Re: [Freepto] Meeting minutes 2014-06-03

Nachricht löschen

Nachricht beantworten
Autor: intrigeri
Datum:  
To: Everything about freepto
Betreff: Re: [Freepto] Meeting minutes 2014-06-03
Hi,

boyska wrote (06 Jun 2014 15:25:38 GMT) :
> * buildscripts are "sudo-runnable" by users belonging to "freeptodev"
> group, so we can make everyone build without need to be root


Just a (probably minor) nitpick: if these users can run arbitrary code
as root (which is the case if they can add random stuff to
a live-build configuration tree), then they can as well be officially
root :)

> intrigeri, if you want to join us, have suggestions,


I'm sure you know what you're doing, and why you're choosing this or
that technical solution vs. another one, so I have no particular
suggestion. All I've read makes sense.

Ah, yes: with 16GB of RAM, possibly the .deb's you need will be in
memory buffers anyway most of the time, so perhaps RAID-0 for
apt-cacher-ng is overkill. Premature optimization, blah, you know the
drill. Probably depends on how much you waste memory (as we do at
Tails) by putting every single service into its own VM :)

The way we're doing things at Tails, on the system front, is
documented there:
https://tails.boum.org/contribute/working_together/roles/sysadmins/

As you'll see, we're fully endorsing the "infrastructure as code"
motto. We're trying to share as much as we can of our setup via Puppet
modules, and I'd be delighted to collaborate with you on improving the
shared Puppet modules (some of them being shared with people like
Riseup, nadir, immerda.ch, etc.) we use, and the ones that are more
specific to the Tails/Freepto usecase, if that's your cup of tee :)

> or want to accomodate the environment as to build tails or make
> other experiments... speak up!


Tails is quite well equipped already on the server side, we have
Jenkins building our major branches. Our major blocker is not
hardware, but the time we are able to put into our infrastructure:
https://tails.boum.org/news/Call_for_help:_improve_the_infrastructure_behind_Tails/
So, whenever you want to play e.g. with jenkins-debian-glue (for
packages auto-building), or if you want to give aptly
(http://www.aptly.info/) a try and report back, I'll be more than
happy to play with you :)

Still: many thanks for the proposal, much appreciated!

Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc