#musicbrainz-devel

/

      • the_metalgamer joined the channel

        • 2012-10-09 28336, 2012

      • kepstin-work joined the channel

        • 2012-10-09 28321, 2012

      • kurtjx joined the channel

        • 2012-10-09 28347, 2012

      • Leftmost joined the channel

        • 2012-10-09 28310, 2012

      • navap is fed up with our anti-narrow-browser footer.

        • 2012-10-09 28315, 2012

      • navap
        How's this? http://navap.mbsandbox.org/

        • 2012-10-09 28354, 2012

      • bitmap
        looks nice

        • 2012-10-09 28335, 2012

      • bitmap
        two lines feels like the max for a footer though, so as long as it doesn't creep beyond that :)

        • 2012-10-09 28350, 2012

      • ianmcorvidae
        the open licenses note is new, yeah?

        • 2012-10-09 28318, 2012

      • navap
        Yes

        • 2012-10-09 28336, 2012

      • ianmcorvidae
        however, yeah, that looks better, it doesn't do a gross wrap thing at the narrowest it can get. +1 :)

        • 2012-10-09 28355, 2012

      • ianmcorvidae
        that schwag link is sorta terrible too

        • 2012-10-09 28310, 2012

      • ianmcorvidae
        in that it only has terrible cafepress crap :P

        • 2012-10-09 28327, 2012

      • navap
        I added the data license link to balance the two sides out, but I'm thinking what if we just had that as the left side?

        • 2012-10-09 28307, 2012

      • navap
        The only important link that we'd miss is the donate link. Everything else is already on the page or..schwag..

        • 2012-10-09 28305, 2012

      • nikki joined the channel

        • 2012-10-09 28313, 2012

      • ianmcorvidae
        hm

        • 2012-10-09 28326, 2012

      • bitmap prefers keeping the links

        • 2012-10-09 28326, 2012

      • ianmcorvidae
        I like the links to wiki/forums/tracker/etc. being not buried in menus

        • 2012-10-09 28334, 2012

      • bitmap
        I hate using the menus

        • 2012-10-09 28350, 2012

      • navap
        I would expect someone like you to skip the links and just type the urls in :p

        • 2012-10-09 28353, 2012

      • ianmcorvidae
        well, yes, that's also true

        • 2012-10-09 28310, 2012

      • ianmcorvidae
        I like having the links not buried in menus because menus suck, not because I use *either* :P

        • 2012-10-09 28334, 2012

      • ianmcorvidae
        hm. the wiki link should also be scheme-independent

        • 2012-10-09 28351, 2012

      • ianmcorvidae
        I should see about getting https on our other subdomains too

        • 2012-10-09 28323, 2012

      • ianmcorvidae
        solve the "the default goes to the wrong place omg!" ticket with "okay fine, now you can't get to the default because everything's https" :P

        • 2012-10-09 28301, 2012

      • navap changes the wiki link to //wiki.musicbrainz.org

        • 2012-10-09 28315, 2012

      • ianmcorvidae
        cool, thanks

        • 2012-10-09 28315, 2012

      • navap
        Are we putting the blog, jira, and forums on https as well?

        • 2012-10-09 28321, 2012

      • ianmcorvidae
        they aren't yet

        • 2012-10-09 28330, 2012

      • ianmcorvidae
        however, that's the intention

        • 2012-10-09 28335, 2012

      • ianmcorvidae
        we have a *.musicbrainz.org cert, we should use it :P

        • 2012-10-09 28349, 2012

      • navap
        Yeah

        • 2012-10-09 28333, 2012

      • ianmcorvidae
        I haven't for those because blog/forums are apache and jira's it's own weirdness -- so I don't know the incantations already :)

        • 2012-10-09 28341, 2012

      • ianmcorvidae
        meh, its*

        • 2012-10-09 28337, 2012

      • ianmcorvidae
        twitter can also be scheme-independent FWIW

        • 2012-10-09 28345, 2012

      • kurtjx joined the channel

        • 2012-10-09 28329, 2012

      • ianmcorvidae idly wonders if the metabrainz site will become HTTPS at some point

        • 2012-10-09 28351, 2012

      • ianmcorvidae
        obviously the donation stuff is through other sites, so that much isn't an issue, but

        • 2012-10-09 28305, 2012

      • navap
        A single domain cert isn't too expensive I think

        • 2012-10-09 28326, 2012

      • ianmcorvidae
        no, indeed not, I just don't know if that's something that's wanted :)

        • 2012-10-09 28355, 2012

      • ianmcorvidae
        we'll probably want one for caa.org at some point, to silence warnings about insecure content

        • 2012-10-09 28314, 2012

      • ianmcorvidae
        but we also need to pester the IA, because at present their https stuff is set up wrong

        • 2012-10-09 28312, 2012

      • ianmcorvidae
        e.g. https://ia701207.s3dns.us.archive.org/mbid-189d78… works, but there's a cert warning because it's for *.us.archive.org, not *.s3dns.us.archive.org

        • 2012-10-09 28316, 2012

      • navap
        Shouldn't *.us.archive.org encompass *.s3dns.us.archive.org?

        • 2012-10-09 28324, 2012

      • ianmcorvidae
        no

        • 2012-10-09 28330, 2012

      • ianmcorvidae
        SSL wildcards only support one level

        • 2012-10-09 28335, 2012

      • navap
        I see

        • 2012-10-09 28345, 2012

      • ianmcorvidae
        yeah

        • 2012-10-09 28352, 2012

      • ianmcorvidae
        it's somewhat annoying :/ but that's how it is

        • 2012-10-09 28326, 2012

      • navap
        Is there a good reason for not using https as default or even forcing https via an nginx redirect?

        • 2012-10-09 28344, 2012

      • ianmcorvidae
        not forcing people into it immediately

        • 2012-10-09 28354, 2012

      • ianmcorvidae
        especially because userscripts are by and large not updated to account for https yet

        • 2012-10-09 28358, 2012

      • kepstin
        navap: temporarily limiting exposure for testing purposes

        • 2012-10-09 28306, 2012

      • ianmcorvidae
        also that :)

        • 2012-10-09 28347, 2012

      • kepstin
        but yes; I do think that all logged-in access should be going through https; maybe even all website access.

        • 2012-10-09 28309, 2012

      • kepstin
        on the other hand, doing non-authenticated webservice access unencrypted might be a good idea.

        • 2012-10-09 28312, 2012

      • ianmcorvidae
        the webservice is the other thing, we don't have a way to guarantee our clients have stuff

        • 2012-10-09 28328, 2012

      • ianmcorvidae
        we don't even redirect www.musicbrainz.org to musicbrainz.org for the webservice

        • 2012-10-09 28301, 2012

      • ianmcorvidae
        which incidentally means it works better over HTTPS than the rest of the site, since our www -> non-www redirect is currently broken, but :P

        • 2012-10-09 28317, 2012

      • kepstin
        that shouldn't be hard to fix in the nginx config tho

        • 2012-10-09 28323, 2012

      • ianmcorvidae
        no, there's already a codereview up for it :)

        • 2012-10-09 28336, 2012

      • ianmcorvidae
        http://codereview.musicbrainz.org/r/2395/

        • 2012-10-09 28300, 2012

      • kepstin
        yep, that looks about right :)

        • 2012-10-09 28332, 2012

      • Prophet5 joined the channel

        • 2012-10-09 28350, 2012

      • kepstin
        the nginx config for musicbrainz is rather complicated :/

        • 2012-10-09 28345, 2012

      • ianmcorvidae
        the rewrites file is the biggest pain

        • 2012-10-09 28351, 2012

      • ianmcorvidae
        because legacy URLs :?

        • 2012-10-09 28355, 2012

      • ianmcorvidae
        the frontend configs aren't even public, that's another layer of complexity

        • 2012-10-09 28343, 2012

      • kepstin
        something went wrong in my libvirt, so my musicbrainz vm has decided to disappear without a trace

        • 2012-10-09 28348, 2012

      • kepstin
        I need to rebuild it now :/

        • 2012-10-09 28303, 2012

      • kepstin
        onlything left is the frontend config in my nginx :)

        • 2012-10-09 28333, 2012

      • ianmcorvidae
        haha

        • 2012-10-09 28342, 2012

      • ianmcorvidae
        well, the *rest* is all in the git repository

        • 2012-10-09 28348, 2012

      • ianmcorvidae
        it's just the frontend stuff that's in a separate private repo

        • 2012-10-09 28303, 2012

      • kepstin
        admittedly, my frontend nginx config looks like this: https://raw.github.com/gist/3856052

        • 2012-10-09 28314, 2012

      • kepstin
        very impressive ;)

        • 2012-10-09 28321, 2012

      • ianmcorvidae
        looks about right, yeah

        • 2012-10-09 28351, 2012

      • kepstin
        (that address is on a split dns setup, and can only be seen in my house)

        • 2012-10-09 28354, 2012

      • ianmcorvidae
        if you want https, set X-MB-https to on/off accordingly :)

        • 2012-10-09 28318, 2012

      • kepstin
        where are you terminating the https?

        • 2012-10-09 28323, 2012

      • ianmcorvidae
        frontend

        • 2012-10-09 28340, 2012

      • ianmcorvidae
        and then passing X-MB-https so the server instances know how to format links

        • 2012-10-09 28342, 2012

      • kepstin
        and then you pass a header to the backend to indicate whether or not https was used?

        • 2012-10-09 28348, 2012

      • ianmcorvidae
        yup :)

        • 2012-10-09 28353, 2012

      • kepstin
        makes sense.

        • 2012-10-09 28340, 2012

      • navap
        This http vs https link business is a bit complicated. e.g. links in emails

        • 2012-10-09 28323, 2012

      • kepstin
        links in emails should be always https, imo.

        • 2012-10-09 28340, 2012

      • kepstin
        since you only get an email if you've logged in at some point, and logged in users should always be using ssl :)

        • 2012-10-09 28352, 2012

      • navap
        But what about non-musicbrainz.org servers?

        • 2012-10-09 28318, 2012

      • kepstin
        fun.

        • 2012-10-09 28332, 2012

      • kepstin
        I guess you'll have to add another parameter to DBDefs.pm :/

        • 2012-10-09 28346, 2012

      • navap
        Shhh don't let ocharles hear you

        • 2012-10-09 28339, 2012

      • navap
        I think I'll just leave this scheme-independant link fixing for later

        • 2012-10-09 28315, 2012

      • kepstin suspects that most non-musicbrainz servers don't have email delivery configured anyways.

        • 2012-10-09 28326, 2012

      • kepstin
        although the sandbox ones are a special case, i guess.

        • 2012-10-09 28318, 2012

      • kepstin joined the channel

        • 2012-10-09 28343, 2012

      • kepstin
        there we go, finally fixed my automounting authentication issues properly

        • 2012-10-09 28316, 2012

      • kepstin
        ooh, fun. just set up my mail client with a startssl certificate, so I can now send signed emails :)

        • 2012-10-09 28343, 2012

      • kepstin
        it's just a class 1 cert tho, so all it does is show that the person sending the email has control of the email address being sent from... which is still something.

        • 2012-10-09 28312, 2012

      • kepstin
        btw, if anyone uses HTTPS-Everywhere, rules file for musicbrainz: https://gist.github.com/3856165

        • 2012-10-09 28321, 2012

      • kepstin-work joined the channel

        • 2012-10-09 28300, 2012

      • ianmcorvidae
        kepstin-work: the rule for beta has been 50% completion or better -- you're probably right but you do need to go through and check them :)

        • 2012-10-09 28319, 2012

      • bitmap
        yay, the picard-daily ppa is finally building again

        • 2012-10-09 28332, 2012

      • ianmcorvidae
        yay :D

        • 2012-10-09 28313, 2012

      • hawke_1 joined the channel

        • 2012-10-09 28305, 2012

      • ianmcorvidae
        hobbes is so sloooow

        • 2012-10-09 28316, 2012

      • ianmcorvidae
        I wonder if test's database should be on rika and just the server code on hobbes

        • 2012-10-09 28319, 2012

      • ianmcorvidae
        or something

        • 2012-10-09 28336, 2012

      • Leftmost joined the channel

        • 2012-10-09 28300, 2012

      • Prophet5 joined the channel

        • 2012-10-09 28320, 2012

      • ianmcorvidae
        warp: if musicbrainz_db_warp on hobbes can be dropped, either do it or tell me; test is now using a different DB

        • 2012-10-09 28349, 2012

      • ianmcorvidae
        (specifically: musicbrainz_db_20121008)

        • 2012-10-09 28315, 2012

      • jdamcd joined the channel

        • 2012-10-09 28313, 2012

      • ianmcorvidae
        warp, ijabz: related, if the test search server needs updating, someone should make that happen :) either by doing it yourselves or informing me how to do that

        • 2012-10-09 28329, 2012

      • warp
        ianmcorvidae: I am not personally using musicbrainz_db_warp , was it being used by test?

        • 2012-10-09 28356, 2012

      • warp
        (also, goodmorning! :)

        • 2012-10-09 28338, 2012

      • djce joined the channel

        • 2012-10-09 28338, 2012

      • RootWyrm_ joined the channel

        • 2012-10-09 28327, 2012

      • ianmcorvidae
        yes, it's what test was using until a bit more than an hour ago

        • 2012-10-09 28347, 2012

      • ijabz joined the channel

        • 2012-10-09 28357, 2012

      • ianmcorvidae
        warp: also, are the "Show all pending edits" changes in the schema change branch?

        • 2012-10-09 28318, 2012

      • ianmcorvidae
        warp: I don't see the script in upgrade.sh

        • 2012-10-09 28319, 2012

      • ianmcorvidae
        which understandably worries me, given I thought testing for schema change stuff had already started

        • 2012-10-09 28317, 2012

      • warp
        ianmcorvidae: could be

        • 2012-10-09 28332, 2012

      • warp
        ianmcorvidae: I didn't merge it in, and if it's not in there apparently ocharles didn't either :)

        • 2012-10-09 28320, 2012

      • warp
        (I have a shippit from you, not from oliver)

        • 2012-10-09 28339, 2012

      • ianmcorvidae
        yeah

        • 2012-10-09 28301, 2012

      • ianmcorvidae
        I had expected that the upgrade script, if nothing else, would be there

        • 2012-10-09 28312, 2012

      • ianmcorvidae
        the RG coverart schema change scripts are in there

        • 2012-10-09 28344, 2012

      • ianmcorvidae
        anyway

        • 2012-10-09 28350, 2012

      • ianmcorvidae
        I guess it should at least be on test

        • 2012-10-09 28335, 2012

      • warp nods.

        • 2012-10-09 28325, 2012

      • Freso joined the channel

        • 2012-10-09 28346, 2012

      • ijabz joined the channel

        • 2012-10-09 28315, 2012

      • RootWyrm_ joined the channel

        • 2012-10-09 28349, 2012

      • warp
        hm, lots of warnings in t::MusicBrainz::Server::Controller::Statistics

        • 2012-10-09 28332, 2012

      • ianmcorvidae
        yeah

        • 2012-10-09 28345, 2012

      • ianmcorvidae
        a lot of those are the result of it making sure the pages don't crash horribly when there are no statistics

        • 2012-10-09 28353, 2012

      • ianmcorvidae
        ocharles has a patch up that silences lots of warnings, IIRC

        • 2012-10-09 28314, 2012

      • warp
        I'm validating the html

        • 2012-10-09 28355, 2012

      • RootWyrm_ joined the channel

        • 2012-10-09 28312, 2012

      • warp
        but it looks like I'm going to have to silence another error

        • 2012-10-09 28330, 2012

      • warp
        (silence as in ignore it, instead of fixing the generated html)

        • 2012-10-09 28307, 2012

      • djce joined the channel

        • 2012-10-09 28325, 2012

      • warp
        oh no, this is an error, not a warning. grmbl.

        • 2012-10-09 28340, 2012

      • djce joined the channel

        • 2012-10-09 28328, 2012

      • ijabz joined the channel

        • 2012-10-09 28315, 2012

      • stefans joined the channel

        • 2012-10-09 28341, 2012

      • ianmcorvidae
        so much inline styling in root/release/edit/tracklist.tt D: