1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
|
\input{../preamble/preamble}
\newcommand \meetingtype {Board Meeting}
\newcommand \meetingdate {September 28, 2015}
\newcommand \lastmeetingdate {April 28}
\newcommand \meetingplace {Språkbanken, Gothenburg}
\rhead{\footnotesize \meetingdate}
\begin{document}
\selectlanguage{swedish}
\section*{Minutes, \meetingtype \\ \meetingdate}
\newlength\tempOne%
\settowidth\tempOne{Time and place:\quad}%
\newlength\tempTwo%
\setlength\tempTwo{\linewidth}%
\addtolength{\tempTwo}{-\tempOne}%
\parbox[t]{\tempOne}{%
Time and place:
}%
\parbox[t]{\tempTwo}{\meetingdate, \meetingplace}\mypar
\parbox[t]{\tempOne}{%
Attendants:
}%
\parbox[t]{\tempTwo}{\mbox{}\vspace{-2\baselineskip}\vspace{2pt}%
\begin{multicols}{3}%
Gustav Eek\\
Lorena Llozhi \\
Guilhem Moulin\\
Leif-Jöran Olsson\\
Stian Rødven Eide\\
\end{multicols}%
}
\newcommand \meetingchairman {Stian Rødven Eide}
\newcommand \meetingsecretary {Gustav Eek}
\newcommand \approval {Leif-Jöran Olsson}
\begin{enumerate}
\item The meeting was opened.
\item \meetingchairman\ was elected meeting chairman, \meetingsecretary\ meeting secretary, and \approval\ approval.
\item The agenda was confirmed.
\item The meeting went through the minutes from \lastmeetingdate.
\begin{itemize}
\item A brainstorming session was postponed: The board members are
supposed to prepare for a brainstorming session regarding
nominating committee by bringing ten suggestions.
\item Nothing is heard on the JAK lecture.
\item Gustav committed to send out reminders for membership
fees. That is part done. The steps remaining is to contact those
that became members during 2014, but that have not responded on
their Fripost email addresses. Also no contact methods outside of
email have been used.
\end{itemize}
\item Reports
\begin{enumerate}
\item Economy. Five new members were reported since last meeting. In
total we have 98 paying members.
\item System. Guilhem reported the following June 6:
\begin{quote}
Quite a lot has happened on the admin front since last time we
met, but unfortunately I won't be able to attend the meeting
tomorrow to report what we did. So I'm sending an email instead
;-)
\begin{itemize}
\item Upgrade the preseeding script to make it work with the
Debian Jessie installer. Also, now use multi-volume BTRFS
rather than LVM2 for new installations.
\item Upgrade all machines (antilop, benjamin, civett, elefant,
giraff, mistral) to Debian Jessie (8.0). Try to make use of
new features and options, and for instance harden internal TLS
tunnels to always use ephemeral Diffie-Hellman key echange
(for Perfect Forward Secrecy) and strong ciphers; switch the
LDAP database format from HDB to LMDB; make postfix SASL-bind
on the LDAP directory.
\item Migrate lists.fripost.org to civett. Change the list
manager from Mailman to Sympa, and run Sympa in FCGI mode.
\item New TLS attack (logjam) mitigation. On each host, generate a file
containing 2048-bits long primes for DH key exchange, and make all
our services use that file.
\item Migrate git.fripost.org (our gitolite installation) to civett.
Install gitweb and configure it in FCGI mode. Enable git pulls over
HTTP or HTTPS using git-http-backend (smart HTTP protocol).
\item Migrate wiki.fripost.org (ikiwiki) to civett, and merge the website
in there. Modifying the website is only allowed via ssh; modifying
the wiki is allowed via HTTPS, but not HTTP.
\item Auto configure the Bacula File Daemon / Storage Daemon / Director
using ansible. Previously this was done manually due to the presence
of passwords in the configuration files. Now each inter-host
communication is encrypted using stunnel with client certs. Bacula
fetches its passwords at startup using sed:\\
\texttt{@|"sed -n '/^bconsole\\s/ {s//Password = /p; q}' /etc/bacula/passwords-dir"}
\item Use recipient address verification probes. Since we have a single
outgoing SMTP gateway, a message written on the webmail and sent to a
non-existing address would 1/ be accepted by the webmail's Postfix
instance, 2/ be forwarded to the outgoing SMTP gateway, 3/ bounce
back to the sender. To avoid non-delivery notices, the existence of
each recipient address is now verified *directly* on the webmail,
MSA, and outgoing SMTP gateway. At worst this adds a delay of a
couple of seconds, but there is also a caching mechanism.
\item Remove the webmail's Postfix instance. Instead we connect directly
to the outgoing SMTP gateway (the connection is encrypted with
stunnel), to speed up recipient address verification probes. Indeed
roundcube doesn't really need a local queue, since it only processes
mails that are sent manually.
\item Add a reserved virtual domain
\texthost{discard.fripost.org}. Each message sent to that domain is
silently discarded. Add new aliases \texttt{{noreply,no-reply}@fripost.org}
to \texttt{{noreply,no-reply}@discard.fripost.org.}
\item Provide Thunderbird, Evolution, KMail and Kontact autoconfiguration
at \url{https://fripost.org/.well-known/autoconfig/mail/config-v1.1.xml}
\item Mark fripost-{admin,docs,tools,web} repos as deprecated, and remove
write permission to avoid diverging work.
\item Publish the preseeding and ansible scripts at
\url{http://gitweb.fripost.org/?p=fripost-install.git}
\end{itemize}
\end{quote}
\item The host \texthost{zetkin} at Stefan is no longer used
\item We migrated to Sympa for email list handling
\item Guilhem is now a member of the Debian Roundcube package
maintenance team
\item Bacule is included in the Ansible auto configuration according to above
\item For web access to Git repositories the transition from
gitweb to cgit was made.
\item There was an incident with a fibre outrage August 24 at
DFRI. The host \texthost{elefant} was affected, that hosts
webmail and MX. The webmail was configuration onto
\texthost{civett} and the \dns\ record redirected
temporarily. The total web mail downtime was 3 h
\item A physical move of computers was made at DFRI August 26.
\item On September 17, \texthost{mistral} was affected by a power
outrage with a reboot as consequence. The routines for this type
of scenario need attention and rehearsal between Guilhem and
Leif-Jöran. They will agree on a place and time for that.
\end{itemize}
\item Google in schools.
\begin{itemize}
\item During the work meeting August 10 (attendants were Lola,
Gustav, and Guilhem) we decided to investigate the possibilities
to invite to a public debate. Suggestions on people to invite
were a legal expert from Datainspektionen, a legal expert from
the municipality, a municipality politician, a school director,
a parent, somebody from Skolinspektionen.
\item Gustav's sister works at Skolinspektionen. Her advice is to
(1) take general contact,
\url{skolinspektionen@skolinspektionen.se} and ask for their
opinion on the subject; (2) call the press service,
08-58\,60\,90\,60, ask for the communication department, and
repeat the question; (3) go to media that should be interested
if we can find a whining story with some infringed parent; and
finally (4) note that Gothenburt is inspected right now, so this
is the time to act.
\end{itemize}
\end{enumerate}
\item Activity days and other activities
\begin{enumerate}
\item Previous activities
\begin{itemize}
\item No activities were arranged for the Mayday.
\item Activity day May 25. ``Öka din frihet med några enkla,
konkreta steg''. Albin and Gustav presented. Eleven participants
came. It became more of a discussion than a lecture. There was
also a slight misalignment in expectation. The general
expectation was on a concrete demonstration, rather than on a
philosophical lecture. Overall the activity day was successful,
still.
\end{itemize}
\item Coming activities. Several activities are planned for the
``Framtidsveckan'' October 5--11:
\begin{itemize}
\item A booth and a seminar October 5 at 16 at Operahuset during
the week's opening ceremony. Lola and Gustav will attend.
\item An introductory workshop on cryptography October 8. Olof
and Gustav will host that.
\item A lecture and booth at ``Omställningsnatta'' October
9. Lola, Guilhem, and Gustav will attend the event, and Gustav
will give the lecture.
\item A booth during ``Omställningskonferensen'' October
10--11. Olof, Lola, and Gustav will attend alternating.
\end{itemize}
The planing is under control. For \fscons a few activities are
accepted. Fripost will have a booth attended by Lola. Gustav will
give the talk ``On Fripost''. Fripost will also host a two parted
key signing party. Details need more discussion, but the
suggestion on the table is that Olle will introduce with a hands
on session followed with regular key-signing hosted by
Guilhem. There is a spare ticket for the place at the table.
\end{itemize}
\end{enumerate}
\item Outreach and information spread
\begin{enumerate}
\item Follow up. Gustav's announcement about ``Framtidsveckan''
could be made more direct. Some aspects were somewhat unclear.
\item Items to attend. Send out an email to the members list,
advertising the spare entrance to \fscons.
\end{enumerate}
\item A discussion was rasied on what to call the to-do-list agenda
item, and what should be covered on the item. Decision was to call
it ``Att-göra-listor''. The discussion on what to cover was
postponed.
\item No other issues.
\item Next meeting will take place October 28 at 18:00 at Språkbanken
\item The meeting was closed.
\end{enumerate}
\parbox{\linewidth}{
\signatureline{\meetingsecretary, meeting secretary}
\hfill
\signatureline{\approval, approval}
}
\end{document}
|
