Râu Cao raucao
  • Joined on 2018-11-24
raucao created pull request kosmos/gitea.kosmos.org#45 2020-02-15 16:10:17 +00:00
Update Gitea to 1.11.0
raucao pushed to chore/update_gitea at kosmos/gitea.kosmos.org 2020-02-15 16:09:14 +00:00
21e158737d Update Gitea to 1.11.0
raucao commented on issue kosmos/chef#123 2020-02-15 14:44:08 +00:00
Enable LDAP support on ejabberd

I was able to find it easily from just a user's description in that issue, so uploading a screenshot after we've done the normal switch should be enough. Please don't spend so much time on this detail. Thanks.

raucao commented on issue kosmos/chef#123 2020-02-14 18:19:43 +00:00
Enable LDAP support on ejabberd

The Conversations issue contains a screenshot of it, no?

raucao commented on issue kosmos/chef#123 2020-02-14 16:10:36 +00:00
Enable LDAP support on ejabberd

OK, so then we need to document exactly what you just commented on the wiki and have a section for Conversations users to explain how to accept the downgrade.

raucao commented on issue kosmos/chef#132 2020-02-14 16:07:11 +00:00
Enable LDAP for the XMPP 5apps.com vhost

So just because of a single additional line per host it doesn't make sense to split out all the rest?

raucao commented on issue kosmos/gitea.kosmos.org#44 2020-02-14 16:04:46 +00:00
Generate the ini config file from environment variables?

We’d have to deal with environment variables that have to stay a secret

raucao commented on issue kosmos/chef#131 2020-02-13 23:44:52 +00:00
Set the ACIs on the base DN

LGTM

raucao commented on issue kosmos/chef#123 2020-02-13 23:43:54 +00:00
Enable LDAP support on ejabberd

Just FYI: the tasks in the PR description are not up to date. Some have been done already, and they're missing the LDAP+SASL research for example.

raucao commented on issue kosmos/chef#132 2020-02-13 23:42:38 +00:00
Enable LDAP for the XMPP 5apps.com vhost

I don't think any other pro customer would have their users get global admin accounts for the entire Kosmos XMPP server.

raucao commented on issue kosmos/chef#132 2020-02-13 23:42:38 +00:00
Enable LDAP for the XMPP 5apps.com vhost

Why should we add content to the main config file instead of adding separate files for every vhost?

raucao commented on issue kosmos/chef#123 2020-02-07 17:58:49 +00:00
Enable LDAP support on ejabberd

LGTM. Then again, I don't know enough about LDAP to have a good opinion on these things.

raucao commented on issue kosmos/chef#91 2020-02-07 17:22:54 +00:00
Only enable debug logs for sockethub in the systemd unit

We should also make sure that no personal data or communications are logged there.

raucao opened issue kosmos/chef#130 2020-02-07 17:21:46 +00:00
Remove CleanTalk from wiki.kosmos.org
raucao commented on issue kosmos/meta#12 2020-02-07 17:19:20 +00:00
Kosmos Hack Days 2020/1
raucao commented on issue kosmos/chef#128 2020-02-07 15:25:09 +00:00
LDAP users should only be able to change their own password

OK, but then they still don't need to be able to change their email address.

raucao commented on issue kosmos/chef#129 2020-02-07 15:23:47 +00:00
Encrypt user data at rest

Regarding ecryptfs, that's what I meant with faster on HDDs, but didn't explain in detail:

raucao commented on issue kosmos/chef#128 2020-02-06 21:42:12 +00:00
LDAP users should only be able to change their own password

The title of this issue is still misleading. LDAP users shouldn't be able to directly change anything in the directory. They should always go through akkounts, and I think we should enforce 2FA there for everyone as well.

raucao opened issue kosmos/chef#129 2020-02-06 21:40:07 +00:00
Encrypt user data at rest
raucao commented on issue kosmos/chef#127 2020-02-06 16:57:39 +00:00
Change LDAP directory structure to accommodate multiple domains

It's not so much about if the account is enabled, but when to send a message to donate again.