[03:45:52] guys, what's the root of problem w/ outdated stats after dump import? [03:55:07] initSiteStats.php needing run [03:55:52] phab task or can request here? [03:56:47] which wiki? I'll run now [03:58:05] @mrrist what's your wiki? [04:37:30] Please ping me when replying to this so I see it. [06:48:37] I can now confirm that all SSL requests will now go through RequestSSL! [06:50:00] no more phab tasks for custom domains? [06:51:04] nope! [06:51:22] it's still not going to be automatic yet but it's going to be like ImportDump, just one command to run for SRE [06:51:32] (well, if using NS servers, a bit more than that but that's a work in progress) [06:51:53] gotta update custom domains page then? [06:53:03] already done! [06:53:24] yay [06:53:37] and I was wrong yesterday it seems. https://issue-tracker.miraheze.org/T11852 will be the final LE SSL requested on phorge [06:53:51] and speaking of that I also used a script to rename the phab page to phorge on meta [10:02:48] @bluemoon0332 thoughts on this method? If you don't object I can probably implement something tomorrow unless you want to? [13:08:56] https://lostmediaru.miraheze.org/wiki/%D0%97%D0%B0%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F_%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0 [13:10:00] @cosmicalpha ^ [15:21:12] why is Codex so confusing. _Internal scream) [17:38:36] I plan on doing that, but not on the extension itself @cosmicalpha [18:07:03] it's always fun when I play around w/ my debian vm [18:07:12] cause I'm used to using apk [18:07:48] so I always do apt add, making a hybrid of Alpine Linux's apk and Debian's APT [18:24:48] personally I think it should be in the extension itself using configs for what to check, whether Miraheze or not, domains have to be pointed somewhere. [18:28:08] you kicked the script? [18:29:03] will fo that in 30 minutes [18:31:50] I want to avoid that mostly because in some setups you may know that the domain is pointed via the surrounding context, so to speak [18:32:10] That can be a configuration though. [18:32:37] Having checks isn't necessarily Miraheze-specific [18:32:40] for example, a sysadmin may know that all subdomains under *.myorg.internal.com are pointed, and thus they may not need to do any DNS queries [18:33:49] then I would like to see how that may look like [18:37:09] IE `if ( $wgRequestSSLDNSChecks ) { if ( array_intersect( $wgRequestSSLDNSChecks['NS'] ?? [], array_column( dns_get_record( $domain, DNS_NS ), 'target' ) ) ) { //some CNAME, A, AAAA checks support, etc... } ` (this is probably completely wrong code but gives the idea I mean) [18:39:16] I can write a working function that is purely a PoC and you can decide how you want to implement if you'd like @bluemoon0332 ? [18:40:05] yeah that'd be cool [18:47:41] [1/19] ``` [18:47:42] [2/19] "RequestSSLDNSChecksExemptedDomains": { [18:47:42] [3/19] "default": [ [18:47:42] [4/19] "internal.myorg" [18:47:43] [5/19] ], [18:47:43] [6/19] "description": "Exempts all subdomains under this domain from DNS checks. Marks them as pointed automatically", [18:47:43] [7/19] }, [18:47:44] [8/19] "RequestSSLDNSChecksAuthoritativeNameservers": { [18:47:44] [9/19] "default": [ [18:47:44] [10/19] "ns1.miraheze.org", [18:47:45] [11/19] "ns2.miraheze.org" [18:47:45] [12/19] ], [18:47:45] [13/19] "description": "When checking DNS records, mark the domain as pointed if it has ALL of these as the authoritative nameserver" [18:47:46] [14/19] }, [18:47:46] [15/19] "RequestSSLDNSChecksCNAME": { [18:47:47] [16/19] "default": "mw-lb.miraheze.org." [18:47:47] [17/19] "description": "when checking DNS records, mark the domain as pointed if it has this CNAME record" [18:47:48] [18/19] } [18:47:48] [19/19] ``` [18:47:49] also kind of digging this rn ngl [18:53:27] @cosmicalpha can you check load on db151? [18:54:50] looking [18:54:54] @cosmicalpha there's been a huge jump in active connections [18:55:02] I can't ssh in [18:55:05] 134 -> 243 [18:55:18] @cosmicalpha it's alerting in icinga as dodgy [18:55:24] Not sure whether best to reboot [18:55:41] After putting wikis in RO on it [18:55:52] I may have to from proxmox as I can't ssh in [18:56:12] @cosmicalpha put c1 in RO then first [18:56:18] Something isn't right [18:56:25] In last 20 minutes [18:59:09] Placed in read only [19:01:38] @cosmicalpha clear to reboot then I'd say [19:01:52] I am trying to reboot from cloud15 but it just sticks [19:02:14] @cosmicalpha use the power plug reboot option [19:02:21] Not the soft nicely reboot one [19:02:50] There's 2 options I think [19:03:08] One that is a nicely please reboot in a safe manner [19:03:28] One that is a reboot now you pain [19:04:07] okay it's back [19:04:21] I will remove from read only [19:05:07] @cosmicalpha make sure database is happy first [19:05:22] seems to be [19:05:52] @cosmicalpha can you check what current connections count is first [19:05:57] Grafana is being slow to report [19:06:06] Should be around 130 [19:06:50] If it is then let's unlock and see if it's recovered [19:06:59] it shows 3 [19:07:09] @cosmicalpha take out of RO then [19:07:14] Let's see what happens [19:07:22] We can check slowlog and stuff after [19:14:35] @reception123 if the normal ScratchBlocks extension is removed want me to also update [[Extensions]]? [19:14:36]

[19:16:48] Also seems to be mentioned we use it on [[mw:Extension:ScratchBlocks]] [19:16:49]

[20:04:46] How's it going in there [20:06:11] Sorry had to take care of another issue, I'll do now [20:49:26] Okey, I am waiting