| 30 Jun 2022 |
 Sylvia | At least if I corrupt my key somehow others can still access and revoke | 13:11:22 |
| Sylvia | 2FA was scary at first too :P | 13:11:37 |
 michael | I think it's best practice to keep encrypted offline backups of your keys in secure off-site places | 13:12:56 |
| michael | eg. an unlabeld cd or sdcard, encrypted with a reasonably long passphrase at a fiends safe or something | 13:15:01 |
| michael | * eg. an unlabeld cd or sdcard, encrypted with a reasonably long passphrase at a friends safe or something | 13:15:15 |
 FestplattenSchnitzel | Sylvia I recently noticed that the Forum seems not to send notification emails via TLS. (I've Posteo's "reject non-TLS stuff"-setting enabled.)
Could you take a look? | 13:17:32 |
| Sylvia | As in, the mail server used doesn't deliver to Posteo securily? | 13:19:12 |
| Sylvia | I don't think I can do anything about that except keep waiting for Ciaran to swap around the mail server and then start using the new one (if I swap it now it'll surely end in spam as Mailcow isn't allowed to send as f-droid.org) | 13:20:13 |
| Sylvia | Yup, I see it in bounced logs on the forum | 13:21:36 |
| Sylvia | Cool Posteo feature | 13:21:48 |
| Sylvia | Probably the mail server switch will fix that | 13:22:31 |
| FestplattenSchnitzel | Hehe: we can phone Ciaran. https://www.whois.com/whois/acge.com | 13:34:32 |
| Sylvia | I don't want to go down the route of being more annoying, nobody will be happy in that route :P I'll just send a reminder mail for the email stuff | 13:38:25 |
| 4 Jul 2022 |
 _hc | FYI the contact email for verification.f-droid.org and the GitLab CI Runner VMs at pep.security (pEp) is it@pep.security | 12:14:28 |
| 6 Jul 2022 |
| _hc | And sysadmin@calyxinstitute.org is the contact for the f-droid.org deployserver. | 05:50:13 |
| 13 Jul 2022 |
| _hc | the deployserver now has 12 cores and 16GB of RAM, before it had 8 cores, so it should run faster now. That'll let us launch more languages | 15:30:43 |
| _hc | michael: just saw Ciaran's email. Do you think we should just take over running the buildserver? I think Ciaran now runs them on Hetzner anyway. Before he had them as local bare metal at his home. | 15:33:23 |
 jochensp | +1 for taking them :) | 15:34:08 |
| michael | If Ciaran wants to hand them over, we probably should. We can certainly move all servers to the donations paid account, to begin with. But I won't be able to put any meaningful amount of time in before September. :( | 20:31:38 |
| jochensp | I guess signing will still be done by Ciaran, so we would need some interface to transfer the files (I think Bubu was working on that some time ago). Anyone knows the state? | 20:35:59 |
| michael | I think not. | 20:36:28 |
| michael | If Ciaran is already running the buildserver at Hetzner | 20:36:54 |
| michael | He must have all of that already worked out and running | 20:37:10 |
| michael | So I guess Ciaran would just fetch all new unsigned builds with rsync or something | 20:38:02 |
| jochensp | that would work, sure | 20:38:15 |
| jochensp | I guess we should work out some plan how to secure the server then | 20:38:37 |
| jochensp | ..I guess we could run the Ansible setup and hand ssh accounts to Ciaran and how else wants to maintain it | 20:40:35 |
| jochensp | (I'm open to help with it) | 20:40:53 |
| 20 Jul 2022 |
| michael | _hc jochensp Do you think Calyx might still be interested in providing secure hosting for our buildserver? | 15:01:35 |
| _hc | seems worth asking | 16:16:59 |
