Page MenuHomePhabricator
Create Task
Maniphest T346321

Move notification servers config to local files
Closed, ResolvedPublic
Actions

Description

Currently, the aphlict configuration used by Phab/Phorge is stored in the DB as a hidden & locked config. The configuration doesn't contain any sensitive data and it would be better to have it committed in a repo somewhere so it can be added to the local Phorge disk config files.

It seems like the config did live in Puppet at some point when aphlict was collocated on the same machine with Phorge, but it's currently disabled. Then it was presumably moved to the DB manually when aphlict was moved to its own separate host.

We can add the configuration to Puppet, so it becomes part of the standard process of bootstrapping a Phorge target or alternatively, the configuration could live in the Scap3 deployment repository, where it would be part of our deployments.

Details

SubjectRepoBranchLines +/-
phabricator: add configuration for the remote aphlict serveroperations/puppetproduction+29 -6
Customize query in gerrit

Related Objects

Event Timeline

jnuche created this task.Sep 14 2023, 10:54 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptSep 14 2023, 10:54 AM
jnuche added a subscriber: eoghan.Sep 14 2023, 10:55 AM

@eoghan would you happen to know why the config value was added manually to the DB instead of keeping it in Puppet?

Peachey88 subscribed.Sep 14 2023, 11:09 AM

Note there is/was some work to move to the DB model for more config compared to the files, T239355: Deprecate phabricator's fixed_settings.yaml (in puppet) and just use phabricator's built in configuration tools

jnuche added a comment.Sep 14 2023, 11:22 AM

@Peachey88 Thanks for pointing to that. I'm not sure it applies anymore though, given we are more recently creating most of the Phab config with Puppet and writing it to files: https://gerrit.wikimedia.org/r/plugins/gitiles/operations/puppet/+/refs/heads/production/modules/profile/manifests/phabricator/main.pp#280. But it probably explains the decision.

gerritbot added a comment.Sep 26 2023, 9:04 AM

Change 961045 had a related patch set uploaded (by Jaime Nuche; author: Jaime Nuche):

[operations/puppet@production] phabricator: add configuration for the remote aphlict server

https://gerrit.wikimedia.org/r/961045

gerritbot added a project: Patch-For-Review.Sep 26 2023, 9:04 AM
gerritbot added a comment.Sep 26 2023, 3:22 PM

Change 961045 merged by EoghanGaffney:

[operations/puppet@production] phabricator: add configuration for the remote aphlict server

https://gerrit.wikimedia.org/r/961045

Maintenance_bot removed a project: Patch-For-Review.Sep 26 2023, 3:32 PM
jnuche closed this task as Resolved.EditedOct 18 2023, 3:34 PM
jnuche claimed this task.

Config is now local:

{
  "config": [
    {
      "key": "notification.servers",
      "source": "local",
      "value": [
        {
          "host": "phabricator.wikimedia.org",
          "port": 443,
          "protocol": "https",
          "type": "client"
        },
        {
          "host": "aphlict.discovery.wmnet",
          "port": 22281,
          "protocol": "http",
          "type": "admin"
        }
      ],
      "status": "set",
      "errorInfo": null
    },
    {
      "key": "notification.servers",
      "source": "database",
      "value": null,
      "status": "unset",
      "errorInfo": null
    }
  ]
}
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits