diff options
Diffstat (limited to 'zarb-ml/mageia-webteam/2011-February/000369.html')
| -rw-r--r-- | zarb-ml/mageia-webteam/2011-February/000369.html | 168 |
1 files changed, 168 insertions, 0 deletions
diff --git a/zarb-ml/mageia-webteam/2011-February/000369.html b/zarb-ml/mageia-webteam/2011-February/000369.html new file mode 100644 index 000000000..c10bebd21 --- /dev/null +++ b/zarb-ml/mageia-webteam/2011-February/000369.html @@ -0,0 +1,168 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-webteam] Forum installation (almost) complete + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-webteam%40mageia.org?Subject=Re%3A%20%5BMageia-webteam%5D%20Forum%20installation%20%28almost%29%20complete&In-Reply-To=%3C1298387368.20644.22.camel%40akroma.ephaone.org%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="000366.html"> + <LINK REL="Next" HREF="000370.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-webteam] Forum installation (almost) complete</H1> + <B>Michael Scherer</B> + <A HREF="mailto:mageia-webteam%40mageia.org?Subject=Re%3A%20%5BMageia-webteam%5D%20Forum%20installation%20%28almost%29%20complete&In-Reply-To=%3C1298387368.20644.22.camel%40akroma.ephaone.org%3E" + TITLE="[Mageia-webteam] Forum installation (almost) complete">misc at zarb.org + </A><BR> + <I>Tue Feb 22 16:09:27 CET 2011</I> + <P><UL> + <LI>Previous message: <A HREF="000366.html">[Mageia-webteam] Forum installation (almost) complete +</A></li> + <LI>Next message: <A HREF="000370.html">[Mageia-webteam] Forum installation (almost) complete +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#369">[ date ]</a> + <a href="thread.html#369">[ thread ]</a> + <a href="subject.html#369">[ subject ]</a> + <a href="author.html#369">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>Le mardi 22 février 2011 à 15:08 +0100, Maât a écrit : +><i> Le 22/02/2011 13:42, Michael Scherer a écrit : +</I>><i> > Hi, +</I>><i> > +</I>><i> > I finished the most part of the puppet deployment of the forum this +</I>><i> > night, as those who were idling on #mageia-sysadmin know. +</I>><i> \o/ great ! +</I>><i> +</I>><i> > So thanks to the work of Maat and ashledombos, we do have : +</I>><i> > - a git repository on <A HREF="git://git.mageia.org/forum/">git://git.mageia.org/forum/</A> ( write access : +</I>><i> > <A HREF="ssh://git.mageia.org/git/forum/">ssh://git.mageia.org/git/forum/</A> for them, as they requested ). Filled +</I>><i> > with what was sent to me last week. +</I>><i> > +</I>><i> > - the friteuse vm that hold the forum is hosted on alamut, for the +</I>><i> > moment, with a reverse proxy, on both http and https +</I>><i> > +</I>><i> We'll need perhaps to force a redirection for http to https (dunno is phpbb works well with both ways) +</I> +Well, I didn't want to force everybody just reading to go the https way. + +But that's a tricky problem to solve. + +><i> > - I had to remove ./install/, as asked by phpbb who refused to work. I +</I>><i> > do not know if there was something needed, it is still in git, just +</I>><i> > removed on the snapshot with rm ( I kept in git to ease the merge of +</I>><i> > code later ). +</I>><i> > +</I>><i> an other approach is to rename install -> noinstall and prevent completely access to noinstall with apache deny +</I>><i> +</I>><i> -> when we need to use again install a move noinstall -> install sets back the forum to maintenance mode +</I>><i> +</I>><i> (for better security controlling access to install with an ip whitelist or even a http based login against ldap would be nice) +</I> +http based login seems easier to manage. ip based whitelist is usually +bad the day you discover something urgent need to be done and you +cannot. + +Now, what is in install/ that would be used later ? + +><i> > What is left to do : +</I>><i> > +</I>><i> > - There is likely missing write permissions ( I have started to lock +</I>><i> > down and opened ./cache/, and it was sufficient to have something to +</I>><i> > see ) +</I>><i> > +</I>><i> Yup but we'll need also write access to upload dirs (for uploaded files, pictures, avatars, smilies...) +</I> +Yes, I just didn't look at where this should be done. +On the other hand, I have guessed most of them, as they are the one with +a .htaccess to prevent direct listing ( listing that are already +disabled on server ). + +><i> > - As using .htaccess cause performance penalty, I have not enabled them, +</I>><i> > but maybe part of them are required. In any case, we need to review them +</I>><i> > and add them to the apache configuration if needed. IIRC, most are just +</I>><i> > "do not go to this directory". +</I>><i> > +</I>><i> we need to rewrite, control accesses and other things like that. +</I> +Ie, like wordpress, the application write it's own rewriterule in +a .htaccess ? I have seen some stuff related to SEO with a module, but I +didn't look further. + +><i> If we don't use .htaccess then all these configs need to be moved to apache vhost config +</I> +IMHO, that's safer. + +><i> > - IMHO, a clearer separation of code and theme should be done, as for +</I>><i> > now, we do have everything in the same git repository +</I>><i> > +</I>><i> Ok but how ? +</I> +That's up to you to tell me. I see 2 possibility : +- 2 repositories ( one for code, one for theme ), with different access +right +- coordination with the web team for that ( ie decide when the code is +ready and when the theme is, and deploy accordingly ). Using 2 branch +could maybe help. + +It seems to me that trying to decouple both would be better, but that's +twice the admin work, and coordination is still required. + +( speaking of that, I also have to arrange a way to upgrade the code by +manual intervention and so on, I didn't forget ) + + +><i> > - registration on the forum without using identity, as we decided in +</I>><i> > this thread +</I>><i> > ( <A HREF="https://www.mageia.org/pipermail/mageia-sysadm/2010-November/000897.html">https://www.mageia.org/pipermail/mageia-sysadm/2010-November/000897.html</A> ) should +</I>><i> be disabled. I didn't went further but it didn't seemed to be the case ( at least, not in the interface ). +</I>><i> > +</I>><i> yes... at registration could be done but the created account would not be able to log in +</I> +IMHO, that mean the db will quickly be filled by spam bots. + +><i> > - prepare the migration to the vm at nfrance ( once it is ready ). This +</I>><i> > will requires some adjustments to some puppet modules, as we assumed +</I>><i> > that only one db server would be used. +</I>><i> > +</I>><i> ph34r the distance between db server (Marseille) and forum (Toulouse) +</I> +That's why we need a adjustment, I have started to rework the pgsql +module for that, but that's not as urgent as others tasks ( as deploying +wiki, bittorrent, etc ) + +( otoh, as phpbb seems to have a rather aggressive cache system, maybe +this will not be as horrible as it seems, or at least, this would be +sufficient for the start ). +-- +Michael Scherer + +</PRE> + + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="000366.html">[Mageia-webteam] Forum installation (almost) complete +</A></li> + <LI>Next message: <A HREF="000370.html">[Mageia-webteam] Forum installation (almost) complete +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#369">[ date ]</a> + <a href="thread.html#369">[ thread ]</a> + <a href="subject.html#369">[ subject ]</a> + <a href="author.html#369">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-webteam">More information about the Mageia-webteam +mailing list</a><br> +</body></html> |