DragonFly kernel List (threaded) for 2009-01
DragonFly BSD
DragonFly kernel List (threaded) for 2009-01
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: New year, new site, new wiki

From: Matthew Dillon <dillon@xxxxxxxxxxxxxxxxxxxx>
Date: Wed, 7 Jan 2009 17:25:41 -0800 (PST)

:All the pages can be edited by anyone with commit access.  Web editing is
:right now limited to /docs/*.  Everything that's in docs/ now is material
:from the wiki, so we're not "exposing" anything new.  (you can write
:"PageSpecs" that specify what can and can't be edited.)
:The login for editing via the web is separate from developer logins; it
:uses its own system or OpenID (http://openid.net) to handle logins.  There
:is a separate plugin that can use checkpassword (or potentially
:checkpassword-pam, now that Peter's committed so much PAM work) to
:DragonFly) to authenticate against existing accounts on the machine, which
:would make having a leaf account the barrier to entry.  We'd want to set
:up https, though, and I don't really like the machine logins flying about
:over the net, even over https.

    Ok.  Definitely *NO* login password authentication, though.  Passwords
    aren't allowed on leaf accounts anyway, it's ssh or nothing, though
    for some reason the special mhonarc archiving account has a password
    on it.

    You can enable https with a dummy certificate.  Since only DFly 
    developers would use use it via https we don't need a full auth
    chain for it.

:Everyone seems OK with this, so my plan is:
:- finish remaining changes people have suggested (handbook cleanup, etc.)
:- Copy bare repository from shiningsilence.com to crater
:- Copy working repository to leaf
:- Install ikiwiki on leaf
:- Configure ikiwiki to use working repo on leaf
:- Configure ikiwiki to write out actual site on NFS share on crater
:- Configure ikiwiki to run CGI for editing on leaf
:- Step 3: Profit!
:Hopefully done by this weekend, depending on life.  I'll write up a
:document describing how to work with it all, too.

    Plus we have to make sure that CGI execution is disabled on crater's
    http.  It sounds like a good plan.

					    Matthew Dillon 

[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]