Roll call: who's there and emergencies

No emergencies, anarcat, hiro, ln5 and weasel present, qbi joined halfway through the meeting.

What has everyone been up to


  • screwed up and exposed Apache's /server-status to the public, details in #30419. would be better to have that on a separate port altogether, but that was audited on all servers and should be fixed for now.

  • moved into a new office which meant dealing with local hardware issues like a monitors and laptops and so on (see a review of the Purism Librem 13v4 and the politics of the company)

  • did some research on docker container security and "docker content trust" which we can think of "Secure APT" for containers. the TL;DR: is that it's really complicated, hard to use, and the tradeoffs are not so great

  • did a bunch of vegas meetings

  • brought up the idea of establishing a TPI-wide infrastructure budget there as well, so i'll be collecting resource expenses from other teams during the week to try and prepare something for those sessions

  • rang the bell on archive.tpo overflowing in #29697 but it seems i'll be the one coordinating the archival work

  • pushed more on the hiera migration, now about 80% done, depending on how you count (init.pp or local.yaml) 13/57 or 6/50 roles left

  • tried to get hiro more familiar with puppet as part of the hiera migration

  • deployed and documented a better way to deploy user services for the bridgesdb people using systemd --user and loginctl --enable-linger instead of starting from cron

  • usual tickets triage, support and security upgrades


  • been helping a bit anarcat with Puppet to understand it better

  • setup from Puppet using that knowledge and weasel's help

  • busy with the usual website tasks, new website version going live today (!)

  • researched builds on Jenkins, particularly improved scripts and jobs for Hugo and onionperf documentation

  • deployed new version of gettor in production

  • putting together website docs on dip

  • setup synchronization of TBB packages to with GitlabCI downloading from and pushing to the gitlab and github repositories


  • usual helping out

  • day-to-day stuff like security things

  • can't really go forward with any of the upgrades/migrations/testing without new hw.


  • on vacation half of may

  • decided, with Sue and Isa, to end the contract early which should free up resources for our projects


  • mostly trac tickets (remove attachments, adding people, etc.)

  • list maintainership - one new list was created

What we're up to next


  • expense survey across the teams to do a project-wide infrastructure budget/planning and long term plan

  • finish the hiera migration

  • need to get more familiar with backups, test restore of different components to see how they behave, to not have to relearn how to use bacula in an emergency

  • talk with Software Heritage, OSL, and IA to see if they can help us with archive.tpo, as i don't see us getting short-term "throw hardware at the problem" fix for this


  • somewhat busy again in June, at least a week away with limited access

  • work on Ganeti/KVM clustering when we get the money


  • Stockholm meeting prepatations

  • Tor project development, unrelated to TPA


  • planning to get more involved with puppet

  • more gettor tasks to finish and websites as usual

  • finish the websites documentation in time for mandatory Lektor training at the dev-meeting so that it's easy enough for people to send PR via their preferred git provider, which includes for example people responsible for the newsletter as lektor also have a Mac app!


  • react on new tickets or try to close some older tickets

  • happy to do bite-sized tasks (<30min)

Cymru followup?

Point skipped, no new movement.

New mail service requests

We discussed the request to run an outbound mailserver for TPO users. Some people have trouble getting their email accepted at third party servers (in particular google) using their email address. However, specific problems have not been adequately documented yet.

While some people felt the request was reasonable, there were concerns that providing a new email service will introduce a new set of (hidden and not-so-hidden) issues, for instance possible abuse when people lose their password.

Some also expressed the principle that e-mail is built with federation in mind, so we should not have to run a mail-server as people should be able to just use their own (provider's) mailserver to send mail, even if Google, Microsoft, and those who nowadays try to own the e-mail market, would like to disagree.

Even if users don't have a reasonable outgoing mailserver to use, maybe it need not be TPA who provide this service. It was proposed that the service would be better handled by some trustworthy 3rd party, and TPO users may, but need not, use it.

We all agree that people need their emails to work. For now, we should try to properly document concrete failures. Anarcat will gently push back on the ticket to request more concrete examples

One way to frame this is whether TPI wants to provide email services or not, and if so, if that should be done internally or not. Anarcat will bring this up at the next Vegas meeting.

Stockholm meeting planning

By july, anarcat should have produced an overview of our project-wide expenses to get a global view of our infrastructure needs. The idea would then be to do some real-time, in-person planning during the Tor meeting in July and make some longer-term plans. Questions like email hosting, GitLab vs Trac, Nextcloud, how many servers we want or need, etc.

It was proposed we do like in Brussels, where we had a full day focused on the TPA team. We still have to figure out if we have the space for that, which anarcat will followup on. There's a possibility of hosting at Sunet's offices, but the 10 minutes walk would make this a little impractical. It's likely we'll be able to find space, fortunately, and we'll try to figure this out this week.

Other discussions

No other discussion was brought up.

Next meeting

Next meeting will be held on monday july 1st, same hour (1400UTC, 1000 east coast, 1600 europe).

Meeting agrees minutes will be sent without approval from now on.