Fri, Sep 20
I moved these files to a temporary directory /srv/purge_after_20191031 for now, which is out of the way of log collection, nfs, and log processing. We'll do a final purge sometime after that date.
This is done, please reopen if there's any issue with the new mysql user.
@Ejegg is this something we still need? I know we're collecting a lot of metrics on civi1001 and am not sure if these queues are already included?
Sticking with simple backup of the live host for now...
Cross-host snapshot is set to run daily to back up /srv/prometheus.
Thu, Sep 19
Author: Jeff Green <firstname.lastname@example.org>
Date: Thu Sep 19 15:48:07 2019 +0000
Fri, Sep 13
Caitlin Cogdill sent an access authorization request to Lisa Gruwell earlier this week, we're waiting to hear back on that.
Thu, Sep 12
Yubikey requested from OIT...
Reopening, now that we have our own prometheus/grafana instance, would it make sense to alert from it?
is it possible to do this from grafana
Access approval received.
Access approval received.
Wed, Sep 11
Access request sent to Lisa . . .
I sent an access to Lisa Gruwell . . .
Tue, Sep 10
I created user dev_civicrm_read with select & create temporary tables on the dev_civicrm database. I'm not sure where this will be configured, so ping me for the password.
@jrobell sorry, I didn't manage to get started on this earlier! We're going to have Dallas handle the account setup so he can get familiar with all the moving parts.
Thu, Sep 5
Wed, Sep 4
Currently implemented as client certificate authentication is sufficient for no-login read only access, and optional grafana accounts for editors/admins backending in sqlite db. We need to synchronize the sqlite db and other dynamic configuration between frmon1001 and frmon2001, tasking that separately.
Fri, Aug 30
Thu, Aug 29
Tue, Aug 27
fruec database is created per sql/create_tables.sql
Mon, Aug 26
@AndyRussG checking in about these configuration settings:
- frdeploy configuration is puppetized and tested, needs to be adjusted to 'deployment' branch once that branch exists
As far as I can tell this is not an issue with Mojave or even High Sierra. It might be related to anti-malware software or other security settings.
Aug 21 2019
Aug 15 2019
OIT sent me a loaner Mac to test with. I upgraded it to Mojave, created a new user, and tested repeatedly with my cert. All of the issues I ran into had to do with the interface between the browser and login keychain. Safari is really buggy, and at one point corrupted the keychain causing this issue https://discussions.apple.com/thread/4010007. Also I ran into a situation where Safari would simply stall after entering https://civicrm.wikimedia.org, right where com.apple.WebKit.Networking or Safari would normally ask for auth to access the keychain, I think it may have been raising the dialog behind the browser window?
Aug 9 2019
Spelunked the Debian package, looks like log file encryption was disabled at 7.3.12 and never reenabled, so we'd need to build a custom package to support encryption. Probably not worth it.
prometheus is up and running and collecting, there's still work to be done on the monitoring infrastructure around redundancy and reliability, but it's basically up
Aug 8 2019
Aug 1 2019
This is fixed. I tested a deploy to frpig2001. I did not deploy to frpig1001, in case you should be around to watch behavior when the new code goes out.
Jul 31 2019
installed on civicrm and payments-listener roles where the 'tools' project is deployed
Jul 30 2019
Jul 29 2019
Jul 26 2019
Triggers are removed as of 08:43:23 PM EDT.