And now for your kind attention, the devuan-dev meet notes for
Thursday, February 6th, 2020.
plasma41
------------------------------------------------------------------------
# Devuan meet Feb 06, 2020 @20:30 UTC
Pad is here:
https://pad.dyne.org/code/#/2/code/edit/kYzZZ9Br7syOIr6M1vDGnYan/
Meet here: https://vdc.dyne.org/devuan
* Please post notes prior to the meet.
* Please add your name as 'Present' below when you get to the
meet.
* When adding a comment in someone else's notes, please
pre-pend your name like this: (whoever) whatever . . .
Present: golinux, plasma41, LeePen, rrq, Leepen, fsr, RickMoen, kramer
## Old Business
## Old Actions
- Asked kramer about taking on arm-sdk.
- (fsr) Made screenshots for desktop-live install guide. Started
updating release notes and will put them on a pad.
- Pad for beowulf release notes:
https://pad.dyne.org/code/#/2/code/edit/FEOS-VBadm1SaUBFyiw-wJJ-/
- (rrq) iso building in progress
## New Business
- (gl) Are the bug reports coming to devuan-dev annoying anyone else but
me? I now get 2 of everything which is a bit of a pain. And some bug
emails get stuck in moderation because they come from a different
address than the one allowed and I'm not quite sure what to do with
them. In all, this change has opened a whole can of worms for me.
### golinux
- Working with chillfan on updating the iso-docs and install guides
- fsr has also sent screenies for the "live" install guide.
- Cinnabar theme is live on beta.devuan.org but the site which has
gotten very stale and unwieldy needs a complete overhaul of the
backend and also content.
- Evilham will move the site to lektor platform shortly and we will get
to work.
### LeePen
#### Beowulf
- Built a few missing ppc64el binaries.
- Working on mini.iso and netboot images in debian-installer.
- Have a new version of choose-mirror which removes ${CC}.deb.d.o
as an option.
#### Backups
- Setup on new ganeti hosts.
- I am rapidly falling out of love with the sucker implementation.
Setting the acls is very prone to break things. I don't think it adds
any security and it means some files are still not backed up.
- Considering running backups as root using the restricted ssh key and
script discussed last week.
### kramer
- got a lot of hardware and support (just sandboxes for now)
from my employer
- openstack based, need to be provisioned by terraform
- creating a gitlab repo for "terraforming" ?
- https://www.terraform.io/
- those hosts will act as gitlab runners
(jenkins won't make it this way)
- rework arm-sdk to use docker containers
(a lot more easy to maintain)
- the arm-sdk is well made, but powering an entire Distribution is
not possible this way
- bad news: all the images are systemd affected
- good news: I'll upload devuan images
- bad news: not able to test the images on real hardware -> community
- questions:
- docker images:
- who uses them?
- who maintains them?
- who would use them?
- considering to stop any donations and invest them in e.g. root servers
. KT Session Terraform
### RickMoen
In case it's useful, here's my Web server knowledgebase's article about
setting up interhost processes using ssh keypairs restricted to do very
specific things:
http://linuxmafia.com/faq/Security/ssh-publickey-process.html
In particular, at page bottom, there's a link to an excellent article
series at
www.hackinglinuxexposed.com that covers this topic very well.
You're probably way ahead of me on this, but here's my knowledgebase's
article about using a restricted keypair for (e.g.) backup:
http://linuxmafia.com/faq/Security/ssh-publickey-process.html
https://www.hackinglinuxexposed.com/articles/20030109.html
## New Actions
- send to LeePen a list of bug addresses sending mail to devuan-dev
- send to golinux list of isos that will be available in Beowulf with
descriptions of their usecase. Please reference the ISO Guide on the
devuan.org index page.
::
[devuan-dev] Notes - Devuan meet Fe…
