Whonix source code in self-hosted git

Hello, would love to see Whonix self hosting the git server.
I have problems with github, they block certain providers and certain IPs.

Hi,
Thank you for contacting GitHub Support.
Our abuse detecting systems flagged this account because of the email address on the account. The email provider is not permitted for use on GitHub accounts.
In addition to that, you appear to have registered multiple free user accounts.
Our Terms of Service state that an individual may not maintain more than one:
GitHub Terms of Service - GitHub Docs
We’ll need to leave this account flagged.
Regards,

2 reasons they replied:

Our abuse detecting systems flagged this account because of the email address on the account. The email provider is not permitted for use on GitHub accounts.

Mail provider censor.

In addition to that, you appear to have registered multiple free user accounts.

I did not try to create multiple free accounts.
Probably IP based flag considering many people use the same exit node.

I chose an e-mail provider that does not require personal information nor signup without tor and could be done without javascript enabled.
I could of course hop mail server till I find one that works, but that would solve the account problem, but not the bigger problem that is relying on github for everyone that wants to contribute and depending on giving enough information for 3rd party servers till they are satisfied.

I can of course try other git hosting solutions, but Whonix being hosted on a different server such as GitHub makes merge requests impossible, for someone to review the request, they would need to see a branch hosted on a different server and they would only be able to compare locally. Mail patches are also possible, but then that is a closed review process, with only one person seeing the patch before being applied, as there is not Whonix mailing list related to that.

Also, as discussions should happen here instead of git issues, the git server program does not need lots of features.

I hope this incite the git hosting to come sooner.

1 Like

Is it really, really required for Whonix to self-host any more webapps?

There’s no need to send a pull request to github. Sure, that’s neat but fully optional. Due to the distributed nature of git, any git branch posted to any git server anywhere worldwide would work. After notification here in the forums, I could locally add the git remote server, git fetch, git diff and consider git merge.

Git even supports creation of single file patch files which could be pasted somewhere here in the forums.

What’s the big advantage of a git (or any) server self-hosted by Whonix compared to any git branch in any git repository anywhere or git patch format? And is the extra effort really justified for the maintenance required for that webapp? Maintenance required: initial setup, keeping it updated, backups and restoration testing, archival, troubleshooting if something breaks…

From my experience with other webapps… See:
How much effort is worth spending on a "perfect webserver for whonix.org"?


If any self-hosted git server, which one? A lightweight one? Which feature are required? Or a more feature-rich one such as gitlab with issues tracking and whatnot?

Streamlining Dev Collaboration - #22 by Mycobee

1 Like

Is it really, really required for Whonix to self-host any more webapps?

If it is something heavy to maintain, then no.

There’s no need to send a pull request to github. Sure, that’s neat but fully optional. Due to the distributed nature of git, any git branch posted to any git server anywhere worldwide would work. After notification here in the forums, I could locally add the git remote server, git fetch, git diff and consider git merge.

Can be… I just find this difficult to keep track:

  • there is no organization of threads except the type: Development
  • one thread is one topic, meaning that every new patch is a new topic
  • with every new topic relating to different repositories, it becomes
    hard to keep track, you have to start searching the threads to see where
    a discussion for 1 patch to be done for 1 repository was first started
  • with hosted git server with issues, this is not a problem because
    issues can be tagged and are per repository and not per
  • if using a git server without issues… then would have to rely solely
    on forums.

If the “issues” issue could be resolved by setting proper tags per
thread and the repository being mentioned on the thread’s name. e.g.
repoX: patchY, for easier search.

Git even supports creation of single file patch files which could be pasted somewhere here in the forums.

Could try that, but can’t attach a patch to the forum right? With a big
enough patch, dumping everything makes it hard to review? To make
changes on top of the discussed point?

What’s the big advantage of a git (or any) server self-hosted by Whonix compared to any git branch in any git repository anywhere or git patch format? And is the extra effort really justified for the maintenance required for that webapp? Maintenance required: initial setup, keeping it updated, backups and restoration testing, archival, troubleshooting if something breaks…

  • no dependency on third-parties servers rules and logging
  • no need to handle different remote servers from different
    contributors, still need to git fetch/pull remote tho.
    About maintenance, if it is too cumbersome, then of course not.

From my experience with other webapps… See:
How much effort is worth spending on a "perfect webserver for whonix.org"?


If any self-hosted git server, which one? A lightweight one? Which feature are required? Or a more feature-rich one such as gitlab with issues tracking and whatnot?

I am not an expert on the different git servers to make an informed
decision. I think that if the forum implements a good tracking of
issues, merge requests per repository, then maybe git server with
“issues” functionality is not necessary?

1 Like

This is not reality. Where is it going to be hosted? My house? No the internet is not good enough here

A cloud provider? Thats a third party.

My opinion

advantages of self hosting gitea

  • Reduce dependency on microsoft. When i ask people why they use facebook/insta/twitter, they generally say “all my friends use it”… It creates a loop. Someone needs to break the loop!

  • Leverage project boards and issue tracking to help collaborators

  • Create a place for multiple projects beyond whonix/kicksecure to live.

disadvantages of self hosting

  • Time. I would be willing to take this on, but it would take away other work i could do to help whonix. I dont know how much this matters though if it works and helps the project at large become more productive. If I can speed up work for 5 people, but slow myself down this is probably fine

  • Money. Cloud servers arent free (nor are physical servers). I already pay $25 a month for our CI server and automated testing. I could ask Patrick for this money, but rather prefer to treat it as a donation for now. Once WATS is running I will collaborate getting a whonix owned server set up. But for now, this is an out of pocket expense. Regardless who pays it, a collaborator or the project itself, it still costs money.

  • potential reputational loss if a hack occurs. I am not a terrible sysadmin by any means, but I am a human and much more specialized on infra automation as my day job. Security is something I have learned a good bit, but could still spend a lifetime and not know it all. I could make a mistake, a hack would be embarrassing to the project.

2 Likes

Saw Bug Reports, Software Development and Feature Requests chapter Forum Tags in Whonix wiki? Forum tags… But maybe also not very usable, unsuitable, messy.

On the other hand, when there was phabricator, there’s always been lower activity there and then duplication in forums vs phabricator. So the ideal issue tracking which would imo be a forum with easily usable tags/components would be best but that doesn’t seem to exist.

I don’t know any forum that can really provide a unified experience for all of that.

In theory could just dump the patch’s plaintext into code tags. That however might fail in case there’s any binary data (lets say an icon, image, etc.).

Yeah. That what was I had in mind. Just the patch. No discussion. Discussion happening in other forum threads. But that might spam lots of forum threads.

A git patch can express multiple commits.

But, yeah… Only if a separate forum thread per patch. And then in the main discussion just link to it.

The more I think about it, the posting patches directly to the forums should probably stay the exceptional cases. If used a lot, might quickly trash the forums. And if patches are posted elsewhere (such as on paste websites) and only links to patches posted in forums that might be marginally better. But then paste websites expire. Then web archiving these would be required. Getting more and more messy.

At time of writing, Whonix server - just as any other server for any other project - is also “hosted in the cloud” at a root server (or VPS server) provider. The server provider could also do logging without my consent and/or knowledge. Related:
Placing Trust in Whonix ™ chapter Self-Hosting vs Third Party Hosting in Whonix wiki
So all of the perfection, a lot of the advantages of no logs for example by self-hosting discourse and not using the hosted version by discourse cloud might actually go out of the window due to the server provider at least in principle having the power to log.

That’s might be why why Qubes concluded it’s not worth to even try to optimize for self-hosting:

Indeed. Hence written about that here:
Placing Trust in Whonix ™ chapter Self-Hosting vs Third Party Hosting in Whonix wiki

I have an idea :bulb:

If we all quit sleeping, we would have an extra 8 hours a day 365 days a year. Every developer would have an extra 3000 hours a year to implement the most secure and most ethical solutions. Tech giants would imminently crumble, and future civilizations would study the statues society erected to honor our existence.

1 Like

anyways I am going to do some more brainstorrming about how we can avoid too many tech giant tools despite it being a bad idea, as a pet project, because I like lighting time on fire and I think it might be useful to other communities as well.

I am going to make good on my word and get WATS running first though. Perhaps tomorrow night

1 Like