[02:03:51] !log wikisp Mars instance, destroyed. Per T286695 [02:03:54] Logged the message at https://wikitech.wikimedia.org/wiki/Nova_Resource:Wikisp/SAL [02:03:54] T286695: Request creation of wikisp VPS project - https://phabricator.wikimedia.org/T286695 [02:04:47] andrewbogott, done. I'm in trouble with moodle and puppet on the other instance and I did nothing in that vm, so it is of no interest at all [02:05:13] great, that's easy :) [02:05:40] I'd like to test without puppet and saw changes [16:21:26] hi all, I have a question about Puppet configuration. I would like to change in the `/etc/ssh/sshd_config` the `AuthorizedKeysFile` configuration to add `%h/.ssh/authorized_keys`. [16:21:37] I see there is this Puppet class here: https://gerrit.wikimedia.org/g/operations/puppet/+/refs/heads/production/modules/ssh/manifests/server.pp#19 [16:25:28] to change it I should go under Puppet in horizon: https://i.imgur.com/RplwgsB.png [16:27:19] would this code work? https://pastebin.com/raw/x269tNGJ [16:40:53] CristianCantoro: I have a couple of thoughts: [16:41:12] 1) you can only have one instance of a class applied to a host, so adding that class might or might not work depending on if it's already defined elsewhere for VMs [16:41:45] 2) What problem are you hoping to solve? If it's just extending access to more users or supporting additional public keys there's existing ready-made infra for that [16:44:03] andrewbogott: I am trying to add a way so that I am able to SSH from one VPS to another withing the same project [16:45:19] and you're setting up a specific/restricted key that's used only for that? [16:45:42] I have created a new ssh key added to both servers' `~/.ssh` and the public keys to `~/.ssh/authorized_keys` and I would like to be able to do `ssh serverB` from `serverA` and vice-versa [16:47:33] I tried to create `/etc/ssh/userkeys/critiancantoro` with the pubkey in it, but it gets delete periodically... the same as `/etc/ssh/sshd_config` which gets reverted automatically (IIRC every 5 mins or so) [16:47:36] Is that for file transfer or rpc or what? [16:47:58] yes, `scp` or `rsync` [16:48:15] at least, for now I don't really have in mind any other use cases [16:48:49] ok -- I think we have puppet classes to set up a trival rsync server between hosts, I can look for that if you're interested [16:50:41] uhm ok.. but I never really used rsyncd and the like, is this what you referring to? [16:51:29] yeah [16:52:42] I'm generally wary about having private keys sitting on VMs, although if it's for this restricted use within a project it doesn't seem super dangerous [16:55:09] rsync::quickdatacopy might be useful (or might not depending) [17:00:22] so, let me understand, if there is a rsync daemon when I issue rsync commands to that server they will be handled by the daemon and then I think it is just a metter aof configuring it in a way that only the two (or N) servers in the project can talk to the rsync daemon, right? [17:00:44] but do I need an instance of the daemon running on eahc machine? [17:10:34] ok, I have to go... thanks for the help! [18:44:29] !log tools.wikibugs Updated channels.yaml to: 27dded8e480c386b4103d4293504eb074e2124a6 channels: include toolforge milestones [18:44:32] Logged the message at https://wikitech.wikimedia.org/wiki/Nova_Resource:Tools.wikibugs/SAL [18:57:12] !log admin raising toolsbeta ram/core/instances quotas so majavah can experiment with bullseye [18:57:15] Logged the message at https://wikitech.wikimedia.org/wiki/Nova_Resource:Admin/SAL [19:03:46] !log tools.wikibugs Updated channels.yaml to: b04aee9d486d7f4f161e1be8ad13179dae52324e Fix Wikisource tag names [19:03:49] Logged the message at https://wikitech.wikimedia.org/wiki/Nova_Resource:Tools.wikibugs/SAL