View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
131 [My infrastructure] General minor have not tried 2020-09-27 16:28 2020-09-27 16:28
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: nrpe.cfg can use include files
Description: # INCLUDE CONFIG FILE
# This directive allows you to include definitions from an external config file.

#include=<somefile.cfg>



# INCLUDE CONFIG DIRECTORY
# This directive allows you to include definitions from config files (with a
# .cfg extension) in one or more directories (with recursion).

#include_dir=<somedirectory>
#include_dir=<someotherdirectory>
Tags:
Steps To Reproduce:
Additional Information: Perhaps I can start using /usr/local/etc/nrpe.d/

and put my configuration files in there as *.cfg files
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
130 [My infrastructure] General minor have not tried 2020-09-05 20:42 2020-09-05 20:42
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: check usage of ansible role users-dan
Description: It needs to specify the groups:

  - {role: users-dan, usergroups: "wheel" }
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
129 [My infrastructure] General minor have not tried 2020-08-26 01:16 2020-08-26 01:16
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: need a postgresql freshports package
Description: it installs the database dependencies
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
128 [My infrastructure] General minor have not tried 2020-08-17 11:55 2020-08-18 20:12
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: nagios changes
Description: pg01 - parent == knew?
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0000130)
dvl   
2020-08-18 20:12   
pg01 is not hosted on knew


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
117 [My infrastructure] General minor have not tried 2020-05-03 15:32 2020-08-16 13:13
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: Convert freshports and fp-daemon from daemontools to supervisord
Description: Why?

Logging of stderr and stdout
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0000129)
dvl   
2020-08-16 13:13   
Instead of supervisord, the work on the devgit branch is using daemon(8).


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
120 [My infrastructure] General minor have not tried 2020-05-13 00:36 2020-08-16 13:12
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: monitor ps ax | grep readproctitle | grep 'service errors:'
Description: [dan@stage-ingress01:~] $ ps ax | grep readproctitle | grep 'service errors:'
33300 - IJ 0:00.00 /usr/local/bin/readproctitle service errors: ...........................................................................


ps ax | grep readproctitle | grep 'service errors:' | grep -v 'readproctitle service errors: ....................'
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0000128)
dvl   
2020-08-16 13:12   
With the move from daemontools to daemon, this will not be required.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
126 [My infrastructure] General minor have not tried 2020-06-27 13:26 2020-06-27 13:26
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: freshports:users.number_of_commits is not used
Description: It looks like page_size has this functionality instead

see classes/user.php and www/customize.php
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
125 [My infrastructure] General minor have not tried 2020-06-20 15:26 2020-06-20 15:26
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: two spare 500G SSD drives in slocum
Description: They are the old zroot. They could be repurposed.
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
123 [My infrastructure] General minor have not tried 2020-06-17 01:36 2020-06-17 01:36
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: Move serpico's functionality to an external host
Description: Instead of relying upon my DYNDNS updates working properly and consistently, why not use a proxy on a public host?

If my ISP connection goes down, I could use my MIFI connection, and things would still work.

I could do similar for all incoming connections:

* http
* ssh
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
122 [My infrastructure] General minor have not tried 2020-06-10 16:05 2020-06-10 16:05
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: IPv6 DNS at home
Description: It looks like IPv6 name servers are not handed out via DNS.
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
121 [My infrastructure] General minor have not tried 2020-05-14 15:02 2020-05-14 15:02
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: reconfigure webserver
Description: Move files in /usr/websites to /usr/local/www
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
119 [My infrastructure] General minor have not tried 2020-05-08 09:40 2020-05-08 09:40
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: freshsource - old code - eregi
Description: 2020/05/08 09:39:16 [error] 40067#102431: *6288447 FastCGI sent in stderr: "PHP message: PHP Fatal error: Uncaught Error: Call to undefined function eregi() in /usr/local/www/freshsource/www/include/freshports.php:1158

see https://www.php.net/eregi
Tags:
Steps To Reproduce: Try creating an account
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
118 [My infrastructure] General minor have not tried 2020-05-07 19:23 2020-05-07 19:23
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: freebsddiary.org forums are down
Description: Perhaps convert them to static html?
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
116 [My infrastructure] General minor have not tried 2020-05-03 00:16 2020-05-03 00:16
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: is packageToolTipText being called regardless of cache being used?
Description: I think it's being called every time.
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
115 [My infrastructure] General minor have not tried 2020-05-02 14:37 2020-05-02 14:37
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: Add a nagios check for 'Starting up - this should not occur often'
Description: We have a bug:

This should not happen this often:

[dan@stage-nginx01:~] $ sudo grep -c 'Starting up - this should not occur often' /var/log/freshports/freshports.log
192


May 2 00:54:02 stage-nginx01 fp-listen[75383]: COUNT: 1939 entries to process
May 2 00:54:02 stage-nginx01 fp-listen[75383]: removing glob /var/db/freshports/cache/ports/net/mpich/*
May 2 00:54:02 stage-nginx01 fp-listen[38061]: Starting up - this should not occur often
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
114 [My infrastructure] General minor have not tried 2020-05-02 02:14 2020-05-02 02:14
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: librenms docs need non-composer install option
Description: re: https://github.com/librenms/librenms/blob/master/doc/Extensions/Dispatcher-Service.md

#APP_KEY= #Required, generated by composer install
#NODE_ID= #Required, generated by composer install


Tags:
Steps To Reproduce: create this file:

<?php

echo uniqid();


Run it:

$ php ~/tmp/uniqueid.php
5eacd76c3281a[dan@empty:~/librenms] $

There's your node_id
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
113 [My infrastructure] General minor have not tried 2020-05-01 16:03 2020-05-01 16:03
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: get vbsdcon.org backonline, not just redirecting to vbsdcon.com
Description: see webs01
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
111 [My infrastructure] General minor have not tried 2020-04-16 14:16 2020-04-16 14:39
Reporter: dvl Platform:  
Assigned To: dvl OS:  
Priority: normal OS Version:  
Status: confirmed Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: put git and subversion under one ZFS file system
Description: use system/data/repos on slocum

For backups, nightly snapshot and full backup.

Affects svn and gitea jails
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0000120)
dvl   
2020-04-16 14:25   
snapshot those repos and send daily to remote locations.
(0000121)
dvl   
2020-04-16 14:38   
system/data/gitea already existed.

renamed to system/data/repos/gitea
(0000122)
dvl   
2020-04-16 14:38   
# zfs list -r system/data/repos
NAME USED AVAIL REFER MOUNTPOINT
system/data/repos 28.4G 12.9T 176K none
system/data/repos/gitea 20.8G 12.9T 784M /iocage/jails/git.langille.org/root/var/db/gitea
system/data/repos/subversion 7.57G 12.9T 7.57G /iocage/jails/svn/root/usr/local/svn/repos
(0000123)
dvl   
2020-04-16 14:39   
Left to new:

* backup job to snapshot and backup
* zfs send | recv - sanoid?


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
110 [My infrastructure] General minor have not tried 2020-04-12 20:22 2020-04-12 20:22
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: reconcile FreshPorts-Scripts and FreshPorts-Scripts-Dependencies scripts
Description: Make sure the do-install and post-install sections are laid out to ease maintenance.
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
107 [My infrastructure] General minor have not tried 2020-03-19 13:14 2020-03-19 13:14
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: is nagiosql-ext working?
Description: I know nagiosql-int works.

We need it for nagiosql-ext too.
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
106 [My infrastructure] General minor have not tried 2020-03-18 01:09 2020-03-18 01:19
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: remove search from racingsystem.com
Description: remove search from racingsystem.com
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0000109)
dvl   
2020-03-18 01:17   
broken images at http://www.racingsystem.com/booksmags.html
(0000110)
dvl   
2020-03-18 01:19   
http://www.racingsystem.com/payment.html is out of date

remove 2006 reference.

change price to $50

--- can I issue new licenses?


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
102 [My infrastructure] General minor have not tried 2020-02-11 17:22 2020-02-11 17:22
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: implement NRPE TLS
Description: https://github.com/NagiosEnterprises/nrpe/blob/master/README.SSL.md
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
101 [My infrastructure] General minor have not tried 2020-02-09 20:54 2020-02-09 20:54
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: Try https://bucardo.org/check_postgres/
Description: Refer to twitter and facebook posts from today.
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
97 [My infrastructure] General minor have not tried 2020-01-20 02:04 2020-01-20 02:04
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: add monitoring of bacula-sd-03
Description: There is none now.
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
95 [My infrastructure] General minor have not tried 2020-01-07 14:00 2020-01-07 14:00
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: set standard periodic.conf on all jails
Description: I noticed sanoid snapshots / cleanups taking a long time to complete.

The next morning I saw a number of packages with umatched checksums. I do not think the two are related.

However, I do think both the host and the jails are running checksum checks

e.g. pkg check -s

via /usr/local/etc/periodic/security/460.pkg-checksum

This is disabled via this entry in /etc/periodic.conf:

# let the host do this, not the jails
security_status_pkg_checksum_enable="NO"

I also noticed that /etc/periodic.conf is not consistent across all jails. Time for an ansible script
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
94 [My infrastructure] General minor have not tried 2020-01-05 16:49 2020-01-05 16:49
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: adjust listen address on postfix for webs02
Description: include 127.0.0.1 for glewlwyd
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
90 [My infrastructure] General minor have not tried 2019-12-21 03:11 2019-12-21 03:11
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: check samdrucker for blocked attempts
Description: 03:04:33.179751 rule 0/0(match): block in on ix2: 10.55.0.107.26266 > 10.55.0.50.443: Flags [S], seq 1856593625, win 65535, options [mss 1460,nop,wscale 6,sackOK,TS val 2186458247 ecr 0], length 0
03:04:34.531823 rule 0/0(match): block in on ix2: 10.55.0.14.26271 > 10.55.0.50.443: Flags [S], seq 852466707, win 65535, options [mss 1460,nop,wscale 6,sackOK,TS val 740146522 ecr 0], length 0
03:04:34.729743 rule 0/0(match): block in on ix2: 10.55.0.117.26273 > 10.55.0.50.443: Flags [S], seq 767897196, win 65535, options [mss 1460,nop,wscale 6,sackOK,TS val 3508227699 ecr 0], length 0
03:04:35.363144 rule 0/0(match): block in on ix2: 10.55.0.113.26275 > 10.55.0.50.443: Flags [S], seq 2943255003, win 65535, options [mss 1460,nop,wscale 6,sackOK,TS val 59294019 ecr 0], length 0
03:04:36.086145 rule 0/0(match): block in on ix2: 10.55.0.114.26276 > 10.55.0.50.443: Flags [S], seq 706158937, win 65535, options [mss 1460,nop,wscale 6,sackOK,TS val 169384636 ecr 0], length 0
03:04:36.307600 rule 0/0(match): block in on ix2: 10.8.1.100.22347 > 10.55.0.50.443: Flags [S], seq 79161726, win 65535, options [mss 1357,nop,wscale 6,sackOK,TS val 4075781253 ecr 0], length 0
Tags:
Steps To Reproduce: Look at select * from host order by date_updated asc on pg03
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
88 [My infrastructure] General minor have not tried 2019-12-02 23:32 2019-12-02 23:32
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: Add bacula-sd-03 jobs to services.
Description: Adjust SQL so I can see what jobs have not copied from bacula-sd-10 to bacula-sd-03
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
87 [My infrastructure] General minor have not tried 2019-11-29 16:06 2019-12-02 21:37
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: require TLS on all bacula-monitor connections
Description: require TLS on all bacula-monitor connections
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0000096)
dvl   
2019-11-30 19:52   
This may not be possible:

$ /usr/local/libexec/nagios/check_bacula -h
Copyright (C) 2005 Christian Masopust
Written by Christian Masopust (2005)

Version: 9.4.3 (02 May 2019) amd64-portbld-freebsd12.0 freebsd 12.0-RELEASE-p5

Usage: check_bacula [-d debug_level] -H host -D daemon -M name -P port
       -H <host> hostname where daemon runs
       -D <daemon> which daemon to check: dir|sd|fd
       -M <name> name of monitor (as in bacula-*.conf)
       -K <md5-hash> password for access to daemon
       -P <port> port where daemon listens
       -dnn set debug level to nn
       -? print this message.
(0000097)
dvl   
2019-12-02 21:37   
It can leak status. Doesn't seem like much of an issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
85 [My infrastructure] General minor have not tried 2019-11-14 20:45 2019-11-14 20:45
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: spare drives in slocum
Description: The spare drives in slocum are powered up and running, perhaps we should remove one or two of them.
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
74 [My infrastructure] General minor have not tried 2019-09-01 13:34 2019-11-12 23:38
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: review monitoring for all jails
Description: e.g. I don't see anything for besser - this might be false
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0000093)
dvl   
2019-11-12 23:38   
besser is monitored


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
84 [My infrastructure] General minor have not tried 2019-11-07 13:22 2019-11-07 13:22
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: fresherports.org
Description: Implement DNS and a website for fresherports.org

Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
83 [My infrastructure] General minor have not tried 2019-10-28 23:47 2019-10-28 23:47
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: update nginx configurations
Description: re https://nextcloud.com/blog/urgent-security-issue-in-nginx-php-fpm/

dev-nginx01 is done.
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
80 [My infrastructure] General minor have not tried 2019-10-19 14:16 2019-10-28 12:23
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: create bacula-sd-03 and store additional copies of the backups on slocum
Description: We have the space:

system 27.2T 2.49T 24.8T - - 24% 9% 1.00x ONLINE -

There is no downside to having copies of backups. Especially the most recent backups.
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0000090)
dvl   
2019-10-28 12:23   
bacula-sd-03 now exists on a new jail, bacula-sd-03.

The bacula directories exist.

next step: create copy jobs from bacula-sd-01 to bacula-sd-02. I wonder if the existing SQL used for copy-to-tape can be used as a starting point. I suspect the SQL may have to be pool-aware in terms of what pools it has been copied to.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
77 [My infrastructure] General minor have not tried 2019-09-25 13:17 2019-09-25 13:17
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: Delegate Let's Encrypt DNS01challenges to a specific domain
Description: This will reduce churn on the main zones and make it easier to follow.

Perhaps dns01.langille.org ?
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
76 [My infrastructure] General minor have not tried 2019-09-20 11:51 2019-09-20 11:51
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: create port to create required FreshPorts directories etc
Description: This can be used by FreshPortsScripts and by FreshPortsDependencies
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
75 [My infrastructure] General minor have not tried 2019-09-07 19:13 2019-09-07 19:13
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: disable non-ssh-key login on all jails
Description: I am not sure I can login only via password.
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
66 [My infrastructure] General minor have not tried 2019-07-09 22:03 2019-07-09 22:03
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: check slocum jails
Description: * do we still need local-freebsd-repo
* is /usr/local/etc/newsyslog.conf.d on dev-ingress01 rotating the fortnightly logs correctly?
* check same on test, stage, supernews, x8dtu
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
62 [My infrastructure] General minor have not tried 2019-04-08 20:13 2019-04-08 20:13
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: revert shortened snapshot name for mailjail after upgrade to 12.0
Description: re: /usr/home/dan/bin/jail-snapshots-for-backup.sh

08-Apr 20:09 zuul-fd JobId 289349: shell command: run ClientBeforeJob "/usr/home/dan/bin/mailjail-snapshot-for-backup.sh /iocage/jails/mailjail.langille.org/root/usr/home/dan/Maildir create"
08-Apr 20:09 bacula-sd-01-sd JobId 289349: Recycled volume "TwoHourly-7271" on File device "vDrive-TwoHourlyBackups-0" (/usr/local/bacula/volumes/TwoHourlyBackups), all previous data lost.
08-Apr 20:09 bacula-dir JobId 289349: Max Volume jobs=1 exceeded. Marking Volume "TwoHourly-7271" as Used.
08-Apr 20:09 zuul-fd JobId 289349: Could not stat "/iocage/jails/mailjail.langille.org/root/usr/home/dan/Maildir/.zfs/snapshot/mailjail-snapshot": ERR=File name too long
08-Apr 20:09 zuul-fd JobId 289349: shell command: run ClientAfterJob "/usr/home/dan/bin/mailjail-snapshot-for-backup.sh /iocage/jails/mailjail.langille.org/root/usr/home/dan/Maildir destroy"
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
61 [My infrastructure] General minor have not tried 2019-04-08 12:47 2019-04-08 12:47
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: add IPv6 to mailjail
Description: mailjail has an IPv6 address.

Only sshd is listening on that.
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
23 [My infrastructure] General minor have not tried 2018-12-15 17:06 2019-03-11 00:04
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: deploy hare and mtqq to other hosts
Description: * supernews
* x8dtu
* zuul
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
56 [My infrastructure] General minor have not tried 2019-03-02 18:30 2019-03-02 18:30
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: configure E-Mail on Kathy's pfSense instance
Description: system_advanced_notifications.php
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
54 [My infrastructure] General minor have not tried 2019-03-01 13:58 2019-03-01 13:58
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: check_iocage_host_vs_jails.sh uses wrong path to iocage
Description: [dan@x8dtu:/var/log] $ ': grep jail /usr/local/etc/nrpe.cfg
command[check_host_basejail]=/usr/local/libexec/nagios-custom/check_host_basejail
command[check_iocage_host_vs_jails]=/usr/local/bin/sudo /usr/local/libexec/nagios-custom/check_iocage_host_vs_jails.sh
command[check_pkg_audit_jail]=/usr/local/bin/sudo /usr/local/libexec/nagios-custom/pkg-audit.sh
command[check_py_iocage_host_vs_jails]=/usr/local/bin/sudo /usr/local/libexec/nagios-custom/check_py_iocage_host_vs_jails.sh
[dan@x8dtu:/var/log] $ cat /usr/local/libexec/nagios-custom/check_iocage_host_vs_jails.sh
#!/bin/sh

HOSTVERSION=`/usr/bin/file /bin/sh`

JAILS=`/usr/local/sbin/iocage list | /usr/bin/egrep -v '^JID' | /usr/bin/cut -f 2 -w`
ERRORS=''
for jail in ${JAILS}
do
  JAILVERSION=`/usr/local/sbin/iocage chroot ${jail} 'file /bin/sh'`
  if [ "${JAILVERSION}" != "${HOSTVERSION}" ]
  then
    ERRORS="jail '${jail}' is ${JAILVERSION}"
  fi
done

if [ "${ERRORS}" == "" ]
then
  echo 'All jails match the host'
  exit 0
else
  echo "WARNING: HOST and jails are NOT in sync: host = ${HOSTVERSION} but ${ERRORS}"
  exit 2
fi
[dan@x8dtu:/var/log] $ /usr/local/sbin/iocage list | /usr/bin/egrep -v '^JID' | /usr/bin/cut -f 2 -w
bash: /usr/local/sbin/iocage: No such file or directory
[dan@x8dtu:/var/log] $ /usr/local/sbin/iocage list | /usr/bin/egrep -v '^JID' | /usr/bin/cut -f 2 -wwhic^C
[dan@x8dtu:/var/log] $ which iocage
/usr/local/bin/iocage
[dan@x8dtu:/var/log] $
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
53 [My infrastructure] General minor have not tried 2019-03-01 13:56 2019-03-01 13:56
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: rotate /var/log/iocage.log
Description: Keep 60 days worth of data
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
52 [My infrastructure] General minor have not tried 2019-03-01 13:37 2019-03-01 13:37
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: move mx-ingress01 off x8dtu
Description: Perhaps the mail ingress for FreshPorts needs to be on another server.
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
51 [My infrastructure] General minor have not tried 2019-02-26 16:48 2019-02-26 16:48
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: adjust PDU timing so everything powers up correctly
Description: First step, determine boot times. re https://twitter.com/DLangille/status/1100410272227840003

The order is:

1 - switches: which take a few minutes to power up.
2 - servers: which take about 5 minutes to power up.
3 - firewall These timings can be done on the PDU, which have settings for power-on delay.

But for testing, I need to power everything off and time them.
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
43 [My infrastructure] General minor have not tried 2019-01-30 01:15 2019-01-30 01:15
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: ship tape to http://www.datamediasource.com/
Description: ship tape to http://www.datamediasource.com/
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
39 [My infrastructure] General minor have not tried 2019-01-27 18:04 2019-01-27 18:04
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: add links to talks for PGCon 2018 video
Description: e.g. https://www.pgcon.org/2018/schedule/events/1166.en.html from https://www.youtube.com/watch?v=J8DONTSbtCE
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
36 [My infrastructure] General minor have not tried 2019-01-17 13:38 2019-01-17 13:38
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: instead of /dev/console, log to /var/log/messages
Description: Does anyone else do this?

Console messages aren't useful. /var/log/messages is.
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
34 [My infrastructure] General minor have not tried 2019-01-10 14:36 2019-01-10 14:36
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: all cert-puller crontab entries should redirect STDOUT to /dev/null
Description: Too many emails...
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
24 [My infrastructure] General minor have not tried 2018-12-16 17:27 2018-12-16 17:27
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: duplicate entries in package_flavors
Description: Sounds like I need a unique index on this table.

Might be that the code is not deleting existing entries before adding new entries.

see https://gist.github.com/dlangille/bed774005cb612abac8662b3569a89b6
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
21 [My infrastructure] General minor have not tried 2018-12-15 03:04 2018-12-16 01:32
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: stop some scripts from running in jails
Description: [dan@slocum:~] $ ps auwwx | grep find
root 52832 0.3 0.1 26096 17284 - DJ 03:01 0:00.70 find -sx / /dev/null ( ! -fstype local ) -prune -o -type f ( -perm -u+x -or -perm -g+x -or -perm -o+x ) ( -perm -u+s -or -perm -g+s ) -exec ls -liTd {} +
root 49559 0.1 0.0 24036 15192 - DJ 03:01 0:00.66 find -sx / /dev/null ( ! -fstype local ) -prune -o -type f ( -perm -u+x -or -perm -g+x -or -perm -o+x ) ( -perm -u+s -or -perm -g+s ) -exec ls -liTd {} +
root 50822 0.0 0.0 22144 13272 - DJ 03:01 0:00.55 find -sx / /dev/null ( ! -fstype local ) -prune -o -type f ( -perm -u+x -or -perm -g+x -or -perm -o+x ) ( -perm -u+s -or -perm -g+s ) -exec ls -liTd {} +
root 50944 0.0 0.0 11268 2284 - DJ 03:01 0:00.41 find -sx / /dev/null ( ! -fstype local ) -prune -o -type f ( -perm -u+x -or -perm -g+x -or -perm -o+x ) ( -perm -u+s -or -perm -g+s ) -exec ls -liTd {} +
dan 87066 0.0 0.0 11292 2736 0 S+ 03:03 0:00.00 grep find
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0000023)
dvl   
2018-12-15 03:04   
/bin/sh -f /usr/local/etc/periodic/security/410.pkg-audit


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
19 [My infrastructure] General minor have not tried 2018-12-07 21:29 2018-12-07 21:29
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: Delete older tarsnap backups
Description: There are some old ones in there...
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
12 [My infrastructure] General minor have not tried 2018-12-04 16:49 2018-12-04 16:49
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: move gelt websites to web01
Description: Some of these websites are not in the repo
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.


View Issue Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
2 [Postfix private] General minor have not tried 2017-10-03 20:24 2017-10-03 21:04
Reporter: dvl Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none Fixed in Version:  
    Target Version:  
Summary: TLS options to investigate
Description: smtp_tls_security_level = secure
smtp_tls_mandatory_ciphers = high
smtpd_tls_auth_only = yes

Start using service names, not hostnames

minimize main.cf.j2 after first deployment
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.