$ systemctl --version
systemd 229
+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN
$ sudo systemctl show -p StartLimitInterval nginx.service
StartLimitInterval=10000000
$ sudo systemctl set-property nginx.service StartLimitInterval=0
Unknown assignment StartLimitInterval=0
James Mead
floehopper
floehopper
/ systemctl-set-property.md
Last active Feb 3, 2018
View systemctl-set-property.md
floehopper
/ remove-unused-fields-from-assets.md
Created Jan 24, 2018
View remove-unused-fields-from-assets.md
Rails console
irb> a = Asset.create!(file: File.open('README.md'), access_limited: true, organisation_slug: 'organisation-slug')
=> #<Asset _id: 5a68c81c3e489e7bb5baac3e, deleted_at(deleted_at): nil, created_at: 2018-01-24 17:53:32 UTC, updated_at: 2018-01-24 17:53:32 UTC, state: "unscanned", filename_history: [], uuid: "0b0d0cb0-c49f-4f47-b204-a991c8af9cbf", access_limited: true, organisation_slug: "organisation-slug", etag: "5a68c81c-2f81", last_modified: 2018-01-24 17:53:32 UTC, md5_hexdigest: "d463b46b2c42d1f043e56920a03de458", file: "README.md", _type: "Asset">
irb(main):003:0> a.access_limited?
=> true
irb(main):004:0> a.organisation_slug
=> "organisation-slug"
Last active Jan 24, 2018
View asset-manager-unpermitted-parameters.md
Create mainstream asset
$ echo `date` > tmp.txt
$ curl http://localhost:3000/assets --form "asset[file]=@tmp.txt" --form "asset[access_limited]=1" --form "asset[organisation_slug]=foo"
Rails log
Created Jan 23, 2018
Spike on unit testing Nginx config in govuk-puppet
View router__assets_origin_spec.rb
| puts subject.call.resources.detect { |r| r.type == 'Nginx::Config::Site' && r['name'] == 'assets-origin.dev.gov.uk' }['content'] |
floehopper
/ assets-origin-nginx.log
Last active Jan 23, 2018
Debugging X-Forwarded-Host for asset requests v2
View assets-origin-nginx.log
| 2018/01/23 16:17:58 [debug] 18102#0: *15 http header: "Host: assets-origin.dev.gov.uk" | |
| 2018/01/23 16:17:58 [debug] 18102#0: *15 http header: "Connection: keep-alive" | |
| 2018/01/23 16:17:58 [debug] 18102#0: *15 http header: "User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safar | |
| i/537.36" | |
| 2018/01/23 16:17:58 [debug] 18102#0: *15 http header: "Upgrade-Insecure-Requests: 1" | |
| 2018/01/23 16:17:58 [debug] 18102#0: *15 http header: "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8" | |
| 2018/01/23 16:17:58 [debug] 18102#0: *15 http header: "Accept-Encoding: gzip, deflate" | |
| 2018/01/23 16:17:58 [debug] 18102#0: *15 http header: "Accept-Language: en-GB,en-US;q=0.9,en;q=0.8" | |
| GET /media/5a67581d759b7424f4e81ba1/README.md?jm345 HTTP/1.0 |
floehopper
/ asset-manager-nginx.log
Last active Jan 23, 2018
Debugging X-Forwarded-Host for asset requests
View asset-manager-nginx.log
| 2018/01/23 16:11:22 [debug] 17761#0: *5 http header: "Host: asset-manager.dev.gov.uk" | |
| 2018/01/23 16:11:22 [debug] 17761#0: *5 http header: "X-Real-IP: 127.0.0.1" | |
| 2018/01/23 16:11:22 [debug] 17761#0: *5 http header: "X-Forwarded-Server: static.dev.gov.uk" | |
| 2018/01/23 16:11:22 [debug] 17761#0: *5 http header: "X-Forwarded-For: 127.0.0.1" | |
| 2018/01/23 16:11:22 [debug] 17761#0: *5 http header: "X-Forwarded-Host: static.dev.gov.uk" | |
| 2018/01/23 16:11:22 [debug] 17761#0: *5 http header: "Connection: close" | |
| 2018/01/23 16:11:22 [debug] 17761#0: *5 http header: "User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari | |
| /537.36" | |
| 2018/01/23 16:11:22 [debug] 17761#0: *5 http header: "Upgrade-Insecure-Requests: 1" | |
| 2018/01/23 16:11:22 [debug] 17761#0: *5 http header: "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8" |
floehopper
/ 2018-01-23-gds-updates.md
Last active Jan 23, 2018
View 2018-01-23-gds-updates.md
Achievements
- Migrated more non-attachment assets from Whitehall to Asset Manager
- Started serving the migrated Whitehall non-attachment assets from Asset Manager
Ongoing and next
- Continuing to migrate remaining non-attachment assets from Whitehall to Asset Manager and removing them from NFS
- Continuing to switch these Whitehall assets over to be served from Asset Manager
- Spiking on supporting attachment assets from Whitehall in Asset Manager (authorisation for drafts)
floehopper
/ whitehall-attachment-problem.md
Last active Jan 19, 2018
View whitehall-attachment-problem.md
Backend/Admin
jamesmead@ec2-integration-blue-whitehall_backend-ip-10-1-6-139:~$ curl -s -v "https://whitehall-admin.integration.govuk-internal.digital/government_data/file/672533/netLec7.pdf" >/dev/null
* Hostname was NOT found in DNS cache
* Trying 10.1.6.248...
* Connected to whitehall-admin.integration.govuk-internal.digital (10.1.6.248) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
Created Jan 16, 2018
View 2018-01-16-gds-updates.md
Achievements
- Deleted all Asset Manager assets from NFS - they are now stored on S3
- Started serving more of the migrated Whitehall assets from Asset Manager
- Fixed problem with migrating assets with non-ascii characters in filenames
- Improved performance of Whitehall-related actions in Asset Manager
- Helped diagnose problems with assets relating to the move of the integration environment to AWS
Ongoing and next
View GDS_SSO_STRATEGY.log
| vagrant@development:/var/apps/whitehall$ sudo sh -c "echo 'real' > /etc/govuk/whitehall/env.d/GDS_SSO_STRATEGY" | |
| vagrant@development:/var/apps/whitehall$ sudo cat /etc/govuk/whitehall/env.d/GDS_SSO_STRATEGY | |
| real |