Opened 5 weeks ago

Last modified 7 days ago

#32800 new task

Creating some space to host Tor Browser nightly updates

Reported by: boklm Owned by: tpa
Priority: Medium Milestone:
Component: Internal Services/Tor Sysadmin Team Version:
Severity: Normal Keywords: tbb-update, TorBrowserTeam202001
Cc: boklm, tbb-team Actual Points:
Parent ID: #18867 Points:
Reviewer: Sponsor:

Description

We need a space to upload and make available the Tor Browser nightly updates, for #18867.

In the past we had https://nightlies.tbb.torproject.org/, created in #24921. However it seems it doesn't exist anymore.

We could reuse the same name, https://nightlies.tbb.torproject.org/. An .onion address would be nice too.

Space needed will be ~10G in the beginning (starting with only 5 locales, but we'll maybe want to increase that number in the future).

Child Tickets

Change History (4)

comment:1 Changed 5 weeks ago by boklm

To upload the files there, I am planning to use a specific ssh key. It would be nice to be able to restrict what this ssh key can do, in authorized_keys, for example using rrsync (/usr/share/doc/rsync/scripts/rrsync.gz in the debian rsync package).

comment:2 Changed 2 weeks ago by sysrqb

Keywords: TorBrowserTeam202001 added; TorBrowserTeam201912 removed

comment:3 Changed 8 days ago by pili

bumping this one :)

comment:4 Changed 7 days ago by anarcat

gotcha, pili. i talked about this with weasel quickly today and we might be able to accomodate you on the new static-master infrastructure he deployed a few months ago.

the checklist is:

  1. create a role in LDAP, if missing
  2. create a (new?) static-source host instead of shoving everyone in the static-master
  3. give the role group access to the role user. create authorized_keys file writable by role user on the source.
  4. add a static component, publishing to the web-fsn-* mirrors

I'm not exactly sure how step 4 works here, but we'll see...

Last edited 7 days ago by anarcat (previous) (diff)
Note: See TracTickets for help on using tickets.