Folks, I've moved sks-peer.spodhuis.org, details below. If you're a peer and not happy at this change, let me know and we can de-peer.
Before: jail on a FreeBSD box in private colo in NL. Now: EC2 instance in Paris (eu-west-3) running Ubuntu Bionic. The service is mostly the same, no changes to HTTPS identity, administrators, etc etc. Just moved to be isolated. However, I'm currently running on the default sks package, so without the long-keyid patch. The AMI is my own, built from the official Ubuntu Bionic Beaver 18.04 AMI (ami-f3211396 in us-east-2) using Packer, which did the basic tuning. I'm using /srv/sks as a separate EBS volume which can be detached. I built using a c5.large instance, which was nice and fast, with the storage being a 100GB provisioned-IOPS volume. After building and debugging, I nuked the c5.large, downgraded the volume to GP2, and made a t2.small, which is what I'm running with now. IP addresses should be stable: it's an elastic IP for IPv4, and a standalone ENI which has the IPv6 address, so that shouldn't change either: if I rebuild, I'll reattach. The DNS is unconnected to AWS and is DNSSEC-signed, so the IPs should be verifiable. Mailsync is not yet enabled. My peering spidering is not yet live on this new host. At some point I'll probably recreate the entire thing on FreeBSD, if only because of ... severe philosophical differences with systemd-resolved and the amount of head-banging it took to get Unbound in service. But it's there, it's live. Let's see if this one can manage to stay up without the BDB layer suddenly deciding it can't find anything. -Phil
signature.asc
Description: Digital signature
_______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel