Timeline
Feb 23, 2010:
- 11:44 PM Changeset [1489] by
- Fix directions for adding static extensions ========= Instance: 1149427 Time: Mon Feb 8 20:29:45 2010 Host: BYTE-ME.MIT.EDU From: Busy inodes after unmount. Self-destruct in 5 seconds. Have a nice day. [FAILED] <mitchb> Also, those directions need to be taken out back and shot. We don't do things like that anymore. ========= Done.
- 11:21 PM Changeset [1488] by
- Various tweaks to rails autoreloading code o Don't watch all of public, as apps may cache files there and cause the fcgi to repeatedly die and destroy any fcgi performance gains o Specifically watch .htaccess and dispatch.fcgi o Raise an error to die instead of trying to reload code and dying in the process because you can't o Explain that killing the fcgi process results in a reload of the code at the next request (Merge of r1411:1486 from branches/locker-dev to trunk, originally from gdb)
- 11:00 PM Changeset [1487] by
- Renewed certificate for schuh.mit.edu
Feb 22, 2010:
- 3:47 AM Changeset [1486] by
- Explain why we raise an error here
- 3:37 AM Changeset [1485] by
- Time to be honest with ourselves. We're not reloading anything here.
- 3:31 AM Changeset [1484] by
- Watch specific files as well
- 3:09 AM Changeset [1483] by
- __scripts/needcerts: Add support for working around Safari Safari on Mac OS X (or more properly, CFNetwork and the rest of the SSL stack) doesn't properly support SSLVerifyClient Optional, which is our default for :444. In particular, if you don't have an identity preference set, only SSLVerifyClient Require will trigger the dialog to set an identity preference and present a certificate to the site: http://lists.apple.com/archives/apple-cdsa/2009/Apr/msg00041.html We can work around this by checking for the Safari user-agent in /__scripts/needcerts and renegotiating SSLVerifyclient Require. Forcing the Require behavior on Safari users that reach this page is reasonable because this page is only (supported to be) reached as an ErrorDocument 401; if you're intentionally using AuthOptional on to take advantage of the optional authentication, you'll never trigger the 401 error.
Feb 20, 2010:
- 6:18 PM Changeset [1482] by
- Take upstream changes to use alternative runtime directory for fcgi; revert previous changes to chmod /var/run/httpd.
- 4:25 PM Changeset [1481] by
- Don't chmod /var/run/httpd 0700, since that breaks fcgid.
- 4:49 AM Changeset [1480] by
- Hit the turbo button and make those gears spin!
- 4:31 AM Changeset [1479] by
- * Don't put SQL passwords in command-line arguments. * When using sqlalchemy, use ~/.my.cnf instead of hardcoding the SQL password. (Merge of r1477:1478 from locker-dev to trunk, originally from xavid)
- 4:24 AM Changeset [1478] by
- * Don't put SQL passwords in command-line arguments. * When using sqlalchemy, use ~/.my.cnf instead of hardcoding the SQL password. (originally from xavid)
- 4:21 AM Changeset [1477] by
- * Initial commit of TG autoinstaller, for some reason. (from trunk@1476, originally from xavid)
Feb 19, 2010:
- 4:58 PM Changeset [1476] by
- Add environment variables for CPS for nicer graph titles.
- 4:49 PM Changeset [1475] by
- Read graph_title from environment.
- 4:18 PM Changeset [1474] by
- Specify uid 102 is signup, and remove dead SELinux code.
- 3:44 AM Changeset [1473] by
- LDAP, now with 200% more indexed queries! Previously, only about 1/3 of our LDAP queries were actually being answered using indices. ns-slapd was routinely observed to be eating a huge portion of our CPU. Coincidence? You be the judge. We're going to stop being morons now and use <1% CPU for LDAP.
- 1:11 AM Changeset [1472] by
- Use the right script...
Feb 18, 2010:
- 10:56 PM Changeset [1471] by
- make r-m's RAM match
- 7:07 PM Changeset [1470] by
- b-b and p-b have real hardware, yay
- 3:05 PM Changeset [1469] by
- Changed list of watched directories in rails fcgi
Feb 17, 2010:
- 11:44 AM Changeset [1468] by
- Fixed the exception type problem in this code; fixed up remove-servers.
Feb 16, 2010:
- 11:46 AM Ticket #116 (Certificate login fallback to password) created by
- I've run into this situation a number of times on setting up wiki/CMS …
Feb 15, 2010:
- 10:11 PM Ticket #115 (actively break sudo for users who aren't supposed to) created by
- PAM is a good choice here. So is replacing our uses of sudo …
Feb 13, 2010:
- 5:36 PM Changeset [1467] by
- Minor hacron fixes
- 5:21 PM Changeset [1466] by
- Another pass over hacron
- 12:55 AM Changeset [1465] by
- QuickPrint cronjob (so it runs on every host)
Feb 12, 2010:
- 3:52 AM Changeset [1464] by
- What's that? I can't hear you over the static! o Make Apache, suEXEC, and static-cat case-insensitive about extensions o Add wav, mid, and midi as static extensions o Add missing mime-type for svg files
- 2:47 AM Changeset [1463] by
- mod_vhost_ldap: Copy the server_rec instead of corrupting it in place.
Feb 8, 2010:
- 3:06 AM Changeset [1462] by
- install-howto.sh: IBTSOCS
- 2:25 AM Changeset [1461] by
- surprise I'm installing GDChart
Feb 7, 2010:
- 4:07 AM Ticket #108 (rack-backward and rack-forward aren’t even the right part of speech.) closed by
- invalid: Sometimes a name is just a name. Also, you used up your "this is a …
Feb 6, 2010:
- 4:50 AM Changeset [1460] by
- Certificate and Apache config for isawyou.mit.edu
- 4:43 AM Changeset [1459] by
- Backport cluster-glue, heartbeat, and pacemaker from F12 We want to use pacemaker for hacron. It's presently available in F12, but not F11. In F12, it's built against heartbeat 3, which is a completely different beast than the heartbeat 2 available in F11, so we need to backport that as well. heartbeat 3, in turn, depends on cluster-glue, which is not presently in F11. All three of these build cleanly with no source changes so long as their dependencies are present.
- 4:39 AM Changeset [1458] by
- Allow "buildroot override" functionality in mock via a local repo If you're building a chain of packages that have requirements on each other, and aren't yet ready to publish them to the world, mock needs a way to find the dependencies that aren't in a regular repo yet. Configure it to treat /home/scripts-build/mock-local as a local repo that it can install packages from to satisfy dependencies. This is analogous to Fedora's "buildroot overrides" used when building packages that depend on each other and need to be pushed to production together instead of serially. For more details, see: http://fedoraproject.org/wiki/Buildroot_override_SOP
- 3:46 AM Ticket #114 (better story for importing outside Django sites) created by
- We do a lot of custom stuff in setting up Django -- splitting between …
Feb 5, 2010:
- 11:35 PM Changeset [1457] by
- Now with lock timeouts
- 11:30 PM Changeset [1456] by
- Added hacron script
- 8:57 AM Changeset [1455] by
- Certificate and Apache config for classmates.mit.edu
Feb 2, 2010:
- 4:23 AM Ticket #113 (Django auto-installs on a machine where USER != ATHENA_USER get wrong ...) created by
- Currently, the Django auto-installer bakes the username of the running …
- 2:11 AM Changeset [1454] by
- Enable mod_deflate In these harsh economic times, scripts should handle inflation (and deflation).
Feb 1, 2010:
- 2:45 AM Changeset [1453] by
- Stop scriptsifying gzip Fedora has released a package with the relevant patches
Jan 30, 2010:
- 7:30 PM Changeset [1452] by
- Speed up postfix acceptance of mail to foo@scripts.mit.edu Postfix does virtual alias expansion on *all* addresses, both virtual/remote and local, which means that even mail to a normal scripts user will be looked up in not only the regular aliases file, but the virtual maps we set up. If we don't match those addresses in either the hashed virtual file or the regexp virtual file, then an LDAP query will occur instead of quickly accepting the RCPT address. Short-circuit that by matching *@scripts.mit.edu as a regexp and mapping it with no change. If we rewrite it as the unqualified user, then a recursive virtual match happens (all virtual rewrites are subject to recursive matching). Simple, eh?
- 7:14 PM Changeset [1451] by
- Add Munin configuration to the install instructions
Jan 29, 2010:
- 1:10 PM Changeset [1450] by
- More LDAP customizations needed on test servers
- 12:51 PM Changeset [1449] by
- Handle vhosts that have multiple defined aliases
- 12:26 PM Changeset [1448] by
- Renewed certificate for eastgate.mit.edu
Jan 26, 2010:
- 7:13 PM Changeset [1447] by
- Reify *.blue-sun-corp.com
- 7:13 PM Changeset [1446] by
- Missed a ServerAlias
- 7:04 PM Changeset [1445] by
- Handle vhosts that don't have any defined aliases
- 6:57 PM Changeset [1444] by
- Add *.blue-sun-corp.com cert
- 10:48 AM Changeset [1443] by
- I Bemoan The State Of Postfix (LDAP and mail hosting for all our vhosts)
- 10:09 AM Changeset [1442] by
- Deploy clarifications to the fascist locker signup error message (Merge of r1440:1441 from branches/locker-dev to trunk)
- 3:10 AM Changeset [1441] by
- Missed a couple spots on the bikeshed (more clarity for fascist locker error)
Jan 25, 2010:
- 11:42 PM Changeset [1440] by
- Make the sql signup's .my.cnf symlink relative (Merge of r1437:1439 from branches/locker-dev to trunk)
- 10:45 PM Changeset [1439] by
- Relative symlink. Really. Everywhere you create it.
- 10:31 PM Changeset [1438] by
- Make the sql signup process create a relative symlink When users change their locker names, the absolute symlink breaks, and we can't fix it for them.
Note: See TracTimeline
for information about the timeline view.