| Version 1 (modified by adehnert, 11 years ago) (diff) |
|---|
Here are some possible projects that SIPB folks could start. For more information about the project, you can contact the reporter, who may also be happy to help you get the project started.
| Ticket | Component | Keywords | Summary | Reporter | Owner | Status | Priority |
|---|---|---|---|---|---|---|---|
| #1 | athena | debian, fedora | secure general purpose build server (PackageFab) | geofft | new | critical | |
| Description |
We have debuild.mit.edu (well, now, zulu.mit.edu) to build software for Debathena, but that's
I'd like SIPB to have a general purpose build server that supports other OSes (at least Fedora), and appropriately uses virtualization or something so that unprivileged users / the general public can use it, but I can submit a build from my root instance (or GPG-signed or whatever) and have a pretty trustworthy result. For bonus points, it should also be able to do locker builds for all sysnames we care about. Much like fakeroot was able to solve the issue of needing to be root to do package builds, it's possible fakeroot + an tmpfs union chroot can solve the issue of needing to be root to install build dependencies. |
||||||
| #17 | snippets | trac, python | Trac plugin/cronjob to sync Trac groups with Moira/AFS | adehnert | new | major | |
| Description |
Trac has its own permissions system, and associated groups mechanism. Unfortunately, this isn't integrated with Moira, which means that it needs to be maintained independently of projects' usual permissions-granting mechanism. (For example, one of the steps of making somebody a Scripts maintainer is to add them to the "scripts-root" group on http://scripts.mit.edu/trac/.) This is often error-prone. Snippets should have a Trac plugin or standard script that can be put in a cronjob that will automatically sync a Trac group with a Moira/AFS group. (The sync relationships could be maintained explicitly, or we could just automatically sync moira:groupname or something.) Fixing http://scripts.mit.edu/trac/ticket/322 might be useful for this, but doing something special-cased would probably be okay. I suspect that at least Scripts, ASA, and this Trac would happily use such a plugin. |
||||||
| #20 | athena | docs | Basic guide to using one's Public | adehnert | new | major | |
| Description |
Somebody should write a basic guide on how to upload files to one's Public or www directories (or a student group locker) using tools like WinSCP or SecureCRT. http://sipb.mit.edu/doc/afs-and-you/ is great, but it's too advanced (I don't care about ACLs, but do care about how a beginning user can connect in the first place). Alternatively, find something on the IS&T website and link it from http://sipb.mit.edu/doc/. |
||||||
| #21 | snippets | github, zephyr | Github issue zephyrs | adehnert | new | minor | |
| Description |
We have the infrastructure to zephyr on Github commits (https://zcom.mit.edu/) and Trac ticket updates (http://snippets.scripts.mit.edu/gitweb.cgi/.git/tree/HEAD:/TracZephyrPlugin), but not Github issue updates. I'm not sure that Github has a good way to do this, but you could probably do something sketchy with mail_scripts if nothing else. |
||||||
| #22 | athena | Better mailing list archiving solution than discuss | adehnert | new | major | ||
| Description |
Various SIPB projects, student groups, etc. use discuss for archiving their mailing lists. Discuss sucks for various reasons:
A replacement would be awesome. Potentially desirable features:
|
||||||
| #23 | snippets | Cronjob to sync Github teams with Moira/AFS | adehnert | new | major | ||
| Description |
We have more and more things on Github. It would be neat if we had code to sync moira lists with Github teams to ease maintaining ACLs. (It's not clear how we handle things like Athena<->Github usernames, but surely we can solve this problem.) |
||||||
| #26 | sipb-locker | zephyr | zcrypt and -auto reminder zephyrbot | adehnert | new | major | |
| Description |
A simple zephyrbot that subs to some classes and autoreplies if they receive non-crypted traffic (for zcrypted classes) or traffic from "real" users (for -auto classes) would sometimes be helpful. (Ideally, this should probably be runnable on a dialup from a locker with an individual's tickets, so that classes that are both crypted and have a secret name can be supported.) To some degree, Barnowl #229 "zcrypt: Options support, and some common enhancements" (http://barnowl.mit.edu/ticket/229) will solve this for zcrypt, and reply-lockout can solve this for -auto, but a zephyrbot might still be useful (for users who don't have this configured, or until Barnowl #229 actually gets implemented). |
||||||
| #27 | sipb-locker | Least privilege for the SIPB locker | adehnert | new | major | ||
| Description |
Currently, gsipbbin has 124 people on it, which might dissuade projects from having users run code out of there. It might be nice to come up with a scheme whereby projects can put their programs in the sipb locker, without needing to trust the maintainers of all the other programs in the sipb locker. https://diswww.mit.edu/charon/bug-sipb/48341 and follow-ups have more details. |
||||||
| #28 | sipb-www | starter | "SIPB/MIT/USA" postcard tracking tool | adehnert | new | minor | |
| Description |
There's a tradition of mailing SIPB a postcard from foreign countries, with an address of "SIPB / MIT / USA". It would be neat to make a tracking webapp where you'd enter your location when you sent a postcard, and somebody would mark the postcard off when we received it. For bonus points, use an IP geolocation service to find the IP. (Google finds several. Akamai's (http://www.akamai.com/html/technology/products/personalization.html) is the one I've encountered before -- they seem not to want to be a free API, though.) (This would probably be a decent first webapp for somebody who wants to learn django, flask/sqlalchemy, rails, or some other tool.) |
||||||
| #29 | athena | ACL'd "add me to this list" UI | adehnert | new | major | ||
| Description |
If I have a list (foo, say) that I want to be open to anybody on another list (bar, say), Moira gives me two ways to approximate this:
Neither are really want I want. Ideally, Moira would let me do that, but it seems a little unlike. I propose a webapp (or server with remctld, or something) that allows an owner of foo to add daemon.sipb-listmaint to the memacl for foo and fill out a form to say that people on bar can add themselves to foo, and then allows somebody on bar to ask to be added (and does then does so). |
||||||
| #32 | snippets | zephyr, trac | Zephyr->Trac bot | adehnert | new | major | |
| Description |
It would be nice to run (possibly as a service, possibly as some software projects ran themselves) a bot that could listen to zephyr and repost certain zephyrs to Trac. One option would be to just support adding comments like "Discussed on -c $class at $time" on request; another would be to actually support copying comments wholesale. Some context is at https://diswww.mit.edu/charon/scripts/66521. |
||||||
| #34 | snippets | zephyr | supybot-compatible zephyrbot framework | adehnert | new | major | |
| Description |
Geofft suggested adding a supybot-compatible plugin interface to a zephyrbot. I don't really know what that means, but it sounds kinda cool. Apparently http://meetbot.debian.net/Manual.html has some useful background. |
||||||
| #35 | snippets | git, docs | Github mirroring documentation or as a service | adehnert | new | major | |
| Description |
Bidirectional Github mirroring with AFS is something a bunch of projects want to do. It'd be great to have some documented best practices on how to do this ("give a deploy key access", "run these cronjobs on scripts", ...). For possible bonus points, depending on how complex the instructions end up, it might be nice to simplify the instructions by having a service that lets you give AFS bits to some kerberos principal and Github bits to some Github user (or deploy key), input a path and github repo, and then it magically handles everything else for you. |
||||||
You can add to this list by creating a new ticket (make sure to set the type to "project").
