[Mageia-webteam] Initial hosting requirements for maintainers db

Romain d'Alverny rdalverny at gmail.com
Wed Jan 12 11:22:10 CET 2011 

On Wed, Jan 12, 2011 at 11:10, Kosmas Chatzimichalis <Kosmas at mach7x.com> wrote:
> On 12 January 2011 09:36, Romain d'Alverny <rdalverny at gmail.com> wrote:
>> On Wed, Jan 12, 2011 at 02:36, Michael Scherer <misc at zarb.org> wrote:
>>> Le mardi 11 janvier 2011 à 23:07 +0000, Kosmas Chatzimichalis a écrit :
>>>> The initial requirements for installing the maintainers db in the
>>>> mageia server are: [...]
>>>> 1. RVM (Ruby version manager)
>>>
>>> From what I know, that would likely mean compiling our own ruby version
>>> on the server, using its own separate set of gems. [...]
>>
>> What's the possible alternative?
>
> By using RVM, we won't need a chroot environment for gem installation
> as installation can be done in a user's account.
> Consequent gem installations don't need sudo permission and are
> installed on user's account.

Something tells me that misc won't find this a consolation. :-p

Misc, if in the end, hosting a rails stack does make things less
consistent than with other stacks, we may as well set up a host on a
Gandi server and dedicate it (package management and security
mgmt-wise to the rails stack).

I'm not saying this should be this way but that would be an option to consider.

>>>> 2. Rubygems (1.3.7)
>>>> 3. Rails (3.0.3)
>>>
>>> [...] This would mean for the moment rails 2.3.10
>>> and ruby-RubyGems 1.3.5.
>>
>> Kosmas, can you backport your app to these versions?
>>
> Can definitely try Romain.

See with packagers first, but thank you to try Kosmas.

> Just as a note dreamhost updated all their servers to 3.0.3 and
> RubyGems 1.3..6 in a matter of few weeks, and although I don't know if
> they had problems, I'm sure that they are security conscious about
> their servers as well.

There's no question about it. But Dreamhost is a business, moreover, a
hosting business so they can dedicate way more people/servers about it
than us, at this time.

>>> Moreover, using distribution rpm give everybody the same set of module
>>> to work with, if the need to host/develop multiple rails applications
>>> arise ( and I think we cannot exclude this possibility ) without having
>>> to have 1 set of gems per application. And again, we will not need to
>>> handle security ourself ( or at least, no need to do the hard work as
>>> this is the goal of the security team ).
>>
>> What about seeing with ruby packagers about this? (Kosmas?)
>
> I can see about that Romain, but using Rails 3 makes gem installation
> and dependency solving much easier.
>
> Any suggestion about who I should be contacting?

Try contact pterjan (past maintainers, not sure if he's still active)
and/or shikamaru on #mageia-dev. That would really help I guess.
Thanks a lot!


Romain

More information about the Mageia-webteam mailing list