On Tue, 21 Jul 2009, Peter Palfrader wrote: > (again, internal work notes) > > dsa 20090720 > > - get rid of sarti hosted at rapidswitch (weasel talks to philh) > - mirror planet to a different machine so we can reboot things > more easily (mirroradm/Ganneff) > - setup manpages.debian.net > - maybe integrate into packages.d.o or maybe lintian. > Ganneff talks to djpig > - source.d.o on stabile (zobel+dsa - noel) > - data.d.o pending on new ftp-master. zobel/luca/taggart/HP > - backup.d.o (bartok running out of warranty/disk space) > possible hosters/people to talk to > maybe use one of the nordicgaming dl360s > - cd-builder.d.o. bzed - tk. we think status is that > cd folks basically just need to say when they want the > machine and we can get one. hosted at maswan > - security/synproxy.as - talk to Andrew Lee (zobel, sgran). done. > - bugs frontend MX - don+weasel will maybe look at that during > debconf/camp > - alioth - to a blade @ luca > - move root auth keys into puppet > - rotate all passwords (weasel) > - setup host based firewalls. move it into puppet/some centralized > thing. merge different hosts' config into one. sgran+Ganneff. > - verdi: - shut down all remainging service processes, (sgran) > - dd disks > - powerdown > - have andi pick up old hw > - experimental - it should move into d.o w-b and onto d.o buildds > (that's something for wbadm to push) > - raff will go away for a couple of days whenever ftc moves to houston > wb probably should move away from raff before that happens so it's > available during that time. kvm on dijkstra. zobel->luk/philk > - we should have all buildds to debian.org. > needs to be pushed by wbadm. dsa can take over and help. maybe > some hosts need to be moved to more acceptable hosting > - kfreebsd porter host (weasel) > - get rid of spontini because it's slow. zobel/sgran > - need a ud-ldap talk / discussion > - pergolesi is back, still no eric access
ud-ldap - move host related DNS records into ldap - A, AAAA, MX, HINFO, that kind of stuff - auto generate sshdist's authorized_keys from ldap - move the information contained in generate.conf into ldap - make ud-* tools log, i.e. create an audit log - move echelon away from ud-ldap/ldap - DAM/Ganneff - move ud-* functionality into a library, so that the logic is contained in a single place, to be used to by the ud-* shell tools and a web interface and stuff. sgran/zack - ud-generate should probably create a new directory to write out its stuff so we do not carry around old crap for forever. - ud-generate/ud-replicate should do sane locking - partial exports to hosts - rename db into db-master, - make db-master's ldap accessible only from localhost and a couple of d.o machines (say master, people) - make a new db that is a replica of db-master, publicly accessible - fingerd moves to the public db. (for dsa talk/open discussion: is anybody using ldap directly, what for, etc) puppet - nsswitch.conf - sshd_config - environments for testing stuff mail - all buildds/porterboxes to move to hub layout - maybe masquerate all outgoing @hostname.d.o mail as @d.o. - in any case, stop doing local [email protected] mail for all hosts except for master.d.o - should unconditionally go to ldap forward address - no .forward/.procmail stuff - split debian.org from master.debian.org mail handling - abuse/postmaster at virtual domains should always go to DSA (in addition to the team if they configured it in their aliases) (for dsa talk/open discussion: what kind of granularity do we need for the anti spam stuff? Do most people really want to set their own blacklists or should we just make it a boolean. Some people will always bitch, try to do it right for most and do not get carried away by a few loud complainers) hosting - paravoid will ask if he can take the bladecenter he might also provide storage -- | .''`. ** Debian GNU/Linux ** Peter Palfrader | : :' : The universal http://www.palfrader.org/ | `. `' Operating System | `- http://www.debian.org/ -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
