[PROPOSAL] TWiki and mirroring

Jeremy Huntwork jhuntwork at linuxfromscratch.org
Mon Aug 2 06:18:53 PDT 2004


On Sun, 2004-08-01 at 15:52 -0400, Anderson Lizardo wrote:
> Hi guys,
> 
> I know this had been discussed before, but I still have some doubts/concerns 
> regarding how the TWiki mirroring will happen, and maybe some mirror admins 
> share them too. Here they are:

Well, as Jeroen mentioned, no mirrors have raised these concerns. ;)

> - http://test.linuxfromscratch.org/twiki/bin/view/Main/WebsiteMirrors says 
> that port 873 will be used by the rsync daemon. AFAIK, this is a low port and 
> requires special privileges to be bound. Can rsync's bind port be changed so 
> it can be run by a regular user?

Yes, I'm pretty sure you can choose whatever port you want.  I'll look
into it more..

> - mirror the static data using the pushing method suggested by J. Huntwork. 
> Even if we have to continue to use a non-CMS solution, I think we should move 
> to push rsync'ing as it resolves another long-standing problem (mirrors being 
> constantly outdated).

Jeroen mentioned making this first priority.  So, you mean doing that
now for our current setup?  That's fine with me, but that means we need
to inform the mirrors, right?

> - I remember some people arguing that enabling edits only for belgarath would 
> increase bandwidth usage. I offer a possible solution for this: additionally 
> to having mirrors hosting static data, some which have no concerns regarding 
> the items above can co-operate with belgarath on hosting the scripts and 
> non-processed data (i.e. a complete TWiki installation). Those include 
> possible mirrors which already host TWiki-powered projects and feel confident 
> about it (as anyone else should :). The requirements for these "special" 
> mirrors will be no different from what we have currently on 
> http://test.linuxfromscratch.org/twiki/bin/view/Main/WebsiteMirrors.

I have to agree with Jeroen's comments on this one.  Too many issues to
resolve.

> - Move from our current CGI/Apache authentication method to https, as 
> suggested by Jeroen. I have my doubts if the current method will work well 
> with these cross-site redirections from "edit mode" to "view mode" and 
> vice-versa.

Actually, if I was understanding the original "theory" correctly, on a
mirror no authentication would take place, all viewers are anonymous.
When 'edit' is clicked, a user is redirected to the edit url of the same
page on belgarath, which will in turn trigger TWiki's authentication
process.  So the user is only authenticated on belgarath.  That should
uncomplicate the authentication process a bit, right?

Also, we wouldn't be using https as authentication, just a secure
encrypted connection so that passwords sent over the connection can't be
read, right?  If we did it that way, no current structure in the
authentication method needs to change, with the exception of moving the
TWiki method of encrypting passwords from crypt() to SHA1.

-- 
Jeremy Huntwork
http://www.jenacon.net




More information about the website mailing list