fedora-server
LOGS
17:00:53 <pboy> #startmeeting fedora-server
17:00:53 <zodbot_> Meeting started Wed Aug 17 17:00:53 2022 UTC.
17:00:53 <zodbot_> This meeting is logged and archived in a public location.
17:00:53 <zodbot_> The chair is pboy. Information about MeetBot at https://fedoraproject.org/wiki/Zodbot#Meeting_Functions.
17:00:53 <zodbot_> Useful Commands: #action #agreed #halp #info #idea #link #topic.
17:00:53 <zodbot_> The meeting name has been set to 'fedora-server'
17:01:05 <pboy> #topic Welcome / roll call
17:01:14 <pboy> Welcome to our Server WG IRC meeting today!
17:01:16 * cyberpear listens in
17:01:16 <cooltshirtguy> .hi
17:01:26 <pboy> Let's see who is present today.
17:01:35 <cooltshirtguy> .hello2
17:01:39 <cooltshirtguy> i was forget that
17:01:41 <cooltshirtguy> .hello
17:01:45 <cooltshirtguy> :P
17:01:45 <pboy> Please, everybody who is lurking, say either .hello2 or .hello <fasname>
17:01:59 <cooltshirtguy> its broken
17:02:22 <cooltshirtguy> .hello cooltshirtguy
17:02:24 <pboy> Zodbot sometimes acts a bit bitchy.
17:02:34 <cooltshirtguy> i see that
17:08:11 <jwhimpel> .hello2
17:08:16 <pboy> Hmm, it's not exactly crowded here. :-)
17:09:18 <pboy> We need at least 3 formal members for a meeting, so we meet the quorum.
17:09:32 <pboy> I think, we should start now.
17:10:16 <pboy> cyberpear: I'm afraid there's not that much to listen today.  :-)
17:10:22 <pboy> But welcome!
17:10:36 <pboy> I’ll post the agenda
17:10:44 <pboy> #topic Agenda
17:10:52 <pboy> #link https://pagure.io/fedora-server/report/Meeting
17:11:00 <pboy> #info Follow up actions
17:11:08 <pboy> #info  Final decision about an updated Fedora Server Technical Specification
17:11:17 <pboy> #info Using Ansible to install and configure Wildfly
17:11:24 <pboy> #info  Initial discussion about revisiting Fedora Server release criteria
17:11:33 <pboy> #info Open Floor
17:11:42 <pboy> Any additional topic / issue / comment ?
17:12:52 <pboy> #topic  Follow up actions
17:13:03 <pboy> #info DONE pboy will create a next version of the techn. spec. containing our agreements on July 20.
17:13:10 <pboy> #link https://docs.fedoraproject.org/en-US/server-working-group/docs/server-technical-specification/
17:13:22 <pboy> No further outstanding action items at the moment as far as I know.
17:15:08 <pboy> Just as an info: There are probs with our Server VM addition. The pull request to add the kickstart file has not been carried out, yet.
17:16:00 <pboy> I hope, we get it done before final change dead line.
17:16:23 <pboy> Anything else?
17:17:08 <pboy> OK, next topic.
17:17:16 <pboy> #topic Final decision about an updated Fedora Server Technical Specification
17:17:25 <pboy> #link https://pagure.io/fedora-server/issue/58
17:17:49 <pboy> #info  Latest version  https://docs.fedoraproject.org/en-US/server-working-group/docs/server-technical-specification/
17:17:59 <pboy> #link https://lists.fedoraproject.org/archives/list/server@lists.fedoraproject.org/thread/UANJIACVFI5E7LCOMLXKWJFMK4GTL6IS/
17:18:15 <pboy> How should we proceed?
17:18:54 <pboy> Maybe, we step throught the latest comments?
17:19:22 <pboy> And maybe, we should start a voting and not just agree here?
17:19:36 <jwhimpel> I don't recall if the issues raised at our last meeting were resolved or not.  If they were, let's go ahead and publish it.
17:20:33 <pboy> jwhimpel: They are resolved, except for 2 alternatives to the file system
17:21:15 <cooltshirtguy> I'm looking
17:21:40 <cooltshirtguy> where's the part about the file systems ?
17:22:31 <cooltshirtguy> the one about lvm with xfs
17:22:38 <pboy> The other items are something I missed to add and ideas by Adam Williamson we were already aware of, but decided to leave it as is for the time being.
17:23:04 <pboy> cooltshirtguy yes, section  1.2
17:23:47 <cooltshirtguy> gotcha
17:27:06 <jwhimpel> I don't feel qualified to know the best default partitioning/filesystem options to be used as defaults in "Fedora Server".
17:28:18 <pboy> We don't say what is the best. I just describe what we decided to take a default, and the reason for that.
17:28:20 <cooltshirtguy> I favor alt1
17:28:33 <cooltshirtguy> if i had to choose :)
17:28:56 <pboy> And I think, we really should decribe that.
17:29:27 <cooltshirtguy> I always separate /home no matter what. server, desktop, etc.
17:29:59 <pboy> cooltshirtguy Yes, that's a long standing unix best practise
17:31:16 <pboy> Question: can we agree about alt. 1? And should we do a voting?
17:31:32 <pboy> I just look, what we did with the current version .....
17:32:19 <jwhimpel> Editing suggestion:  Unindent the last two sentences of Alternative 1. Or bring them up to the solid bullet level.
17:33:01 <cooltshirtguy> agree with jwhimpel on that
17:33:05 <pboy> jwhimpel: Yes, they are indented to make the alternatives better visible.
17:33:23 <pboy> Just an editorial temporary measure.
17:34:09 <pboy> So, we agree about alt 1
17:34:49 <pboy> #agreed  The technical spec will be alternative 1 in section 1.2
17:35:02 <jwhimpel> Editing suggestion: Change "Common options are" to "The installer must also support the following common options"
17:35:07 <pboy> what do you think about voting?
17:35:28 <cooltshirtguy> i'm good with alt1
17:35:32 <pboy> jwhimpel: agreed to that
17:35:52 <jwhimpel> I support alt #1 with suggested editing changes.
17:35:55 <pboy> It's way the better english, I'm sure
17:36:50 <pboy> With the last version there is no explicit mention about voting, as it is with the PRD.
17:37:19 <pboy> So I think, we can do without voting, as well.
17:39:26 <jwhimpel> This document is not immutable and thus change be changed later if ideas for improvements surface later.  Let's move on for now.
17:40:09 <jwhimpel> s/change be/can be/
17:40:46 <pboy> jwhimpel agreed! Therefore:
17:40:56 <pboy> #proposal: WG agrees about the techn.spec. in the current version, with alt. 1 fpr section 1.2 and editorial adaptations as discussed.
17:41:41 <pboy> discussed. -> discussed today
17:42:03 <pboy> 3
17:42:14 <pboy> 2
17:42:24 <pboy> 1
17:42:40 <pboy> agreed: WG agrees about the techn.spec. in the current version, with alt. 1 for section 1.2 and editorial adaptations as discussed today.
17:43:08 <pboy> Puh, done.
17:43:26 <pboy> That was a difficult and time consuming process.
17:44:04 <pboy> Let's switch to the real work and server improvment:
17:44:13 <pboy> #topic Using Ansible to install and configure Wildfly
17:44:23 <pboy> #link  https://pagure.io/fedora-server/issue/60
17:44:32 <pboy> #link https://lists.fedoraproject.org/archives/list/server@lists.fedoraproject.org/thread/YV7XFPYLMVFYLJWISCNPXFBNS6YZKDRK/
17:44:50 <pboy> Mailing List: https://lists.fedoraproject.org/archives/list/server@lists.fedoraproject.org/thread/LY4IQ3RHLFPRFS5X44D2KFWMLJVT4RVS/
17:45:24 <pboy> This is one of the central building blocks of our Server Roles.!
17:45:44 <pboy> I am very excited.
17:45:56 <pboy> 5 Mins to read?
17:46:05 <jwhimpel> I have installed wildfly on my local server.  I am trying to require ssl (tls) on the communications between the proxy server (apache) and wildfly.
17:46:23 <cooltshirtguy> are you using ansible to install ?
17:46:32 <jwhimpel> I  tried following the procedure at: https://developer.jboss.org/people/fjuma/blog/2018/08/31/obtaining-certificates-from-lets-encrypt-using-the-wildfly-cli#jive_content_id_Obtaining_a_certificate_from_Lets_Encrypt
17:46:45 <jwhimpel> coolshirtguy: yes.
17:46:55 <pboy> I remember issues with the certificate?
17:47:34 <jwhimpel> When I follow Farah Juna's blog procedure to install and configure the certificates, I get an error in the final command to jboss-cli.sh shown in her blog.
17:47:46 <cooltshirtguy> do you have a link the playbook?
17:48:01 <jwhimpel> I have also tried the procedure found at https://github.com/antoniopaolacci/Let-s-Encrypt-Certificate-and-JBoss-WildFly
17:48:37 <jwhimpel> coolshirtguy:  Not at the moment, but I can find time tomorrow to put up a link and send it to the ML.
17:49:25 <jwhimpel> The gihub procedure requires inserting xml into standalone.xml.  But it doesn't say where to make the insertion.
17:50:03 <jwhimpel> This is a copy of my standalone.xml https://www.dropbox.com/s/zrj1kd1ws2aeoeq/standalone.xml?dl=0
17:50:49 <jwhimpel> If someone would spin up wildfly and follow the instructions in Farah Juma's blog, that would tell me if the issue is my my server or in the instructions.
17:50:59 <pboy> The xml looks fine at teh first view.
17:51:29 <pboy> According to the error message, it is an issue with the letsencrypt server, I think.
17:51:36 <jwhimpel> Or if someone could tell me where to insert the xml into standalone.xml as described in the github example, that would be greatly appreciated.
17:52:21 <jwhimpel> I think so to.  I would like to find the src repository to jboss-cli to see what options are being passed to certbot, but I don't know where to look.
17:52:40 <pboy> jwhimpel I can ask our wildfly expert.
17:53:07 <jwhimpel> wildfly is provided as a compressed file and not an rpm, so the contents of the source are not immediately obvious.
17:53:59 <pboy> And you are running Wildfly in collapsed mode?
17:54:07 <cooltshirtguy> lol find the section..
17:54:38 <jwhimpel> I'm not sure what you mean by "collapsed mode".
17:55:01 <jwhimpel> I'm running it as a standalone single instance.
17:55:31 <cooltshirtguy> https://docs.wildfly.org/14/Admin_Guide.html section 6
17:55:31 <pboy> I mean, as a war file, not converted / unpacked into a directory structure
17:56:05 <jwhimpel> I've check the audit files, the wildfly logs, the system journal, the let's encrypt logs and see nothing that would be of help diagnosing the issue.
17:56:06 <cooltshirtguy> seems like you put in the section for security-realms
17:56:41 <cooltshirtguy> its my 5 min guess looking at docs
17:57:58 <cooltshirtguy> https://docs.tibco.com/pub/mdm/9.1.0/doc/html/GUID-AA55613A-FD0C-4C64-A012-EA485ECC6FB8.html
17:58:04 <cooltshirtguy> tibco--
17:58:23 <jwhimpel> coolshirtguy:  I'm running as individual directories and files.  That's how it's delivered. Apps can run as war files.
17:58:39 <cooltshirtguy> ok
18:00:17 <jwhimpel> I'll look at the tibco stuff later today (I have 5 meetings already booked for this afternoon).  :-(
18:00:47 <cooltshirtguy> yuck, sorry to hear that
18:01:03 <pboy> jwhimpel:  I would like to follow your installation steps and try it out. Hopefully it gaves me an idea.
18:01:19 <cooltshirtguy> that's where I'm at.
18:01:23 <pboy> It that possible? Do you have something to support that?
18:01:28 <cooltshirtguy> need to duplicate the setup
18:01:45 <cooltshirtguy> that's why I asked about the Ansible playbook
18:02:19 <jwhimpel> I will try to take the "local references" (userids and stuff) out of my playbook and post it into gitlab.  Give me a few days.
18:02:40 <pboy> jwhimpel: GREAT
18:02:40 <cooltshirtguy> no problem
18:03:18 <jwhimpel> Our area has experienced severe flooding issues and I am leading part of the effort to help people recover.  The next few weeks are going to be very busy for me.  Please be a bit patient.
18:03:32 <pboy> So, we will try to reproduce the setup and the error message.
18:04:09 <jwhimpel> Got to run to my next meeting.  Thanks for listening.
18:04:20 <pboy> jwhimpel: We are. We have neglected this work for so long, unfortunately!!. So, some days are not an issue.
18:04:39 <pboy> Bye jwhimpel.
18:04:54 <pboy> And we are already out of time. So I switch to:
18:05:03 <pboy> #topic Open Floor
18:05:22 <pboy> Anything to discuss / comment /ask here?
18:05:35 <cooltshirtguy> nope
18:05:57 <pboy> OK, so let's close
18:06:05 <pboy> #endmeeting