\input{../preamble/preamble} \newcommand \meetingtype {Board Meeting} \newcommand \meetingdate {September 28, 2015} \newcommand \lastmeetingdate {April 28} \newcommand \meetingplace {Språkbanken, Gothenburg} \rhead{\footnotesize \meetingdate} \begin{document} \selectlanguage{swedish} \section*{Minutes, \meetingtype \\ \meetingdate} \newlength\tempOne% \settowidth\tempOne{Time and place:\quad}% \newlength\tempTwo% \setlength\tempTwo{\linewidth}% \addtolength{\tempTwo}{-\tempOne}% \parbox[t]{\tempOne}{% Time and place: }% \parbox[t]{\tempTwo}{\meetingdate, \meetingplace}\mypar \parbox[t]{\tempOne}{% Attendants: }% \parbox[t]{\tempTwo}{\mbox{}\vspace{-2\baselineskip}\vspace{2pt}% \begin{multicols}{3}% Gustav Eek\\ Lorena Llozhi \\ Guilhem Moulin\\ Leif-Jöran Olsson\\ Stian Rødven Eide\\ \end{multicols}% } \newcommand \meetingchairman {Stian Rødven Eide} \newcommand \meetingsecretary {Gustav Eek} \newcommand \approval {Leif-Jöran Olsson} \begin{enumerate} \item The meeting was opened. \item \meetingchairman\ was elected meeting chairman, \meetingsecretary\ meeting secretary, and \approval\ approval. \item The agenda was confirmed. \item The meeting went through the minutes from \lastmeetingdate. \begin{itemize} \item A brainstorming session was postponed: The board members are supposed to prepare for a brainstorming session regarding nominating committee by bringing ten suggestions. \item Nothing is heard on the JAK lecture. \item Gustav committed to send out reminders for membership fees. That is part done. The steps remaining is to contact those that became members during 2014, but that have not responded on their Fripost email addresses. Also no contact methods outside of email have been used. \end{itemize} \item Reports \begin{enumerate} \item Economy. Five new members were reported since last meeting. In total we have 98 paying members. \item System. Guilhem reported the following June 6: \begin{quote} Quite a lot has happened on the admin front since last time we met, but unfortunately I won't be able to attend the meeting tomorrow to report what we did. So I'm sending an email instead ;-) \begin{itemize} \item Upgrade the preseeding script to make it work with the Debian Jessie installer. Also, now use multi-volume BTRFS rather than LVM2 for new installations. \item Upgrade all machines (antilop, benjamin, civett, elefant, giraff, mistral) to Debian Jessie (8.0). Try to make use of new features and options, and for instance harden internal TLS tunnels to always use ephemeral Diffie-Hellman key echange (for Perfect Forward Secrecy) and strong ciphers; switch the LDAP database format from HDB to LMDB; make postfix SASL-bind on the LDAP directory. \item Migrate lists.fripost.org to civett. Change the list manager from Mailman to Sympa, and run Sympa in FCGI mode. \item New TLS attack (logjam) mitigation. On each host, generate a file containing 2048-bits long primes for DH key exchange, and make all our services use that file. \item Migrate git.fripost.org (our gitolite installation) to civett. Install gitweb and configure it in FCGI mode. Enable git pulls over HTTP or HTTPS using git-http-backend (smart HTTP protocol). \item Migrate wiki.fripost.org (ikiwiki) to civett, and merge the website in there. Modifying the website is only allowed via ssh; modifying the wiki is allowed via HTTPS, but not HTTP. \item Auto configure the Bacula File Daemon / Storage Daemon / Director using ansible. Previously this was done manually due to the presence of passwords in the configuration files. Now each inter-host communication is encrypted using stunnel with client certs. Bacula fetches its passwords at startup using sed:\\ \texttt{@|"sed -n '/^bconsole\\s/ {s//Password = /p; q}' /etc/bacula/passwords-dir"} \item Use recipient address verification probes. Since we have a single outgoing SMTP gateway, a message written on the webmail and sent to a non-existing address would 1/ be accepted by the webmail's Postfix instance, 2/ be forwarded to the outgoing SMTP gateway, 3/ bounce back to the sender. To avoid non-delivery notices, the existence of each recipient address is now verified *directly* on the webmail, MSA, and outgoing SMTP gateway. At worst this adds a delay of a couple of seconds, but there is also a caching mechanism. \item Remove the webmail's Postfix instance. Instead we connect directly to the outgoing SMTP gateway (the connection is encrypted with stunnel), to speed up recipient address verification probes. Indeed roundcube doesn't really need a local queue, since it only processes mails that are sent manually. \item Add a reserved virtual domain \texthost{discard.fripost.org}. Each message sent to that domain is silently discarded. Add new aliases \texttt{{noreply,no-reply}@fripost.org} to \texttt{{noreply,no-reply}@discard.fripost.org.} \item Provide Thunderbird, Evolution, KMail and Kontact autoconfiguration at \url{https://fripost.org/.well-known/autoconfig/mail/config-v1.1.xml} \item Mark fripost-{admin,docs,tools,web} repos as deprecated, and remove write permission to avoid diverging work. \item Publish the preseeding and ansible scripts at \url{http://gitweb.fripost.org/?p=fripost-install.git} \end{itemize} \end{quote} \item The host \texthost{zetkin} at Stefan is no longer used \item We migrated to Sympa for email list handling \item Guilhem is now a member of the Debian Roundcube package maintenance team \item Bacule is included in the Ansible auto configuration according to above \item For web access to Git repositories the transition from gitweb to cgit was made. \item There was an incident with a fibre outrage August 24 at DFRI. The host \texthost{elefant} was affected, that hosts webmail and MX. The webmail was configuration onto \texthost{civett} and the \dns\ record redirected temporarily. The total web mail downtime was 3 h \item A physical move of computers was made at DFRI August 26. \item On September 17, \texthost{mistral} was affected by a power outrage with a reboot as consequence. The routines for this type of scenario need attention and rehearsal between Guilhem and Leif-Jöran. They will agree on a place and time for that. \end{itemize} \item Google in schools. \begin{itemize} \item During the work meeting August 10 (attendants were Lola, Gustav, and Guilhem) we decided to investigate the possibilities to invite to a public debate. Suggestions on people to invite were a legal expert from Datainspektionen, a legal expert from the municipality, a municipality politician, a school director, a parent, somebody from Skolinspektionen. \item Gustav's sister works at Skolinspektionen. Her advice is to (1) take general contact, \url{skolinspektionen@skolinspektionen.se} and ask for their opinion on the subject; (2) call the press service, 08-58\,60\,90\,60, ask for the communication department, and repeat the question; (3) go to media that should be interested if we can find a whining story with some infringed parent; and finally (4) note that Gothenburt is inspected right now, so this is the time to act. \end{itemize} \end{enumerate} \item Activity days and other activities \begin{enumerate} \item Previous activities \begin{itemize} \item No activities were arranged for the Mayday. \item Activity day May 25. ``Öka din frihet med några enkla, konkreta steg''. Albin and Gustav presented. Eleven participants came. It became more of a discussion than a lecture. There was also a slight misalignment in expectation. The general expectation was on a concrete demonstration, rather than on a philosophical lecture. Overall the activity day was successful, still. \end{itemize} \item Coming activities. Several activities are planned for the ``Framtidsveckan'' October 5--11: \begin{itemize} \item A booth and a seminar October 5 at 16 at Operahuset during the week's opening ceremony. Lola and Gustav will attend. \item An introductory workshop on cryptography October 8. Olof and Gustav will host that. \item A lecture and booth at ``Omställningsnatta'' October 9. Lola, Guilhem, and Gustav will attend the event, and Gustav will give the lecture. \item A booth during ``Omställningskonferensen'' October 10--11. Olof, Lola, and Gustav will attend alternating. \end{itemize} The planing is under control. For \fscons a few activities are accepted. Fripost will have a booth attended by Lola. Gustav will give the talk ``On Fripost''. Fripost will also host a two parted key signing party. Details need more discussion, but the suggestion on the table is that Olle will introduce with a hands on session followed with regular key-signing hosted by Guilhem. There is a spare ticket for the place at the table. \end{itemize} \end{enumerate} \item Outreach and information spread \begin{enumerate} \item Follow up. Gustav's announcement about ``Framtidsveckan'' could be made more direct. Some aspects were somewhat unclear. \item Items to attend. Send out an email to the members list, advertising the spare entrance to \fscons. \end{enumerate} \item A discussion was rasied on what to call the to-do-list agenda item, and what should be covered on the item. Decision was to call it ``Att-göra-listor''. The discussion on what to cover was postponed. \item No other issues. \item Next meeting will take place October 28 at 18:00 at Språkbanken \item The meeting was closed. \end{enumerate} \parbox{\linewidth}{ \signatureline{\meetingsecretary, meeting secretary} \hfill \signatureline{\approval, approval} } \end{document}