infra
infra copied to clipboard
NixOS
[Non critical infra] Hosting emails for the community
I open this issue to get feedback both from the infra team and from the community on this idea.
As far as I know, nobody in Nix community has access to an official email address that shows official membership of the Nix/NixOS community. Even members of the foundation use their professional/personal address to reach out to external partners.
Other linux distributions, like debian, give access to an official email address to their developers for their interactions inside and outside the community. This has quite a lot of advantages:
- dedicated email addresses means we can more easily target them for maintenance related tasks (for example emails sent on Hydra failures) that will not pollute people's personal or pro mailboxes.
- dedicated email adresses help people from other communities to directly understand the membership of the developer to the NixOS community when they interact on a mailing list for example.
- emails adresses gives another entrypoint (different than matrix) when we wish to contact different members of the community, we could for example have aliases like "[email protected]" to contact people of the security team, and so on.
My proposition is the following:
- Have the non-critical infra team host an email server
- Have a policy for @nixos.org email attribution (one address for each committer? one address for each maintainer?)
- Allow teams or groups in the nixos community to have aliases pointing to their members.
Technically, using SNM seems reasonable, but I still have to figure out a way to automatically create adresses.
If that proposition is judged interesting and reasonable, I am willing to implement and maintain it.
Just to be clear, I think I am in favor of redirections but not storing locally those emails, it would create a too big strain on the infrastructure team to manage a real mail server with real users.
It seems more reasonable to me to use SNM to perform automatic redirects based on LDAP or GitHub or whatever.
If it's not an issue with like spam content and such, I would suggest that there is a different namespace for "official representation" from "contributor/member of the community", especially if getting an alias is easy enough.
There could be issues with well-meaning (or bad-meaning) members appearing more official and more tied to the project than expected.
Also it helps prevent pollution of the "main" namespace.
At the time when Debian was created, I would imagine that getting a @debian.org email address would feel pretty special. It makes you feel part of the community. I don't know how relevant that is for today where our identity shifted more to be on GitHub and the web in general.
At the moment we use ImprovMX for email forwarding. It works quite well, but is missing the Terraform mapping to make it more transparent. The issue is that I didn't want to reveal user emails in the code.
The issue is that I didn't want to reveal user emails in the code.
I guess with have already a lot of email addresses in maintainer-list.nix
Technically, using SNM seems reasonable, but I still have to figure out a way to automatically create adresses.
You would also need to provide some form of self-service, so you'd be looking at some IDM as well.
Not sure if setting all that up is really worthwhile. Who really requires it except for the few people that need to communicate in an official capacity with the outside world.
Also, I second Samuel's concerns about representation issues.
From the technical side, would heavily encourage providing only aliases / SMTP and no storage, not a full solution like SNM. The last thing I'd like us to get in the business of is potentially storing any private personal data. Giant can of worms right there.
But also seconding everyone else who's been saying we need to figure out the "who / why" before the "how" here. Personally I think I'd be reasonably happy if that was handled via case-by-case decisions by the Foundation board.
