diff options
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/content/docs/meeting_notes/2024-07-02.md | 98 |
1 files changed, 95 insertions, 3 deletions
diff --git a/docs/content/docs/meeting_notes/2024-07-02.md b/docs/content/docs/meeting_notes/2024-07-02.md index 5246f16..d84e2c2 100644 --- a/docs/content/docs/meeting_notes/2024-07-02.md +++ b/docs/content/docs/meeting_notes/2024-07-02.md @@ -18,16 +18,49 @@ Useful links --> +## Attendees + +Joe and Johannes. + +Chris unfortunately died in a fatal train accident and could not attend the +meeting. This incident will be rectified in the next release, "Lovering 2.0: +Immortability". + +Bella is out on the streets again. We are waiting for approval from the Python +Discord admins to run another fundraiser. ## Agenda +- **Configuration of renovate** (Joe) + + We are replacing dependabot with renovatebot. Johannes welcomes this decision. + Joe says we are looking for automatic deployment from Kubernetes to make sure + that any updates are automatically deployed. + + **Conclusion**: Implemented. + - **Resizing Netcup servers** (Joe, Johannes) + We can probably get rid of turing, assess what else we want to deploy on + lovelace, and then ask for a resize. + + **Conclusion**: Create issue to move things off turing, remove it from the + inventory, remove it from documentation, power it off, then have Joe ask for + server removal. + - **Updating the public statistics page** (Johannes) Discussing and showcasing possible alternatives to the current infrastructure powering https://stats.pythondiscord.com via the - https://github.com/python-discord/public-stats repository. + https://github.com/python-discord/public-stats repository. Johannes presents + his current scripts that cuddle RRDTool into loading data out of metricity, + Joe says we will discuss with Chris what to do here. + + The likely way going forward will be that *we will open an issue to set it + up*, the setup will contain an Ansible role to deploy the cronjob and the + script onto lovelace alongside with the `rrdtool` PostgreSQL user. + + **Conclusion**: Johannes will create an issue and codify the setup in Ansible. - **New blog powered by Hugo** (Johannes) @@ -38,6 +71,14 @@ Useful links contributors would be nice for this, although currently everything is still local on my machine. + Joe mentions that we don't need to take anything particularly similar to the + current Ghost theme, just some vague resemblance would be nice. Most of the + recommended Hugo themes would probably work. Johannes will check it out + further. + + **Conclusion**: Try the [hugo-casper-two + theme](https://github.com/eueung/hugo-casper-two) and report back. + - **Finger server** (Joe, Johannes) Joe recently proposed [the deployment of a finger @@ -47,13 +88,65 @@ Useful links to consider whether members will update their files regularly - we may want to incorporate functionality for this into e.g. King Arthur. + Joe says that we shouldn't put a lot of development effort into it, it would + be simply a novelty thing. + + **Conclusion**: This is a nice cheap win for some fun which should just be a + simple Python file (via Twisted's Finger protocol support or whatever) that + connects to LDAP (see Keycloak authentication server) and outputs information. + We could possibly integrate this into King Arthur as well, so the querying + workflow could look like KA -> fingerd -> LDAP, or people could use finger + commands directly. + +- **Keycloak authentication server** (Joe) + + Joe mentions that we are deploying a Keycloak server because for some members + authenticating via GitHub is cumbersome, for instance because their GitHub + account is connected to their employer's GitHub Enterprise installation. We + could hook up a finger server to the LDAP endpoint. Joe also mentions that we + might want to set up e-mail forwarding from pydis addresses to users via the + user database that will be stored in Keycloak. + + Currently we only have a Keycloak installation that stores items in + PostgreSQL. This installation can federate to LDAP - we would simply have to + settle on some directory service backend. Joe suggests FreeIPA because he's + familar with it (including the Keycloak integration). The problem is that it + doesn't work on Debian. The alternative proposal, given that we're saving + ~50$/month on Linode, would be spinning up a Rocky VM with FreeIPA on it on + Linode (we already have the budget) or ask Netcup for another VM. Ultimately, + the system to run FreeIPA would be something CentOS-based. One aspect to + consider is networking security: in Linode we could use their private cloud + endpoint feature to securely expose the LDAP server to Keycloak and other + services in Kubernetes, if we were to run it in Netcup, we would need to use a + similar setup to what we currently have with PostgreSQL. + + Any Python Discord user would be managed in LDAP, and Keycloak has the + necessary roles to write back into LDAP. Keeping the users in FreeIPA + up-to-date would be a somewhat manual procedure. Joe's plan was to pick up the + user's Discord username and use `[email protected]` as their name and do + account setup as part of the staff onboarding. + + **Conclusion**: Will wait for Chris to discuss this further, but we simply + need to decide where we want to run the LDAP service. + - **Flux CD** (Joe) Joe proposes deploying [flux](https://fluxcd.io/) as a way to improve the way - we manage our CI/CD. + we manage our CI/CD. We want the cluster to be able to synchronize its state + with the git repository. There are some manifests in the repository currently + that are not in sync with the cluster version. + + **Conclusion**: Approved, Joe will create an issue and do it. - **Polonium** (Chris) + Question came up regarding why the bot does not write to the database + directly. Joe said it's not perfect to have the bot write to it directly - in + metricity it works but it's not perfect. Chris probably had good reason: + separation of intent. + + **Conclusion**: Approved, write to R&D for financing. + - **Rethinking Bella: Suggested measures to gain autonomy** (Chris) Chris will present our current plans to biologically re-think and improve @@ -63,5 +156,4 @@ Useful links leave, we will send him the result of this voting via NNCP. - <!-- vim: set textwidth=80 sw=2 ts=2: --> |