Network Infrastructure

What Where Access type Who comments
Redmine instance OSUOSL Redmine administrator Only the following people have access to it:
* Paul Kocialkowski
* Wolfgang Wiedmeyer
* GNUtoo
* Joonas Kylmälä
* Fil-Bergamo
* dllud
* Grim Kriegor
* OSUOSL system administrators
We are running version 4.0.4 and it was updated on August 15, 2019. Since we only have one project, OSUOSL put in a redirect from the main page of our redmine instance to /project/replicant
Mailing list Mailing list administrator Several Replicant contributors including:
* Paul Kocialkowski
* GNUtoo
* Add your name here if you have access and want to be mentioned
Wordpress instance Wordpress administator Several Replicant contributors including:
* Paul Kocialkowski
* GNUtoo
* Add your name here if you have access and want to be mentioned
This instance is auto-updated automatically with the help of a plugin.
Releases SSH Only the following people have access to it:
* Paul Kocialkowski
* Wolfgang Wiedmeyer
* GNUtoo
* Joonas Kylmälä
We should not use too much space
The replicant.us (mostly-static) front website None: There is an automatic hook managed by OSUOSL * Source code
* Patches are to be sent to the Replicant mailing list
* There is a jenkins hook with a token to pull and deploy the website source code
A virtual machine hosted by the FSF that handles:
* Replicant Source code
FSF SSH root access Only the following people or machines have access to it
* Paul Kocialkowski
* Joonas Kylmälä
* GNUtoo
* Several FSF system administrators
* FSF backup server
* FSF ansible deployment server
Resources kindly offered by the FSF
The git configuration has some documentation
Before handling SSH (root) access to this machine:
* Make sure that the person really needs it
* Make sure that the person already contributed to Replicant
* Ask one other person that has SSH access and/or the SteeringCommittee to also agree on it
Private contact address This is handled by Paul Kocialkowski's mail servers:
* armstrong.paulk.fr
* gagarine.paulk.fr
SSH, physical access Paul Kocialkowski only (it's his machines) The contact address is redirected to several Replicant contributors including:
* Paul Kocialkowski
* GNUtoo
* David "dllud" Ludovino
* Ricardo "Grim" Cabrita
* Add your name here if you receive mail from this address and want to be mentioned
IRC channel Freenode Channel operator(s) Several Replicant contributors including:
* GNUtoo
* Paul Kocialkowski
* Kurtis Hanna
* Add your name here if you have access and want to be mentioned
MODE #Replicant +qe $~a *!*@gateway/web/* and MODE #Replicant +qe $~a *!*@gateway/shell/matrix.org/* have been applied. Unless one connects via a web based irc client or via the Matrix.org IRC bridge one will need to register one's nick with Freenode in order to speak
The replicant.us domain name gandi.net * Web inteface through gandi website
* The DNS entries are configured to use gandi's DNS server
The following people or machines have access to it:
* Bradley Kuhn (administrative contact): Can do everything (including designing the technical contact or transferring the domain)
* GNUtoo (technical contact): can do DNS zone changes
* Other people? Paul Kocialkowski?
The replicant.us TLS certificate Let's Encrypt Access probably by controlling the respective domain name * https://www.replicant.us: OSUOSL
* https://blog.replicant.us: OSUOSL
* https://redmine.replicant.us: OSUOSL
* https://git.replicant.us: ?
History: CA-cert -> GlobalSign -> LetsEncrypt

OSUOSL

The OSUOSL is the Oregon State University Open Source Lab.

Contact:

Virtual machine in FSF's office

Contact:

Virtual machine specifications

The virtual machine runs on top of Xen and has: Software:

Virtual machine backup policies

The virtual machine is backed up daily. The backup procedure excludes the following path at the time of writing:

/dev
/proc
/tmp
/sys
/run
/mnt
/mnt0
/mnt1
/mnt2
/mnt3
/mnt4
/mnt5
/mnt6
/mnt7
/mnt8
/mnt9
/floppy/
/cdrom/
/media/
/net/
/var/spool/squid/
/var/spool/squid3/
/var/spool/squid3_bak/
/var/spool/squid-tbd/
/var/spool/squid*/
/var/spool/django/
/var/spool/exim/
/var/cache/
/srv/chroot/
/t
/srv/to-tape
/var/lib/ceph/osd/
/var/lib/apt/lists/
/var/cache/apt/

git hosting infrastructure on this machine

The source code is in /srv/git/git-data/repositories and is divided in several groups:
function software documentation comments
authorization gitolite UpstrreamSourceCodeMirrors
read access * git:// -> git daemon
* ssh:// -> ssh daemon
* https:// -> ? (TODO: document the software/configuration)
web cgit Cgit

Gandi

Freenode

GDPR

TODO:

Funding and legal entity

See the SteeringCommittee for more details.

Legal advise

Contact John Sullivan at the FSF.

Note that John Sullivan is not a lawyer but the FSF has lawyers.