I did two runs of 1000 calls to the server and did not see any anomalies.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Mar 8 2021
Certificate version: 3 Valid from: Oct 7 19:21:40 2020 GMT Valid to : Sep 29 19:21:40 2021 GMT Public key is 2048 bits The issuer name is /O=Digital Signature Trust Co./CN=DST Root CA X3 The subject name is /C=US/O=Let's Encrypt/CN=R3 Extension Count: 8 Peer certificate Certificate version: 3 Valid from: Feb 27 18:12:29 2021 GMT Valid to : May 28 18:12:29 2021 GMT Public key is 2048 bits The issuer name is /C=US/O=Let's Encrypt/CN=R3 The subject name is /CN=downloads.pureos.net Extension Count: 9 Transport Protocol :TLSv1.2 Cipher Suite Protocol :TLSv1.2 Cipher Suite Name :ECDHE-RSA-AES128-GCM-SHA256 Cipher Suite Cipher Bits:128 (128) SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES128-GCM-SHA256 Session-ID: 39DB1E294804DA2D5AB727DE4CF12062B4FA46A36F9DFA278CD675B3535CE0FD Session-ID-ctx: Master-Key: BCF95A63D726D1B9685B5293C6212D1CBD8620E94904D9D3A4CA8B6A9EAA6CF5976F668441B9F8F4DF24A70F457C5422 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 86400 (seconds) TLS session ticket: 0000 - b1 a5 92 f4 25 9b 67 fc-d5 c9 5e 0b 0d ba e7 5e ....%.g...^....^ 0010 - 66 2e d9 f2 68 3a 4f e9-3e 00 9d 33 7b e2 66 49 f...h:O.>..3{.fI 0020 - ff 93 f6 af 6a a0 64 7b-84 eb fc 07 f1 bf 10 ba ....j.d{........ 0030 - 48 55 66 ca 4a 9e 44 de-3b 5e 7b f9 e0 e9 23 6a HUf.J.D.;^{...#j 0040 - 88 6f 52 da 28 43 c3 92-2b 9a da f7 d4 f1 3b 9c .oR.(C..+.....;. 0050 - 2e 6f 9c a3 71 78 cf f2-4d e6 b1 62 16 87 c3 01 .o..qx..M..b.... 0060 - 58 7d b4 9f 89 e2 e2 98-39 71 3b bd 05 06 5d 22 X}......9q;...]" 0070 - 0e b6 fc 17 2c 86 08 13-3c e3 65 24 a3 7b 45 9a ....,...<.e$.{E. 0080 - 31 10 70 30 1e d7 64 92-09 b4 10 bf 09 e9 be 10 1.p0..d......... 0090 - 18 56 32 e6 60 bf 0f 24-10 ae df 8f 48 b9 8f 48 .V2.`..$....H..H 00a0 - 1c e3 fa bc 2b a7 d2 52-da 1f cf 28 d1 01 cd 95 ....+..R...(.... 00b0 - 91 6b c6 b2 9d 60 96 a1-24 51 18 92 19 c9 ab 3b .k...`..$Q.....;
Server Software: nginx/1.10.3 Server Hostname: repo.pureos.net Server Port: 443 SSL/TLS Protocol: TLSv1.2,ECDHE-RSA-AES128-GCM-SHA256,2048,128 Server Temp Key: X25519 253 bits TLS Server Name: repo.pureos.net
Mar 6 2021
Mar 5 2021
Mar 4 2021
I also tried messing with timeouts on APTs transport methods, with no luck - according to APT, the server just stops responding (according to curl though, it doesn't).
I pasted the wrong log, but the connection timeout is actually even more frequent now than the Resource temporarily unavailable issue - but both appear.
I tested this with https::Verify-Peer false, still the same issue happens:
Fetched 1016 MB in 4min 12s (4025 kB/s) 2021/03/04 22:30:39 apt | E: Failed to fetch https://repo.pureos.net/pureos/pool/main/f/fftw3/libfftw3-double3_3.3.8-2_amd64.deb Connection timed out [IP: 138.201.228.45 443] 2021/03/04 22:30:39 apt | E: Failed to fetch https://repo.pureos.net/pureos/pool/main/s/spice-gtk/libspice-client-glib-2.0-8_0.39-1_amd64.deb Connection timed out [IP: 138.201.228.45 443] 2021/03/04 22:30:39 apt | E: Failed to fetch https://repo.pureos.net/pureos/pool/main/libs/libsodium/libsodium23_1.0.18-1_amd64.deb Connection timed out [IP: 138.201.228.45 443] 2021/03/04 22:30:39 apt | E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
removed from landng as per request
odd tarball in the archive - lets revisit for > 0.4.0
Mar 3 2021
cleaned up in landing
we can close this since we can't clean it up for byzantium due to a tarball checksum mismatch - i lack the power to close bugs thouh.
Mar 2 2021
Note that on the phone side we use a separate system to allow for this but it woudl be great if laneakia would handle that natively since this would shorten the pipeline where anything could go wrong and it makes it quicker to spot problems.
A likey simple way would be to assume a fixed location in gitlab like
Mar 1 2021
Still working on this flatpak
I'm working on a flatpak for Tootle
Feb 28 2021
Feb 26 2021
Feb 25 2021
Feb 23 2021
Feb 22 2021
Uh, because this website doesn't move me to the newly created issue, when I wanted to edit my issue I accidentally created a new one, mistaking the remaining issue creation page as an edition page… it's now a duplicate of https://tracker.pureos.net/T1004.
Feb 21 2021
Feb 20 2021
https://serverfault.com/a/950568 mentions intermittent OCSP failures tied to IPv6.
https://stackoverflow.com/a/60243923 mentions how to disable OCSP for apt:
touch /etc/apt/apt.conf.d/99verify-peer.conf \ && echo >>/etc/apt/apt.conf.d/99verify-peer.conf "Acquire { https::Verify-Peer false }"
Feb 19 2021
maybe relevant to your research:
curl -O https://repo.pureos.net/pureos/dists/amber/main/source/Sources.xz works fine,
but curl -O --cert-status https://repo.pureos.net/pureos/dists/amber/main/source/Sources.xz fails:
curl: (91) No OCSP response received
Commit https://github.com/systemd/systemd/pull/18552/files disabled the Purism keyboard rules in systemd upstream.
Feb 18 2021
Phabricator's API is called conduit. I can pull data from conduit and it looks like this;
Feb 17 2021
gitlab would be nice too but likely fine grained (e.g. calls -> calls channel, phosh/phoc/squeekboard -> phosh channel) - we had a bug for that somewhere in gitlab iirc, the above is about the pureos tracker only.
@jeremiah.foster: please don't discuss [multiple issues] issues directly, but instead file a separate issue report for the part you have input on and discuss it there.
Feb 16 2021
I think "blobs" is tricky terminology which might confuse - it confuses me. I prefer talking about 'firmware'. Firmware is stored in Read Only Memory (ROM) as a binary. It usually cannot be changed and it just meant to make the hardware work at all. The FSF says "Firmware that is installed during use is software; firmware that is delivered inside the device and can't be changed is software by nature, but we can treat it as if it were a circuit." This makes firmware closer, or even the same as, hardware. And while all hardware should have free designs, like Purism's, we don't have to reject non-free hardware the way we have to reject non-free software according to the FSF.
Do we need or want a channel from Gitlab to Matrix too?
Is this a Tracker <--> Matrix channel? We already have #dev/pureos-changes so you don't mean that channel I assume.
to add some context:
Feb 15 2021
I've been informed that it is at least *theoretically* possible to point snapd to a only free "store" https://forum.snapcraft.io/t/external-repositories/1760/7
This might help us not have to remove snapd and then patch and maintain all the software that depends on snap and snapd.
This issue is not about what is acceptable for people hired by or representing Purism to do.
Might be cool to put that documentation here: https://tracker.pureos.net/w/development/
Although I agree that people at Purism shouldn't instruct how to install proprietary software, It would be difficult to forbid instructions or discussions about installing or upgrading Coreboot, which still contains blobs.
@evangelos.tzaras for phone development you'd usually not use dput.