Box-Admins December 2016

box-admins@lists.squeakfoundation.org

2 participants
2 discussions

Access to the new server(s)
by Tobias Pape 05 Apr '19

05 Apr '19

Dear all [ACTIONS AT END] with retroactive blessing of Levente, I have now prepared eight VMs on Rackspace. Here's the overview: ======================================================================================================================= Name Name (ext) intended use Unix Users Public Ports Private Ports Public IPv4 Private IPv4 ----------------------------------------------------------------------------------------------------------------------- ian ssh.squeak.org ssh-gateway ssh 1022 22 104.130.6.82 10.208.225.29 alan *.squeak.org webserver webteam 80, 443 22 104.239.229.92 10.176.200.8 adele lists.... mailinglists (tbd) 25, 587, 465 22, 8080 162.242.237.43 10.208.160.56 andreas -------- source.squeak chrismuller* -------- 22, 8080 irrelevant 10.208.161.222 dan -------- squeaksource davidlewis* -------- 22, 8080 irrelevant 10.176.197.150 ted -------- squeak wiki+map (tbd) -------- 22, 8080, 8081 irrelevant 10.176.130.111 david -------- jenkins (tbd) -------- 22, 8080 irrelevant 10.208.194.45 scott -------- misc (tbd) -------- 22, 8080, 8081 irrelevant 10.176.199.169 ======================================================================================================================= Currently, Levente and me have sudo on all these machines. Users with * also do. Note that _no_ server exposes SSH on port 22 on a public IP. This is intentional to narrow attack vectors for script kiddies. How to login? Ian is the ssh gateway so you have to connect to ian _first_ and use (1) local forwarding or (2) proxy jumping. I have installed the Public keys from most of you for the 'ssh' user on ian. Please verify by ssh -p1022 -lssh 104.130.6.82 you should see restrict shell, no commands # (you get out with crtl-d, ctrl-c, or killing ssh) How to reach the other servers? Example for 'andreas' variant (1): Do a local forward by ssh -AN -L22221:10.176.200.8:22 -p1022 -lssh 104.130.6.82 and then ssh -lYOURNAME -p22221 localhost (-N maybe optional, but then you see 'restrict shell, no commands #') Or in your .ssh/config you can put Host ian.squeak.org User ssh Hostname 104.130.6.82 Port 1022 LocalForward 222221 10.176.200.8:22 Host andreas.squeak.org User YOURNAME Hostname localhost Port 222221 And then say 'ssh -AN ian.squeak.org' and then 'ssh andreas.squeak.org' variant (2): (a) You have OpenSSH >= 7.3 Do a Jump with ssh -J ssh@104.130.6.82:1022 YOURNAME(a)10.176.200.8 Or in your .ssh/config you can put Host ian.squeak.org User ssh Hostname 104.130.6.82 Port 1022 Host andreas.squeak.org User YOURNAME Hostname 10.176.200.8 ProxyJump ian.squeak.org And then say 'ssh andreas.squeak.org' (b) You have OpenSSH >= 5.4 Do a Jump via ssh -o ProxyCommand="ssh -lssh -p1022 -W %h:%p 104.130.6.82" YOURNAME(a)10.176.200.8 Or in your .ssh/config you can put Host ian.squeak.org User ssh Hostname 104.130.6.82 Port 1022 Host andreas.squeak.org User YOURNAME Hostname 10.176.200.8 ProxyCommand ssh -W %h:%p ian.squeak.org And then say 'ssh andreas.squeak.org' (c) You have OpenSSH < 5.4 Use variant (1) We will shortly start RSYNC-ing over data from box3 and box4 as well as replicatiing DNS entries before switching over. [ACTION REQUIRED] - Who needs access to which servers? - Do we need Jenkins anymore? As always, questions appreciated. Best regards -Tobias

8 36

Re: [Box-Admins] [squeak-dev] Squeaksource.com is down
by David T. Lewis 10 Dec '16

10 Dec '16

Moving to box-admins for a couple of technical follow ups. I found that I had forgotten to update the SMTP server in the squeaksource.com image, which was causing problems with squeaksource.com was trying to send email notifications. The old setting was still pointing to 'box2.squeak.org', so I changed it to point to 'localhost', which is what source.squeak.org is using. So just to check: is 'localhost' the right smtp server for dan.box.squeak.org? On Mon, Dec 05, 2016 at 05:17:00PM +0100, Levente Uzonyi wrote: > On Mon, 5 Dec 2016, David T. Lewis wrote: > > >Thanks, hopefully just the user interface is scrambled. This happens when > >a new user registers with a multibyte user name (which happens > >surprisingly often, I would not have expected a lot of new users). > > Yes, that's exactly the case. We should fix that. My understanding is that this is a problem that has been fixed in either Squeak or in Seaside, I'm not sure which. In any case, whenever we next move squeaksource.com to a newer image, it should go away. That is not something I want to deal with right now, so maybe in January after the holidays? Mean time I think it is annoying but not really too much of a problem. > > > > >I am away, returning home 10 hours from now. I'll check into it then if no > >one else has done so. > > I tried to, but the VM wouldn't respond to USR2. I'm not sure what is wrong with the VNC access via SIGUSR2, but I cannot get it working right now. I think it might be related to a net name resolver problem, but I could not figure it out tonight. I fixed the immediate problem of a WideString user name by downloading the image to fix the image, but VNC access is still not working. Dave

2 3

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Box-Admins December 2016