Roundup Tracker - Issues

Issue 2551087

classification
Title: Use SSL on www.roundup-tracker.org
Type: rfe Severity: minor
Components: Infrastructure Versions: devel
process
Status: fixed Resolution: fixed
Dependencies: Superseder:
Assigned To: rouilj Nosy List: ber, richard, rouilj, schlatterbeck
Priority: normal Keywords:

Created on 2020-08-07 12:19 by rouilj, last changed 2020-11-15 20:19 by rouilj.

Messages
msg6936 Author: [hidden] (rouilj) Date: 2020-08-07 12:19
I want to deploy https for the main website: www.roundup-tracker.org
(aka roundup.sourceforge.net). Ideally the http endpoints will
redirect to https.

The main docs are:
  
   https://sourceforge.net/p/forge/documentation/Convert%20your%20website%20to%20HTTPS/

It says it also upgrades php. AFAIK we don't use php so we don't care.

On the admin page (https://sourceforge.net/p/roundup/admin/ext/https/) it references
custom vhost docs with:

   Your virtual hosts (www.roundup-tracker.org, etc) can be upgraded
   to PHP 7.x if you change the DNS records to point to
   216.105.38.11 or for subdomains CNAME vhost2.sourceforge.net.
   They will continue to be served over HTTP. Custom VHost
   documentation.

I have checked the VHost docs (https://sourceforge.net/p/roundup/admin/ext/vhost/)
and there is a notice:

  Your VHOST domains will not work with HTTPS.

Hmph. I don't see a way to create a redirect page from the vhost domain to the https
domain since the http and https endpoints are the same directory on disk.

So this may mean we need to use:

  https://roundup.sourceforge.io

as our main url if we want https.

Also I have removed the wiki.roundup-tracker.org name from the alias table. The only
two aliases left are roundup-tracker.org and www.roundup-tracker.org.

Quips, comments, evasions, questions or answers?

-- rouilj
msg6937 Author: [hidden] (ber) Date: 2020-08-11 11:03
Hi John,

from my perspective we should not change the main url lightly.
(Unless we think about changing the name roundup to something less
associated with the herbicide anyway.)

And we do not want our main URL to contain "sourceforge" IMO.

It seems understandable that sourceforge cannot provide
TLS certificates easily for toplevel domains they do not fully control.
So it would need to be us that provides the TLS cert (should be possibly via Let's encrypt somehow).

https://sourceforge.net/p/forge/documentation/Custom%20VHOSTs/
does not list TLS or certificates or HTTPS. Maybe it is worth a question
to SF.

Or we should consider moving the hosting place. :/
msg6938 Author: [hidden] (rouilj) Date: 2020-08-12 03:49
Opened: https://sourceforge.net/p/forge/site-support/21104/
msg6939 Author: [hidden] (rouilj) Date: 2020-08-12 18:45
I got a response. I am requesting verification that
we can make these changes without downtime.

It looks like we need to move:

  www.roundup-tracker.org to roundup.sourceforge.io

and the apex record:

  roundup-tracker.org to 216.105.38.11

From my testing (added new ip to hosts file), it looks like http
is available at that site, so it should be doable without any
down time.

Who has the credentials to do that?

Richard?

Once this is done they can request ssl certs and we can migrate 
referring url's to https.

-- rouilj
msg6944 Author: [hidden] (ber) Date: 2020-08-13 07:28
Good you have asked. :)
msg6945 Author: [hidden] (rouilj) Date: 2020-08-19 19:03
Heard from Richard today. He is in crunch mode for a presentation
this weekend. So this change can occur later next week at the earliest.
msg6946 Author: [hidden] (rouilj) Date: 2020-08-26 00:39
tw at waldmann-edv.de has done the following DNS changes:

from:

  roundup-tracker.org.    600     IN      A       216.105.38.10
  www.roundup-tracker.org. 600    IN      CNAME   vhost.sourceforge.net.

to:

  roundup-tracker.org.    600     IN      A       216.105.38.11
  www.roundup-tracker.org. 600    IN      CNAME   roundup.sourceforge.io


he also changed:

  *.roundup-tracker.org to point to 216.105.38.11

I have updated the sourceforge ticket asking them to install certs.
msg6947 Author: [hidden] (rouilj) Date: 2020-08-27 20:01
Https is enabled. We are running both http and https at this point.

AFAICT the web site under both names (https://www... and just
https://roundup-tracker.org) are working fine. Internal links are 
redirecting to the same base site.

Does anybody want to take a look and in about 16 hours, I'll ask
them to make it all https (http redirects to https I assume)
and close out this ticket.
msg6948 Author: [hidden] (rouilj) Date: 2020-08-28 15:30
No issues reported. So asked them to install the redirect from http
to https.

Once that is done the links for:

  Home,
  Docs,
  Contact,
  Code

in the templates for issues.roundup-tracker.org and
wiki.roundup-tracker.org need to change to point to https.

Bern, can you/we make the changes to wiki or do I have to ask
Thomas for help?

Also http://roundup.sourceforge.net/ needs to be dealt with somehow.
I added that to the sourceforge ticket. Hopefully it just comes out in 
the wash.

Misc updates:

    Update references to http://www and http://roundup 
       in roundup code base (setup.py et. al) and doc.
       and check into hg.

    Need to change the topic url on irc,
 
    References on
      https://en.wikipedia.org/wiki/Roundup_(issue_tracker)

    Home page reference on:
       https://freshcode.club/projects/roundup-tracker

    References on: https://pypi.org/project/roundup/ (if it
       can be done without a new release)
msg6953 Author: [hidden] (ber) Date: 2020-08-31 16:48
> Bern, can you/we make the changes to wiki or do I have to ask
> Thomas for help?

If we are talking about changes about the wiki contents, it should be possible 
for you to do it by yourself. Just login and search for the pages that you 
would like to change. (Okay, if it is a lot or if it is in the non-page 
contents, we'd need to mail Thomas with a script or updates.)
msg6954 Author: [hidden] (rouilj) Date: 2020-08-31 18:19
Hi Bern:

In message <202008311848.24416.bernhard@intevation.de>,
Bernhard Reiter writes:
>> Bern, can you/we make the changes to wiki or do I have to ask
>> Thomas for help?
>
>If we are talking about changes about the wiki contents, it should be
>possible for you to do it by yourself. Just login and search for the
>pages that you would like to change. (Okay, if it is a lot or if it
>is in the non-page contents, we'd need to mail Thomas with a script
>or updates.)

I am talking about the links on the far left for Home, Download, Docs,
Contact and Code. I think that is part of the template and can only be
changed on the server not via the web. Am I correct?
msg6955 Author: [hidden] (ber) Date: 2020-09-01 06:13
>  Am I correct?

Yes, I think so (from my memory, didn't check).
msg6956 Author: [hidden] (rouilj) Date: 2020-09-10 02:00
Redirection to https is in place. So all http url's: 
  http://www.roundup-tracker.org,
  http://roundup-tracker.org,
  http://roundup.sourceforge.net/
redirect to https. Asked sourceforge to close their ticket.

> the links for:
> Home, Docs, Contact, Code
> in the templates for issues.roundup-tracker.org and
> wiki.roundup-tracker.org need to change to point to https.

are all relative so they pick up the new https urls. So nothing to do.

> https://pypi.org/project/roundup/

needs a new release. The changes I have done to setup.py should
make the link right in the new release. Redirection will handle it
for now. Not planning any changes.

changed all http:.*roundup-tracker references to https except docs 
that need it for historic correctness.

freshcode is updated.

Tried updating https://en.wikipedia.org/wiki/Roundup_(issue_tracker) 
with no luck. Can't figure out how to change the metadata.

TODO:

Get patched update of website/wiki/wiki/data/plugin/theme/roundup.py 
to thomas waldman for installation to fix wiki -> main site links.

Need to install update for issues.
msg6957 Author: [hidden] (rouilj) Date: 2020-09-10 04:39
> Need to install update for issues.

page.html updated. Links now use https.
msg6959 Author: [hidden] (ber) Date: 2020-09-10 06:36
Thanks John - good work!

Just updated wikipedia EN and DE. 

Still missing:
 * wikipedia FR
 * link to source code repo with TLS (could not figure it out quickly)
msg6960 Author: [hidden] (rouilj) Date: 2020-09-10 16:12
Hi Bern:

In message <1599719809.42.0.588199794272.issue2551087@roundup.psfhosted.org>,
Bernhard Reiter writes:
>Just updated wikipedia EN and DE. 

Thanks. Looks good.

>Still missing:
> * wikipedia FR
> * link to source code repo with TLS (could not figure it out quickly)

Would: https://sourceforge.net/p/roundup/code/ work? That's the web
browsing interface.

I am still looking for an https interface for the mercurial (cloning
and web) interface:

   http://hg.code.sf.net/p/roundup/code

If I change http to https, I am prompted to login (my sourceforge
credentials work). However the interface seems to be missing css and
looks weird.

But there should be an anonymous https interface for mercurial as
well. I have opened https://sourceforge.net/p/forge/site-support/21227/.

Have a great day.
msg6961 Author: [hidden] (rouilj) Date: 2020-09-11 01:54
Bern:

It looks like there is no https endpoint for mercurial that doesn't 
require a sourceforge login. This ticket:

   https://sourceforge.net/p/forge/feature-requests/727/

should also fix our requirement. So:

   https://sourceforge.net/p/roundup/code/ 

is I think the only choice.

-- rouilj
msg6962 Author: [hidden] (ber) Date: 2020-09-11 07:35
== direct urls to source code

John,
thanks for the research and finding the feature request.
I've seconded it there.

So I'll just leave the wikipedia links to the license in the source
code tree as is for now.
msg7002 Author: [hidden] (rouilj) Date: 2020-10-27 01:01
Emailed new roundup.py theme for the wiki to Thomas Waldman for 
installation.
msg7024 Author: [hidden] (rouilj) Date: 2020-11-10 05:36
Changed url's on irc channel to use https.
msg7027 Author: [hidden] (rouilj) Date: 2020-11-15 20:17
Wiki is updated. Looks like there was a missing:

         _ = self.request.getText

         html = [
+            # Pre header custom html
+            self.emit_custom_html(self.cfg.page_header1),
+
             u'<div class="header">',
             self.logo(),
             self.searchform(d),

in  website/wiki/wiki/data/plugin/theme/roundup.py.
I have committed this change on rev6287:7132c780c686.
msg7028 Author: [hidden] (rouilj) Date: 2020-11-15 20:19
I think this is finally done.

Any extra stragglers (pypi etc) will get fixed on next roundup release.
History
Date User Action Args
2020-11-15 20:19:50rouiljsetstatus: open -> fixed
resolution: fixed
messages: + msg7028
2020-11-15 20:17:38rouiljsetmessages: + msg7027
2020-11-10 05:36:42rouiljsetmessages: + msg7024
2020-10-27 01:01:28rouiljsetmessages: + msg7002
2020-09-11 07:35:30bersetmessages: + msg6962
2020-09-11 01:54:35rouiljsetmessages: + msg6961
2020-09-10 16:12:09rouiljsetmessages: + msg6960
2020-09-10 06:36:49bersetmessages: + msg6959
2020-09-10 04:39:39rouiljsetmessages: + msg6957
2020-09-10 02:00:54rouiljsetmessages: + msg6956
2020-09-01 06:13:34bersetmessages: + msg6955
2020-08-31 18:20:00rouiljsetmessages: + msg6954
2020-08-31 16:48:28bersetmessages: + msg6953
2020-08-28 15:30:29rouiljsetmessages: + msg6948
2020-08-27 20:01:39rouiljsetmessages: + msg6947
2020-08-26 00:39:13rouiljsetmessages: + msg6946
2020-08-19 19:03:44rouiljsetmessages: + msg6945
2020-08-13 07:28:42bersetmessages: + msg6944
2020-08-12 18:45:44rouiljsetstatus: new -> open
messages: + msg6939
2020-08-12 03:49:54rouiljsetmessages: + msg6938
2020-08-11 11:03:13bersetmessages: + msg6937
2020-08-07 12:19:59rouiljcreate