sloecode-dev team mailing list archive

[Thomi Richards <thomir@xxxxxxxxx>]

Hi,

On 27/05/2011, Guy K. Kloss <guy.kloss@xxxxxxxxx> wrote:
>
> This works, once these two missing lines are placed within
> /etc/default/sloecode-production.ini from here [1]:
>
> bzr_deleted_project_root = %(bzr_root)s/deleted_project
> bzr_deleted_person_root = %(bzr_root)s/deleted_person
>

Yes, I have no clue why these new config diractives didn't make it
into the config file in the debian package. I'll take a look. Those
paths are the location for deleted repositories - we never delete
repos when users/projects are deleted, we just move them away...

>>  * How does the Sloecode web part co-exist with other web sites?
>>    (I'm already running Apache with mod_wsgi for the MoinMoin wiki, so
>> they
>>    may be integrable.)
>
> I have only gotten this to work so far by changing the port number on which
> sloecode serves the web sites. This is not really satisfactory, but should
> work for now.
>

Right now we're serving SC via paste-deploy, which is not the best
route. on my TODO list is to change the debian package setup so we
serve the web-app via apache, at which point integrating sloecode and
other websites on the same host should be easier. Using apache also
allows us to serve the web-app over HTTPS, which has obvious
advantages!

Note that in the future we're talking about integrating a wiki into
sloecode itself, so in the future you may not even want to run
moinmoin ;)

>>  * As the Sloecode bzr server is listening on SSH/port 22 connections, how
>>    does that co-exist with the normal SSH service?
>>    (Which is e. g. required for remote maintenance.)
>
> By changing the port number the sloecode SSH server listens on to 2222 it
> was
> possible to make it work. Although, due to firewall policies etc. this is
> not
> really a port one wants to use, as it is likely to be plugged by
> institutional
> admins. The only thing, which is still very sub-optimal, I can see now is to
> run my systems administrative SSH on another port.
>

There's no easy way to run both SSH services for remote admin and
sloecode SSH on the same port. The instance I have running works as
follows:

Sloecode listens on port 22
openssh-server listens on port 4022

This has a few advantages - The SSH server listening on port 22
accepts key-based authentication only, which brute-force crackers
don't use, while the potentially more vulnerable SSH server (if you
leave password authentication on, which I don't) is on an unusual port
(yeah yeah, I know, "security through obscurity", blah blah blah).


On a more general note - we're currently working on a few remaining
issues before we can release a 1.0 stable version. These include the
web-app hosting issues you mentioned above, and a database schema
upgrade system, so we can change the database and not break anything.

Cheers,