roam/daily/2020-07-14.org

99 lines
4.6 KiB
Org Mode
Raw Normal View History

2021-09-01 20:57:39 +00:00
:PROPERTIES:
:ID: 94c0bb8c-f9ed-46cb-89da-3eb7cacc4c1d
:END:
#+title: 2020-07-14
* Tech Initiative Sync-Up
SCHEDULED: <2020-07-14 Tue 09:30>
** [[id:57ee2f00-9bcd-4e0f-8a77-ae1f2d4cda89][Control Panel]] Dockerization progress
Nearly done, just need to test and iron out issues sending legacy mail via the
[[id:24578fe5-6ca0-4000-a7cd-201e952e4c76][Mail Relay]] service.
** Migrating legacy emails to [[id:32c66bc8-a397-4f50-96cd-2aec70dd14c5][Corporate Notifications]]
Meghan will assist to label notifications as internal or external.
** Replace direct consul usage with templated configuration files
Tickets to be created.
** Sites deployment pipeline
The sites deployment will continue to be triggered exclusively by Jenkins, which will trigger the associated control-panel deployment in Gitlab.
** ICON support
Coordinating with Gavin.
** Ops initiatives
- [[id:ac416861-ce45-49ac-8b60-f8ea39362135][Migration to common RabbitMQ]]
- [[id:592aa825-154c-4659-8193-75b0ce1f2e5c][PGBouncer port migration]]
** COI Message Editor Preact to React
* Sites release
SCHEDULED: <2020-07-14 Tue 14:00>
- tags :: [[id:6c7250d0-6871-4030-98f2-2a53c6ca5eb3][Sites Releases]]
| Issue | Status | Summary |
|---------------+------------------+---------------------------------------------------------------------------|
| CC-5333 | Closed | UI For Adding/Customizing Landing Page Subdomains |
| CCPANEL-10555 | Awaiting Release | Add WPMU DEV to Partner Offers Pages (Both User and Public Partner pages) |
| CONV-3961 | Awaiting Release | Add package ID to AW.vars |
| CONV-3977 | Raw | Design improvements to /users/upgrade form |
| CONV-3978 | In Development | Add sift JS to /free.htm |
| CONV-3979 | Awaiting Release | Freemium account creations is sending bogus data to Sift.com. Fix that. |
Please review your tickets and ensure that only code related to Freemium that is
ready to release is in the sites master branch. The master branch will be tagged
and released at 2pm.
----------------------------------------------------------------------
Sites is scheduled to be released at 2:00pm today. If you have any changes that are not related to Freemium, please revert them if you haven't already.
- CC-5333
- CCPANEL-10555
- CONV-3961
- CONV-3977
- CONV-3978
- CONV-3979
----------------------------------------------------------------------
Released at [2020-07-14 Tue 14:11].
* CAPI pages
[2020-07-14 Tue 12:11]
A variety of alerts went off in [[id:ebea379a-8fa6-4e22-9275-a9fc98c02804][Pagerduty]], seemingly caused by work being done
on the old RabbitMQ nodes as part of the [[id:ac416861-ce45-49ac-8b60-f8ea39362135][Migration to common RabbitMQ]] project. A
rolling restart of [[id:e4d00c11-da8a-4c91-8f38-ce939846e5cb][CoreAPI]] successfully addressed the issues.
* Fixing mail-relay issues
Working with Ryan Steele and Eric Toner to resolve issues sending mail with the
[[id:24578fe5-6ca0-4000-a7cd-201e952e4c76][Mail Relay]] service.
The staging environment, [[id:e1b95d0e-366e-4ecf-b867-409b6b6c6ee8][Momentum]] will not send to aweber.com, only aweber.net.
Very few external domains are allowed to avoid accidentally emailing customers.
Mail seems to be working fine in production.
[2020-07-14 Tue 14:24] Working with Eric Toner and Chris Fox to test account
signup to verify that billing and invoice receipt emails are going out properly.
Documented steps for [[id:7a362881-875f-4f74-8053-55f63826da63][Refunding an Order]].
----------------------------------------------------------------------
We saw the emails succeeding, but not hitting the relay. It turned out the
X-Kube header wasn't actually being used. Getting that enabled led us to see the
NUE experience being broken.
* Compromised Account Credentials
Considering forcing password reset on next login based on login attempt
throttling by user / IP.
[2020-07-14 Tue 22:00]
Added a temporary logging change, determined that the attacker is using the same
SIFT id on all requests(=Al9h1qsyeZcUYlB6VPnE6736i-by7fG1=). Added it to the
blocked SIFT id list.
Proposed changes to the [[id:d17e934b-b340-4246-88f0-9b36527100c0][Login Throttling]] code that were hacked together tonight
include forcing password reset on next login when:
- 20 login attempts within 30 minutes for the same username
- 20 login attempts within 30 minutes from the same IP address
- Any login attempt from a GeoIP-detected IP address that does not match the
country of any attached account.