Services managed by Tails Sysadmins

Below, importance level is evaluated based on:

users' needs: e.g. if the APT repository is down, then the Additional Software feature is broken;
developers' needs: e.g. if the ISO build fails, then developers cannot work;
the release process' needs: we want to be able to do an emergency release at any time when critical security issues are published. Note that in order to release Tails, one needs to first build Tails, so any service that's needed to build Tails is also needed to release Tails.

APT repositories

Custom APT repository

purpose: host Tails-specific Debian packages
documentation
access: anyone can read, Tails core developers can write
tools: reprepro
configuration:
- tails::reprepro::custom class
- signing keys are managed with the tails_secrets_apt Puppet module
importance: critical (needed by users, and to build & release Tails)

Time-based snapshots of APT repositories

purpose: host full snapshots of the upstream APT repositories we need, which provides the freezable APT repositories feature needed by the Tails development and QA processes
documentation
access: anyone can read, release managers have write access
tools: reprepro
configuration:
- tails::reprepro::snapshots::time_based class
- signing keys are managed with the tails_secrets_apt Puppet module
importance: critical (needed to build Tails)

Tagged snapshots of APT repositories

purpose: host partial snapshots of the upstream APT repositories we need, for historical purposes and compliance with some licenses
documentation
access: anyone can read, release managers can create and publish new snapshots
tools: reprepro
configuration:
- tails::reprepro::snapshots::tagged class
- signing keys are managed with the tails_secrets_apt Puppet module
importance: critical (needed by users and to release Tails)

Bitcoind

purpose: handle the Tails Bitcoin wallet
access: Tails core developers only
tools: bitcoind
configuration: bitcoind class
Vcs-Git: bitcoin and libunivalue
importance: medium
To save disk space: as the bitcoin@bitcoin.lizard user, run bitcoin-cli getblockcount to get the ID of the last block, then run bitcoin-cli pruneblockchain XYZ, with XYZ being a Unix timestamp that's at least 5 months in the past.

BitTorrent

purpose: seed the new ISO image when preparing a release
documentation
access: anyone can read, Tails core developers can write
tools: transmission-daemon
configuration: done by hand (#6926)
importance: low

DNS

purpose: authoritative nameserver for the tails.net and amnesia.boum.org zones
access:
- anyone can query this nameserver
- members of the mirrors team control some of the content of the dl.amnesia.boum.org sub-zone
- Tails sysadmins can edit the zones with pdnsutil edit-zone
tools: pdns with its MySQL backend
configuration:
- tails::pdns class and tails::pdns::* resources
- powerdns Puppet module
importance: critical (most of our other services are not available if this one is not working)

GitLab

purpose:
- host Tails issues
- host most Tails Git repositories
access: public + some data with more restricted access
operations documentation: GitLab
end-user documentation: GitLab
configuration:
- immerda hosts our GitLab instance using this Puppet code.
- We don't have shell access.
- Tails system administrators have administrator credentials inside GitLab.
- Groups, projects, and access control:
  - high-level documentation
  - configuration: tails/gitlab-config
importance: critical (needed to release Tails)
Tails system administrators administrate this GitLab instance.
See our documentation about GitLab for Tails sysadmins.

Gitolite

purpose:
- host Git repositories used by the puppetmaster and other services
- host mirrors of various Git repositories needed on lizard, and whose canonical copy lives on GitLab
access: Tails core developers only
tools: gitolite3
configuration: tails::gitolite class
importance: high (needed to release Tails)

git-annex

purpose: host the full history of Tails released images and Tor Browser tarballs
access: Tails core developers only
tools: git-annex
configuration:
importance: high (needed to release Tails)

Icinga2

purpose: Monitor Tails online services and systems.
access: only Tails core developers can read-only the Icingaweb2 interface, sysadmins are RW and receive notifications by email.
tools: Icinga2, icingaweb2
configuration: not documented
documentation: currently none
importance: critical (needed to ensure that other, critical services are working)

Jenkins

purpose: continuous integration, e.g. build Tails ISO images from source and run test suites
access: only Tails core developers can see the Jenkins web interface (#6270); anyone can download the built products
tools: Jenkins, jenkins-job-builder
design and implementation documentation: Jenkins
importance: critical (as a key component of our development process, needed to build IUKs during a Tails release)

LimeSurvey

purpose: user surveys, mainly for UX purposes
access: sysadmins and UX members have shell access, as well as admin access to the web interface
tools: limesurvey
configuration: tails::profile::limesurvey
importance: low to medium

Mail

purpose: handle incoming and outgoing email for some of our Schleuder lists
access: public MTA's listening on mail.tails.boum.org and mta.tails.net
tools: postfix, rspamd
configuration: tails::profile::mta, tails::profile::rspamd, and tails::profile::mtasts classes
importance: high (at least because WhisperBack bug reports go through this MTA)

Meeting reminder

purpose: send email reminders, for example about upcoming meetings
access: not applicable
configuration:
- to add a new reminder, or modify an existing one:
  - tails::meeting::reminders
  - email templates
- implementation: tails::meeting, tails::meeting::reminder, and meeting.py script
importance: to be defined

Mirror pool

purpose: provide the HTTP and DNS mirror pools
documentation: design documentation, blueprint
access: public
tools: mirrorbits
configuration:
- tails::profile::mirrorbits
importance: critical (needed by users to download Tails)
responsibilities:
- Process offers of new mirrors.
- Identify and process broken and slow mirrors.
- Identify general health problems.

rsync

purpose: provide content to the public rsync server, from which all HTTP mirrors in turn pull
access: read-only for those who need it, read-write for Tails core developers
tools: rsync
configuration:
- tails::profile::rsync
- users and credentials are managed with the tails_secrets_rsync Puppet module
importance: critical (needed to release Tails)

Schleuder

purpose: host some of our Schleuder mailing lists
access: anyone can send email to these lists
tools: schleuder
configuration:
- tails::profile::schleuder class
- tails::profile::schleuder::lists Hiera setting
importance: high (at least because WhisperBack bug reports go through this service)

Tor bridge

purpose: provide a Tor bridge that Tails contributors can easily use for testing
access: anyone who gets it from BridgeDB
tools: tor, obfs4proxy
configuration:
- tails::profile::bridge
- tor::daemon::relay
importance: low

VPN

purpose: flow through VPN traffic the connections between our different remote systems. Mainly used by the monitoring service.
access: private network.
tools: tinc
configuration:
- tails::vpn::instance class
importance: transitively critical (as a dependency of our monitoring system)

Web server

purpose: serve web content for any other service that need it
access: depending on the service
tools: nginx
configuration:
- nginx class
importance: transitively critical (as a dependency of Jenkins and APT repositories)

Weblate

URL: https://translate.tails.net/
purpose: web interface for translators
design documentation
usage documentation
admins: to be defined (#17050)
tools: Weblate
configuration:
- tails::profile::weblate class
importance: to be defined

WhisperBack relay

purpose: forward bug reports sent with WhisperBack to tails-bugs@boum.org
access: public; WhisperBack (and hence, any bug reporter) uses it
tools: Postfix
configuration:
- tails::profile::whisperback class
importance: high