xman has quit [Read error: Connection reset by peer]
xman has joined #neo900
lkcl has quit [Ping timeout: 250 seconds]
lobito has joined #neo900
DocScrutinizer05 has quit [Disconnected by services]
DocScrutinizer05 has joined #neo900
announ has quit [Quit: announ]
xes has quit [Ping timeout: 276 seconds]
xes__ has joined #neo900
<enyc>
DocScrutinizer05: the kicad-ppa seems to do that, and now has version 4.1.0-alpha+201607250105+6992~46~ubuntu16.04.1
<DocScrutinizer05>
:-)
<enyc>
DocScrutinizer05: the creator of that PPA may well have some useful script you can use to get a source package yourself if asked....
<enyc>
DocScrutinizer05: or do the whole manual getting of source and complini g for /usr/local not-as-deb-package yourself, or something
<DocScrutinizer05>
yep, the latter I was pondering
<enyc>
DocScrutinizer05: since you know your devuan vm//chroot has the right build-environment it should work ...
<DocScrutinizer05>
:nod: exactly my thought
<DocScrutinizer05>
and in chroot possibly even faster than VM with its single core I assigned
<enyc>
error
<enyc>
oops wrong window
<enyc>
DocScrutinizer05: pleased to hear kicad upstream being helpful
<DocScrutinizer05>
hmm? wrong window?
<DocScrutinizer05>
yeah, a guy nick c4757p was hacking right away when I reported a few bugs I found in kicad
<enyc>
DocScrutinizer05: unless you need lots of changes you may well do well to just ask the PPA author to update/rebuild as needbe, but i suspect that PPA is actually building *daily* anyway =)
<DocScrutinizer05>
sorry, I don't get that
<enyc>
r.e. kicad
<DocScrutinizer05>
yes, PPA does nightly builds aiui
<enyc>
unless you need lots of builds / lots of very regular changes, you probably don't need manual ,compile, the PPA will soonupdate/rebuild kicad source-pkg anyway
<enyc>
and then you get the source and compile on devuan
<enyc>
(source-*package* i.e. deb-src) that is
<DocScrutinizer05>
yes, that's what I thought
<enyc>
NB: *keep* the previously created sets of *.deb packages carefully *
<DocScrutinizer05>
I wonder what's the repo needed (instead of the ubuntu ppa) for that
<DocScrutinizer05>
thanks, excellent advice
<enyc>
you should be able to use the ubutnu-ppa *whichdoes daily builds) as before, no need 'separate' repo
<DocScrutinizer05>
great!
<enyc>
you did all this before... apt-get source kicad ... dpkg-buildpackage -rfakeroot -b ... etc
<DocScrutinizer05>
"etc" isn't much after that anymore, right?
<enyc>
i believe not... you dpkg -i 'ed the package files
<DocScrutinizer05>
yep
<enyc>
there was more 'fiddling' AT FIRST to get all the right dependencies
<enyc>
but that snhould be all 'done' now and not need re-deing
<DocScrutinizer05>
we got those now
ceene has joined #neo900
<DocScrutinizer05>
wpwrak: maybe you (the great scripter ;-D) like my approach for editing the sheet texts on index page: jr@saturn:~> sleep 3;xdotool key --delay 50 e alt+z Tab ctrl+c Escape ctrl+Right ctrl+Right ctrl+Right e shift+ctrl+BackSpace ctrl+v alt+o ctrl+Left ctrl+Left ctrl+Left ctrl+Up Down Down
<wpwrak>
gack ;)
<DocScrutinizer05>
hahahaha
<DocScrutinizer05>
needs positioning cursor in center of sheet box
<DocScrutinizer05>
I told you git-daemon uses webserver
<wpwrak>
not so sure if git-daemon and web server have anything to do with each other. seems that gitweb is doing all that
<wpwrak>
i can't even find its config file :-(
<wpwrak>
ah, /etc/apache2/conf.d/ of course, where else
<wpwrak>
but no, that's for apache
<DocScrutinizer05>
how would gitweb coexist with nginx, both listening to port 80?
<DocScrutinizer05>
or with apache, port 443 for that topic
<DocScrutinizer05>
netstat for the clear view
<wpwrak>
how does one restart apache ? the only thing that looks useful in /etc/init.d is /etc/init.d/php-fpm, but does doesn't seem to do much
<DocScrutinizer05>
I already did
<wpwrak>
e.g., i tried to /etc/init.d/php-fpm stop and it didn't stop the web server
<DocScrutinizer05>
[2016-07-26 Tue 09:59:25] <DocScrutinizer05> 2016-07-25T10:30:04.373178+02:00 localhost logrotate: logrotate_script: line 1: /etc/init.d/apache2: No such file or directory
<wpwrak>
(i'm trying to restart it to see if hiding the gitweb config makes gitweb and http/https access to the repo unavailable. i.e., i'm still searching for what provides this service)
<DocScrutinizer05>
it did run after I restarted it
<DocScrutinizer05>
I didn't change *anything* on the server
<wpwrak>
i tried to restart it like you said, and it only went down
<DocScrutinizer05>
so ask hellekin and your history
<wpwrak>
ah, "start" worked
<DocScrutinizer05>
it prolly won't pan out when THREE admins are poking around and changing stuff concurrently
<wpwrak>
hehe :) fatal: unable to access 'https://neo900.org/git/misc.git/': server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
<DocScrutinizer05>
without even communicating to each other
<DocScrutinizer05>
fuck LetsEncrypt!
<wpwrak>
hellekin is probably fixing it
<hellekin>
it's working now
<DocScrutinizer05>
I ORDERED a proper cert, but no!!
<wpwrak>
DocScrutinizer05: LE isn't really the problem. proper cert is nice to have, though
<hellekin>
it's quite difficult to assess a problem in the middle of a firestorm. Can someone say in one line where the problem lies?
<wpwrak>
hellekin: the problem we're trying to solve is that git clone http://neo900.org/git/ee.git (or https) produces a repo that ends on Jul 20 (it should go all the way to Jul 26)
<DocScrutinizer05>
first git http(s) did end at 20.7., then restart of server failed for nginx
<DocScrutinizer05>
(http)
<wpwrak>
hellekin: in the process of figuring out what actually provides the service, we restarted neo900.org, which caused nginx (providing http:) to not come up
<wpwrak>
hellekin: i also temporarily disabled gitweb, to confirm that it is really the entity that provides https://neo900.org/git/ for browsing and for git clone
<hellekin>
ok so that part of the problem is solved.
<DocScrutinizer05>
http works again
<hellekin>
now the git-daemon part
<wpwrak>
end cert good until Oct 20
<hellekin>
and will renew automagically
<wpwrak>
as it should
<hellekin>
as it did
<wpwrak>
hehe ;-)
<hellekin>
pointing to the right file is actually a good policy :)
<DocScrutinizer05>
unless I nuke the server and get something that doesn't have that stuff
<hellekin>
DocScrutinizer05: don't break what works :P
<wpwrak>
(git-daemon) i think it's gitweb. not sure if git-daemon does anything on our system (it listens only on 127.0.0.1, dunno why)
<DocScrutinizer05>
we seen today how good it works
<DocScrutinizer05>
and again, I strongly dislike LE and want to get rid of it
<hellekin>
DocScrutinizer05: don't blame a configuration error on LE. certbot, although I don't like the approach, did its work.
<wpwrak>
i think there may still be the issue that nginx doesn't get started after a reboot
<DocScrutinizer05>
it got installed against my explicit request
<wpwrak>
or was that only because of the cert ?
<hellekin>
yes
<hellekin>
the cert it was pointing to was a copy, not a symlink, not the original file.
<hellekin>
so of course it didn't update and expired when it had to.
<DocScrutinizer05>
so? I'm not happy
<wpwrak>
... which in turn made nginx fail to start. fragile stuff :)
<hellekin>
DocScrutinizer05: so your unhappiness is blurring your rational judgement.
<DocScrutinizer05>
no
<DocScrutinizer05>
my rational judgement says "no LE!!!"
<wpwrak>
hellekin: his rational judgement also screams that hannibal lecter is way too balanced :)
<hellekin>
wpwrak: and is paralyzing my thought
<hellekin>
nginx... yes, well, is that the normal way for OpenSuse to manage nginx configs?
<DocScrutinizer05>
when you don't see how this shit today had never happened, had our admins listened to what I said, then I can't help
<wpwrak>
no idea about opensuse :)
<DocScrutinizer05>
and I say it once more: no LE, please get a decent paid cert
<hellekin>
DocScrutinizer05: I'd be happy to oblige, but I'm not in that position.
<wpwrak>
hellekin: i guess we won't get any useful work done until joerg gets his "proper cert". so let's put the gitweb issue to rest. it's not a priority.
DocScrutinizer05 has left #neo900 ["systemd breaking up recursion in dbus"]
<hellekin>
wpwrak: looks like he's pissed of
<hellekin>
wpwrak: looks like he's pissed off
<wpwrak>
default state :)
<wpwrak>
only happy when he rants :)
<hellekin>
I hope when he reaches the state of parting from his own channel, he gets to hack :)
<wpwrak>
now, let's work around the broken clone issue ...
<hellekin>
:)
xman has quit [Ping timeout: 260 seconds]
xman has joined #neo900
xman has quit [Client Quit]
* enyc
meeps ... jsut pleased to see things happening =)
<hellekin>
enyc: lol
<enyc>
hellekin: maybe you can do your own helping, I did a lot of my own =)
<hellekin>
enyc: what do you mean?
SylvieLorxu has joined #neo900
herpderphurr has quit [Ping timeout: 260 seconds]
<enyc>
hellekin: do your own helping with project related problems
<enyc>
hellekin: in praicualr, dhelpful documenting of projcet station / communciotion/ web articles etc. AIUI is needed skill
<hellekin>
enyc: what do you think I've been doing?
<enyc>
hellekin: i don't know, you tell me =)
<hellekin>
just that
herpderphurr has joined #neo900
arcean has joined #neo900
jnc has joined #neo900
announ has joined #neo900
tsuggs has joined #neo900
tsuggs has quit [Ping timeout: 264 seconds]
DocScrutinizer05 has joined #neo900
atk has quit [Quit: You should never see this quit message.]
atk has joined #neo900
<hellekin>
OK, now we have a DocScrutinizer05-compliant SSL certificate running on *.neo900.org. This removes a bug where incorrect file pointer triggered enraged IRC flood on the (lack of) merits of LetsEncrypt. :)
<DocScrutinizer05>
\o/
<DocScrutinizer05>
many thanks hellekin!
* DocScrutinizer05
erases all notes in calender about cert expirations for the next 2 years
jnc has quit [Ping timeout: 258 seconds]
<hellekin>
DocScrutinizer05: is the notification going to the right email address? :)
<DocScrutinizer05>
the expiry notification?
<hellekin>
yes. Will be too late to think about in two years :)
<DocScrutinizer05>
I'm afraid we will see a few, at least next month or whatever the validity timespan of LE certs
<enyc>
is LetsEncrypt being problematic, autoupdating not working?
<DocScrutinizer05>
well, it needs a working autoupdate, a proper cert doesn't
<hellekin>
DocScrutinizer05: I was thinking about the Thawte expiry notice!
<DocScrutinizer05>
also I don't see the benefit for users when they have to face a new cert every few weeks when visiting neo900.org
<DocScrutinizer05>
hellekin: aaah, I don't think they send any
<hellekin>
they surely do. They wouldn't like you to miss giving them money.
<enyc>
surely there should be some open source tool / addon / whatever to warn of upcoming expiring certs automatically
<DocScrutinizer05>
hmmm that's possibly rather hetzner then
<hellekin>
enyc: not everyone is happy with granting root privilege to auto-update a certificate, and with the extra package dependencies. Of course there are alternatives, but well, the boss rules.
<DocScrutinizer05>
enyc: I rather use the ultra-classical methods and tools for such stuff
<enyc>
hellekin: no doubt the tools around LE will improve over time
<enyc>
hellekin: e.g. sensibly de-privilidged/managed cert changeover etc.
<DocScrutinizer05>
one less thing to possibly break - for two years
<DocScrutinizer05>
\o/
<enyc>
DocScrutinizer05: good, what other 'infrastructure' problems ought to be sorted ?
<DocScrutinizer05>
nothing severe so far
<DocScrutinizer05>
server could use a lot less loglines in syslog
<DocScrutinizer05>
and a working logrotate (which I hope I fixed)
<DocScrutinizer05>
almost 5GB of apache logs
<hellekin>
don't delete the logs yet, you might want to make some stats first.
<hellekin>
then adjust the logs to anonymize IP addresses.
<hellekin>
what about running an .onion?
<DocScrutinizer05>
well, go ahead if you feel fancy :-)
<DocScrutinizer05>
not about onion though!
<DocScrutinizer05>
so far i'm pretty happy neo900.org doesn't show up on spam blacklists
<enyc>
DocScrutinizer05: there are URIBL's but typically blacklists are DNSBL ip address lists....
<hellekin>
why would it? Anyway the way static.neo900.org works, I don't want to dig into that.
mad_dev has joined #neo900
<DocScrutinizer05>
enyc: exactly my point
<DocScrutinizer05>
what's going on with static.n.o?
arcean has quit [Read error: Connection reset by peer]
<hellekin>
DocScrutinizer05: as the sites call it, it would be defeating the purpose of an .onion, so all addresses should be rewritten to replace static with its onion version, and that's not trivial (well, there are some trivial solutions, but easy to miss something)
<hellekin>
and lots of work. Easier to use Tor on the client side.
<DocScrutinizer05>
oooh you meant a onion website, not an onion tor exit node
<hellekin>
yes
<DocScrutinizer05>
nothing wrong about a onion webserver, but as you said we probably first should sanitize the site
<hellekin>
I wish the server migration would be to devuan :)
<DocScrutinizer05>
yeah
<hellekin>
server rebooting...
<hellekin>
(kernel upgrade)
<DocScrutinizer05>
good
<hellekin>
looks like everything started fine
<hellekin>
platform microcode: Direct firmware load for intel-ucode/06-02-03 failed with error -2
<DocScrutinizer05>
yes
<DocScrutinizer05>
lol
<hellekin>
apart from that nothing wrong
<DocScrutinizer05>
no surprise for a VM
<hellekin>
oh ok
<DocScrutinizer05>
newbe being decent bare iron
<DocScrutinizer05>
rust = pathetic VM
<hellekin>
I guess newbie has similar updates pending
<DocScrutinizer05>
for sure
<hellekin>
except it presents another interface ???
<hellekin>
I mean yast
<DocScrutinizer05>
err yast should look identical
<hellekin>
zypper update is cleaner there :P
<hellekin>
youtube-dl is installed ?!?!?!
<DocScrutinizer05>
yeah the update is configured nicer on newbie
<DocScrutinizer05>
o.O
<DocScrutinizer05>
kill it, with fire
<hellekin>
yeah, if it's ever needed on a server, it's in a VM, not on the host
<DocScrutinizer05>
afk, bbl. sorry
announ has quit [Quit: announ]
mad_dev has quit [Remote host closed the connection]
mad_dev has joined #neo900
mad_dev has quit [Remote host closed the connection]
mad_dev has joined #neo900
paulk-aldrin has quit [Ping timeout: 250 seconds]
jnc has joined #neo900
paulk-aldrin has joined #neo900
lkcl has joined #neo900
paulk-aldrin has quit [Ping timeout: 276 seconds]
herpderphurr has quit [Ping timeout: 244 seconds]
paulk-aldrin has joined #neo900
xman has joined #neo900
mad_dev has quit [Remote host closed the connection]
mad_dev has joined #neo900
Wizzup has quit [Ping timeout: 244 seconds]
galiven_ has joined #neo900
galiven has quit [Ping timeout: 276 seconds]
Wizzup has joined #neo900
mad_dev has quit [Remote host closed the connection]
mad_dev has joined #neo900
mad_dev has quit [Remote host closed the connection]
mad_dev has joined #neo900
mad_dev has quit [Remote host closed the connection]
mad_dev has joined #neo900
Pali has joined #neo900
arcean has joined #neo900
pagurus has joined #neo900
chomwitt has quit [Ping timeout: 264 seconds]
Pangolin has quit [Ping timeout: 250 seconds]
Pangolin has joined #neo900
paulk-aldrin has quit [Quit: Leaving]
chomwitt has joined #neo900
dal has quit [Ping timeout: 240 seconds]
arcean has quit [Quit: App terminated!]
announ has joined #neo900
lobito has quit [Read error: Connection reset by peer]
Pali has quit [Ping timeout: 250 seconds]
mad_dev has quit [Remote host closed the connection]