Participants
============
1. guilhem
2. emiliano
3. cloph
Agenda
======
* Emiliano: might have to revise access policy (shell, access) in the future
+ guilhem: shell access is orchestrated by salt, revoking existing and/or
granted new access can be done trivially
- it's been done before (composition of the infra team changes over time)
and revisiting access is still done on a bi-yearly basis (assuming good
faith we don't rekey or reinstall boxes upon revocation though)
+ for privileged access to the various service frontends (nextcloud, redmine,
discourse, civicrm, SSO) we can simply create more fine-grained groups or
subgroups if desired
+ guilhem: can send a list of privileged groups and their respective members
to board
+ for some services (nextcloud, [matrix], mail) one could also also use
client-side encryption to avoid storing plaintext data
- there is a trade-off there though, the infra team can't help in case of
issues, and it probably won't work well for less technically inclined
people
* guilhem: wanted to migrate and split vm142
+ docs.libreoffice.org: updated via jenkins job, can be split to a separate
box (make sure to update pined ssh keys on jenkins)
+ meetbot, external, sdremote: can go
+ centos_builddeps: can be archives
+ symstore: updated by cloph and xisco, accessed to by (relatively) many.
large amount of files and large amount of space, can live on a storage box
(directly written to, accessed via reverse proxy + local cache)
IZBot can move to a separate box
* CI: cloph: noticed that hetzner started offering ARM boxes
+ need to have a look, would be nice to replace the x-compiled setup which
can't run `make check`
+ can also be used for some webservices (cheaper and less energy consumption,
for most of our VMs we use the higher tier but the bottleneck is not always
CPU or RAM)
* Next call: Tue, 16 May at 18:30 CEST
--
Guilhem.
--
To unsubscribe e-mail to: website+unsubscribe@global.libreoffice.org
Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette
List archive: https://listarchives.libreoffice.org/global/website/
Privacy Policy: https://www.documentfoundation.org/privacy
Context
- [libreoffice-website] Minutes from the Tue Mar 18 infra call · Guilhem Moulin
Privacy Policy |
Impressum (Legal Info) |
Copyright information: Unless otherwise specified, all text and images
on this website are licensed under the
Creative Commons Attribution-Share Alike 3.0 License.
This does not include the source code of LibreOffice, which is
licensed under the Mozilla Public License (
MPLv2).
"LibreOffice" and "The Document Foundation" are
registered trademarks of their corresponding registered owners or are
in actual use as trademarks in one or more countries. Their respective
logos and icons are also subject to international copyright laws. Use
thereof is explained in our
trademark policy.