[tor-bugs] #34121 [Internal Services/Tor Sysadmin Team]: Create a Tor Browser Nightly signing machine
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue May 5 16:01:04 UTC 2020
#34121: Create a Tor Browser Nightly signing machine
-----------------------------------------------------+-----------------
Reporter: sysrqb | Owner: tpa
Type: project | Status: new
Priority: Medium | Milestone:
Component: Internal Services/Tor Sysadmin Team | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
-----------------------------------------------------+-----------------
Recently, Tor Browser began providing automatic nightly updates (#18867),
and those are now hosted on nightlies.tbb.torproject.org (#32800). All of
the building and signing machines are currently hosted externally. This
ticket is for moving the signing operation onto a TPA maintained server.
It will need about 40 GB of disk space, memory requirement should be small
(1 or 2 GB, should be more than enough).
As the end result, every day this server will receive files from an
external server (pushed or pulled, whichever makes the most sense), sign
them, and then copy them to nightlies.tbb.torproject.org for serving.
The server will hold a passphrase-protected OpenPGP private key and a
passphrase-protected NSS DB containing a private signing key.
This server should be as network-access-restricted as possible, while
still being usable.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/34121>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list