Server Team Meeting, 2017-04-13¶
Attendees: Andri Steiner, Bastian Bringenberg, Michael Stucki, Steffen Gebert
Excused: Andreas Beutel
Beginning of the meeting: 07:00 CEST (!!!)
Open Issues from last meetings¶
- Last meeting protocol: Meeting_2017-mm-dd
- Issue list: https://forge.typo3.org/projects/team-server-public/issues?query_id=379
- OTRS tickets: https://otrs.typo3.org/otrs/index.pl?Action=AgentTicketQueue;QueueID=21;SortBy=Age;OrderBy=Up;View=Small;Filter=All
Docker Daemon Listen¶
- [INFO] Docker's idea is to have a CA with server and client certificates. Seperate server certificates for each Docker daemon, seperate client certificates for each connector (Portainer or others)
- [INFO] Andri: i don't think it is realistic to implement a solution with a central CA for us right now, especially because this will be only a step on our way to a more integrated solutoin
- [INFO] Andri: i propose to just generate local certificates on each Docker machine (openssl oneliner), and use the very same certificate manually to connect to this machine. any objections or better ideas?
- [INFO] Discussed several solutions within the team, e.g. using Chef certificates or rollout own CA through Chef. We agreed that the original proposal with own certificates per Docker instance is the way to go right now
- [TODO] see https://forge.typo3.org/issues/80770 @andri
HTTPS everywhere (browser plugin)¶
- [INFO] HTTP-only hosts: lists.typo3.org, lists.association.typo3.org, monitoring.typo3.org, + some sites on srv105
- [TODO] Enable lists.typo3.org, lists.association.typo3.org with LetsEncrypt @stucki
- [TODO] Move some sites from srv105 to our internal webhosting: https://forge.typo3.org/issues/79475 @bastian
- [TODO] Someone who has time will enable SSL for monitoring.typo3.org: https://forge.typo3.org/issues/80832
- [INFO] Shell script Letsencrypt client: https://github.com/lukas2511/dehydrated
- [TODO] Communicate with HTTPs Everywhere, when we are done with HSTS so we are able to drop our configuration from HTTPS everywhere @bastian
Review of our latest sprint¶
- [INFO] The report is not finished yet. This should be done by Friday.
- [TODO] Write some lines about the LDAP work that was done. @bastian
- [TODO] Finish the report and take care of publication @stucki
- [TODO] Make sure to send your travel reimbursement forms to https://reimbursement.typo3.com/ until end of next week! @all
- [TODO] We should give feedback to Benni regarding the points he brought up before the sprint. Michael will call him. @stucki
- [INFO] The Redmine system at https://forge.typo3.org/ was finally upgraded from version 1.4 to version 3.3! We've been working long and hard on this feature, that's why we're really happy that this is now completed!
- [TODO] Check the status of the SLA that was originally planned for future updates. Will talk to Mathias about it. @stucki
- [INFO] Steffen suggests to use TravisCI for continuous integration of new changes.
- [TODO] Steffen will continue his tests on https://travis-ci.org/StephenKing/redmine-plugin-travis @steffen
- [INFO] The website is now up to date again, however the theme is still the same for many years. That also means that it's not responsive.
- [INFO] On Twitter, Xavier Perseguers recommended to have a look at http://www.abacusthemes.com/en/themes/redmine-theme
- [TODO] Generally, the Redmine system & our theme are open sourced on Github. Everybody is invited to make pull requests to this setup:
- https://github.com/TYPO3-infrastructure/redmine (branch 3.3-stable-typo3)
- Docker based development system: https://github.com/stucki/docker-redmine
- [TODO] If nobody else comes up with a suggestion, we will put the theme on the agenda for our next sprint...
- Status my.typo3.org: Bastian gives a small status of what has been done so far. Further work will be handled in <ticket>. @bastian (extra TODO: add link to the Forge ticket)
- Hosting Call for Offers: Michael will reach out to Olivier (not done yet) to discuss the next steps. @stucki
- Anja requested dedicated name fields for typo3.org users. Bastian reports that this is already possible on our end (LDAP server). He will coordinate with Anja and Thomas that this will be used everywhere in the same way. @bastian
- Trello: Michael will cleanup the board that was used during the sprint as soon as the report has been finished. @stucki
- The next meeting will take place on Thursday, April 27, 2017 07:00 CEST
End of the meeting: 08:00 CEST.