New year, new site, new wiki

Matthew Dillon dillon at apollo.backplane.com
Wed Jan 7 17:29:59 PST 2009


:All the pages can be edited by anyone with commit access.  Web editing is
:right now limited to /docs/*.  Everything that's in docs/ now is material
:from the wiki, so we're not "exposing" anything new.  (you can write
:"PageSpecs" that specify what can and can't be edited.)
:
:The login for editing via the web is separate from developer logins; it
:uses its own system or OpenID (http://openid.net) to handle logins.  There
:is a separate plugin that can use checkpassword (or potentially
:checkpassword-pam, now that Peter's committed so much PAM work) to
:DragonFly) to authenticate against existing accounts on the machine, which
:would make having a leaf account the barrier to entry.  We'd want to set
:up https, though, and I don't really like the machine logins flying about
:over the net, even over https.

    Ok.  Definitely *NO* login password authentication, though.  Passwords
    aren't allowed on leaf accounts anyway, it's ssh or nothing, though
    for some reason the special mhonarc archiving account has a password
    on it.

    You can enable https with a dummy certificate.  Since only DFly 
    developers would use use it via https we don't need a full auth
    chain for it.

:Everyone seems OK with this, so my plan is:
:- finish remaining changes people have suggested (handbook cleanup, etc.)
:- Copy bare repository from shiningsilence.com to crater
:- Copy working repository to leaf
:- Install ikiwiki on leaf
:- Configure ikiwiki to use working repo on leaf
:- Configure ikiwiki to write out actual site on NFS share on crater
:- Configure ikiwiki to run CGI for editing on leaf
:- Step 3: Profit!
:
:Hopefully done by this weekend, depending on life.  I'll write up a
:document describing how to work with it all, too.

    Plus we have to make sure that CGI execution is disabled on crater's
    http.  It sounds like a good plan.

					    -Matt
					    Matthew Dillon 
					    <dillon at backplane.com>





More information about the Kernel mailing list