Both tests commented that my vocabulary is on the level of “professional white-collar”. I did not cheat in either test by looking up words in Wikipedia or Wiktionary. I’m considering whether to try the French test, but kinda put of by knowing in advance that I will get a dismal result.
First off: I informed the users of the free social media instances about the upcoming upgrade and the downtime to be expected.
Make sure all the software are in their latest version
# apt update && apt upgrade
Made backups of /etc, /var/lib/dpkg, /var/lib/apt/extended_states/home/username, /var/www and the output of dpkg --get-selections "*" and stored them off-site. Additionally I took a snapshot of the system disk just in case the upgrade doesn’t go well then it is possible to revert to the pre-upgrade situation.
Next checked for non-Jessie software with
$ apt-forktracer | sort
It found some items from jessie-backports but nothing that is in use.
Checked for half-installed packages with
# dpkg --audit
Nothing of interest was found. Just one dummy package.
Check for packages on hold
# dpkg --get-selections | grep 'hold$'
None were found.
Edit the /etc/apt/sources.list
Now update the /etc/apt/sources.list changing each occurrence of ‘jessie’ with ‘stretch’. I did it with sed (Stream EDitor) but it is also possible to manually edit the file with your favourite editor.
# sed -i 's/jessie/stretch/g' /etc/apt/sources.list
Start session recording for later reference
Next start session recording with (replace step with a number. When needing to reboot then restart the session recording with an incremented number)
# script -t 2>~/upgrade-stretchstep.time -a ~/upgrade-stretchstep.script
If you have used the -t switch for script you can use the scriptreplay program to replay the whole session:
Notice that this will fail on the first run but succeed on the second one.
Once the –test finishes successfully you can switch to the production environment by deleting the /root/.acme.sh/*.domain.tld-directory (it contains the staging server’s information and will be regenerated with the production server’s info on next run)
rm -rf /root/.acme.sh/*.domain.tld
Now run the issuing command twice (it will fail on the first run) just changing –test to –force
That’s it. The acme.sh installation added a cronjob to run it daily and it will renew the certificate automatically when it is nearing the end of it’s validity period.
UPDATE 2018-07-16: If you need to use more than one API Key do as follows. This usually occurs when you are hosting sites for many different registrants.
Export the API key if this is the first time you are using that key. If you have already created certificates with this API key the acme.sh will read it from the config file from the file /root/.acme.sh/yourconfigdirectory/account.conf
We installed MariaDB instead of MySQL. They are binary compatible so you can choose one or the other and also interchange them afterwards. Add the database and database user of your wiki and grant all rights on the database to the database user.
Those are the mandatory components and next up are the beneficial components out of which we chose the following
Move required files and the database to new machine
If possible make sure that your Mediawiki is the latest version on the old server.
Next I packed and moved
The Mediawiki directory /var/www/mediawiki
The Mediawiki logs from /var/log/sites/mediawiki
site configuration from /etc/apache/sites-available
and expanded them into the right place on the new server.
A sane approach to the Mediawiki files ownership is as follows
First recursively make you the owner of all of the Mediawiki directory and its subdirectories and files with
sudo chown -R <username> /var/www/mediawiki
and then explicitly making the images/-directory, where Mediawiki stores its writables, to be posession of user www-data (www-data is the user that Apache and Mediawiki run as) by
sudo chown -R www-data /var/www/mediawiki/images
The TTL (Time To Live) of the domain at the DNS also naturally affects the length of the outage so modifying it to very short time such as 15 minutes way in advance of commencing the migration.
I temporarily modified the domain name of the Mediawiki (in /etc/apache2/sites-available and also LocalSettings.php) to a temporary subdomain to test that the Mediawiki is working on the new server before doing the DNS change of the production Mediawiki. After you have viewed that the wiki is working on the new server change the domains back to the “real” one.
Following these two practices are simple practical things to do that help to make the imminent outage of your service as short as possible.
Link the .conf files with symbolic links from /etc/apache2/sites-available to /etc/apache2/sites-enabled.
ln -s ../sites-available/example.com example.com
Enable mod_rewrite which is needed for the pretty URLs to work.
sudo a2enmod rewrite
Test your Apache2 configuration with
sudo apachectl configtest
and fix your config untill the configuration says ‘Syntax OK’
The last step is that we need to make the Apache2 reload its configuration which is accomplished with
sudo service apache2 reload
Now navigate to the temporary subdomain’s /wiki/-directory and you should see your wiki there.
Warning: The Mediawiki extensions may have dependencies that are not satisfied so also check that each extension works.
If using reCAPTCHA
Google’s reCAPTCHA stopped working (CAPTCHA shows up but when it is time to approve the human as a human I got an error message that reCAPTCHA “cannot contact server”.
This seemed to be solved by logging in to the CAPTCHA management page at Google and deleting the old keys and generating new keys and naturally changing the keys to the new ones at Mediawiki’s LocalSettings.php
Important: Enable outgoing email for Mediawiki
Now we need to put in place a way for the Mediawiki to send emails (very important).
My registrar Gandi.net provides a mailing system which enables the one to use $wgSMTP (set this in LocalSettings) to send outgoing mailing. They also have 5 mailboxes and 1000 forwards included for each domain for all registrants so I can confidently use …@consumerium.org addresses since Gandi.net is rock-solid operation with a very wide palette of TLD’s though maybe 20% higher prices than the price leader which is often buggy, slow and unreliable if they just compete with the “cheapest on planet”.
Other method to get email to go outwards is to install a MTA (Mail Transfer Agent) such as Sendmail, Postfix or Nullmailer and configure it to send the messages.
Whichever method you chose to enable email do check that it works!
Since the early 00’s it has become (nearly) impossible to determine in still or moving pictures what is an image of a human, imaged with a (movie) camera and what on the other hand is a simulation of an image of a human imaged with a simulation of a camera.
When there is no camera and the target being imaged with a simulation looks deceptively human it is a digital look-alike.
Now the equivalent thing is happening to our voices i.e. they can be stolen to some extent with the 2016 prototypes like Adobe Voco and DeepMind WaveNet and made to say anything. When it is not possible to determine with human testing what is a recording of a real voice and what is a simulation it is a digital sound-alike.
It is time to act and ban covert modeling.
In the cinemas we have seen digital look-alikes for over 10 years. These digital look-alikes have “clothing” (a simulation of clothing is not clothing) or “superhero costumes” and “superbaddie costumes”, but unfortunately organized criminal gangs with this weapons capability at their disposal are spreading naked digital look-alikes with unnatural “physical” interactions. These industrially produced delusions cause human suffering and societal suffering and the parts that can be outlawed should be outlawed for the protection of the citizens from the arbitrary disinformation attacks by criminal leagues.
Anecdotally we can say: “Do you think that was Hugo Weaving’s left cheekbone that Keanu Reeves punched in with his right fist?”
Brief look at laws that intersect with covert modeling concerns
Chapter 24 of the Finnish Criminal Code “on violating privacy, peace and honor” includes some laws that are touching the issue but unfortunately do not yield sufficient methods to stop crime.
§ 6 Covert watching
§ 7 Preparing for covert listening or watching
§ 8 Spreading information that violates right to private life
§ a 8 Aggravated spreading information that violates right to private life
§ 9 Defamation
§ 10 Aggravated defamation
Proposed law to ban covert modeling
§ 1 Covert modeling of appearance
Acquiring a 3D model and making a 7D bidirectional reflectance distribution function model¹ or similar but technically different model without consent i.e. covert modeling of appearance is illegal. Also possession, purchase, sale, yielding, import and export of covert models are punishable.
§ 2 Of using covert image likeness models
Animation and projection from the covert models defined in section 1 to still and animated 2D image or stereo-images² and making these available is forbidden³.
§ 3 Covert modeling of a human voice
Acquiring a model of human voice⁴ that deceptively resembles a human voice, possession, purchase, sale, yielding, import and export without the consent of the target is illegal.
§ 4 Of using covert voice models
Generating and making available audio material from a covert model of a human voice is illegal.
The seven dimensions of the bidirectional reflectance distribution function are as follows: 3 cartesian X,Y,Z and 2 for the entry angle and 2 for the exit angle of the light.
In movie lingo the so called “3D”. In reality it supposedly is only 2 pcs 2D planes in its dimension.
Those in posession of the end product should be encouraged to seek help and not criminalized.
When the world speaks of the beauty of beauty then ugliness is defined in the same.
When good is seen as good then evil is also immediately clear.
Thus being and unbeing both awaken each other; same as difficult and easy, distant and near, high and low, sounding and tinkling, head of the troop and the follower.
A wise one deals only with what is unprejudiced.
He teaches without using words; he works effortlessly, he produces without owning; he acts without seeking the fruits of labor; he finishes his tasks without borrowing; and as he does not claim anything to be his, it cannot be said that he would ever lose anything.
Own translation from 1925 Finnish translation by Pekka Ervast (ISBN 951-8995-01-X) with kind permission of Ruusu-Ristin Kirjallisuusseura ry.