Blog | Projects

projects2

Blog

When I write about projects2 on my blog, I tag the posts #projects2.

TODO

• Pass repo info to hg via env vars? (Same as for git)

• SELinux

  commit 70758ad39bbb716e61c84790f9af5463daedcf79 (HEAD -> main, origin/main, origin/HEAD) Author: Rickard Lindberg <rickard@rickardlindberg.me> Date: Sat Jul 5 21:43:23 2025 +0200 Use cp instead of mv to get correct selinux context.

• Prune docker images in crontab

• Use sudo instead of chowning?

• Refactorings

  • Extract Tag for html rendering

• Event rendering

  • Weird sorting in hg log (latest not at the top)

  • Show summary of recent changes and then link to diff further down the page

• Puppet style

  • Only change files/owner/etc if there is a change ala Puppet

  • Real dependency system like Puppet

• Upload artifact should check that project exists

• Include integration status in meta.json (and hide failed integrations?)

• Email users of events

• Put git initial branch in config

• Allow repo push mirrors to be defined

• Never use config file on server. Embed in py-file. And use the same file for server and api-script. Put secrets elsewhere.

• Validity of installing files should be checked before installing them

• Checksum artifacts?

• Should backup/restore skip rlprojects.py?

• Ensure no duplicate SSH-keys

• What does the first push look like? Can we detect it in the start hash?

  • Git get 00000000000000

  • See integrations/2025-04-26-rlselect-7cb999cb9a94316c2506b06e42ddb8d8185ae8b9/

• Configure fail2ban?

  • https://www.linode.com/docs/guides/using-fail2ban-to-secure-your-server-a-tutorial/

• SSH proxy? Keep host verification keys?

• Monitoring? Cursor based GUI for monitoring? Email reports?

  • Disk

  • CPU

  • Docker

  • Nginx

  • SSH

• Automate deployment

  • dnf update on bootstrap

  • script 1. create new linode 2. bootstrap it 3. backup current 4. put current in read-only mode 5. backup current 6. restore to new 7. verify new 8. swap ip's 9. remove current

• Locking repo pushes

  • open(pathname, O_CREAT | O_EXCL, 0644)

  • lsof -t to find processes using it

  • cron cleanup

  • Or just flock?

Multiple committers Unix user permission:

https://stackoverflow.com/questions/2846742/how-to-set-permissions-so-two-users-can-work-on-the-same-hg-repository https://wiki.mercurial-scm.org/MultipleCommitters