13:59:19 <ggus> #startmeeting Community Team meeting - 2022-02-07
13:59:19 <MeetBot> Meeting started Mon Feb  7 13:59:19 2022 UTC.  The chair is ggus. Information about MeetBot at http://wiki.debian.org/MeetBot.
13:59:19 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
13:59:22 <ggus> hello everyone!
13:59:29 <ggus> community team meeting is starting now
13:59:30 <miko[m]> o/
13:59:36 <championquizzer> hello!! o/
13:59:36 <nah> o/
13:59:43 <ggus> here's our meeting pad: https://pad.riseup.net/p/tor-community-team-2022-keep
14:00:07 <ggus> please add your updates and feel free to add topics on our discussion section
14:00:07 * gman999 will be able to lurk.. but 9 AM EST on a monday is tough
14:00:31 <rhatto> o/
14:00:38 <nina13[m]> Hi!
14:01:10 <ggus> gman999: i opened this ticket to track the relay op workshop - https://gitlab.torproject.org/tpo/community/relays/-/issues/36
14:01:34 <ggus> if you want, we can discuss today or
14:01:38 <gman999> great... is this an agenda item now?
14:01:48 <gman999> i can speak briefly to it
14:02:28 <ggus> let's wait people add their updates on the pad, then we can discuss it
14:02:36 <gman999> sure... up to you.
14:05:34 <emmapeel> o/
14:06:43 <nina13[m]> done
14:07:23 <miko[m]> re: #36 - looking good! lots of ideas similar to community building ideas we discussed as part of gamification last few weeks
14:08:23 <emmapeel> done
14:08:37 <emmapeel> welcome rhatto !!!
14:09:01 <ggus> if everyone is done, we can start
14:09:05 <championquizzer> yes
14:09:14 <championquizzer> rhatto: welcome!!
14:09:22 <emmapeel> sorry i top posted on the topic list
14:09:26 <emmapeel> :D
14:09:38 <ggus> rhatto is started last week working as the tor project Onion SRE
14:09:40 <ggus> welcome!
14:09:50 <championquizzer> \o/
14:09:58 <rhatto> thank you all! its amazing to join the team :)
14:10:13 <ggus> he will be working with the new education coordinator, she will start next week :)
14:10:26 <emmapeel> :) is great to have you with us!
14:10:48 <emmapeel> lets onionnize the world!
14:10:52 <miko[m]> good to have you here rhatto!
14:11:10 <rhatto> :D
14:11:30 <championquizzer> hehe, emmapeel. i like that!
14:11:40 <miko[m]> +1
14:11:56 <emmapeel> it was some campaign a while ago
14:12:00 <emmapeel> i didnt invented it
14:12:18 <emmapeel> (attribution)
14:12:22 <ggus> it's copyleft, feel free to use it :P
14:12:41 <emmapeel> i mean, i dont want you to think it was my idea, i only have a good memory :D
14:12:42 <championquizzer> (https://blog.torproject.org/more-onions-porfavor/)
14:13:29 <ggus> great!
14:13:37 <rhatto> its a wonderful moto anyays :)
14:13:37 <emmapeel> that one, championquizzer
14:13:38 <ggus> gman999: do you want to talk about
14:13:44 <ggus> * Workshop - Relay operator sysadmin 101  (gman)
14:13:52 <rhatto> i get that updates in the pad below the "-----" refer to previous weeks... is that right?
14:14:01 <championquizzer> rhatto: yep
14:14:09 <ggus> rhatto: yes, i will delete
14:14:11 <gman999> sure.
14:14:21 <emmapeel> rhatto: yeah those are from last week. it is a bit confusing this time
14:14:25 <gman999> so long story short....
14:14:30 <gman999> ready?
14:14:37 <ggus> ready
14:14:43 <gman999> you can see it on relay@ etc...
14:14:53 <emmapeel> bring it on!
14:15:02 <gman999> but we need to do some basic stuff on better sysadmin skills/foo for relay ops ppl
14:15:07 <gman999> it's a long term issue...
14:15:17 <gman999> most ppl dont have experience running internet facing services
14:15:26 <gman999> esp with something as targetd as relays
14:15:35 <gman999> i've had stupid arguments that are obv
14:15:43 <gman999> like using time sync on servers, etc...
14:15:54 <emmapeel> gman999: if you see documents that can be improved, we could meet one that and i help you improve the docs
14:16:00 <gman999> so i was thinking hthis...
14:16:11 <gman999> idt it's docs emmapeel necessarily
14:16:14 <gman999> although some can be.
14:16:20 <gman999> we try to provide basic things...
14:16:33 <gman999> but we should also conduct some types of workshops for basic sysadmin food
14:16:34 <gman999> foo
14:16:44 <gman999> how to dealw ith ssh zombie brute force,
14:16:47 <gman999> and even more basic stuff.
14:16:55 <gman999> the outline ^ shows the basics.
14:17:08 <gman999> even though it's "my" idea... i think a linux admin should prob lead it..
14:17:11 <ggus> emmapeel: keeping basic sysadmin docs for each OS is out of scope.
14:17:13 <gman999> i can be there for bsd related stuff
14:17:23 <gman999> some of it is really basic but ppl dont get
14:17:38 <gman999> this is gman999 short hand version
14:17:40 <gman999> https://gitlab.torproject.org/tpo/community/relays/-/issues/36
14:17:43 <emmapeel> maybe we could point to nicer docs outside, ggus ?
14:17:45 <gman999> i can elaborate
14:17:58 <gman999> it's sort of scattered emmapeel,
14:17:59 <emmapeel> i also agree that we should copy documents that are outside of scope
14:18:05 <gman999> even though it should be logically there
14:18:21 <gman999> there's a lot of loopy things.
14:18:32 <gman999> "i never ran a bsd but i want to help os diversity"
14:18:41 <gman999> me "pls run the OS you know best"
14:18:43 <gman999> etc.
14:18:56 <gman999> so maybe ppl can review ^ ticket and we can work things
14:18:58 <gman999> out
14:19:10 <gman999> i started writing up a blog-type version of it this weekend
14:19:27 <gman999> nothing is sillier than seeing bridges rejcted by Serge if they dont have ntpd working
14:19:43 <gman999> if you cant do time sync right, pls be careful!
14:19:47 <gman999> EOF
14:19:50 <gman999> questions?
14:19:53 <emmapeel> but gman999 that also should be  on the documentation of how to run a relay
14:19:59 <ggus> thank you, gman999
14:20:11 <gman999> yes.. there is some and can be enhanced emmapeel..
14:20:13 <ggus> emmapeel: some of these tips are already part of the docs
14:20:14 <gman999> that would help i think
14:20:21 <gman999> but also a place for ppl to ask questions.
14:20:21 <ggus> but that doesn't mean that people are doing it
14:20:31 <championquizzer> thanks, gman999
14:20:32 <emmapeel> i also agree that we SHOULDNT copy documents that are outside of scope / sorry keyboard fail
14:20:32 <gman999> i think some of my points could be integrated
14:21:15 <emmapeel> one problem i see regarding more inexperienced bridge mantainers right now, is that there is no documentation for metrics port
14:21:35 <ggus> emmapeel: why a bridge operator would need docs for metrics port?
14:21:57 <emmapeel> ggus: because they dont configure it well and their relay appears as overloaded
14:22:50 <gman999> that's useful and i think those things need to be in Tor doc
14:22:50 <emmapeel> this page appears as a link when in metrics your relay is overloaded: https://support.torproject.org/relay-operators/relay-bridge-overloaded/
14:23:26 <emmapeel> maybe we could link documentation more from metrics
14:23:26 <gman999> right.
14:23:38 <gman999> i think though the point of this is really:
14:23:49 <emmapeel> also, ,aybe little-t-tor could give better error messages
14:23:55 <gman999> "what you need to know to run a targeted internet service, in this case a tor node"
14:24:10 <emmapeel> for example: invalid bridge name. instead of just failing
14:24:28 <ggus> i just checked and we only have 17 bridges overloaded
14:24:44 <emmapeel> better even: 'spaces are not allowed on the bridge name'
14:24:52 <emmapeel> ggus: maybe it is because of the new docs!
14:25:15 <ggus> emmapeel: no, this number has increased
14:25:21 <ggus> from 11 to 17
14:25:25 <ggus> but it's a minor issue, tbh
14:25:30 <gman999> i get that emmapeel but look at the page ^....
14:25:41 <ggus> EOL relays is way more problematic, imho
14:25:42 <gman999> sort of out of scope
14:25:54 <gman999> patching/updating/maintaining... yes
14:26:05 <gman999> check
14:26:45 <emmapeel> i like the idea of workshops, but i wonder: will this be only one time? will it be recorded?
14:27:01 <ggus> i believe people are lacking of the basic sysadmin skills. adding advanced topics like metricsport would be sysadmin class 3.
14:27:12 <ggus> emmapeel: i'd like to record it
14:27:17 <emmapeel> i see
14:27:24 <ggus> so we can ask operators to watch the video
14:27:30 <rhatto> i understand that MetricsPort would be needed on those cases only for the relay operator understand locally whats going on, not to provide data to metrics.t.o; seems like this port should not be exposed publicly and having it closed would not impact in relay added to the overloaded list...
14:28:05 <emmapeel> rhatto: you dont need to open it to be a relay, is only to see what is going on with your relay
14:28:28 <ggus> yep, it's for debugging only
14:29:03 <ggus> gman999: for that outline, how much time do we will need? 1h, 2hours?
14:29:22 <gman999> the actual content doesnt have to be long..
14:29:27 <gman999> it's more about the discussion
14:29:29 <gman999> q&a
14:29:35 <gman999> i'm sure there's more that i'm not covering
14:29:42 <gman999> those are the things i've seen over the years.
14:30:15 <gman999> the q&a will be more important than the presentation
14:30:41 <ggus> we used to have this page maintained by the community - https://gitlab.torproject.org/legacy/trac/-/wikis/doc/OperationalSecurity
14:30:58 <gman999> right.. the point is that some things are more basic
14:31:04 <gman999> i remember that doc
14:31:08 <ggus> maybe we can pick of these topics
14:31:23 <gman999> i cna imagine this:
14:31:30 <gman999> a bullet point approach
14:31:44 <emmapeel> it would be nice if that was a section of the relay meetups
14:31:49 <gman999> time? run ntpd or something similiar, dont run rdate from cron @daily
14:32:13 <gman999> sshd? use pub/private key auth, yubikey, etc.
14:32:38 <gman999> sshd brute force? your host firewall, fail2ban, blocklisted.. know what your OS offers
14:32:40 <gman999> etc.
14:33:12 <ggus> gman999: like a checklist
14:33:26 <gman999> yes.. allowing discussion and questions as it flows
14:33:39 <ggus> instead of writing (and maintaing) the specific doc
14:34:12 <rhatto> gman999, i'll probably work on an onion service checklist soon... perhaps we could share ideas, ensure we don't to duplicate work etc?
14:34:20 <gman999> sure.
14:34:26 <emmapeel> i like flow but i wish we could cristalize some docs so we dont need to answer the same question thousands of times
14:34:31 <gman999> i mean, everything would also apply there too
14:34:36 <gman999> agree emmapeel
14:35:06 <gman999> when i first was around the ngo pets scene and i brought a buddy along..
14:35:10 <gman999> a long time ago..
14:35:12 <miko[m]> maybe an FAQ section on relays portal would help?
14:35:25 <gman999> he was like "tehy need basic sysadmin trainings... not reading white papers"
14:35:28 <rhatto> gman999, yep... the onion checklist could be the relay list plus specifics
14:35:34 <gman999> agree
14:35:36 <emmapeel> i feel this workshop to be a great point to gather input of docs needed, and it would be great to have them because not everybody can attend a workshop
14:35:47 <gman999> +1 emmapeel
14:36:05 <ggus> i agree with improving the metricsport docs and other tor docs, but having 'how to enable SSHD pub key' is out of scope.
14:36:24 <emmapeel> ggus: is out of scope, but maybe we should find a good doc about it and link to it
14:36:31 <rhatto> emmapeel, sure, and also to avoid having duplicate content scattered around many pages/docs/repos
14:36:36 <emmapeel> maybe even one of our relay operators mantains one
14:37:17 <ggus> emmapeel: but then you need to point for arch linux, debian, freebsd, netbsd, dragonflybsd...
14:37:29 <emmapeel> i feel we should say 'you should enable logins only with ssh key, here is a doc on how to do it: {{ external doc }}
14:37:55 <rhatto> ggus, for those out-of-scope perhaps per-distro/OS refs could be enough... there are good official docs out there
14:37:56 <miko[m]> emmapeel: there's so many external resources that are so helpful to the community. i also believe we should at least start including some external docs
14:38:05 <miko[m]> with a warning that they're external
14:38:23 <miko[m]> every "learning" community does it
14:38:33 <emmapeel> maybe while making the workshop gman999 will end up with a list of links :D
14:38:34 <rhatto> miko[m], +1
14:38:42 <miko[m]> it's just better onboarding practice
14:38:47 <gman999> i'll see how much more i can do
14:39:45 <ggus> gman999: and do we need a linux trainer for this event too, right?
14:39:48 <emmapeel> we can always ask for resources in the tor-relays link: do you know a good howto to enable ssh login in openbsd?
14:40:13 <gman999> i mean, a 'linux trainer'... idk...
14:40:17 <gman999> i mean, i could do it...
14:40:26 <gman999> most stuff is generic bsd/linux
14:40:35 <gman999> ntpd, sshd, etc.
14:40:56 <gman999> but having a 'me' (bsd) and someone who knows the array of linux knobs would make sense
14:41:00 <gman999> in case stuff is OS specific
14:41:26 <gman999> it's not my ego driving me to do it...
14:41:36 <ggus> maybe we could ask kushal
14:41:43 <gman999> it's that i have a specific view on this i've worried about for a long while
14:41:49 <gman999> kushal would be grea.t
14:42:13 <kushal> sorry, not reading the chat right now, will read back in the evening.
14:42:16 <emmapeel> i can attend to fish documentation topics
14:42:23 <ggus> i will talk with you, kushal
14:42:28 <kushal> ggus, thank you :)
14:42:30 <ggus> *later
14:42:32 <gman999> :)
14:42:43 <ggus> Cool!
14:42:52 <ggus> anything else about this topic?
14:43:14 <gman999> nope.. i'm done!
14:43:16 <gman999> ty
14:43:19 <emmapeel> i think is a great initiative!
14:43:25 <ggus> thank you!
14:43:50 <gman999> cool!
14:43:55 <ggus> * Tor training with human rights defenders in brazil and mexico (March - April)
14:44:07 <ggus> moving to the next topic on our agenda
14:44:31 <nah> \o/
14:44:37 <ggus> today we will publish a call for participation for human rights defenders in brazil and mexico
14:44:58 <gman999> i volunteer to go to mx!
14:44:58 <ggus> it's a cross-project effort with tails, the guardian project and tor
14:45:08 <ggus> gman999: it's online!
14:45:16 <gman999> ;)
14:45:22 <ggus> because of the pandemic :/
14:45:33 <emmapeel> well, you can make friends and then stay at their places when you get to mexico...
14:45:51 <ggus> hehe yeah
14:46:35 <gman999> :)
14:47:03 <ggus> we will have 4 training sessions in brazil and 4 in mexico
14:47:23 <ggus> Tor Browser, Tor Browser for Android and Onion Browser, Orbot and Tails.
14:48:05 <emmapeel> dream team!
14:48:10 <ggus> nah: anything else you would like to add about it?
14:48:33 <ggus> emmapeel: hopefully we can recruit more pt-br translators
14:49:09 <nah> hmm
14:49:29 <emmapeel> the translation for pt-BR is a bit behind lately
14:49:52 <nah> we will open a call for participation for these trainings
14:49:59 <emmapeel> i dont mean to be picky but that is the truth. not many ative translators, and we produce lots of text, so...
14:50:16 <emmapeel> maybe we can do some tweets?
14:50:16 <nah> in our communication channels, so if anyone knows any groups and collectives they want to share
14:50:20 <rhatto> ggus, nah, need help to promote the event / share the call?
14:50:38 <ggus> rhatto: yes, that would be nice.
14:51:03 <rhatto> ggus, ok.. i can pass around once there's a public URL
14:51:20 <ggus> ack! i will share with you
14:51:36 <nah> i think we will have the image in the end of the day
14:51:46 <rhatto> great :)
14:51:47 <nah> ggus: any information you think we should add there?
14:52:10 <ggus> nah: in nico's illustration?
14:52:20 <nah> there is a space for date, but as we don't know the exact dates, maybe we could replace it with something else
14:52:24 <nah> ggus: yes
14:52:39 <nah> for ref: https://gitlab.torproject.org/tpo/ux/research/-/issues/73#note_2775199
14:53:30 <ggus> nah: maybe we could add the CFP deadline
14:53:56 <nah> ggus: good idea :)
14:54:09 <nah> do we have a deadline for the CFP?
14:54:45 <nah> Apply by Feb XX
14:54:49 <ggus> we do, it's on the pad
14:55:06 <nah> ok, i'll add this to the ticket, thank you!
14:55:06 <ggus> or maybe we have a week, but not a specific date
14:55:23 <ggus> let's ask sajolida
14:55:30 <emmapeel> just wanted to let you knwo that soon we will publish some of our websites in Traditional Chinese, that is spoken in Taiwan and Hong Kong (The CPR simplified the Chinese)
14:55:31 <nah> sounds good
14:55:38 <emmapeel> oops sorry that was meant for later
14:55:56 <ggus> go ahead emma, i think that was all for the topic. :)
14:56:02 <emmapeel> just that, thanks!
14:56:22 <emmapeel> maybe also https://review.torproject.net/tpo/web/support/l10n/zh-TW/
14:56:48 <ggus> the new translation preview is working :D
14:57:00 <emmapeel> yes! that is great, many translators were happy about it
14:57:02 <ggus> emmapeel: remember to update the internal docs with new links
14:57:06 <emmapeel> including the one to russian
14:57:28 <emmapeel> yes, i did some updates but i should look further than community/l10n
14:57:51 <ggus> emmapeel: web/wiki docs
14:57:58 <emmapeel> ack!
14:58:22 <ggus> i will stop the bot because there is another meeting here
14:58:25 <ggus> #endmeeting