And shell has been given as well.

Staff wiki sysop, icinga and grafana given.

Done:

• On-wiki
• Mail (password provided to Zppix)
• Phabricator
• IRC
• GitHub
• Matomo (reset password via mail)

Granted so far:

• Security access on Phabricator
• IRC flags

Approved.

Approved.

Approved.

Approved.

This sounds like a privacy issue.

Approved.

Hi @Mike138, I am very sorry for the delay. I have reviewed the extension and unfortunately, we cannot enable this extension yet, due to issues described in T4806 (this is a private task due to security sensitive information). Changes are required from the author before we can enable this extension for you. We cannot give an ETA on this, that depends on the author.

Approved.

Sent another mail.

And yet again invalid.

Sent me another code but still invalid.

Done!

They've sent me a coupon code, but that code doesn't work. Asked for help.

Candidates for moving:

root@db4:/srv/mariadb# grep -E '^[0-9\.]{1,3}G' /tmp/sizes.txt | sort -nr
25G     allthetropeswiki
21G     nonciclopediawiki
13G     nonsensopediawiki
9.8G    baobabarchiveswiki

These wikis occupy about 69G, about 18.3% of db4's space and 36.7% of db5's space.

GlobalSign is looking into it.

Sent a reminder due to lack of a reply.

As I mentioned in the staff channel recently, the willingness to learn and get experience is something I like. I think Miraheze benefits from a person like you on the MediaWiki team. Approved.

This is waiting for your response.

In T4706#89557, @RhinosF1 wrote:

In T4706#89556, @Southparkfan wrote:

In T4706#89550, @RhinosF1 wrote:

In T4706#89547, @Southparkfan wrote:

These questions are to assess your technical capabilities. Some may be specific to MediaWiki administration, others may be used to determine if you would be a potential fit for Operations in the future. It is permitted to use search engines for your answers, however, bluntly copying commands without knowing what their parameters/arguments do is not good practice.
How do we enable encryption for HTTP traffic?

You can force it via .htcaccess

You cannot enable TLS via .htaccess, nor do we use Apache, try again please.

I've tried looking into it but haven't found much yet

See nginx.conf and mediawiki.conf.

For some reason php-fpm or nginx crashed or stopped. While backend servers are automatically depooled in order to keep the site running, loss of a backend means less capacity for serving traffic. How would you try to find out why the process crashed?

You could probably check a log or see if RamNode shows anything but I wouldn't know where exactly to look and don't believe mw-admins have RN access.

Please elaborate more, I am looking for in-depth answers. Which logs?

I wouldn't be certain

In the case I explained the server itself is still running, it's only a crash of certain processes. Using journalctl, dmesg and looking in /var/log/nginx/error.log or the MediaWiki logs (/var/log/mediawiki) you could get more information.

In T4706#89550, @RhinosF1 wrote:

In T4706#89547, @Southparkfan wrote:

These questions are to assess your technical capabilities. Some may be specific to MediaWiki administration, others may be used to determine if you would be a potential fit for Operations in the future. It is permitted to use search engines for your answers, however, bluntly copying commands without knowing what their parameters/arguments do is not good practice.

cd srv/Mediawiki/w/maintenance
sudo -u www-data php deleteArchivedFiles.php --wiki dbname --delete --force
nice -5 sudo -u www-data php deleteArchivedFiles.php --wiki dbname --delete --force

• I want to permanently delete all archived files for a wiki, however, the maintenance script puts a very high load on the MediaWiki server. Linux offers a way (for any command you execute) to reduce processing priority. What is the full command you would run?

Yup, nice is the command I was looking for. Though, your solution only words for negative values, so try using sudo nice instead of nice sudo (also improves readability!).

These questions are to assess your technical capabilities. Some may be specific to MediaWiki administration, others may be used to determine if you would be a potential fit for Operations in the future. It is permitted to use search engines for your answers, however, bluntly copying commands without knowing what their parameters/arguments do is not good practice.

Working on this.

In T4610#87874, @Reception123 wrote:

Before installing one question, is this acceptable for privacy reasons? Asking due to it providing "{{CURRENTUSERREALNAME}}" and I'm not 100% sure if real name is public by default.

The extension itself is safe, however I do not like the idea of our IPs being blacklisted because someone used reported non-spambots to the StopForumSpam site. I want to know what the other sysadmins think.

UserMagic: seems obsolete due to the other two extensions and does cache user IPs, so declined.

MyVariables: also disabling parser cache when needed, approved

UserFunctions: caching the IP addresses of users in Varnish is not a good idea, but the parser cache seems to be disabled so security wise this is fine.

In T4172#84048, @Southparkfan wrote:

@John mind reviewing/commenting on this?

We're definitely using OpenSSL for MariaDB 10.2.24, great. First step would be creating a Miraheze CA with easy-rsa.

Non-existent issue.

Related: T4302

Try again please.

Ack.

@AmandaCath hi! It is a *potential* security issue, I'm actually lacking the tools I need to verify it's present or absent. If the former, the extension would likely pass review after the fix has been applied.

Blocked by T4468 (private task).

Review process: the PHP and JavaScript resources must be checked.

This extension is used on WMF projects, no review needed.

Looks like a cpu limit violation (set in mediawiki config).

Saturday the Site went down again due to a mysql failure caused by insufficient disk space. This should be done sooner.

@John mind reviewing/commenting on this?

@Paladox for lizardfs[123].miraheze.org: what is the impact of one node being offline? Does it only prevent MediaWiki from retrieving 1/3 of our static content or will LizardFS crash completely?

Fixed.

We're taking a look.

So, after some hassle with a broken tun/tap on elasticsearch1 we have the following servers running vpncloud now: