Clinton Ebadi [Sat, 1 Dec 2018 20:45:39 +0000 (15:45 -0500)]
remove lib32 gunk
no longer needed on stretch; libpq5:i386 can be installed alongside
libpq5:amd64 and everything seems to run fine without this.
Clinton Ebadi [Sat, 1 Dec 2018 20:44:49 +0000 (15:44 -0500)]
portal: update server to run create-user on to gibran
Clinton Ebadi [Fri, 30 Nov 2018 03:30:32 +0000 (22:30 -0500)]
stripe: send mail using mail-ipv4.hcoop.net
Digital Ocean is obnoxious and we can't send anything to
mail.hcoop.net on-site due to outgoing SMTP being blocked over IPv6.
Clinton Ebadi [Mon, 4 Jun 2018 00:19:07 +0000 (20:19 -0400)]
stripe: allow cards without cvc to pass verification
We really only care about failure, no cvc should be just as good as
passed.
Clinton Ebadi [Sun, 22 Apr 2018 19:51:30 +0000 (15:51 -0400)]
hide message about portal location
we moved over three years ago, not really news anymore
Clinton Ebadi [Sun, 22 Apr 2018 19:02:11 +0000 (15:02 -0400)]
Finally excise remaining references to Google Checkout
Resolves https://bugzilla.hcoop.net/show_bug.cgi?id=1203
Clinton Ebadi [Sun, 22 Apr 2018 18:04:16 +0000 (14:04 -0400)]
users: filter retired by default, remove dead code
grandfather users / who hasn't migrated code was just for migration
to peer1, in 2007.
Clinton Ebadi [Sun, 22 Apr 2018 17:21:12 +0000 (13:21 -0400)]
apt: new process for package install on puppet nodes
Clinton Ebadi [Tue, 10 Apr 2018 22:26:17 +0000 (18:26 -0400)]
portal: blacklist spam domain
Clinton Ebadi [Tue, 3 Apr 2018 00:28:39 +0000 (20:28 -0400)]
join: support for blocking spam domains
deny applications from list of domains by marking the email address
invalid. prevents trivial attack.
hcoop [Sun, 4 Mar 2018 20:30:51 +0000 (15:30 -0500)]
money: temporarily hide "co-op balance" due to inaccuracy
Will be manually updated until books are reconciled
clinton_admin [Sun, 27 Aug 2017 19:13:34 +0000 (15:13 -0400)]
passgen: ensure sufficient character classes
Force numeric, cap, and small letters in generated passwords
Clinton Ebadi [Fri, 29 May 2015 03:49:59 +0000 (23:49 -0400)]
Switch back to Stripe live key
Clinton Ebadi [Sun, 24 May 2015 23:01:02 +0000 (19:01 -0400)]
cron: fix typo on default crontab
Clinton Ebadi [Sun, 24 May 2015 22:48:06 +0000 (18:48 -0400)]
Clarify copyright/licensing (GPLv3+)
Need to go back through commit history and add copyright headers, but
the basic information is now there.
From: Adam Chlipala <adam@chlipala.net>
Subject: Re: Portal source license?
To: Clinton Ebadi <clinton@unknownlamer.org>
Date: Tue, 25 Feb 2014 08:35:37 -0500 (1 year, 12 weeks, 4 days ago)
I'm happy with any of the licenses you mention, at your preference.
On 02/21/2014 02:05 PM, Clinton Ebadi wrote:
> Greetings,
>
> I was dusting off the portal install and moving it over to navajos when
> I noticed that it does not have *any* licensing information
> attached. Luckily, no one but you, me, and bpt have touched it so fixing
> that should be easy.
>
> Do you have any opposition to licensing it AGPLv3+ or GPLv3+? Since it's
> a web service, I'd prefer AGPLv3+ (it doesn't appear to depend on
> anything that would make it burdensom to license it that way, and it's
> trivial to add a link in the footer to the git repo to satisfy the
> AGPLv3's source requirement), but since you wrote most of it... If you
> have some objection to the version 3 GNU licenses, GPLv2+ like domtool
> et al is fine by me as well.
Clinton Ebadi [Sun, 24 May 2015 22:46:51 +0000 (18:46 -0400)]
include portal crontab
Clinton Ebadi [Sun, 24 May 2015 22:36:00 +0000 (18:36 -0400)]
contact: fix build
Emergency contact directory has never been used, but it is being
generated again.
Clinton Ebadi [Sun, 24 May 2015 21:25:00 +0000 (17:25 -0400)]
release portal3 into production
Clinton Ebadi [Sun, 24 May 2015 21:22:19 +0000 (17:22 -0400)]
Fix references to /home/hcoop
Clinton Ebadi [Sun, 8 Feb 2015 19:03:02 +0000 (14:03 -0500)]
money: make boot and freeze worthy lists easier to use
Right align money and add transaction history link
Clinton Ebadi [Sun, 8 Feb 2015 02:13:03 +0000 (21:13 -0500)]
money: hide equalize balances
If it did work it is way too dangerous to leave out in the open for
accidental clicking -- it destructively modifies all balances to be
equal. Not even sure what it is there for.
Clinton Ebadi [Sun, 8 Feb 2015 02:02:19 +0000 (21:02 -0500)]
use table.data css class in a few more places to make lists more readable
Clinton Ebadi [Sun, 8 Feb 2015 01:32:26 +0000 (20:32 -0500)]
sec: use jquery ui tabs for machines in security preferences
This will degrade gracefully and operate without javascript. The
previous interface of having to switch by submitting a form was
unpleasant.
Note that it makes little sense to have cron permissions on webservers
you can't login to, and we're down to just firewall and cron prefs
here. The page should probably be converted to just firewall rules,
and cron prefs handled in a separate support page (and both new pages
moved to Support).
Clinton Ebadi [Sat, 7 Feb 2015 21:03:05 +0000 (16:03 -0500)]
sec: split normal user view into its own template
Clinton Ebadi [Sat, 7 Feb 2015 21:02:23 +0000 (16:02 -0500)]
fix stray tag
Clinton Ebadi [Sat, 7 Feb 2015 19:49:07 +0000 (14:49 -0500)]
sec: nuke ftp request support
We haven't supported ftp for ages and there's no reason to in the
future (it was effectively unused, because sftp).
Clinton Ebadi [Sat, 7 Feb 2015 19:46:08 +0000 (14:46 -0500)]
sec: note the set of common services in firewall request text
Clinton Ebadi [Sat, 7 Feb 2015 19:32:25 +0000 (14:32 -0500)]
Prepend machine name to firewall requests so that they are valid
The firewall rules are a lie or something like that.
Clinton Ebadi [Tue, 7 Oct 2014 04:10:56 +0000 (00:10 -0400)]
vmail: use domtool-portal to update vmail passwords
This disentangles the portal from having to run on the same machine as
the IMAP server.
Clinton Ebadi [Sat, 4 Oct 2014 23:02:23 +0000 (19:02 -0400)]
cert: remove obsolete suggestion you need a dedicated IP for TLS
Clinton Ebadi [Sat, 4 Oct 2014 23:00:23 +0000 (19:00 -0400)]
Run domtool as hcoop.daemon instead of hcoop
Previous releases inadvertently took advantage of a weakness in
domtool's afs acls to access the hcoop key when interacting with
domtool. Now that it has been fixed, a dummy domtool user
`hcoop.daemon' with no permissions exists so that it can authenticate
to domtool and perform the simple queries required by the portal.
We still have to set DOMTOOL_USER internally because suexec scrubs the
environment and using mod_env to set it does not work.
Clinton Ebadi [Sat, 4 Oct 2014 21:21:29 +0000 (17:21 -0400)]
join: update welcome message to mention Paypal pre-auth
Clinton Ebadi [Sat, 4 Oct 2014 21:21:04 +0000 (17:21 -0400)]
Use correct wiki url in firewall ports request help
Clinton Ebadi [Sat, 4 Oct 2014 21:18:21 +0000 (17:18 -0400)]
join: Remove old filesystem initial password storage cruft
Clinton Ebadi [Tue, 15 Apr 2014 21:02:47 +0000 (17:02 -0400)]
Stripe: Append amount to checkout widget description
Clinton Ebadi [Tue, 15 Apr 2014 20:42:20 +0000 (16:42 -0400)]
Make including cents portion in money inputs optional
Clinton Ebadi [Tue, 15 Apr 2014 20:37:52 +0000 (16:37 -0400)]
Use hidden element to store stripe amount in cents
Prevents browser from briefly showing incorrect amount
Clinton Ebadi [Tue, 15 Apr 2014 02:01:38 +0000 (22:01 -0400)]
Fix html structure in money normal member view
Clinton Ebadi [Fri, 11 Apr 2014 17:56:07 +0000 (13:56 -0400)]
Improve cert request
* List user's certificates and ca intermediate certificates
* Note manual step needed to get intermediate cert permissions
* Add subdomain, to make it easier (for the admins) to add multiple
certs per domain
Clinton Ebadi [Fri, 11 Apr 2014 17:54:26 +0000 (13:54 -0400)]
Generalize querying domtool permissions
Clinton Ebadi [Sun, 30 Mar 2014 03:30:38 +0000 (23:30 -0400)]
Ask applicants for payment authorization after email confirmation
Suggest $10, authorization expires after 30 days if we do
nothing. This should smooth out the join process a bit.
Clinton Ebadi [Sat, 29 Mar 2014 10:04:41 +0000 (06:04 -0400)]
Remove Google Checkout address from preferences
Clinton Ebadi [Sat, 29 Mar 2014 09:57:49 +0000 (05:57 -0400)]
Split stripe payment/admin scripts
Use an ugly hack of a module for common code. We are restricting
access to stripe-admin.cgi using apache and a group file. The portal
should generate the group file.
Clinton Ebadi [Sat, 29 Mar 2014 08:32:41 +0000 (04:32 -0400)]
Initial Stripe payment rejection support * Store rejected transactions * Command needs to be in a separate cgi only accessible by members of the money group
Clinton Ebadi [Sat, 29 Mar 2014 02:23:58 +0000 (22:23 -0400)]
Display node name before firewall rules
Clinton Ebadi [Thu, 27 Mar 2014 23:21:14 +0000 (19:21 -0400)]
stripe: Use context managers for error handling in cgi
Clinton Ebadi [Tue, 25 Mar 2014 05:41:02 +0000 (01:41 -0400)]
Use new payment-tile for a few interface elements
Clinton Ebadi [Tue, 25 Mar 2014 05:37:16 +0000 (01:37 -0400)]
A bundle of minor improvements
* Use html5 form validation to improve the error experience
* Default IP address requests to bog
* List domains the member controls on the domain request page
* Pre-fill cert path with $HOME/certificates on cert request page
* Hide certificate signing request page since we're not really doing
that anymore
Clinton Ebadi [Tue, 25 Mar 2014 05:29:49 +0000 (01:29 -0400)]
Join: usernames must be between two and twelve characters
One character usernames would be cool, except for the whole
/afs/hcoop/net/user/a/ab thing
Clinton Ebadi [Tue, 25 Mar 2014 04:46:24 +0000 (00:46 -0400)]
Only display active nodes for support requests
We need to keep old nodes around for historical data to remaining
consistent, but there's no need to clog up the interface with them.
Clinton Ebadi [Tue, 25 Mar 2014 04:45:31 +0000 (00:45 -0400)]
Trim leading/trailing spaces from name in Real Name search
Paypal has an before names, making the process of finding by
name more obnoxious than it need be
Clinton Ebadi [Sat, 22 Mar 2014 21:31:37 +0000 (17:31 -0400)]
Show current disk use and quota in MiB
Clinton Ebadi [Sat, 22 Mar 2014 21:26:58 +0000 (17:26 -0400)]
Improve long table display
* Alternate row colors with css
* Right align money and kilobytes columns
Clinton Ebadi [Sat, 22 Mar 2014 21:22:52 +0000 (17:22 -0400)]
Use new warning class instead of element style
Clinton Ebadi [Sat, 22 Mar 2014 21:21:36 +0000 (17:21 -0400)]
Use HTML5 field validation in join form
Clinton Ebadi [Sat, 22 Mar 2014 07:50:41 +0000 (03:50 -0400)]
Minor html fixes
Clinton Ebadi [Sat, 22 Mar 2014 07:49:54 +0000 (03:49 -0400)]
Initial support for Stripe (And Improve Paypal)
* payment.mlt embeds Stripe checkout widget
* stripe-payment.cgi charges the transaction setup by the widget and
notifies the treasurer
* Charged but unapplied payments are stored in a transaction log
* Payments are applied semi-automatically, with processed payments
stored in another log
* Paypal amounts can be entered on the payment page directly
Clinton Ebadi [Sat, 22 Mar 2014 07:42:51 +0000 (03:42 -0400)]
Remove more Google Checkout code
Clinton Ebadi [Sat, 22 Mar 2014 07:41:40 +0000 (03:41 -0400)]
Close main div before body
Clinton Ebadi [Thu, 20 Mar 2014 18:49:45 +0000 (14:49 -0400)]
Add [X]HTML5 DTD to header
Clinton Ebadi [Wed, 19 Mar 2014 14:22:21 +0000 (10:22 -0400)]
Make initial password harder to miss
A lot of new members have lost their passwords, put it in a big red
box to make it impossible to miss.
clinton_admin [Thu, 13 Mar 2014 09:00:27 +0000 (05:00 -0400)]
Merge remote-tracking branch 'origin' into portal3
clinton_admin [Wed, 5 Mar 2014 06:27:45 +0000 (01:27 -0500)]
Remove google checkout code from payment page
clinton_admin [Wed, 5 Mar 2014 06:27:25 +0000 (01:27 -0500)]
Mention paypal is gone to members and point them at the wiki
Clinton Ebadi [Tue, 25 Feb 2014 10:59:30 +0000 (05:59 -0500)]
Use sendmail and not exim4 for mail
Clinton Ebadi [Tue, 25 Feb 2014 10:35:05 +0000 (05:35 -0500)]
Track page header and footer
Clinton Ebadi [Tue, 25 Feb 2014 10:24:56 +0000 (05:24 -0500)]
Use correct passgen db name
Clinton Ebadi [Tue, 25 Feb 2014 10:24:44 +0000 (05:24 -0500)]
New static file root configuration knob
Clinton Ebadi [Tue, 25 Feb 2014 10:24:13 +0000 (05:24 -0500)]
join: update library paths, install to new location
Clinton Ebadi [Tue, 25 Feb 2014 10:23:48 +0000 (05:23 -0500)]
join: intelligent error printing for IO exceptions
Clinton Ebadi [Tue, 25 Feb 2014 10:23:23 +0000 (05:23 -0500)]
join: username limit is 12 characters, not 8
Clinton Ebadi [Tue, 25 Feb 2014 10:23:06 +0000 (05:23 -0500)]
passgen: use portal config, build fixes
Clinton Ebadi [Tue, 25 Feb 2014 10:22:01 +0000 (05:22 -0500)]
Balance reminders: build on modern systems
Clinton Ebadi [Tue, 25 Feb 2014 10:21:36 +0000 (05:21 -0500)]
Member directory: use portal config, build on 64-bit systems
Clinton Ebadi [Tue, 25 Feb 2014 10:20:51 +0000 (05:20 -0500)]
join: use generic sendmail instead of exim4
sendmail will be linked to whatever mta is available
Clinton Ebadi [Tue, 25 Feb 2014 10:20:24 +0000 (05:20 -0500)]
Store static portal files in repo and install with Makefile
Clinton Ebadi [Tue, 25 Feb 2014 10:19:25 +0000 (05:19 -0500)]
join: use main portal config
Clinton Ebadi [Tue, 25 Feb 2014 00:50:23 +0000 (19:50 -0500)]
Make webbw stats location configurable
Clinton Ebadi [Tue, 25 Feb 2014 00:49:39 +0000 (19:49 -0500)]
Update config for new installation
Installation has been fully relocated into afs space
Clinton Ebadi [Tue, 25 Feb 2014 00:48:31 +0000 (19:48 -0500)]
Render meaningful message for linking errors
Clinton Ebadi [Fri, 21 Feb 2014 19:52:05 +0000 (14:52 -0500)]
Improve header generation, slightly
* Makefiles have a common install prefix now, and run everything from
that prefix
* The prefix is passed as an argument to each of the header scripts
for easier relocation
* Main Makefile automatically reinstalls scripts when they change
* Added `clean' target
Clinton Ebadi [Fri, 21 Feb 2014 19:32:40 +0000 (14:32 -0500)]
Track hcoop header generating scripts
Clinton Ebadi [Fri, 15 Nov 2013 07:18:43 +0000 (02:18 -0500)]
Minor update for members directory under new website
Clinton Ebadi [Fri, 15 Nov 2013 07:18:02 +0000 (02:18 -0500)]
Search by real name in money matters
I hear this will make the life of a treasurer much easier for that
occasional member with out of date payment info.
Clinton Ebadi [Fri, 18 Jan 2013 09:08:20 +0000 (04:08 -0500)]
Show the "add your link" dialog BEFORE hosted sites list
Basically zero people realized they could add their site because it is
all the way at the end of a very long list.
Clinton Ebadi [Fri, 18 Jan 2013 09:07:39 +0000 (04:07 -0500)]
Merge a few cleanups inspired by bpt's redesign
Regroup a few things, remove redundant language to avoid multi-line
list items in the side bar, update dead links, remove stuff like MRTG
that never worked.
Clinton Ebadi [Thu, 17 Jan 2013 07:57:28 +0000 (02:57 -0500)]
Allow board members to view roll call
Clinton Ebadi [Wed, 16 Jan 2013 07:01:06 +0000 (02:01 -0500)]
Don't lose node when editing security request
Looks like a copy and paste problem
Clinton Ebadi [Wed, 16 Jan 2013 07:00:11 +0000 (02:00 -0500)]
Use fritz volumes instead of deleuze volumes for disk space stats
This will break when we have mail and user volumes on different volservers
Clinton Ebadi [Mon, 14 Jan 2013 08:30:22 +0000 (03:30 -0500)]
Default security requests to bog
Clinton Ebadi [Mon, 14 Jan 2013 08:30:01 +0000 (03:30 -0500)]
Update member directory stuff for new web site
Half complete, gets the job half done.
Clinton Ebadi [Sun, 6 Jan 2013 22:07:11 +0000 (17:07 -0500)]
Add temporary notice to main portal page notifying members of the migration
Clinton Ebadi [Sun, 6 Jan 2013 22:06:52 +0000 (17:06 -0500)]
Update `domtool-admin package-exists $node $pkg` for apt requests
Clinton Ebadi [Sun, 6 Jan 2013 22:06:03 +0000 (17:06 -0500)]
Update instructions for firewall rules requesters
Clinton Ebadi [Sun, 6 Jan 2013 22:05:47 +0000 (17:05 -0500)]
Change default node for security/apt requests to bog
Clinton Ebadi [Sun, 6 Jan 2013 22:04:53 +0000 (17:04 -0500)]
Add warning to members applying with gmail to whitelist
Clinton Ebadi [Sun, 16 Dec 2012 23:45:13 +0000 (18:45 -0500)]
Support request for ProxiedServer firewall rules
clinton_admin [Wed, 23 Feb 2011 12:43:48 +0000 (07:43 -0500)]
Fetch volume information from fritz instead of deleuze
* Ideally we'd be parsing the output of `vos examine {user,mail}.$USER
hcoop [Thu, 9 Dec 2010 00:02:10 +0000 (19:02 -0500)]
Update all connection strings to point to the new postgres host
hcoop [Sun, 3 Oct 2010 18:08:49 +0000 (14:08 -0400)]
Specify host for database connections