Skip to content
Snippets Groups Projects
Unverified Commit 08128eb8 authored by anarcat's avatar anarcat
Browse files

fix links and typos

parent d417cf0e
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
tsa/meeting/2019-07-01.mdwn
+ 1
1
View file @ 08128eb8
......@@ -116,5 +116,5 @@ effective, so we'll try that next time.
# Next meeting
August 5th, 1400UTC (canceled, moved to [[september|2019-09-09]]. We will try to make the meeting faster and
August 5th, 1400UTC (canceled, moved to [[september|2019-09-09]]). We will try to make the meeting faster and
prepare the first two points in a pad beforehand.
tsa/meeting/2019-09-09.mdwn
+ 23
23
View file @ 08128eb8
......@@ -11,25 +11,25 @@
* catchup with Stockholm and tasks
* ipsec puppet module completion (should we publish it?)
* fixed civicrm tunneling issues, hopefully (#30912)
* published blog post with updates from the previous email: https://anarc.at/blog/2019-07-30-pgp-flooding-attacks/
* fixed civicrm tunneling issues, hopefully ([#30912](https://bugs.torproject.org/30912))
* published blog post with updates from the previous email: <https://anarc.at/blog/2019-07-30-pgp-flooding-attacks/>
* struggled with administrative/accounting stuff
* contacted greenhost about DNS: they have anycast DNS with an API, but not GeoDNS, what should we do?
* RT access granting and audit (#31249, #31248), various LDAP access tickets and cleaned up gettor group
* backup documentation https://help.torproject.org/tsa/howto/backup/ https://trac.torproject.org/projects/tor/ticket/30880
* RT access granting and audit ([#31249](https://bugs.torproject.org/31249), [#31248](https://bugs.torproject.org/31248)), various LDAP access tickets and cleaned up gettor group
* [backup documentation](https://help.torproject.org/tsa/howto/backup/) ([#30880](https://bugs.torproject.org/30880))
* tested bacula and postgresq restore procedures, specifically, you might want to get familiar with those before a catastrophe
* cleaned up services inventory (#31261) all in https://trac.torproject.org/projects/tor/wiki/org/operations/services now
* cleaned up services inventory ([#31261](https://bugs.torproject.org/31261)) all in <https://trac.torproject.org/projects/tor/wiki/org/operations/services> now
* worked on getting ganeti into puppet with weasel
### August
* on vacation the last week, it was awesome
* published a summary of the KNOB attack against Bluetooth (TL;DR: don't trust your BT keyboards) https://anarc.at/blog/2019-08-19-is-my-bluetooth-device-insecure/
* published a summary of the KNOB attack against Bluetooth (TL;DR: don't trust your BT keyboards) <https://anarc.at/blog/2019-08-19-is-my-bluetooth-device-insecure/>
* ganeti merge almost completed
* first part of the hiera transition completed, yaaaaay!
* tested a puppet validation hook (#31226) you should install it locally, but our codebase is maybe not ready to run this server-side
* retired labs.tpo (#24956)
* retired nova.tpo (#29888) and updated the host retirement docs, especially the hairy procedure where we don't have remote console to wipe disks
* tested a puppet validation hook ([#31226](https://bugs.torproject.org/31226)) you should install it locally, but our codebase is maybe not ready to run this server-side
* retired labs.tpo ([#24956](https://bugs.torproject.org/24956))
* retired nova.tpo ([#29888](https://bugs.torproject.org/29888)) and updated the host retirement docs, especially the hairy procedure where we don't have remote console to wipe disks
## hiro - Collecting all my snippets here https://dip.torproject.org/users/hiro/snippets
......@@ -43,21 +43,21 @@
## weasel, for september, actually
* Finished doing ganeti stuff. We have at least one VM now, see next point
* We have a loghost now, it's called loghost01. There is a /var/log/hosts that has logs per host, and some /var/log/*all* files that contain log lines from all the hosts. We don't do backups of this host's /var/log because it's big and all the data should be elsewhere anyway.
* started doing new onionoo infra, see #31659.
* started doing new onionoo infra, see [#31659](https://bugs.torproject.org/31659).
* debian point releases
# What we're up to next
## anarcat
* figure out the next steps in hiera refactoring (#30020)
* ops report card, see below (#30881)
* LDAP sudo transition plan (#6367)
* followup with snowflake + TPA? (#31232)
* send root@ emails to RT, and start using it more for more things? (#31242)
* followup with email services improvements (#30608)
* figure out the next steps in hiera refactoring ([#30020](https://bugs.torproject.org/30020))
* ops report card, see below ([#30881](https://bugs.torproject.org/30881))
* LDAP sudo transition plan ([#6367](https://bugs.torproject.org/6367))
* followup with snowflake + TPA? ([#31232](https://bugs.torproject.org/31232))
* send root@ emails to RT, and start using it more for more things? ([#31242](https://bugs.torproject.org/31242))
* followup with email services improvements ([#30608](https://bugs.torproject.org/30608))
* continue prometheus module merges
* followup on SVN decomissionning (#17202)
* followup on SVN decomissionning ([#17202](https://bugs.torproject.org/17202))
## hiro
* on vacation first two weeks of August
......@@ -77,7 +77,7 @@
These machines would not be accessed directly by users but would serve as backends for a) fastly, and b) our own varnish/haproxy frontends.
* split onionoo backends (that run the java stuff) from frontends (that run haproxy/varnish). The backends might also want to run a
varnish. Also, retire the stunnel and start doing ipsec between frontends and backends.
(that's already started, cf. #31659)
(that's already started, cf. [#31659](https://bugs.torproject.org/31659))
* start moving VMs to gnt-fsn
## ln5
......@@ -89,13 +89,13 @@
# Answering the 'ops report card'
See https://trac.torproject.org/projects/tor/ticket/30881
See <https://trac.torproject.org/projects/tor/ticket/30881>
anarcat introduced the project and gave a heads up that this might mean more ticket and organizational changes. for example, we don't define "what's an emergency" and "what's supported" clearly enough. anarcat will use this process as a prioritization tool as well.
# Email next steps
Brought up "the plan" to Vegas: https://trac.torproject.org/projects/tor/wiki/org/meetings/2019Stockholm/Notes/EmailNotEmail
Brought up "the plan" to Vegas: <https://trac.torproject.org/projects/tor/wiki/org/meetings/2019Stockholm/Notes/EmailNotEmail>
Response was: why don't we just give everyone LDAP accounts? Everyone has PGP...
......@@ -103,13 +103,13 @@ We're still uncomfortable with deploying the new email service but that was agre
# Do we want to run Nextcloud?
See also the discussion in https://trac.torproject.org/projects/tor/ticket/31540
See also the discussion in <https://trac.torproject.org/projects/tor/ticket/31540>
The alternatives:
a. Hosted on Tor Project infrastructure, operated by Tor Project.
b. Hosted on Tor Project infrastructure, operated by Riseup.
c. Hosted on Riseup infrastructure, operated by Riseup.
a. Hosted on Tor Project infrastructure, operated by Riseup.
a. Hosted on Riseup infrastructure, operated by Riseup.
We're good with B or C for now. We can't give them root so B would need to be running as UID != 0, but they prefer to handle the machine themselves, so we'll go with C for now.
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment