Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Aug 11 20:52
    @RubenVerborgh banned @mikeadams1
mrdurutkar
@mrdurutkar
I am successfully running the server in my Mac. I am building a proof-of-concept of an open and scalable repository that lists pod providers and filters a subset of those pod providers that are relevant for a specific person.
this way, a person can easily connect his/her pods at organizations that store data about him/her.
This is for my university project.
I hope to receive a good response from all of you.
@joachimvh I hope you read this
Jeff Zucker
@jeff-zucker
Hmm, if I set StaticAssetHandler for /user/profile/card, I get the following from a HEAD on it : (note there isn't any wac-allow header!)
fetching head from http://localhost:3137/LocalKitchenUser/profile/card
  access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: Accept-Patch,Link,Location,MS-Author-Via,Updates-Via,WAC-Allow
cache-control: max-age=86400
connection: close
content-type: text/turtle
date: Sat, 28 Aug 2021 16:27:22 GMT
expires: Sun, 29 Aug 2021 16:27:22 GMT
updates-via: ws://localhost:3137/
vary: Accept,Authorization,Origin
x-powered-by: Community Solid Server
elf Pavlik
@elf-pavlik
@mrdurutkar you might want to take a look at https://solid.github.io/data-interoperability-panel/specification/ which addresses data discovery in a way that plays well with authorization
for example user would have their Authorization Agent which would help them keep track on all the data shared with them, as well as data they own themselves
also each application would have clear entry point from where it can follow its nose to all the data user authorized that application to access to access
it's not CSS specific, if that helps you case you can ask further questions on https://gitter.im/solid/data-interoperability-panel
mrdurutkar
@mrdurutkar
Thank you @elf-pavlik that seems helpful
How do I approach this to make a project
Joachim Van Herwegen
@joachimvh
@ewingson The idea is that you can pick one of the configs in the root config folder for your server setup, or create a custom one based on the examples there. There's a readme in the config folder which can hopefully help a bit. If you're using a reverse proxy for https the default configs should work fine already, if you want the CSS to start an https server there is an example-https-file.json config there where you can replace the paths pointing to the https key/cert
@jeff-zucker Data kitchen looks nice, will have to have an in-depth look later ^^. Regarding the StaticAssetHandler: resources served through that live outside of the LDP/Solid components and thus will not follow the spec (note there are also no link rel=type and rel=acl headers). That handler is there in case you want to host some extra files on the server but do not want requests to go through the full parsing/auth/backend steps, such as for the favicons or the css styles.
Joachim Van Herwegen
@joachimvh
@mrdurutkar it sounds like your questions pertain more to the Solid concept in general and less to the Community server specifically, so you might be better helped in the gitter linked above, or even the main solid gitter https://gitter.im/solid/chat . If you do have specific issues with the community server feel free to ask them here (or in a discussion on the github repository)
Joachim Van Herwegen
@joachimvh
@jeff-zucker I had a look into your config and get where your question is coming from. Currently there is no out of the box solution for linking static files in a Solid way directly. I wonder if you perhaps could use a RegexRouterRule to map certain requests (those to /LocalKitchenUser, /profile and perhaps some others) to a FileDataAccessor that uses /ServerRoot as root folder instead of what was passed with the -f parameter. https://gist.github.com/joachimvh/da75e1239fb026db0b3375ded505b21f contains a similar example I made showing how regex routing can work. A bit more config would then also be needed to have FileDataAccessor point at a fixed folder instead of the default one. I can provide a config example if you want to go into that direction. Not sure if it covers everything you want
Matthias Evering
@ewingson
@joachimvh so it is not the case that all the configs play together but instead only the config passed on start takes effect, have I got that right now ? so then I would not need to rename example-https-file.json but pass that one on the start-command ? see https://forum.solidproject.org/t/make-css-multi-user-mode-first-get-ssl-running/4624 I'm sure I will come up with more questions once it is time... for example how do I make a service unit possible to run 24/7...
Joachim Van Herwegen
@joachimvh
yes all the configs in the root folder are completely independent of each other. The imports at the top of each config define which other configs they interact with. Each import sort of corresponds to a specific feature, you can see some differences by comparing 2 different configs. So you would indeed have to edit example-https-file.json (or create a custom copy of it somewhere) and pass that one to the -c parameter
but you mention that you use nginx as a reverse proxy. If you pass the key/certs there and configure it as https, you don't have to provide them to the CSS anymore. CSS can interpret the forwarded headers to make sure the hostname is correct
instead of editting config/identity/email/default.json you could also remove that import from your config (you'll see it in the list of imports) and instead copy your changes into the body of your config (just so you're not dependent on editting files in the CSS project itself)
it's JSON-LD, so what an import does is pretty much copying the contents of that path into the main body
Jeff Zucker
@jeff-zucker
Thanks, @joachimvh - I may eventually follow up on some kind of routing solution, but for now I think I'll just warn the users, then create the files and folders in their rootFilePath .
Matthias Evering
@ewingson
I get the idea, @joachimvh
Matthias Evering
@ewingson
@joachimvh
[Unit]
Description=Solid - Social Linked Data
Documentation=https://github.com/solid/community-server
After=network.target

[Service]
Type=simple
User=root 
ExecStart=/usr/lib/node_modules/@solid/community-server/bin/server.js -c @css:file.json -b https://solidweb.me/
Restart=on-failure

[Install]
WantedBy=multi-user.target
I've let myself inspired by the NSS-Way, but the above doesn't work
I've omitted the working directory (included didn't work neither) and the root-user is suboptimal
anyone can help setting up a service for running 24/7 on a root machine ?
oh I've found debug-info.... claims running
Matthias Evering
@ewingson
communityss.service - Solid - Social Linked Data
   Loaded: loaded (/lib/systemd/system/communityss.service; enabled)
   Active: active (running) since Tue 2021-08-31 15:35:15 CEST; 117ms ago
     Docs: https://github.com/solid/community-server
 Main PID: 14025 (node)
   CGroup: /system.slice/communityss.service
           └─14025 node /usr/lib/node_modules/@solid/community-server/bin/server.js -c @css:file....
config statement forgotten
Matthias Evering
@ewingson
yippieyahey solidweb.me up and running
but still waiting for the mashlib auth upgrade
Matthias Evering
@ewingson
to make mashlib the default app
Jeff Zucker
@jeff-zucker
@ewingson - you can test with this one, still some bugs, but mostly plays nice with CSS : https://github.com/solid/data-kitchen/blob/main/assets/mashlib.js
Probably also want to grab mashlib.js.map and mash.css from that folder
Matthias Evering
@ewingson
@jeff-zucker to be honest, I'm not quite sure how to put everything together, I would need help and/or assistance, but for the moment its okay as is. what do you think of the startpage ?
Jeff Zucker
@jeff-zucker
Looks good. solidproject.org is not driven by the W3C community group. It is it's own project with a team of facilitators appointed by Sir Tim. The community group is certainly a major player and members of the panels are required to be part of it, but other Team members may or may not be a part of it. It does not play a direct role in managing solidproject which includes the website, the community server, this chat, the forum, etc.
Matthias Evering
@ewingson
okay, will put hands on that part
Matthias Evering
@ewingson
@Vinnl case you wondered you got no email, now I've the right port configured, the default was incorrect
also I found you mandatory need a trailing slash
vinnl
@vinnl:matrix.org
[m]
Ah haha I didn't even notice - worked fine otherwise. It's now being autosuggested on penny.vincenttunru.com :)
Matthias Evering
@ewingson
schön
elf Pavlik
@elf-pavlik
It would be great to get some feedback in AuthN Panel on current implementation of Solid-OIDC in CSS as well as some breaking changes we are currently considering solid/solid-oidc#18 (very early draft just hinting the direction)
If possible we could discuss it on https://gitter.im/solid/authentication-panel or here. Even better we could dedicate most of one of Monday meetings of the panel for that, if person implementing it in CSS would be able to join.
elf Pavlik
@elf-pavlik
I think CSS would provide important feedback on the possible direction of introducing ResourceServer associated AuthorizationServer . As well as AuthZ relevant direction we explore in the Interop Panel which would provide feature comparable to scopes in OAuth2 but very likely would require the Client to pass additional information (push extra claim) to mentioned RS associated AS. It is related to this use case https://solid.github.io/authorization-panel/authorization-ucr/#uc-client-constraints
Joachim Van Herwegen
@joachimvh

@elf-pavlik To give you an overview, the OIDC/IDP component was originally written by Jackson and Matthieu, with a lot of the heavy lifting being done by the node-oidc-provider library. Afterwards I have made several changes based on issues and extra features. So if a new feature needs to be added it would probably be done by me, but my OIDC knowledge is mostly based on the issues I encountered and conversations I had with @matthieubosquet so is definitely not comprehensive.

I can join such a meeting though, just not sure what level of OIDC spec knowledge is required to have a valuable discussion :D

elf Pavlik
@elf-pavlik
Thank you @joachimvh Now I know who to ask questions and I can always check relevant details directly in the codebase :eyes:
Aaron Coburn
@acoburn
@joachimvh the most relevant specification for this conversation is OAuth2. But there is a high-level discussion to be had that will be somewhat independent of the arcane details of those specifications. IOW, you will surely be able to provide valuable insight from the CSS perspective.
Matthias Evering
@ewingson
@jeff-zucker @RubenVerborgh @joachimvh have I tracked down this right https://github.com/solid/community-server-recipes/blob/main/mashlib/config-mashlib.json#L59 that needs work for mashlib as default for CSS ?