[00:08:58]
<Yunohost Git/Infra notifications> [test_apps] alexAubin pushed 1 commit to main: Minor tweak for packagingv3 testing / being able to see the print() output in log ([466c4687](https://github.com/YunoHost/test_apps/commit/466c46875097ab7da6479b185e28fec64b494910))
[00:15:52]
<Yunohost Git/Infra notifications> [yunohost/packaging-v3] packagingv3: implement logic and test for systemd conf management - Alexandre Aubin
[00:15:52]
<Yunohost Git/Infra notifications> [yunohost/packaging-v3] services: add mechanism to _run_service_command to wait until some pattern appears in log, similar to whats already d... - Alexandre Aubin
[00:15:52]
<Yunohost Git/Infra notifications> [yunohost] alexAubin pushed 3 commits to packaging-v3 ([fdb0ae9ce483...ce154ea58ce9](https://github.com/YunoHost/yunohost/compare/fdb0ae9ce483...ce154ea58ce9))
[00:15:52]
<Yunohost Git/Infra notifications> [yunohost/packaging-v3] service.py: add typing to all functions - Alexandre Aubin
[00:17:23]
<Yunohost Git/Infra notifications> [yunohost] github-advanced-security[bot] [commented](https://github.com/YunoHost/yunohost/pull/2070#discussion_r2122368272) on pull request #2070 WIP: Packaging v3: ## File is not always closed
File is opened but is not closed.
[Show more details](https://github.com/YunoHost/yunohos...
[00:17:24]
<Yunohost Git/Infra notifications> [yunohost] github-advanced-security[bot] [commented](https://github.com/YunoHost/yunohost/pull/2070#discussion_r2122368271) on pull request #2070 WIP: Packaging v3: ## Unused local variable
Variable err is not used.
[Show more details](https://github.com/YunoHost/yunohost/security/c...
[00:17:24]
<Yunohost Git/Infra notifications> [yunohost] github-advanced-security[bot] [commented](https://github.com/YunoHost/yunohost/pull/2070#discussion_r2122368267) on pull request #2070 WIP: Packaging v3: ## Commented-out code
This comment appears to contain commented-out code.
[Show more details](https://github.com/YunoH...
[00:17:24]
<Yunohost Git/Infra notifications> [yunohost] github-advanced-security[bot] [commented](https://github.com/YunoHost/yunohost/pull/2070#discussion_r2122368269) on pull request #2070 WIP: Packaging v3: ## Unused local variable
Variable out is not used.
[Show more details](https://github.com/YunoHost/yunohost/security/c...
[00:36:31]
<Aleks (he/him/il/lui)> @github-advanced-security[bot] https://c.tenor.com/69YU0Ikbj8oAAAAd/tenor.gif
[00:39:01]
<Yunohost Git/Infra notifications> [webhooks] alexAubin pushed 1 commit to main: Gnarf ([558695e4](https://github.com/YunoHost/webhooks/commit/558695e4dc31ca68a96f2115b497f5849bbc83ba))
[07:55:23]
<Yunohost Git/Infra notifications> [issues] tituspijean opened [issue #2600](https://github.com/YunoHost/issues/issues/2600): extra_php_version.list is not properly migrated during YunoHost 12 migration
[07:57:08]
<Yunohost Git/Infra notifications> [issues] tituspijean labeled :space_invader: Bug on [issue #2600](https://github.com/YunoHost/issues/issues/2600): extra_php_version.list is not properly migrated during YunoHost 12 migration
[10:18:42]
<Augier> Ah dammit, can't make it work! I modified both `server_name` in `/etc/nginx/conf.d/<server name>.conf`, restarted nginx but when I hit `https://\<ip>/nextcloud/\`, I stil get redirected to `/yunohost/admin/` and Firefox responds:
> La page n’est pas redirigée correctement
>
> Firefox a détecté que le serveur redirige la demande pour cette adresse d’une manière qui n’aboutira pas.
>
> La cause de ce problème peut être la désactivation ou le refus des cookies.
[12:14:40]
<Augier> BTW who did I talk about the CLI/HTTP API @ last JDLL?
[12:31:33]
<Aleks (he/him/il/lui)> Probably Salamandar ?
[13:27:46]
<Salamandar> yes me
[13:27:52]
<Salamandar> https://github.com/yunohost/cli
[13:28:11]
*Salamandar fait du prosélytisme
[13:53:58]
<Augier> I was just thinking about the possibility to use a file-based socket rather than HTTP and how it could speed up the local requests.
[14:17:38]
<Salamandar> file based socket might still be http
[14:17:45]
<Salamandar> you mean when running locally on the machine ?
[14:18:02]
<Salamandar> tl;dr no
[14:20:32]
<Salamandar> the long answer:
moulinette already exposes an HTTP socket, publicly, and with authentication. I experimented to have a second instance of moulinette running on an unix socket with authentication disabled (you have access to the socket file == you have permissions, just like with docker/incus/etc).
That worked but that sounded fishy, i don't trust moulinette to behave properly when instantiated twice in the same python process. And in the future that might prevent some possible optimizations server side.
[14:22:07]
<Salamandar> and that would actually not provide any performance improvement. Right now the performance pit is python startup time and server runtime ; the http boilerplate and parsing is basically zero.
[14:22:46]
<Salamandar> Also, using the same "network path" as the web ui is a nice way to have a single API and decrease code creep and code maintenance costs
[14:23:10]
<Aleks (he/him/il/lui)> why do we need 2 processes, can't it listen to both somehow ?
[14:24:12]
<Salamandar> The code, in its current form, doesn't allow that. And i'm not sure the http stacks like flask etc are designed to do so… that's a weird and probably use case
[14:24:13]
<Salamandar> The code, in its current form, doesn't allow that. And i'm not sure the http stacks like flask etc are designed to do so… that's a weird and probably rare use case
[14:32:03]
<Aleks (he/him/il/lui)> what if nginx binds to the unix socket instead and we only listen to socket ?
[14:33:00]
<Aleks (he/him/il/lui)> i was looking into how postgres peer auth works, apparently it's related to https://linux.die.net/man/3/getpeereid so the socket could be exposed publicly and then we check if the user is allowed etc
[14:33:23]
<Aleks (he/him/il/lui)> (idk how getpeereid translates to python tho)
[14:44:39]
<Salamandar> yes but the socket was unauthenticated in moulinette
[14:44:51]
<Salamandar> while the nginx exposed stuff has authentication enabled in moulinette
[14:45:11]
<Salamandar> wait what that's nice
[14:47:33]
<Aleks (he/him/il/lui)> ah apparently something like https://unix.stackexchange.com/questions/496577/different-order-for-getsockopt-so-peercred-in-linux-and-openbsd (the question is about the fact that it works on linux but not bsd)
[14:47:47]
<Aleks (he/him/il/lui)> pretty cryptic but well