Elsewhere

Daniel Pocock: Free and open WebRTC for the Fedora Community

Planet Debian - Mon, 18/05/2015 - 19:48

In January 2014, we launched the rtc.debian.org service for the Debian community. An equivalent service has been in testing for the Fedora community at FedRTC.org.

Some key points about the Fedora service:

  • The web front-end is just HTML, CSS and JavaScript. PHP is only used for account creation, the actual WebRTC experience requires no server-side web framework, just a SIP proxy.
  • The web code is all available in a Github repository so people can extend it.
  • Anybody who can authenticate against the FedOAuth OpenID is able to get a fedrtc.org test account immediately.
  • The server is built entirely with packages from CentOS 7 + EPEL 7, except for the SIP proxy itself. The SIP proxy is reSIProcate, which is available as a Fedora package and builds easily on RHEL / CentOS.
Testing it with WebRTC

Create an RTC password and then log in. Other users can call you. It is federated, so people can also call from rtc.debian.org or from freephonebox.net.

Testing it with other SIP softphones

You can use the RTC password to connect to the SIP proxy from many softphones, including Jitsi or Lumicall on Android.

Copy it

The process to replicate the server for another domain is entirely described in the Real-Time Communications Quick Start Guide.

Discuss it

The FreeRTC mailing list is a great place to discuss any issues involving this site or free RTC in general.

WebRTC opportunities expanding

Just this week, the first batch of Firefox OS televisions are hitting the market. Every one of these is a potential WebRTC client that can interact with free communications platforms.

Categories: Elsewhere

Jim Birch: Learn by Listening, a Guide to Drupal Podcasts

Planet Drupal - Mon, 18/05/2015 - 13:00

While I read a lot, as much as I can about Drupal and Web Development, I feel like I learn even more when I listen. So, while driving to work, or while working out on the treadmill, I listen as much as I can to the great folks below that dedicate their time every week to discussing, training, interviewing, and spreading their knowledge.

Acquia Podcasts

Acquia's Open Source Evangelist, Jeffrey "jam" McGuire, gives quick interviews of Drupal community members from conferences and events all around the world.  But looking deeper into Acquia's site, you may also stumble upon jam's Drupal Camp in which Mr. McGuire curates great sessions and presentations from previous camps and cons; Power of PHP which is a PHP focused, more technical collection of talks; and a podcast about Drupal 8.

Read more

Categories: Elsewhere

Raphaël Hertzog: Freexian’s report about Debian Long Term Support, April 2015

Planet Debian - Mon, 18/05/2015 - 11:58

Like each month, here comes a report about the work of paid contributors to Debian LTS.

Individual reports

In April, 81.75 work hours have been dispatched among 5 paid contributors (20.75 hours where unused hours of Ben and Holger that were re-dispatched to other contributors). Their reports are available:

Evolution of the situation

May has seen a small increase in terms of sponsored hours (66.25 hours per month) and June is going to do even better with at least a new gold sponsor. We will have no problems sustaining the increased workload it implies since three Debian developers joined the team of contributors paid by Freexian (Antoine Beaupré, Santiago Ruano Rincón, Scott Kitterman).

The Jessie release probably shed some light on the Debian LTS project since we announced that Jessie will benefit from 5 years of support. Let’s hope that the trend will continue in the following months and that we reach our first milestone of funding the equivalent of a half-time position.

In terms of security updates waiting to be handled, the situation is a bit contrasted: the dla-needed.txt file lists 28 packages awaiting an update (12 less than last month), the list of open vulnerabilities in Squeeze shows about 60 affected packages in total (4 more than last month). The extra hours helped to make a good stride in the packages awaiting an update but there are many new vulnerabilities waiting to be triaged.

Thanks to our sponsors

The new sponsors of the month are in bold.

No comment | Liked this article? Click here. | My blog is Flattr-enabled.

Categories: Elsewhere

Web Omelette: Adding new HTML tags in the <head> in Drupal 8

Planet Drupal - Mon, 18/05/2015 - 09:05

In a previous article I've shown you how you can add new html elements to the <head> of your Drupal 7 site. Recently, however, I was working on a Drupal 8 project and encountered the need to do this in D8. And it took me a while to figure it out so I thought I'd share the process with you.

As you know, in Drupal 7 we use drupal_add_html_head() from anywhere in the code to add a rendered element into the <head>. This is done by passing a render array and most of the time you'll use the type #tag. In Drupal 8, however, we no longer have this procedural function so it can be a bit tricky to find out how this is done.

Although existing in Drupal 7 as well, the #attached key in render arrays really becomes important in D8. We can no longer add any scripts or stylesheets to any page without such proper attachment to render arrays. In my last article I've shown you how to add core scripts to pages in case they were missing (which can happen for anonymous users). In essence, it is all about libraries now that get attached to render arrays. So that is most of what you'll hear about.

But libraries are not the only thing you can attach to render arrays. You can also add elements to the head of the page in a similar way you'd attach libraries. So if we wanted to add a description meta tag to all of the pages on our site, we could implement hook_page_attachments() like so:

/** * Implements hook_page_attachments(). */ function module_name_page_attachments(array &$page) { $description = [ '#tag' => 'meta', '#attributes' => [ 'name' => 'description', 'content' => 'This is my website.', ], ]; $page['#attached']['html_head'][] = [$description, 'description']; }

In the example above we are just adding a dummy description meta tag to all the pages. You probably won't want to apply that to all the pages though and rather have the content of the description tag read the title of the current node. In this case you can implement hook_entity_view() like so:

/** * Implements hook_entity_view(). */ function demo_entity_view(array &$build, \Drupal\Core\Entity\EntityInterface $entity, \Drupal\Core\Entity\Display\EntityViewDisplayInterface $display, $view_mode, $langcode) { if ($entity->getEntityTypeId() !== 'node') { return; } $description = [ '#tag' => 'meta', '#attributes' => [ 'name' => 'description', 'content' => \Drupal\Component\Utility\SafeMarkup::checkPlain($entity->title->value), ], ]; $build['#attached']['html_head'][] = [$description, 'description']; }

Now you targeting the node entities and using their titles as the content for the description meta tag. And that is pretty much it.

Hope this helps.

In Drupal 8 var switchTo5x = true;stLight.options({"publisher":"dr-8de6c3c4-3462-9715-caaf-ce2c161a50c"});
Categories: Elsewhere

Drupal core announcements: Drupal core security release window on Wednesday, May 20

Planet Drupal - Mon, 18/05/2015 - 07:02
Start:  2015-05-20 (All day) America/New_York Online meeting (eg. IRC meeting) Organizers:  David_Rothstein

The monthly security release window for Drupal 6 and Drupal 7 core will take place on Wednesday, May 20.

This does not mean that a Drupal core security release will necessarily take place on that date for either the Drupal 6 or Drupal 7 branches, only that you should prepare to look out for one (and be ready to update your Drupal sites in the event that the Drupal security team decides to make a release).

There will be no bug fix/feature release on this date; the next window for a Drupal core bug fix/feature release is Wednesday, June 3.

For more information on Drupal core release windows, see the documentation on release timing and security releases, and the discussion that led to this policy being implemented.

Categories: Elsewhere

Dirk Eddelbuettel: random 0.2.4

Planet Debian - Mon, 18/05/2015 - 04:59

A new release of random package for truly (hardware-based) random numbers as provided by random.org is now on CRAN.

The R 3.2.0 release brought the change to use an internal method="libcurl" which we are using if available; else the curl::curl() method added in release 0.2.4 is used. We are also a little more explicit about closing connection, and added really basic regression tests -- as it is hard to test hardware-based RNGs draws.

Courtesy of CRANberries comes a diffstat report for this release. Current and previous releases are available here as well as on CRAN.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Categories: Elsewhere

Drupal for Government: From spreadsheet to citizen government with Drupal - Volume 1 - Feeds

Planet Drupal - Mon, 18/05/2015 - 01:31

Thanks to the local Charlottesville GOP we have a FOIA'ed copy Charlottesville city hall expenses.  It's a small windows in to how our city staff spends money.  Without putting any value judgements on the numbers themselves, let's look at how to go from a spreadsheet to pretty charts and maps!  

Categories: Elsewhere

Another Drop in the Drupal Sea: DrupalCon LA Saturday Recap

Planet Drupal - Sun, 17/05/2015 - 23:18

I headed to the Saturday sprint after completing my workout, showering, eating breakfast and packing my bags. Eventually, there were probably at least 30 people at the sprint. I worked a bit more on a patch I submitted to the Flag module and eventually started working on testing the changes I pushed to OG Forum D7. Unfortunately, they changes appeared to be doing absolutely nothing. I didn't figure out what I was overlooking before I had to leave.

read more

Categories: Elsewhere

Lunar: Reproducible builds: week 3 in Stretch cycle

Planet Debian - Sun, 17/05/2015 - 17:39

What happened about the reproducible builds effort for this week:

Toolchain fixes

Tomasz Buchert submitted a patch to fix the currently overzealous package-contains-timestamped-gzip warning.

Daniel Kahn Gillmor identified #588746 as a source of unreproducibility for packages using python-support.

Packages fixed

The following 57 packages became reproducible due to changes in their build dependencies: antlr-maven-plugin, aspectj-maven-plugin, build-helper-maven-plugin, clirr-maven-plugin, clojure-maven-plugin, cobertura-maven-plugin, coinor-ipopt, disruptor, doxia-maven-plugin, exec-maven-plugin, gcc-arm-none-eabi, greekocr4gamera, haskell-swish, jarjar-maven-plugin, javacc-maven-plugin, jetty8, latexml, libcgi-application-perl, libnet-ssleay-perl, libtest-yaml-valid-perl, libwiki-toolkit-perl, libwww-csrf-perl, mate-menu, maven-antrun-extended-plugin, maven-antrun-plugin, maven-archiver, maven-bundle-plugin, maven-clean-plugin, maven-compiler-plugin, maven-ear-plugin, maven-install-plugin, maven-invoker-plugin, maven-jar-plugin, maven-javadoc-plugin, maven-processor-plugin, maven-project-info-reports-plugin, maven-replacer-plugin, maven-resources-plugin, maven-shade-plugin, maven-site-plugin, maven-source-plugin, maven-stapler-plugin, modello-maven-plugin1.4, modello-maven-plugin, munge-maven-plugin, ocaml-bitstring, ocr4gamera, plexus-maven-plugin, properties-maven-plugin, ruby-magic, ruby-mocha, sisu-maven-plugin, syncache, vdk2, wvstreams, xml-maven-plugin, xmlbeans-maven-plugin.

The following packages became reproducible after getting fixed:

Some uploads fixed some reproducibility issues but not all of them:

Ben Hutchings also improved and merged several changes submitted by Lunar to linux.

reproducible.debian.net

Mattia Rizzolo modified the script added last week to reschedule a package from Alioth, a reason can now be optionally specified.

Holger Levsen splitted the package sets page so each set now has its own page. He also added new sets for Java packages, Haskell packages, Ruby packages, debian-installer packages, Go packages, and OCaml packages.

Reiner Herrmann added locales-all to the set of packages installed in the build environment as its needed to properly identify variations due to the current locale.

Holger Levsen improved the scheduling so new uploads get tested sooner. He also changed the .json output that is used by tracker.debian.org to lists FTBFS issues again but only for issues unrelated to the toolchain or our test setup. Amongst many other small fixes and additions, the graph colors should now be more friendly to red-colorblind people.

The fix for pbuilder given in #677666 by Tim Landscheidt is now used. This fixed several FTBFS for OCaml packages.

Work on rebuilding with different CPU has continued, a “kvm-on-kvm” build host has been set been set up for this purpose.

debbindiff development

Version 19 of debbindiff included a fix for a regression when handling info files.

Version 20 fixes a bug when diffing files with many differences toward a last line with no newlines. It also now uses the proper encoding when writing the text output to a pipe, and detects info files better.

Documentation update

Thanks to Santiago Vila, the unneeded -depth option used with find when fixing mtimes has been removed from the examples.

Package reviews

113 obsolete reviews have been removed this week while 77 has been added.

Categories: Elsewhere

Paul Johnson: Could VR tech make a child's dying wishes come true?

Planet Drupal - Sun, 17/05/2015 - 17:11

For over a year I have had the honour of being responsible for delivering 2 new web platforms for Great Ormond Street Hospital for Children NHS Foundation Trust (GOSH), the hospital and charity websites. During that time I've witness and learnt so much about the exemplary way they care for children, their families from both a medical and pastoral perspective. The good news is that now, using open source content management system called Drupal, they are now in a position to have a web presence which adequatley supports and reflects their internationally celebrated work.

One of the inevitable aspects of treating children with the most severe illnesses is sadly not every child can be made better. It is a reality which has hit me hard the whole time I've worked for GOSH.

Whilst I was at DrupalCon Los Angeles I met Joe Caccavano, CMO at Phase2, who was showing me an curious device having 6 GoPro array of cameras strapped together into a single head. With it something remarkable is possible. Watching footage taken during the conference with the GoPros using a VR headset (just an android phone) allowed me to immerse myself into a virtual world - try it for yourself. For those of you who have tried this, perhaps you shared my pulse raising hair on the back of your neck standing up reaction. It literally felt like I was there, on the drone from which the footage had been shot.

That moment I had an epiphany. I thought about sick children, how film and TV personalities generously visit them or send video messages with well wishes. What if the GoPro camera array captured a child's idol speaking to the camera as if it were the child? Using the child's name, speaking to them (well the camera). Imagine how lifting that would be to a kid, who perhaps couldn't leave bed or due to infection risk couldn't have visitors. They could repeat the experience too. How amazing would that be? Not only this, busy stars could do shoots from anywhere in the world.

The great news is that thanks to Google the technology to watch these films is now so cheap anyone can afford it - £4.99! All that remains is for someone to try my idea out. I will certainly be letting GOSH know of the concept, perhaps you know of a children's hospital or hospice who could do the same.

If this idea has inspired you please share it on social media, with your help maybe the idea will reach someone who could make it happen.

Joe Caccavano, CMO at Phase2, with his 6 camera GoPro Array

VR tech is now in the realms of being affordable to many

Further information: Great Ormond Street Hospital for Children NHS Foundation TrustGreat Ormond Street Hospital CharityGoogle Cardboard's Cheap VR Can Work With iPhones TooAbout the Drupal project
Categories: Elsewhere

Andrew Pollock: [debian] Fixing some issues with changelogs.debian.net

Planet Debian - Sun, 17/05/2015 - 16:42

I got an email last year pointing out a cosmetic issue with changelogs.debian.net. I think at the time of the email, the only problem was some bitrot in PHP's built-in server variables making some text appear incorrectly.

I duly added something to my TODO list to fix it, and it subsequently sat there for like 13 months. In the ensuing time, Debian changed some stuff, and my code started incorrectly handling a 302 as well, which actually broke it good and proper.

I finally got around to fixing it.

I also fixed a problem where sometimes there can be multiple entries in the Sources file for a package (switching to using api.ftp-master.debian.org would also address this), which caused sometimes caused an incorrect version of the changelog to be returned.

In the resulting tinkering, I learned about api.ftp-master.debian.org, which is totally awesome. I could stop maintaining and parsing a local copy of sid's Sources file, and just make a call to this instead.

Finally, I added linking to CVEs, because it was a quick thing to do, and adds value.

In light of api.ftp-master.debian.org, I'm very tempted to rewrite the redirector. The code is very old and hard for present-day Andrew to maintain, and I despise PHP. I'd rather write it in Python today, with some proper test coverage. I could also potentially host it on AppEngine instead of locally, just so I get some experience with AppEngine

It's also been suggested that I fold the changes into the changelog hosting on ftp-master.debian.org. I'm hesitant to do this, as it would require changing the output from plain text to HTML, which would mess up consumers of the plain text (like the current implementation of changelogs.debian.net)

Categories: Elsewhere

DrupalCon News: Thanks for Drupaling!

Planet Drupal - Sun, 17/05/2015 - 03:29

After a fantastic week, we are exhausted but so pumped about all of the awesome things that happened at DrupalCon Los Angeles.  We hope you had an amazing and enriching time and would love to hear your thoughts so we can make the upcoming Cons even better.  

Check out the DrupalCon Los Angeles Survey and say those words.

Categories: Elsewhere

Drupal Association News: What's new on Drupal.org - April 2015

Planet Drupal - Sat, 16/05/2015 - 20:45

Look for links to our Strategic Roadmap highlighting how this work falls into our priorities set by the Drupal Association Board and Drupal.org Working Groups.

Better account creation Community User Role Expanded

The community user role which we introduced in March will now be automatically granted to users who reach a certain level of participation on Drupal.org. While the exact activities that can grant this role will not be explicitly published (as we do with other spam prevention measures) the activities are representative of those an engaged community member would take while participating on Drupal.org.

Existing users who have already reached the required level of contribution will receive the role upon their next activity on Drupal.org. As of the end of April the automatic role granting had extended the Community user role to more than 5000 users.

Content Strategy and Visual Design System for Drupal.org

and

Making Drupal.org Search Usable

During April the Association staff focused on communicating the results and recommendations of our Content Strategy work with the Working Groups and the Drupal Association Board of Directors.

A deep investigation of the current organization of content on Drupal.org, the workflow provided by Drupal.org for our User Personas, and the governance of content on Drupal.org has brought us to a comprehensive proposal for the future state of Drupal.org.

These proposals involve creating new sections on Drupal.org that better match to common user activities and better content types to support those activities. As we begin organizing Drupal.org into new and updated content types we’ll also be rolling in our initiative to improve search on Drupal.org. As we work on each content type we’ll be assessing the search facets for each type.

The next step to move this proposal forward has been to create issues for the specific proposals that have evolved from the content strategy project to date and the feedback from the Working Groups.

This issue and child issues that follow are based on the findings of the Content Strategy project performed by the Drupal Association staff in partnership with Forum One Communications during December 2014 - April 2015.

Community Initiatives (D8 Blockers) DrupalCI

Drupal Association staff and community volunteers have continued pushing hard to get DrupalCI production ready and integrated with Drupal.org.

The community helped tremendously by providing some formal guidance into the minimum viable and ideal state of the test environments.
Association staff has the primary environment successfully running all tests, and will be working on the additional environments as well as the Drupal.org integration in the run up to DrupalCon Los Angeles.

Again - tremendous thanks to our community volunteers who sprinted with us in Portland: Jeremy Thorson, Nick Schuch, Bastian Widmer, Ricardo Amaro, Paul Mitchum, Mike Prasuhn, Karoly Negyesi-- and to Shayamala Rajaram, Angie Byron, and Jonathan Hedstrom who helped us from afar!

Localize.Drupal.org

In partnership with the community members who have been working on the port of localize.Drupal.org to Drupal 7, association staff have been working to get this migration across the finish line.

We focused fire on the issues found in click-testing, and hope to deploy localize.Drupal.org on Drupal 7 in May.

Revenue-related projects (funding our work) Try Drupal

We’ve created Try Drupal with our Premium Hosting Supporters to make it easier for CMS evaluators and Drupal.org newcomers to test and work with a Drupal demo site. The Program will showcase a selection of Hosting Companies where a new user can quickly (in less than 20 minutes) sign up and have a Drupal demo site up and running for them to use for free.

DrupalCons

It’s almost time for DrupalCon Los Angeles! In the run up to DrupalCon Los Angeles we’ve been fixing bugs on Events.Drupal.org and preparing for the launch of the DrupalCon Barcelona full site.

We’ve also just started planning out our work for the next Cons to be announced at DrupalCon Los Angeles - more to come there after Los Angeles!

Sustaining Support and Maintenance Pre-Production Infra Rebuild

An issue was reported to the Drupal.org infrastructure team that uncovered an installed rootkit on our pre-production (dev and staging) environment on April 19th. We stopped all services on these servers. The access was gained through an open VNC port on our OpenStack environment that allowed hijacking of an open console session. The attacker was attempting to create a distributed denial of service (DDoS) attack on targeted IPs.

There is no evidence that information was taken from our staging database or that user information was compromised.

To ensure site integrity, we rebuilt our staging and development environments. Our infrastructure team took the opportunity during the rebuild to address some best practices and better security configuration options. The majority of these environments are now on Amazon Web Services. Particularly for our development environments, this gives us options for more easily scaling up and down our development needs, and gives us more separation between production and pre-production servers.

---
As always, we’d like to say thanks to all volunteers who are working with us and to the Drupal Association Supporters, who made it possible for us to work on these projects.

Follow us on Twitter for regular updates: @drupal_org, @drupal_infra.

Categories: Elsewhere

Addison Berry: Getting Started as a Board Director

Planet Drupal - Sat, 16/05/2015 - 20:06

A few months ago I ran for, and won, a seat on the Drupal Association (DA) Board as an At-Large Director. I'd like to share my journey with everyone, both to provide another look into the work that the board does, and to understand what it's like to be a new board member. I've now attended two board meetings (April and May) and taken part in my first board retreat, the weekend before DrupalCon LA. There's a lot going on, so I'll break this up into several posts.

On-boarding

Once I was elected, and the board confirmed the election results, Holly contacted me to let me know just before announcing it to the entire community. Shortly after that we scheduled a time to get on the phone, and I started getting access to a bunch of documents. I mean a whole bunch!

That first call with Holly was great for getting me oriented. She walked me through logistical things like board meetings, communication, necessary paperwork, and pointing me in the right direction with the documents to look at for various topics and back story. She also asked if I'd ever served on a board before, which I had not, and took time to explain what that means in terms of expectations for board members (things like publicly representing the board and identifying conflicts of interest). She also gave me a summary of the major topics from the last board retreat, which had occurred in January. She continued from there to summarize the big issues that the board was in the middle of discussing and working on, with an idea of what topics we were looking to tackle during the LA retreat in May. This was incredibly useful to prepare me for my first board meeting. I caught up on details by reading the minutes from the January retreat and this year's monthly board meetings. I didn't have many questions after my on-boarding and I felt prepared to dive into the conversations that were already ongoing.

One thing that I did right after that call was to set up times to chat one-on-one with the DA staff leadership team. I wanted to hear from each of them what they were working on, and understand what they needed to get from the board (and therefore me) to do their jobs better. It was a great introduction to the work that the staff takes on every day, and helped me clarify what I need to keep focused on to help them. It was also just awesome to get to know them a little more as people, which can be hard to do in our crazy, busy schedules.

Board Email

In addition to documents and phone calls, I was also added to the board email list. It is a pretty low traffic list, but I got to see a few conversations run through there prior to my first meeting. We had a thread to help clarify what info we needed to have for the meeting, and that board members should read reports ahead of time so we could get straight to things in the meeting itself. In addition to internal process things like that, this is also a place where members can raise issues they think we need to discuss or vote on in a meeting.

First Board Meeting

I was elected just a few weeks before the April board meeting, and I wasn't required to attend that meeting since I was still getting up and running, but I wanted to dive in. Board members are expected to make all monthly board meetings, with at least 10 a year being the minimum to attend. The time is a set time, and so one thing I knew before I even nominated myself was that I would need to make space for this 2-hour call every month on a Wednesday night from 9pm–11pm (since I live in Denmark).

A few days before each board meeting we all receive a meeting packet which has the agenda, phone connection info, links to any presentations or documents we should review, and a list of the DA key performance indicators (KPIs). This board packet is publicly available as well, and you can check them out yourself and even listen in on the board meeting. I spent some time to read everything over and think about what I might want to bring up in the conversation during the meeting.

I didn't have a whole lot to say as I was just trying to absorb as much as I could. We did however discuss releasing the election results, which I obviously had some thoughts about, having just come through the election process. This issue was a good example of how the DA works with community feedback. We have never released election data in the past, and we hadn't made that an expectation for candidates, so when people asked for the data, we couldn't just hand it out with considering a few things. I think we came up with a good solution to be able to release the data for this election, and we now have a plan in place to incorporate this in future elections. You can read more about this decision in Holly's post 2015 At-Large Election Data Released.

The first part of every board meeting is public (as mentioned above). After the public section, we drop off the phone and meet on another phone line with just the board, Holly, and needed staff. This is a place for us to discuss things that are still in progress, or to handle internal board matters. On this particular call we discussed things like reviewing the Q1 financials and and giving updates on board members' efforts to help raise funds for D8 Accelerate.

In my next post I'll give a rundown of the board retreat and my board experience at DrupalCon LA. A lot of people have asked me how I feel about being on the board after the retreat, and I have to say that I'm very happy. I felt the level and direction of conversation was great. I'll talk more about what that was, and why I'm so pleased, especially compared to my previous DA experience from many years ago.

drupal associationdrupal
Categories: Elsewhere

Ian Campbell: A vhosting git setup with gitolite and gitweb

Planet Debian - Sat, 16/05/2015 - 19:52

Since gitorious' shutdown I decided it was time to start hosting my own git repositories for my own little projects (although the company which took over gitorious has a Free software offering it seems that their hosted offering is based on the proprietary version, and in any case once bitten, twice shy and all that).

After a bit of investigation I settled on using gitolite and gitweb. I did consider (and even had a vague preference for) cgit but it wasn't available in Wheezy (even backports, and the backport looked tricky) and I haven't upgraded my VPS yet. I may reconsider cgit this once I switch to Jessie.

The only wrinkle was that my VPS is shared with a friend and I didn't want to completely take over the gitolite and gitweb namespaces in case he ever wanted to setup git.hisdomain.com, so I needed something which was at least somewhat compatible with vhosting. gitolite doesn't appear to support such things out of the box but I found an interesting/useful post from Julius Plenz which included sufficient inspiration that I thought I knew what to do.

After a bit of trial and error here is what I ended up with:

Install gitolite

The gitolite website has plenty of documentation on configuring gitolite. But since gitolite is in Debian its even more trivial than even the quick install makes out.

I decided to use the newer gitolite3 package from wheezy-backports instead of the gitolite (v2) package from Wheezy. I already had backports enabled so this was just:

# apt-get install gitolite3/wheezy-backports

I accepted the defaults and gave it the public half of the ssh key which I had created to be used as the gitolite admin key.

By default this added a user gitolite3 with a home directory of /var/lib/gitolite3. Since they username forms part of the URL used to access the repositories I want it to include the 3, so I edited /etc/passwd, /etc/groups, /etc/shadow and /etc/gshadow to say just gitolite but leaving the home directory as gitolite3.

Now I could clone the gitolite-admin repo and begin to configure things.

Add my user

This was simple as dropping the public half into the gitolite-admin repo as keydir/ijc.pub, then git add, commit and push.

Setup vhosting

Between the gitolite docs and Julius' blog post I had a pretty good idea what I wanted to do here.

I wasn't too worried about making the vhost transparent from the developer's (ssh:// URL) point of view, just from the gitweb and git clone side. So I decided to adapt things to use a simple $VHOST/$REPO.git schema.

I created /var/lib/gitolite3/local/lib/Gitolite/Triggers/VHost.pm containing:

package Gitolite::Triggers::VHost; use strict; use warnings; use File::Slurp qw(read_file write_file); sub post_compile { my %vhost = (); my @projlist = read_file("$ENV{HOME}/projects.list"); for my $proj (sort @projlist) { $proj =~ m,^([^/\.]*\.[^/]*)/(.*)$, or next; my ($host, $repo) = ($1,$2); $vhost{$host} //= []; push @{$vhost{$host}} => $repo; } for my $v (keys %vhost) { write_file("$ENV{HOME}/projects.$v.list", { atomic => 1 }, join("\n",@{$vhost{$v}})); } } 1;

I then edited /var/lib/gitolite3/.gitolite.rc and ensured it contained:

LOCAL_CODE => "$ENV{HOME}/local", POST_COMPILE => [ 'VHost::post_compile', ],

(The first I had to uncomment, the second to add).

All this trigger does is take the global projects.list, in which gitolite will list any repo which is configured to be accessible via gitweb, and split it into several vhost specific lists.

Create first repository

Now that the basics were in place I could create my first repository (for hosting qcontrol).

In the gitolite-admin repository I edited conf/gitolite.conf and added:

repo hellion.org.uk/qcontrol RW+ = ijc

After adding, committing and pushing I now have "/var/lib/gitolite3/projects.list" containing:

hellion.org.uk/qcontrol.git testing.git

(the testing.git repository is configured by default) and /var/lib/gitolite3/projects.hellion.org.uk.list containing just:

qcontrol.git

For cloning the URL is:

gitolite@${VPSNAME}:hellion.org.uk/qcontrol.git

which is rather verbose (${VPSNAME} is quote long in my case too), so to simplify things I added to my .ssh/config:

Host gitolite Hostname ${VPSNAME} User gitolite IdentityFile ~/.ssh/id_rsa_gitolite

so I can instead use:

gitolite:hellion.org.uk/qcontrol.git

which is a bit less of a mouthful and almost readable.

Configure gitweb (http:// URL browsing)

Following the documentation's advice I edited /var/lib/gitolite3/.gitolite.rc to set:

UMASK => 0027,

and then:

$ chmod -R g+rX /var/lib/gitolite3/repositories/*

Which arranges that members of the gitolite group can read anything under /var/lib/gitolite3/repositories/*.

Then:

# adduser www-data gitolite

This adds the user www-data to the gitolite group so it can take advantage of those relaxed permissions. I'm not super happy about this but since gitweb runs as www-data:www-data this seems to be the recommended way of doing things. I'm consoling myself with the fact that I don't plan on hosting anything sensitive... I also arranged things such that members of the groups can only list the contents of directories from the vhost directory down by setting g=x not g=rx on higher level directories. Potentially sensitive files do not have group permissions at all either.

Next I created /etc/apache2/gitolite-gitweb.conf:

die unless $ENV{GIT_PROJECT_ROOT}; $ENV{GIT_PROJECT_ROOT} =~ m,^.*/([^/]+)$,; our $gitolite_vhost = $1; our $projectroot = $ENV{GIT_PROJECT_ROOT}; our $projects_list = "/var/lib/gitolite3/projects.${gitolite_vhost}.list"; our @git_base_url_list = ("http://git.${gitolite_vhost}");

This extracts the vhost name from ${GIT_PROJECT_ROOT} (it must be the last element) and uses it to select the appropriate vhost specific projects.list.

Then I added a new vhost to my apache2 configuration:

<VirtualHost 212.110.190.137:80 [2001:41c8:1:628a::89]:80> ServerName git.hellion.org.uk SetEnv GIT_PROJECT_ROOT /var/lib/gitolite3/repositories/hellion.org.uk SetEnv GITWEB_CONFIG /etc/apache2/gitolite-gitweb.conf Alias /static /usr/share/gitweb/static ScriptAlias / /usr/share/gitweb/gitweb.cgi/ </VirtualHost>

This configures git.hellion.org.uk (don't forget to update DNS too) and sets the appropriate environment variables to find the custom gitolite-gitweb.conf and the project root.

Next I edited /var/lib/gitolite3/.gitolite.rc again to set:

GIT_CONFIG_KEYS => 'gitweb\.(owner|description|category)',

Now I can edit the repo configuration to be:

repo hellion.org.uk/qcontrol owner = Ian Campbell desc = qcontrol RW+ = ijc R = gitweb

That R permission for the gitweb pseudo-user causes the repo to be listed in the global projects.list and the trigger which we've added causes it to be listed in projects.hellion.org.uk.list, which is where our custom gitolite-gitweb.conf will look.

Setting GIT_CONFIG_KEYS allows those options (owner and desc are syntactic sugar for two of them) to be set here and propagated to the actual repo.

Configure git-http-backend (http:// URL cloning)

After all that this was pretty simple. I just added this to my vhost before the ScriptAlias / /usr/share/gitweb/gitweb.cgi/ line:

ScriptAliasMatch \ "(?x)^/(.*/(HEAD | \ info/refs | \ objects/(info/[^/]+ | \ [0-9a-f]{2}/[0-9a-f]{38} | \ pack/pack-[0-9a-f]{40}\.(pack|idx)) | \ git-(upload|receive)-pack))$" \ /usr/lib/git-core/git-http-backend/$1

This (which I stole straight from the git-http-backend(1) manpage causes anything which git-http-backend should deal with to be sent there and everything else to be sent to gitweb.

Having done that access is enabled by editing the repo configuration one last time to be:

repo hellion.org.uk/qcontrol owner = Ian Campbell desc = qcontrol RW+ = ijc R = gitweb daemon

Adding R permissions for daemon causes gitolite to drop a stamp file in the repository which tells git-http-backend that it should export it.

Configure git daemon (git:// URL cloning)

I actually didn't bother with this, git http-backend supports the smart HTTP mode which should be as efficient as the git protocol. Given that I couldn't see any reason to run another network facing daemon on my VPS.

FWIW it looks like vhosting could have been achieved by using the --interpolated-path option.

Conclusion

There's quite a few moving parts, but they all seems to fit together quite nicely. In the end apart from adding www-data to the gitolite group I'm pretty happy with how things ended up.

Categories: Elsewhere

Another Drop in the Drupal Sea: DrupalCon LA Friday Recap

Planet Drupal - Sat, 16/05/2015 - 19:06

From my vantage point the sprint day was extremely well attended. I spent my day working on a patch I had submitted to the Flag module and working on OG Forum and OG Forum D7.

We had the traditional live commit in the afternoon.

There wasn't any announcement if any more critical bugs were squashed for core.

How many of you participated in the sprints? When did you head home? Are you participating on Saturday?

read more

Categories: Elsewhere

Holger Levsen: 20150516-lts-march-and-april

Planet Debian - Sat, 16/05/2015 - 18:56
My LTS March and April

In March and April 2015 I sadly didn't get much LTS work done, for a variety of reasons. Most of these reasons make me happy, while at the same time I'm sad I had to reduce my LTS involvement and actually I even failed to allocate those few hours which were assigned to me. So I'll keep this blog post short too, as time is my most precious ressource atm.

In March I only sponsored the axis upload for and wrote DLA-169-1, besides that I spent some hours to implement JSON output for the security-tracker, which was more difficult than anticipated, because a.) different people had different (first) unspoken assumptions what output they wanted and b.) since the security-trackers database schema has grown over years getting the data out in a logically structured fashion ain't as easy as one would imagine...

In April I sponsored the openldap upload and wrote DLA-203-1 and then prepared debian-security-support 2015.04.04~~deb6u1 for squeeze-lts and triaged some of d-s-s's bugs. Adding support for oldoldstable (and thus keeping support for squeeze-lts) to the security-tracker was my joyful contribution for the very joyful Jessie release day.

So in total I only spent 7.5 (paid) hours in these two months on LTS, despite I should have spent 10. The only thing I can say to my defense is that I've spent more time on LTS (supporting both users as well as contributors on the list as well as on IRC) but this time ain't billable. Which I think is right, but it still eats from my "LTS time" and so sometimes I wish I could more easily ignore people and just concentrate on technical fixes...

Categories: Elsewhere

Craig Small: Debian, WordPress and Multi-site

Planet Debian - Sat, 16/05/2015 - 10:07

For quite some time, the Debian version of WordPress has had a configuration tweak that made it possible to run multiple websites on the same server. This came from a while ago when multi-site wasn’t available. While a useful feature, it does make the initial setup of WordPress for simple sites more complicated.

I’m looking at changing the Debian package slightly so that for a single-site use it Just Works. I have also looked into the way WordPress handles the content, especially themes and plugins, to see if there is a way of updating them through the website itself. This probably won’t suit everyone but I think its a better default.

The idea will be to setup Debian packages something like this by default and then if you want more fancier stuff its all still there, just not setup. It’s not setup at the moment but the default is a little confusing which I hope to change.

Multisite

The first step was to get my pair of websites into one. So first it was backing up time and then the removal of my config-websitename.php files in /etc/wordpress. I created a single /etc/wordpress/config-default.php file that used a new database.  This initial setup worked ok and I had the primary site going reasonably quickly.

The second site was a little trickier. The problem is that multisite does things like foo.example.com and bar.example.com while I wanted example.com and somethingelse.com There is a plugin wordpress-mu-domain-mapping that almost sorta-kinda works.  While it let me make the second site with a different name, it didn’t like aliases, especially if the alias was the first site.

Some evil SQL fixed that nicely.  “UPDATE wp_domain_mapping SET blog_id=1 WHERE id=2″

So now I had:

  • enc.com.au as my primary site
  • rnms.org as a second site
  • dropbear.xyz as an alias for my primary site
Files and Permissions

We really three separate sets of files in wordpress. These files come from three different sources and are updated using three different ways with a different release cycle.

The first is the wordpress code which is shipped in the Debian package. All of this code lives in /usr/share/wordpress and is only changed if you update the Debian package, or you fiddle around with it. It needs to be readable to the webserver but not writable. The config files in /etc/wordpress are in this lot too.

Secondly, we have the user generated data. This is things like your pictures that you add to the blog. As they are uploaded through the webserver, it needs to be writable to it. These files are located in /var/lib/wordpress/wp-content/uploads

Third, is the plugins and themes. These can either be unzipped and placed into a directory or directly loaded in from the webserver. I used to do the first way but are trying the second. These files are located in /var/lib/wordpress/wp-content

Ever tried to update your plugins and get the FTP prompt? This is because the wp-content directory is not writable. I adjusted the permissions and now when a plugin wants to update, I click yes and it magically happens!

You will have to reference the /var/lib/wordpress/wp-content subdirectory in two places:

  • In your /etc/config-default.php:  WP_CONTENT_DIR definition
  • In apache or htaccess: Either a symlink out of /usr/share/wordpress and turn on followsymlinks or an apache Alias and also permit access.
What broke

Images did, in a strange way. My media library is empty, but my images are still there. Something in the export and reimport did not work. For me its a minor inconvenience and due to moving from one system to another, but it still is there.

 

 

Categories: Elsewhere

Rogério Brito: A Small Python Project (coursera-dl) Activites

Planet Debian - Sat, 16/05/2015 - 06:54

Lately, I have been dedicating a lot of my time (well, at least compared to what I used to) to Free Software projects. In particular, I have spent a moderate amount of time with two projects written in Python.

In this post, I want to talk about the first, more popular project is called coursera-dl. To be honest, I think that I may have devoted much more time to it than to any other project in particular.

With it I started to learn (besides the practices that I already used in Debian), how to program in Python, how to use unit tests (I started with Python's built-in unittest framework, then progressed to nose, and I am now using pytest), hooking up the results of the tests with a continuous integration system (in this case, Travis CI).

I must say that I am sold on this idea of testing software (after being a skeptical for way too long) and I can say that I find hacking on other projects without proper testing a bit uncomfortable, since I don't know if I am breaking unrelated parts of the project.

My use/migration to pytest was the result of a campaign from pytest.org called Adopt Pytest Month which a kind user of the project let me know about. I got a very skilled volunteer assigned from pytest to our project. Besides learning from their pull requests, one side-effect of this whole story was that I spent a moderate amount of hours trying to understand how properly package and distribute things on PyPI.

One tip learned along the way: contrary to the official documentation, use twine, not python setup.py upload. It is more flexible for uploading your package to PyPI.

You can see the package on PyPI. Anyway, I made the first upload of the package to PyPI on the 1st of May and it already has almost 1500 download, which is far more than what I expected.

A word of warning: there are other similarly named project, but they don't seem to have as much following as we have. A speculation from my side is that this may be, perhaps, due to me spending a lot of time interacting with users in the bug tracker that github provides.

Anyway, installation of the program is now as simple as:

pip install coursera

And all the dependencies will be neatly pulled in, without having to mess with multi-step procedures. This is a big win for the users.

Also, I even had an offer to package the program to have it available in Debian!

Well, despite all the time that this project demanded, I think that I have only good things to say, especially to the original author, John Lehmann.

If you like the project, please let me know and consider yourselves invited to participate lending a hand, testing/using the program or [triaging some bugs][issues].

Categories: Elsewhere

Norbert Preining: Plex Home Theater 1.4.1 for Debian Jessie and Sid

Planet Debian - Sat, 16/05/2015 - 05:28

Recently Plex Plex Home Theater was updated to 1.4.1 with fixes for some errors, in particular concerning the new music handling introduced in 1.4.0. As with 1.4.0, I have compiled PHT for both jessie and sid, both for amd64 and i386.

Jessie

Add the following lines to your sources.list:

deb http://www.preining.info/debian/ jessie pht deb-src http://www.preining.info/debian/ jessie pht

You can also grab the binary for amd64 directly here for amd64 and i386, you can get the source package with

dget http://www.preining.info/debian/pool/pht/p/plexhometheater/plexhometheater_1.4.1-1~bpo8+1.dsc Sid

Add the following lines to your sources.list:

deb http://www.preining.info/debian/ sid pht deb-src http://www.preining.info/debian/ sid pht

You can also grab the binary for amd64 directly here for amd64 and i386, you can get the source package with

dget http://www.preining.info/debian/pool/pht/p/plexhometheater/plexhometheater_1.4.1-1.dsc

The release file and changes file are signed with my official Debian key 0x860CDC13.

Enjoy!

Categories: Elsewhere

Pages

Subscribe to jfhovinne aggregator - Elsewhere