Re: Debian identi.ca account/group after migration to pump.io

To: debian-publicity@lists.debian.org
Subject: Re: Debian identi.ca account/group after migration to pump.io
From: Paul Wise <pabs@debian.org>
Date: Wed, 9 Oct 2013 10:28:54 +0800
Message-id: <[🔎] CAKTje6Fqu9LtYx1oJ-PqjY+qz6vnRrXxi94MUSWjreyOjq1phQ@mail.gmail.com>
In-reply-to: <[🔎] CAJr5pH3iJjORL53kvef_+hu+Q2B+s6QCj7nMr679kK3RUz7cmA@mail.gmail.com>
References: <[🔎] CAJr5pH0w6M1fX4iayqo-wPi8wJ-D--zNro7wKbaXqr8bZdbXYQ@mail.gmail.com> <[🔎] CAKTje6H8eBFr6O3e8pZ=OryDEfme8c9rP+PobnwKdtbeZxqsgw@mail.gmail.com> <[🔎] CAJr5pH3iJjORL53kvef_+hu+Q2B+s6QCj7nMr679kK3RUz7cmA@mail.gmail.com>

On Wed, Oct 9, 2013 at 1:33 AM, Laura Arjona wrote:

> 2013/10/8 Paul Wise <pabs@debian.org>:

>> https://wiki.debian.org/DeveloperNews

I added a short note about identica there, please adjust if needed:

https://wiki.debian.org/DeveloperNews#Animate_the_Debian_microblogging_accounts.21

> There's PumpTweet too https://github.com/dper/PumpTweet
> I'm not sure about which option is best.
> I'll do some tests with both, but I'm afraid I can only say if they
> work or not, nothing about the code itself, or performance results
> etc.

Thanks, that would be helpful.

> I have tested a configuration and written down some steps to get the
> RSS feeds posted to identi.ca/debian with spigot (see attachment).

Great, I'll try that out now.

> Is it a must that spigot (and pypump, one of its dependencies) are
> packaged for Debian? python-pip and the rest of the dependencies are,
> and you can install pypump and spigot easily with "pip".

pip in stable doesn't have any protection against MITM attacks, so we
would essentially be running untrusted code. With version 1.3 it gains
HTTPS verification against the set of CAs trusted by Mozilla but the
CA part of SSL is a bit sketchy; various past CA security
failures/compromises and the recent Snowden/NSA revelations have only
made the CAs and the CA model look more untrustworthy.

In any case the Debian sysadmins are likely to veto installing code via pip.

> Probably there's no need of a 'new' machine, just install the Python
> scripts and setup the cron task in one of them (the one that host the
> planet software, maybe?).

Probably we could put it on alioth but that doesn't appear to have
role accounts so only one person would be able to manage the cron job.
On the rest of the debian.org machines there is no publicity
user/group but I guess we can get DSA to setup a dedicated user for
this.

-- 
bye,
pabs

http://wiki.debian.org/PaulWise

Reply to:

Follow-Ups:
- Re: Debian identi.ca account/group after migration to pump.io
  - From: Paul Wise <pabs@debian.org>
- Re: Debian identi.ca account/group after migration to pump.io
  - From: Laura Arjona <larjona99@gmail.com>

References:
- Debian identi.ca account/group after migration to pump.io
  - From: Laura Arjona <larjona99@gmail.com>
- Re: Debian identi.ca account/group after migration to pump.io
  - From: Paul Wise <pabs@debian.org>
- Re: Debian identi.ca account/group after migration to pump.io
  - From: Laura Arjona <larjona99@gmail.com>

Prev by Date: Re: Debian identi.ca account/group after migration to pump.io
Next by Date: Re: Debian identi.ca account/group after migration to pump.io
Previous by thread: Re: Debian identi.ca account/group after migration to pump.io
Next by thread: Re: Debian identi.ca account/group after migration to pump.io
Index(es):
- Date
- Thread