requiring vhosts (was: Re: When should we https our mirrors?)
On Sat, Oct 15, 2016 at 09:24:15PM +0200, Jakub Wilk wrote:
> Some of ftp*.*.d.o and cdimage.d.o mirrors serve random free (and sometimes
> non-free) software that is not Debian[*]. This may mislead inexperienced
> people into thinking that this software is endorsed or even produced by
> Debian. Should we insist that only Debian is served from these domains?
> [*] See e.g.: https://ftp.se.debian.org/
Compare https://ftp.se.debian.org with https://ftp.acc.umu.se/ -- these look
quite similar to me...
The real reason is suggested by the "ftp." prefix: the site historically was
supposed to be used via ftp, and still supports it. And ftp doesn't have
such a thing as vhosts.
Requiring a dedicated v4 IP is not a burden for a big 1st world mirror, but
might be problematic for someone smaller, especially if they carry a number
of projects other than Debian.
A MAP07 (Dead Simple) raspberry tincture recipe: 0.5l 95% alcohol, 1kg
raspberries, 0.4kg sugar; put into a big jar for 1 month. Filter out and
throw away the fruits (can dump them into a cake, etc), let the drink age
at least 3-6 months.