Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Jan 31 22:39
    dmitrizagidulin commented #1061
  • Jan 31 22:04
    kidehen commented #1061
  • Jan 31 22:00
    elf-pavlik commented #1061
  • Jan 31 21:49
    kidehen commented #1061
  • Jan 31 21:39
    kjetilk labeled #1081
  • Jan 31 21:38
    kjetilk labeled #1081
  • Jan 31 21:28
    dmitrizagidulin commented #1061
  • Jan 31 20:47
    cblakeley commented #1061
  • Jan 31 18:42
    elf-pavlik edited #1081
  • Jan 31 18:42
    elf-pavlik opened #1081
  • Jan 31 14:20
    joachimvh commented #1080
  • Jan 31 09:27
    kjetilk labeled #1080
  • Jan 31 09:27
    kjetilk assigned #1080
  • Jan 31 09:27
    kjetilk opened #1080
  • Jan 31 02:27
    elf-pavlik opened #1079
  • Jan 30 15:05
    dmitrizagidulin commented #1061
  • Jan 30 14:23
    csarven opened #1078
  • Jan 30 12:54
    cblakeley commented #1061
Tim Berners-Lee
@timbl
Alain Bourgeois
@bourgeoa
It is said that node-solid-server is end of life and a new pod-server at https://github.com/inrupt/pod-server is due to replace it.
How can we build and test it ? A docker file is a must
Alain Bourgeois
@bourgeoa
In the mean time we have a few remaining problems introduced by the new resource-mapper.js introduced with NSSv5.1.6 about 2 months ago. There is a PR #1292 or PR #1282 that solves these. Can't we expect it to be reviewed rejected/validated and pushed @timbl @RubenVerborgh It will be a needed guidance for Devs with work in progress.
Ruben Verborgh
@RubenVerborgh
@jaxoncreed is this something you could take a stab at?
Jamie Fiedler
@jamiefiedler
is there a best practice for configuring NSS (5.1.7, in this case) to respond with a 200 for an inbound LB health check on the generic IP (no hostname)? i tried creating a subdirectory with the IP as the name in the data directory (which does map correctly) but that appears to leads to a rabbit hole of auth errors and i don't want to start creating all kinds of custom configs to do a simple task. i can always run something standalone on a different port but if it's already a thing available with NSS...
Justin Bingham
@justinwb
so for starters if the LB connections are going direct to IP there’s going to be certificate issues, and that’s probably enough to throw nss down the tubes
@jamiefiedler can the LB be configured to use hostname instead?
Jamie Fiedler
@jamiefiedler
pod appears to work fine for normal use using hostnames via the LB, no issue with certs (so far). the heartbeat has no hostname to pass along - it's originating from the LB itself.
Scott McWhirter
@konobi
@jamiefiedler it likely depends on the software in use
Justin Bingham
@justinwb
yeah if the heartbeat is trying to hit the solid server with no hostname (just IP), it’s going to have a cert error for starters
Jamie Fiedler
@jamiefiedler
yep mapping error then cert error after mapping working was tried. it's not a huge issue to run a separte listener on the solid server to respond to LB heartbeats if that's the easiest way to satisfy this non-solid-specific issue.
Scott McWhirter
@konobi
well... if the healthcheck is just a connection to the port to see if it can 1) connect and 2) get some data, even if it's just the handshake negotiation may be sufficient
If your SSL termination is going on before you hit the NSS instance, there's no need to run SSL on the NSS side
(* with some environment assumption that is)
Jamie Fiedler
@jamiefiedler
response code needs to be 200-499
correct - i'm terminating SSL on the LB
Scott McWhirter
@konobi
if the network between your LB and NSS instance is under your control and properly isolated, you can drop the SSL between LB and NSS... it's not always a good fit though (and I haven't tried running NSS itself in a non-SSL mode)
there's also likely to need to be some longer term work to support that mode of operation more fully (passing client cert info to the backend and having NSS pick that up from proxy headers, etc.)
Jamie Fiedler
@jamiefiedler
basic user/pass auth seems to work fine in this config (pod is acting as IdP). i haven't tried WebID-TLS yet but after looking at renegotiateTls() i'm guessing that's where i may start running into challenges. will poke at it some more tomorrow, thanks @konobi
jaxoncreed
@jaxoncreed
@RubenVerborgh I'll take a stab at it today
Ruben Verborgh
@RubenVerborgh
@jaxoncreed 🙏
Michiel de Jong
@michielbdejong
@jaxoncreed want to jump on a call and review #1292 together?
jaxoncreed
@jaxoncreed
Yep
Michiel de Jong
@michielbdejong
ok, let’s use my appear.in
lmg :coffee:
jaxoncreed
@jaxoncreed
Cool. I’m in
Michiel de Jong
@michielbdejong
ldp.get’s extra parameter searchIndex is used to indicate if html is preferred on folder listing, and also to map card to card.ttl, and neither of us understand why
Michiel de Jong
@michielbdejong
Glad that we’re rewriting the ResourceMapper code from scratch :)
Even spending 30 minutes on it with two people, we didn’t understand the PR well enough to review it, sorry.
Alain Bourgeois
@bourgeoa
@michielbdejong ldp.get’s extra parameter searchIndex is used to indicate if html is preferred on folder listing yes but not to map card to card$.ttl (there is no need for that it is by default whatever the value of searchIndex, for all files it is searched is there is $.extension)
boulderwebdev
@boulderwebdev
Hey Ya'll, I heard there is going to be a deprecation of nss to the inrupt pod-server
when is this planned?
Michiel de Jong
@michielbdejong
Hi @boulderwebdev! Yes, we’re still in the process of making that decision final, and it could still change if people disagree, but the current consensus here indeed seems to be that we should collectively switch to the new code base. Basically, I think we’re not enough people to split our efforts over the continued maintenance of two code bases, so then it’s probably best to mark nss as deprecated, and use the pod-server code both on inrupt.net and on solid.community. I think the topic will probably be on the agenda for the community call this Thursday so we can discuss it as a group, right @Mitzi-Laszlo? As for how to ramp up with the new code, @jaxoncreed and I can help you set up, configure and run it on your localhost, and Jackson is also publishing a beta-testing server for it. It should be compatible with the same on-disk data format, but it also introduces pluggable storage backends which we think is nice! :)
Mitzi László
@Mitzi-Laszlo
If there are any volunteers interested in maintaining the node solid server project please let me know and would be great if you could join the Solid call this week yes
Dan Keith
@DoctorBud
Is this, https://github.com/inrupt/pod-server, the future code base then?
Fred Gibson
@gibsonf1
A quick question (finally back in dev mode with our Solid app after 6 months) - what is the URI for retrieving the acl for a container? What I had earlier no longer works
Dan Keith
@DoctorBud
I think you just add .acl to the container path. For example: https://doctorbud.solid.community/public/.acl shows me the ACL for my public folder (you need to be logged in as me to see that, I think).
Also, if you haven't set 'specific sharing' for a folder, it appears there is no .acl available. But if you use the padlock icon in the Data Browser to set 'specific sharing for this item', then that creates the acl.
Arne Hassel
@megoth_twitter
the proper way is to check for the ACL link in the header of the document you want to add a ACL resource for - usually it’s just <path>.acl, but it could differ, so the standard says to check the ACL link
if you get a 404, the client can check the parents of the resource to try to find the ACL resource that is inherited
Fred Gibson
@gibsonf1
I get this with my <path>.acl call, but no apparent acl object:
image.png
Just trying to download the folder structure
'specific sharing' - maybe that is the issue - where can I read more on that?
(I mean no apparent acl permission)
Is there a simple example reference on how to download the container structure for a pod?
Arne Hassel
@megoth_twitter
I think maybe the part on ACL Resource Location Discovery is a good read for you - https://github.com/solid/web-access-control-spec#acl-resource-location-discovery
Fred Gibson
@gibsonf1
Thanks!
Dan Keith
@DoctorBud
Thanks, @megoth_twitter , that's a useful doc