On 11/18/19 1:34 AM, Sven-Hendrik Haase via arch-devops wrote:
Hi all,
I set up a new Hetzner VPS that is going to become our new homedir/public_html server available to all TUs and Devs like soyuz was. We decided to decommission soyuz and put the public_html stuff on its own server for security reasons, to cut costs, and so that we can compartmentalize further.
[...]
If you had stuff hosted in the public_html of soyuz, I'd ask you to transfer stuff over to the new box which is already reachable at the names pkgbuild.com (you'll get an SSH error because of this) and homedir.archlinux.org. Please check if you can throw away some old stuff/junk that you might not necessarily need on the new server.
Reminder for those who forgot how they initially made their homedir accessible: setfacl -m 'u:http:x' "$HOME" And make sure that public_html/ has granted chmod o+rX permission for the http user, and, optionally, that any super secretive files directly under $HOME are chmod o-rwx to prevent the http user from guessing they are there and attempting to read them by name. -- Eli Schwartz Bug Wrangler and Trusted User