Where and When =

in IRC on Freenode, channel: osgeo-sac

Web IRC client: https://webchat.freenode.net/ [https://www.timeanddate.com/worldclock/meetingdetails.html?year=2019&month=05&day=8&hour=20&min=0&sec=0&p1=217&p2=37&p3=43 Thursday May 8th 2019 20

Meetings Happened

Agenda

OSUOSL wants to get rid of osgeo4, most drives have failed we need two new - move everything off to OSGeo7 that needs moving, reformat and install lxd.

Since last we spoke secure, adhoc, old-web (which houses id.osgeo.org) have been moved to osgeo7. adhoc.osgeo.osuosl.org now points to osgeo7 Also setup a grass container which neteler is configuring to replace the current grass on osgeo6

New Server? We had planned to reformat osgeo3 as a secondary lxd host, but we might not have all stuff off it soon enough. wildintellect proposed getting a smaller secondary server.

We also toyed with osgeo6. Sadly osgeo6 OS (jessie) is already too old to support snap lxd, I think we can do with regular lxd, but that means it would be an older version than what is on osgeo7 so not a very good backup. Funtoo is another option - but two issues (I could only get it up to lxd 3.8 (will talk with funtoo about raising it higher), and it's only got

OSGeo7 - Have a download container on OSGeo7 only iffy thing is webdav. I can't get webdav with LDAP using nginx without doing a custom compile of nginx. So I settled on just webdav and an basic auth account for geotools.

I think geotools is the only one that uses the webdav so should be fine. Other issue is I couldn't make the webdav and non-webdav url the same so geotools is via https://download-testing.osgeo.org/geotools and the webdav is https://download-testing.osgeo.org/webdav/geotools. I see this as a temporary fix since geotools wishes to use artifactory or something more modernish.

DONE Got rid of wildcard cert ssl.com, for servers I couldn't migrate or haven't yet (I got a new wildcard cert from letsencrypt, that is what download.osgeo.org is using at the moment) and what the new-secure is using since it can't directly get a cert since it has no webserver and the cert would still need to be copied into the container. I plan to use this wildcard cert for general testing stuff or when we are inbetween getting a single domain cert.

Setup Bacula (need some thoughts on best way to go about this since osgeo7 is not setup quite the same and for some containers seems overkill to install a bacular fd client
DONE I rebuilt secure server as a debian 9 so it has the latest LDAP which means we can start thinking about changing the schema to support storing public keys
Wiki is old and needs to be replace

Talk about hardware plans

Should we get a new smaller server as a backup for osgeo7 lxd

Budget

OSUOSL donation and FunToo donation are we set?
- FunToo submitted to monthly payment plan, did treasurer figure it out?
- OSUOSL, need to submit request to treasurer.

System Contracts

DONE Regina System Contract in place and she worked (and used up the $5000)
Regina -- looking for second contract to finish off the work she started (like rebuilding wiki, enabling sshkeys in LDAP, changing wiki to use LDAP)
New contract for Vicky for supporting Wordpress www.osgeo.org,
- TODO: Draft contract and discuss
LDAP+SSH Keys
Migrating OSGeo Wiki Logins to OSGeo LDAP

Open tickets needing attention

2019.foss4g.org needs oauth with github - 22228 wildintellect should close if no further feedback from requester [CLOSED]
https://trac.osgeo.org/osgeo/ticket/2190 (Vicky has in progress, needs feedback) [DONE still need feedback? ] - Assume DONE DONE
- maybe we could also setup a domain like elections.osgeo.org too
- important that only CRO has access to elections stuff
#2199 Upload FOSS4G PDF Waiting for feedback from Studio 17 -CLOSED because of lack of response
[https://trac.osgeo.org/osgeo/ticket/2195 Blog account for Astride - this should be on www.osgeo.org? Asked for clarification - CLOSED because of lack of response
Domain Renewals (needs ticket)

SAC Meeting 2019-05

Contents