in Tech

tagged letsencrypt

Lets Encrypt first impressions

Today I spent two hours setting up an SSL certificate with Lets Encrypt for the wikiconferenceusa.org website.

It. Was. Easy. It was relatively straightforward, and I felt comfortable with all the steps I went through.

First, I cloned the git repository, and ran the letsencrypt-auto script, which installed the necessary dependencies and started setting up our account and fetching the SSL certificates. At this point it complained that we had a service running on port 80 (varnish) and that we had to stop it temporarily for the process to continue. That wasn't really ideal as it would have caused downtime. After asking in #letsencrypt on freenode, I was pointed to the --webroot-path option, which worked, and required no downtime!

At that point, the certificates were saved in /etc/letsencrypt/ and ready for usage. Since we already had a different certificate for wikimediadc.org, we had to set up SNI, which also was pretty straightforward. Except I made a typo and spent 30-45 minutes randomly debugging until I noticed it, and then everything worked!

In conclusion, it was really easy. I've signed up legoktm.com for their beta, hopefully it is approved soon, so you'll be able to read this over HTTPS :-)

in MediaWiki

tagged mediawiki, monitoring

Introducing mwmon

Ocassionally some of the MediaWiki wikis I help maintain would go down, usually due to heavy traffic or a DoS of some kind. Sometimes Apache would be overloaded, or even MySQL being hammered (I'm looking at you DPL).

When this was happening around WikiConference USA time to that wiki, I wrote a quick Python script that would text me whenever it went down.

I've now generalized that script to be more easily configurable, and support an arbitrary number of wikis, named mwmon, which now features a basic web frontend.

For each wiki, it checks that the home page, Special:BlankPage, and the API are responding. Ideally the home page check will test the cache, BlankPage will hit MediaWiki directly, and the API is used to get the version that is installed.

Notifications are delivered over email, which I have configured to use AT&T's email to text gateway (@txt.att.net), so it'll go to my phone.

in Music

tagged music

Attention K-Mart Shoppers

This is not my typical music post. Yesterday I had the pleasure of visiting the Internet Archive (more on that in a future post), and they mentioned a collection called "Attention K-Mart Shoppers", which is just tapes they played over and over at K-Mart. And for some reason, people enjoy listening to it!

I spent my morning today listening to it. It was really soothing and relaxing. The ads for random TV shows and store announcements were amusing, but didn't really interrupt what I was doing.

Definitely worth listening to.