WEBVTT 99:59:59.999 --> 99:59:59.999 Ok, welcome back to the second session of the day. 99:59:59.999 --> 99:59:59.999 It's going to be Alexander Wirt talking about salsa.debian.org. 99:59:59.999 --> 99:59:59.999 [Applause] 99:59:59.999 --> 99:59:59.999 Thank you, good morning. 99:59:59.999 --> 99:59:59.999 I usually don't give talks in english, so please be nice to me. 99:59:59.999 --> 99:59:59.999 However, I'm here. 99:59:59.999 --> 99:59:59.999 I want to talk today about our journey for Alioth 99:59:59.999 --> 99:59:59.999 which is still running, but not for long anymore, 99:59:59.999 --> 99:59:59.999 to our new service, salsa. 99:59:59.999 --> 99:59:59.999 I want to get a little bit into the history of old things 99:59:59.999 --> 99:59:59.999 and what we have already achieved, what we still need to achieve 99:59:59.999 --> 99:59:59.999 and what are our plans for the future. 99:59:59.999 --> 99:59:59.999 Let's start with the basic things, who am I. 99:59:59.999 --> 99:59:59.999 I am the guy who rejects the mails on lists.debian.org, 99:59:59.999 --> 99:59:59.999 I am a listmaster. 99:59:59.999 --> 99:59:59.999 I am the guy that rejects your backports. 99:59:59.999 --> 99:59:59.999 I am the backports ftp master. 99:59:59.999 --> 99:59:59.999 And I am the guy that will destroy alioth.debian.org. 99:59:59.999 --> 99:59:59.999 For the last ten years 99:59:59.999 --> 99:59:59.999 [Applause] 99:59:59.999 --> 99:59:59.999 I was an admin by accident of alioth.debian.org. 99:59:59.999 --> 99:59:59.999 This is another story I will tell you in a few minutes. 99:59:59.999 --> 99:59:59.999 Beside from that, I work as an OpenSource consultant at credativ, 99:59:59.999 --> 99:59:59.999 which is a small company in Germany which is specialized in OpenSource, 99:59:59.999 --> 99:59:59.999 we only do OpenSource consulting in Germany. 99:59:59.999 --> 99:59:59.999 We do what today is called DevOps, we do every kind of consulting. 99:59:59.999 --> 99:59:59.999 If you do something with OpenSource, we are probably the ones you can talk with. 99:59:59.999 --> 99:59:59.999 I am a father of two wonderful girls, 99:59:59.999 --> 99:59:59.999 they're not here unfortunately, 99:59:59.999 --> 99:59:59.999 but otherwise I wouldn't be able to work. 99:59:59.999 --> 99:59:59.999 And in my little bit spare time, I do role playing games and Tabletop games. 99:59:59.999 --> 99:59:59.999 In theory there should be a picture now. 99:59:59.999 --> 99:59:59.999 There's a picture missing, I don't know why, 99:59:59.999 --> 99:59:59.999 which should tell "We need you". 99:59:59.999 --> 99:59:59.999 A little bit of advertisement, if you want to do OpenSource work in Germany, 99:59:59.999 --> 99:59:59.999 paid, 99:59:59.999 --> 99:59:59.999 and you need a job, please talk to me. 99:59:59.999 --> 99:59:59.999 We are always looking for good people, especially in C development, 99:59:59.999 --> 99:59:59.999 kernel development, but also of course consulting. 99:59:59.999 --> 99:59:59.999 So please talk to me. 99:59:59.999 --> 99:59:59.999 Some steps in history. 99:59:59.999 --> 99:59:59.999 Some years ago, ??? 2008, 2009, 99:59:59.999 --> 99:59:59.999 I told the alioth channel 99:59:59.999 --> 99:59:59.999 "Hey, if you need help, I can help with system administration, 99:59:59.999 --> 99:59:59.999 not the GForge stuff which is running above, 99:59:59.999 --> 99:59:59.999 but if you need help, tell me." 99:59:59.999 --> 99:59:59.999 [Audience] Big mistake 99:59:59.999 --> 99:59:59.999 Yeah. 99:59:59.999 --> 99:59:59.999 One or two years went by, and step by step 99:59:59.999 --> 99:59:59.999 all alioth admins left. 99:59:59.999 --> 99:59:59.999 We were alone in the channel. 99:59:59.999 --> 99:59:59.999 And around that time, I detected 99:59:59.999 --> 99:59:59.999 "Hey, I have sudo permissions and I'm admin" 99:59:59.999 --> 99:59:59.999 Somebody made me an admin. 99:59:59.999 --> 99:59:59.999 So, I had to decide that I will be the person that is the future alioth admin 99:59:59.999 --> 99:59:59.999 and I stepped in. 99:59:59.999 --> 99:59:59.999 So it was the beginning of our alioth journey. 99:59:59.999 --> 99:59:59.999 Then, in DebConf15, we had a long 'Birds of a Feather' 99:59:59.999 --> 99:59:59.999 where we talked about several security problems in collab-maint, 99:59:59.999 --> 99:59:59.999 some of you are maybe not aware of it, 99:59:59.999 --> 99:59:59.999 but since we use git at filesystem level on alioth, 99:59:59.999 --> 99:59:59.999 we are introducing a number of interesting security problems 99:59:59.999 --> 99:59:59.999 like if someone writes a hook, that hook gets executed every time someone pushes. 99:59:59.999 --> 99:59:59.999 So you have basically shell access. 99:59:59.999 --> 99:59:59.999 And of course you execute it as your own uid.