Participants ============ 1. guilhem 2. cloph 3. Brett 4. Ilmari 5. Dennis
Agenda ====== * PiTR + AI guilhem (from last call…): merge the branch and deploy on vm221 + guilhem+Brett+* to schedule a videochat some time in ≥late sept * chat system + [matrix] https://matrix.documentfoundation.org + talked with Philippe about https://www.nayego.net/ , based on XMPP - no mobile app (can use your own, without the shiny extensions) - no SSO + XMPP is also provided by JPBerlin for members; a quote from Sophie's mails to the members ml: - As a member of the Foundation, you can have a libreoffice.org account and register to free communication services: . an e-mail address with a fully-featured IMAP account with shared folder options, alternatively an e-mail forwarder . a Jabber/XMPP address for instant messaging . a SIP/VoIP account for voice conferencing - no SSO + Brett: one of the benefits of [matrix] vs. the various XMPP extensions is their nice mobile application (which is why people use Telegram) - https://conversations.im/ is a very good XMPP client, but maybe too confusing to set up all these different brands of clients - too many moving parts on a social level with XMPP - fragmentation due to the wide diversity of clients (and various XEP support), with [matrix] it's Riot on mobile and desktop and browser. E.g. Handling of messages when users are offline can vary drastically. + Kiwi bouncer service installation process now documented at https://github.com/kiwiirc/kiwibnc - Ilmari will attempt to set up a Kiwi IRC system on his own server and document the process - As we use freenode, SSO is not applicable (we would need to run our own IRCd - Inspircd supports ldap) . g: not necessarily, our sso-aware services don't use ldap (which alone doesn't give sso), they simply authenticate against our idp, and in principle I don't see why the authentication service couldn't do the same. exposing sso user credentials to a leaf service is not a good idea anyway (no other frontend uses ldap for that reason). + guilhem: would just like to agree on something that's not telegram. Brett: would just need to be as usable as telegram then * gerrit + more and more trouble with third-party OpenID providers . can now authenticate with TDF own OAuth2 IdP, cf. https://listarchives.libreoffice.org/global/website/msg15471.html + multiple identity providers increases likelihood account duplication, which is a pain both for users and for the infra team . eventually TDF's Single Sign-On system will be the only enable identity provider (required for 2.15 upgrade) + g: individually poked all ~100 duplicate account owners (based on preferred email address) . will merge as explained after Oct 1st (or earlier if account owner replied) + upgrade path (need to force authentication through TDF's SSO system first) 1. migrate to NoteDB first (to keep history in All-Users.git) 2. remove references to missing accounts (SSH keys etc) 3. remove external IDs other than mailto:, username:, and tdf-oauth: 4. resolve remaining email collisions → tested on the stage instance at https://gerrit-stage.documentfoundation.org/ + stats: last active #accounts in SSO ----------- ----------------- ≤7 days 57/ 79 (72.15%) ≤30 days 80/ 134 (59.70%) ≤90 days 100/ 203 (49.26%) ≤180 days 115/ 280 (41.07%) ≤730 days 167/ 706 (23.65%) anytime 207/2102 ( 9.85%) + who/when to poke? - cloph to remind people at the ESC - guilhem to individually poke folks who were last active in the past 90 days + convenience URLs https://git.libreoffice.org/$REPO/commit/$COMMIT_ID (and also tree, log, diff, blame) - can be used automatic messages (IRC, BZ mail) - maybe also in gerrit links - cloph: have that already: https://redmine.documentfoundation.org/issues/2200 . hub.libreoffice.org/git-repo/hash, but that's for the history not the diff . git.libreoffice.org/core/+/hash or git.libreoffice.org/core/+log/master - a little easier/shorter than plugin/gitlies URL, but maybe not so portable . even already have https://git.libreoffice.org/core/commit/749405af4 and others (log, history, blame) — (guess I misunderstood and that item was announcement of those redirects/convenience URLs :-)) - dennis: tdf.io? → not really the usecase here * Possible spare hardware temporary offer + testbed to try out different setups for the lower layers of the virt stack (i.e. for hypervisor testing) + wishlist: 2/3 machines with a 10G link in between, RDMA nice but not required, fast drives or combination HDD/SSD * Mac buildbot (tb69) + Brett kindly offered to host it + rdm#2962 give VPN creds + cloph: it's enough to upgrade the box, no need to nuke and reinstall + AI guilhem: ask admin creds from Norbert and share with Brett + AI Brett: upgrade the OS to the most recent baseline + no salt states for non-linux boxes; will manually upgrade and lode will the do the rest for the tb setup * Attic [Dennis] + Some issues with messed-up unicode links, weird usernames (broken authorship refint) + Dennis to fix, then Guilhem to nuke the test DB and reimport (and later deploy to prod) * Next call: Tue Oct 15 16:30:00 UTC 2019 -- Guilhem. -- To unsubscribe e-mail to: [email protected] Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette List archive: https://listarchives.libreoffice.org/global/website/ Privacy Policy: https://www.documentfoundation.org/privacy
