From mboxrd@z Thu Jan  1 00:00:00 1970
From: Bastien Guerry <bzg@gnu.org>
Subject: Re: Why no secure code retrieval
Date: Sat, 02 Jul 2016 16:18:42 +0200
Message-ID: <87lh1k5dj1.fsf@free.fr>
References: <CAH+LVpme=JLA12+dWMjBsm+47niRJZFLvfmtJQ12NhPvOS8sUA@mail.gmail.com>
	<87mvm4sewl.fsf@systemreboot.net> <87y45m28vp.fsf@saiph.selenimh>
Mime-Version: 1.0
Content-Type: text/plain
Return-path: <emacs-orgmode-bounces+geo-emacs-orgmode=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:44695)
	by lists.gnu.org with esmtp (Exim 4.71) (envelope-from <bzg@gnu.org>)
	id 1bJLky-0008NO-10
	for emacs-orgmode@gnu.org; Sat, 02 Jul 2016 10:18:53 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <bzg@gnu.org>) id 1bJLkt-0002W4-1k
	for emacs-orgmode@gnu.org; Sat, 02 Jul 2016 10:18:50 -0400
List-Id: "General discussions about Org-mode." <emacs-orgmode.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-orgmode>,
	<mailto:emacs-orgmode-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-orgmode/>
List-Post: <mailto:emacs-orgmode@gnu.org>
List-Help: <mailto:emacs-orgmode-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-orgmode>,
	<mailto:emacs-orgmode-request@gnu.org?subject=subscribe>
Errors-To: emacs-orgmode-bounces+geo-emacs-orgmode=m.gmane.org@gnu.org
Sender: "Emacs-orgmode"
	<emacs-orgmode-bounces+geo-emacs-orgmode=m.gmane.org@gnu.org>
To: Nicolas Goaziou <mail@nicolasgoaziou.fr>
Cc: Arun Isaac <arunisaac@systemreboot.net>, emacs-orgmode@gnu.org, Konstantin Kliakhandler <kosta@slumpy.org>

Hi Nicolas,

Nicolas Goaziou <mail@nicolasgoaziou.fr> writes:

> GPG signing tags is OK, but I wouldn't like to request every commit to
> be signed.

Agreed.

>>> I know that https can be a bit tedious to setup so I am not asking for it
>>> (though I do think it would be great if it was enabled on the site in some
>>> fashion).
>>
>> HTTPS is not so tedious these days with Let's Encrypt.
>>
>> https://letsencrypt.org/
>>
>> We should set up HTTPS as well.
>
> It would be nice, indeed. I'm Cc'ing Bastien for his opinion on the
> matter, and a possible step forward.

I discussed possible server enhancements with Robert Klein a few
months ago.

I'm considering paying for a digitalocean instance, with https via
letsencrypt for both the website and git.

I'm also considering switching from our current git setup to using
Gogs (https://gogs.io): this would ease the process of adding new
contributors, welcoming more org repositories, etc.

The other solution would simply to use https://savannah.gnu.org.

One remaining problem for both gogs and savannah is to ensure web
references to commits are correctly redirected, which I think is
one line of nginx configuration.

I'm curious to know what people think about the switch to something
like gogs*.

Thanks,

* gitlab seems too heavy, and I'm more experienced in maintaining
  gogs instances than gitlab instances.

-- 
 Bastien