Moving KGB to a DSA-hosted server
Here are some notes about a possible approach to moving the KGB service to a DSA-hosted server.
Why
- High availability
- No need to mail the service administrators
Why not
- different organisation. changes can be hard
How
KGB already supports conf.d/-style config snippets which makes it possible to separate the configuration of different projects. The hard parts are:
- make sure that only the original submitter can alter the configuration of her project
- avoid clashes between the configs of the different projects
All requests for changes need to be signed by a key in the debian developer/maintainer keyrings. The requests are sent to control@kgb.debian.org. Non-signed mails are ignored.
A procmail receipe is created for the control@kgb.debian.org mail, which stores the requests using unique names in /var/lib/kgb/requests. A new daemon process is created on the server polling the directory and serving the requests in the order they have arrived. That process verifies request signature and checks for conflicts. Results are stored under /etc/kgb-bot/conf.d/, named $project.conf. That file has one or more comments # Maintainer: <key-id> in it , showing who can issue the get-config request. /etc/kgb-bot/conf.d/ is under Git control and every change is committed with the mail text used as a commit message.
After each request is processed, results are sent back to the sender and the bot is reloaded.
A new tool is created, kgb-project-admin which helps create and sign requests. It supports the following operations:
- add-project
Prompts interactively for project name, IRC channel name, IRC network (oftc/freenode), password and whether to mirror the notifications to #CIA on freenode. Maintainer is assumed to be the user running the helper (via $DEB_FULL_NAME and $DEB_EMAIL).
add-maintainer <project> <maintainer>
remove-maintainer <project> <maintainer>
change-password <project>
- Prompts for the new password
remove-project <project>
get-config <project>
- moreā¦?
Migration
We already keep projects' configuration in separate files (AFAIK). What we possibly miss is the maintainer keys. Perhaps personal mail archives can help here. A mail to debian-devel-announce may be needed at some point. That could also help in making projects change their client configuration to refer to kgb.debian.org instead of the three servers currently used. DNS aliasing seems possible (as long as projects' client configuration refers to kgb.*) for KGB-0 and KGB-1, but not KGB-2.
Work plan
- Get in touch with the DSA and have their input on the overall mechanics
- Implement the new request-serving process
Implement kgb-project-admin
- Update the kgb-bot package and make it available for the stable distribution via backports
- Request a new server from the DSA and install/configure everything
- Migrate existing projects' configuration
- Mail debian-devel-announce, add an entry for the developer news
- Wait for people to migrate their client configurations
- Stop the current bot instances