Skip to content

Commit e0f36ac

Browse files
authored
Merge pull request #796 from jonathanspw/almapeople
Add almapeople.org page + minor infra tweaks
2 parents 77ecc4f + c4eecb4 commit e0f36ac

3 files changed

Lines changed: 137 additions & 8 deletions

File tree

docs/.vuepress/config.js

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -331,7 +331,11 @@ module.exports = {
331331
"/sigs/Cloud",
332332
"/sigs/Core",
333333
"/sigs/HPCandAI",
334-
"/sigs/Infrastructure",
334+
{
335+
title: "Infrastructure SIG",
336+
path: "/sigs/Infrastructure",
337+
children: ["/sigs/infrastructure/almapeople"],
338+
},
335339
"/sigs/LiveMedia",
336340
{
337341
title: "Marketing SIG",

docs/sigs/Infrastructure.md

Lines changed: 3 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,7 @@ We don't currently hold regular meetings, but work asynchronously in mattermost
2525
- Official mirrors:
2626
- Official rsync mirror: https://rsync.repo.almalinux.org
2727
- [AWS CloudFront Mirror](https://github.com/AlmaLinux/mirrors/blob/master/mirrors.d/aws.repo.almalinux.org.yml)
28+
- [GCP CDN Mirror](https://github.com/AlmaLinux/mirrors/blob/master/mirrors.d/gcp.repo.almalinux.org.yml)
2829
- [repo.almalinux.org](https://github.com/AlmaLinux/mirrors/blob/master/mirrors.d/repo.almalinux.org.yml)
2930
- [AlmaLinux Account Services](https://accounts.almalinux.org)
3031
- [Mattermost Chat](https://chat.almalinux.org)
@@ -33,10 +34,11 @@ We don't currently hold regular meetings, but work asynchronously in mattermost
3334
- DNS
3435
- Servers/basic infrastructure for all other services including but not limited to:
3536
- [almalinux.org](https://almalinux.org)
37+
- [forums](https://forums.almalinux.org)
3638
- [wiki](https://wiki.almalinux.org)
3739
- [git](https://git.almalinux.org)
38-
- [Package Evolution Service (PES)](https://pes.almalinux.org)
3940
- [Bug Reports](https://bugs.almalinux.org)
41+
- [AlmaPeople](https://almapeople.org)
4042

4143
### Help wanted
4244

@@ -53,12 +55,6 @@ If you would like to help, please join us at [Infrastructure channel](https://ch
5355
- [Andrew Lukoshko](mailto:alukoshko@almalinux.org) - AlmaLinux OS Lead Architect.
5456
- Chat login: [alukoshko](https://chat.almalinux.org/almalinux/messages/@alukoshko)
5557
- GitHub profile: [andrewlukoshko](https://github.com/andrewlukoshko)
56-
- [Stepan Oksanichenko](mailto:soksanichenko@cloudlinux.com) - Package Evolution Service & Mirror Service Developer.
57-
- Chat login: [stepan_oksanichenko](https://chat.almalinux.org/almalinux/messages/@stepan_oksanichenko)
58-
- GitHub profile: [soksanichenko](https://github.com/soksanichenko)
59-
- [Vasiliy Kleschov](mailto:vkleschov@almalinux.org) - Build System Team Lead.
60-
- Chat login: [korulag](https://chat.almalinux.org/almalinux/messages/@korulag)
61-
- GitHub profile: [Korulag](https://github.com/Korulag)
6258
- [Cody Robertson](mailto:crobertson@almalinux.org)
6359
- Chat login: [codyr](https://chat.almalinux.org/almalinux/messages/@codyr)
6460
- GitHub profile: [codyro](https://github.com/codyro)
Lines changed: 129 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,129 @@
1+
---
2+
title: Using almapeople.org
3+
description: How to obtain and use your personal space on almapeople.org.
4+
---
5+
6+
# almapeople.org
7+
8+
This page covers the details on how to obtain and use your personal space on almapeople.org, a site where AlmaLinux contributors can upload files to share with the world.
9+
10+
## Forbidden contents
11+
12+
Do NOT distribute anything on almapeople.org that AlmaLinux itself cannot distribute for legal reasons. Nothing that infringes on copyright or trademark, nothing that AlmaLinux is barred from redistributing, and nothing that violates the [AlmaLinux Code of Conduct](https://almalinux.org/code-of-conduct/).
13+
14+
Also do not distribute anything that violates AlmaLinux's [trademark usage policy](https://almalinux.org/p/the-almalinux-os-trademark-usage-policy/).
15+
16+
Do NOT upload your private SSH keys or private keys of any kind.
17+
18+
## Accessing your almapeople.org space
19+
20+
You need an AlmaLinux account and meet the following criteria:
21+
22+
- Active AlmaLinux OS Foundation membership.
23+
- At least one approved SIG group (currently `almalinux_sigs`).
24+
25+
Manage your account and group memberships at [accounts.almalinux.org](https://accounts.almalinux.org). If you need to join a group, ask your SIG lead.
26+
27+
### Generate an SSH key
28+
29+
If you don't already have one:
30+
31+
```sh
32+
ssh-keygen -t ed25519 -C "your@email.example"
33+
```
34+
35+
This creates `~/.ssh/id_ed25519` (private — never share this) and `~/.ssh/id_ed25519.pub` (public).
36+
37+
### Upload your public key to AlmaLinux accounts
38+
39+
Log in to [accounts.almalinux.org](https://accounts.almalinux.org), edit your user profile, and paste the contents of `~/.ssh/id_ed25519.pub` under **SSH public keys**. Multiple keys are supported.
40+
41+
Your authorized keys on almapeople.org come from your AlmaLinux account and only your AlmaLinux account. There is no separate settings page on almapeople.org. To rotate or revoke a key, update it at [https://accounts.almalinux.org](https://accounts.almalinux.org).
42+
43+
### Verify the host key
44+
45+
The first time you connect, SSH will show you a host key fingerprint. Confirm it matches before accepting it. The current fingerprints are published at TODO: pending.
46+
47+
If a fingerprint changes unexpectedly, do not connect; report it to the infra team.
48+
49+
### Connect
50+
51+
```sh
52+
ssh <your-username>@almapeople.org
53+
```
54+
55+
Use your AlmaLinux account username, not your local username.
56+
57+
### Set up your public_html directory
58+
59+
```sh
60+
mkdir ~/public_html
61+
chmod 755 ~/public_html
62+
```
63+
64+
Anything in `~/public_html/` is served at:
65+
66+
```
67+
https://<your-username>.almapeople.org/
68+
```
69+
70+
So if your AlmaLinux account username is `jonathan`:
71+
72+
```
73+
~/public_html/index.html -> https://jonathan.almapeople.org/
74+
~/public_html/files/notes.txt -> https://jonathan.almapeople.org/files/notes.txt
75+
```
76+
77+
The apex site, [almapeople.org](https://almapeople.org), lists every contributor with content in their `public_html`. The list regenerates hourly.
78+
79+
## Common answers
80+
81+
Each contributor has 100 GB of quota-controlled space.
82+
83+
```sh
84+
quota -s
85+
```
86+
87+
If you run out of space, you should clean up files you don't need. If you cannot clean anything up, you should contact the AlmaLinux Infrastructure team to raise your quota.
88+
89+
Files need to be world-readable for Apache to serve them: at least mode `644` for files and `755` for directories. The server umask is `022` so anything created on the server is fine by default. If you transfer files from a machine with a tighter umask, force sane modes:
90+
91+
```sh
92+
rsync -avz --chmod=Du=rwx,Dgo=rx,Fu=rw,Fgo=r site/ user@almapeople.org:public_html/
93+
```
94+
95+
To make a publicly viewable space, create a `public_html` directory and set its permissions to `755`.
96+
97+
Everything in `public_html` is public. Do not put anything sensitive there. Keep private files in `~/private/` or anywhere outside `public_html` — Apache will not serve them. Keep in mind this should still not be treated as truly private space.
98+
99+
almapeople.org is NOT to be used for development, build infrastructure, CI workers, long-running daemons, or git repository hosting. `/home` is mounted `noexec`, so binaries you upload cannot be run. There is no git web interface; use [git.almalinux.org](https://git.almalinux.org) for repositories.
100+
101+
Server-side code execution is disabled. PHP, CGI, SSI, mod_perl, and mod_ruby are not installed and are explicitly blocked at the Apache level. Files with `.php`, `.cgi`, `.pl`, `.py`, `.rb`, `.asp`, or `.jsp` extensions are served as plain text. `.htaccess` is honored only for `FileInfo`, `AuthConfig`, and `Indexes` directives.
102+
103+
DO NOT try to use `sudo`. You do not have sudo access.
104+
105+
Upload files using `scp`, `sftp`, or `rsync`. For most workflows, rsync over SSH is the right tool:
106+
107+
```sh
108+
rsync -avz --delete site/ <your-username>@almapeople.org:public_html/
109+
```
110+
111+
`--delete` mirrors the local tree exactly. Drop it to add files without removing existing ones. Any standard SFTP client also works — WinSCP, Cyberduck, FileZilla, lftp.
112+
113+
If you are removed from the gating AlmaLinux account groups, your SSH access is revoked at the next deploy and your subdomain returns 404. Your files remain on disk; if you rejoin the groups later, content is restored automatically. To have your data deleted, contact the infra team.
114+
115+
## Policies
116+
117+
### Resource use
118+
119+
Each user session has soft caps applied via systemd:
120+
121+
- Memory: 512 MB soft / 1 GB hard
122+
- Maximum processes: 64
123+
- CPU weight: 50 (half of system default)
124+
125+
These exist to keep one user from accidentally disrupting others. If you find yourself bumping into them, the kind of work you are doing probably belongs somewhere other than almapeople.org.
126+
127+
### Reporting issues
128+
129+
For service issues, security concerns, key-fingerprint anomalies, or quota requests, open an issue against the AlmaLinux infra project or reach out in the [AlmaLinux community chat](https://chat.almalinux.org/almalinux/channels/infrastructure).

0 commit comments

Comments
 (0)