I have needed to use compsize on multiple occasions, and thus had to
temporarily install it. As it is already installed on 9 machines and
is generally useful, make it part of the standard tool set for btrfs.
The traffic hitting ping.archlinux.org has lately been exhausting its
default nf_conntrack_max limit of 64k. Bump it to 256k (which is also
the default limit found on systems with more than 4G of memory).
Suggested-by: Kristian Klausen <kristian@klausen.dk>
With the final lists migrated to mailman3[1], the mailman2 server can
finally be killed.
When the mailman3 server was initially setup[2], it was done on a
separate server because the mailman and mailman3 packages conflicted,
and the traffic was routed over wireguard (HTTP, LMTP and SMTP).
Instead of installing mailman3 on the original lists.al.org server and
transferring the data, it was easier just to install the missing pieces
(basically Postfix and adjusting the Nginx configuration) on the ml3
server and move the IPs (to keep the IP mail reputation).
So basically the following was done:
- The IPs for the original lists.al.org was moved to the mailman3.al.org
server
- The mailman2 datadir was transferred to mailman3.al.org server, so we
can keep the pipermail links alive, and import missing mails if needed
- The original lists.al.org server was decommissioned
- The mailman3.al.org server was renamed to lists.al.org
- The missing pieces was added to the mailman3 role (basically Postfix +
Nginx adjustments)
- The mailman role was deleted and the mailman3 role renamed to mailman
[1] 75ac7d09 ("mailman: Fourth and final batch of mailman3 migrated lists")
[2] 9294828f ("Setup mailman3 server")
Fix #59
These roles are very similar and can be merged into a single new role.
Note: The archive mirror is changed from a 4-hour sync to minutely for
conformity with the other two mirrors. In practice this doesn't matter
as it was already taking over 4 hours to finish and was starting again
right after its previous run.
The service was enabled in arch-boxes to account for "hardware clock is
not in UTC, but instead UTC+X"[1], in our case the (VM) hardware clock
is in UTC and we therfor don't need the slow systemd-time-wait-sync
service (+30 seconds).
[1] e23d3c57a0
The buildbot POC wants to use Keycloak for user authentication. The
client is public, because it doesn't make sense to have a client secret,
which can't be kept under wrap anyway (it would need to be shipped with
the CLI[1]).
[1] https://gitlab.archlinux.org/foxboron/buildctl
From time to time aurweb is failing with "Too many open files"
errors[1], this could indicate a bug in aurweb or perhaps the limit is
just too low. Let's try doubling the limit and see if it helps.
[1] https://gitlab.archlinux.org/archlinux/aurweb-errors/-/issues/275
The code isn't vulnerable to nginx alias traversal[1][2], nevertheless
it should only match /static/ and not e.g. /staticfoobar.
[1] d94f18a7 ("Fix nginx alias traversal")
[2] 641060d635/docs/en/plugins/aliastraversal.md
Fixes: 9294828f ("Setup mailman3 server")
Whoosh is used by default, but it is slow at indexing (multiple hours
for just aur-requests) and searching e.g. aur-requests isn't possible
(it is slow and uses 3G+ of memory resulting in it getting OOM-killed).
Xapian indexed everything in just 76 minutes and searching aur-requests
now works and is plenty fast.
Co-authored-by: Evangelos Foutras <evangelos@foutrelis.com>
Renovate is a tool for: "Automated dependency updates. Multi-platform
and multi-language."[1].
We require all commits pushed directly to official projects to be
signed, so a master key and signing key have been generated for
Renovate. Both keys are stored in renovate.asc and Renovate only has
access to the signing key.
[1] https://github.com/renovatebot/renovate
All lists have been migrated to mailman3[1] and mailman3 is what users
should use, so show its interface by default and not the mailman2
interface.
[1] 75ac7d09 ("mailman: Fourth and final batch of mailman3 migrated lists")
arch-general
aur-general
aur-requests
It has been decided not to migrate the following unlisted and unused
lists:
arch-magazine
arch-notifications
arch-test
mailman