On 08/01/2016 07:23 PM, André Silva wrote: > On 08/01/2016 06:52 PM, Luke wrote: >> On 07/30/2016 11:24 PM, coadde wrote: >>> Hi guys, i would make some changes in the new server, however i would >>> propose it to be discussed under consensus first: >>> >>> * Remove SSL certificates to be more KISS and adhocratic. >> No idea what this means, but we should keep our TLS certs and all >> mirrors should be required to have HTTPS. >> Would also be nice to have a means of verifying the fingerprint of the >> certs. > > +1 about Luke opinion.
OK, i don't know much about tls :( >>> * Use a TOX server as XMPP replacement. >> +1. Simple to use, works on my slow internet, and doesn't require a >> central server (XMPP does require a centralized server, although it is >> "federated" meaning we could setup our own. Tox is still more reliable imo.) > > I think TOX has option to register account to toxme.io. Since i don't > know about it, could be it useful to create a server? It could creates a user to speech in groups and conferences with TOX And "toxcore" contains the service "tox-bootstrapd (Tox DHT Bootstrap)", to use as node and DHT[0][1] [0]:https://wiki.tox.chat/users/nodes [1]:https://wiki.archlinux.org/index.php/Tox#Run_a_node >>> * Use NetworkManager (CLI) instead of Netctl. >> Netctl is pretty solid, I no longer use network manager on anything >> other than my laptop due to the heavy bloatware. > > Netctl is pretty solid, but no portable since it is adapted only for > systemd. If we have plans to move to OpenRC or another one (eg. gnudmd > (called now as GNU Shepherd)), we should looking for alternatives (eg. > NetworkManager). +1, NetworkManager is easy to use it with "nmcli" command and contains most of options, example: nmcli commands: nmcli c add help # help to create any type of network nmcli c add type ethernet ifname eth10 con-name "Ethernet_Server" \ autoconnect yes \ ip4 10.0.0.1/24 gw4 10.0.0.1 # create the "Ethernet_Server" nmcli c show # show all networks nmcli c edit "Ethernet_Server" # edit the selected network in interactive mode nmcli c up "Ethernet_Server" # to connect the selected network nmcli c down "Ethernet_Server" # to disconnect the selected network nmcli d status # show interfaces nmcli d wifi # show SSID wifis and status nmcli -a d wifi connect "SSID" # create and enter the selected SSID wifi configuration file like: /etc/NetworkManager/system-connections/"Ethernet_Server" -------------------------------------------------------- [connection] id=Ethernet_Server uuid=ffffffff-ffff-ffff-ffff-ffffffffffff type=ethernet permissions= secondaries= [ethernet] mac-address-blacklist= [ipv4] address1=10.0.0.1/24,10.0.0.1 dns=127.0.0.1; dns-search= method=manual [ipv6] addr-gen-mode=stable-privacy address1=fd09::/64,fd09::1 dns= dns-search= method=manual -------------------------------------------------------- >>> * Testing against all type of attacks to check our security settings is ok. >> +1. We should have someone audit the server for any vulnerabilities. > > +1, i suggest use linux-libre-audit for it. > > In this case, since it is a server, i could create a modified version of > linux-libre-lts with AUDIT support called linux-libre-lts-audit, what do > you think guys? +1
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dev mailing list [email protected] https://lists.parabola.nu/mailman/listinfo/dev
