(update title when jamesh/harry signed in)
this document: https://hackmd.io/@plug/hack-day-notes
wget https://hackmd.io/_o_65OZbQMin0ANI2lz6-g/download -O $(date +%Y-%m-%d)-infra.md
(FNAME=$(date +%Y-%m-%d)-infra.md; DOC=hack-day-notes; CODIMD_SERVER=https://hackmd.io/@plug codimd export --md $DOC "./$FNAME")
2020 Nick+BenjaminA
2023-03-19 , 2023-04-09 Nick+Niall
2023-07-09 Nick + Michael + Niall + James + BenjaminIDS
2023-08-08 Niall + Nick + Aiden + Dylan + Craig + James + Harry
2023-08-13 Niall + Nick + Jason
2023-09-10/12 Nick + Michael + BenjaminIDS + JasperG + JamesH
2023-11-21 Nick + James
2024-02-11 Niall + DanB + Nick + BenjaminIDS
2024-02-13 BenjaminIDS + Dan + Nick + Sarah + James
2024-04-14 Niall + Nick + BenjaminIDS
2024-05-14 Nick, BenIDS + Sarah + MarkW + Owain + LawrenceL
2024-06-09 Nick + MarkW
2024-09-10 Nick + MichaelC + JamesH + DanB
2024-10-13 Harry + Nick + Jacek + JamesH + Dan + Mark
2024-11-10 Nick + Dan
2024-11-10 , 2025-01-07 Nick + Wyatt
2025-02-18 Nick + Wyatt + JamesH
2025-03-09 Nick + JamesH + MarkW
2025-04-13 Nick + MarkW + JamesH + TimL
2025-06-08 Nick + HarryMc + JamesH
2025-07-13 Nick + Roy + JamesH + JamesStewart
Second Tuesday 2024-02-13: Committee ops/handover
Can't do a remote talk without BBB?
Upcoming committee Tuesday 2023-04-18
Check certs
Pay
* Done! with BendigoBank card expires 2023-06
* Done!
murmurd -wipeSSL
it still uses a self-signed certificate?!dpkg-reconfigure mumble-server
?example: opendkim-genkey -r -s myselector -b 2048 -d example.com
re-generate key: opendkim-genkey -r -s mail -b 2048 -d po1.plug.org.au
Disabled DKIM
Gen aliases for mailman: glass@edison:/usr/lib/mailman/bin$ sudo ./genaliases
Set passwd for glass: riots stunt triple thongs
enable spamassassin to run on boot: glass@edison:~$ sudo systemctl enable spamassassin
po1.plug.org.au
/var/lib/mailman/lists
/var/lib/mailman/archives
There is an old version of Jekyll in Debian 9 which is not really compatible with our jekyll builds. (e.g. post generation in committee minutes)
So… apt uninstall jekyll
, then install ruby2.3 and ruby2.3-dev, then sudo gem install jekyll.
You specifically need version 3.8.5…
sudo gem install jekyll -v 3.8.5
This should fix builds. It won't be necessary once we move to Buster (Debian 10).
/etc/knot
from backups
/etc/knot/plug.org.au.example.zone
, not the live data:
Hi PLUG,
From 12pm until 5pm tomorrow (2020-06-14 12pm-5pm AWST) we will be performing maintenance on PLUG infrastructure. This will mean service interruptions to all services including web, email and membership management.
We'll be minimizing the impact as much as possible but some downtime will be necessary.
/etc/cron.daily/20-ldapdump
/root/bin/borgauto.sh
on powerNew way - use @NB script
root@bayonet:~/bin# ./brestore.sh --mount-all
Restore lists from backup (with cp), OR…
Restore lists from backup (with rsync)
FIXME: has left a number of pending.pck.tmp.*
files
Fix surface-level permissions and ownership.
Restore archives from backup
Recreate archives from mailboxes (SKIP FOR NOW)
We run plug last as it is the biggest and hardest to build (SKIP FOR NOW)
(We are NOT recreating the archives at this stage)
Fix URLs and make lists properly appear on frontpage where appropriate
In the end we decided to point old UGMM to new UGMM with a "dumb" redirect to help prevent certain kinds of attacks. IE: any old UGMM URL will redirect to https://ugmm.plug.org.au/, with no arguments or paths brought across.
We want to transplant the current set of mailman archives, instead of regenerating them (for various reasons - bad emails and avoid re-numbering). Once imported, we want to run fix_urls to ensure that they are consistent and that the links work.
https://docs.borgbase.com/restore/borg/
/var/lib/mailman/archives
borg extract –list –dry-run $BORG_REPO::'power.plug.org.au-2020-07-17 06:47:14.255843' /var/lib/mailman/archives
sed -n '/test cases/,$ p' checklist.md.txt |grep http > urls.tocheck.txt
http://plug.org.au/ -> https://plug.org.au/
http://www.plug.org.au/ -> https://www.plug.org.au/
https://plug.org.au/
https://www.plug.org.au/
https://plug.org.au/resources/
https://plug.org.au/contact/
https://plug.org.au/events/
https://plug.org.au/events/archive/
https://plug.org.au/events/2004/
https://plug.org.au/events/committee/2020/04-21/
https://www.plug.org.au/contact/
https://www.plug.org.au/events/
https://www.plug.org.au/events/archive/
https://www.plug.org.au/events/2004/
https://www.plug.org.au/ugmm/memberself ->
https://www.plug.org.au/ugmm/ ->
http://www.plug.org.au/ugmm/memberself ->
http://www.plug.org.au/ugmm/ ->
http://ugmm.plug.org.au/ -> https://ugmm.plug.org.au/
https://ugmm.plug.org.au/
http://lists.plug.org.au/mailman/listinfo
http://lists.plug.org.au/mailman/admin/committee
http://lists.plug.org.au/mailman/admin/committee/members
http://lists.plug.org.au/ -> https://lists.plug.org.au/mailman/listinfo
http://lists.plug.org.au/mailman -> https://lists.plug.org.au/mailman/listinfo
http://lists.plug.org.au/mailman/ -> https://lists.plug.org.au/mailman/listinfo
?? http://lists.plug.org.au/mailman/listinfo/ -> https://lists.plug.org.au/mailman/listinfo
http://lists.plug.org.au/mailman/private/committee/
http://lists.plug.org.au/mailman/private/committee/2020-January.txt.gz
http://lists.plug.org.au/mailman/private/committee/2019-May/thread.html
http://lists.plug.org.au/mailman/private/committee/2010-August/000031.html
(spam) http://lists.plug.org.au/mailman/private/committee/2010-August/000041.html
http://lists.plug.org.au/mailman/listinfo/admin
http://lists.plug.org.au/mailman/listinfo/av
http://lists.plug.org.au/mailman/listinfo/committee
http://lists.plug.org.au/mailman/listinfo/hackers
http://lists.plug.org.au/mailman/listinfo/jobs
http://lists.plug.org.au/mailman/listinfo/off-topic
http://lists.plug.org.au/mailman/listinfo/mailman
http://lists.plug.org.au/mailman/listinfo/plug
http://lists.plug.org.au/mailman/listinfo/ugmm
http://lists.plug.org.au/mailman/listinfo/userconf
http://lists.plug.org.au/pipermail/jobs/2015-March/000015.html
http://lists.plug.org.au/pipermail/plug/
http://lists.plug.org.au/pipermail/plug/2020-April/thread.html
http://lists.plug.org.au/pipermail/plug/2020-April/084366.html
http://lists.plug.org.au/pipermail/plug/2024-May/084948.html
We can use defer_transports to safely test email (and manually approve).
Send email to zorlin@gmail.com
Send email to benjamin@riff.cc
Receive an email from zorlin@gmail.com
Receive an email from benjamin@riff.cc
Receive a spam email (GTUBE-TEST) from zorlin@gmail.com
UGMM payment reminder goes out (force expire wings)
basic swaks test
swaks --from glass+test2@po1.plug.org.au --to glass+test2@po1.plug.org.au --server edison.plug.org.au
mutt -f ~/Maildir
get some graphs
Nick + Michael + Niall + James + BenjaminIDS
Niall tally up cloud expenses -> sponsor proposal
AWS payments: remove BA card, update NB card expiry+details
mailman 2to3
Backups: logged into plug.perthchat.org @PCHQ
Updated Meetup calendar with Michael Collins talk on Matrix for September 2023-09-12. Google calendar is populated already.
Benjamin De Silva has been approached to do a talk on EMACS for October 2023-10-10
power.plug.org.au
accountDONE: recent memberships/renewals are all processed
a new mailing list, maybe "members@plug.org.au"? is tested and able to be preloaded with a list of current financial members
minutes are published and deployed to the website
EOY BBQ+hackday has a plan, I think that's mostly in hand
PLUG-in-the-Pub January is pencilled in
Second Tuesday February 2024 and March 2024 have some kind of rough plan: talks? Projects:AV? Pi Jam?
anything else?
test raspberrypi.com ID login
query meetup user with default answers
process recent membership renewals –2023-11-21
slapcat | extract-payments.py > payments.$(date +%Y%m%d)a.csv
Moved to GitHub's repository README.md
https://github.com/asynthe/plug-pass
webcheck.py
edison
: ansible
: tls-copy-edison2power
hugo
https://github.com/plugorgau/plugorgau.github.io/blob/master/README.md
rsync
to power:/tmp
diff -ur /tmp/latest /home/plug/public_html
rsync -av /tmp/latest/. /home/plug/public_html/.
--delete
cp -al /home/plug/public_html web.$(date +%Y%m%d)
webcheck.py
, diffoscope
against plug-ugmm_0.5_all.deb
time mmdebstrap --mode=proot --variant=apt --include=build-essential stretch debian9-stretch.tar https://archive.debian.org/debian
mkdir -p cache; chmod 1777 cache; time mmdebstrap --mode=proot --variant=apt --include=build-essential --skip=essential/unlink --setup-hook='mkdir -p ./cache "$1"/var/cache/apt/archives/' --setup-hook='sync-in ./cache /var/cache/apt/archives/' --customize-hook='sync-out /var/cache/apt/archives ./cache' stretch debian9-stretch3.tar https://archive.debian.org/debian
power
backup objects: add lifecycle
Distributor ID: Ubuntu
Description: Ubuntu 20.04.6 LTS
Release: 20.04
Codename: focal
Membership processing
edison
rebuild in AWS?
events
pcadmin has account on power.plug.org.au
@AWS
ssh -oHostKeyAlgorithms=+ssh-rsa -oPubkeyAcceptedKeyTypes +ssh-rsa
plug.perthchat.org
/ plug.michael5ollins.com
@PC-HQedison.plug.org.au
( @DigitalOcean )edison
rebuild in AWSedison
droplet, resize to USD$12/month droplet (cannot go smaller with the current 50GiB storage)PLUG Website build on Power:
/home/admin/hugo/hugo.sh
enableGitInfo = true
in config.toml
: Hugo's invocation of Git uses arguments not supported by the ancient version.(plus 2025-02-18 updates, all done as admin@power
user)
ssh power
, removed old users from admin,adm groupNov 10 14:40:27 power postfix/smtp[4870]: 3727D465C4: to=<jayasekerakushan@gmail.com>, relay=gmail-smtp-in.l.google.com[64.233.170.27]:25, delay=3, delays=0.01/0.01/1.6/1.4, dsn=2.0.0, status=sent (250 2.0.0 OK 1731221134 98e67ed59e1d1-2e9a5f5bc8fsi8807865a91.57 - gsmtp)
for DOMAINNAME in beckwith.net.au danscomp.net decisions-and-designs.com.au fnarfbargle.com iinet.net.au kenworthy.id.au mccormick.cx oranges.id.au stgeorge.com.au plug.org.au;do host -tTXT ${DOMAINNAME};host -tTXT _dmarc.${DOMAINNAME};done
power
, create SSH key, deploy website to liveansible
: tls-copy-edison2power
webcheck.py
- test before/after:
webcheck.py
- test before/after:
301 Moved Permanently,https://plug.org.au/membership -> https://plug.org.au/membership/,308
https://httpd.apache.org/docs/2.4/en/mod/mod_alias.html#redirect
/etc/apache2/sites-available/lists.plug.org.au
/etc/apache2/sites-available/plug.linux.org.au
/etc/apache2/sites-available/plug.org.au.conf
/etc/apache2/sites-available/plug.org.au-ssl.conf
404 not found: http://lists.plug.org.au/pipermail/plug/
add TLS for https://lists.plug… plus redirects
fail2ban
apachefmb is scanning
https://www.passwordstore.org/
borgbackup -> rsync.net , pchq: email admin@plug needs new RSA? key, not ssh-dss
/root/bin/borgauto.sh
/root/bin/borgauto-pchq.sh
problem: https://lists.plug.org.au/mailman/… is working on HTTPS, but mailman pages contain many pre-generated references to HTTP links, e.g. http://lists.plug.org.au/mailman/admin/plug/members?letter=m from https://lists.plug.org.au/mailman/admin/plug/members
not fixed by s/http/https/ in:
borgbackup
on power
, run, fix with BORG_REMOTE_PATH=borg14
to rsync.net, test create and extract