Re: [Freepto] Meeting minutes 2014-06-03

このメッセージを削除

このメッセージに返信
著者: boyska
日付:  
To: freepto
題目: Re: [Freepto] Meeting minutes 2014-06-03
On Fri, Jun 06, 2014 at 08:10:17PM +0200, intrigeri wrote:
>boyska wrote (06 Jun 2014 15:25:38 GMT) :
>> * buildscripts are "sudo-runnable" by users belonging to "freeptodev"
>> group, so we can make everyone build without need to be root
>
>Just a (probably minor) nitpick: if these users can run arbitrary code
>as root (which is the case if they can add random stuff to
>a live-build configuration tree), then they can as well be officially
>root :)


oh yeah, of course. Maybe it wasn't clear enough the goal of this
server: it will be a LOCAL server, just for hackmeeting, which is not
autoritative in any way.

People are expected to just plug a cable and ssh into it, change some
code, make a build, copy it on their computer, and test it with qemu.

This setup will make anyone able to code without worrying about
configuring their computer, having lot of ram, or stuff like that.

Of course, nothing will be included in "official" repositories until
(AFTER hackmeeting) we review every commit for security problems.

>> intrigeri, if you want to join us, have suggestions,
>
>I'm sure you know what you're doing, and why you're choosing this or
>that technical solution vs. another one, so I have no particular
>suggestion. All I've read makes sense.
>
>Ah, yes: with 16GB of RAM, possibly the .deb's you need will be in
>memory buffers anyway most of the time, so perhaps RAID-0 for
>apt-cacher-ng is overkill. Premature optimization, blah, you know the
>drill. Probably depends on how much you waste memory (as we do at
>Tails) by putting every single service into its own VM :)


It depends on how many build you do at the same time: we hope that a
bunch of developers will sit around and start making new builds to test
new features or bugfix. But you're probably right.

>The way we're doing things at Tails, on the system front, is
>documented there:
>https://tails.boum.org/contribute/working_together/roles/sysadmins/
>
>As you'll see, we're fully endorsing the "infrastructure as code"


which we completely agree (but we're not as organized as you!). We did
this https://github.com/vinc3nt/freepto-vagrant
and https://github.com/AvANa-BBS/freepto-buildtools

But again, the point is preparing a server which is SHARED, so that
occasional contributors can have fun with us, without needing to prepare
their own box, to consume internet bandwidth (which is usually scarce at
hm!), or to have a good computer. A "dumb terminal" is enough :)

>motto. We're trying to share as much as we can of our setup via Puppet
>modules, and I'd be delighted to collaborate with you on improving the
>shared Puppet modules (some of them being shared with people like
>Riseup, nadir, immerda.ch, etc.) we use, and the ones that are more
>specific to the Tails/Freepto usecase, if that's your cup of tee :)


I am not a puppet lover, but I like the 'configuration as code'
approach; so yes collaboration on this is nice, too.

--
boyska