TPA team issueshttps://gitlab.torproject.org/tpo/tpa/team/-/issues2023-12-06T17:34:04Zhttps://gitlab.torproject.org/tpo/tpa/team/-/issues/41430journald limits at rdsys-test-012023-12-06T17:34:04Zmeskiomeskio@torproject.orgjournald limits at rdsys-test-01The disk of rdsys-test-01 is full. I believe is because a service producing a lot of log on a test. If that is true Can we reconfigure journald so it doesn't store more than 500MB in that host?The disk of rdsys-test-01 is full. I believe is because a service producing a lot of log on a test. If that is true Can we reconfigure journald so it doesn't store more than 500MB in that host?anarcatanarcathttps://gitlab.torproject.org/tpo/tpa/team/-/issues/41406Add proxypass rule for lox distributor on rdsys-frontend-012023-12-20T18:16:27ZCecylia BocovichAdd proxypass rule for lox distributor on rdsys-frontend-01Right now the lox-distributor is running on localhost port 8001. Can we add a proxypass rule to the nginx configuration from `/lox` to `localhost:8001`?Right now the lox-distributor is running on localhost port 8001. Can we add a proxypass rule to the nginx configuration from `/lox` to `localhost:8001`?https://gitlab.torproject.org/tpo/tpa/team/-/issues/41379polyanthum root filesystem filling up2023-12-11T15:12:48Zanarcatpolyanthum root filesystem filling up![image](/uploads/206b18fe31c087e1ee9ce25a37074a5c/image.png)
https://grafana.torproject.org/d/zbCoGRjnz/disk-usage?orgId=1&var-class=All&var-instance=polyanthum.torproject.org&from=now-1y&to=now
ate 12GB in the past month, now a handfu...![image](/uploads/206b18fe31c087e1ee9ce25a37074a5c/image.png)
https://grafana.torproject.org/d/zbCoGRjnz/disk-usage?orgId=1&var-class=All&var-instance=polyanthum.torproject.org&from=now-1y&to=now
ate 12GB in the past month, now a handful of gigabytes left, @meskio do you know what's up with this?jugajugahttps://gitlab.torproject.org/tpo/tpa/team/-/issues/41377Install golang compiler in rdsys-test-012023-11-03T09:45:47Zmeskiomeskio@torproject.orgInstall golang compiler in rdsys-test-01We'll need to compile the rdsys binaries on that machine. Can we get golang installed there?We'll need to compile the rdsys binaries on that machine. Can we get golang installed there?anarcatanarcathttps://gitlab.torproject.org/tpo/tpa/team/-/issues/40932get itchyonion access to ACT infraestructure2022-10-21T15:49:18Zmeskiomeskio@torproject.orgget itchyonion access to ACT infraestructureCan we give @itchyonion access to anti-censorship team infraestructure?
AFAIK it involves:
* polyanthum
* bridgedb
* rdsys
* moat
* bridgestrap
* rdsys-frontend-01
* rdsys
* gettor
* telegram-bot-01
* telegrambot
I expect...Can we give @itchyonion access to anti-censorship team infraestructure?
AFAIK it involves:
* polyanthum
* bridgedb
* rdsys
* moat
* bridgestrap
* rdsys-frontend-01
* rdsys
* gettor
* telegram-bot-01
* telegrambot
I expect @shelikhoo to already have access to all of that, but if is not the case please also give permitions for him there.anarcatanarcathttps://gitlab.torproject.org/tpo/tpa/team/-/issues/40758install tor-geoipdb package from bullseye-backports in polyanthum2022-05-26T09:46:48Zmeskiomeskio@torproject.orginstall tor-geoipdb package from bullseye-backports in polyanthumThe geoipdb we are using in polyanthum is pretty old, and depends on updates from debian stable (right now oldstable). There are more frequently updated packages for it in deb.torproject.org, could we use those? can unattended-upgrades o...The geoipdb we are using in polyanthum is pretty old, and depends on updates from debian stable (right now oldstable). There are more frequently updated packages for it in deb.torproject.org, could we use those? can unattended-upgrades or something be configured to update tor-geoipdb from deb.tpo?Debian 11 bullseye upgradeanarcatanarcathttps://gitlab.torproject.org/tpo/tpa/team/-/issues/40267bridgedb server having mail delivery problems2021-12-02T22:02:01Zanarcatbridgedb server having mail delivery problemsNagios is unhappy about polyanthum:
```
WARNING: postfix mailq is 161 (threshold w = 100)
```
When I look at the `mailq`, i see things like:
```
7397B100F84 59548 Sun May 23 13:00:47 info@REDACTED.example.com
...Nagios is unhappy about polyanthum:
```
WARNING: postfix mailq is 161 (threshold w = 100)
```
When I look at the `mailq`, i see things like:
```
7397B100F84 59548 Sun May 23 13:00:47 info@REDACTED.example.com
(temporary failure)
bridgedb@polyanthum.torproject.org
```
in the logs, those look like:
```
May 27 00:04:56 polyanthum/polyanthum postfix/local[15139]: 7397B100F84: to=<bridgedb@polyanthum.torproject.org>, orig_to=<bridges@bridges.torproject.org>, relay=local, delay=299049, delays=299048/0.38/0/0.14, dsn=4.3.0, status=deferred (temporary failure)
```
a correctly sent mail, instead, looks like this:
```
May 27 00:06:07 polyanthum/polyanthum postfix/local[15155]: 4005E10109E: to=<bridgedb@polyanthum.torproject.org>, orig_to=<bridges@bridges.torproject.org>, relay=local, delay=0.74, delays=0.02/0/0/0.72, dsn=2.0.0, status=sent (delivered to command: procmail -a "$EXTENSION")
```
which brings me to procmail (which we should really [abandon](https://lwn.net/Articles/416901/), IMHO).. its logs (in `~bridgedb/.procmail.log`) are not very helpful either:
```
0 (null)
bridges@bridgedb: 250 Recipient address accepted
procmail: Program failure (70) of "esmtp"
```
the `.procmailrc` hasn't changed since 2019, so i don't think this is a regressionin the procmail config itself... following the trace there, however, i see it pipes its message through [esmtp](http://esmtp.sourceforge.net/) (which, unfortunately, is kind of abandoned too) after doing some DKIM checks.
(this is out of scope for fixing the immediate problem, but, really, this kind of stuff should just be done by Postfix itself, which can be hooked into opendkim to check incoming DKIM signatures, and, obviously, deliver to another SMTP server...)
anyways. following the trail leaves me into the bridgedb daemon, and looking at its logfiles, the only trace i can find is...
```
00:20:48 DEBUG L376:server.validateTo() Validating SMTP 'RCPT TO:' email address...
```
so yeah, i'm not sure exactly what i'm supposed to do with this, but i guess i would flag it for someone...
/cc @cohosh maybe you know what to do with this? should i just ignore it?