Project

General

Profile

NetworkInfrastructure » History » Version 96

Denis 'GNUtoo' Carikli, 03/12/2019 04:52 PM

1 1 Denis 'GNUtoo' Carikli
h1. NetworkInfrastructure
2
3 16 Denis 'GNUtoo' Carikli
|_. What |_. Where |_. Access type | Who | comments |
4 25 Denis 'GNUtoo' Carikli
| "Redmine instance":https://redmine.replicant.us | OSUOSL  | Redmine administrator | Several Replicant contributors including:
5 37 Denis 'GNUtoo' Carikli
* [[People#Paul-Kocialkowski|Paul Kocialkowski]]
6 38 Denis 'GNUtoo' Carikli
* [[People#Denis-GNUtoo-Carikli|GNUtoo]]
7 57 Joonas Kylmälä
* Joonas Kylmälä
8 1 Denis 'GNUtoo' Carikli
* Add your name here if you have access and want to be mentioned | |
9 92 Denis 'GNUtoo' Carikli
| "Mailing list":https://lists.osuosl.org/mailman/listinfo/replicant | OSUOSL | Mailing list administrator | Several Replicant contributors including:
10 41 Denis 'GNUtoo' Carikli
* [[People#Paul-Kocialkowski|Paul Kocialkowski]]
11 60 Denis 'GNUtoo' Carikli
* [[People#Denis-GNUtoo-Carikli|GNUtoo]]
12 87 Denis 'GNUtoo' Carikli
* Add your name here if you have access and want to be mentioned  | |
13 1 Denis 'GNUtoo' Carikli
| "Wordpress instance":https://blog.replicant.us/ | OSUOSL | Wordpress administator | Several Replicant contributors including:
14 37 Denis 'GNUtoo' Carikli
* [[People#Paul-Kocialkowski|Paul Kocialkowski]]
15 38 Denis 'GNUtoo' Carikli
* [[People#Denis-GNUtoo-Carikli|GNUtoo]]
16 1 Denis 'GNUtoo' Carikli
* Add your name here if you have access and want to be mentioned | This instance is auto-updated automatically with the help of a plugin. |
17 37 Denis 'GNUtoo' Carikli
| "Releases":https://ftp-osl.osuosl.org/pub/replicant/ | OSUOSL | SSH?/SFTP | Several Replicant contributors:
18
* [[People#Paul-Kocialkowski|Paul Kocialkowski]]
19 61 Denis 'GNUtoo' Carikli
* [[People#Denis-GNUtoo-Carikli|GNUtoo]]
20 37 Denis 'GNUtoo' Carikli
* Add your name here if you have access and want to be mentioned | We should not use too much space |
21 96 Denis 'GNUtoo' Carikli
| A virtual machine hosted by the FSF that handles:
22
* "Replicant Source code":https://git.replicant.us/ | FSF | SSH in a vm in a server that is at the FSF office | Only the following people or machines have access to it
23 37 Denis 'GNUtoo' Carikli
* [[People#Paul-Kocialkowski|Paul Kocialkowski]]
24 57 Joonas Kylmälä
* Joonas Kylmälä
25 1 Denis 'GNUtoo' Carikli
* [[People#Denis-GNUtoo-Carikli|GNUtoo]]
26 64 Denis 'GNUtoo' Carikli
* Several FSF system administrators
27 96 Denis 'GNUtoo' Carikli
* FSF backup server | Resources kindly offered by the FSF |
28 52 Denis 'GNUtoo' Carikli
| [[PrivateContact|Private contact address]] | This is handled by [[People#Paul-Kocialkowski|Paul Kocialkowski]]'s mail servers:
29 53 Denis 'GNUtoo' Carikli
* armstrong.paulk.fr
30 52 Denis 'GNUtoo' Carikli
* gagarine.paulk.fr | SSH, physical access | [[People#Paul-Kocialkowski|Paul Kocialkowski]] only (it's his machines) | The contact address is redirected to several Replicant contributors including:
31 42 Denis 'GNUtoo' Carikli
* [[People#Paul-Kocialkowski|Paul Kocialkowski]]
32 38 Denis 'GNUtoo' Carikli
* [[People#Denis-GNUtoo-Carikli|GNUtoo]]
33 1 Denis 'GNUtoo' Carikli
* Add your name here if you receive mail from this address and want to be mentioned |
34 33 Denis 'GNUtoo' Carikli
| IRC channel | Freenode | Channel operator(s) | Several Replicant contributors including:
35 38 Denis 'GNUtoo' Carikli
* [[People#Denis-GNUtoo-Carikli|GNUtoo]]
36 37 Denis 'GNUtoo' Carikli
* [[People#Paul-Kocialkowski|Paul Kocialkowski]]
37 58 Kurtis Hanna
* [[People#Kurtis-Hanna|Kurtis Hanna]]
38 88 Denis 'GNUtoo' Carikli
* Add your name here if you have access and want to be mentioned | @MODE #Replicant +qe $~a *!*@gateway/web/*@ and @MODE #Replicant +qe $~a *!*@gateway/shell/matrix.org/*@ have been applied. Unless one connects via a web based irc client or via the Matrix.org IRC bridge one will need to register one's nick with Freenode in order to speak |
39 43 Denis 'GNUtoo' Carikli
| The replicant.us (mostly-static) front website | OSUOSL (hook) + FSF for the source code | * See the source code hosting line above.
40
* Probably none for the hook | See the source code hosting line above. | * "Source code":https://git.replicant.us/replicant/website/
41
* Patches are to be sent to the Replicant mailing list
42
* There is a jenkins hook with a token to pull and deploy the website source code |
43 45 Denis 'GNUtoo' Carikli
| The replicant.us domain name | gandi.net | * Web inteface through gandi website
44
* The DNS entries are configured to use gandi's DNS server | Several Replicant contributors including:
45 91 Denis 'GNUtoo' Carikli
* [[People#Denis-GNUtoo-Carikli|GNUtoo]]
46
* [[People#Bradley-M-Kuhn|Bradley Kuhn]]
47 44 Denis 'GNUtoo' Carikli
* [[People#Paul-Kocialkowski|Paul Kocialkowski]]
48
* Add your name here if you have access and want to be mentioned  | |
49 32 Denis 'GNUtoo' Carikli
| The replicant.us TLS certificate | Let's Encrypt | Access probably by controlling the respective domain name | * https://www.replicant.us: OSUOSL
50 29 Denis 'GNUtoo' Carikli
* https://blog.replicant.us: OSUOSL
51
* https://redmine.replicant.us: OSUOSL
52 30 Denis 'GNUtoo' Carikli
* https://git.replicant.us: ? | History: CA-cert -> GlobalSign -> LetsEncrypt |
53 16 Denis 'GNUtoo' Carikli
54 13 Denis 'GNUtoo' Carikli
h2. OSUOSL
55 7 Denis 'GNUtoo' Carikli
56 16 Denis 'GNUtoo' Carikli
The OSUOSL is the Oregon State University Open Source Lab.
57 19 Denis 'GNUtoo' Carikli
58 56 Denis 'GNUtoo' Carikli
Contact:
59
* They can be contacted on #osuosl on the Freenode IRC network
60 92 Denis 'GNUtoo' Carikli
* They also have a 'support' mail address at osuosl.org
61 56 Denis 'GNUtoo' Carikli
62 66 Denis 'GNUtoo' Carikli
h2. Virtual machine in FSF's office
63 1 Denis 'GNUtoo' Carikli
64
* The virtual machine is hosted in a server that is in their office.
65
* Several FSF network administrator also have access to the virtual machine
66 66 Denis 'GNUtoo' Carikli
67 75 Denis 'GNUtoo' Carikli
Contact:
68 76 Denis 'GNUtoo' Carikli
* The 'sysadmin' mail address at gnu.org
69
* The FSF system administrators can also be contacted on #fsfsys on the Freenode IRC network for more urgent matters
70 75 Denis 'GNUtoo' Carikli
71 66 Denis 'GNUtoo' Carikli
h3. Virtual machine specifications
72 67 Denis 'GNUtoo' Carikli
73 69 Denis 'GNUtoo' Carikli
The virtual machine runs on top of Xen and has:
74 66 Denis 'GNUtoo' Carikli
* About 3G of RAM
75
* 1 virtual core
76
* a 10G rootfs partition
77
* a 100G storage partition for Replicant git repositories
78 1 Denis 'GNUtoo' Carikli
* One IPv4 and one IPv6
79 69 Denis 'GNUtoo' Carikli
80
Software:
81 93 Denis 'GNUtoo' Carikli
* Trisquel 8.0
82 72 Denis 'GNUtoo' Carikli
* The virtual machine may be using FAI and cfengine but it would need more investigation on that.
83
* The distribution seem to have the latest security updates applies. How it does it needs to be investigated by looking at cron jobs (it might use FAI for that).
84 66 Denis 'GNUtoo' Carikli
85
h3. Virtual machine backup policies
86 68 Denis 'GNUtoo' Carikli
87 89 Denis 'GNUtoo' Carikli
The virtual machine is backed up daily. The backup procedure excludes the following path at the time of writing:
88 62 Denis 'GNUtoo' Carikli
<pre>
89
/dev
90
/proc
91
/tmp
92
/sys
93
/run
94
/mnt
95
/mnt0
96
/mnt1
97
/mnt2
98
/mnt3
99
/mnt4
100
/mnt5
101
/mnt6
102
/mnt7
103
/mnt8
104
/mnt9
105
/floppy/
106
/cdrom/
107
/media/
108
/net/
109
/var/spool/squid/
110
/var/spool/squid3/
111
/var/spool/squid3_bak/
112
/var/spool/squid-tbd/
113
/var/spool/squid*/
114
/var/spool/django/
115
/var/spool/exim/
116
/var/cache/
117
/srv/chroot/
118
/t
119
/srv/to-tape
120
/var/lib/ceph/osd/
121
/var/lib/apt/lists/
122
/var/cache/apt/
123
</pre>
124 44 Denis 'GNUtoo' Carikli
125 81 Denis 'GNUtoo' Carikli
h3. git hosting infrastructure on this machine
126 80 Denis 'GNUtoo' Carikli
127
The source code is in /srv/git/git-data/repositories and is divided in several groups:
128
** Replicant source code
129
** LineageOS mirror
130
** Various developers repositories
131
132 82 Denis 'GNUtoo' Carikli
|_. function |_. software |_. comments |
133
| authorization | gitolite | |
134 84 Denis 'GNUtoo' Carikli
| read access | * git:// -> git daemon
135
* ssh:// -> ssh daemon
136
* https:// -> ? (TODO: document the software/configuration)
137 83 Denis 'GNUtoo' Carikli
| |
138 82 Denis 'GNUtoo' Carikli
| web | cgit | |
139
140 79 Denis 'GNUtoo' Carikli
h2. Gandi
141 1 Denis 'GNUtoo' Carikli
142
* See https://en.wikipedia.org/wiki/Gandi for more details
143 46 Denis 'GNUtoo' Carikli
144 79 Denis 'GNUtoo' Carikli
h2. Freenode
145 46 Denis 'GNUtoo' Carikli
146 79 Denis 'GNUtoo' Carikli
h2. TODO:
147 47 Denis 'GNUtoo' Carikli
148 1 Denis 'GNUtoo' Carikli
* Ask the OSUOSL about backup policies.
149 47 Denis 'GNUtoo' Carikli
* Document public spaces like Freenode IRC channel.
150 1 Denis 'GNUtoo' Carikli
* Do our own backup policies and do some backups ourselves.
151 47 Denis 'GNUtoo' Carikli
* Contact the people that have some control of the resources above and ask for permission to mention them here
152 50 Denis 'GNUtoo' Carikli
* Fill the gaps (mentioned with '?') in this page
153 48 Denis 'GNUtoo' Carikli
* Look what happens when an account is deleted
154 55 Denis 'GNUtoo' Carikli
* Fix the related issues in the "tracker":https://redmine.replicant.us/projects/replicant/issues?utf8=%E2%9C%93&set_filter=1&f%5B%5D=status_id&op%5Bstatus_id%5D=o&f%5B%5D=category_id&op%5Bcategory_id%5D=%3D&v%5Bcategory_id%5D%5B%5D=57&f%5B%5D=&c%5B%5D=tracker&c%5B%5D=status&c%5B%5D=priority&c%5B%5D=subject&c%5B%5D=assigned_to&c%5B%5D=updated_on&c%5B%5D=category&c%5B%5D=cf_21&group_by=&t%5B%5D=
155 54 Denis 'GNUtoo' Carikli
* Move the entries of this TODO list to the tracker when it makes sense
156 77 Denis 'GNUtoo' Carikli
157
h1. Funding and legal entity
158 78 Denis 'GNUtoo' Carikli
159
The FSF holds Replicant funds and acts like an umbrella Oragnisation.
160
161 95 Denis 'GNUtoo' Carikli
The person that is designed to be in contact with the FSF is Denis Carikli.
162 78 Denis 'GNUtoo' Carikli
163 95 Denis 'GNUtoo' Carikli
The people responsible for fund usage decisions are Paul Kocialkowski and Denis Carikli
164
165
Our contact at the FSF is John Sullivan
166 94 Denis 'GNUtoo' Carikli
167
h1. Legal advise
168
169
Contact John Sullivan at the FSF.
170
171
Note that John Sullivan is not a lawyer but the FSF has lawyers.