From d23c7526bfff31a2afb338234e8fe2e9caad2450 Mon Sep 17 00:00:00 2001 From: Geoffrey Thomas Date: Fri, 5 Jun 2009 02:10:05 -0400 Subject: [PATCH 01/16] Import from TextPattern --- news/102.mdwn | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 news/102.mdwn diff --git a/news/102.mdwn b/news/102.mdwn new file mode 100644 index 0000000..fee135c --- /dev/null +++ b/news/102.mdwn @@ -0,0 +1,31 @@ +[[!meta title="Java no longer broken on scripts.mit.edu"]] +Yesterday it was brought to our attention that our resource limits +were preventing Java from working, because the JVM attempted to +allocate more memory than our limits. + +Because of problems in the past with Java instances using 2 GB or +more memory causing out-of-memory conditions, we recently +reimplemented a 1 GB per-process [resource limit](/faq/34/). +However, the Java startup code’s attempt at allocating a +“reasonable fraction” of the total physical memory on the server +makes it attempt to grab about 1.05 GB. (This is a +[known issue](http://bugs.sun.com/view_bug.do?bug_id=6374896) in +Java.) This amount might be reasonable for a server running nothing +but Java, but is entirely too much for a shared host like +scripts.mit.edu. So, we’re setting the JAVA\_TOOL\_OPTIONS=-Xmx128M +environment variable to limit the maximum Java heap size, and Java +should be working again. + +If this isn’t enough for your application, you can create a +**.hotspotrc** file in the same directory as your script or Java +code, containing the option **MaxHeapSize=256M** (or possibly 512M; +note that we’ve tested 768M and found it to be unstable), or you +can pass **-Xmx256M** on your Java command line. + +It looks like we don’t have very many Java users at all because +this problem went unreported, but if you have any questions, as +always, please let us know at +[scripts@mit.edu](mailto:scripts@mit.edu). + + + -- 2.45.2 From a8191794b0973f878f201d86d491adf597247b66 Mon Sep 17 00:00:00 2001 From: Scripts Team Date: Fri, 5 Jun 2009 03:30:27 -0400 Subject: [PATCH 02/16] Import from TextPattern --- news/103.mdwn | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 news/103.mdwn diff --git a/news/103.mdwn b/news/103.mdwn new file mode 100644 index 0000000..4b971a2 --- /dev/null +++ b/news/103.mdwn @@ -0,0 +1,22 @@ +[[!meta title="*.scripts.mit.edu certificate signed by Equifax"]] +We’re glad to let you know that we’ve purchased an SSL/HTTPS +certificate for \*.scripts.mit.edu domain names that’s signed by a +well-known signatory, Equifax, instead of by the MIT Certificate +Authority. This means that you can use HTTPS URLs for those domain +names in any popular browser without having to download and trust +the MIT CA in advance — great news for those of you running +websites that target people outside the MIT community. MIT client +certificates continue to work as normal. + +We’ll also be installing an Equifax-signed certificate for +https://scripts.mit.edu/ soon, but we continue to encourage the use +of \*.scripts.mit.edu names instead of scripts.mit.edu/\~ names for +their improved security properties. + +For those of you with \*.mit.edu names, you can continue to use or +request MIT-signed certificates as always, or you can have the +secure parts of your site use a \*.scripts.mit.edu URL or discuss +other arrangements with us. + + + -- 2.45.2 From 52fff7e4599f66f3e1b8c5c80fa2bc7e5c4c7244 Mon Sep 17 00:00:00 2001 From: Anders Kaseorg Date: Fri, 12 Jun 2009 02:06:12 -0400 Subject: [PATCH 03/16] Import from TextPattern --- news/104.mdwn | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 news/104.mdwn diff --git a/news/104.mdwn b/news/104.mdwn new file mode 100644 index 0000000..e81c780 --- /dev/null +++ b/news/104.mdwn @@ -0,0 +1,10 @@ +[[!meta title=".htaccess files no longer require mode 777"]] +It is no longer necessary to use `chmod 777 .htaccess` to mark your +.htaccess files readable by Apache. As of May 30, 2009, Apache is +now given implicit read access to all file with names beginning in +“.ht”, such as .htaccess or .htpasswd (assuming the AFS directory +is readable by daemon.scripts, as is automatically the case in your +web\_scripts directory by default). + + + -- 2.45.2 From 5d7973bee4f2c23cf49db04f11c4eab4af67e38e Mon Sep 17 00:00:00 2001 From: Quentin Smith Date: Mon, 29 Jun 2009 13:22:45 -0400 Subject: [PATCH 04/16] Import from TextPattern --- servers/109.mdwn | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 servers/109.mdwn diff --git a/servers/109.mdwn b/servers/109.mdwn new file mode 100644 index 0000000..9e80521 --- /dev/null +++ b/servers/109.mdwn @@ -0,0 +1,3 @@ +[[!meta title="Active scripts.mit.edu Servers"]] + + -- 2.45.2 From 926344fa14fcd640d7023b1ecb9c3d6b8a41f02a Mon Sep 17 00:00:00 2001 From: Alexander W Dehnert Date: Sat, 13 Feb 2010 08:22:18 -0500 Subject: [PATCH 05/16] Import from TextPattern --- faq/110.mdwn | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 faq/110.mdwn diff --git a/faq/110.mdwn b/faq/110.mdwn new file mode 100644 index 0000000..77b1757 --- /dev/null +++ b/faq/110.mdwn @@ -0,0 +1,23 @@ +[[!meta title="What are the names of the various scripts.mit.edu servers?"]] +scripts.mit.edu makes use of load balancing across several +different servers to handle the enormous number of requests that +are served each day. It is very important that you ***not*** +hardcode the names of the servers into your scripts, because +different servers may be in the load balancer pool at any given +time. + +You can find out the current list of active servers by visiting +this URL at any time: +[http://scripts.mit.edu/servers](http://scripts.mit.edu/servers) + +You may also obtain this information via finger: + + athena% finger @scripts.mit.edu + +The section of the finger output that corresponds to balancing of +web requests to ports 80, 443, and 444 is the part under the +heading: +`FWM 2 wlc persistent 600` + + + -- 2.45.2 From 49359549bd77b89940a3b323f804871296a06603 Mon Sep 17 00:00:00 2001 From: Scripts Team Date: Wed, 24 Jun 2009 01:32:45 -0400 Subject: [PATCH 06/16] Import from TextPattern --- news/111.mdwn | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 news/111.mdwn diff --git a/news/111.mdwn b/news/111.mdwn new file mode 100644 index 0000000..ae9c42f --- /dev/null +++ b/news/111.mdwn @@ -0,0 +1,9 @@ +[[!meta title="Joomla autoinstaller now installs version 1.5.11"]] +We’ve just upgraded the [Joomla](http://www.joomla.org/) +[autoinstaller](http://scripts.mit.edu/start) on +[scripts.mit.edu](http://scripts.mit.edu/) to install version +1.5.11 by default. This is the most current version available from +the Joomla developers. + + + -- 2.45.2 From 5435c269218143f5589909298e08928f16e6d73f Mon Sep 17 00:00:00 2001 From: Anders Kaseorg Date: Sun, 9 Jan 2011 19:38:18 -0500 Subject: [PATCH 07/16] Import from TextPattern --- faq/112.mdwn | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 faq/112.mdwn diff --git a/faq/112.mdwn b/faq/112.mdwn new file mode 100644 index 0000000..795c57a --- /dev/null +++ b/faq/112.mdwn @@ -0,0 +1,55 @@ +[[!meta title="How can I restrict my Trac instance to only certain users?"]] +If you wish to restrict access to your Trac instance to only +certain people with MIT certificates, you may do so by editing the +.htaccess file in the directory you installed Trac into. +**Note: There is also a .htaccess file in the tracdata subdirectory, and that file should *not* be changed.** + +Initially, when you've used the Trac autoinstaller, the .htaccess +file will look similar this: + + AuthType SSLCert + AuthSSLCertAuthoritative off + AuthSSLCertVar SSL_CLIENT_S_DN_Email + AuthSSLCertStripSuffix @MIT.EDU + Require valid-user + AuthOptional on + + RewriteEngine on + + RewriteCond %{HTTPS} =on + RewriteRule ^logout http://%{SERVER_NAME}%{REQUEST_URI} [R,L] + + RewriteCond %{REQUEST_URI} !^/~yourlocker/trac-path/trac.fcgi + RewriteRule ^(.*)$ /~yourlocker/trac-path/trac.fcgi/$1 [L] + + + AuthOptional off + ErrorDocument 401 /__scripts/needcerts + + +You will want to change it to be similar to the following (changes +are highlighted in red): + + AuthType SSLCert + #AuthSSLCertAuthoritative off + AuthSSLCertVar SSL_CLIENT_S_DN_Email + AuthSSLCertStripSuffix @MIT.EDU + Require user moe larry curly + #AuthOptional on + ErrorDocument 401 /__scripts/needcerts + + RewriteEngine on + + RewriteCond %{HTTPS} =on + RewriteRule ^logout http://%{SERVER_NAME}%{REQUEST_URI} [R,L] + + RewriteCond %{REQUEST_URI} !^/~yourlocker/tracpath/trac.fcgi + RewriteRule ^(.*)$ /~yourlocker/trac-path/trac.fcgi/$1 [L] + + + AuthOptional off + ErrorDocument 401 /__scripts/needcerts + + + + -- 2.45.2 From 69fad2e0b2095a4524bbe0711ca1642add37b96a Mon Sep 17 00:00:00 2001 From: Alexander W Dehnert Date: Tue, 18 Jan 2011 06:27:33 -0500 Subject: [PATCH 08/16] Import from TextPattern --- faq/139.mdwn | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 faq/139.mdwn diff --git a/faq/139.mdwn b/faq/139.mdwn new file mode 100644 index 0000000..3d5654d --- /dev/null +++ b/faq/139.mdwn @@ -0,0 +1,24 @@ +[[!meta title="Can I make changes to autoinstalled code and still receive security updates?"]] +The scripts.mit.edu project provides [autoinstallers](/start/) for +many common web applications. As with any other application you run +on the scripts.mit.edu platform, you can freely make changes. + +However, changes can present a potential issue for our +[security updates](/faq/44). +Sometimes, our updater can merge changes you make with the changes +needed to update to the next version. However, sometimes your +changes will conflict with changes in the new version. When that +happens, sometimes the scripts.mit.edu team will merge the changes +by hand, but in some cases you may need to do the upgrade +yourself. + +It is also possible that changes might be subtly incompatible, +breaking your site. While we do some basic testing on updates, we +do not guarantee success. + +If you are particularly concerned about these issues, you should +either [opt-out of updates](/faq/44) or not make changes to +autoinstalled application code. + + + -- 2.45.2 From e136beebdd492193817e69fd21ddfe59c227edc3 Mon Sep 17 00:00:00 2001 From: Scripts Team Date: Mon, 2 Nov 2009 01:51:09 -0500 Subject: [PATCH 09/16] Import from TextPattern --- news/119.mdwn | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 news/119.mdwn diff --git a/news/119.mdwn b/news/119.mdwn new file mode 100644 index 0000000..9c30cd6 --- /dev/null +++ b/news/119.mdwn @@ -0,0 +1,8 @@ +[[!meta title="WordPress autoinstaller upgraded to version 2.8.5"]] +We’ve upgraded the [WordPress](http://wordpress.org) autoinstaller +on scripts.mit.edu to install WordPress version 2.8.5. This is the +most current stable version of WordPress, and includes +[several security hardening improvements backported from the upcoming WordPress 2.9 release](http://wordpress.org/development/2009/10/wordpress-2-8-5-hardening-release/). + + + -- 2.45.2 From 4e9687e94211e2626433a5205176b184be7b47cc Mon Sep 17 00:00:00 2001 From: Alexander W Dehnert Date: Sat, 13 Feb 2010 08:22:30 -0500 Subject: [PATCH 10/16] Import from TextPattern --- faq/120.mdwn | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 faq/120.mdwn diff --git a/faq/120.mdwn b/faq/120.mdwn new file mode 100644 index 0000000..02067ee --- /dev/null +++ b/faq/120.mdwn @@ -0,0 +1,43 @@ +[[!meta title="Does scripts.mit.edu publish information about who runs which websites?"]] +We don’t go out of our way to make this information available, nor +to +protect it. + +There is no listing of websites hosted on scripts.mit.edu or their + +maintainers. If we’re asked to by IS&T staff (e.g., IT Security or +User +Accounts) or law enforcement, we will identify the maintainer of a +single +website. We may also do so if needed in the process of answering a + +good-faith support ticket about the maintenance of that website. +Otherwise, we avoid giving this information out to the public for +the +asking. + +That said, for multiple technical reasons ranging from the +configuration +of our servers to the properties of various parts of Athena +infrastructure +we build upon, it’s generally possible to determine the ownership +of a +website with some concerted effort, including which users or groups +have +the ability to publish the site and who was the original creator of +a file +in a locker. Most of this is due to the Athena locker model itself, +and +applies equally to sites hosted on other services such as +web.mit.edu. + +Most other MIT hosting options will also reveal the owner’s +identity +publicly through Moira’s hostname registry. If you wish to have a +truly +anonymous website, you’ll need to get hosting independent of the +MIT +infrastructure. + + + -- 2.45.2 From a48707545e4fcfb990722d0fbf7285e5e796b61d Mon Sep 17 00:00:00 2001 From: Scripts Team Date: Fri, 31 Jul 2009 07:50:33 -0400 Subject: [PATCH 11/16] Import from TextPattern --- news/113.mdwn | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 news/113.mdwn diff --git a/news/113.mdwn b/news/113.mdwn new file mode 100644 index 0000000..e4443a4 --- /dev/null +++ b/news/113.mdwn @@ -0,0 +1,9 @@ +[[!meta title="MediaWiki autoinstaller now installs version 1.15.1"]] +We’ve just upgraded the [MediaWiki](http://www.mediawiki.org/) +[autoinstaller](http://scripts.mit.edu/start) on +[scripts.mit.edu](http://scripts.mit.edu/) to install version +1.15.1 by default. This is the most current version available from +MediaWiki. + + + -- 2.45.2 From 0be6aff9d0239997f6fca78cbaefde2eb78f4b57 Mon Sep 17 00:00:00 2001 From: Scripts Team Date: Fri, 31 Jul 2009 07:52:08 -0400 Subject: [PATCH 12/16] Import from TextPattern --- news/114.mdwn | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 news/114.mdwn diff --git a/news/114.mdwn b/news/114.mdwn new file mode 100644 index 0000000..734afb6 --- /dev/null +++ b/news/114.mdwn @@ -0,0 +1,7 @@ +[[!meta title="WordPress autoinstaller upgraded to version 2.8.2"]] +We’ve upgraded the [WordPress](http://wordpress.org) autoinstaller +on scripts.mit.edu to install WordPress version 2.8.2. This is the +most current stable version of WordPress. + + + -- 2.45.2 From 724f689babde510ab21a08ee157bde0747114424 Mon Sep 17 00:00:00 2001 From: Scripts Team Date: Fri, 31 Jul 2009 08:04:04 -0400 Subject: [PATCH 13/16] Import from TextPattern --- news/115.mdwn | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 news/115.mdwn diff --git a/news/115.mdwn b/news/115.mdwn new file mode 100644 index 0000000..39887d8 --- /dev/null +++ b/news/115.mdwn @@ -0,0 +1,19 @@ +[[!meta title="Django autoinstalls now see updates to your code instantly!"]] +The [Django](http://www.djangoproject.com/) +[autoinstaller](http://scripts.mit.edu/start/) has, up until now, +told you that when you update your code files, you need to +`touch index.fcgi` in order for the changes to be reflected on the +web. Unfortunately, that feature has never worked on +[scripts.mit.edu](http://scripts.mit.edu/). We’ve finally +identified the reason for this issue, and implemented an +improvement to the autoinstaller — it is no longer necessary to +kill your `python` processes or `touch` your `index.fcgi` files. +Updates to your `.py` files are now reflected immediately on the +web without you having to do anything else. + +We have applied this enhancement to all existing Django +autoinstalls that accept +[our automatic updates](http://scripts.mit.edu/faq/44). + + + -- 2.45.2 From 67c1491ec8927e0f5afeb2b78400f408f278dea9 Mon Sep 17 00:00:00 2001 From: Scripts Team Date: Wed, 5 Aug 2009 01:47:08 -0400 Subject: [PATCH 14/16] Import from TextPattern --- news/116.mdwn | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 news/116.mdwn diff --git a/news/116.mdwn b/news/116.mdwn new file mode 100644 index 0000000..7d973f5 --- /dev/null +++ b/news/116.mdwn @@ -0,0 +1,9 @@ +[[!meta title="WordPress autoinstaller upgraded to version 2.8.3"]] +We’ve upgraded the [WordPress](http://wordpress.org) autoinstaller +on scripts.mit.edu to install WordPress version 2.8.3. This is the +most current stable version of WordPress, and includes a security +fix that was missed in version 2.8.2, which was just recently +released. + + + -- 2.45.2 From 6f8d6e5f63ad6e76b88ba64e155fc4ee91e963c6 Mon Sep 17 00:00:00 2001 From: Scripts Team Date: Wed, 12 Aug 2009 18:06:42 -0400 Subject: [PATCH 15/16] Import from TextPattern --- news/117.mdwn | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 news/117.mdwn diff --git a/news/117.mdwn b/news/117.mdwn new file mode 100644 index 0000000..ebc40ce --- /dev/null +++ b/news/117.mdwn @@ -0,0 +1,9 @@ +[[!meta title="WordPress autoinstaller upgraded to version 2.8.4"]] +We’ve upgraded the [WordPress](http://wordpress.org) autoinstaller +on scripts.mit.edu to install WordPress version 2.8.4. This is the +most current stable version of WordPress, and includes yet another +important security fix for an issue that was present through +version 2.8.3, which was just recently released. + + + -- 2.45.2 From 74cd07b4101fd19a529aefb6faf0ae7c593275ea Mon Sep 17 00:00:00 2001 From: Scripts Team Date: Sun, 16 Aug 2009 05:46:03 -0400 Subject: [PATCH 16/16] Import from TextPattern --- news/118.mdwn | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 news/118.mdwn diff --git a/news/118.mdwn b/news/118.mdwn new file mode 100644 index 0000000..4974fea --- /dev/null +++ b/news/118.mdwn @@ -0,0 +1,38 @@ +[[!meta title="Ruby on Rails autoinstaller"]] +At long last, we’ve just deployed a brand new +[autoinstaller](http://scripts.mit.edu/start/) for +[Ruby on Rails](http://rubyonrails.org/), the popular +[Ruby](http://www.ruby-lang.org/) based web application framework. + +Ruby on Rails has been supported on +[scripts.mit.edu](http://scripts.mit.edu/) for quite some time, but +the setup process was entirely manual, and involved many +nonintuitive steps. You can now get a working Rails installation up +and running for your own application in less than 60 seconds by +typing + + $ add scripts + $ scripts-rails + +from any Athena machine, and following the instructions. + +This brings the count of autoinstallable applications up to 12: + + advancedbook + django + e107 + gallery2 + joomla + mediawiki + phpbb + phpical + rails + trac + turbogears + wordpress + +You can read more about these applications on our +[quick-start page](http://scripts.mit.edu/start/). + + + -- 2.45.2