Update to Nextcloud

2022-10-29 Thread Ben Cooksley 
Good morning all,

This morning I updated our Nextcloud instance at
https://collaborate.kde.org/ to make use of the latest version of Nextcloud
(v25, or as they call it in their marketing materials, Hub 3).

While this change shouldn't bring much in the way of changes to features
that we will notice it does appear to me at least to improve performance on
initial load.

As part of this I also configured Nextcloud to make use of Invent (Gitlab)
authentication. When using this login flow your group memberships will now
be synced from the corresponding team on Gitlab (
https://invent.kde.org/teams/) for those teams with shares. Should anyone
have any issues with this please let us know.

There were a small number of people (about 25, a few whose usernames I
recognised) who had not logged into Gitlab when I did the migration, and
therefore their accounts were not able to be linked. If this is you then
you will receive an error regarding duplicate email addresses when logging
into Nextcloud - please file a ticket and we will link your account.

Many thanks,
Ben

Re: Gitlab update, 2FA now mandatory

2022-10-29 Thread Christoph Cullmann (cullmann.io) 

On 2022-10-28 22:57, Ben Cooksley wrote:

Hi all,

Following some additional analysis of the situation I've now adjusted
the policy surrounding enforced use of 2FA.

Going forward it will only be enforced on people who are one of the
following:
- KDE Developers
- KDE e.V. Members (including the Board)
- KDE e.V. Staff (whether they be contractors or employees)

In addition, 2FA may be enforced on any person who has access to a
system that contains sensitive information, including but not limited
to stats.kde.org [1], metrics.kde.org [2] and collaborate.kde.org [3],
or who has additional privileges on those systems outside of those
granted to users by default. It may also be enforced if a person
becomes involved in a project in a meaningful way (ie. a long term
contributor) that does not result in them obtaining a developer
account or access to sensitive information.


Hi,

thanks a lot, this seems to be a very sensible solution for me.

That will still allow people to easily comment in things and make first 
time contributions without any extra hassle.


Greetings
Christoph



Cheers,
Ben

Links:
--
[1] http://stats.kde.org
[2] http://metrics.kde.org
[3] http://collaborate.kde.org


--
Ignorance is bliss...
https://cullmann.io | https://kate-editor.org