Priorities for 2025

• Web things already scheduled this year, postponed to 2025
  • Improve websites for mobile (needs discussion / clarification, @gaba will check with @gus / @donuts)
  • Create a plan for migrating the gitlab wikis to something else (TPA-RFC-38)
  • Improve web review workflows, reuse the donate-review machinery for other websites (new)
  • Deploy and adopt new download page and VPN sites
  • Search box on blog
  • Improve mirror coordination (e.g. download.torproject.org) especially support for multiple websites, consider the Tails mirror merge, currently scheduled for 2027, possible to squeeze in a 2025 grant, @gaba will check with the fundraising team
• Make a plan for SVN, consider keeping it
• MinIO in production, moving GitLab artifacts, and collector to object storage, also for network-health team (contact @hiro) (Q1 2025)
• Prometheus phase B: inhibitions, self-monitoring, merge the two servers, authentication fixes and (new) autonomous delivery
• Debian trixie upgrades during freeze
• Puppet CI (see also merge with Tails below)
• Development environment for anti-censorship team (contact @meskio), AKA "rdsys containers" (tpo/tpa/team#41769)
• Possibly more hardware resources for apps team (contact @morganava)
• Test network for the Arti release for the network team (contact @ahf)
• Tails 2025 merge roadmap, from the Tails merge timeline
  • Puppet repos and server:
    • Upgrade Tor's Puppet Server to Puppet 7
    • Upgrade and converge Puppet modules
    • Implement commit signing
    • EYAML (keep)
    • Puppet server (merge)
  • Bitcoin (retire)
  • LimeSuvey (merge)
  • Website (merge)
  • Monitoring (migrate)
  • Come up with a plan for authentication

Note that the web roadmap is not fully finalized and will be discussed on 2024-11-19.

Removed items

• Evaluate replacement of lektor and create a clear plan for migration: performance issues are being resolved, and we're building a new lektor site (download.tpo!), so we propose to keep Lektor for the foreseeable future
• TPA-RFC-33-C, high availability moved to later, we moved autononmous delivery to Phase B

Black swans

A black swan event is "an event that comes as a surprise, has a major effect, and is often inappropriately rationalized after the fact with the benefit of hindsight" (Wikipedia). In our case, it's typically an unexpected and unplanned emergency that derails the above plans.

Here are possible changes that are technically not black swans (because they are listed here!) but that could serve as placeholders for the actual events we'll have this year:

• Possibly take over USAGM s145 from @rhatto if he gets funded elsewhere

• Hetzner evacuation (plan and estimates) (tpo/tpa/team#41448)
• outages, capacity scaling (tpo/tpa/team#41448)
• in general, disaster recovery plans
• possible future changes for internal chat (IRC onboarding?) or sudden requirement to self-host another service currently hosted externally

Some of those were carried over from the 2024 roadmap. Most notably, we've merged with Tails, which was then a "black swan" event, but is now part of our roadmap.

Quarterly reviews

• 2025-Q1: plan was made in 2025-01-13, reviewed in 2025-04-07
• 2025-Q2: plan was made in 2025-04-07, reviewed in 2025-06-16
• 2025-Q3: plan was made in 2025-07-07

Yearly reviews

This section was put together to answer the question "what has TPA done in 2025" for the "state of the onion".

• Prometheus phase B: reduced noise in our monitoring system, finished the migration from legacy, domain name checks, dead man's switch, see https://gitlab.torproject.org/groups/tpo/tpa/-/milestones/14 which was mostly done since october 2024 until now
• MinIO clustering research and deployment https://gitlab.torproject.org/tpo/tpa/team/-/issues/41415
• download page and VPN launch web overhaul https://gitlab.torproject.org/tpo/web/tpo/-/issues/248 and lots of others
• massive amount of work on the email systems, with new spam filters, mailman upgrade, and general improvements on deliverability https://gitlab.torproject.org/groups/tpo/tpa/-/milestones/16
• tails merge, year 2/6 https://gitlab.torproject.org/groups/tpo/tpa/-/milestones/18
  • puppet merge
  • new design for a centralized authentication system
  • merged limesurvey
  • moved from XMPP to Matrix/IRC
  • trained each other on both infra
• trixie upgrades: batches 1 and 2 completed, 82% done, funky graph at https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/upgrades#all-time-version-graph, hoping to converge towards batch upgrades every three years instead of two parallel upgrade batches for three years https://gitlab.torproject.org/groups/tpo/tpa/-/milestones/12
• service containerization experiments for anticensorship and network-health teams https://gitlab.torproject.org/tpo/tpa/team/-/issues/41769 https://gitlab.torproject.org/tpo/tpa/team/-/issues/42080
• confidential GitLab issues encryption https://gitlab.torproject.org/tpo/tpa/gitlab/-/issues/151
• asncounter and GitLab AI crawlers defense https://gitlab.torproject.org/tpo/tpa/team/-/issues/42152
• survived vacations
• started tracking technical debt more formally in internal reports https://gitlab.torproject.org/tpo/tpa/team/-/issues/41456
• crossed the 4k closed issue in April, crunching on average 40+ issues per month, or a little over one per day

Capacity tracking

Actual quarterly allocations are managed in a Nextcloud spreadsheet.

References

This roadmap was discussed in November 2024 in two meetings, 2024-11-18 and 2024-11-11. It was also worked on in an issue.