Re: [gentoo-dev] [kde overlay] Up for grabs: dev-util/arcanist

[Andreas Sturmlechner]

On Tuesday, 19 May 2020 21:47:51 CEST Gerion Entrup wrote:
> I use this tool for my work. Is it in a fashion to push it to gentoo.git?
> If yes, I can proxy maintain it.
> 
> If I get it right, there is not real installation, but only "copy all in opt
> and symlink the binary". Is is meaningful to make a fake version like
> arcanist-2020.05.19?
> 
> Gerion

Actually, I forgot that it is one of those upstreams not doing releases at 
all. Rather than inventing versions or having a -only package in 
gentoo.git, the best place would be guru overlay for it:

https://wiki.gentoo.org/wiki/Project:GURU

signature.asc
Description: This is a digitally signed message part.

Re: [gentoo-dev] [kde overlay] Up for grabs: dev-util/arcanist

[Gerion Entrup]

Am Dienstag, 19. Mai 2020, 15:56:53 CEST schrieb Andreas Sturmlechner:
> KDE project has moved away from the unloved Phabricator instance to GitLab 
> (invent.kde.org), so there is no reason for us to keep this package in kde 
> overlay for much longer.
> 
> If for some reason you still rely on kde overlay providing this package, 
> consider picking it up now and maintain it in gentoo.git or your own place.
> 
> Regards,
> Andreas

I use this tool for my work. Is it in a fashion to push it to gentoo.git?
If yes, I can proxy maintain it.

If I get it right, there is not real installation, but only "copy all in opt 
and symlink the binary".
Is is meaningful to make a fake version like arcanist-2020.05.19?

Gerion


signature.asc
Description: This is a digitally signed message part.

[gentoo-dev] Last-rites: sci-chemistry/nmrdepaker

[Andreas Sturmlechner]

# Andreas Sturmlechner  (2020-05-19)
# Stuck on Python 2 and pygtk, last revdep on dev-python/matplotlib[gtk2],
# last release in 2011, bug #705650. Masked for removal in 30 days.
sci-chemistry/nmrdepaker

signature.asc
Description: This is a digitally signed message part.

[gentoo-dev] [kde overlay] Up for grabs: dev-util/arcanist

[Andreas Sturmlechner]

KDE project has moved away from the unloved Phabricator instance to GitLab 
(invent.kde.org), so there is no reason for us to keep this package in kde 
overlay for much longer.

If for some reason you still rely on kde overlay providing this package, 
consider picking it up now and maintain it in gentoo.git or your own place.

Regards,
Andreas

signature.asc
Description: This is a digitally signed message part.

Re: [gentoo-dev] RFC: Gentoo Identity Provider

[Samuel Bernardo]

On 5/19/20 7:47 AM, Michał Górny wrote:
> Do you have any specific solution in mind?
>
> [1] https://gitweb.gentoo.org/archive/proj/identity.gentoo.org.git/

I would suggest for SSO an implementation like the following with LDAP
provider:

https://github.com/Luzifer/nginx-sso/wiki/Auth-Provider-Configuration




signature.asc
Description: OpenPGP digital signature

[gentoo-dev] Initial version of gander/goose statistics up for testing

[Michał Górny]

Hi,

We've deployed the initial work-in-progress version of gander/goose
(formerly known as gentoostats) for testing.  The goal right now is to
establish whether it would work rather than collect useful statistics. 
However, all interest and testing would be appreciated.

Few notes:

1. The client currently collects @world packages and profile, nothing
more.

2. Stats are updated daily, and discarded after one week.

3. There is a known bug that prevents resubmitting stats when they're
about to be removed.  So right now you can roughly resubmit every
8 days.

4. If there are only a few users, the risk of guessing who submitted
what is pretty high.  Bear that in mind.


To submit:

emerge gander
gander --setup
gander --submit

You can also use --make-report to see what would be submitted.  There is
no cron setup at the moment (see also point 3. above).


To view:

https://anser.gentoo.org/stats.json


Sources:

https://github.com/mgorny/gander
https://github.com/mgorny/goose


Please let me know what you think of it.

-- 
Best regards,
Michał Górny



signature.asc
Description: This is a digitally signed message part

Re: [gentoo-dev] RFC: Gentoo Identity Provider

[Lars Wendler]

Hi Alec,

On Mon, 18 May 2020 18:42:24 -0700 Alec Warner wrote:

>TL;DR: What if we launched id.gentoo.org, an identity provider that
>provides authentication for Gentoo properties? Basically, 1 username /
>password for wiki, bugs, email, forums, and any other http
>service[0][1].
>
>Today Gentoo has numerous systems that mostly work in a segmented way.
>
> - To connect to hosts, we use ssh keys.
> - Git is authenticated via ssh keys.
> - Email uses LDAP passwords.
> - Bugzilla has its own identities, with their own passwords.
> - Wiki is separate, with its own passwords.
> - Forums are separate.
> - Infra has an additional 4 systems that use separate credentials.
>
>Some applications support 2FA (such as wiki.)
>Some applications do not support 2FA.
>Applications that require 2FA have a configuration for each app, so you
>have N configurations.
>
>If we configured id.gentoo.org you would have 1 identity across all
>gentoo properties.
>
>Is this a thing people are interested in?
>
>[0] It's unlikely operations for git via ssh would change in this
>rollout. [1] Its unclear if the scope is "gentoo developers" or "any
>community member." The former have LDAP accounts and @gentoo.org email
>addresses and so we can manage them easily; managing 1000s of other
>accounts in the IDP remains to be seem.

In case 2FA won't be mandatory I find this a good idea.

Kind regards
-- 
Lars Wendler
Gentoo package maintainer
GPG: 21CC CF02 4586 0A07 ED93  9F68 498F E765 960E 9B39


pgpL2XtvxjHG4.pgp
Description: Digitale Signatur von OpenPGP

Re: [gentoo-dev] RFC: Gentoo Identity Provider

[Joonas Niilola]

On 5/19/20 4:42 AM, Alec Warner wrote:
> TL;DR: What if we launched id.gentoo.org , an
> identity provider that provides authentication for Gentoo properties?
> Basically, 1 username / password for wiki, bugs, email, forums, and
> any other http service[0][1].
>
>
> Is this a thing people are interested in?
>  
>
Sounds good to me.

-- juippis



signature.asc
Description: OpenPGP digital signature

Re: [gentoo-dev] RFC: Gentoo Identity Provider

[Azamat Hackimov]

вт, 19 мая 2020 г. в 09:47, Michał Górny :
>
> On Mon, 2020-05-18 at 18:42 -0700, Alec Warner wrote:
> > TL;DR: What if we launched id.gentoo.org, an identity provider that
> > provides authentication for Gentoo properties? Basically, 1 username /
> > password for wiki, bugs, email, forums, and any other http service[0][1].
> >
> > Today Gentoo has numerous systems that mostly work in a segmented way.
> >
> >  - To connect to hosts, we use ssh keys.
> >  - Git is authenticated via ssh keys.
> >  - Email uses LDAP passwords.
> >  - Bugzilla has its own identities, with their own passwords.
> >  - Wiki is separate, with its own passwords.
> >  - Forums are separate.
> >  - Infra has an additional 4 systems that use separate credentials.
> >
> > Some applications support 2FA (such as wiki.)
> > Some applications do not support 2FA.
> > Applications that require 2FA have a configuration for each app, so you
> > have N configurations.
> >
> > If we configured id.gentoo.org you would have 1 identity across all gentoo
> > properties.
> >
> > Is this a thing people are interested in?
> >
>
> What a coincidence I've just archived our old identity.gentoo.org [1]
> project.  And yes, we almost had this back in 2013 but Infra failed to
> deploy, and it was claimed obsolete by the time I joined Infra.
>
> Do you have any specific solution in mind?
>
> [1] https://gitweb.gentoo.org/archive/proj/identity.gentoo.org.git/
>
>
> --
> Best regards,
> Michał Górny
>

Hi there.

Maybe better to try something already stable, like KeyCloak [1]? Seem
all that you need (OpenID, LDAP, SAML2, external Identity Providers
via OpenID) is already implemented.

[1] https://www.keycloak.org/

-- 
>From Siberia with Love!