Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:99942 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 83211 invoked from network); 19 Jul 2017 17:51:02 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 19 Jul 2017 17:51:02 -0000 Authentication-Results: pb1.pair.com header.from=php@golemon.com; sender-id=softfail Authentication-Results: pb1.pair.com smtp.mail=php@golemon.com; spf=softfail; sender-id=softfail Received-SPF: softfail (pb1.pair.com: domain golemon.com does not designate 74.125.82.54 as permitted sender) X-PHP-List-Original-Sender: php@golemon.com X-Host-Fingerprint: 74.125.82.54 mail-wm0-f54.google.com Received: from [74.125.82.54] ([74.125.82.54:37215] helo=mail-wm0-f54.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id A9/0C-02884-40C9F695 for ; Wed, 19 Jul 2017 13:51:00 -0400 Received: by mail-wm0-f54.google.com with SMTP id g127so5957469wmd.0 for ; Wed, 19 Jul 2017 10:51:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=golemon-com.20150623.gappssmtp.com; s=20150623; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=tl8W+4XhU0EBtCuBuA9HlPcWevyJLRzOLGzbObw/2nw=; b=b98C71TkD67hQAM+NoVJ5DoXFgIkucdWLYmyqm880sBgcPC+AY85npIoc1YYnDjCuA e+AMR0JyrDEzWu2BGAL2lx8jsOIjpNTIXJjG4cEhOGTb8UDHVPEXxL2sVivF4IAar6i/ +TRIJNbVqDAqgj+u1xNB4OmOhkUEtRwqj2t47LffrP/TtlM6xzRHl1zQkjJnP2v9v+6u 5NlxgCN+zGrFiylkyx5ettu7TwNcyRrNcg4id7GaqwlyS0RapotfTA6DhLDcWEt6xthW M1iLfJZ2WtCsb5UKb/+Pun2s/6Vl+pWDZSvDJHOFKhPFpr97s4W2SHJJOCNVCP1f/R0V mMhA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=tl8W+4XhU0EBtCuBuA9HlPcWevyJLRzOLGzbObw/2nw=; b=c6FhdVlflvPJJebmEcOJ/TGYFl4Bb2UxKffq+7FzYUvYu/j8g7hj0mqal6FfUx5OAQ hvccNvAwrMAje1FI10FXJtgOah9QmktOOqmQ8laVEWpZks9VVlIImgVeBMNEfxBehEjb +87y9gimcSiXUmL0j4c1Ce+tz3UBKIRSeftW9E2PAQCsX1oOzCJH5+rYrYbu810Ca+1Y Tn1wqM1ODa161uN6I8gVXVQLmKTdnoH00WSC68em6zl553g43m73xZg88PtN6n+jvYrc lRBFXJLROPo/P+JstbTjwLLCaXwGSj4ox4wf4FLL/cGlVe52PK5JhwVCiJBOYqpWMoOS W8kQ== X-Gm-Message-State: AIVw111nD1rjnNUSBhzVfreNAcYCV0xTDGPwllqDA37l1v9UK/wsIBLH VjrdbkXsQ2/VO0ikImbGblCq0D1vvVw385G42w== X-Received: by 10.28.150.139 with SMTP id y133mr567962wmd.61.1500486657712; Wed, 19 Jul 2017 10:50:57 -0700 (PDT) MIME-Version: 1.0 Sender: php@golemon.com Received: by 10.223.169.139 with HTTP; Wed, 19 Jul 2017 10:50:57 -0700 (PDT) X-Originating-IP: [206.252.215.26] In-Reply-To: References: Date: Wed, 19 Jul 2017 13:50:57 -0400 X-Google-Sender-Auth: n2vwGJ1617oKP2hxkr7lgHqnbTc Message-ID: To: Niklas Keller Cc: Mathias Grimm , "internals@lists.php.net" Content-Type: text/plain; charset="UTF-8" Subject: Re: [PHP-DEV] php.net website From: pollita@php.net (Sara Golemon) On Wed, Jul 19, 2017 at 1:42 PM, Niklas Keller wrote: > We should really change that and fully move to HTTPS. > I was actually just thinking how lovely it would be to re-architect the mirroring process to use docker images. Benefits: * Usual consistent/predictable deployment arguments... * Full control of the webserver and PHP version (and extensions) used on mirrors. * Use docker hub as the distribution channel. (https out of the box) * Extra level of isolation for site hosts (web-php isn't alone on its hosts AIUI) * Apparently we could even add container image signing. That's sort of an orthogonal project to rewriting the site code, but it's arguably a simpler task to undertake. -Sara