mark: A photo of Mark kneeling on top of the Taal Volcano in the Philippines. It was a long hike. (Default)
Mark Smith ([staff profile] mark) wrote in [site community profile] changelog2009-10-20 06:29 pm

[dw-ops] Update some config files in dw-ops repo so we have them Just In Case.

[commit: http://hg.dwscoalition.org/dw-ops/rev/fc8ad434eb48]

Update some config files in dw-ops repo so we have them Just In Case.

Patch by [staff profile] mark.

Files modified:
  • configs/mysql/dfw-db-a01.cnf
  • configs/mysql/dfw-db-a02.cnf
  • configs/mysql/dfw-db-b01.cnf
  • configs/mysql/dfw-db-b02.cnf
  • configs/mysql/dfw-db-c01.cnf
  • configs/mysql/dfw-db-c02.cnf
  • configs/mysql/dfw-db01.cnf
  • configs/mysql/dfw-db02.cnf
  • configs/mysql/sb-db01.cnf
  • configs/mysql/sb-db02.cnf
  • configs/postfix/dw/aliases
  • configs/postfix/dw/body_checks
  • configs/postfix/dw/header_checks
  • configs/postfix/dw/mysql.cf
  • configs/postfix/dw/virtual
  • configs/postfix/main.cf
  • puppet/modules/iptables/templates/spamhaus-drop.erb
--------------------------------------------------------------------------------
diff -r 482a589de207 -r fc8ad434eb48 configs/mysql/dfw-db-a01.cnf
--- a/configs/mysql/dfw-db-a01.cnf	Wed Sep 23 00:26:36 2009 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,21 +0,0 @@
-[mysqld]
-bind-address            = 10.176.71.86
-
-server-id               = 3
-log_bin                 = /var/lib/mysql-binlogs/dfw-db-a01-bin.log
-relay_log               = /var/lib/mysql/dfw-db-a01-relay-bin
-max_binlog_size         = 1G
-expire_logs_days        = 30
-
-log-slave-updates
-
-log_slow_queries        = /var/log/mysql/mysql-slow.log
-long_query_time         = 2
-#log-queries-not-using-indexes
-
-# general purpose tuning
-max_connections         = 1024
-table_cache             = 1024
-
-# innodb tuning
-innodb_buffer_pool_size = 1600M
diff -r 482a589de207 -r fc8ad434eb48 configs/mysql/dfw-db-a02.cnf
--- a/configs/mysql/dfw-db-a02.cnf	Wed Sep 23 00:26:36 2009 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,21 +0,0 @@
-[mysqld]
-bind-address            = 10.176.71.88
-
-server-id               = 4
-log_bin                 = /var/lib/mysql-binlogs/dfw-db-a02-bin.log
-relay_log               = /var/lib/mysql/dfw-db-a02-relay-bin
-max_binlog_size         = 1G
-expire_logs_days        = 30
-
-log-slave-updates
-
-log_slow_queries        = /var/log/mysql/mysql-slow.log
-long_query_time         = 2
-#log-queries-not-using-indexes
-
-# general purpose tuning
-max_connections         = 1024
-table_cache             = 1024
-
-# innodb tuning
-innodb_buffer_pool_size = 1600M
diff -r 482a589de207 -r fc8ad434eb48 configs/mysql/dfw-db-b01.cnf
--- a/configs/mysql/dfw-db-b01.cnf	Wed Sep 23 00:26:36 2009 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,21 +0,0 @@
-[mysqld]
-bind-address            = 10.176.71.89
-
-server-id               = 5
-log_bin                 = /var/lib/mysql-binlogs/dfw-db-b01-bin.log
-relay_log               = /var/lib/mysql/dfw-db-b01-relay-bin
-max_binlog_size         = 1G
-expire_logs_days        = 30
-
-log-slave-updates
-
-log_slow_queries        = /var/log/mysql/mysql-slow.log
-long_query_time         = 2
-#log-queries-not-using-indexes
-
-# general purpose tuning
-max_connections         = 1024
-table_cache             = 1024
-
-# innodb tuning
-innodb_buffer_pool_size = 1600M
diff -r 482a589de207 -r fc8ad434eb48 configs/mysql/dfw-db-b02.cnf
--- a/configs/mysql/dfw-db-b02.cnf	Wed Sep 23 00:26:36 2009 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,21 +0,0 @@
-[mysqld]
-bind-address            = 10.176.71.90
-
-server-id               = 6
-log_bin                 = /var/lib/mysql-binlogs/dfw-db-b02-bin.log
-relay_log               = /var/lib/mysql/dfw-db-b02-relay-bin
-max_binlog_size         = 1G
-expire_logs_days        = 30
-
-log-slave-updates
-
-log_slow_queries        = /var/log/mysql/mysql-slow.log
-long_query_time         = 2
-#log-queries-not-using-indexes
-
-# general purpose tuning
-max_connections         = 1024
-table_cache             = 1024
-
-# innodb tuning
-innodb_buffer_pool_size = 1600M
diff -r 482a589de207 -r fc8ad434eb48 configs/mysql/dfw-db-c01.cnf
--- a/configs/mysql/dfw-db-c01.cnf	Wed Sep 23 00:26:36 2009 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,21 +0,0 @@
-[mysqld]
-bind-address            = 10.176.74.51
-
-server-id               = 7
-log_bin                 = /var/lib/mysql-binlogs/dfw-db-c01-bin.log
-relay_log               = /var/lib/mysql/dfw-db-c01-relay-bin
-max_binlog_size         = 1G
-expire_logs_days        = 30
-
-log-slave-updates
-
-log_slow_queries        = /var/log/mysql/mysql-slow.log
-long_query_time         = 2
-#log-queries-not-using-indexes
-
-# general purpose tuning
-max_connections         = 1024
-table_cache             = 1024
-
-# innodb tuning
-innodb_buffer_pool_size = 1600M
diff -r 482a589de207 -r fc8ad434eb48 configs/mysql/dfw-db-c02.cnf
--- a/configs/mysql/dfw-db-c02.cnf	Wed Sep 23 00:26:36 2009 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,21 +0,0 @@
-[mysqld]
-bind-address            = 10.176.74.52
-
-server-id               = 8
-log_bin                 = /var/lib/mysql-binlogs/dfw-db-c02-bin.log
-relay_log               = /var/lib/mysql/dfw-db-c02-relay-bin
-max_binlog_size         = 1G
-expire_logs_days        = 30
-
-log-slave-updates
-
-log_slow_queries        = /var/log/mysql/mysql-slow.log
-long_query_time         = 2
-#log-queries-not-using-indexes
-
-# general purpose tuning
-max_connections         = 1024
-table_cache             = 1024
-
-# innodb tuning
-innodb_buffer_pool_size = 1600M
diff -r 482a589de207 -r fc8ad434eb48 configs/mysql/dfw-db01.cnf
--- a/configs/mysql/dfw-db01.cnf	Wed Sep 23 00:26:36 2009 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,22 +0,0 @@
-[mysqld]
-bind-address            = 10.176.64.134
-
-server-id               = 1
-log_bin                 = /var/lib/mysql-binlogs/dfw-db01-bin.log
-relay_log               = /var/lib/mysql/dfw-db01-relay-bin
-max_binlog_size         = 1G
-expire_logs_days        = 30
-
-log-slave-updates
-
-log_slow_queries        = /var/log/mysql/mysql-slow.log
-long_query_time         = 2
-#log-queries-not-using-indexes
-
-# general purpose tuning
-max_connections         = 1024
-table_cache             = 1024
-
-# innodb tuning
-innodb_buffer_pool_size = 3200M
-
diff -r 482a589de207 -r fc8ad434eb48 configs/mysql/dfw-db02.cnf
--- a/configs/mysql/dfw-db02.cnf	Wed Sep 23 00:26:36 2009 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,22 +0,0 @@
-[mysqld]
-bind-address            = 10.176.64.135
-
-server-id               = 3
-log_bin                 = /var/lib/mysql-binlogs/dfw-db02-bin.log
-relay_log               = /var/lib/mysql/dfw-db02-relay-bin
-max_binlog_size         = 1G
-expire_logs_days        = 30
-
-log-slave-updates
-
-log_slow_queries        = /var/log/mysql/mysql-slow.log
-long_query_time         = 2
-#log-queries-not-using-indexes
-
-# general purpose tuning
-max_connections         = 1024
-table_cache             = 1024
-
-# innodb tuning
-innodb_buffer_pool_size = 1600M
-
diff -r 482a589de207 -r fc8ad434eb48 configs/mysql/sb-db01.cnf
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/configs/mysql/sb-db01.cnf	Tue Oct 20 18:29:44 2009 +0000
@@ -0,0 +1,27 @@
+[mysqld]
+bind-address            = 172.20.6.169
+
+server-id               = 101
+log_bin                 = /var/lib/mysql-binlogs/sb-db01-bin.log
+relay_log               = /var/lib/mysql/sb-db01-relay-bin
+max_binlog_size         = 1G
+expire_logs_days        = 30
+
+# this is required for the master as we're going to be copying data from
+# the DFW databases, but we don't want to copy the MogileFS cloud as that
+# is not a db replicated cloud.
+replicate-ignore-db     = dw_mogile
+
+log-slave-updates
+
+log_slow_queries        = /var/log/mysql/mysql-slow.log
+long_query_time         = 2
+#log-queries-not-using-indexes
+
+# general purpose tuning
+max_connections         = 1024
+table_cache             = 1024
+query_cache_size        = 0
+
+# innodb tuning
+innodb_buffer_pool_size = 8000M
diff -r 482a589de207 -r fc8ad434eb48 configs/mysql/sb-db02.cnf
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/configs/mysql/sb-db02.cnf	Tue Oct 20 18:29:44 2009 +0000
@@ -0,0 +1,21 @@
+[mysqld]
+bind-address            = 172.20.6.175
+
+server-id               = 102
+log_bin                 = /var/lib/mysql-binlogs/sb-db02-bin.log
+relay_log               = /var/lib/mysql/sb-db02-relay-bin
+max_binlog_size         = 1G
+expire_logs_days        = 30
+
+log-slave-updates
+
+log_slow_queries        = /var/log/mysql/mysql-slow.log
+long_query_time         = 2
+#log-queries-not-using-indexes
+
+# general purpose tuning
+max_connections         = 1024
+table_cache             = 1024
+
+# innodb tuning
+innodb_buffer_pool_size = 8000M
diff -r 482a589de207 -r fc8ad434eb48 configs/postfix/dw/aliases
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/configs/postfix/dw/aliases	Tue Oct 20 18:29:44 2009 +0000
@@ -0,0 +1,14 @@
+# things we need to be good net citizens
+postmaster: mark@dreamwidth.org
+
+# things that aren't "real" and are discarded
+dw_null:    /dev/null
+
+# now things that we need to deliver to the dw user (aka, stuff in this list
+# foo@dreamwidth.org will get shoved into the database and processed)
+abuse:      dw
+accounts:   dw
+feedback:   dw
+support:    dw
+webmaster:  dw
+privacy:    dw
diff -r 482a589de207 -r fc8ad434eb48 configs/postfix/dw/body_checks
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/configs/postfix/dw/body_checks	Tue Oct 20 18:29:44 2009 +0000
@@ -0,0 +1,2 @@
+/to stop receiving our daily offers/i    DISCARD
+/intent of guaranteeing/i                DISCARD
diff -r 482a589de207 -r fc8ad434eb48 configs/postfix/dw/header_checks
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/configs/postfix/dw/header_checks	Tue Oct 20 18:29:44 2009 +0000
@@ -0,0 +1,1 @@
+/^Subject:.*Pfizer/i    DISCARD
diff -r 482a589de207 -r fc8ad434eb48 configs/postfix/dw/mysql.cf
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/configs/postfix/dw/mysql.cf	Tue Oct 20 18:29:44 2009 +0000
@@ -0,0 +1,5 @@
+user     = email
+password = email
+hosts    = 172.20.6.169
+dbname   = dw_global
+query    = SELECT rcpt FROM email_aliases WHERE alias = '%s@dreamwidth.org'
diff -r 482a589de207 -r fc8ad434eb48 configs/postfix/dw/virtual
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/configs/postfix/dw/virtual	Tue Oct 20 18:29:44 2009 +0000
@@ -0,0 +1,2 @@
+# everything goes to the dw user for injection
+@post.dreamwidth.org    dw
diff -r 482a589de207 -r fc8ad434eb48 configs/postfix/main.cf
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/configs/postfix/main.cf	Tue Oct 20 18:29:44 2009 +0000
@@ -0,0 +1,56 @@
+# See /usr/share/postfix/main.cf.dist for a commented, more complete version
+
+
+# Debian specific:  Specifying a file name will cause the first
+# line of that file to be used as the name.  The Debian default
+# is /etc/mailname.
+#myorigin = /etc/mailname
+
+smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
+biff = no
+
+# appending .domain is the MUA's job.
+append_dot_mydomain = no
+
+# Uncomment the next line to generate "delayed mail" warnings
+#delay_warning_time = 4h
+
+readme_directory = no
+
+# TLS parameters
+smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
+smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
+smtpd_use_tls=yes
+smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
+smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
+
+# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
+# information on enabling SSL in the smtp client.
+
+myhostname = sb-mail01
+myorigin = /etc/mailname
+relayhost = 
+mailbox_size_limit = 0
+recipient_delimiter = +
+inet_interfaces = all
+
+# dreamwidth configuration
+mydestination = dreamwidth.org
+mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 172.20.6.0/24
+
+# first, allow us to reject known spam.  obviously this is a manual process
+# adding to these files and it's suboptimal, but it's efficient and one way of
+# removing spam that hits the support boards.  would be nice to actually use
+# a real anti-spam system but that's not been setup yet.
+header_checks = pcre:/etc/postfix/dw/header_checks
+body_checks = pcre:/etc/postfix/dw/body_checks
+
+# post by email gets a virtual setup
+virtual_alias_domains = post.dreamwidth.org
+virtual_alias_maps = hash:/etc/postfix/dw/virtual
+
+# map alias configuration, default to check local first
+alias_maps = hash:/etc/postfix/dw/aliases, mysql:/etc/postfix/dw/mysql.cf
+
+# configure local mail to go through injector
+mailbox_command = env LJHOME=/home/dw/current /usr/bin/perl -I/home/dw/current/cgi-bin /home/dw/current/bin/incoming-mail-inject.pl
diff -r 482a589de207 -r fc8ad434eb48 puppet/modules/iptables/templates/spamhaus-drop.erb
--- a/puppet/modules/iptables/templates/spamhaus-drop.erb	Wed Sep 23 00:26:36 2009 +0000
+++ b/puppet/modules/iptables/templates/spamhaus-drop.erb	Tue Oct 20 18:29:44 2009 +0000
@@ -13,7 +13,10 @@ 138.252.0.0/16
 138.252.0.0/16
 138.43.0.0/16
 139.167.0.0/16
+140.170.0.0/16
 143.49.0.0/16
+148.178.0.0/16
+150.141.0.0/16
 150.230.0.0/16
 152.147.0.0/16
 167.28.0.0/16
@@ -34,12 +37,12 @@ 193.138.172.0/22
 193.138.172.0/22
 193.142.244.0/24
 193.16.100.0/24
-193.169.12.0/23
 193.19.120.0/23
 193.238.36.0/22
 194.110.160.0/22
 194.116.146.0/23
 194.126.193.0/24
+194.143.130.0/23
 194.146.204.0/22
 194.165.4.0/23
 195.114.8.0/23
@@ -49,6 +52,7 @@ 195.74.88.0/23
 195.74.88.0/23
 195.88.32.0/23
 195.88.80.0/23
+195.95.151.0/24
 195.95.161.0/24
 196.1.176.0/20
 196.32.216.0/21
@@ -68,7 +72,6 @@ 203.19.101.0/24
 203.19.101.0/24
 203.31.88.0/23
 203.34.205.0/24
-203.34.37.0/24
 203.34.70.0/23
 203.34.71.0/24
 204.13.32.0/21
@@ -84,18 +87,15 @@ 206.197.177.0/24
 206.197.177.0/24
 206.197.28.0/24
 206.197.29.0/24
-207.166.112.0/20
 208.77.224.0/21
 208.81.136.0/21
 208.82.136.0/21
 208.84.96.0/21
 208.87.152.0/21
-208.93.152.0/22
 209.145.192.0/18
 209.165.224.0/20
 209.213.48.0/20
 213.181.80.0/20
-216.21.8.0/22
 216.243.240.0/20
 41.221.112.0/20
 58.83.12.0/22
@@ -103,7 +103,6 @@ 62.122.32.0/21
 62.122.32.0/21
 64.28.176.0/20
 66.206.32.0/22
-66.55.160.0/19
 67.210.0.0/20
 67.213.128.0/20
 69.8.176.0/20
@@ -114,7 +113,7 @@ 78.155.220.0/23
 78.155.220.0/23
 78.157.128.0/19
 79.110.160.0/20
-79.135.160.0/19
+79.110.176.0/20
 81.29.240.0/20
 85.255.112.0/20
 86.105.230.0/24
@@ -123,9 +122,9 @@ 91.196.232.0/22
 91.196.232.0/22
 91.199.112.0/24
 91.203.92.0/22
+91.207.116.0/23
 91.208.0.0/24
 91.208.162.0/24
-91.208.228.0/24
 91.209.14.0/24
 91.209.184.0/24
 91.209.186.0/24
@@ -137,8 +136,9 @@ 91.212.45.0/24
 91.212.45.0/24
 91.212.65.0/24
 91.213.126.0/24
+91.213.29.0/24
 91.213.33.0/24
-91.214.44.0/22
+93.113.27.0/24
 93.118.128.0/18
 93.188.160.0/21
 94.154.0.0/18
@@ -147,4 +147,5 @@ 94.247.0.0/21
 94.247.0.0/21
 95.129.144.0/23
 95.129.146.0/24
+95.215.192.0/22
 95.215.76.0/22
--------------------------------------------------------------------------------

Post a comment in response:

This account has disabled anonymous posting.
If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting

If you are unable to use this captcha for any reason, please contact us by email at support@dreamwidth.org