> On Sep 14, 2022, at 12:05 AM, heiphohmia via Metamath
> <[email protected]> wrote:
>
> Nice work modernizing and hardening the infra. These days what's considered
> the
> "bare minimum" has a lot of moving pieces.
It really isn't bad. There are more pieces, but the tools to manage it are
better,
and many things "just work". Trivial example: historically you had to take extra
steps to install rrsync, now it's just another program you install & manage
with the
package manager.
> Anyway, please permit me to butt in with a small idea. The mirror setup you
> propose has each mirror polling the source server for changes. What about a
> push-centered architecture?
>
> Since rsync is equally capable of pushing changes, I'm imagining a reversal of
> roles in your ssh setup and having some post-update hook that rsyncs the
> changes to each mirror.
Like everything, there are pros & cons :-).
> Off the top of my head, pros:
>
> - Tighter sync between mirrors and us.metamath.org
I don't think that's critical. We update 1/day, and it's not a crisis if
the mirror update is delayed. Also, rsync is *really* fast at determining
"there is nothing to do".
> - Less network noise
> - Slight reduction in attack surface area on us.metamath.org
>
> cons:
>
> - Error handling becomes responsibility of the post-update hook
We really *can't* handle such errors. If the other side is inaccessible, or
can't write an update, there's little we can do about it.
> - Might require updates to Firewall settings
Not really, and we control our firewall settings anyway.
There's a bigger "con": the mirrors would need to allow
someone from the outside (specifically us.metamath.org) to log in
*to* their system & write to it. I don't know if they're willing to do that.
They may not even have the rights necessary to do it.
That's not a technical issue, but it certainly might matter :-).
Another con: It'd mean that the us.metamath.org site would have to
store the private keys for logging in to those other sites.
Doable, but an extra step.
Mirror folks: Comments?
--- David A. Wheeler
--
You received this message because you are subscribed to the Google Groups
"Metamath" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/metamath/09EA8375-D8B7-4684-823F-7E6DF62B912E%40dwheeler.com.
