DragonFly kernel List (threaded) for 2009-01
Re: New year, new site, new wiki
:All the pages can be edited by anyone with commit access. Web editing is
:right now limited to /docs/*. Everything that's in docs/ now is material
:from the wiki, so we're not "exposing" anything new. (you can write
:"PageSpecs" that specify what can and can't be edited.)
:The login for editing via the web is separate from developer logins; it
:uses its own system or OpenID (http://openid.net) to handle logins. There
:is a separate plugin that can use checkpassword (or potentially
:checkpassword-pam, now that Peter's committed so much PAM work) to
:DragonFly) to authenticate against existing accounts on the machine, which
:would make having a leaf account the barrier to entry. We'd want to set
:up https, though, and I don't really like the machine logins flying about
:over the net, even over https.
Ok. Definitely *NO* login password authentication, though. Passwords
aren't allowed on leaf accounts anyway, it's ssh or nothing, though
for some reason the special mhonarc archiving account has a password
You can enable https with a dummy certificate. Since only DFly
developers would use use it via https we don't need a full auth
chain for it.
:Everyone seems OK with this, so my plan is:
:- finish remaining changes people have suggested (handbook cleanup, etc.)
:- Copy bare repository from shiningsilence.com to crater
:- Copy working repository to leaf
:- Install ikiwiki on leaf
:- Configure ikiwiki to use working repo on leaf
:- Configure ikiwiki to write out actual site on NFS share on crater
:- Configure ikiwiki to run CGI for editing on leaf
:- Step 3: Profit!
:Hopefully done by this weekend, depending on life. I'll write up a
:document describing how to work with it all, too.
Plus we have to make sure that CGI execution is disabled on crater's
http. It sounds like a good plan.