Project

General

Profile

Infrastructure » History » Version 84

Denis 'GNUtoo' Carikli, 10/28/2018 12:06 AM

1 1 Denis 'GNUtoo' Carikli
h1. NetworkInfrastructure
2
3 16 Denis 'GNUtoo' Carikli
|_. What |_. Where |_. Access type | Who | comments |
4 25 Denis 'GNUtoo' Carikli
| "Redmine instance":https://redmine.replicant.us | OSUOSL  | Redmine administrator | Several Replicant contributors including:
5 37 Denis 'GNUtoo' Carikli
* [[People#Paul-Kocialkowski|Paul Kocialkowski]]
6 38 Denis 'GNUtoo' Carikli
* [[People#Denis-GNUtoo-Carikli|GNUtoo]]
7 57 Joonas Kylmälä
* Joonas Kylmälä
8 1 Denis 'GNUtoo' Carikli
* Add your name here if you have access and want to be mentioned | |
9 40 Denis 'GNUtoo' Carikli
| "Mailing list":https://lists.osuosl.org/mailman/listinfo/replicant | OSLOSL | Mailing list administrator | Several Replicant contributors including:
10 41 Denis 'GNUtoo' Carikli
* [[People#Paul-Kocialkowski|Paul Kocialkowski]]
11 60 Denis 'GNUtoo' Carikli
* [[People#Denis-GNUtoo-Carikli|GNUtoo]]
12 41 Denis 'GNUtoo' Carikli
* Add your name here if you have access and want to be mentioned  | | |
13 1 Denis 'GNUtoo' Carikli
| "Wordpress instance":https://blog.replicant.us/ | OSUOSL | Wordpress administator | Several Replicant contributors including:
14 37 Denis 'GNUtoo' Carikli
* [[People#Paul-Kocialkowski|Paul Kocialkowski]]
15 38 Denis 'GNUtoo' Carikli
* [[People#Denis-GNUtoo-Carikli|GNUtoo]]
16 1 Denis 'GNUtoo' Carikli
* Add your name here if you have access and want to be mentioned | This instance is auto-updated automatically with the help of a plugin. |
17 37 Denis 'GNUtoo' Carikli
| "Releases":https://ftp-osl.osuosl.org/pub/replicant/ | OSUOSL | SSH?/SFTP | Several Replicant contributors:
18
* [[People#Paul-Kocialkowski|Paul Kocialkowski]]
19 61 Denis 'GNUtoo' Carikli
* [[People#Denis-GNUtoo-Carikli|GNUtoo]]
20 37 Denis 'GNUtoo' Carikli
* Add your name here if you have access and want to be mentioned | We should not use too much space |
21
| "Source code":https://git.replicant.us/ | FSF | SSH in a vm in a server that is at the FSF office | Several Replicant contributors:
22
* [[People#Paul-Kocialkowski|Paul Kocialkowski]]
23 57 Joonas Kylmälä
* Joonas Kylmälä
24 61 Denis 'GNUtoo' Carikli
* [[People#Denis-GNUtoo-Carikli|GNUtoo]]
25 64 Denis 'GNUtoo' Carikli
* Several FSF system administrators
26 37 Denis 'GNUtoo' Carikli
* Add your name here if you have access and want to be mentioned | Resources kindly offered by the FSF |
27 52 Denis 'GNUtoo' Carikli
| [[PrivateContact|Private contact address]] | This is handled by [[People#Paul-Kocialkowski|Paul Kocialkowski]]'s mail servers:
28 53 Denis 'GNUtoo' Carikli
* armstrong.paulk.fr
29 52 Denis 'GNUtoo' Carikli
* gagarine.paulk.fr | SSH, physical access | [[People#Paul-Kocialkowski|Paul Kocialkowski]] only (it's his machines) | The contact address is redirected to several Replicant contributors including:
30 42 Denis 'GNUtoo' Carikli
* [[People#Paul-Kocialkowski|Paul Kocialkowski]]
31 38 Denis 'GNUtoo' Carikli
* [[People#Denis-GNUtoo-Carikli|GNUtoo]]
32 1 Denis 'GNUtoo' Carikli
* Add your name here if you receive mail from this address and want to be mentioned |
33 33 Denis 'GNUtoo' Carikli
| IRC channel | Freenode | Channel operator(s) | Several Replicant contributors including:
34 38 Denis 'GNUtoo' Carikli
* [[People#Denis-GNUtoo-Carikli|GNUtoo]]
35 37 Denis 'GNUtoo' Carikli
* [[People#Paul-Kocialkowski|Paul Kocialkowski]]
36 58 Kurtis Hanna
* [[People#Kurtis-Hanna|Kurtis Hanna]]
37 59 Kurtis Hanna
* Add your name here if you have access and want to be mentioned | @MODE #Replicant +qe $~a *!*@gateway/web/*@ and @MODE #Replicant +qe $~a *!*@gateway/shell/matrix.org/*@ have been applied. Unless one connects via a web based irc client or via the Matrix.org IRC bridge one will need to register one's nick with Freenode in order to speak | |
38 43 Denis 'GNUtoo' Carikli
| The replicant.us (mostly-static) front website | OSUOSL (hook) + FSF for the source code | * See the source code hosting line above.
39
* Probably none for the hook | See the source code hosting line above. | * "Source code":https://git.replicant.us/replicant/website/
40
* Patches are to be sent to the Replicant mailing list
41
* There is a jenkins hook with a token to pull and deploy the website source code |
42 45 Denis 'GNUtoo' Carikli
| The replicant.us domain name | gandi.net | * Web inteface through gandi website
43
* The DNS entries are configured to use gandi's DNS server | Several Replicant contributors including:
44 44 Denis 'GNUtoo' Carikli
* [[People#Paul-Kocialkowski|Paul Kocialkowski]]
45
* Add your name here if you have access and want to be mentioned  | |
46 32 Denis 'GNUtoo' Carikli
| The replicant.us TLS certificate | Let's Encrypt | Access probably by controlling the respective domain name | * https://www.replicant.us: OSUOSL
47 29 Denis 'GNUtoo' Carikli
* https://blog.replicant.us: OSUOSL
48
* https://redmine.replicant.us: OSUOSL
49 30 Denis 'GNUtoo' Carikli
* https://git.replicant.us: ? | History: CA-cert -> GlobalSign -> LetsEncrypt |
50 16 Denis 'GNUtoo' Carikli
51 13 Denis 'GNUtoo' Carikli
h2. OSUOSL
52 7 Denis 'GNUtoo' Carikli
53 16 Denis 'GNUtoo' Carikli
The OSUOSL is the Oregon State University Open Source Lab.
54 19 Denis 'GNUtoo' Carikli
55 56 Denis 'GNUtoo' Carikli
Contact:
56
* They can be contacted on #osuosl on the Freenode IRC network
57
* They also have a 'support' mail address at oslosl.org
58
59 66 Denis 'GNUtoo' Carikli
h2. Virtual machine in FSF's office
60 1 Denis 'GNUtoo' Carikli
61
* The virtual machine is hosted in a server that is in their office.
62
* Several FSF network administrator also have access to the virtual machine
63 66 Denis 'GNUtoo' Carikli
64 75 Denis 'GNUtoo' Carikli
Contact:
65 76 Denis 'GNUtoo' Carikli
* The 'sysadmin' mail address at gnu.org
66
* The FSF system administrators can also be contacted on #fsfsys on the Freenode IRC network for more urgent matters
67 75 Denis 'GNUtoo' Carikli
68 66 Denis 'GNUtoo' Carikli
h3. Virtual machine specifications
69 67 Denis 'GNUtoo' Carikli
70 69 Denis 'GNUtoo' Carikli
The virtual machine runs on top of Xen and has:
71 66 Denis 'GNUtoo' Carikli
* About 3G of RAM
72
* 1 virtual core
73
* a 10G rootfs partition
74
* a 100G storage partition for Replicant git repositories
75 1 Denis 'GNUtoo' Carikli
* One IPv4 and one IPv6
76 69 Denis 'GNUtoo' Carikli
77
Software:
78
* Trisquel 7.0
79 70 Denis 'GNUtoo' Carikli
* A strange Debian '2.6.32-5-xen-amd64' Linux kernel that runs since the 28 December 2015 at the time of writing. The kernel image seems absent from the rootfs and the modules are present but not part of any package. This might be the way to deal with the lack of -xen kernel on Trisquel7.
80 72 Denis 'GNUtoo' Carikli
* The virtual machine may be using FAI and cfengine but it would need more investigation on that.
81
* The distribution seem to have the latest security updates applies. How it does it needs to be investigated by looking at cron jobs (it might use FAI for that).
82 66 Denis 'GNUtoo' Carikli
83
h3. Virtual machine backup policies
84 68 Denis 'GNUtoo' Carikli
85
The virtual machine is backed up about once per day. The backup procedure excludes the following path at the time of writing:
86 62 Denis 'GNUtoo' Carikli
<pre>
87
/dev
88
/proc
89
/tmp
90
/sys
91
/run
92
/mnt
93
/mnt0
94
/mnt1
95
/mnt2
96
/mnt3
97
/mnt4
98
/mnt5
99
/mnt6
100
/mnt7
101
/mnt8
102
/mnt9
103
/floppy/
104
/cdrom/
105
/media/
106
/net/
107
/var/spool/squid/
108
/var/spool/squid3/
109
/var/spool/squid3_bak/
110
/var/spool/squid-tbd/
111
/var/spool/squid*/
112
/var/spool/django/
113
/var/spool/exim/
114
/var/cache/
115
/srv/chroot/
116
/t
117
/srv/to-tape
118
/var/lib/ceph/osd/
119
/var/lib/apt/lists/
120
/var/cache/apt/
121
</pre>
122 44 Denis 'GNUtoo' Carikli
123 81 Denis 'GNUtoo' Carikli
h3. git hosting infrastructure on this machine
124 80 Denis 'GNUtoo' Carikli
125
The source code is in /srv/git/git-data/repositories and is divided in several groups:
126
** Replicant source code
127
** LineageOS mirror
128
** Various developers repositories
129
130 82 Denis 'GNUtoo' Carikli
|_. function |_. software |_. comments |
131
| authorization | gitolite | |
132 84 Denis 'GNUtoo' Carikli
| read access | * git:// -> git daemon
133
* ssh:// -> ssh daemon
134
* https:// -> ? (TODO: document the software/configuration)
135 83 Denis 'GNUtoo' Carikli
| |
136 82 Denis 'GNUtoo' Carikli
| web | cgit | |
137
138 79 Denis 'GNUtoo' Carikli
h2. Gandi
139 1 Denis 'GNUtoo' Carikli
140
* See https://en.wikipedia.org/wiki/Gandi for more details
141 46 Denis 'GNUtoo' Carikli
142 79 Denis 'GNUtoo' Carikli
h2. Freenode
143 46 Denis 'GNUtoo' Carikli
144 79 Denis 'GNUtoo' Carikli
h2. TODO:
145 47 Denis 'GNUtoo' Carikli
146 1 Denis 'GNUtoo' Carikli
* Ask the OSUOSL about backup policies.
147 47 Denis 'GNUtoo' Carikli
* Document public spaces like Freenode IRC channel.
148 1 Denis 'GNUtoo' Carikli
* Do our own backup policies and do some backups ourselves.
149 47 Denis 'GNUtoo' Carikli
* Contact the people that have some control of the resources above and ask for permission to mention them here
150 50 Denis 'GNUtoo' Carikli
* Fill the gaps (mentioned with '?') in this page
151 48 Denis 'GNUtoo' Carikli
* Look what happens when an account is deleted
152 55 Denis 'GNUtoo' Carikli
* Fix the related issues in the "tracker":https://redmine.replicant.us/projects/replicant/issues?utf8=%E2%9C%93&set_filter=1&f%5B%5D=status_id&op%5Bstatus_id%5D=o&f%5B%5D=category_id&op%5Bcategory_id%5D=%3D&v%5Bcategory_id%5D%5B%5D=57&f%5B%5D=&c%5B%5D=tracker&c%5B%5D=status&c%5B%5D=priority&c%5B%5D=subject&c%5B%5D=assigned_to&c%5B%5D=updated_on&c%5B%5D=category&c%5B%5D=cf_21&group_by=&t%5B%5D=
153 54 Denis 'GNUtoo' Carikli
* Move the entries of this TODO list to the tracker when it makes sense
154 77 Denis 'GNUtoo' Carikli
155
h1. Funding and legal entity
156 78 Denis 'GNUtoo' Carikli
157
The FSF holds Replicant funds and acts like an umbrella Oragnisation.
158
159
The people that are designed to be in contact with the FSF are:
160
* Paul Kocialkowski
161
* Denis Carikli
162
163
And our contact at the FSF are:
164
* John Sullivan