OneDev ftw :)

The point is, every day more projects move exclusively to GitHub, and it increasingly becomes the only place to obtain software in any form, regardless of who you are.

All day every day!

The NFDB/nostr.land code for example is managed on OneDev. Issue management is pretty great (I use it for non-code related tasks as well) CI was extremely simple to set up, it starts a single-node FDB cluster and runs all the tests.

I'm still very green when it comes to CI but same for me as well. Tests, containers and so on! I've even started using it for IaC for my load balancer network.

One other thing I did was use OpenBao for managing FDB cluster configuration. That originally started with TLS certificate issuance only, but I needed to manage JWT signer keys as well, and then I put some other configuration in as well that was not completely security related since I didn’t want to deploy a 2nd tool. Planning to set up an SSH CA soon.

I've noticed this and it's bad, in my opinion. Is it practical to mirror critical software elsewhere? Git and proprietary hosts aren't something I know a ton about. I've used basic Git and GitLab for my personal projects but that's it.

I mirror the code I rely on and like, except for things that are just too large my servers get upset. Most of the code here is used by my own applications. I vendor most of my dependencies for this reason as well, but for other apps I just use this works. Speaking of which, I need to mirror more things! https://git.vaughnnugent.com/cgit/ Funny enough I think, git itself has mostly migrated to GitHub. Can't speak for development, but all the documentation links back to GitHub.

Ha. I didn't even consider git itself being there. I know LT has done A LOT for FOSS, but I've always gotten the impression that he doesn't care that much about it. At least not in the Stallman sense.

> Is it practical to mirror critical software elsewhere? To answer this specifically, yes I think it is very simple and practical if you are familiar with hosting any kind of web server. Mine just use git on a sysdtemd timer to recurse through directories I initialize and my cgit server hosts the web version. You just need a few MB of disk space, git, and a webserver to accomplish this.

Yeah I find it hard to believe LT uses GitHub, or trusts it, but as far as the public facing resources go, they mostly point to GH in my recent experience.

Probably the low or free cost hosting incentives they have. Who knows. There's too much behind the scenes for me to keep up with. I'm bearish on FOSS repos being there though.

A little git mirror tutorial On a linux device you can run the following to initialize a repo in a mirror ``` mkdir <repo-owner> cd mkdir <repo-owner> git clone --mirror <repo-url> #ssh or https should work ``` Note: specifying --mirror is important because it creates a bare repo that can be updated by git with a single command later. You can run this script in the top level directory and it will recursively sync all of your --mirror repos. It will find all the directories that end in .git which is what happens when using the --bare or --mirror option during a clone. ``` #! /bin/sh set -x for DIR in $(find . -type d -name "*.git"); do echo "Updating repo $DIR" pushd "$DIR" git remote update --prune # fails with or without this line popd done ``` If you a running a distro that uses systemd you can configure a systemd timer to run the sync script on a schedule to keep your repo synced with the upstream repo Here is a tutorial I like, it's very hand-holding

Working with systemd timers

A complete overview of systemd timers.

Otherwise you can use cron assuming your distro has that option. I prefer systemd timers though :) Finally, you can serve this directory using apache, nginx or whatever flavor http server you want.

Oh an SSH CA would be nice! Id like to handle my TLS as well, i'm not happy with my current setup. Still kind of manual for now. Everything was nice and simple until I expanded my LBs XD