Moving KGB to a DSA-hosted server

Here are some notes about a possible approach to moving the KGB service to a DSA-hosted server.

Why

Why not

How

KGB already supports conf.d/-style config snippets which makes it possible to separate the configuration of different projects. The hard parts are:

All requests for changes need to be signed by a key in the debian developer/maintainer keyrings. The requests are sent to control@kgb.debian.org. Non-signed mails are ignored.

A procmail receipe is created for the control@kgb.debian.org mail, which stores the requests using unique names in /var/lib/kgb/requests. A new daemon process is created on the server polling the directory and serving the requests in the order they have arrived. That process verifies request signature and checks for conflicts. Results are stored under /etc/kgb-bot/conf.d/, named $project.conf. That file has one or more comments # Maintainer: <key-id> in it , showing who can issue the get-config request. /etc/kgb-bot/conf.d/ is under Git control and every change is committed with the mail text used as a commit message.

After each request is processed, results are sent back to the sender and the bot is reloaded.

A new tool is created, kgb-project-admin which helps create and sign requests. It supports the following operations:

Migration

We already keep projects' configuration in separate files (AFAIK). What we possibly miss is the maintainer keys. Perhaps personal mail archives can help here. A mail to debian-devel-announce may be needed at some point. That could also help in making projects change their client configuration to refer to kgb.debian.org instead of the three servers currently used. DNS aliasing seems possible (as long as projects' client configuration refers to kgb.*) for KGB-0 and KGB-1, but not KGB-2.

Work plan