DC-Users January 2014

dc-users@lists.duckcorp.org

1 participants
2 discussions

Happy New Year Ducklings!
by DuckCorp Admin Team 18 Jan '14

18 Jan '14

Coin, After the big bunch of upgrades during feast time, we plan a bit of cleanup and a few other improvements ; fasten your seat belt :-). === Recent IRC problems === Our primary IRC server needed a restart in order to load the new SSL certificates, unfortunately it was hit by a bug (Debian#714219) and is OoS until then. Our IRC services got problems too, probably for the same reason. Keep in mind that irc.milkypond.org is the IRC entry point. It contains several hosts in order to have a backup when one fail. You should not use another address unless you know what you are doing (seems several users did not). Unfortunately, SSL access on our secondary server was unusable due to a misconfiguration, sorry, we found it out the hard way when the first one went down === Upcoming Server's FS Layout Changes and Consequences === In order to cleanup and follow the FHS a bit more, we're planning to move a few data in better places. This will mostly affect shell and VCS users. Mostly users data outside your own home directory will be relocated in /srv, so you need not look around weird top directories anymore. For web users: /www will be relocated into /srv/www /sites will be kept as a symlink ~1 month before being removed For VCS users: /rcs will be relocated into /src/vcs => all rcs-* websites will be renamed accordingly, with a redirection until it seems unnecessary For FTP Users with shell access: /ftp will be relocated into /srv/ftp For project members having data in /private on Toushirou: /private/{projects,duckcorp,hurdfr} will be relocated into /srv/projects. We're also trying to finish the ext3->ext4 migration, which is not fully possible yet, but at least we'd like all data partitions to switch. So we're gonna disconnect /home on Toushirou one day for just a few minutes, which means no SSH access and user scripts (bots?) will have to be shutdown as well. We will announce it on IRC, but if you have such scripts, do not hesitate to contact us so we can coordinate so you can restart them very fast. Other changes should not have any consequences. We plan to do this really soon. === Recent Web Hosting Upgrades === As previously said, and with a lot a delay, mod_ruby was removed. By the way, mod_wsgi was removed too. We are now using Passenger to provide a cleaner and less resource intensive way of hosting webapps. The following languages are now handled: - Ruby - Python (WSGI apps are very easy to adapt) - NodeJS (new!) You can still use CGI for very simple scripts, but beware FCGI (with spawning processes) support will be removed soon. As previously not announced, sorry, Ruby 1.8 support was removed and Passenger now spawn Ruby apps using version 1.9 of the interpreter now. Also, Apache moved to 2.4, which should not be a big deal for you except for ACLs. There is a compatibility module to ensure everything continues to work as before but we add surprises so… be sure to learn the new way and adapt your .htaccess files using the following documentation: http://httpd.apache.org/docs/2.4/howto/auth.html The compatibility module is to stay at least a few month but do not wait until we announce the end of support. ACLs also are tighter now, which means almost no global access to files by default. === Recent SSH Security Upgrades === We recently enabled EDCSA host keys on all SSH servers, with updates in the SSHFP DNS records. === Supervision is back === Daneel has been rebuilt, not fully yet, but it is able to monitor our machines again. The configuration is quite not finished but the basics are working. It was really difficult to run blindly so we're eager to have again a good view of our service availability. As the software is by the way upgraded, we should be able to monitor in deeper details. Well, that is all for now. Assimilate these news well :-). Have a pleasant year! -- Marc Dequènes (Duck)

1 0

Happy New Year Ducklings!
by DuckCorp Admin Team 18 Jan '14

18 Jan '14

Coin, After the big bunch of upgrades during feast time, we plan a bit of cleanup and a few other improvements ; fasten your seat belt :-). === Recent IRC problems === Our primary IRC server needed a restart in order to load the new SSL certificates, unfortunately it was hit by a bug (Debian#714219) and is OoS until then. Our IRC services got problems too, probably for the same reason. Keep in mind that irc.milkypond.org is the IRC entry point. It contains several hosts in order to have a backup when one fail. You should not use another address unless you know what you are doing (seems several users did not). Unfortunately, SSL access on our secondary server was unusable due to a misconfiguration, sorry, we found it out the hard way when the first one went down === Upcoming Server's FS Layout Changes and Consequences === In order to cleanup and follow the FHS a bit more, we're planning to move a few data in better places. This will mostly affect shell and VCS users. Mostly users data outside your own home directory will be relocated in /srv, so you need not look around weird top directories anymore. For web users: /www will be relocated into /srv/www /sites will be kept as a symlink ~1 month before being removed For VCS users: /rcs will be relocated into /src/vcs => all rcs-* websites will be renamed accordingly, with a redirection until it seems unnecessary For FTP Users with shell access: /ftp will be relocated into /srv/ftp For project members having data in /private on Toushirou: /private/{projects,duckcorp,hurdfr} will be relocated into /srv/projects. Other changes should not have any consequences. We plan to do this really soon. === Recent Web Hosting Upgrades === As previously said, and with a lot a delay, mod_ruby was removed. By the way, mod_wsgi was removed too. We are now using Passenger to provide a cleaner and less resource intensive way of hosting webapps. The following languages are now handled: - Ruby - Python (WSGI apps are very easy to adapt) - NodeJS (new!) You can still use CGI for very simple scripts, but beware FCGI (with spawning processes) support will be removed soon. As previously not announced, sorry, Ruby 1.8 support was removed and Passenger now spawn Ruby apps using version 1.9 of the interpreter now. Also, Apache moved to 2.4, which should not be a big deal for you except for ACLs. There is a compatibility module to ensure everything continues to work as before but we add surprises so… be sure to learn the new way and adapt your .htaccess files using the following documentation: http://httpd.apache.org/docs/2.4/howto/auth.html The compatibility module is to stay at least a few month but do not wait until we announce the end of support. ACLs also are tighter now, which means almost no global access to files by default. === Recent SSH Security Upgrades === We recently enabled EDCSA host keys on all SSH servers, with updates in the SSHFP DNS records. === Supervision is back === Daneel has been rebuilt, not fully yet, but it is able to monitor our machines again. The configuration is quite not finished but the basics are working. It was really difficult to run blindly so we're eager to have again a good view of our service availability. As the software is by the way upgraded, we should be able to monitor in deeper details. Well, that is all for now. Assimilate these news well :-). Have a pleasant year! -- Marc Dequènes (Duck)

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

DC-Users January 2014