[00:59:08] @reception123 have gone through the 4 config tasks that can be done by me currently, 1 is done, 1 is awaiting PR merge, 2 are assigned, 1 to you and 1 to OA [07:39:28] @bwm0 you have no open PRs I closed one because it already existed in ManageWiki though. [10:40:35] Aww, we forgot to do the Community Wishlist Survey this year \:( [10:40:44] not that it has yielded big results in years past at least [10:58:35] @reception123 yuck yuck and yuck [10:58:59] @reception123 please move the logic out of main() [10:59:08] I had a feeling you wouldn't like it, it's just an initial idea and I'm no python expert! [10:59:41] for error handling and checking if the stuff actually works I wouldn't know [10:59:45] @reception123 most of it isn't awful [11:00:13] I would rather split execute salt command in 2 [11:00:47] I don't like logic and command execution in the same function [11:02:09] You also miss the drop [11:02:49] But I would have execute catch CalledProccessError and then reraise with sys.exit(1) [11:03:21] Also it should be 2 blank lines not 1 between functions [11:03:58] @reception123 can you put in the puppet/mediawiki/cookbooks for now [11:04:02] Even though it isn't [11:04:06] So CI runs [11:04:14] As a PR [11:04:26] And I'll PR some improvements [11:04:32] sure [11:05:28] https://github.com/miraheze/puppet/pull/3584 [11:16:23] @reception123 I made it pass CI. Now to add my reviews which I mostly do myself this afternoon. [11:17:03] @reception123 merge https://github.com/miraheze/puppet/pull/3585 into yours for now [11:17:16] I'll do a second for my personal opinions [11:21:45] Thanks! [11:22:17] If you merge my CI fixes, I'll add a review of my personal dislikes [11:30:00] @reception123 https://github.com/miraheze/puppet/pull/3584#discussion_r1442765895 [11:30:06] You can answer that [11:30:13] Shouldn't it be a mysql at the start [11:30:59] Also you could do cw_wikis.mhglobal I think [11:30:59] To avoid the USE [11:31:20] it'd be mhglobal.cw_wikis but yeah good point [11:31:52] You also need a mysql -e at the start I think [11:32:04] I can do that when I set it up [11:32:08] oh did I miss that somewhere? [11:32:10] but yeah, you do [11:32:21] On the same one [11:32:33] In get_db_cluster [11:32:58] I may pull get_db_cluster into get_db_cluster and get_db_cluster_salt_command [11:34:49] @reception123 in terms of code, it's not too bad [11:35:03] It's mainly me being fussy over typing and minimal functions [11:35:21] yeah I mean it's not the hardest operation either, it's just a few simple commands [11:35:35] _wonders why he never tried to do this years ago and spent all that time doing things manually_ [11:35:42] It's a bloody risky one though [11:35:55] Although I don't think you include the drop command [11:36:11] yeah that's on purpose for now, drop is scary [11:36:18] Thought so [11:36:19] at least without drop there's little risk [11:36:37] I can just do it manually at the start and then we'll see what we can do [11:37:18] Might be nice to test it out soon since wikibackups are almost done so if something goes wrong now would be the least worse time [11:43:16] I will add a thing that tells you the command [11:43:27] And a continue/skip/abort function [11:43:35] For when you wanna test the script [11:47:15] yeah that'd be good, thanks! [12:32:32] This has been fixed btw, the `mh:` interwiki got identified as interlanguage links and added to the sidebar. [12:34:39] On a related note, I could finally remove the support for the `mh:` prefix from @Wiki-Bot 🙂 [12:42:06] @reception123 could https://github.com/miraheze/mediawiki/commit/69e2cd60bca448d6ac0cbe1f826090e2825a94fa be pulled into our REL1_40 [12:48:09] yeah I can look later [14:19:50] What y’all doing with python? <:nomChocoStrawberry:938647184973365318> [14:22:36] oh nothing much, just creating a script to have 1 thing to run instead of 6 for a wiki rename [15:08:16] Got it [17:10:46] What’s the difference between salt and puppet, I know we use puppet for most of config stuff but also saw the scrip used salt ssh <:ThinkerMH:912930078646730792> [17:17:03] salt allows you to execute commands on other servers [18:21:02] Why not just use normal SSH? [18:22:49] it's convenient but it's biggest use case is that it lets you execute things on multiple servers at once [18:23:21] so if I want to update packages on all mediawiki servers, I could target the command `apt update && apt upgrade` to `mw*` [18:24:50] Makes sense [18:28:31] @agentisai and watch it upgrade nginx crash and break the farm [18:28:59] it's interesting how stuff likes to break when done in bulk [18:29:14] like when Reception upgraded all MySQL servers and stuff broke [18:29:36] Ye [18:29:48] Don't run apt upgrade -y on all servers at once [18:29:58] It's slightly less evil than dist-upgrade [18:30:13] But you're asking for it to include something that wipes the farm offline @agentisai [18:30:52] I would do no more than 1/3rd at once [18:51:20] I created a bash script for this that only updates all security packages triggering icinga on all servers using a script on puppet that uses salt and you have to confirm with the enter key and shows a list of packages it will upgrade and automatically logs using logsalmsg for each also. [18:54:27] [1/26] ```bash [18:54:27] [2/26] #!/bin/bash [18:54:27] [3/26] # Get a list of target servers [18:54:28] [4/26] servers=$(sudo salt-ssh -E '.*' test.ping --out=json | jq -r 'keys[]') [18:54:28] [5/26] # Loop through the servers and execute the upgrade command [18:54:28] [6/26] for server in $servers; do [18:54:29] [7/26] hostname=$(echo $server | awk -F '.' '{print $1}') [18:54:29] [8/26] echo "Upgrading packages on $hostname" [18:54:29] [9/26] packages=$(sudo salt-ssh "$server" cmd.run 'apt-get -s dist-upgrade | grep "^Inst" | grep -i securi | grep -v "linux-image" | awk -F " " {"print $2"}' | awk '{printf "%s ", $2}') [18:54:29] [10/26] if [ -z "${packages//[[:space:]]}" ]; then [18:54:30] [11/26] echo "No packages to upgrade on $hostname" [18:54:30] [12/26] else [18:54:30] [13/26] # Create formatted list [18:54:31] [14/26] packages_list=$(echo $packages | sed 's/ /, /g') [18:54:31] [15/26] packages_count=$(echo $packages | wc -w) [18:54:32] [16/26] if [ $packages_count -gt 1 ]; then [18:54:32] [17/26] last_package=$(echo $packages_list | awk '{print $NF}') [18:54:33] [18/26] packages_list=$(echo $packages_list | sed 's/ '$last_package'$/ and '$last_package'/') [18:54:33] [19/26] fi [18:54:34] [20/26] read -p "Upgrading packages $packages_list on $hostname; press enter to confirm..." [18:54:34] [21/26] sudo salt-ssh "$server" cmd.run "apt-get install --only-upgrade $packages" [18:54:35] [22/26] # Log the upgrade message [18:54:35] [23/26] logsalmsg "Upgraded packages $packages_list on $hostname" [18:54:36] [24/26] fi [18:54:36] [25/26] done [18:54:37] [26/26] ``` [18:57:17] @cosmicalpha is that doing it one by one [18:57:23] yes [18:57:27] That's good [18:58:21] But yeah it excludes linux-image (kernal upgrades), and only targets security upgrades causing icinga to warn. [18:59:42] Perfect [20:57:32] @rhinosf1 I think I found our first test subject for the new script! https://phabricator.miraheze.org/T11625 [20:58:52] heh that was such a mess. I thought I was inncoently upgrading critical packages and everything blew up instead [20:59:58] Yep that is actually the whole reason I created that upgrade bash script so it doesn't happen again... [21:06:56] I don't think I'll be doing an upgrade any time soon after that traumatic experience 😄 [21:07:11] when the intern DROPs prob [21:07:32] @reception123 I guess I'll do my fixes then [21:08:07] Feel free to use my script it has like a 1% chance of anything going wrong. [21:08:09] take your time, it's no rush really [21:08:25] Eh I'll forget if I don't [23:04:32] anyone have a sample config for MirahezeLogbot/ [23:04:42] curious what It looks like [23:04:49] Puppet [23:05:03] Anything to do with logbot is in puppet [23:05:37] Possibly https://github.com/miraheze/puppet/blob/master/modules/irc/templates/logbot/config.py [23:06:09] aaaaah there it is, it looked like every folder had that so I thought it was puppet boiler plate [23:06:17] not familiar with the system [23:06:46] ..why do we need twitter api keys [23:07:55] We don't [23:08:20] You can tell who originally wrote that from the fact it says nova resource [23:09:55] And they did broadcast SAL to Twitter until well Elon [23:15:49] huh, this is the production configuration right? https://github.com/miraheze/puppet/blob/f8e58265841e8cd573b03b0545dfdece08403c71/modules/irc/templates/logbot/config.py#L114 [23:20:05] Yes [23:21:01] so anyone can run !log. huh [23:26:29] There was an attempt to restrict who can use it in the past but it was shot down by previous management [23:28:05] makes my job easier [23:33:21] !log test yadda yadda [23:34:06] Wrong channel [23:34:45] i did it here so it didnt log, just wanted to see what it looks like on IRC side so I can make something to extract the log message [23:35:03] was thinking of using regex but if anyone has other ideas im open [23:41:41] [1/2] that seems to work for discord usernames [23:41:41] [2/2] https://cdn.discordapp.com/attachments/1006789349498699827/1192976243562385578/mySn61f.png?ex=65ab08b4&is=659893b4&hm=5ab09ea720b72bd4602c007ab287ea4e588e48aa7984672ad542555d3fea706d& [23:42:54] Yeah I did something that restricted it before but it was decided against I guess... [23:43:47] I ain't complaining, expanding the logic to discord accounts as well would be a minor inconvenience [23:44:35] hello mr void [23:50:16] assuming theres no issue with hard coding Relay's `~MirahezeR@miraheze/bot/MirahezeRelay` source into the logic?