infra issueshttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues2023-06-07T13:27:34Zhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/10593Publicise list of aports without a maintainer2023-06-07T13:27:34ZTBKPublicise list of aports without a maintainerWe currently have quite a few aports without a maintainer spread across
all branches.
One possible solution to reduce the number is to bring the issue to the
community’s attention.
An automated solution weekly/bi-weekly listing the apo...We currently have quite a few aports without a maintainer spread across
all branches.
One possible solution to reduce the number is to bring the issue to the
community’s attention.
An automated solution weekly/bi-weekly listing the aports (without a
maintainer) seeking a new home.
The list could be pushed to the website, IRC and ML for maximum
exposure.
*(from redmine: issue id 10593, created on 2019-06-20)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/10484lxc-based builders seem not to have lxcfs enabled2020-04-19T13:31:02ZChloe Kudryavtsevlxc-based builders seem not to have lxcfs enabledUnder lxc, side-effects can happen when resources are limited.
As an example, see
https://build.alpinelinux.org/buildlogs/build-edge-x86/community/caddy/caddy-1.0.0-r0.log
This is caused by the container not knowing what it’s actuall...Under lxc, side-effects can happen when resources are limited.
As an example, see
https://build.alpinelinux.org/buildlogs/build-edge-x86/community/caddy/caddy-1.0.0-r0.log
This is caused by the container not knowing what it’s actually allowed
to use, and thus not having a value (in this case, defaulting to –1).
This can and will cause various failures.
*(from redmine: issue id 10484, created on 2019-05-23)*Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/10223Verify / update firewall rules ipv62020-09-15T17:12:14ZKevin DaudtVerify / update firewall rules ipv6At the moment we mostly concentrated on IPv4 rules. Although awall by
default also includes ipv6 rules, we still need to verify them to see if
the rules are working properly.
*(from redmine: issue id 10223, created on 2019-04-09)*At the moment we mostly concentrated on IPv4 rules. Although awall by
default also includes ipv6 rules, we still need to verify them to see if
the rules are working properly.
*(from redmine: issue id 10223, created on 2019-04-09)*Kevin DaudtKevin Daudthttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9912Writeable install images2022-07-24T02:05:31ZRichard MortierWriteable install imagesI was recently installing a set of machines, and used the provided .ISO
images on a USB stick to do so.
That worked fine, but it would’ve been nice if I could’ve customised the
image after the first install as it would’ve made each sub...I was recently installing a set of machines, and used the provided .ISO
images on a USB stick to do so.
That worked fine, but it would’ve been nice if I could’ve customised the
image after the first install as it would’ve made each subsequent
install a bit quicker.
I couldn’t do this because the ISO filesystem is read-only.
Would it be possible to provide (eg) an EXT2 or VFAT or something image
file that could be downloaded, burnt to a USB stick, and then modified
after first boot please?
*(from redmine: issue id 9912, created on 2019-01-25)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9899add ntp servers for alpine2022-11-09T12:51:56ZNatanael Copaadd ntp servers for alpinewe should not use pool.ntp.org for our default ntp config, instead we
should set up our own ntp servers.
https://www.pool.ntp.org/vendors.html#vendor-zone
https://www.pool.ntp.org/vendors.html#open-source
*(from redmine: issue id 98...we should not use pool.ntp.org for our default ntp config, instead we
should set up our own ntp servers.
https://www.pool.ntp.org/vendors.html#vendor-zone
https://www.pool.ntp.org/vendors.html#open-source
*(from redmine: issue id 9899, created on 2019-01-23)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9698FWD: CERT/CC needs Alpine email address & contact information for vulnerabil...2020-04-14T21:01:23ZNatanael CopaFWD: CERT/CC needs Alpine email address & contact information for vulnerability reports————— Forwarded message ————-
From: Laurie A Tyzenhaus <latyzenhaus@cert.org>
Date: qua, 21 de nov de 2018 às 18:16
Subject: CERT/CC needs Alpine email address & contact information for
vulnerability reports
Daniel Sabogal; Al...————— Forwarded message ————-
From: Laurie A Tyzenhaus <latyzenhaus@cert.org>
Date: qua, 21 de nov de 2018 às 18:16
Subject: CERT/CC needs Alpine email address & contact information for
vulnerability reports
Daniel Sabogal; Alicha CH;
CERT Coordination Center is updating their contact list and finds that
the
email address we have, alpine@bugs.alpinelinux.org, is not valid.
Please take a few minutes to reply to this email with an email address
that
the Alpine Linux security team will be reviewing. A current contact
email
address is vital to alerting vendors to the latest vulnerabilities CERT
is
researching and reporting.
Best Regards,
CERT Coordination Center
*(from redmine: issue id 9698, created on 2018-11-27)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9650Implement detailed monitoring of container hosts2019-07-12T16:31:09ZKevin DaudtImplement detailed monitoring of container hostsMonitoring so far has only be done from the outside, checking that
websites and other services were available.
Now the need has risen to get monitoring of things like used disk space
as well (some hosts almost run out of disk space). Fo...Monitoring so far has only be done from the outside, checking that
websites and other services were available.
Now the need has risen to get monitoring of things like used disk space
as well (some hosts almost run out of disk space). For that to be
possible we need some kind of agent installed on the host. For Zabbix,
we have 2 options:
- SNMP
- Zabbix agent
So we need to choose what method we are going to use. One consideration
we need to take into account is security, especially for the builder
hosts.
*(from redmine: issue id 9650, created on 2018-11-16)*Kevin DaudtKevin Daudthttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9073GDPR compliance2019-07-12T16:30:02ZTBKGDPR complianceAccording to
https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-personal-data\_en\#examples-of-personal-data
the data collected for the creation of an account for the following two
sites:
- https://wiki.alpinelinux.or...According to
https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-personal-data\_en\#examples-of-personal-data
the data collected for the creation of an account for the following two
sites:
- https://wiki.alpinelinux.org/w/index.php?title=Special:UserLogin&returnto=Main+Page&type=signup
- https://bugs.alpinelinux.org/account/register
is considered personal data so the statement “We do not process personal
data on this site.” found on the sites mentioned below is no longer
valid:
- https://alpinelinux.org/privacy-policy.html
- https://wiki.alpinelinux.org/wiki/Alpine\_Linux:Privacy\_policy
I do not know what kind of legal entity the Alpine Linux project is or
where it is registered, nor is privacy law or any kind of law my area
expertise I just want to bring it to attention so if any incident should
happen the AL project has taken its precautions and have procedures in
place.
*(from redmine: issue id 9073, created on 2018-07-11)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/8468MQTT authentication2022-11-06T21:22:06ZCarlo LandmeterMQTT authenticationWith the introduction of topic structure and SSL support for MQTT we
should also add ACL+authentication to mosquito.
*(from redmine: issue id 8468, created on 2018-02-02)*
* Relations:
* parent #8421With the introduction of topic structure and SSL support for MQTT we
should also add ACL+authentication to mosquito.
*(from redmine: issue id 8468, created on 2018-02-02)*
* Relations:
* parent #8421Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/8429Mirror redirector2019-07-12T16:28:51ZDaniel Isaksendisaksen@alpinelinux.orgMirror redirectorIn order to fully utilize our numerous mirrors, we must create a HTTP
mirror redirector for use in \`apk\`.
I have looked into using GeoDNS for this, but considering mirrors store
alpine on different paths (i.e. /alpinelinux, /alpine-li...In order to fully utilize our numerous mirrors, we must create a HTTP
mirror redirector for use in \`apk\`.
I have looked into using GeoDNS for this, but considering mirrors store
alpine on different paths (i.e. /alpinelinux, /alpine-linux, /alpine)
this is impossible.
I will test mirrorbits for this, and keep this issue updated with
progress.
*(from redmine: issue id 8429, created on 2018-01-27)*Daniel Isaksendisaksen@alpinelinux.orgDaniel Isaksendisaksen@alpinelinux.orghttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/8421Define mqtt (msg.alpinelinux.org) topic structure2019-07-12T16:28:49ZCarlo LandmeterDefine mqtt (msg.alpinelinux.org) topic structureWe should define a structure to use for our mqtt topics. Currently we
have:
- git/\*
- build/\*
- alert/\*
- rsync/\*
- monitoring/\*
- issues/\*
Are there any good design principles for topic structure?
*(from redmine: i...We should define a structure to use for our mqtt topics. Currently we
have:
- git/\*
- build/\*
- alert/\*
- rsync/\*
- monitoring/\*
- issues/\*
Are there any good design principles for topic structure?
*(from redmine: issue id 8421, created on 2018-01-25)*
* Relations:
* child #8468Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/8414Central syslog server2019-07-12T16:28:47ZDaniel Isaksendisaksen@alpinelinux.orgCentral syslog serverWe should, for auditing and security purposes, set up a syslog server to
receive logs from all hosts we manage.
I propose we forward syslog from hosts to syslog-ng, possibly using
logstash and elasticsearch.
*(from redmine: issue id 8...We should, for auditing and security purposes, set up a syslog server to
receive logs from all hosts we manage.
I propose we forward syslog from hosts to syslog-ng, possibly using
logstash and elasticsearch.
*(from redmine: issue id 8414, created on 2018-01-25)*