On 07/28/2009 01:21 PM, Tom "spot" Callaway wrote: > On 07/28/2009 03:38 PM, Toshio Kuratomi wrote: >> Should we ask Legal if we could stick Apache Basic Auth (using >> mod_auth_postgres) in front of staging and then it would be okay? Or if >> we used openvpn to connect to http(s) on staging? > > These are both good ideas, would you like me to float them past RH Legal? > Yes, please. I think it would look something like this: sysadmin-XXX group can ssh into publictest boxes to work on applications. sysadmin-YYY group can ssh into staging boxes to work on applications. Not all the people in those groups will be working on the same applications (some work on Fedora Community, some on FAS, some don't work on developing applications at all) but they will all be part of the Fedora Infrastructure team. For legal: If we limit who can hit the web apps via apache basic auth or openvpn to the sysadmin-XXX and sysadmin-YYY groups, can we forgo having a direct pointer to the corresponding source? On the infrastructure side, we have to figure out if this is going to be too limiting. (ie, we need people specifically not in sysadmin-XXX or sysadmin-YYY to test our changes before we deploy). -Toshio
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
