Participants
1. guilhem
2. cloph
3. Brett
4. Norbert
Agenda
* SSL/TLS
+ [rdm#2312] Avoid serving web content over http:// when possible
- website (vm168): TODO: s,http://,https:// in the templates and pages,
plus add 30x redirect at the top level
- dev-www and other dev tools: support https:// since the beginning of the
year, but no redirect as it'd break scripts otherwise. Hence scripts
are still mostly using http://. TODO: Poke devs to upgrade their
links.
- downloads: http:// and https:// both work (without redirect)
+ [rdm#1987] Please use HTTPS for downloads to protect users
- adding a redirect http://download.tdf → https://download.tdf is not
enough, because mirrorbrain doesn't have a separate baseurl for secure
links hence can further redirect from https://download.tdf to
http://mirror .
. cloph: the redirect could also cause problem with protocol downgrade
on handing out http mirror in the redirect
- mirrorbrain can't serve https://-only mirrors to https:// connections;
and that would be mostly useless without the above redirect anyway, as
most users would otherwise stick to http://
. https://github.com/poeml/mirrorbrain/issues/143 (consistent https
handling)
. https://github.com/poeml/mirrorbrain/issues/167 (configure https urls
in mirrorbrain itself for a given mirror)
- Stats: 113 active HTTP mirrors, of which 6 have an https:// baseURL.
Of the 106 http:// URLs, 35 can safely (valid X.509 chain) be upgraded
to https:// based on a quick curl(1) scan.
. AI guilhem: ask mirror operators if the https:// URLs will remain
stable, and upgrade when possible.
. Norbert: reach out to other mirror operators and ask them (with a
link to the Let's Encrypt tutorials) if they can add https://
support. When we have enough https://-capable mirrors, we can
perhaps disable the rest and serve https://-only content.
+ [rdm#2340] LibreOffice download page - please change torrent file to be
downloaded using https instead of current http link
- same as before, but maybe we could enable SSL/TLS on the torrent
tracker?
. no problem for .torrent files - those (and other small files like the
.asc signatures) are served by download.tdf directly, and not passed
on to mirrors
. enabling ssl support for tracker (hefur) would be possible, but would
require external let's encrypt-handling (AI guilhem) (https tracker
would listen on port 6970 by default) - but would need http / non-ssl
version anyway.
. ssl not so much a problem with torrents, since individual downloaded
hunks have sha-checksum anyway/the connection to the peer you
download from is not covered by the tracker's ssl-connection
+ [rdm#2090] gerrit: anonymous VCS URI scheme should be https:// not the
insecure git://
-
https://gerrit-review.googlesource.com/Documentation/config-gerrit.html#download
(not part of default gerrit)
+ [rdm#2026] scan sites with observatory.mozilla.org
* Norbert: would be nice to have a superset of sudo in salt, which we can map
to sudo on specific machines, eg build slaves.
* Monitoring
+ [rdm#2211] greylog/log parsing
- Norbert: when we have a problem, add filter patterns to detect future
similar problems
+ [rdm#2210] monitoring notifications
- really need to improve the situation here, cf.
https://redmine.documentfoundation.org/issues/2210#note-5
. SMS is the way to go, but we need to the ability to specify schedules
so not everyone is waken up in the middle of the night
. cloph: want to revive the telegram notifications that we had in the
past (TDF Monitoring bot)
. Norbert: need the ability to temporarily disable the rules when doing
manual maintenance
. Norbert: it's crucial to avoid false positives (cf. infra ML…)
+ [rdm#2208] add missing hosts to monitoring
- we need to run salt on the monitoring (and backup) host after each new
host/VM deployment
- salt only adds basic ping/web-check - specific services need to be
added manually/separately
+ [rdm#1079] Status page
- cloph: don't want to make everything public, but we can basic info like
web check for public services
- admins need to be able to tell the world the problem is known and being
worked on
* Backups
+ [rdm#2082] provide a way to set per-vm backup time (e.g. only do gerrit
during nighttime)
+ [rdm#2209]
+ TODO: add a flag in pillar to specify backup run time or disable it
(comment out the entry)
* reCAPTCHA
+ [rdm#2141] Replacing reCAPTCHA with self-hosted version
- Demote to low prio as SSO should deprecate reCAPTCHA on the frontends
+ [rdm#2396] reCAPTCHA v1 API shutdown on March 31, 2018
- wiki.tdf, ask.lo, extensions.lo, and www.lo all use v2, anything else
still on v1? Not that we know of
* WebSSO
+ [rdm#1585] single sign-on (SSO)
- 467 accounts created in LDAP so far
- WebSSO deployed on pad.tdf, tdf.io, and survey.tdf. Unauthenticated
users are redirected to the central auth portal, and then back to the
service
- LDAP auth partly deployed (dual auth) on nextcloud.tdf, www.tdf and
testlink.tdf
- TODO: poke recent wiki contributors? last time I checked 350/400
didn't have an LDAP account yet. cloph: start by showing a banner with
a link to user.tdf to logged in users
* Next call: *Mon* Dec. 18, 17:30 UTC
--
Guilhem.
--
To unsubscribe e-mail to: [email protected]
Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette
List archive: https://listarchives.libreoffice.org/global/website/
All messages sent to this list will be publicly archived and cannot be deleted
