... | ... | @@ -2,82 +2,82 @@ |
|
|
|
|
|
[[_TOC_]]
|
|
|
|
|
|
# Legal stuff for Gitlab/all Arch services
|
|
|
## Legal stuff for Gitlab/all Arch services
|
|
|
|
|
|
## State
|
|
|
### State
|
|
|
|
|
|
- [ToS merge request](https://gitlab.archlinux.org/archlinux/service-agreements/-/merge_requests/2)
|
|
|
- [privacy policy merge request](https://gitlab.archlinux.org/archlinux/service-agreements/-/merge_requests/1)
|
|
|
- @anthraxx contacted lawyer who also did CCC legal work
|
|
|
- Apparently can be done pretty quickly
|
|
|
|
|
|
## Who
|
|
|
### Who
|
|
|
|
|
|
* @anthraxx
|
|
|
|
|
|
## Actionable
|
|
|
### Actionable
|
|
|
|
|
|
* Review Sven's mail and provide feedback
|
|
|
* Contact lawyer and get legal docs reviewed/created
|
|
|
* Review this on the first of October. and see whether there was any progress
|
|
|
* Make sure we're GDPR and DSGVO compliant
|
|
|
|
|
|
# Opening up Keycloak
|
|
|
## Opening up Keycloak
|
|
|
|
|
|
## State
|
|
|
### State
|
|
|
|
|
|
- Legal stuff left
|
|
|
- !93
|
|
|
- #151
|
|
|
|
|
|
## Who
|
|
|
### Who
|
|
|
|
|
|
- All
|
|
|
|
|
|
## Actionable
|
|
|
### Actionable
|
|
|
|
|
|
- Make GitLab Grafana dashboard
|
|
|
|
|
|
# Mail server migration
|
|
|
## Mail server migration
|
|
|
|
|
|
## State
|
|
|
### State
|
|
|
|
|
|
- Not done
|
|
|
|
|
|
## Who
|
|
|
### Who
|
|
|
|
|
|
- @grazzolini
|
|
|
|
|
|
## Actionable
|
|
|
### Actionable
|
|
|
|
|
|
- Migrate mail server on 2020-09-25
|
|
|
|
|
|
# Backup stuff
|
|
|
## Backup stuff
|
|
|
|
|
|
## State
|
|
|
### State
|
|
|
|
|
|
- #118
|
|
|
- #39
|
|
|
|
|
|
## Who
|
|
|
### Who
|
|
|
|
|
|
- @svenstaro @anthraxx
|
|
|
|
|
|
## Actionable
|
|
|
### Actionable
|
|
|
|
|
|
- Fix GitLab backups
|
|
|
- Validate backups
|
|
|
|
|
|
# Kape servers
|
|
|
## Kape servers
|
|
|
|
|
|
## State
|
|
|
### State
|
|
|
|
|
|
Research with tpm2-totp + SB is underway. Discusse with tpm2-totp author, and it's feasible to display the token over ssh. We should seal PCR 7, to detect SB being disabled. There's still research to do on grub side so it won't load the kernel and initramfs if they aren't also signed.
|
|
|
|
|
|
## Who
|
|
|
### Who
|
|
|
|
|
|
- @grazzolini
|
|
|
|
|
|
## Actionable
|
|
|
### Actionable
|
|
|
|
|
|
- Finish the research and add all information to this ticket: #144 |
|
|
\ No newline at end of file |