F-Droid devops

9 Members
Sysadmin work around F-Droid3 Servers

Load older messages

30 Jun 2022
@SylvieLorxu:matrix.orgSylviaAt least if I corrupt my key somehow others can still access and revoke13:11:22
@SylvieLorxu:matrix.orgSylvia2FA was scary at first too :P13:11:37
@uniq:matrix.orgmichaelI think it's best practice to keep encrypted offline backups of your keys in secure off-site places13:12:56
@uniq:matrix.orgmichaeleg. an unlabeld cd or sdcard, encrypted with a reasonably long passphrase at a friends safe or something13:15:01
@uniq:matrix.orgmichael * eg. an unlabeld cd or sdcard, encrypted with a reasonably long passphrase at a friends safe or something13:15:15
@festplattenschnitzel:matrix.orgFestplattenSchnitzel Sylvia I recently noticed that the Forum seems not to send notification emails via TLS. (I've Posteo's "reject non-TLS stuff"-setting enabled.) Could you take a look? 13:17:32
@SylvieLorxu:matrix.orgSylviaAs in, the mail server used doesn't deliver to Posteo securily?13:19:12
@SylvieLorxu:matrix.orgSylviaI don't think I can do anything about that except keep waiting for Ciaran to swap around the mail server and then start using the new one (if I swap it now it'll surely end in spam as Mailcow isn't allowed to send as f-droid.org)13:20:13
@SylvieLorxu:matrix.orgSylviaYup, I see it in bounced logs on the forum13:21:36
@SylvieLorxu:matrix.orgSylviaCool Posteo feature13:21:48
@SylvieLorxu:matrix.orgSylviaProbably the mail server switch will fix that13:22:31
@festplattenschnitzel:matrix.orgFestplattenSchnitzel Hehe: we can phone Ciaran. https://www.whois.com/whois/acge.com 13:34:32
@SylvieLorxu:matrix.orgSylviaI don't want to go down the route of being more annoying, nobody will be happy in that route :P I'll just send a reminder mail for the email stuff13:38:25
4 Jul 2022
@eighthave:matrix.org_hcFYI the contact email for verification.f-droid.org and the GitLab CI Runner VMs at pep.security (pEp) is it@pep.security12:14:28
6 Jul 2022
@eighthave:matrix.org_hcAnd sysadmin@calyxinstitute.org is the contact for the f-droid.org deployserver.05:50:13
13 Jul 2022
@eighthave:matrix.org_hcthe deployserver now has 12 cores and 16GB of RAM, before it had 8 cores, so it should run faster now. That'll let us launch more languages15:30:43
@eighthave:matrix.org_hc michael: just saw Ciaran's email. Do you think we should just take over running the buildserver? I think Ciaran now runs them on Hetzner anyway. Before he had them as local bare metal at his home. 15:33:23
@jochensp:matrix.orgjochensp+1 for taking them :)15:34:08
@uniq:matrix.orgmichaelIf Ciaran wants to hand them over, we probably should. We can certainly move all servers to the donations paid account, to begin with. But I won't be able to put any meaningful amount of time in before September. :(20:31:38
@jochensp:matrix.orgjochenspI guess signing will still be done by Ciaran, so we would need some interface to transfer the files (I think Bubu was working on that some time ago). Anyone knows the state?20:35:59
@uniq:matrix.orgmichaelI think not.20:36:28
@uniq:matrix.orgmichaelIf Ciaran is already running the buildserver at Hetzner20:36:54
@uniq:matrix.orgmichaelHe must have all of that already worked out and running20:37:10
@uniq:matrix.orgmichaelSo I guess Ciaran would just fetch all new unsigned builds with rsync or something20:38:02
@jochensp:matrix.orgjochenspthat would work, sure20:38:15
@jochensp:matrix.orgjochenspI guess we should work out some plan how to secure the server then20:38:37
@jochensp:matrix.orgjochensp..I guess we could run the Ansible setup and hand ssh accounts to Ciaran and how else wants to maintain it20:40:35
@jochensp:matrix.orgjochensp(I'm open to help with it)20:40:53
20 Jul 2022
@uniq:matrix.orgmichael _hc jochensp Do you think Calyx might still be interested in providing secure hosting for our buildserver? 15:01:35
@eighthave:matrix.org_hcseems worth asking16:16:59

There are no newer messages yet.

Back to Room List