and a favicon 2022-10-25T22:29:30 <hellcp> (I just mean that it can't load any of its assets) 2022-10-25T22:30:26 <cboltz> indeed, lots of 404s 2022-10-25T22:30:52 <cboltz> but that should be fixable with more ProxyPass lines 2022-10-25T22:32:35 <cboltz> acidsys: the CI is much faster if test_nginx and test_sudo don't run in parallel - cancel one of them, and restart it when the other has finished. Not nice, completely annoying - but at least it works and avoids hitting the 1h timeout 2022-10-25T22:34:34 <hellcp> https://forums.opensuse.org/new looks good, huh? >:D 2022-10-25T22:35:30 <acidsys> cboltz: alright, thanks for the tip 2022-10-25T22:36:55 <acidsys> hellcp: neat job so far 2022-10-25T22:37:11 <hellcp> slowly but surely 2022-10-25T22:37:28 <cboltz> you don't generate your ProxyPass lines with a for loop? ;-) 2022-10-25T22:39:19 <acidsys> mod_macro .. :x 2022-10-25T22:40:19 <cboltz> the last time I've seen that used, I got headache before I understood what's going on ;-) 2022-10-25T22:40:34 <acidsys> hah 2022-10-25T22:40:50 <cboltz> {% for ... %} in the salt template is probably a better choice 2022-10-25T22:41:01 <acidsys> likely more efficient as well 2022-10-25T22:41:48 <hellcp> I am doing that, but I also took it a url at a time 2022-10-25T22:41:53 <hellcp> and it seems it's not all roses 2022-10-25T22:42:09 <hellcp> json files and images aren't proxied? 2022-10-25T22:43:25 <hellcp> oof, actually, images are an issue 2022-10-25T22:43:38 <hellcp> we don't need those anyway 2022-10-25T22:43:52 <hellcp> it looks like vb uses that path 2022-10-25T22:45:26 <cboltz> oh, if vb and discourse use the same path, that's "great"... 2022-10-25T22:49:11 <hellcp> I managed to log in 2022-10-25T22:49:15 <hellcp> that's progress 2022-10-25T22:58:09 <hellcp> https://forums.opensuse.org/categories ayyy 2022-10-25T22:59:08 <hellcp> the only issue now is login, since it depends on discourse.opensuse.org 2022-10-25T22:59:57 <Fraser_Bell> hellcp: Just followed https://forums.opensuse.org/ and I am looking at discourse. 2022-10-25T23:00:14 <hellcp> huh 2022-10-25T23:01:12 <hellcp> if you did it from discourse itself, that's just js trickery 2022-10-25T23:02:12 <Fraser_Bell> No, I just did that by typing it in the URL line in Firefox. Doesn't accept the openSUSE login, though, but there it is. 2022-10-25T23:03:27 <hellcp> that doesn't seem correct 2022-10-25T23:04:36 <Fraser_Bell> hellcp: At top left, if I click "openSUSE Forums", I get: 2022-10-25T23:04:40 <Fraser_Bell> "Oops! That page doesn’t exist or is private." 2022-10-25T23:05:28 <Fraser_Bell> Okay, hellcp, going to start a fresh Firefox and type: https://forums.opensuse.org/ 2022-10-25T23:05:36 <hellcp> yeah, that's what it should say 2022-10-25T23:06:17 <Fraser_Bell> hellcp: Okay, this time I am at the old forums. Don't know why that happened the other time. 2022-10-25T23:06:30 <hellcp> me neither, concerning 2022-10-25T23:06:44 <acidsys> why does narwal4 have third party dns servers in /etc/resolv.conf ? 2022-10-25T23:07:20 <Fraser_Bell> hellcp: Yes, concerning, especially since I did exactly the same thing twice, with different consequences. 2022-10-25T23:08:16 <hellcp> and I can't reproduce it 2022-10-25T23:10:26 <Fraser_Bell> hellcp: Okay, confuses the heck out of me. I closed Firefox (my cookies and history self-destruct) and opened again a few times, cannot reproduce it. 2022-10-25T23:10:44 <cboltz> acidsys: no idea, I can only _guess_ that maybe provo-ns wasn't ready or good enough when it was set up 2022-10-25T23:11:10 <acidsys> it must be not ready, because the internal 192.168.67.1 one does not resolve minnie 2022-10-25T23:11:30 <acidsys> which makes it rather useless 2022-10-25T23:12:19 <cboltz> 1.67.168.192.in-addr.arpa domain name pointer provo-proxy.infra.opensuse.org. 2022-10-25T23:12:27 <Fraser_Bell> hellcp: Sorry, that is if I type in https://forums.opensuse.org/categories 2022-10-25T23:12:43 <cboltz> (queried from my laptop, maybe I have a better DNS config than minnie? ;-) 2022-10-25T23:12:57 <acidsys> ye found that as well, but not sure what that is 2022-10-25T23:13:05 <acidsys> because I cannot access it with my account 2022-10-25T23:14:31 <acidsys> ah I understand now how provo "works" 2022-10-25T23:14:50 <acidsys> they apparently just put minnie in /etc/hosts for salt to work. great 2022-10-25T23:14:53 <hellcp> Fraser_Bell: yeah, that should be discourse 2022-10-25T23:15:50 <Fraser_Bell> hellcp: From there, I can view the posts, still in discourse. 2022-10-25T23:16:44 <hellcp> yeah, that's intended 2022-10-25T23:17:08 <hellcp> it's basically trying to make the both forums coexist on the same domain rn 2022-10-25T23:17:19 <hellcp> makes migration a bit easier 2022-10-25T23:17:38 <Fraser_Bell> Okay. Plus, though, cannot log in. I think you are aware of that, though, from above. Long as you know what is going on, sorry for the red herring. 2022-10-25T23:18:15 <hellcp> no worries 2022-10-25T23:18:38 <hellcp> acidsys: I assume you don't have access to the ipsilon admin panel? 2022-10-25T23:19:16 <acidsys> hellcp: I do :) 2022-10-25T23:20:12 <hellcp> for discourse.opensuse.org openid client, would you change callback url to forums.opensuse.org/idkwhatthecallbackis? 2022-10-25T23:20:23 <hellcp> openidc, not openid 2022-10-25T23:20:49 <hellcp> (the idkwhatthecallbackis part should remain the same as it was previously, I just don't remember it) 2022-10-25T23:30:19 <acidsys> sad, I was about to make it literally idkwhatthecallbackis :) 2022-10-25T23:30:43 <Fraser_Bell> acidsys: :-P 2022-10-25T23:31:10 <acidsys> changed to https://forums.opensuse.org/auth/oidc/callback 2022-10-25T23:31:23 <acidsys> hellcp ^ 2022-10-25T23:32:44 <acidsys> also, after hours of waiting the pipeline for your new vm is finally through, can you merge it so I can apply the state?

2022-10-25T06:40:03 acidsys: dns isn't done in freeipa anymore 2022-10-25T06:40:31 It is on chip.infra.o.o with pdns 2022-10-25T06:41:31 I still need to migrate our freeipa instance 2022-10-25T06:42:05 the issue is that it has the potential to take out all access to the rest of the infra 2022-10-25T07:11:47 hellcp bmwiedemann[m] according to powerdns infra.opensuse.org is delegated to freeipa 2022-10-25T07:12:21 and I cannot find any *.infra names in the opensuse.org zone in powerdns 2022-10-25T08:13:54 *** teepee_ is now known as teepee 2022-10-25T08:43:47 acidsys: yep, and there is no separate infra.o.o zone either. 2022-10-25T08:55:26 acidsys: It looks like we have named running and anna and elsa. anna slaves infra.o.o from chip. 2022-10-25T08:56:26 acidsys: and chip DOES have infra.opensuse.org, I don't know how I overlooked it 2022-10-25T08:58:05 interesting, so why does it have a record infra.opensuse.org NS freeipa.infra.opensuse.org 2022-10-25T08:58:12 in the opensuse.org zone 2022-10-25T08:58:58 and where did you find the infra.opensuse.org zone ? I use `pdnsutil list-all-zones` 2022-10-25T08:58:59 i dont understand that either 2022-10-25T08:59:30 list-all-zones does list it 2022-10-25T09:00:21 ah right, there it is indeed 2022-10-25T15:24:54 *** teepee_ is now known as teepee 2022-10-25T17:53:24 pjessen: mx3 hostname == mx3 ? 2022-10-25T17:59:48 I have a suspicion that if I don't set up jenkins it's just not gonna end up set up at all 2022-10-25T17:59:55 I should do it 2022-10-25T18:02:01 LCP0968[m]: if I can be of help with something .. happy to 2022-10-25T18:03:53 I have so many questions I don't know where to begin 2022-10-25T18:06:25 my Q is what do we want Jenkins for :D 2022-10-25T18:06:51 code.opensuse.org 2022-10-25T18:06:58 and to replace our gitlab entirely 2022-10-25T18:07:10 get rid of it completely, who needs it 2022-10-25T18:07:37 ahh nice 2022-10-25T18:07:59 is that why some repos are the same in both? 2022-10-25T18:08:03 I guess the first question is if there's a SUSE salt repo that has something to setup jenkins ;-) I remember one was even mentioned on our jenkins VM, but didn't contain anything relevant. Are there other SUSE salt repos that might contain something? ;-) 2022-10-25T18:09:47 ah I remember you asked about one obscure repository there once .. hmm 2022-10-25T18:10:47 my guess is that it might have moved to another location since the note about it was added 2022-10-25T18:11:02 I guess bmwiedemann[m] would know 2022-10-25T18:12:41 different question: do you still need/want access for DNS management in FreeIPA, or are the zones you are looking for on chip? 2022-10-25T18:13:11 I guess they're on chip then, but can you explain that NS record pointing to freeipa.infra.o.o ? :p 2022-10-25T18:13:29 that's easy: historical reasons 2022-10-25T18:13:45 the zones were moved to chip, but nobody updated the NS record 2022-10-25T18:14:53 ok then I guess I am good 2022-10-25T18:15:01 I mean, actually, I am fairly sure openqa is broken because of that ns record when you are logged into the vpn 2022-10-25T18:15:27 which is amazing, that's like the only service that breaks when under vpn 2022-10-25T18:16:13 I have a good question, should we set up freeipa server on one of the openSUSE distros, since we do technically have a package now 2022-10-25T18:16:29 we could skip migration to centos entirely 2022-10-25T18:17:06 I'd love that 2022-10-25T18:17:12 not that I wanna migrate to anything before I have somebody in front of the server ready to unfuck what I did >:D 2022-10-25T18:17:43 it's always entertaining to tell people that parts of the openSUSE infrastructure run on Fedora ;-) so I'd loose a fun fact 2022-10-25T18:17:44 we should also have at least two freeipa servers, like we do now 2022-10-25T18:17:46 but I won't stop you 2022-10-25T18:17:50 LCP0968[m]: in front of == console ? 2022-10-25T18:18:18 that works, what matters is that when I touch freeipa, vpn breaks after some time 2022-10-25T18:18:32 so somebody needs to have access to a layer above 2022-10-25T18:18:53 preferably just restore freeipa to previous state or whatever 2022-10-25T18:20:27 cool I can help with that 2022-10-25T18:20:33 and I have done it before, so I clearly am not afraid of touching fire 2022-10-25T18:22:54 yeah, I will have a look at how we stand with freeipa again, since the fixes are fairly recent 2022-10-25T18:23:16 and I haven't participated in the latest batch 2022-10-25T18:24:29 https://build.opensuse.org/package/show/security:idm/freeipa#comment-1687343 I also need to do this 2022-10-25T18:25:21 do we still have the vm that was designated for freeipa on openSUSE? 2022-10-25T18:27:03 no, it was removed 2022-10-25T18:27:12 that's fine, though we may need a new vm then 2022-10-25T18:27:58 there is freeipa.infra.o.o fedora-freeipa.infra.o. and freeipa2.infra.o.o 2022-10-25T18:28:16 it was called identification.i.o.o 2022-10-25T18:28:33 fedora freeipa is clearly not it 2022-10-25T18:28:38 that's there as well :) 2022-10-25T18:28:47 freeipa is the old fedora freeipa 2022-10-25T18:28:48 and freeipa2 is centos 2022-10-25T18:29:15 we could use the authentification machine I guess, I do not remember what was installed there 2022-10-25T18:29:36 actually, funny story, I found a post from boosters from forever ago that mention using openid instead of ichain everywhere 2022-10-25T18:29:37 funny funny stuff 2022-10-25T18:29:43 that's going splendidly this far 2022-10-25T18:31:07 you mean identification machine with authentication ? 2022-10-25T18:31:49 in racktables it says centos 7 but that does not have to be anywhere near accurate .. I guess I could boot it without network to find out 2022-10-25T18:34:35 oh, maybe it was centos after all 2022-10-25T18:35:01 that is weird tho, what was the planned machine for openSUSE based auth then 2022-10-25T18:35:55 afaik fedora-centos was set up specifically for that, since we wouldn't have been able to use leap 2022-10-25T18:39:55 GRUB offers me Leap 15.4 :) 2022-10-25T18:41:03 but [DEPEND] Dependency failed for drac…additional cmdline parameters. 2022-10-25T18:41:41 guess if it's old best to reinstall anyways? otherwise I can try to fix it 2022-10-25T18:44:23 ah recovery mode works 2022-10-25T18:44:55 yeah, I don't really care enough about it 2022-10-25T18:45:09 it's not like anything of value was lost there 2022-10-25T18:45:58 could you set up 2 machines right away? I would set up one of them and then set up redundancy with the second one 2022-10-25T18:46:21 although, it's not really much of a rush considering the schedule up to this point 2022-10-25T18:47:33 I think lars offered to help with that migration in october or november during one of the last heroes meetings he was at, and look where we are now 😛 2022-10-25T18:47:57 2 new ones or including this identification.i.o.o reinstall? 2022-10-25T18:48:12 because I would like to take a backup of the latter first .. not that anyone complains afterwards :D 2022-10-25T18:51:50 1 new one after reinstall 2022-10-25T18:52:08 we don't need that much redundancy 2022-10-25T18:53:05 I will need to figure out which files to put into salt tbh 2022-10-25T18:53:05 freeipa is a bit complex 2022-10-25T18:53:10 maybe I could make a filesystem diff somehow 2022-10-25T18:54:51 not sure if it's still maintained, but http://machinery-project.org/ might be useful 2022-10-25T18:57:08 acidsys: yeah, i expect it'll be mx3 and mx4 2022-10-25T18:57:09 hellcp: if you don't mind to make a poo with the specs for it, I can do it 2022-10-25T18:58:12 hm, can you replicate the config for the existing one? 2022-10-25T18:58:19 I don't even remember what that one has 2022-10-25T18:58:26 I haven't been allocated any vms yet. 2022-10-25T18:58:36 sure just write use same specs as identification.i.o.o 2022-10-25T18:58:58 gotcha 2022-10-25T18:59:55 ehh 2022-10-25T19:03:40 where do we build the leap image? 2022-10-25T19:03:58 like the infra one 2022-10-25T19:04:00 it's in one of the infrastructure repos on build.o.o 2022-10-25T19:04:16 the newest I find is openSUSE:infrastructure:Images:openSUSE_Leap_15.3 2022-10-25T19:04:31 https://build.opensuse.org/project/show/openSUSE:infrastructure:Images:15.4 2022-10-25T19:04:34 ohh without openSUSE_Leap_ .. thanks :) 2022-10-25T19:13:36 oh also pjessen ok, thanks for confirming 2022-10-25T19:18:34 acidsys: gern gesceh 2022-10-25T19:32:46 I need to set up redirects for the forums from old to new 2022-10-25T19:46:19 hellcp: for poo#119092 - are all the paths directories (or directory-like) so that the redirect can check (for example) for /assets/ instead of just /assets ? 2022-10-25T19:48:10 fairly sure that's fine 2022-10-25T19:48:20 well, most of them 2022-10-25T19:48:43 I think for /new for example it won't work 2022-10-25T19:50:16 but as I think I said in that issue, worth testing all of that live 2022-10-25T20:09:32 hmm, the fact that forums.o.o is behind login2.o.o makes things more interesting[tm] 2022-10-25T20:09:46 yeah, I thought that would be a problem 2022-10-25T20:10:10 my "usual" haproxy config for directory-specific backends doesn't work - actually I'm not even sure if login2 routes the traffic through haproxy or directly to the forums 2022-10-25T20:10:18 I really hope we manage to get rid of login proxies at some point 2022-10-25T20:10:54 openidc everything 2022-10-25T20:11:04 or saml :) 2022-10-25T20:11:16 saml is pretty old by this point though 2022-10-25T20:11:34 but established 2022-10-25T20:11:37 I just wish our openidc was providing all the metadata we needed 2022-10-25T20:12:03 doesn't it have attributes mapping too? 2022-10-25T20:12:06 I mean, saml is provided by the same thing in our case, so 2022-10-25T20:12:07 it truly does not matter 2022-10-25T20:12:14 ye 2022-10-25T20:12:34 openidc is missing some metadata in the responses 2022-10-25T20:12:52 ah but is that a limitation of openid or our provider 2022-10-25T20:13:06 https://progress.opensuse.org/issues/112466#note-5 2022-10-25T20:13:21 it's something with our provider more than likely 2022-10-25T20:13:27 I don't hate the login proxy that much (actually it's quite easy to use) - but knowing if it routes traffic through haproxy would be nice ;-) (acidsys: can you look up the config for forums.o.o on daffy1.i.o.o please?) 2022-10-25T20:13:28 because it should work >:D 2022-10-25T20:14:25 I don't really see the need to have this many essentially proxies in front of our services 2022-10-25T20:14:38 cas is simple though, for sure 2022-10-25T20:14:42 (in worst case we should be able to do proxying on the vbulletin machine ;-) 2022-10-25T20:14:59 well, at least it's not the connect machine 2022-10-25T20:15:08 which was using lighttpd 2022-10-25T20:15:18 I still have nightmares about configuring that one 2022-10-25T20:16:00 I guess there's more than one reason to have nightmares about connect ;-) 2022-10-25T20:16:08 at the very least we got rid of boosters for good though >:D 2022-10-25T20:16:44 though that redirect doesn't work anymore 2022-10-25T20:17:02 which is a shame, it would be good to point at the tsp machine 2022-10-25T20:17:24 I also need to update tsp software wise 2022-10-25T20:17:53 it's really old stuff 2022-10-25T20:17:54 and what I got hanged up when last trying were tests 2022-10-25T20:18:02 which were not working right 2022-10-25T20:18:11 the redirect sounds fixable - which redirect do you miss/want? 2022-10-25T20:18:37 the old travel support one 2022-10-25T20:18:38 that was on connect 2022-10-25T20:20:34 https://web.archive.org/web/20180424150108/https://connect.opensuse.org/travel-support/ apparently it was /travel-support/ 2022-10-25T20:20:44 I really did not remember and had to look it up 2022-10-25T20:22:14 so you want a redirect connect.o.o/travel-support/ -> tsp.o.o? (Or is it too late for setting it up, since it's broken since like two years?) 2022-10-25T20:25:45 https://gitlab.infra.opensuse.org/infra/salt/-/merge_requests/585/diffs want to review, hellcp ? 2022-10-25T20:30:28 I'd prefer to keep the empty partners:[] and weburls: [] 2022-10-25T20:30:51 besides that, no objections from me - but I'm not hellcp ;-) 2022-10-25T20:31:08 more than happy to take on your feedback as well :) 2022-10-25T20:31:16 I have left my review 😛 2022-10-25T20:32:13 *** teepee_ is now known as teepee 2022-10-25T20:39:33 hellcp: thanks! I think most are related to the profile identification and not the machine though, or? 2022-10-25T20:39:43 the only part I want to remove is the postgres hba entries 2022-10-25T20:39:49 or will it need them again? 2022-10-25T20:40:19 ipsilon is deployed by SUSE IT on a machine we don't have access to 2022-10-25T20:40:42 that setup was meant to be a community one, but that never happened 2022-10-25T20:40:48 I know but how's it related? 2022-10-25T20:41:32 I guess I don't understand 2022-10-25T20:41:40 let me spend a minute trying to 2022-10-25T20:41:55 oh sorry, I was replying to your comment about removing files related to it 2022-10-25T20:42:11 yeah, I got that much 2022-10-25T20:42:20 but I don't know where postgres came into the picture 2022-10-25T20:42:43 also cboltz test_roles.py wants me to purge the ipsilon role because it's not assigned in any other pillar/id/*.sls files.. what do you think? 2022-10-25T20:43:02 hellcp: oh because upon searching for possible files, I found the pg_hba entries in the repository :-) 2022-10-25T20:43:04 in any case, profile and machine were related, since it was never deployed, it should be fine to remove that config 2022-10-25T20:43:12 gotcha 2022-10-25T20:43:33 I'm not surprised that test_roles.py complains ;-) 2022-10-25T20:43:48 I had the same problem at work today and I did not understand the rationale behind this test 2022-10-25T20:44:11 is it to keep the repo from "idling" roles? 2022-10-25T20:44:24 yes 2022-10-25T20:44:38 great .. so many old leftovers, but in the salt pipeline we need to keep everything clean :P 2022-10-25T20:44:39 (also from typo-ed roles, but that's a side effect) 2022-10-25T20:46:17 so do we really want to erase this role.. it seems .. useful .. 2022-10-25T20:46:38 it will remain in the git history 2022-10-25T20:46:57 I wrote that role, I give you permission to erase my work >:D 2022-10-25T20:47:35 haha well fair enough 2022-10-25T20:47:42 that being said, maybe it has clues on how to set up theming in ipsilon 2022-10-25T20:47:51 that I could relay to bernhard 2022-10-25T20:49:11 I wanted to look into what he mentioned about the admin page not working afterwards 2022-10-25T20:49:23 but I stopped when he told me there is no test setup .. :] 2022-10-25T20:49:52 setting up ipsilon for development is fairly easy 2022-10-25T20:50:20 well installing the program itself is one thing .. but it's not really supposed to be how it is in many aspects 2022-10-25T20:50:34 actually, I think identification.i.o.o had ipsilon set up 2022-10-25T20:50:47 so you could have used that >:D 2022-10-25T20:50:53 hah .. 2022-10-25T20:51:15 this was all so long ago 2022-10-25T20:51:22 and 2020 was a long year 2022-10-25T20:52:12 but yeah, I think that profile has the correct setup to get the themes working 2022-10-25T20:52:18 I could point bernhard at that 2022-10-25T20:52:28 compare notes a bit 2022-10-25T20:52:59 * acidsys secretly wishes we would use a keycloak cluster backed with 389ds 2022-10-25T20:53:07 you know, the worst part about this is that I was also the person that implemented theming in ipsilon 2022-10-25T20:53:21 so I of all people should know how it all comes together 2022-10-25T20:53:27 oh really :D 2022-10-25T20:53:54 but I think fedora infra people may know even better than me 2022-10-25T20:54:12 because they have a working deployment with that code 2022-10-25T20:54:57 I sometimes am surprised how much work I have done in open source and how varied it all has been over the years 2022-10-25T20:54:59 it's almost as if I find it fun 2022-10-25T20:56:29 oh I thought they used something other than ipsilon.. this noggin<->freeipa thingie 2022-10-25T20:56:40 almost! 2022-10-25T20:56:56 they do 2022-10-25T20:57:08 they use all 3 2022-10-25T20:57:22 ah authentication rodeo 2022-10-25T20:57:42 noggin is self service, ipsilon is external auth and freeipa is the backend of it all 2022-10-25T20:58:06 that was the setup I wanted for openSUSE too 2022-10-25T20:58:49 but alas, we didn't get there, because a) certification b) it's hard to get people on board 2022-10-25T20:59:00 interesting 2022-10-25T20:59:07 which certification? 2022-10-25T20:59:15 but we did have an actual plan for migrating all of the tooling, whereas SUSE IT left all of the openid things hanging 2022-10-25T20:59:27 :( 2022-10-25T20:59:34 oh idk, SUSE IT was saying they got their community accounts cerified 2022-10-25T21:00:12 ipsilon was deployed to fix the issues with openid not being a thing in the system they deployed tho 2022-10-25T21:00:23 I guess something with CC compliance and univention 2022-10-25T21:00:31 yeah, presumably 2022-10-25T21:00:32 hellcp: This honestly doesn't surprise me, when it comes to openSUSE infra.... 2022-10-25T21:00:45 it's always been sort of a mixed bag. 2022-10-25T21:01:00 well, if I was handling that I wouldn't have let that happen 2022-10-25T21:01:06 I've never directly been a SUSE customer, so I dunno if it's any better on that side of things or not. 2022-10-25T21:01:29 noggin is such a valuable resource for communities tbh 2022-10-25T21:01:43 the fact self service is half assed on the community accounts is a disgrace 2022-10-25T21:02:27 well, not just half assed, it's clearly designed to be a solution for companies with some HR people 2022-10-25T21:02:41 makes sense. 2022-10-25T21:03:06 univention calls their product for a reson "corporate server" 2022-10-25T21:03:11 noggin is a solution designed for open source communities, with solid self service 2022-10-25T21:03:28 and api that lets you find info you need about contributors to contact them if you need to 2022-10-25T21:03:53 you mean, like osc whois? ;-) 2022-10-25T21:04:18 osc whois doesn't apply to anybody that has not signed into obs 2022-10-25T21:04:25 openSUSE hasn't ever been great at that, in my experience. There might be tools that work for it, but they're not exactly well documented, that I've found. 2022-10-25T21:04:26 which some of our forums contributors have not for example 2022-10-25T21:04:32 why would they, they are on the forums 2022-10-25T21:04:45 (granted, lots of other Open Source projects/distros aren't any better.) 2022-10-25T21:05:38 not to mention, I know quite a few people with outdated info in obs because they haven't logged in in quite a while, so their account wasn't updated by idp 2022-10-25T21:07:53 https://www.univention.com/blog-en/2020/05/register-your-own-account-new-self-service-for-suse-and-ucs/ "Our developers _quickly_ implemented the new feature" ;P 2022-10-25T21:07:56 having that kind of stuff integrated well with the idp makes the most sense 2022-10-25T21:08:21 it shows 2022-10-25T21:10:12 I shouldn't be that hard on them, but like come on, noggin was written as a way to migrate away from the aging fas2, and you do this kind of a thing for a customer? 2022-10-25T21:10:50 maybe SUSE's not paying enough? 😛 2022-10-25T21:10:52 I suppose it's partially them and partially the requirements given 2022-10-25T21:11:14 but unfortunately all before my time 2022-10-25T21:11:46 it was during my time and I am salty that we were not consulted a single time about our requirements 2022-10-25T21:12:11 and that there was basically no research done on what our requirements might be 2022-10-25T21:12:58 I feel your pain .. and it honestly reflects other anti-OSS approaches in the history 2022-10-25T21:13:12 the openid thing required looking at openqa for a second to figure out that was something that is needed, and it involved people that were hired at SUSE too, so you didn't even have to look outside of the company 2022-10-25T21:13:41 acidsys: something something jira? 2022-10-25T21:14:06 ouch don't stab me that hard, I was thinking of light things such as no LibreOffice presentation templates :D 2022-10-25T21:14:28 I mean, I can't expect much, SUSE is okta, microsoft 365 and adobe through and through 2022-10-25T21:15:06 yes. it annoys me a lot but I have to be honest - I still extremely value being there 2022-10-25T21:15:12 it's a bit of a love/hate relationship :) 2022-10-25T21:15:23 heh. I'm gonna ask, and not in a way that means I expect anybody to have a direct answer, but is the interface on the openSUSE bugzilla ever going to get refreshed and or become less hideous? 2022-10-25T21:15:48 so the answer is yes and no 2022-10-25T21:16:02 * acidsys hides 2022-10-25T21:16:08 yes, bugzilla is being migrated as far as we know 2022-10-25T21:16:23 but no because bugzilla default theme is even uglier than the one we currently use 2022-10-25T21:16:23 It works, and I'm used to it at this point, but it isn't what I would call "good" or "user friendly" 2022-10-25T21:16:42 I would offer to help, but web developer, I ain't. 2022-10-25T21:16:51 bugzilla 6 would be amazing but it's not getting released anytime soon 2022-10-25T21:17:25 it's a huge step forward, that was kinda killed in its tracks by mozilla firing a lot of the bugzilla team that was doing that ux work 2022-10-25T21:17:34 you gotta love mozilla 2022-10-25T21:17:46 yeah, I figured. Better for them to be tossing more developers at features in firefox that nobody asked for. 2022-10-25T21:18:08 they're not even bad features, I just don't know who wanted them in the first place. 2022-10-25T21:18:46 bugzilla team right now is trying their best to release a new version of bugzilla this year 2022-10-25T21:19:45 they do have a new website https://www.bugzilla.org/ 2022-10-25T21:20:02 but yeah, development of this takes a lot of time, as expected 2022-10-25T21:20:23 well, their website doesn't make me want to gouge my eyes out. So I consider that a plus. 2022-10-25T21:20:23 o: 2022-10-25T21:20:40 it looked a lot worse like a week ago 2022-10-25T21:20:57 think i seen the website a week ago then 😛 2022-10-25T21:21:03 then it was like Mozilla.org design from 1999 2022-10-25T21:21:12 looked a lot different now 2022-10-25T21:21:34 https://web.archive.org/web/20221005232015/https://www.bugzilla.org/ 2022-10-25T21:21:35 my wife was actually shocked and horrified when she heard the project still used Bugzilla. 2022-10-25T21:21:50 bittin1049[m]: to be fair, it was 2006 or so 2022-10-25T21:22:11 fair enough 2022-10-25T21:22:42 the mozilla website from 1999 was beautiful 2022-10-25T21:23:10 https://web.archive.org/web/19990208014947/http://www.mozilla.org/ 2022-10-25T21:23:25 it's one of my favourites personally 2022-10-25T21:23:33 Yeah, I remember that site, from back in the day. 2022-10-25T21:30:49 in any case, bugzilla 6 will likely look somewhat like mozilla bugzilla does look right now 2022-10-25T21:30:57 whenever it releases 2022-10-25T21:31:20 and hopefully it doesn't take a decade for SUSE to update to a new version 2022-10-25T21:31:52 heh 2022-10-25T21:32:44 and if SUSE asked me I would design them a nice theme for older bugzilla version, it shouldn't be too hard 2022-10-25T21:32:53 I mean, KDE did it 2022-10-25T21:33:11 https://bugs.kde.org/ doesn't look half bad 2022-10-25T21:33:24 Yeah, KDE's interface is pretty nice. 2022-10-25T21:33:32 bugzilla.mozilla.org is slick too IMO 2022-10-25T21:34:01 it is a well performed redesign 2022-10-25T21:34:29 sigh why does the poo wiki override my 1. 2. 3. with bullet points 2022-10-25T21:34:57 I think the current design probably adds to A) the lack of bug reports I get for the things I work with, and B) the quality of the bug reports I do get. 2022-10-25T21:36:33 probably also lack of interaction between community and developers 2022-10-25T21:37:00 there's not much incentive for a contributor to find bug reports interesting to contribute fixes to 2022-10-25T21:37:23 acidsys: some of that, yes, although alot of folks seem to feel like diving into a matrix or IRC channel, complaining about something, and then leaving counts as a bug report. 2022-10-25T21:38:10 again, not an openSUSE specific issue. 2022-10-25T21:38:26 ye that's a problem as well .. I always try to tell them to please report it properly.. that is, if I catch them before they /quit :P 2022-10-25T21:38:56 some follow through with it 2022-10-25T21:39:06 and others start a big rant about how I want their data with the registration 2022-10-25T21:39:15 I've come to find, as I've gotten older, most of the bugs I've found are completely PEBKAC on my part =P 2022-10-25T21:39:27 acidsys: These ones I just ignore. 2022-10-25T21:39:53 I think there are ways to improve bug reporting in bugzilla 2022-10-25T21:41:17 the way ours is currently setup, even as a long time user, I do sometimes get real confused about what to file the bug against 2022-10-25T21:41:17 it is a bit of an overwhelming process 2022-10-25T21:41:17 oh yeah 2022-10-25T21:41:18 well, our bugzilla could use what rhbz has 2022-10-25T21:41:35 rhbz has a mapping of packages in fedora you can attach a bug into 2022-10-25T21:42:00 that way you can actually report directly against a package, which makes things easier 2022-10-25T21:42:00 that would be handy. 2022-10-25T21:42:03 it's really annoying I need to manually find the maintainer to assign to or wait for the (probably overloaded) screening team 2022-10-25T21:42:17 It's probably been 20 years since I filed a bug against RH/Fedora 2022-10-25T21:42:43 wow, such a trouble free OS! :p 2022-10-25T21:42:43 writing an integration for obs in bugzilla would not be difficult, and SUSE likely have the developers to do it 2022-10-25T21:43:12 acidsys: heh, not hardly, I just don't daily drive fedora much anymore =P 2022-10-25T21:43:16 well, rhbz is being replaced by jira 2022-10-25T21:43:21 so report bugs there >:D 2022-10-25T21:43:27 they likely have the developers to write your IDP self service built on top of free software too, but it neeeds someone to assign the resources to the respective teams 2022-10-25T21:43:39 SFaulken[m]: haha I figured, was just kidding 2022-10-25T21:44:11 acidsys: I don't want them to develop anything 2022-10-25T21:44:11 honestly, I've been running silverblue on my SP3 the last six months or so, and it's alot better than it was a decade ago. 2022-10-25T21:44:17 hellcp: yes.. feature requests already go via Jira 2022-10-25T21:44:18 just use the things 2022-10-25T21:44:20 they are out there 2022-10-25T21:44:33 (yeah, I know, silverblue and fedora workstation aren't identical =P) 2022-10-25T21:44:38 acidsys: no, I mean rh uses jira now 2022-10-25T21:44:45 oh right 2022-10-25T21:45:19 it would be great if SUSE used bugzilla for features, I would love that >:D 2022-10-25T21:45:27 SFaulken[m]: I can't really associate with any of these terms .. I only know flavours of openSUSE and SLE :p 2022-10-25T21:45:42 hellcp: yea.. I wish :( 2022-10-25T21:46:05 it'll become even less I fear 2022-10-25T21:46:20 the bare minimum of BZ they need to keep for CC related tickets 2022-10-25T21:46:27 acidsys: silverblue ~= microOS Desktop, Workstation ~= Leap-ish, kinda? openSUSE doesn't really have a direct analogue. 2022-10-25T21:46:45 hellcp: Fedora still uses Red Hat Bugzilla 2022-10-25T21:46:50 more current than Leap, but not rolling like TW =P 2022-10-25T21:46:51 only RHEL changed to Jira 2022-10-25T21:46:53 ahh right I think I heard silverblue in some comparison to microOS once 2022-10-25T21:46:55 and even not completely 2022-10-25T21:46:59 * not completely yet 2022-10-25T21:47:16 Eighth_Doctor: I see 2022-10-25T21:47:38 The problem is that now there are only two part-timers working on RHBZ 2022-10-25T21:47:48 and Red Hat is on a weird kick to do less with less :/ 2022-10-25T21:48:06 Admittedly, SUSE is in the same boat 2022-10-25T21:48:54 are our CI workers so slow? half an hour to apply a highstate .. 2022-10-25T21:49:10 show*... 2022-10-25T21:49:48 they were much faster in the past, no idea what slows them down 2022-10-25T21:50:06 (and last I checked, only _one_ worker was used for all the jobs, which is also not helpful) 2022-10-25T21:50:34 so if you are somewhat familiar with gitlab and gitlab-runner, you are more than welcome to check what's going on 2022-10-25T21:50:39 hellcp: The bigger issue is that the feature delta between BZ and RHBZ is still too high. 2022-10-25T21:51:19 cboltz: I'd be happy to, but I always feel like I'm infiltrating something asking for admin access to services :P 2022-10-25T21:52:34 if you use the admin access to improve the service(s), I guarantee that nobody will complain ;-) 2022-10-25T21:53:12 haha fair enough, shall I ask you or is bernhard the one with power ? 2022-10-25T21:53:18 in gitlab, I mean 2022-10-25T21:55:03 I have shell access (and regularly install the updated gitlab packages etc.) 2022-10-25T21:55:34 but in gitlab, I only have permissions for the salt-related repos 2022-10-25T21:56:03 "The bigger issue is that the..." <- yeah, and I bet rh wouldn't spare a developer to try to upstream that stuff 2022-10-25T21:56:27 do any other repos exist in gitlab? 2022-10-25T21:57:20 cboltz: ah got it, will ask him for the gui part then 2022-10-25T21:59:43 cboltz: so I assume I should do proxying of discourse from forum.i.o.o? 2022-10-25T22:00:01 since I guess you were not successful in doing it through normal means 2022-10-25T22:01:34 right, what I tried in haproxy didn't work, so proxying it from forum.o.o is probably less painful than forcing someone to adjust daffy*.i.o.o aka login2.o.o 2022-10-25T22:02:48 follow up: how hard will it be to not proxy it under daffy when we move over to discourse? 2022-10-25T22:03:35 you mean when we completely switch over? 2022-10-25T22:03:40 yes 2022-10-25T22:04:02 that's a DNS change (forums.o.o -> CNAME proxy.o.o) and a boring haproxy config change 2022-10-25T22:04:36 well, actually using the IP of proxy.o.o because forums.o.o has a MX entry, but that's a technical detail 2022-10-25T22:04:41 that sounds easier, alrighy then 2022-10-25T22:04:53 break the forums I go 2022-10-25T22:05:48 oh no I was in this file before, my horrible config 2022-10-25T22:09:05 break the forums I did 2022-10-25T22:10:32 hellcp: Break the forums is yer forte. :-P 2022-10-25T22:10:49 Hi, Christian (cboltz) 2022-10-25T22:11:38 hi 2022-10-25T22:13:03 welp, I clearly don't know what I'm doing 2022-10-25T22:14:05 * Fraser_Bell could help, in that case, hellcp, as I haven't had a clue what I'm doing in years. 2022-10-25T22:17:51 ProxyPass "/new" "http://discourse01.infra.opensuse.org/new" 2022-10-25T22:17:51 ProxyPassReverse "/new" "http://discourse01.infra.opensuse.org/new" 2022-10-25T22:17:59 this doesn't work at all 2022-10-25T22:19:11 this feels like it would make /new/new 2022-10-25T22:19:30 ah, maybe? 2022-10-25T22:20:01 removing the second new does not make a difference 2022-10-25T22:20:25 granted even if it was, discourse responds to every url with something 2022-10-25T22:20:43 404 is something rather than apache error page 2022-10-25T22:20:58 sorry, my brain was in nginx mode 2022-10-25T22:21:02 what is the issue 2022-10-25T22:21:42 acidsys: it doesn't work, silly =P 2022-10-25T22:22:01 I'm trying to proxy discourse01.i.o.o through forum.i.o.o machine 2022-10-25T22:22:30 and the service on discourse01 has its root at /new ? 2022-10-25T22:22:59 I don't want to proxy all of discourse 2022-10-25T22:23:02 only select urls 2022-10-25T22:23:40 but it seems to desire some /stylesheets and /assets and various paths 2022-10-25T22:24:09 I will add those once I know how to proxy other stuff 2022-10-25T22:24:20 I want to start with something 2022-10-25T22:24:31 ok so when I open http://discourse01.infra.opensuse.org/new/ it's broken already even without going through forum 2022-10-25T22:24:41 the error log says 2022-10-25T22:24:42 AH01144: No protocol handler was valid for the URL /new (scheme 'http'). If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule. 2022-10-25T22:24:50 yes, that's because of forced https 2022-10-25T22:25:23 do I need to specify the full url? 2022-10-25T22:25:29 or loadmodule 2022-10-25T22:25:43 give me a minute to try something ;-) 2022-10-25T22:26:43 progress, we now get a blank page for /new, and no error log entry 2022-10-25T22:26:54 FYI: I did a2enmod mod_proxy_http and rcapache2 restart 2022-10-25T22:27:16 of course, I forgot a module 2022-10-25T22:27:40