Re: [openstack-dev] znc as a service (was Re: [nova] Is the BP approval process broken?)

2014-09-03 Thread Louis Taylor
Thierry Carrez wrote:
 Note that ZNC is not the only IRC proxy out there. Bip is also working
 quite well.

Note also that an IRC proxy is not the only solution. Using a console IRC
client on a server works well for me. Irssi or weechat are both simple to set
up.


signature.asc
Description: Digital signature
___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] znc as a service (was Re: [nova] Is the BP approval process broken?)

2014-09-03 Thread Sylvain Bauza


Le 03/09/2014 14:38, Kuvaja, Erno a écrit :

Another well working option that can be easily used:
1) get a Linux system with internet connection (local box, VM in a cloud, 
whatever floats your boat)
2) install irssi and screen
3) run irssi in a screen

Now you can login (local console, ssh, telnet, mosh  again pick your 
preferred) into that linux system attach to the screen and you have your IRC 
client online all the time even you're not.

- Erno (jokke_) Kuvaja


Well, there is no need to ssh to Irssi, you can just use Irssi Proxy and 
make use of Pidgin or Xchat for it.


Re: ZNC as a service, I think it's OK provided the implementation is 
open-sourced with openstack-infra repo group, as for Gerrit, Zuul and 
others.
The only problem I can see is how to provide IRC credentials to this, as 
I don't want to share my creds up to the service.


-Sylvain


-Original Message-
From: Thierry Carrez [mailto:thie...@openstack.org]
Sent: 03 September 2014 13:24
To: openstack-dev@lists.openstack.org
Subject: Re: [openstack-dev] znc as a service (was Re: [nova] Is the BP
approval process broken?)

Stefano Maffulli wrote:

On 08/29/2014 11:17 AM, John Garbutt wrote:

After moving to use ZNC, I find IRC works much better for me now, but
I am still learning really.

There! this sentence has two very important points worth highlighting:

1- when people say IRC they mean IRC + a hack to overcome its
limitation
2- IRC+znc is complex, not many people are used to it

Note that ZNC is not the only IRC proxy out there. Bip is also working quite
well.


I never used znc, refused to install, secure and maintain yet another
public facing service. For me IRC is: be there when it happens or read
the logs on eavesdrop, if needed.

Recently I found out that there are znc services out there that could
make things simpler but they're not easy to join (at least the couple
I looked at).

Would it make sense to offer znc as a service within the openstack project?

We could at least document the steps required to set up a proxy. Or propose
pre-configured images/containers for individuals to run in the cloud. I
agree with Ryan that running an IRC proxy for someone else creates...
interesting privacy issues that may just hinder adoption of said solution.

--
Thierry Carrez (ttx)

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev



___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] znc as a service (was Re: [nova] Is the BP approval process broken?)

2014-09-03 Thread Ryan Brown
On 09/03/2014 09:35 AM, Sylvain Bauza wrote:
 Re: ZNC as a service, I think it's OK provided the implementation is
 open-sourced with openstack-infra repo group, as for Gerrit, Zuul and
 others.
 The only problem I can see is how to provide IRC credentials to this, as
 I don't want to share my creds up to the service.
 
 -Sylvain
There are more than just adoption (user trust) problems. An Open Source
implementation wouldn't solve the liability concerns, because users
would still have logs of their (potentially sensitive) credentials and
conversations on servers run by OpenStack Infra.

This is different from Gerrit/Zuul etc which just display code/changes
and run/display tests on those public items. There isn't anything
sensitive to be leaked there. Storing credentials and private messages
is a different story, and would require much more security work than
just storing code and test results.

-- 
Ryan Brown / Software Engineer, Openstack / Red Hat, Inc.

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] znc as a service (was Re: [nova] Is the BP approval process broken?)

2014-09-03 Thread Kashyap Chamarthy
On Wed, Sep 03, 2014 at 02:23:41PM +0200, Thierry Carrez wrote:
 Stefano Maffulli wrote:
  On 08/29/2014 11:17 AM, John Garbutt wrote:
  After moving to use ZNC, I find IRC works much better for me now, but
  I am still learning really.
  
  There! this sentence has two very important points worth highlighting:
  
  1- when people say IRC they mean IRC + a hack to overcome its limitation
  2- IRC+znc is complex, not many people are used to it
 
 Note that ZNC is not the only IRC proxy out there. Bip is also working
 quite well.

Yes, from practical experience, Bip has been very robust.
 
[. . .]

 We could at least document the steps required to set up a proxy. 

FWIW, I posted my local notes to configure bip IRC proxy[1] in a virtual
machine, and an example `/etc/bip.conf`[2]. /me has been using this
setup for about three years without any disruption.

 I agree with Ryan that running an IRC proxy for someone else
 creates... interesting privacy issues that may just hinder adoption of
 said solution.

  [1] https://kashyapc.fedorapeople.org/notes-bip-IRC-proxy/README
  [2] https://kashyapc.fedorapeople.org/notes-bip-IRC-proxy/bip.conf

--
/kashyap

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] znc as a service (was Re: [nova] Is the BP approval process broken?)

2014-09-03 Thread Clark Boylan
On Wed, Sep 3, 2014, at 07:26 AM, Ryan Brown wrote:
 On 09/03/2014 09:35 AM, Sylvain Bauza wrote:
  Re: ZNC as a service, I think it's OK provided the implementation is
  open-sourced with openstack-infra repo group, as for Gerrit, Zuul and
  others.
  The only problem I can see is how to provide IRC credentials to this, as
  I don't want to share my creds up to the service.
  
  -Sylvain
 There are more than just adoption (user trust) problems. An Open Source
 implementation wouldn't solve the liability concerns, because users
 would still have logs of their (potentially sensitive) credentials and
 conversations on servers run by OpenStack Infra.
 
 This is different from Gerrit/Zuul etc which just display code/changes
 and run/display tests on those public items. There isn't anything
 sensitive to be leaked there. Storing credentials and private messages
 is a different story, and would require much more security work than
 just storing code and test results.
 
 -- 
 Ryan Brown / Software Engineer, Openstack / Red Hat, Inc.
 
 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

This doesn't solve the privacy issues, but subway [0] was built
specifically to tackle the problem of making persistent IRC easy without
needing to understand screen/tmux or znc/bip.

Maybe we can sidestep the privacy concerns by providing scipts/puppet
manifests/disk image builder elements/something that individuals or
groups of people that have some form of trust between each other can use
to easily spin up something like subway for persistent access.
Unfortunately, this assumes that individuals or groups of people will
have a way to run a persistent service on a server of some sort which
may not always be the case.

[0] https://github.com/thedjpetersen/subway

Clark

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] znc as a service (was Re: [nova] Is the BP approval process broken?)

2014-09-03 Thread Spencer Krum
Here is a docker image that will bring up subway.


https://registry.hub.docker.com/u/nibalizer/subway/


On Wed, Sep 3, 2014 at 10:04 AM, Clark Boylan cboy...@sapwetik.org wrote:

 On Wed, Sep 3, 2014, at 07:26 AM, Ryan Brown wrote:
  On 09/03/2014 09:35 AM, Sylvain Bauza wrote:
   Re: ZNC as a service, I think it's OK provided the implementation is
   open-sourced with openstack-infra repo group, as for Gerrit, Zuul and
   others.
   The only problem I can see is how to provide IRC credentials to this,
 as
   I don't want to share my creds up to the service.
  
   -Sylvain
  There are more than just adoption (user trust) problems. An Open Source
  implementation wouldn't solve the liability concerns, because users
  would still have logs of their (potentially sensitive) credentials and
  conversations on servers run by OpenStack Infra.
 
  This is different from Gerrit/Zuul etc which just display code/changes
  and run/display tests on those public items. There isn't anything
  sensitive to be leaked there. Storing credentials and private messages
  is a different story, and would require much more security work than
  just storing code and test results.
 
  --
  Ryan Brown / Software Engineer, Openstack / Red Hat, Inc.
 
  ___
  OpenStack-dev mailing list
  OpenStack-dev@lists.openstack.org
  http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

 This doesn't solve the privacy issues, but subway [0] was built
 specifically to tackle the problem of making persistent IRC easy without
 needing to understand screen/tmux or znc/bip.

 Maybe we can sidestep the privacy concerns by providing scipts/puppet
 manifests/disk image builder elements/something that individuals or
 groups of people that have some form of trust between each other can use
 to easily spin up something like subway for persistent access.
 Unfortunately, this assumes that individuals or groups of people will
 have a way to run a persistent service on a server of some sort which
 may not always be the case.

 [0] https://github.com/thedjpetersen/subway

 Clark

 ___
 OpenStack-dev mailing list
 OpenStack-dev@lists.openstack.org
 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev




-- 
Spencer Krum
(619)-980-7820
___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


[openstack-dev] znc as a service (was Re: [nova] Is the BP approval process broken?)

2014-09-02 Thread Stefano Maffulli
On 08/29/2014 11:17 AM, John Garbutt wrote:
 After moving to use ZNC, I find IRC works much better for me now, but
 I am still learning really.

There! this sentence has two very important points worth highlighting:

1- when people say IRC they mean IRC + a hack to overcome its limitation
2- IRC+znc is complex, not many people are used to it

I never used znc, refused to install, secure and maintain yet another
public facing service. For me IRC is: be there when it happens or read
the logs on eavesdrop, if needed.

Recently I found out that there are znc services out there that could
make things simpler but they're not easy to join (at least the couple I
looked at).

Would it make sense to offer znc as a service within the openstack project?

-- 
Ask and answer questions on https://ask.openstack.org

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


Re: [openstack-dev] znc as a service (was Re: [nova] Is the BP approval process broken?)

2014-09-02 Thread Ryan Brown
On 09/02/2014 02:50 PM, Stefano Maffulli wrote:
 On 08/29/2014 11:17 AM, John Garbutt wrote:
 After moving to use ZNC, I find IRC works much better for me now, but
 I am still learning really.
 
 There! this sentence has two very important points worth highlighting:
 
 1- when people say IRC they mean IRC + a hack to overcome its limitation
 2- IRC+znc is complex, not many people are used to it
 
 I never used znc, refused to install, secure and maintain yet another
 public facing service. For me IRC is: be there when it happens or read
 the logs on eavesdrop, if needed.
 
 Recently I found out that there are znc services out there that could
 make things simpler but they're not easy to join (at least the couple I
 looked at).
 
 Would it make sense to offer znc as a service within the openstack project?
 

I would worry a lot about privacy/liability if OpenStack were to provide
ZNCaaS. Not being on infra I can't speak definitively, but I know I
wouldn't be especially excited about hosting  securing folks' private
data.

Eavesdrop just records public meetings, and the logs are 100% public so
no privacy headaches. Many folks using OpenStack's ZNCaaS would be in
other channels (or at least would receive private messages) and
OpenStack probably shouldn't take responsibility for keeping all those safe.

Just my 0.02 USD.
-- 
Ryan Brown / Software Engineer, Openstack / Red Hat, Inc.

___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev