Network Infrastructure

What Where Access type Who Comments
Redmine instance OSUOSL Redmine manager * Paul Kocialkowski
* Wolfgang Wiedmeyer
* GNUtoo
* Joonas Kylmälä
* Fil Bergamo
* Kurtis Hanna
* dl lud
* Grim Kriegor
* OSUOSL system administrators
Since we only have one project, OSUOSL put in a redirect from the main page of our Redmine instance to /project/replicant
OSUOSL keeps 2 weeks worth of backups for restoration purposes.
Mailing list Mailing list administrator * Paul Kocialkowski
* Wolfgang Wiedmeyer
* GNUtoo
* Kurtis Hanna
* dl lud
* OSUOSL system administrators
OSUOSL keeps 2 weeks worth of backups for restoration purposes.
Wordpress instance Wordpress administator * Paul Kocialkowski
* Wolfgang Wiedmeyer
* GNUtoo
* Joonas Kylmälä
* Fil Bergamo
* Kurtis Hanna
* dl lud
* OSUOSL system administrators
* Add your name here if you have access and want to be mentioned
This instance is auto-updated automatically with the help of a plugin.
Releases SSH * Paul Kocialkowski
* Wolfgang Wiedmeyer
* GNUtoo
* Joonas Kylmälä
* OSUOSL system administrators
We should not use too much space.
The replicant.us (mostly-static) front website None: there is an automatic hook managed by OSUOSL. * Source code
* Patches should be sent to the Replicant mailing list.
* There is a jenkins hook with a token to pull and deploy the website source code.
Replicant Source code Virtual machine at FSF SSH root access * Paul Kocialkowski
* GNUtoo
* Joonas Kylmälä
* Several FSF system administrators
* FSF backup server
* FSF Ansible deployment server
Resources kindly offered by the FSF.
The git configuration has some documentation.
Before handling SSH (root) access to this machine:
* Make sure that the person really needs it.
* Make sure that the person already contributed to Replicant.
* Ask one other person that has SSH access and/or the SteeringCommittee to also agree on it.
Private contact address IMAP access * GNUtoo
* Joonas Kylmälä
* Fil Bergamo
* Kurtis Hanna
* dl lud
* Grim Kriegor
You can write to the contact address (all the members of SteeringCommittee receive it) if for some reasons you need to receive it as well.
#replicant IRC channel Freenode Channel operator * Paul Kocialkowski
* GNUtoo
Temporary, op must be given through ChanServ:
* Joonas Kylmälä
* Kurtis Hanna
* dl lud
Quiet mode for unregistered users is disabled for the time being. If SPAM comes back use: /mode #replicant +qe $~a *!*@gateway/web/* and /mode #replicant +qe $~a *!*@gateway/shell/matrix.org/* to re-apply it. These commands whitelist users coming through web based IRC clients and via the Matrix.org IRC bridge.
OFTC Channel operator * Kurtis Hanna
* Jeremy Rand
Bridged with the Freenode channel through the NCBridge bot operated by Jeremy Rand
The replicant.us domain name gandi.net * Web inteface through gandi website
* The DNS entries are configured to use gandi's DNS server
* Bradley Kuhn (administrative contact): Can do everything (including designating the technical contact or transferring the domain)
* GNUtoo (technical contact): can do DNS zone changes
* Other people? Paul Kocialkowski?
The replicant.us TLS certificate Let's Encrypt Access probably by controlling the respective domain name * https://www.replicant.us: OSUOSL
* https://blog.replicant.us: OSUOSL
* https://redmine.replicant.us: OSUOSL
* https://git.replicant.us: ?
History: CA-cert -> GlobalSign -> LetsEncrypt

OSUOSL

The OSUOSL is the Oregon State University Open Source Lab.

Contact:

Virtual machine in FSF's infrastructure

Contact:

Virtual machine specifications

The virtual machine runs on top of Xen and has: Software:

Virtual machine backup policies

The virtual machine is backed up daily. The backup procedure excludes the following path at the time of writing:

/dev
/proc
/tmp
/sys
/run
/mnt
/mnt0
/mnt1
/mnt2
/mnt3
/mnt4
/mnt5
/mnt6
/mnt7
/mnt8
/mnt9
/floppy/
/cdrom/
/media/
/net/
/var/spool/squid/
/var/spool/squid3/
/var/spool/squid3_bak/
/var/spool/squid-tbd/
/var/spool/squid*/
/var/spool/django/
/var/spool/exim/
/var/cache/
/srv/chroot/
/t
/srv/to-tape
/var/lib/ceph/osd/
/var/lib/apt/lists/
/var/cache/apt/

git hosting infrastructure on this machine

The source code is in /srv/git/git-data/repositories and is divided in several groups:
function software documentation comments
authorization gitolite UpstrreamSourceCodeMirrors
read access * git:// -> git daemon
* ssh:// -> ssh daemon
* https:// -> ? (TODO: document the software/configuration)
web cgit Cgit

Gandi

Freenode

GDPR

TODO:

Funding and legal entity

See the SteeringCommittee for more details.

Legal advise

Contact John Sullivan at the FSF.

Note that John Sullivan is not a lawyer but the FSF has lawyers.

Documentation

The replicant-infrastructure redmine project has a wiki with more documentation in it.