<stikonas>it should also be fairly simple to maintain as it's just a single binary (all resources are compiled in) <stikonas>oh ok, FSFE uses it too... I wasn't aware of that <stikonas>oh, it's some kind of binary artifactory... <stikonas>we can probably start without it and add it later <oriansj>so we have fallback options if things go really bad <oriansj>of the (throws hands up and gives up) variety <oriansj>So figure out the install procedure, write up a install procedure/script and then setup the git.bootstrapping.world and give you and everyone here access <stikonas>the biggest problem with scripts is where to store passwords... <stikonas>(since you don't want to store admin or mysql password in configuration script) <oriansj>stikonas: oh, my default solution is to make password generation be random and sent to the users in an encrypted message that only they can decrypt <oriansj>so the install script would call pwgen set a 200+ character password, put in a gpg encrypted block and send that to the user@email <oriansj>that way there is no way for anyone to know the password unless they can decrypt the message or can guess the contents of /dev/random <muurkha>a 256-bit passphrase looks like: he whole deny lazy tune nave fc bitch gis rake mare two upon stay col peak carol eat bert lists egg check <oriansj>muurkha: true but it ends discussion of if they are secure when dealing with auditors real quick <muurkha>ugh, maybe I should blacklist "bitch" <muurkha>it shouldn't, those auditors are stupid <stikonas>yes, even 30 alphanumeric charachters would already be about 150-bits of entropy <oriansj>well yes in a technical perspective but they are very very useful in getting things fixed. <muurkha>200+ characters generated from the low 16 bits of your PID would be easily brute-forceable <oriansj>muurkha: fair, hence why I said pwgen <muurkha>right, but if you're using those you don't need 200+ characters <muurkha>a smart auditor who sees those 200+ characters will wonder what you're trying to hide <muurkha>or whether you know enough to be using /dev/random instead of your PID :) <oriansj>muurkha: a smart auditor would just look at the git repo and say: you are good and give us the checkbox <oriansj>but smart auditors stop being auditors because answering the auditor's questions pays better <muurkha>hopefully a smart auditor would look at the git repo and report some bugs to you <oriansj>I'd be happy if they actually found something that actually was a problem. They miss absolutely basic things (unless they somehow magically get information pointing them in that direction) ***genr8eofl_ is now known as genr8eofl
<oriansj>stikonas: looks like a gitea setup is just download binary and copy config on a server with git and sqlite3 installed <stikonas>I think I used mysql on my server, but sqlite3 would do <stikonas>then I think on first use it would ask you to configure some stuff, e.g. set up admin password <stikonas>well, you would still need to set up forwarding in your web server from port 8080 (or wherever it listens) to 443 on git.bootstrapping.world <oriansj>I wonder if I can script that bit out <stikonas>it won't ask that if config file is found <oriansj>and setup LetsEncrypt cert with the proxy service <stikonas>then you'll have a reasonably good config file <oriansj>and I'll probably need to setup something to routinely check for newer versions of the binary and email if they appear <stikonas>hmm, I don't have that problem when I use distro packages... <muurkha>okay, adding a blacklist of too-evocative words to my passphrase generator took longer than I expected <stikonas>alternatively we can setup autoupdating rootless podman container... <stikonas>anyway, I'll go to bed soon, will be back tomorrow evening <oriansj>sweet dreams, hopefully I can get over analysis paralysis before you wake up <stikonas>haven't yet figured out the problem in kaem (uefi) but something strange is going on <oriansj>well there is a very good reason to only use calloc as not all systems can be expected to zero memory before handing it to you <stikonas>well, it might be something else, don't know yet <stikonas>but at some point (after some space character) higher 8-bits of 16-bit character somehow are set <stikonas>will fix it tomorrow but the bug is here <stikonas>I think UEFI functions expect 16-bit of memory there instead of 8-bit <oriansj>I wonder if it would be too weird to require port knocking for people wishing to git push to a gitea instance on port 22 <stikonas[m]>oriansj: in my opinion SSH with no password auth should be secure enough <stikonas[m]>(And maybe with some older/weaker SSH ciphers disabled) <stikonas[m]>Port knocking is just a few more bits of entropy, shouldn't matter with long SSH keys <stikonas[m]>And especially given the fact that SSH shell there is restructed ***pgreco_ is now known as pgreco