55] I’ve seen that happen but I thought it was fixed :( [17:28:13] andrewbogott: Ah, just the guy I was about to ping. [17:28:14] some months ago, I don't know exactely [17:28:25] danilo: Did this project ever work? [17:28:26] ah, ok, so maybe it /is/ fixed… [17:28:34] Coren: no [17:28:40] Ah. [17:30:50] 3Wikimedia-DNS, Wikimedia-Extension-setup, Wikimedia-Labs-wikitech-interface: Install MobileFrontend on wikitech - https://phabricator.wikimedia.org/T87633#1028403 (10MaxSem) [17:43:57] 3Wikimedia-DNS, Wikimedia-Extension-setup, Wikimedia-Labs-wikitech-interface: Install MobileFrontend on wikitech - https://phabricator.wikimedia.org/T87633#1028461 (10MaxSem) Note that wikidata now already has MF enabled, just not automatic redirection while mobile support is being worked on. The workflow is: *... [17:51:02] andrewbogott: congrats on having wikitech in the main deployment train \O/ [17:58:35] 3Labs: Create xtools project on Labs with domain xtools.wmflabs.org - https://phabricator.wikimedia.org/T88123#1028488 (10coren) 5Open>3Resolved That been done now. [17:59:53] Coren: there is something I can do to make the project work? [18:02:37] danilo: I dunno if andrewbogott has a ready-made fix because he ran into that issue in the past, but the simplest way is to simply add the things you need to the default group. If there isn't a quick fix, I'll give you a hand. [18:02:46] Nope, no ready-made fix. [18:02:55] You can just add the rules by hand [18:02:58] or I can [18:04:30] this is what I see in 'Special:NovaSecurityGroup': http://uploadpie.com/CRmyj , it doesn't have a "add group" button for me [18:07:21] danilo: I added a rule for ssh; can you access now? [18:07:34] I’m not sure why you don’t see an ‘add group’ button but probably you just need to log out and in again [18:08:53] 3Tool-Labs: Reenable backups for /home and /data/project - https://phabricator.wikimedia.org/T63103#1028521 (10coren) p:5Triage>3Normal [18:08:54] andrewbogott: yes I'm in, thanks! [18:09:22] 3Labs: Process for user backups - https://phabricator.wikimedia.org/T85608#1028524 (10coren) [18:09:22] danilo: cool — sorry for the confusion. You’ve hit a series of dumb bugs with the labs web ui [18:09:23] 3Tool-Labs: Reenable backups for /home and /data/project - https://phabricator.wikimedia.org/T63103#653884 (10coren) [18:09:54] 3Tool-Labs: Reenable backups for /home and /data/project - https://phabricator.wikimedia.org/T63103#653884 (10coren) This is related to, and will return, as a side effect of reenabling thin snapshots. [18:11:26] andrewbogott: I loged out and in, now I can see the "add group" button and the rules table, thanks again [18:11:32] great [18:13:05] 3Tool-Labs: IRC: Too many user connections (global) - https://phabricator.wikimedia.org/T66802#1028558 (10coren) It is still an issue insofar as currently, not all exec nodes where bots run have distinct IPs so that identd works (this is a Freenode requirement to avoid all bots being "counted" as the same). I'l... [18:26:03] 3Tool-Labs: IRC: Too many user connections (global) - https://phabricator.wikimedia.org/T66802#1028588 (10coren) 5Open>3Resolved All exec nodes now have public IPs and should not run into per-IP limits on Freenode. [19:13:05] can i get a static ip please for the labs instance? [19:13:20] yurikR: What do you need it for? [19:13:38] Coren, need it for zero testing by a partner before they enable it on the whole WP [19:13:51] they want an unused IP they can test against [19:13:54] Mkay. What project? [19:14:08] Coren, http://graph.wmflabs.org/wiki/Main_Page [19:14:41] I mean, what project is this instance in? [19:15:02] Also, Yeay Unicorn! [19:15:06] Coren, mediawiki-api [19:15:27] )) [19:15:41] yurikR: I just gave you an IP quota of one, so you can now allocate an IP. [19:15:54] Coren, thx! [19:15:56] Remember to remove the dynamic proxy stuff before you try to reuse the name. [19:16:11] (Or use a different name entirely) [19:16:24] That won't give you https unless you have a cert though. [19:18:18] Coren, no cert. Btw, do you know why web proxies no longer show up in the list [19:18:44] on wikitech [19:18:48] You may have to log off an on again; wikitech moved yesterday and some auth tokens may be lost [19:29:31] Coren, i logged off, and it did start showing eqiad, but it still doesn't show the current web proxy graph.wmflabs.org mapping [19:30:38] Hmmm [19:31:09] Odd. Can you open a phab ticket about it? That seems to be a bug. In the meantime, you can use some other hostname for your tests and that will not affect anything. [19:35:56] Coren, this is weird - i just claimed one ip, and assigned it and attached it, and gave it name graph.wmflabs.org -- and all of this worked fine. Now i tried nslookup graph.wmflabs.org 8.8.8.8 and got two results back: 208.80.155.201 [19:35:56] , 208.80.155.156 [19:36:37] That's because you still have the proxy thing up. You should be using another hostname until I figure out what's up with the proxy thing. [19:39:23] Coren, oh, thx, added another domain and it worked fine. Please don't change that IP - i will give it to our partner for testing (for the next few weeks) [19:39:27] thanks for your help!!! [19:55:24] 3Tool-Labs: Comment lines in crontab are modified if their first characters are not '#' - https://phabricator.wikimedia.org/T75256#1028831 (10coren) p:5Triage>3Low I expect that the entire preprocessing phase can and should be removed soon given that users are now better acquainted with how this should work,... [20:10:28] 3Tool-Labs: Add --server=hhvm to webservice2 - https://phabricator.wikimedia.org/T84984#1028857 (10coren) p:5Triage>3Normal [20:30:43] PROBLEM - Free space - all mounts on tools-webproxy is CRITICAL: CRITICAL: tools.tools-webproxy.diskspace._var.byte_percentfree.value (<33.33%) [20:44:33] 3Tool-Labs, pywikibot-core, Pywikibot-login.py, Possible-Tech-Projects: Pywikibot: Implement support for OAuth - https://phabricator.wikimedia.org/T74065#1028954 (10jayvdb) @Halfak, re httplib2 , it doesnt have native support for oauth, but there are full-blown libraries around ( https://github.com/google/oauth2... [20:55:37] RECOVERY - Free space - all mounts on tools-webproxy is OK: OK: All targets OK [20:58:11] 3Tool-Labs, pywikibot-core, Pywikibot-login.py, Possible-Tech-Projects: Pywikibot: Implement support for OAuth - https://phabricator.wikimedia.org/T74065#1029010 (10Halfak) I think that our biggest concern will be signing new requests with the AccessToken. requests-oauthlib/requests provides native support for... [21:09:03] 3Labs: Wikitech created a broken LDAP entry for a new instance - https://phabricator.wikimedia.org/T89001#1025233 (10coren) For the record, this has occured again shortly afterwards with -09. In both cases, the only genuine issue is the lack of aRecord (the other differences are simply because the instance was... [21:10:09] Coren: are you seeing ^ today still? [21:10:24] andrewbogott: No, just doing some triage and updating tasks. [21:10:30] ok, great. [21:11:00] 3Labs: Monitor ldap passwd queries - https://phabricator.wikimedia.org/T88584#1029066 (10coren) p:5Triage>3Normal [21:11:52] 3Labs: Puppet logs should be timestamped in a human-readable way - https://phabricator.wikimedia.org/T88108#1029069 (10coren) p:5Triage>3Low [21:12:15] 3Labs: Wikitech created a broken LDAP entry for a new instance - https://phabricator.wikimedia.org/T89001#1029073 (10Andrew) Here is what I think/hope is the case: - This failure is a race that becomes more likely to happen when the OpenStackManager host is under load - Now that wikitech is on new hardware, thi... [21:13:31] 3Labs, Wikimedia-Labs-wikitech-interface: Wikitech registration requires labs shell access - https://phabricator.wikimedia.org/T88092#1029075 (10coren) p:5Triage>3Low [21:20:04] 3Labs, Tool-Labs: Migrate tools-redis to a bigger instance - https://phabricator.wikimedia.org/T87107#1029101 (10coren) p:5Triage>3Low [21:22:07] 3Tool-Labs, pywikibot-core, Pywikibot-login.py, Possible-Tech-Projects: Pywikibot: Implement support for OAuth - https://phabricator.wikimedia.org/T74065#1029129 (10valhallasw) >>! In T74065#1028954, @jayvdb wrote: > That would be simpler than a complete switch to requests. This sounded like a challenge ;-) I *... [21:22:48] 3Labs: Increase storage available to labs NFS server - https://phabricator.wikimedia.org/T85607#1029130 (10coren) p:5Triage>3Normal [21:25:36] 3Labs: Storage capacity & redundancy expansion (tracking) - https://phabricator.wikimedia.org/T85604#1029147 (10coren) p:5Triage>3Normal [21:28:43] 3Labs: Investigate enabling host-based auth to all hosts from bastions - https://phabricator.wikimedia.org/T76971#1029160 (10coren) p:5Triage>3Volunteer? That would require distributing the bastion host keys automagically to labs instances without resource collection nor a shared filesystem, and default HBA... [21:31:26] 3Labs: Transient failure on labs puppet hosts because they can't find role::labs::instance in puppet - https://phabricator.wikimedia.org/T77644#1029171 (10coren) 5Open>3Invalid a:3coren It is //theorically// possible that an instance comes up faster than the LDAP entry gets created entirely, and this would... [21:33:26] 3Labs, Wikimedia-Labs-Infrastructure: Puppet failure on new instance: Various package have no installation candidate - https://phabricator.wikimedia.org/T84967#1029178 (10coren) 5Open>3Invalid a:3coren Bootstrap issue; some packages only "exist" after several puppet runs because the repos from which they c... [21:33:51] I'm having trouble accessing the db for metawiki with `sql metawiki` [21:34:28] `sql enwiki` then `use metawiki` works. [21:34:59] 3Labs: Process for user backups - https://phabricator.wikimedia.org/T85608#1029181 (10coren) p:5Triage>3Normal [21:35:31] fhocutt: What happens when you try? [21:35:50] "ERROR 2003 (HY000): Can't connect to MySQL server on 'metawiki.labsdb' (111)" [21:36:12] Hmmm. [21:38:03] fhocutt: try: [21:38:10] sql metawiki_p [21:38:41] "ERROR 2003 (HY000): Can't connect to MySQL server on 'metawiki.labsdb' (111)" [21:39:11] fhocutt: you included the _p ? [21:39:14] yes. [21:39:37] fhocutt: from tools login ? [21:39:54] "tools.grantsbot@tools-login:~$ sql metawiki_p [21:39:54] ERROR 2003 (HY000): Can't connect to MySQL server on 'metawiki.labsdb' (111)" [21:41:06] fhocutt: I get the same, I think I know whats going on, just give me a sec [21:41:17] c3 (s3, s6, s7) seems to be having issues [21:41:32] fhocutt: your looking for the db for meta.wikimedia.org ? [21:41:38] yes. [21:41:50] The primary issue being "it's not up". [21:42:15] ...that is an issue. [21:42:23] fhocutt: You can work around the issue right now by simply connecting to either of the other two databases. [21:42:34] will do [21:42:40] thanks. [21:43:05] fhocutt: I'll look into why it's down - I don't think Sean had maintenance scheduled but it's dangerous to start a database behind your DBA's back. :-) [21:43:21] sure thing, thanks. [23:35:51] 3Labs: Request to create Gather labs instance - https://phabricator.wikimedia.org/T89185#1029463 (10rmoen) 3NEW [23:45:46] 3Labs: Request to create Gather labs instance - https://phabricator.wikimedia.org/T89185#1029485 (10rmoen) [23:52:26] 3Labs: Request to create Gather labs project - https://phabricator.wikimedia.org/T89185#1029497 (10Krenair)