infra issueshttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues2022-11-09T12:51:56Zhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9899add ntp servers for alpine2022-11-09T12:51:56ZNatanael Copaadd ntp servers for alpinewe should not use pool.ntp.org for our default ntp config, instead we
should set up our own ntp servers.
https://www.pool.ntp.org/vendors.html#vendor-zone
https://www.pool.ntp.org/vendors.html#open-source
*(from redmine: issue id 98...we should not use pool.ntp.org for our default ntp config, instead we
should set up our own ntp servers.
https://www.pool.ntp.org/vendors.html#vendor-zone
https://www.pool.ntp.org/vendors.html#open-source
*(from redmine: issue id 9899, created on 2019-01-23)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/8468MQTT authentication2022-11-06T21:22:06ZCarlo LandmeterMQTT authenticationWith the introduction of topic structure and SSL support for MQTT we
should also add ACL+authentication to mosquito.
*(from redmine: issue id 8468, created on 2018-02-02)*
* Relations:
* parent #8421With the introduction of topic structure and SSL support for MQTT we
should also add ACL+authentication to mosquito.
*(from redmine: issue id 8468, created on 2018-02-02)*
* Relations:
* parent #8421Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/1846handling security issues2022-01-29T22:46:09ZPeter Kotcauerhandling security issuesIt would be nice to have an errata mailing list to inform users about
fixed security issues affecting binary packages or the core system.
Mails could include the CVE and other identifiers.
There could be place an unique id tag for thes...It would be nice to have an errata mailing list to inform users about
fixed security issues affecting binary packages or the core system.
Mails could include the CVE and other identifiers.
There could be place an unique id tag for these issues something like
ALPLSA-year:autoincrement (ALPine Linux Security Advisory).
I think one or more security officer(s) should be chosen.
There could be a security@ address where users could send security
related problems (it should have a public pgp key for sending sensitive
information encrypted).
Security officer(s) should be subscribed to distros and linux-distros
closed mailing lists.
*(from redmine: issue id 1846, created on 2013-05-03)*
* Relations:
* child #1858https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/1858Create mailing list for security alerts2020-01-06T14:19:15ZNatanael CopaCreate mailing list for security alertsWe already have a amiling list named ‘alpine-security’. I wonder if we
should make it more clear what this list is for.
Maybe we should have a sec-errata@lists.alpinelinux.org too, where we
only post security erratas.
*(from redmine: ...We already have a amiling list named ‘alpine-security’. I wonder if we
should make it more clear what this list is for.
Maybe we should have a sec-errata@lists.alpinelinux.org too, where we
only post security erratas.
*(from redmine: issue id 1858, created on 2013-05-13)*
* Relations:
* relates #2104
* parent #1846Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/3615Mailing list web archive need some thorough revamp2019-07-18T19:30:44ZPrzemysław PawełczykMailing list web archive need some thorough revampWhat we see at http://lists.alpinelinux.org/ is simply unbearably awful.
*(from redmine: issue id 3615, created on 2014-12-10)*What we see at http://lists.alpinelinux.org/ is simply unbearably awful.
*(from redmine: issue id 3615, created on 2014-12-10)*Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/4760size in bytes of ISOs on http://alpinelinux.org/downloads/2022-04-22T05:48:44ZScrumpy Jacksize in bytes of ISOs on http://alpinelinux.org/downloads/Can we publish the sizes in bytes of ISOs, as well as human readable?
eg:
iso size checksum
alpine-3.2.3-x86_64.iso 299 MB (313602048) sha1 | sha256 | asc
It helps for things like ver...Can we publish the sizes in bytes of ISOs, as well as human readable?
eg:
iso size checksum
alpine-3.2.3-x86_64.iso 299 MB (313602048) sha1 | sha256 | asc
It helps for things like verifying the checksums once the ISO is burned
to optical media
*(from redmine: issue id 4760, created on 2015-10-09)*Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/6377WWW IPv62022-03-28T20:29:55Zmello tronWWW IPv6Hello,
It’d be nice if the public facing web domains had functioning AAAA
records.
*(from redmine: issue id 6377, created on 2016-10-21)*Hello,
It’d be nice if the public facing web domains had functioning AAAA
records.
*(from redmine: issue id 6377, created on 2016-10-21)*Kevin DaudtKevin Daudthttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/7494How to use bug tracker without a working web browser? (CLI interface for bug ...2022-02-23T19:46:16ZHarald BeckerHow to use bug tracker without a working web browser? (CLI interface for bug tracker)Natanael Copa redirected me to the bug tracker for further requests
after sending him a message, but I consider this a serious bug:
I setup an Raspberry Pi with Alpine Linux. Even after managing to
startup xorg and GUI mode, there is no...Natanael Copa redirected me to the bug tracker for further requests
after sending him a message, but I consider this a serious bug:
I setup an Raspberry Pi with Alpine Linux. Even after managing to
startup xorg and GUI mode, there is no working Chromium, also no working
Firefox and Netsurf has SEGVs and closes unexpectedly. So how can you
report a bug in this situation? Redirecting to the bug tracker web page
creates a chicken egg problem when you need help or want report bugs on
xorg setup.
I needed to setup another computer on an x86\_64 to be able to open a
working web browser, so I’m now here to report this issue.
In my opinion there shall be a simple bug tracker on the command line
interface in two flavors: A colored full screen and a simple dump
version. Optionally there may be a simple GUI front end (GTK) for the
graphical system (not requiring a Web Browser).
All this shall send the bug to the back end system which may be accessed
on web pages as usual.
*(from redmine: issue id 7494, created on 2017-07-11)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/8413Document the current infrastructure2022-11-06T20:41:16ZKevin DaudtDocument the current infrastructureVery little is documented about the infrastructure, making it hard for
others to help with the project.
This is a project task to make sure everything gets documented.
*(from redmine: issue id 8413, created on 2018-01-25)*
* Relation...Very little is documented about the infrastructure, making it hard for
others to help with the project.
This is a project task to make sure everything gets documented.
*(from redmine: issue id 8413, created on 2018-01-25)*
* Relations:
* child #8424https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/8414Central syslog server2019-07-12T16:28:47ZDaniel Isaksendisaksen@alpinelinux.orgCentral syslog serverWe should, for auditing and security purposes, set up a syslog server to
receive logs from all hosts we manage.
I propose we forward syslog from hosts to syslog-ng, possibly using
logstash and elasticsearch.
*(from redmine: issue id 8...We should, for auditing and security purposes, set up a syslog server to
receive logs from all hosts we manage.
I propose we forward syslog from hosts to syslog-ng, possibly using
logstash and elasticsearch.
*(from redmine: issue id 8414, created on 2018-01-25)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/8421Define mqtt (msg.alpinelinux.org) topic structure2019-07-12T16:28:49ZCarlo LandmeterDefine mqtt (msg.alpinelinux.org) topic structureWe should define a structure to use for our mqtt topics. Currently we
have:
- git/\*
- build/\*
- alert/\*
- rsync/\*
- monitoring/\*
- issues/\*
Are there any good design principles for topic structure?
*(from redmine: i...We should define a structure to use for our mqtt topics. Currently we
have:
- git/\*
- build/\*
- alert/\*
- rsync/\*
- monitoring/\*
- issues/\*
Are there any good design principles for topic structure?
*(from redmine: issue id 8421, created on 2018-01-25)*
* Relations:
* child #8468Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/8424Make an inventory of the current infrastructure2022-11-06T20:43:46ZKevin DaudtMake an inventory of the current infrastructureBefore the infrastructure can be documented, we need to make an
inventory of what infrastructure is there.
*(from redmine: issue id 8424, created on 2018-01-26)*
* Relations:
* parent #8413Before the infrastructure can be documented, we need to make an
inventory of what infrastructure is there.
*(from redmine: issue id 8424, created on 2018-01-26)*
* Relations:
* parent #8413https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/8428Make all third party mirrors sync from T1 mirrors2022-12-03T21:42:56ZDaniel Isaksendisaksen@alpinelinux.orgMake all third party mirrors sync from T1 mirrorsAll third party mirrors **must** synchronize from our tier 1 (dl-N)
mirrors, and **not** from master.
Therefore we must contact the admins for all third party mirrors and
notify them of this.
A list of contacts are in the git.a.o:infra...All third party mirrors **must** synchronize from our tier 1 (dl-N)
mirrors, and **not** from master.
Therefore we must contact the admins for all third party mirrors and
notify them of this.
A list of contacts are in the git.a.o:infra/mirrors repository.
*(from redmine: issue id 8428, created on 2018-01-26)*
* Relations:
* parent #8426https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/8429Mirror redirector2019-07-12T16:28:51ZDaniel Isaksendisaksen@alpinelinux.orgMirror redirectorIn order to fully utilize our numerous mirrors, we must create a HTTP
mirror redirector for use in \`apk\`.
I have looked into using GeoDNS for this, but considering mirrors store
alpine on different paths (i.e. /alpinelinux, /alpine-li...In order to fully utilize our numerous mirrors, we must create a HTTP
mirror redirector for use in \`apk\`.
I have looked into using GeoDNS for this, but considering mirrors store
alpine on different paths (i.e. /alpinelinux, /alpine-linux, /alpine)
this is impossible.
I will test mirrorbits for this, and keep this issue updated with
progress.
*(from redmine: issue id 8429, created on 2018-01-27)*Daniel Isaksendisaksen@alpinelinux.orgDaniel Isaksendisaksen@alpinelinux.orghttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/8448Alpine theme for Redmine2020-02-24T17:42:01ZDaniel Isaksendisaksen@alpinelinux.orgAlpine theme for RedmineIt’d be nice if our Redmine installation conformed with the Alpine
“template” website, like alpinelinux.org, pkgs.a.o, mirrors.a.o and
such.
*(from redmine: issue id 8448, created on 2018-01-30)*It’d be nice if our Redmine installation conformed with the Alpine
“template” website, like alpinelinux.org, pkgs.a.o, mirrors.a.o and
such.
*(from redmine: issue id 8448, created on 2018-01-30)*Daniel Isaksendisaksen@alpinelinux.orgDaniel Isaksendisaksen@alpinelinux.orghttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/8475add SSL/TLS support to Alpine MQTT infrastructure2022-10-06T21:00:48ZCarlo Landmeteradd SSL/TLS support to Alpine MQTT infrastructureWe are currently only supporting plain text MQTT and MQTT+Websockets on
msg.alpinelinux.org.
This should be extended with MQTT over SSL/TLS and Websockets over
SSL/TLS.
To migrate all infra to SSL/TLS mqtt-exec will need to be updated...We are currently only supporting plain text MQTT and MQTT+Websockets on
msg.alpinelinux.org.
This should be extended with MQTT over SSL/TLS and Websockets over
SSL/TLS.
To migrate all infra to SSL/TLS mqtt-exec will need to be updated with
SSL/TLS support.
See: https://github.com/ncopa/mqtt-exec/issues/4
*(from redmine: issue id 8475, created on 2018-02-05)*Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/8489Improving package search - searching in pkgdesc2020-03-28T15:18:18ZBernhard J. M. GrünImproving package search - searching in pkgdescIt would be a nice improvement to also have a switch to enable searching
in package descriptions (pkgdesc) too on the website
https://pkgs.alpinelinux.org/packages .
*(from redmine: issue id 8489, created on 2018-02-15)*It would be a nice improvement to also have a switch to enable searching
in package descriptions (pkgdesc) too on the website
https://pkgs.alpinelinux.org/packages .
*(from redmine: issue id 8489, created on 2018-02-15)*Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9055Add an index.tab and index.json to the download site2021-11-12T15:08:51ZNick SchonningAdd an index.tab and index.json to the download siteSorry I’m just not looking in the right place. I checked out
http://dl-cdn.alpinelinux.org/alpine/ but couldn’t find anything like
what nodejs has for being able to easily pull relase version info. EX:
\- https://nodejs.org/dist/index.j...Sorry I’m just not looking in the right place. I checked out
http://dl-cdn.alpinelinux.org/alpine/ but couldn’t find anything like
what nodejs has for being able to easily pull relase version info. EX:
\- https://nodejs.org/dist/index.json
- https://nodejs.org/dist/index.tab
This appears to be done by a tool they wrote here
https://github.com/nodejs/nodejs-dist-indexer
The reason I’m looking for a file like this is to automate bumping
images as they are released
*(from redmine: issue id 9055, created on 2018-07-05)*Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9071Outdated copyright notice2020-01-06T13:10:33ZTBKOutdated copyright noticeOn https://alpinelinux.org/ and https://pkgs.alpinelinux.org/packages
the footer copyright notice says 2017.
See attached file.
*(from redmine: issue id 9071, created on 2018-07-11)*
* Uploads:
* ![2018-07-11_03-02-09](/uploads/c79...On https://alpinelinux.org/ and https://pkgs.alpinelinux.org/packages
the footer copyright notice says 2017.
See attached file.
*(from redmine: issue id 9071, created on 2018-07-11)*
* Uploads:
* ![2018-07-11_03-02-09](/uploads/c79b02d159f5ab696d19f1efe5447669/2018-07-11_03-02-09.png)Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9073GDPR compliance2019-07-12T16:30:02ZTBKGDPR complianceAccording to
https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-personal-data\_en\#examples-of-personal-data
the data collected for the creation of an account for the following two
sites:
- https://wiki.alpinelinux.or...According to
https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-personal-data\_en\#examples-of-personal-data
the data collected for the creation of an account for the following two
sites:
- https://wiki.alpinelinux.org/w/index.php?title=Special:UserLogin&returnto=Main+Page&type=signup
- https://bugs.alpinelinux.org/account/register
is considered personal data so the statement “We do not process personal
data on this site.” found on the sites mentioned below is no longer
valid:
- https://alpinelinux.org/privacy-policy.html
- https://wiki.alpinelinux.org/wiki/Alpine\_Linux:Privacy\_policy
I do not know what kind of legal entity the Alpine Linux project is or
where it is registered, nor is privacy law or any kind of law my area
expertise I just want to bring it to attention so if any incident should
happen the AL project has taken its precautions and have procedures in
place.
*(from redmine: issue id 9073, created on 2018-07-11)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9076Remove flag button from non-edge packages on pkgs.alpinelinux.org2022-07-25T10:55:13ZSascha PaunovicRemove flag button from non-edge packages on pkgs.alpinelinux.orgSince one cannot flag packages that aren’t in the edge repos, having the
flag button doesn’t make sense there doesn’t make sense.
*(from redmine: issue id 9076, created on 2018-07-11)*Since one cannot flag packages that aren’t in the edge repos, having the
flag button doesn’t make sense there doesn’t make sense.
*(from redmine: issue id 9076, created on 2018-07-11)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9134Improve the contributors/developers environment2020-01-06T13:09:55ZCarlo LandmeterImprove the contributors/developers environmentThis issue is not specifically targeted at a single item in our infra
but more general discussion thread to eventually evolve into sub tasks
to get a better environment.
Please add your issues and/or possible solutions and ill update t...This issue is not specifically targeted at a single item in our infra
but more general discussion thread to eventually evolve into sub tasks
to get a better environment.
Please add your issues and/or possible solutions and ill update this
item.
Current issues
==============
Authentication
--------------
Currently Redmine does not support proper Oauth integration. It would be
nice if we could have that implemented.
We currently have an issue open \#9081 to disable anon bug reporting.
Issues per branch
-----------------
Would be nice if we could somehow track security issues per branch see:
https://www.redmine.org/issues/1266\#change-56683
Multi Arch CI
-------------
Currently we use an external service (travis) to verify our
contributions. The limitations is that this is only available for
x86\_84.
It would be nice if we could somehow have a CI which can push jobs to
different containers in our infra on different architectures.
Most of our developers do not have access to these Archs so It would be
nice for them to send jobs to verify their contributions.
Patch queue management
----------------------
We currently have 2 queues, GitHub and Patchwork. This is by far optimal
and should be reduced to a single queue where people can contribute
to.
This will be much easier to maintain and less people will complain one
of the queues is better managed and remove questions as to which they
should contribute to.
To my knowledge the reason people use patchwork/ml is that they don’t
like to have an account on Github for privacy reasons. I think we should
support
this request and provided them with an alternative solution which means
we would have to replace both of them with a locally hosted solution.
Ideas regarding solutions
=========================
Unified solution
----------------
I’ve looked into the Open Source world to see if there is a holy grail
to work around the above mentioned issues.
After reviewing I ended up with only two solutions that seem to pack the
feature set we currently need is very active and had proper
documentation.
Both projects also have a side project which can migrate issues from
Redmine which is kind of nice to have.
### GitLab
This currently seems to be a choice for many other open source projects,
but its very hard to maintain it locally.
I started packaging the individual parts (gitlab-ce, gitaly…) but it was
very messy and i ended up with huge packages. I’ve seen Jirutka has
tried to
package it up for Gentoo but in the end stopped working on it. So in the
end I gave up because it seems to be very messy and time consuming.
### Phabricator
This application seems to be very easy to install, has only a few
dependencies so its a matter of an hour to get up and running.
Also the upgrade path is very simple and will be very easy to maintain
(if I read the documentation correctly).
The main issue we faced up till now is the workflow and the actual patch
integration in Phabricator. The only way to retrieve the patches
is to fetch the diff via the web interface or via the PHP cli. There is
no way to grab an mbox file or branch and locally apply and push it
(like we do with github).
This is one of the main issues ncopa faced when trying it out. I didn’t
look closer if this can be overcome somehow.
There is a test instance available at https://phabtest.alpinelinux.org
(the database isn’t running local so its maybe a bit slow at times).
Separate solutions
------------------
I didn’t have time yet to look into possible other solutions so any
feedback is appreciated.
*(from redmine: issue id 9134, created on 2018-07-25)*Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9493improve patchwork mail routing2020-01-06T13:05:58ZCarlo Landmeterimprove patchwork mail routingCurrently mails for patchwork are routed via redmine container.
This is not very obvious and can lead into issues when changing
container locations.
It would be better if we have a single point of entry (mail.a.o) and
forward to the ...Currently mails for patchwork are routed via redmine container.
This is not very obvious and can lead into issues when changing
container locations.
It would be better if we have a single point of entry (mail.a.o) and
forward to the correct container directly via vpn.
*(from redmine: issue id 9493, created on 2018-09-30)*Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9589Anitya (release-monitoring) checker stopped working2020-01-06T13:06:54ZJakub JirutkaAnitya (release-monitoring) checker stopped workingMy access to the container running pkgs.a.o has stopped working
**again**, so I cannot check out what’s wrong. `anitya-check-all` should
be executed periodically by cron.
ssh jirutka@172.16.4.21
ssh: connect to host 172.16.4.21 ...My access to the container running pkgs.a.o has stopped working
**again**, so I cannot check out what’s wrong. `anitya-check-all` should
be executed periodically by cron.
ssh jirutka@172.16.4.21
ssh: connect to host 172.16.4.21 port 22: No route to host
*(from redmine: issue id 9589, created on 2018-10-26)*Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9650Implement detailed monitoring of container hosts2019-07-12T16:31:09ZKevin DaudtImplement detailed monitoring of container hostsMonitoring so far has only be done from the outside, checking that
websites and other services were available.
Now the need has risen to get monitoring of things like used disk space
as well (some hosts almost run out of disk space). Fo...Monitoring so far has only be done from the outside, checking that
websites and other services were available.
Now the need has risen to get monitoring of things like used disk space
as well (some hosts almost run out of disk space). For that to be
possible we need some kind of agent installed on the host. For Zabbix,
we have 2 options:
- SNMP
- Zabbix agent
So we need to choose what method we are going to use. One consideration
we need to take into account is security, especially for the builder
hosts.
*(from redmine: issue id 9650, created on 2018-11-16)*Kevin DaudtKevin Daudthttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9698FWD: CERT/CC needs Alpine email address & contact information for vulnerabil...2020-04-14T21:01:23ZNatanael CopaFWD: CERT/CC needs Alpine email address & contact information for vulnerability reports————— Forwarded message ————-
From: Laurie A Tyzenhaus <latyzenhaus@cert.org>
Date: qua, 21 de nov de 2018 às 18:16
Subject: CERT/CC needs Alpine email address & contact information for
vulnerability reports
Daniel Sabogal; Al...————— Forwarded message ————-
From: Laurie A Tyzenhaus <latyzenhaus@cert.org>
Date: qua, 21 de nov de 2018 às 18:16
Subject: CERT/CC needs Alpine email address & contact information for
vulnerability reports
Daniel Sabogal; Alicha CH;
CERT Coordination Center is updating their contact list and finds that
the
email address we have, alpine@bugs.alpinelinux.org, is not valid.
Please take a few minutes to reply to this email with an email address
that
the Alpine Linux security team will be reviewing. A current contact
email
address is vital to alerting vendors to the latest vulnerabilities CERT
is
researching and reporting.
Best Regards,
CERT Coordination Center
*(from redmine: issue id 9698, created on 2018-11-27)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9912Writeable install images2022-07-24T02:05:31ZRichard MortierWriteable install imagesI was recently installing a set of machines, and used the provided .ISO
images on a USB stick to do so.
That worked fine, but it would’ve been nice if I could’ve customised the
image after the first install as it would’ve made each sub...I was recently installing a set of machines, and used the provided .ISO
images on a USB stick to do so.
That worked fine, but it would’ve been nice if I could’ve customised the
image after the first install as it would’ve made each subsequent
install a bit quicker.
I couldn’t do this because the ISO filesystem is read-only.
Would it be possible to provide (eg) an EXT2 or VFAT or something image
file that could be downloaded, burnt to a USB stick, and then modified
after first boot please?
*(from redmine: issue id 9912, created on 2019-01-25)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9924Allow selecting all arches in pkgs.alpinelinux.org2023-06-07T12:16:38ZKevin DaudtAllow selecting all arches in pkgs.alpinelinux.orgThe arch selection field by default has no arch selected, so it allows
you to search in any arch. But once you selected an arch, it’s no longer
possible to select no arch.
*(from redmine: issue id 9924, created on 2019-01-26)*The arch selection field by default has no arch selected, so it allows
you to search in any arch. But once you selected an arch, it’s no longer
possible to select no arch.
*(from redmine: issue id 9924, created on 2019-01-26)*Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9977Flagging packages is not working, 404 instead.2023-06-07T12:16:38ZYaron ShahrabaniFlagging packages is not working, 404 instead.This is website related.
The packages interface doesn’t allow flagging, an error appears.
*(from redmine: issue id 9977, created on 2019-02-11)*This is website related.
The packages interface doesn’t allow flagging, an error appears.
*(from redmine: issue id 9977, created on 2019-02-11)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/10223Verify / update firewall rules ipv62020-09-15T17:12:14ZKevin DaudtVerify / update firewall rules ipv6At the moment we mostly concentrated on IPv4 rules. Although awall by
default also includes ipv6 rules, we still need to verify them to see if
the rules are working properly.
*(from redmine: issue id 10223, created on 2019-04-09)*At the moment we mostly concentrated on IPv4 rules. Although awall by
default also includes ipv6 rules, we still need to verify them to see if
the rules are working properly.
*(from redmine: issue id 10223, created on 2019-04-09)*Kevin DaudtKevin Daudthttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/10484lxc-based builders seem not to have lxcfs enabled2020-04-19T13:31:02ZChloe Kudryavtsevlxc-based builders seem not to have lxcfs enabledUnder lxc, side-effects can happen when resources are limited.
As an example, see
https://build.alpinelinux.org/buildlogs/build-edge-x86/community/caddy/caddy-1.0.0-r0.log
This is caused by the container not knowing what it’s actuall...Under lxc, side-effects can happen when resources are limited.
As an example, see
https://build.alpinelinux.org/buildlogs/build-edge-x86/community/caddy/caddy-1.0.0-r0.log
This is caused by the container not knowing what it’s actually allowed
to use, and thus not having a value (in this case, defaulting to –1).
This can and will cause various failures.
*(from redmine: issue id 10484, created on 2019-05-23)*Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/10573migration to gitlab2020-01-06T13:02:23ZCarlo Landmetermigration to gitlabwe are currently testing a new gitlab instance at
gitlab.alpinelinux.org.
Please reply with issues found and features which are missing.
This is also a good place to start discussing how to organize git.a.o
and bugs.a.o into gitlab.
...we are currently testing a new gitlab instance at
gitlab.alpinelinux.org.
Please reply with issues found and features which are missing.
This is also a good place to start discussing how to organize git.a.o
and bugs.a.o into gitlab.
If you want a test account please email me or send a message on IRC for
a password as smtp is disabled atm for obvious reasons.
*(from redmine: issue id 10573, created on 2019-06-14)*
* Relations:
* child #10606
* child #10634
* Uploads:
* ![Screenshot_from_2019-06-14_12-03-06](/uploads/154af9d912af126b459e0740e11c7421/Screenshot_from_2019-06-14_12-03-06.png)Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/10593Publicise list of aports without a maintainer2023-06-07T13:27:34ZTBKPublicise list of aports without a maintainerWe currently have quite a few aports without a maintainer spread across
all branches.
One possible solution to reduce the number is to bring the issue to the
community’s attention.
An automated solution weekly/bi-weekly listing the apo...We currently have quite a few aports without a maintainer spread across
all branches.
One possible solution to reduce the number is to bring the issue to the
community’s attention.
An automated solution weekly/bi-weekly listing the aports (without a
maintainer) seeking a new home.
The list could be pushed to the website, IRC and ML for maximum
exposure.
*(from redmine: issue id 10593, created on 2019-06-20)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/10606Redmine and git project/repo conversion/migration to Gitlab2019-07-18T21:17:09ZCarlo LandmeterRedmine and git project/repo conversion/migration to Gitlabwe currently have a specific setup on both Redmine and git.a.o.
### Redmine projects
- AConf
- Alpine Linux
- Alpine Build tools (abuild)
- Alpine Documentation
- Alpine Infrastructure
- Alpine Package Keepe...we currently have a specific setup on both Redmine and git.a.o.
### Redmine projects
- AConf
- Alpine Linux
- Alpine Build tools (abuild)
- Alpine Documentation
- Alpine Infrastructure
- Alpine Package Keeper (apk-tools)
- Alpine Security
- Alpine Setup Scripts
- AWall
- Squark
### git.a.o repos
- Alpine Projects
- repos
- Docks
- repos
- ACF
- repos
- Hosted
- repos
- user
- user repos
### Namespace conversion for projects with source code (git repo):
- projects/alpine =>alpine/aports
- projects/abuild =>alpine/abuild
- projects/apk-tools =>alpine/apk-tools
- projects/alpine-conf =>alpine/alpine-conf
- projects/awall =>alpine/awall
### Namespace conversion for projects without source code (git repo)
These would have a single README.md explaining these projects have
issues only
- projects/alpine-infra =>alpine/infra/general
- projects/alpinedoc =>alpine/docs/general
- projects/alpine-security =>alpine/security/general
### Docs (git repos)
These have no projects on redmine and can be converted to similar Gitlab
namespacing:
- alpine/docs/repository
### Hosted (git repos)
Need to check under which namespace to move these
### ACF
There are a lot of repos on git.a.o and we have mixed the issues within
the alpine (aports) namespace.
We have to discus with Ted Trask how to handle this.
### AConf
I think we can skip migrating Aconf, this project seems empty on
redmine.
### Squark
This seems like an old project. Probably easier to just keep it on
git.a.o
### User repos
We can allow users to migrate their repositories into gitlab or just
keep them on git.a.o.
*(from redmine: issue id 10606, created on 2019-06-23)*
* Relations:
* parent #10573Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/10634Migration steps from Redmine to Gitlab2019-07-18T21:16:49ZCarlo LandmeterMigration steps from Redmine to GitlabSetup alpine-docker-gitlab
==========================
Docker
------
1. Clone: https://github.com/clandmeter/alpine-docker-gitlab
2. Use a docker-compose file like https://tpaste.us/Bo7b
3. Generate secrets by exec contrib/secrets.sh...Setup alpine-docker-gitlab
==========================
Docker
------
1. Clone: https://github.com/clandmeter/alpine-docker-gitlab
2. Use a docker-compose file like https://tpaste.us/Bo7b
3. Generate secrets by exec contrib/secrets.sh
4. Start docker containers with docker-compose up (keep it in the
foreground to see if something goes wrong)
5. See console for root password or look it up in the secrets files
6. modify unicorn.rb and set process to threads+1
7. restart docker-compose but in the background
Gitlab
------
1. Login to gitlab as root
2. Create alpine Group
3. Create aports project
4. Set group/project writable for users
5. Add a SSH key to the root user (we need it to push aports)
6. Create an API for the root user for migration
7. git push aports with mirror option
Redmine
-------
1. Create api key for admin users on redmine
Migration
---------
### Installation of migrator
1. clone https://github.com/johan-smits/redmine-gitlab-migrator
2. Follow readme to install python application
### Users
1. Generate a users.txt file from the script on mysql db server
(`ssh root`alpine-db.nld3.alpin.pw sh /root/get-redmine-users.sh@)
2. migrate all bugs users to gitlab
- Script https://tpaste.us/baLW
- this makes all of them admins
### Milestones
1. Use migrator from
https://github.com/johan-smits/redmine-gitlab-migrator
2. migrate-rg roadmap —no-verify \\
—redmine-key “$redmine\_api\_key” \\
—gitlab-key “$gitlab\_api\_key” \\
“$redmine\_uri” “$gitlab\_uri”
### Issues
1. Use migrator from
https://github.com/johan-smits/redmine-gitlab-migrator
2. migrate-rg issues —debug —no-verify —keep-id \\
—redmine-key $redmine\_api\_key \\
—gitlab-key $gitlab\_api\_key \\
$redmine\_uri $gitlab\_uri
3. debug is to make it output something when its pre processing
Cleanup
-------
1. Reset all admin privs by setting admin=false in db for all users
except admin
Configuration
-------------
1. TODO
*(from redmine: issue id 10634, created on 2019-06-28)*
* Relations:
* parent #10573Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9573Add TLS certificate for email relaying in lists.alpinelinux.org2022-10-06T21:01:19ZMilliardo PeacecraftAdd TLS certificate for email relaying in lists.alpinelinux.orgHello,
As subject states, lists.alpinelinux.org doesn’t offer a certificate for
using STARTTLS in MTA to MTA communication. This can be checked by:
$ openssl s_client -connect lists.alpinelinux.org:25 -starttls smtp
CONNECTED(0...Hello,
As subject states, lists.alpinelinux.org doesn’t offer a certificate for
using STARTTLS in MTA to MTA communication. This can be checked by:
$ openssl s_client -connect lists.alpinelinux.org:25 -starttls smtp
CONNECTED(00000003)
didn't find starttls in server response, try anyway...
22101338425312:error:1400410B:SSL routines:CONNECT_CR_SRVR_HELLO:wrong version number:/usr/src/lib/libssl/ssl_pkt.c:386:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 208 bytes and written 0 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Start Time: 1540317980
Timeout : 7200 (sec)
Verify return code: 0 (ok)
---
Under some email servers setups such as mine, email isn’t relayed if the
remote doesn’t provides STARTTLS.
Best regards.
*(from redmine: issue id 9573, created on 2018-10-24)*