Received: from atlas.uberspace.de (atlas.uberspace.de [185.26.156.153])
	by mail-b.sr.ht (Postfix) with ESMTPS id 21478FF13F
	for <~mieum/booksin.space@lists.sr.ht>; Wed, 28 Oct 2020 07:28:17 +0000 (UTC)
Received: (qmail 25269 invoked from network); 28 Oct 2020 07:28:16 -0000
Received: from localhost (HELO localhost) (127.0.0.1)
  by atlas.uberspace.de with SMTP; 28 Oct 2020 07:28:16 -0000
Mime-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=UTF-8
Subject: Re: The brick and mortar
From: "Arav K." <nothien@uber.space>
To: "mieum" <mieum@namu.blue>, <~mieum/booksin.space@lists.sr.ht>
Date: Wed, 28 Oct 2020 08:23:07 +0100
Message-Id: <C6OCE0MWNBQQ.1DSSB26KROSXP@gux>
In-Reply-To: <C6OBZU83WH8M.3D642UW63SKRT@maclibre>

On Wed Oct 28, 2020 at 9:04 AM UTC, mieum wrote:
> > I think we can set up a sr.ht CI service to scan changed text
> > frontmatter (including frontmatter for new texts) and then to send
> > that to the main booksin.space server database (which can then
> > update relevant pages).  That would combine both worlds pretty
> > neatly, but I don't know if there are any security implications to
> > consider.  Also, the CI would have to be disabled/changed for
> > mailing list submissions, so that no one can affect the server by
> > posting patches on the mailing list.
>
> This is an interesting idea, I didn't consider this. What sorts of
> security implications do you anticipate other than unsolicited mailing
> list patches?

Well, the CI service manifest would probably be included in the Git repo
itself.  I assume that the CI service would have to connect to the
booksin.space server over SSH (which works because sr.ht allows us to
store an SSH secret key).  This would mean that anyone can read the
manifest to know where and what port SSH is plugged in to, so I hope you
have a good firewall set up or otherwise you risk getting spammed.

Also, I'll have to read up on the secrets system used by the CI - it may
be that we could allow the CI to run on mailing list patches because
those don't have access to the secret SSH key (so they can't affect the
server).

Also, someone may have to write the code to do all of this.  I probably
don't have the time to do it, but I can definitely provide an overview
of how everything should work and may occasionally be able to contribute
some code.

> > P.S: I don't know if it showed up, but I had attached my updates to
> > Nathan's text in my previous message.
>
> I did see that, sorry I didn't get a chance to comment. When I get
> home I will add it to the repo and server...so there's something
> there!

No worries.

~aravk