Agenda 1. Hardware Planning 2012-2014 * udd.debian.org (UBCECE) + Option 1: DL360 - 2x4C Intel Xeon 3.2 GHz - 48-64GB - 4x480GB Intel 520 SSDs (not from HP) + Option 2: c3000 Blade - 2x4C Intel Xeon 3.2 GHz - 64GB - 2x480GB Intel 520 SSDs (not from HP) * bugs-master.debian.org (OSL) - same specs as UDD? * MSA2012i UBCECE: - more disks (being handled) - secondary controller * more disks backup.debian.org (not needed ATM) * warranty to extend? - Blade enclosure - MSA * more ram for kassia -> there's a ticket 3. puppet * what to add + Unify HTTPS config + * what to remove 4. Services * disaster recovery backup for core hosts: implement bacula * sso.debian.org - documentation (different passwords, what they're used for) - announcement - do proper juristiction - other services: - debtags.debian.net - wiki.debian.org - nagios.debian.org - rt.debian.org - blog/news/press/bits.debian.org * db.debian.org - new read-only copy of LDAP (called db.d.o), rename writable copy to db-master.d.o - when users are changed, they should get a mail of the changes (filter out activity changes) - when objects are added or removed, d-a@d.o (or a similar list) gets a mail - publicly accessible read only copy of the LDAP. - ldap access to db-master.d.o becomes restricted/disabled - possibility to self-lock the account. * i18n/ddtp.debian.org? - dukas and tye.debian.org, set up last summer, unused ever since → decommission. * planet.debian.org - move to VM - have it on IPv6 * static-master.d.o (CDN!) - for security, backports, www, bits, ... * blog/news/press/bits.debian.org * rt.d.o - Group membership synchronisation with ldap - Precreate all users from ldap as privileged users, disabled password, but allowed to log in with SSO. Make sure Alioth -guest users can't log in 5. Social * DMUP 2.0? - cut it down to the introduction, iff we change it at all * More DSA members? Who? - no and no.