[arch-dev-public] [RFC] Moving repos to nymeria

[Florian Pritz]

Hi,

So we got a new box (nymeria) and I'd like to move
core/extra/community/multilib/testing/.. repos + svn over there.

Setup overview / changes:
 - create shell accounts for every user, but only allow certain commands
to be executed (dbscripts, rsync)
 - move the svn2git conversion script to nymeria and let gudrun sync the
repo periodically for cgit
 - let archweb sync the needed database files periodically
 - integrity check will run on nymeria
 - postfix for @archlinux.org and @aur.archlinux.org: see below [postfix]
 - did I miss something?

Benefits:
 - more trustful/locked-down system (could be useful for db signing)
 - 1TB of disk space (~900GiB for packages)
 - 100Mbit/s uplink
 - all packages on one box so if we do a big move, extra and community
can be synced without admin intervention if dbscripts support that
 - gerolde won't run much (anything?) any more so it could potentially
be merged back into gudrun/host system

Drawbacks (kind of):
 - no more shell accounts for browsing the repo (brynhild can be used
for that)
 - different network latency (gudrun is located in the US, nymeria in
Germany)
 - users can no longer <s>mess up</s> change the repo db manually (no
idea if that's still valid, but it happened a few years ago)


[postfix]:
We can move both domains to nymeria and let users change the forward
destination themselves (need to make sure that you can't run arbitrary
commands) or just appoint an admin that takes care of changing the
destination since that shouldn't happen too often. In the second case we
can keep them on gudrun/sigurd or move them where ever we want.


Comments welcome.

-- 
Florian Pritz

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-dev-public/attachments/20120906/5d951642/attachment.asc>