On Wed, Jul 05, 2006 at 10:04:08AM -0500, Lance Albertson wrote: > Brian Harring wrote: > > >> don't see why we need to have a public system setup as long as we can > >> provide the source when asked. As far as a I know, the GPL doesn't > >> dicate that we have to provide the sources in an internet media form. > >> They just need to be available when requested. Perhaps we can have a > >> document that explains a process for getting said sources. I don't see > >> the point of creating a torrent/whatever system just for the rare > >> instances that people want the older source. Way too much overhead for > >> something I don't see being used much. > > > > Files are going to have to be held onto somewhere long term- which is > > easier, flipping on lighttpd for the storage dir, or having to dick > > around with making requests of infra (waiting for them to respond), > > and requiring infra to do more work? > > Maintaining a service requires more work than just keeping it running. > You have to make sure all the components involved with the service are > running properly, all the security aspects are covered, proper DoS > control is in place, etc. Yes, from your point of view its easy, but > there's a little more involved than just putting something up.
Not the only sysadmin around ;) I know bringing up new services can increase maintainence efforts, and potential for risk. That said, y'all _should_ have a fairly vanilla base configuration across all servers (base kernel config, firewalling, grsec config, etc). Further, y'all were running lighttpd last I knew- so y'all should be tracking it for securities concerns already... and this particular setup is pretty damn simple (no dynamic, straight dir_index). So... it's not a herculean task, not something like trying to maintain a secured wiki. > > Upshot of my suggestion, folk have access to the purgatory dir so they > > can go digging through old files from the mirror tier as needed. > > I have seen zero requests in the time I've been in Gentoo for this. Talk to web crew, stuart in particular. Beyond them (their complaints/issues predate my time of managing the mirror image), folks _do_ screw up and needed to raid files from the mirror (lost patches in particular), requests I used to take care of. Every few months is a rough rate going by memory at 8:30am. Not huge, but as said, if need to provide access to gpl'd sources for bin (not just releng cds btw, people are forgetting we have precompiled pkgs in the tree also), it _is_ a potential route for handling that requirement while killing off another bit of manual work. > I, fail to see where you think there's a sudden demand for this. > I have no > problem getting these files to people. I have a problem with putting > resources into something that doesn't need that kind of resource > allocated to it based on current demand. I don't see the problem with > dealing such things on a case-by-case basis. If demand increases, then > we can change it. Since I see no demand now, this doesn't affect our > workload at all. <snip> > I have no problem if we archive them somewhere. I have SAN space at one > our locations which I've started using for archival/backup purposes. > However, I wasn't intending on this machine to become a publically > accessible machine, so I would have to change things around which I > don't want to do unless its needed. I don't see the demand to warrant > such a service. Am I stating there is a 'sudden demand'? I don't see throngs of folks screaming for a fallback tier (am seeing people screaming for patches.g.o, which is inline with this), thing is y'all have to archive this stuff and I'm pointing out a way to make it not suck and provide some extra functionality with minimal cost. > > End result, infra has to maintain archives. My proposal, all infra > > has to do is flip on lighttpd somewhere, and I (or zac) do the > > mirror-dist modifications. > > As stated above, not as simple as it sounds. Looks easy on paper, but > there's more involved in the backend that just flipping on an httpd. I'm > already archiving the master mirror files (including purgatory stuff) > twice a week so that aspect is already done. But as I said earlier, I > don't want this machine to become a publically accessible machine. That > wasn't my intention when I set it up. I do have some options at this > location if we need to make the files more public, but I don't see the > demand to warrant that. Suggest others are given time to weigh in on this rather then restating that you don't think there is demand for it. Nobody yays it, hey, folks have spoken and y'all go with the same non public backup. ~harring
pgpU0eZP8vJFq.pgp
Description: PGP signature
