[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [O] Why no secure code retrieval
From: |
Bastien Guerry |
Subject: |
Re: [O] Why no secure code retrieval |
Date: |
Sat, 02 Jul 2016 16:18:42 +0200 |
User-agent: |
Gnus/5.130014 (Ma Gnus v0.14) Emacs/25.0.94 (gnu/linux) |
Hi Nicolas,
Nicolas Goaziou <address@hidden> writes:
> GPG signing tags is OK, but I wouldn't like to request every commit to
> be signed.
Agreed.
>>> I know that https can be a bit tedious to setup so I am not asking for it
>>> (though I do think it would be great if it was enabled on the site in some
>>> fashion).
>>
>> HTTPS is not so tedious these days with Let's Encrypt.
>>
>> https://letsencrypt.org/
>>
>> We should set up HTTPS as well.
>
> It would be nice, indeed. I'm Cc'ing Bastien for his opinion on the
> matter, and a possible step forward.
I discussed possible server enhancements with Robert Klein a few
months ago.
I'm considering paying for a digitalocean instance, with https via
letsencrypt for both the website and git.
I'm also considering switching from our current git setup to using
Gogs (https://gogs.io): this would ease the process of adding new
contributors, welcoming more org repositories, etc.
The other solution would simply to use https://savannah.gnu.org.
One remaining problem for both gogs and savannah is to ensure web
references to commits are correctly redirected, which I think is
one line of nginx configuration.
I'm curious to know what people think about the switch to something
like gogs*.
Thanks,
* gitlab seems too heavy, and I'm more experienced in maintaining
gogs instances than gitlab instances.
--
Bastien
- Re: [O] Why no secure code retrieval,
Bastien Guerry <=
- Re: [O] Why no secure code retrieval, Ian Barton, 2016/07/02
- Re: [O] Why no secure code retrieval, Bastien Guerry, 2016/07/03
- Re: [O] Why no secure code retrieval, Robert Klein, 2016/07/03
- Re: [O] Why no secure code retrieval, Achim Gratz, 2016/07/03
- Re: [O] Why no secure code retrieval, Robert Horn, 2016/07/03
- Re: [O] Why no secure code retrieval, Konstantin Kliakhandler, 2016/07/03
- Re: [O] Why no secure code retrieval, Achim Gratz, 2016/07/03
- Re: [O] Why no secure code retrieval, Robert Horn, 2016/07/03
- Re: [O] Why no secure code retrieval, Konstantin Kliakhandler, 2016/07/03
- Re: [O] Why no secure code retrieval, Robert Horn, 2016/07/03