From patchwork Thu Nov 7 09:03:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Ekaitz Zarraga X-Patchwork-Id: 70044 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 6D5E427BBE9; Thu, 7 Nov 2024 09:05:20 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-7.6 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_BLOCKED, RCVD_IN_VALIDITY_CERTIFIED,RCVD_IN_VALIDITY_RPBL,RCVD_IN_VALIDITY_SAFE, SPF_HELO_PASS,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 00DC427BBE2 for ; Thu, 7 Nov 2024 09:05:17 +0000 (GMT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1t8yRv-00055E-7v; Thu, 07 Nov 2024 04:05:07 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1t8yRr-00054U-On for guix-patches@gnu.org; Thu, 07 Nov 2024 04:05:03 -0500 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1t8yRq-0004gr-2G; Thu, 07 Nov 2024 04:05:02 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debbugs.gnu.org; s=debbugs-gnu-org; h=MIME-Version:Date:From:To:In-Reply-To:References:Subject; bh=RoPWMnLoMVfouZ/5rBXMQD+OLs7vKYy+XKBvXupr8qY=; b=E4KSUabGY5md1HN6tTPtIW96b61Mx2YEdkpitDF2S9o4n0wzCdadIJtBgHhJKBhuJ9hF62SKrIQFa4zffU5AMevOm1/0E0r+F0CRdwa2zmUrmaKGsrkWDgykYSKndRXaTuJhFKxrs0nNT0jfVEpLj14hyDcxPTKV+kqiaEqTWBPnlMr4XxWZ4ydt+F2ZO2hOnmwStdgB+My6Vs9ltI+hsM5G+B5CWmHGbMJNeOwyeC7oluHOWNQQMDiG4nXufW5AMMGNpX83d075+/kBedc9i584SgHyCNsLBTOf7MdOK9mOuqDCUM2iPPqbBX7cRBxdgOyLMnlCRuaLSrVdEzfW0Q==; Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1t8yRp-0004ZY-U9; Thu, 07 Nov 2024 04:05:01 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#74046] [PATCH v2] doc: Add "Contributing to Guix's infrastructure". References: <881dbbde93521a4f6957cd795e6942c43103f688.1730033134.git.ekaitz@elenq.tech> In-Reply-To: <881dbbde93521a4f6957cd795e6942c43103f688.1730033134.git.ekaitz@elenq.tech> Resent-From: Ekaitz Zarraga Original-Sender: "Debbugs-submit" Resent-CC: ludo@gnu.org, maxim.cournoyer@gmail.com, guix-patches@gnu.org Resent-Date: Thu, 07 Nov 2024 09:05:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 74046 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 74046@debbugs.gnu.org Cc: Ekaitz Zarraga , code@greghogan.com, Ludovic =?utf-8?q?Court=C3=A8s?= , Maxim Cournoyer X-Debbugs-Original-Xcc: Ludovic =?utf-8?q?Court=C3=A8s?= , Maxim Cournoyer Received: via spool by 74046-submit@debbugs.gnu.org id=B74046.173097029717561 (code B ref 74046); Thu, 07 Nov 2024 09:05:01 +0000 Received: (at 74046) by debbugs.gnu.org; 7 Nov 2024 09:04:57 +0000 Received: from localhost ([127.0.0.1]:47155 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1t8yRk-0004Z9-TO for submit@debbugs.gnu.org; Thu, 07 Nov 2024 04:04:57 -0500 Received: from dane.soverin.net ([185.233.34.31]:46247) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1t8yRg-0004Yr-UK for 74046@debbugs.gnu.org; Thu, 07 Nov 2024 04:04:54 -0500 Received: from smtp.soverin.net (c04smtp-lb01.int.sover.in [10.10.4.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by dane.soverin.net (Postfix) with ESMTPS id 4XkbjW6D0Nz2xc4; Thu, 7 Nov 2024 09:04:15 +0000 (UTC) Received: from smtp.soverin.net (smtp.soverin.net [10.10.4.100]) by soverin.net (Postfix) with ESMTPSA id 4XkbjW1kXxzR1; Thu, 7 Nov 2024 09:04:15 +0000 (UTC) Authentication-Results: smtp.soverin.net; dkim=pass (2048-bit key; unprotected) header.d=elenq.tech header.i=@elenq.tech header.a=rsa-sha256 header.s=soverin1 header.b=lVp5pcrN; dkim-atps=neutral DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=elenq.tech; s=soverin1; t=1730970255; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=RoPWMnLoMVfouZ/5rBXMQD+OLs7vKYy+XKBvXupr8qY=; b=lVp5pcrNI//p39y3udn2zNrNwRsBzZFKcNarL58XHKULGqEM8Ki6imfFKJUBWmAj0+rzKN wgZ3fqf8FN5Axip8qWtHWfgrKnmUBeoFjleBsmdwfcLxjvYJcIqaEorzR6hoRRGNWD1f9l Dtyy2TSNhS58HTSc3X2dcpbmSiSE3oNNlHG4bOcdeqAA/AqLovbWqlPsczk4BqcQxbX8Wb NH5jMa2Mv0NU7YTJLvYYMzeWtAZonR0JGtutvVowVB+yREEtDsXGauAl85jsNeoqmt6eke 1PfAUKzn1OpYOLt+OOcSrjE5PSp0PMvawujseByQAcN4meO96XZp67NGqQXNRA== From: Ekaitz Zarraga Date: Thu, 7 Nov 2024 10:03:58 +0100 Message-ID: MIME-Version: 1.0 X-Spampanel-Class: ham X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org X-getmail-retrieved-from-mailbox: Patches Use the "Call for contribution to the Guix infrastructure" by Ludovic Courtès to create a section in the documentation that describes how to contribute to the infrastructure. https://lists.gnu.org/archive/html/guix-devel/2024-05/msg00183.html * doc/contributing.texi (Contributing to Guix's infrastructure): New section. Change-Id: I3f3a99ad884110cc8323789e8c14bec1f7327e97 --- doc/contributing.texi | 186 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 186 insertions(+) base-commit: 091131af64fd4e4e925fff829fa19097cfcdfcc5 diff --git a/doc/contributing.texi b/doc/contributing.texi index acdc303be6..1fb6ce2e1e 100644 --- a/doc/contributing.texi +++ b/doc/contributing.texi @@ -37,6 +37,7 @@ Contributing * Deprecation Policy:: Commitments and tools for deprecation. * Writing Documentation:: Improving documentation in GNU Guix. * Translating Guix:: Make Guix speak your native language. +* Contributing to Guix's infrastructure:: Make Guix ecosystem work better. @end menu @node Requirements @@ -3594,3 +3595,188 @@ Translating Guix be updated accordingly (see @file{website/i18n-howto.txt} for more information on the process). @end itemize + + +@cindex infrastructure +@node Contributing to Guix's infrastructure +@section Contributing to Guix's infrastructure + +Since its inception, the Guix project has always valued its autonomy, and that +reflects in its infrastructure: our servers run Guix System and exclusively +free software, and are administered by volunteers. + +Of course this comes at a cost and this is why we need contributions. Our hope +is to make infrastructure-related activity more legible so that maybe you can +picture yourself helping in one of these areas. + + +@menu +* Coding:: +* System administration:: +* Day-to-day system administration:: +* On-site intervention:: +* Hosting:: +* Administrative tasks:: +@end menu + +@node Coding +@subsection Coding + +Guix runs many Guix-specific services; this is all lovely Scheme code but it +tends to receive less attention than Guix itself: + +@itemize +@item Build Farm Front-End: @url{https://git.cbaines.net/guix/bffe} +@item Cuirass: @url{https://guix.gnu.org/cuirass/} +@item Goggles (IRC logger): +@url{https://git.savannah.gnu.org/cgit/guix/maintenance.git/tree/hydra/goggles.scm} +@item Guix Build Coordinator: +@url{https://git.savannah.gnu.org/cgit/guix/build-coordinator.git/} +@item Guix Data Service: +@url{https://git.savannah.gnu.org/git/guix/data-service.git/} +@item Guix Packages Website: +@url{https://codeberg.org/luis-felipe/guix-packages-website.git} +@item mumi: @url{https://git.savannah.gnu.org/cgit/guix/mumi.git/} +@item nar-herder: @url{https://git.savannah.gnu.org/cgit/guix/nar-herder.git/} +@item QA Frontpage: @url{https://git.savannah.gnu.org/git/guix/qa-frontpage.git} +@end itemize + +There is no time constraint on this coding activity: any improvement is +welcome, whenever it comes. Most of these code bases are relatively small, +which should make it easier to get started. + +Prerequisites: Familiarity with Guile, HTTP, and databases. + +If you wish to get started, check out the README of the project of your choice +and get in touch with guix-devel and the primary developer(s) of the tool as +per @code{git shortlog -s | sort -k1 -n}. + +@node System administration +@subsection System administration + +Guix System configuration for all our systems is held in this repository: + +@url{https://git.savannah.gnu.org/cgit/guix/maintenance.git/tree/hydra/} + +The two front-ends are @file{berlin.scm} (the machine behind ci.guix.gnu.org) +and @file{bayfront.scm} (the machine behind bordeaux.guix.gnu.org, +guix.gnu.org, hpc.guix.info, qa.guix.gnu.org, and more). Both connect to a +number of build machines and helpers. + +Without even having SSH access to the machine, you can help by posting patches +to improve the configuration (you can test it with @code{guix system vm}). +Here are ways you can help: + +@itemize +@item +Improve infra monitoring: set up a dashboard to monitor all the infrastructure, +and an out-of-band channel to communicate about downtime. + +@item +Implement web site redundancy: guix.gnu.org should be backed by several +machines on different sites. Get in touch with us and/or send a patch! + +@item +Implement substitute redundancy: likewise, bordeaux.guix.gnu.org and +ci.guix.gnu.org should be backed by several head nodes. + +@item +Improve backup: there's currently ad-hoc backup of selected pieces over rsync +between the two head nodes; we can improve on that, for example with a +dedicated backup site and proper testing of recoverability. + +@item +Support mirroring: We'd like to make it easy for others to mirror substitutes +from ci.guix and bordeaux.guix, perhaps by offering public rsync access. + +@item +Optimize our web services: Monitor the performance of our services and tweak +nginx config or whatever it takes to improve it. + +There is no time constraint on this activity: any improvement is welcome, +whenever you can work on it. + +Prerequisite: Familiarity with Guix System administration and ideally with the +infrastructure handbook: + +@url{https://git.savannah.gnu.org/cgit/guix/maintenance.git/tree/doc/infra-handbook.org} + +@end itemize + +@node Day-to-day system administration +@subsection Day-to-day system administration + +We're also looking for people who'd be willing to have SSH access to some of +the infrastructure to help with day-to-day maintenance: restarting a build, +restarting the occasional service that has gone wild (that can happen), +reconfiguring/upgrading a machine, rebooting, etc. + +This day-to-day activity requires you to be available some of the time (during +office hours or not, during the week-end or not), whenever is convenient for +you, so you can react to issues reported on IRC, on the mailing list, or +elsewhere, and synchronize with other sysadmins. + +Prerequisite: Being a “known” member of the community, familiarity with Guix +System administration, with some of the services/web sites being run, and with +the infrastructure handbook: + +@url{https://git.savannah.gnu.org/cgit/guix/maintenance.git/tree/doc/infra-handbook.org} + +@node On-site intervention +@subsection On-site intervention + +The first front-end is currently generously hosted by the Max Delbrück Center +(MDC), a research institute in Berlin, Germany. Only authorized personnel can +physically access it. + +The second one, bordeaux.guix.gnu.org, is hosted in Bordeaux, France, in a +professional data center shared with non-profit ISP Aquilenet. If you live in +the region of Bordeaux and would like to help out when we need to go on-site, +please make yourself known by emailing @email{guix-sysadmin@@gnu.org}. + +On-site interventions are rare, but they're usually in response to an +emergency. + +@node Hosting +@subsection Hosting + +We're looking for people who can host machines and help out whenever +physical access is needed. More specifically: + +@itemize +@item +We need hosting of “small” machines such as single-board computers (AArch64, +RISC-V) for use as build machines. + +@item +We need hosting for front-ends and x86_64 build machines in a data center where +they can be racked and where, ideally, several local Guix sysadmins can +physically access them. +@end itemize + +The machines should be accessible over Wireguard VPN most of the +time, so longer power or network interruptions should be the +exception. + +Prerequisites: Familiarity with installing and remotely administering Guix +System. + +@node Administrative tasks +@subsection Administrative tasks + +The infra remains up and running thanks to crucial administrative tasks, which +includes: + +@itemize +@item +Selecting and purchasing hardware, for example build machines. +@item +Renewing domain names. + +@item +Securing funding, in particular via the Guix Foundation: +@url{https://foundation.guix.info} +@end itemize + +Prerequisites: Familiarity with hardware, and/or DNS registrars, +and/or sponsorship, and/or crowdfunding.