[Debian-rtc-admin] [rt.debian.org #8257] Allow debvoip to sudoedit prosody config files on vogler

Philipp Kern via RT rt at rt.debian.org
Sat Oct 19 10:17:01 BST 2024 

Hi,

I have found this somewhat old ticket.

On Sat Jun 13 12:05:13 2020, gfa at zumbi.com.ar wrote:
> first, thanks for moving the ticket to the appropiate queue
> 
> 2 weeks ago part of the RTC team had a discussion on how to improve
> the
> service and how can we make changes faster
> 
> there are a few things we need from you guys
> 
> - Allow debvoip to sudoedit /etc/prosody/* on vogler
>   We need this to make transient changes to the configuration, like
>   debugging a connection problem or a report of spam.
>   A typical use will be to change the logging level to debug then roll
>   it back

Unfortunately we cannot do this, at least for now. I assume turning on debug logging in general would be too privacy intruding?

> - Allow debvoip to su - to prosody
>   Sometimes we need to investigate a message coming from an spammer to
>   our users, the only way to do that is to check the actual message in
>   /var/lib/prosody
>   To clarify the how and when we may do this, we started to write a
>   privacy policy / Tos so our users know what can they expect from us
>   https://salsa.debian.org/rtc-team/terms-of-service

This repository still looks like it is empty, unless I am missing something.

> - Create a unix local user to use it from gitlab
>   we want to deploy changes to the antispam and other things directly
>   from salsa, and for that we need a dedicated user with SSH access
> and
>   belonging to the debvoip team.
>   We could also have this user outside the debvoip team but then we'll
>   need to add sudo access to this particular user.
>   We propose the name debvoip-salsa for this user but we dont care if
>   you guys prefer a different name
> 
> - Install nginx, configure a vhost and open the firewall ports
>   To provide BOSH and HTTP uploads over the port 443 we need to use
>   nginx, we'll manage this ourselves, a puppet patch is coming for
> this
>   purpose

Are these two still current?

Kind regards and thanks
Philipp Kern

More information about the Debian-rtc-team mailing list