Releases: enterprisemediawiki/meza
Meza 31.9.0
Ansible 2.9 fix; Travis firewall fix
Commits since 31.8.4
- 4d18daa yaml syntax fix
- 63716a8 fix more flag syntax
- fe78845 fix deprecated ansible syntax, ref c06fa04
- 9dde2d8 Try Parsoid 0.10.0
- 121de9d Add --no-firewall deploy option
- 93b6087 Disable firewalld on travis tests
- 74a7697 Try manually restarting firewalld
- f9cc3a6 Travis saying Docker not running; perhaps start firewall after offline cmd
- 892fb1f With firewall-offline-cmd no --permanent option, prob because if offline none could be temp
- e1ced43 Possible solution to issue #1237 according to this forum:
- d1b17a9 Add a calendar interface to add and edit events using the Full…
- a555114 Add function to wait for Internet connection.
Contributors
- 11 James Montalvo
- 4 Daren Welsh
- 1 Vincent Brooks
- 1 XP1
Meza 31.8.4
Meza 31.8.3
Update to Extension:DataTransfer to fix "merging" into pages that have sub-templates
Commits since 31.8.2
- c5f4d32 Updating Data Transfer to fix import bug
- 1656785 (HEAD -> master, origin/master, origin/HEAD) Merge pull request #1225 from jamesmontalvo3/php-upload-size
- f655f6b Allow specifying PHP max upload size in config
- 62709f4 Merge pull request #1224 from jamesmontalvo3/mw-refspec
- 4628953 Allow specifying refspec in MW git repos
- 3021b20 Merge pull request #1223 from enterprisemediawiki/smw-3.0.2
- 53b8352 Bump SMW to 3.0.2
- f4440b5 Merge pull request #1217 from jamesmontalvo3/vagrant-fix2
- 2387b4a Check if apache group exists before setting as group for lock file; fixes #1216
- 72b843d Merge pull request #1215 from jamesmontalvo3/mw1.31.2
- 2a8c3d9 Bump MW to 1.31.2; remove pear/net_smtp from meza (part of MW now)
- 44a437c Merge pull request #1213 from jamesmontalvo3/skip-saml-cidr-take3
- 0eda7c9 Merge pull request #1214 from jamesmontalvo3/meza-ext-master
- a5af7c0 Make Extension:MezaExt track 'master' while TransferPages in development
- 5f8bbca Merge pull request #1185 from revansx/patch-1
- eb1cab6 Update MezaCoreExtensions.yml
- f71fe08 Update MezaCoreExtensions.yml
- ef09660 Cherry picks skip_saml CIDR notation support changes from 32.x
Contributors
- James Montalvo
- Kris Field
- Vincent Brooks
Meza 31.8.2
Multiple fixes in support of bad Composer issue, push-backups, etc
Commits since 31.8.1
- 6722cdc Make meza-ansible:apache own deploy lock file, not root
- 16833fd Remove commented out non-ansible-module composer tasks
- deca0bb Use ansible composer module again
- c7c510e Mount local meza on docker tests controller containers
- 0a9ca06 Add error handling to update.php (show errors)
- dc7c184 WIP
- b1a140e Try envoking composer directly
- 2a49a3f Trying deleting composer.lock before composer operations
- 8b96dc1 Add --no-dev to MW composer commands
- ddb9fe2 Add refreshLinks script that handles memory leaks
- fb66fa3 Allow specifying rules for what to gzip in backups-cleanup
- 8093118 Make update.php write to a log
- ea7e7f6 Fix bad owner/group on /opt/data-meza
- 94c79c1 Fix bad variable
- 93d5a0d Improve logic for how to grab SQL file from backup
- 25b8013 Make pushed backups in form *push.sql and use them first; more debug
Contributors
- James Montalvo
How to upgrade
sudo meza update 31.8.2
sudo meza deploy <insert-your-environment-name>Meza 31.8.1
Fix permissions for finicky servers; fix bad use of 'notify' tag on 'meza push-backup' command
Commits since 31.8.0
- 597a49f Ensure MediaWiki and WikiBlender ownership after all operations
- 8f14b8f Recursively apply owner/perms to simplesaml and mediawiki
- 2803905 Specify /opt/simplesamlphp owner/group/mode
- 80177f4 push-backup: Fix bad use of 'notify' tag; Add servers to exclude
Contributors
- 6 James Montalvo
How to upgrade
sudo meza update 31.8.1
sudo meza deploy <insert-your-environment-name>Meza 31.8.0.1
This release is inserted between 31.8.0 and 31.8.1 to resolve an issue with a particular server. This release adds one commit on top of 31.8.0: 8305911. This commit just fixes how meza push-backup works.
Meza 31.8.0
Standardize secret config permissions; dev-networking fix
Commits since 31.7.0
- 077e6bc Add lock_timeout to yum/package modules to fix Ansible 2.8 issue
- d6ddb60 Don't use 'meza' command for dev-networking
- 2ef8454 Secret directory 775 in getmeza.sh, too
- 8ba1353 file not directory
- ab1d9b1 Don't overwrite secrt files
- c64c41b Relax secret config directory mode; ensure good ownership
- 968c675 Make meza-ansible own temp_vars.json
- dd245ae Sync secret perms
Contributors
- James Montalvo
How to upgrade
sudo meza update 31.8.0
sudo meza deploy <insert-your-environment-name>Meza 31.7.0
Simplify push-backup settings and make cron configurable and with notification
Commits since 31.6.0
- 8b109a7 Simplify push_backup settings
- 8a3c059 Fix missing endif
- 170596c Make push-backup cron configurable add notification
Contributors
- James Montalvo
How to upgrade
sudo meza update 31.7.0
sudo meza deploy <insert-your-environment-name>Meza 31.6.0
No longer require encryption of secret.yml; prefer variable-level encryption; fix permissions for rsync-push
Commits since 31.5.0
- e70279c Don't print command for encrypt/decrypt (too much text)
- 63b86fa Add encrypt_string and decrypt_string meza commands
- 0c9555f Cleanup comments about encryption, remove secret.yml decryption from test case
- 3d88285 Remove auto-encrypting of secret.yml
- 419550a Add --no-perms to rsync-push
Contributors
- James Montalvo
How to upgrade
sudo meza update 31.6.0
sudo meza deploy <insert-your-environment-name>Meza 31.5.0
Major deploy and autodeploy improvements; Push backups to remote server; Security and general improvements; bug fixes
Commits since 31.4.0
Autodeploy on changes to secret config and use Ansible for autodeployer
Autodeployer has previously just tracked public config and the Meza application. Now it will check secret config, too. Additionally, autodeployer was rewritten in Ansible. Shell scripting got too cumbersome.
- 195cbea Fixes for autodeployer logic and misplaced variables
- 64896a5 Replace autodeployer scripts with Ansible
- 4dfb030 Belt and suspenders for ensuring deploy unlocks
- 006d5ed Reduce duplication in check-for-changes.sh
- 901f2b9 Make public config and Meza management by autodeployer optional
- 1dc9894 Use secret_config_repo to define secret config
- bce32d3 Autodeployer check for changes to secret config
Prevent simultaneous deploys and improve logging
Starting a deploy now creates a lock file. Other deploys cannot start until the locking deploy is complete. Additionally, all deploys automatically write to a log file and print to stdout. In the future this will be used to display deploy logs via the web interface.
- 60a680c Add wait() to capture return code
- e7b8ad3 Make sure deploy log directory exists
- 5009974 Always have ansible show colors
- a120ac3 Make meza_shell_exec use subprocess; optionally write to log file
- c5ef0e5 Add meza deploy-kill, deploy-log, deploy-tail functions
- 9438f7c Handle sigint; also better info in lock file
- a8f1aca Add 'meza deploy-(un)lock commands; Autodeployer use them to avoid conflicts
- dd60b91 Add meza subcommand to check if deploy underway
- 04e8ddb Prevent simultaneous deploys (#1157)
Make autodeployer configurable
In Meza 31.x prior to this release autodeployer, overwrite-deploys, and backups-cleanup had to be configured manually via crontab. 32.x has had the ability to configure these things in public/secret config for a while. This release pulls that functionality into 31.x.
- 220df48 Add autodeployer tag
- 87a4012 Make autodeployer, overwrite-deploy, and backups-cleanup configurable
- a5396d8 Fix location of backups-cleanup cron
- 28df042 Fix autodeployer crons
Push backups to an alternate server
Required if for security reasons dev/int servers cannot SSH into production to grab backups. Instead production can push backups directly to other servers. This was essentially possible before by making the other servers in the backup-servers group, but that (a) made it so production managed software configuration on the remote servers (as Meza does for all its server groups) and (b) it put file uploads in the /opt/data-meza/backups directory rather than in /opt/data-meza/uploads. So you'd have to do some symlink or have duplicated data. With pushed backups the production server (or whatever server is pushing) just needs to be setup so user meza-ansible can SSH into the server with a lesser-privileged account. The user must be in group apache and meza-backups.
- 6e54a86 Enable rsync push backups (#1166)
- 2784f81 Add option to recursively set perms on uploads dir; always run on overwrite
Security improvements
Steadily trying to reduce where root is required
- 36104ea Have meza-ansible do autodeployer git-fetch
- 2513a36 Set ownership of meza and config; fix role:init-controller-config
General improvements
- Vagrant improvements
- Add
pipandpip3
Fix issues with creating Docker images for testing
Rebuilding Docker images for testing is not required often. It really only needs to be done when major changes are made or when a very long time has passed between generating images and new images will make test jobs run faster. Since a long time had passed, certain things had been added to Meza that unexpectedly caused issues with Docker builds.
- 36f965f Reorder AND statement since initial_wikis_dir_check undefined in docker build
- e919123 Don't use services during docker image building
- 0795348 More docker skip tasks
Bug fixes
- 46f7ac6 Make net adapter select statement break on newlines
- 40e4388 Don't recreate meza-ansible if user already exists (Revert #965)
- a621460 Remove yum:PackageKit to remove error
- 0502a41 Ansible 2.8 fixes (#1162) (
ansible_distribution_versionno longer present andsynchronizemodule keeps getting harder to use) - 6789e7d Ansible Git module fails with /tmp mounted with noexec; set TMPDIR as workaround
- 3854c6c Make sure to use TMPDIR when doing Ansible Git operations
Contributors
- James Montalvo
How to upgrade
sudo meza update 31.5.0
sudo meza deploy <insert-your-environment-name>