On Wed, Sep 02, 2020 at 05:10:18PM +0200, Lucas Nussbaum wrote: > On 02/09/20 at 13:49 +0200, Jonathan Carter wrote: > > Hey Lucas > > > > On 2020/09/01 16:05, Lucas Nussbaum wrote: > > > On 01/09/20 at 15:29 +0200, Jonathan Carter wrote: > > >> On 2020/09/01 09:14, Lucas Nussbaum wrote: > > >>> 2. Keeping our important services sanely maintained. Your proposal is to > > >>> sanitize *.debian.net a bit. I wonder if instead, we should have a list > > >>> of requirements for *.debian.org that does not include "hosted on a > > >>> machine managed by DSA". People would then continue to use debian.net as > > >>> they do currently, but once the service grows to something really > > >>> useful, it gets a review to ensure that it is maintainable, and can move > > >>> to the debian.org without necessarily putting more load on DSA. > > >> That's really a discussion you'll want to have with DSA, and it doesn't > > >> seem that the project is in a position currently to add any more load to > > >> the DSA team at this point. > > > > > > How does it add more load on the DSA team? > > > > If you intend to make decisions or set up additional policy regarding > > how debian.org subdomains are used, then you're going to have to involve > > the DSA with that. > > My understanding is that the current situation is that we have two > categories of services: > > 1/ official services, under the debian.org domain, hosted on machines > managed by DSA, where some recommended practices[1] are enforced. > > 2/ unofficial services, under the debian.net domain, where all DDs can > add their own services, with no control/review. It has happened in the > past that such services were lost because the maintainer went MIA, or > the machine was lost, or.... > > I think that we agree that the problem you are trying to solve here is > that some of the unofficial services are important services for Debian, > and probably desserve more attention from the project. Also, we should > avoid increasing the workload of DSA. > > What you are proposing is building a team that manages unofficial > services on the debian.net domain. It might help services maintainers a > bit, but I'm not sure it really helps the project enforce good practices > for its services. > > My proposal was to keep debian.net for unofficial services, and instead > make it easier to promote unofficial services to official services on > the debian.org domain, by lifting the requirement that they need to be > hosted on machines managed by DSA (and instead rely on cloud providers, > for example), and designing a simple review process for candidate > official services. This process would check things like: is the service > sufficiently relevant/useful? is there a small team behind the service, > or is it a one person's job? Is the code available and free? Are there > critical design issues? > > DSA could of course participate in the review (and it would be great if > they did), but it doesn't have to be their sole responsibility. And I > don't think that managing DNS entries for those services would really be > a huge workload. So I don't see a big increase on DSA's load here...
Speaking as someone who helps (with a small team) to manage alioth-lists.debian.net which is a bit unusual (it's considered part of the Debian Project on https://www.debian.org/legal/privacy; it handles mail for lists.alioth.debian.org) I think your proposal makes a lot of sense. I'd also add a security and privacy review, and a data integrity review, to your list. I can't promise to offer a lot of round tuits in the immediate future, but I'd be happy to be part of a team running such a process. Best Dominic
