sloecode-dev team mailing list archive
-
sloecode-dev team
-
Mailing list archive
-
Message #00020
Re: Sloecode install on Debian Squeeze
Hi,
On 27/05/2011, Guy K. Kloss <guy.kloss@xxxxxxxxx> wrote:
>
> This works, once these two missing lines are placed within
> /etc/default/sloecode-production.ini from here [1]:
>
> bzr_deleted_project_root = %(bzr_root)s/deleted_project
> bzr_deleted_person_root = %(bzr_root)s/deleted_person
>
Yes, I have no clue why these new config diractives didn't make it
into the config file in the debian package. I'll take a look. Those
paths are the location for deleted repositories - we never delete
repos when users/projects are deleted, we just move them away...
>> * How does the Sloecode web part co-exist with other web sites?
>> (I'm already running Apache with mod_wsgi for the MoinMoin wiki, so
>> they
>> may be integrable.)
>
> I have only gotten this to work so far by changing the port number on which
> sloecode serves the web sites. This is not really satisfactory, but should
> work for now.
>
Right now we're serving SC via paste-deploy, which is not the best
route. on my TODO list is to change the debian package setup so we
serve the web-app via apache, at which point integrating sloecode and
other websites on the same host should be easier. Using apache also
allows us to serve the web-app over HTTPS, which has obvious
advantages!
Note that in the future we're talking about integrating a wiki into
sloecode itself, so in the future you may not even want to run
moinmoin ;)
>> * As the Sloecode bzr server is listening on SSH/port 22 connections, how
>> does that co-exist with the normal SSH service?
>> (Which is e. g. required for remote maintenance.)
>
> By changing the port number the sloecode SSH server listens on to 2222 it
> was
> possible to make it work. Although, due to firewall policies etc. this is
> not
> really a port one wants to use, as it is likely to be plugged by
> institutional
> admins. The only thing, which is still very sub-optimal, I can see now is to
> run my systems administrative SSH on another port.
>
There's no easy way to run both SSH services for remote admin and
sloecode SSH on the same port. The instance I have running works as
follows:
Sloecode listens on port 22
openssh-server listens on port 4022
This has a few advantages - The SSH server listening on port 22
accepts key-based authentication only, which brute-force crackers
don't use, while the potentially more vulnerable SSH server (if you
leave password authentication on, which I don't) is on an unusual port
(yeah yeah, I know, "security through obscurity", blah blah blah).
On a more general note - we're currently working on a few remaining
issues before we can release a 1.0 stable version. These include the
web-app hosting issues you mentioned above, and a database schema
upgrade system, so we can change the database and not break anything.
Cheers,
Follow ups
References