[2021-02-14 15:53:00 UTC: UPDATE added need to check apache log before doing a slash -restart]
We seem to have experienced some difficulties with the SoylentNews site.
I've noticed that both the number of hits and comments for each story do not seem to be updating.
Corrective measures taken:
This is my personal "bounce" script:
cat ~/bin/bounce#!/bin/bash
servers='hydrogen fluorine'
for server in ${servers} ; do echo Accessing: ${server} && rsh ${server} /home/bob/bin/bounce ; doneWhich, in turn, runs the following script on each of the above servers:
cat /home/bob/bin/bounce
#!/bin/bash
sudo /etc/init.d/varnish restart
sudo -u slash /srv/soylentnews.org/apache/bin/apachectl -k restart
# Go to the appropriate server:
ssh fluorine
# Ensure the apache log is not showing issues: tail -f /srv/soylentnews.org/apache/logs/error_log
# Restart slash:
sudo /etc/init.d/slash restart
>> slashd slash has no PID file
>> Sleeping 10 seconds in a probably futile attempt to be clean: ok.
>> Starting slashd slash: ok PID = 3274
NB: this failed to run to a successful conclusion when I originally tried it a few hour ago. I gave it one more try while writing this story... it seemed to run okay this time?!
Things appears to be running okay, now. Please reply in the comments if anything else is amiss. Alternatively, mention it in the #dev channel on IRC (Internet Relay Chat, or send an email to admin (at) soylentnews (dot) org.
We now return you to the ongoing discussion of: teco or ed?
(Score: 3, Insightful) by The Mighty Buzzard on Sunday February 14 2021, @03:02PM (1 child)
Nod nod, we don't give slash sudo perms so we don't have to worry as much about it being an attack vector that could compromise the entire server. Not that it'd be terribly easy anyway being as the web frontends are behind an nginx reverse proxy that we're using as a load balancer. But any bit of extra security that doesn't slow stuff down or take too much effort is worth doing.
My rights don't end where your fear begins.
(Score: 0) by Anonymous Coward on Sunday February 14 2021, @09:49PM
Just one reverse proxy? Why not a double reverse?