- pdurbinAnyway, if I see the postgres PR, I think I'll have more context. I hope. ๐
- Don SizemoreDhmmm.
log in and get the associated session cookie from the browser
- pdurbinoff by default, please ๐
- https://github.com/GlobalDataverseCommunityConsortium/dataverse-ansible/pull/280 is helping. We put the postgres driver in the war these days?
- I guess that's exactly whatOpoikilotherm (CEST,UTC+2) said in issue 6.
- So yeah, stop adding it again, I guess.
- approved
- (untested)
- Don SizemoreDso, for Docker development one would set
DATAVERSE_FEATURE_API_SESSION_AUTH=1
as an env var.
looks like domain.xml ranks third in order of preference? https://docs.payara.fish/community/docs/Technical%20Documentation/MicroProfile/Config/Overview.html - we haven't distributed a PG JDBC driver for a while but I kept it in there to support installation of older versions. probably kept it far too long.
- pdurbinsure, an env var should work
- many ways to skin that cat ๐ฑ
- Don SizemoreDso, Ansible would need to set that for the service account user, in some dot file read by multiple shells
- pdurbinyou could also use a JVM option
- Don SizemoreDa config file would be preferable, if there's a preferred place to stash those. would the jvm-option be simply api.session.auth?
- pdurbinI'm pretty sure it's dataverse.api-session-auth but the docs aren't super clear
- Don SizemoreDwill test ^^. thanks
- pdurbin
yep:
<jvm-options>-Ddataverse.feature.api-session-auth=true</jvm-options>
from my dev1 server
- oh, "feature" in there too ^^
- glad I checked ๐
- Don SizemoreDexcellent. syntax is crucial
- pdurbinneed better docs
- Don SizemoreDI may enable it in the Jenkins YML and disabled it elsewhere
- not that ITs can currently do anything with it, but it'll be there
- pdurbinsure, sounds fine
- when I spun up dev1 a few months ago I believe I used the jenkins yml
- I figure it gets tested a lot ๐
- Don SizemoreDoh, BTW: I booked the Ibis north today, you saw. I also booked a hotel Thursday night within walking distance of the Porto airport. I am so relieved to have this stuff squared away.
- so I can roll out of bed Friday morning and be on the plane by 1230
- pdurbinHmm, that's smart, to spend the last night in Porto.
- Don SizemoreDAs long as my luggage makes it there, and I make it back, I'm good.
- pdurbinI just found out that three more people from IQSS are going, in addition to the original four.
- Don SizemoreDexcellent! y'all are going to need a Vrbo
- pdurbinha, Sonia suggested that actually
- I said it would bring us together like never before.
- Don SizemoreDget one with a pool, I'll come visit
- pdurbinabsolutely
- poikilotherm (CEST,UTC+2)
Got a container now ๐This reply could not be found. - pdurbinI was also told to stop spinning up so many EC2 instances. Too expensive. ๐ฐ๏ธ
- Hey, who wants to help with a Keycloak thing? conf/keycloak/oidc-realm.json wasn't imported.
- poikilotherm (CEST,UTC+2)No. Second. These are system properties, which are defined with ordinal 300 IIRC in the MPCOnFIg spec
In reply to
DDon Sizemoreso, for Docker development one would setDATAVERSE_FEATURE_API_SESSION_AUTH=1
as an env var.
looks like domain.xml ranks third in order of preference? https://docs.payara.fish/community/docs/Technical%20Documentation/MicroProfile/Config/Overview.html - Please make use of the directory config source, that's why I extended it
In reply to
DDon Sizemorea config file would be preferable, if there's a preferred place to stash those. would the jvm-option be simply api.session.auth? - I do have that dream of a config file as well though
- Anyone keen on experimenting writing a simple JDBC driver backed by a TOML file? It only needs read ops
- * Anyone keen on experimenting on writing a simple JDBC driver backed by a TOML file? It only needs read ops
- * Anyone keen on experimenting to write a simple JDBC driver backed by a TOML file? It only needs read ops
- * Anyone keen on experimenting to write a simple JDBC driver backed by a TOML file? It only needs read ops and a file watcher to reload on changes
- Ppdurbin: wrt to your ansible PR comment...
- Maybe this is a German language thing, but in this context saying
> now
is hilarious ๐คฃ - ๐ฅฐ
- pdurbinbecause it's been years?
- bah, Keycloak. what am I doing?
- ah, ha, maybe I found it
- poikilotherm (CEST,UTC+2)Woo-hoo! Can't do much on my mobile I'm afraid
- Just rant, gossip and be a weirdo ๐๐๐
- pdurbinit was a confusing UI thing
- poikilotherm (CEST,UTC+2)Oh?
- pdurbinI'm like, how do I list my realms?
- but you're in a realm
- the master realm
- and you have to figure out how to switch to the other one
- poikilotherm (CEST,UTC+2)D'Oh!
- pdurbinwhich I now (NOW I say) know how to do
- poikilotherm (CEST,UTC+2)I have no idea how I'd do that
- pdurbinwell now there's a handy screenshot: https://github.com/IQSS/dataverse/pull/9532#issuecomment-1544573402
- poikilotherm (CEST,UTC+2)Up till now I found the Keycloak docs not holding up to our Dataverse standards. So I'd even have no clue where to look in thos
- Aha!
- pdurbinI added more screenshots and errors. Anything I'm doing obviously wrong? https://github.com/IQSS/dataverse/pull/9532#issuecomment-1544573402
- Don SizemoreD@poikilotherm is "now" funny because I've sat on that issue for 3 years, or is there a double entendre?
- pdurbinmust be a German thing
- pdurbin๐ป
- Vincent Arel-Bundock joined the room
- Don SizemoreDOpoikilotherm (CEST,UTC+2): on directory config source. is the default
domain1/secrets/
sufficient? I ask because docker-compose-dev.yml usesdocker-dev-volumes/app/secrets/
- poikilotherm (CEST,UTC+2)DDon Sizemore: it may be sufficient if you like it ๐
- I'm deliberately changing this in the container to /secrets so it becomes easier to use in that context
- (Usually secrets do become mounted as files, mapped from some place else, so making the path shorter is what folks love to see)
- pdurbinOur annual IT summit is back for the first time since the pandemic but it conflicts with #dataverse2023. Bummer. ๐ข https://itsummit.harvard.edu
- "Self-directed option: choose your own topic" on the hackathon page. We could have had a hackathon for Dataverse!
- poikilotherm (CEST,UTC+2)We still can. I'll be there on Saturday already. All Sunday for happy hacking!
- pdurbinAnd Thursday! Who's with me?!
- poikilotherm (CEST,UTC+2)I have a suspicion thatJJohannes Darms might be there on the same days. He might be flying in from DUS just as me ๐
- Don SizemoreDOpoikilotherm (CEST,UTC+2): I'm wrestling with using
secrets/
to include non-sensitive configuration bits, but happy to do so to keep it all in one directory. - poikilotherm (CEST,UTC+2)I'm not sure what your problem may be... ๐ค
- pdurbin"Hi Philip- Iโll make a note to connect for next yearโs planning, maybe we could even look into a challenge sponsored by Dataverse! -Amy"
- pdurbinHave a good weekend and Happy Mother's Day!
- omooaiya joined the room
- omooaiya changed their name to Omo Oaiya
- @omooaiya:matrix.ren.ng left the room