It looks like 6 hours is too infrequent and is enough time for the
disk to fill up when we're busy. Instead, purge old snapshots every
2 hours, which looks like it should give us plenty of headroom with
our current usage pattern.
Change-Id: Ieb92d052e633e9326c41367442f036cc333c40f2
The mariadb container is overriding these and we can race ansible
setting them back to root and the mariadb container starting up
resulting in a sad database.
Change-Id: Ib88f6aec83e73baf95a660165d13839f7baeed3d
See I8d8ce5c62c660875d5c6eed54c686996576ec9df; mariadb containers
chown this to their internal user, we don't want to reset it.
Change-Id: If33a26438c6aa63d0ef0e02bdad6a643070be922
We are currently re-chowning the running db directories back to root,
causing havoc for the db. Drop the explicit permissions to avoid
this.
Change-Id: I8d8ce5c62c660875d5c6eed54c686996576ec9df
Gerrit 3.4 deprecates HTML-based plugins, so the old theme doesn't
work. I have reworked this into a javascript plugin.
This should look the same, although I've achieved things in different
ways.
This doesn't register light and dark variants; since
background-primary-color is white, by setting the
header-background-color to this we get white behind the header bar,
and it correctly switches to the default black(ish) when in dark mode
(currently its seems the header doesn't obey dark mode, so this is an
improvement).
I'm not sure what's going on with the extant header-border-image which
is a linear gradient all of the same color. I modified this down to
1px (same as default) and made it fade in-and-out of the logo colour,
just for fun.
Change-Id: Ia2e32731c1cfe97639de2ec0e7660c7ed583e045
We may see an archive with ".checkpoint" on the end, as described in
[1]; the short version is this that borg stamps this every 30 minutes
and may appear if a long backup is interrupted. Skip this when making
the list of archives to prune.
We noticed this on wiki-test; for clarity the list of archives looks
like
...
wiki-upgrade-test-filesystem-2021-02-16T02:56:09.checkpoint Tue, 2021-02-16 02:56:11 [c444a0765e5791f3f68f08624d1efd80bf8a3ebc96bb225f08e4013befa2b460]
wiki-upgrade-test-filesystem-2021-02-16T17:45:04 Tue, 2021-02-16 17:45:06 [b901b55ac3bf9abecba024caebad5ba7cd1a966e3f00b366f6cff45feba7bdff]
wiki-upgrade-test-mysql-2021-02-16T18:35:09 Tue, 2021-02-16 18:35:11 [1d38cd3b4b1b3927b543e4ccc6c794cd3a513a70979ff025bbf303e1fe5e490f]
wiki-upgrade-test-filesystem-2021-02-17T17:45:05 Wed, 2021-02-17 17:45:07 [f665e275c0014a21b82efaece5d36525a4ce6cb423253d5bd0b1323b230fa53a]
...
[1] https://borgbackup.readthedocs.io/en/stable/faq.html#if-a-backup-stops-mid-way-does-the-already-backed-up-data-stay-there
Change-Id: Ia33f46305ef8f541efb7c7150d4bb2e977b01d46
We previously set the limit to 70200M on a ~98GB filesystem.
Unfortunately we are able to jump from the ~70GB limit to a full
filesystem before htcachclean happens to run again. Reduce the limit to
60000M to give us more headroom and hopefully avoid filling the fs
between cache clean runs.
Change-Id: I8aa45eb0c396b54dbb3ec84e5ba8fd4ec7da9e27
Rather than restarting the whole scheduler group, just restart
zuul02, which is our only production scheduler. That will allow us
to boot zuul01 as a secondary scheduler and manually add/remove it
for testing.
Once we can reliably run two schedulers, we can revert this change.
Change-Id: I5518ea1d3a6a1d48460b0436d4d1eaf9d52b7ddb
Now that the SKS keyserver network is no more, and there's no
convenient way to share third-party key signatures, we need to
adjust our key management and rollover process accordingly.
Change-Id: I7008706aae06b6e4a16db2dd85a8c7f91530cd50
All the osf/ namespace Git repositories have moved into a new and
more appropriate openinfra/ namespace, so make the necessary
adjustments to RefStack's image build and operations document.
Change-Id: I01c8d153321a617fbc78c2d3c99102185b03243d
Depends-On: https://review.opendev.org/808479
Mostly just formatting and punctuation, plus some outdated bits.
Signed-off-by: Dr. Jens Harbott <harbott@osism.tech>
Change-Id: I641beb5d65f87173d50c74a4e1f0dba48d006231
This is followon to feedback for earlier docs updates. Basically we
should always log these restarts so make that more clear that it isn't
optional.
Change-Id: Ib0fa05b2075d6c82199e6e043724aeedaf04e49c
Zuul has changed has it stores secret keys and they are in zookeeper
now. This means our old docs on decrypting things are no longer correct.
Update them with a new set of instructions that matches the modern
setup.
Change-Id: I7484a8c02e005fadc41e22a4158b3dcb8434ec5d
