Return-path: Envelope-to: llg-board@lojban.org Delivery-date: Tue, 05 Oct 2021 20:59:46 -0700 Received: from mail-lf1-f41.google.com ([209.85.167.41]:37587) by 40c903596c50 with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1mXy5o-0000Uq-Si for llg-board@lojban.org; Tue, 05 Oct 2021 20:59:46 -0700 Received: by mail-lf1-f41.google.com with SMTP id i4so4642990lfv.4 for ; Tue, 05 Oct 2021 20:59:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=hi/gDRSmebTsRg8mT2o8EMACP9uWhJ9zXCAXxxsd62o=; b=KlZJMsFhQdPRtlLY3nMnR91Re7hz5jaDsBJDKGnbqxT9Bqc8X8jKFisG5JumVpmKfu TTwt/9wZ3sm2QQm0raUM1OIGYuCAVAyR7CfHWz4ARsSmQyzaglE6f1/aQYEJ/cnOheoC OorVtht0Itu7dLU5oT4vrYEopeALtxRrbVoh6M6tCszOupCD/7bNVEbitkpoTLrPwFlx uy/tp7Eco7ttpDKFq4iTNJSyYoP0Yjudbxb+EkldN26QrhaPoedzuAzwbn45dQHXgeVL 768bZ7hsqmEpqYlaIjNUm943yw+skv7dHiog6bmwTAslzAoNlu4dRv4sEpdfw3I+omR0 hyFg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=hi/gDRSmebTsRg8mT2o8EMACP9uWhJ9zXCAXxxsd62o=; b=fzH1CMNrbdfqqN9Hd9RlVZX7jmv0RgJl5dVTq4q7rZK7MzOsFJekZhbbFkQ/SqOIEX n5MKuL5fSH7NSVwUEkwfJ86/y/4+2j5I/tbuwYBfCffY62/NVpj0zyhP//yz1FJO/ATY VGxaLgGimKcly67yt6kfVLEGiMAlnSVbF6EJKpXfjKj/Y9I2ExKrWkOHCFnbdZBsvAw6 qOfMZxO2Ef0uTaoHOkH63L3ctb4ZGSaKbaXlOXk1EfnsAP0p0a8Vyofr1pxFMds0W2dS 0TNOHJx/5GA8Zd5jWQkhbVRj8DRKOwgxfQ84if/Yf+m/HbcEIQE3A8g1lMEqSBNEoHrf LO7g== X-Gm-Message-State: AOAM532531c1eVn8PdZWuaJG26INlpkep+5VJmbLCqaOpC4K2cWyL8XU YaXHQi6QsNIdd6bagXQv58Cxwiz/mE4uKnCc2qNxF5Wm X-Google-Smtp-Source: ABdhPJzOtMo5dUaN7EFBKSAY3e65eB7LZaD7ayaIc6jqLyWAdSfPLXI7WeG8EzEXfl2xucs6E8vCmDrHmLq+d7/J+H0= X-Received: by 2002:a05:6402:78f:: with SMTP id d15mr5080657edy.44.1633320968164; Sun, 03 Oct 2021 21:16:08 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Riley Lynch Date: Mon, 4 Oct 2021 00:15:57 -0400 Message-ID: Subject: Re: [PLEASE READ] Lojban Infrastructure Continuity & Videos To: Robin Lee Powell Cc: llg-board@lojban.org Content-Type: multipart/alternative; boundary="0000000000001c98f105cd7f2c0e" X-Spam-Score: 1.3 (+) X-Spam_score: 1.3 X-Spam_score_int: 13 X-Spam_bar: + X-Spam-Report: Spam detection software, running on the system "43876b25e8e2", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see @@CONTACT_ADDRESS@@ for details. Content preview: I watched the bus videos. Kudos to Robin on the containerization. For those who aren't familiar with containerization, essentially what Robin has done is take software that used to rely on being manually configured on the serv [...] Content analysis details: (1.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.5 DATE_IN_PAST_24_48 Date: is 24 to 48 hours before Received: date -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.167.41 listed in wl.mailspike.net] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [shunpiker[at]gmail.com] 0.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.167.41 listed in list.dnswl.org] 1.0 FREEMAIL_REPLY From and body contain different freemails --0000000000001c98f105cd7f2c0e Content-Type: text/plain; charset="UTF-8" I watched the bus videos. Kudos to Robin on the containerization. For those who aren't familiar with containerization, essentially what Robin has done is take software that used to rely on being manually configured on the servers that he personally runs, and package them in such a way that they can be automatically deployed to any hosting setup capable of running containers. Secondly, thank you for sharing the information about DNS/cloudflare/backup configuration. I've wondered how/where that was configured. I think a logical next step would be to try to stand up at least a subset of the containers on alternate infrastructure, both to verify that we can do that, and so that Robin is not the only person who knows how to get that done. I'd be glad to look into that, although it's not something I can take on until November. --Riley On Tue, Sep 28, 2021 at 2:53 AM Robin Powell wrote: > Everyone who receives this please ACK. Please feel free to share this > with whoever you, as the board / Lojban community stewards think is > appropriate. > > I have, finally, put the lojban.org infrastructure in a state that should > be complete proof against me and my house exploding, in the form of > normalizing the config as much as possible and producing a bunch of > instructional videos. > > PFA a very short video that is just a single password, that is then > referenced in the other videos I'm linking. If y'all want to come up with > a proper password sharing system, go for it, just make sure to include me > since I'm paying for these accounts :D > > Someone please actually *test* that you can use the password, i.e. by > logging into gandi.net > > The rest of the videos are unlisted youtube videos; this is fine because > they don't give away any secrets particularly. They are: > https://www.youtube.com/watch?v=0C9eAsnHQb4 , > https://www.youtube.com/watch?v=1R1wUCcWy_8 , > https://www.youtube.com/watch?v=qv1U3MP2Crs , and > https://www.youtube.com/watch?v=a7ctDjqDfbo > > A competent sysadmin, given these videos and all the stuff on github, > should have no great trouble taking over for me, even if all my servers and > myself are destroyed. > > Having said that, you'd probably find things a *lot* easier to recover > given access to my servers, so in case you really can't find me here's some > people you can contact; if none of them can reach me, it's pretty much a > certainty that I'm missing, which obviously they'd want to know about > anyway: > > PLEASE only use these in dire emergencies. > > Stephen Weeks / tene@allalone.org / 801-634-5859 > > Ruth Anne Ladue / raladueandroid@gmail.com / 650-576-3199 / 415-682-8246 > > Norma Gairdner / nrgairdner@gmail.com / 416-804-4252 / 905-852-2232 > > --0000000000001c98f105cd7f2c0e Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
I watched the bus videos.

Kudos to Robi= n on the containerization. For those who aren't familiar with container= ization, essentially what Robin has done is take software that used to rely= on being manually configured on the servers that he personally runs, and p= ackage them in such a way that they can be automatically deployed to any ho= sting setup capable of running containers.=C2=A0

Secondl= y, thank you for sharing the information about DNS/cloudflare/backup config= uration. I've wondered how/where that was configured.

I think a logical next step would be to try to stand up at least a = subset of the containers on alternate infrastructure, both to verify that w= e can do that, and so that Robin is not the only person who knows how to ge= t that done. I'd be glad to look into that, although it's not somet= hing I can take on until November.

--Riley

On Tue, Sep 28, 2021 at 2:53 AM Robin Powell <robinleepowell@gmail.com> wrote:
Everyon= e who receives this please ACK.=C2=A0 Please feel free to share this with w= hoever you, as the=C2=A0board / Lojban community stewards think is appropri= ate.

I have, finally, put the lojban.org infrastructure in a state that should= be complete proof against me and my house exploding, in the form of normal= izing the config as much as possible and producing a bunch of instructional= videos.

PFA a very short video that is just a single pa= ssword, that is then referenced in the other videos I'm linking.=C2=A0 = If y'all want to come up with a proper password sharing system, go for = it, just make sure to include me since I'm paying for these accounts :D=

Someone please actually *test* that you can use t= he password, i.e. by logging into gandi.net

The rest of the videos are unl= isted youtube videos; this is fine because they don't give away any sec= rets particularly.=C2=A0 They are:=C2=A0https://www.youtube.com/watch?v=3D= 0C9eAsnHQb4 ,=C2=A0https://www.youtube.com/watch?v=3D1R1wUCcWy_8 ,= =C2=A0https://www.youtube.com/watch?v=3Dqv1U3MP2Crs , and=C2=A0https:= //www.youtube.com/watch?v=3Da7ctDjqDfbo

A comp= etent sysadmin, given these videos and all the stuff on github, should have= no great trouble taking over for me, even if all my servers and myself are= destroyed.

Having said that, you'd probably f= ind things a *lot* easier to recover given access to my servers, so in case= you really can't find me here's some people you can contact; if no= ne of them can reach me, it's pretty much a certainty that I'm miss= ing, which obviously they'd want to know about anyway:

PLEASE only use these in dire emergencies.

Stephen Weeks /=C2=A0tene@allalone.org /=C2=A0801-634-5859 =C2=A0

Ruth Anne Ladue / raladueandroid@gmail.com / 650-576-3199 / 415-682-8246

Norma Gairdner /=C2=A0nrgairdner@gmail.com /=C2=A0 416-804-4252 /=C2=A09= 05-852-2232

--0000000000001c98f105cd7f2c0e--